https://www.digicert.com/ssl-cryptography.htm
http://security.stackexchange.com/questions/20803/how-does-ssl-tls-work
which refer to
http://security.stackexchange.com/questions/6290/how-is-it-possible-that-people-observing-an-https-connection-being-established-w
http://security.stackexchange.com/questions/5/does-an-established-ssl-connection-mean-a-line-is-really-secure
The other answers are good, but here's a physical analogy that may be easier to grasp:
Imagine a lock-box, the kind with a metal flap that you put a padlock on to secure. Imagine that the loop where you put the padlock is large enough to fit two padlocks. To securely exchange send something to another party without sharing padlock keys, you would
- put the "Thing" in the box, and lock it with your padlock.
- send the locked box to the other party.
- they put their padlock on the loop also (so that there are two locks on it), and return the double-locked box to you
- You remove your padlock, and return the now singly-locked box to them
- they remove their own lock and open the box.
With encryption the locks and keys are math, but the general concept is vaguely like this.
No comments:
Post a Comment