re: Brief(ish) explanation of how https works VIEW POST

FULL DISCUSSION
 

Well explained!!
I am having a doubt on which encryption type is actually used.
What I understand from the order you have written is that Asymmetric encryption (probably RSA) is used only for Certificates and Symmetric encryption (Diffie-Hellman) for all other communication.
Correct me if I'm wrong.

 

Certificates are used to prove that the website is whom it says it is. The rest of the communication is encrypted using symmetric key encryption.

Diffie-Hellman is not an encryption algorithm though, it's a key exchange algorithm.

Although the article only mentions Diffie-Hellman, there are other options to exchange a secret key.

code of conduct - report abuse