How does SSL work in two directions?

S

SEOD2019-06-12 06:51:43

Digital certificates

SEOD, 2019-06-12 06:51:43

There is a server, there is a client. The server has a private key and a public key to it. The server sends the public key to the client via an unencrypted communication channel, the client receives it, encrypts its message with it, and transmits it to the server. The server decrypts with a private key. So? And here is how the server sends a response back if, as I understand it, it cannot encrypt the message with the public key, and why, because it was already intercepted by everyone and sundry, after all, it was sent over an open communication channel. Explain, please.

The only situation that comes to mind is when the client will have a new private key and he will generate a new public key for it. That is, a new pair of private / public keys, only now the client has a private one and he will throw a public one to the server. Does HTTPS really work like that with two pairs of keys, private for both the client and the server? After all, the information needs to be driven in both directions.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

C

CityCat4, 2019-06-12
@CityCat4

Does HTTPS really work like that with two pairs of keys, private for both the client and the server?

Of course. Google asymmetric cryptography in any way? Where on the fingers, that is, using the example of Alice and Bob, he understands how it works and why it still works :)
(And actually, why now our and not our legislators are breaking their own and other people's heads over the question - how to get a user's session key, to decrypt traffic?)