Hypertext Transfer Protocol (HTTP) & Hypertext Transfer Protocol Secure (HTTPS)

In this week’s discussion, I will focus on the Hypertext Transfer Protocol, or HTTP. The HTTPS abbreviation
stands for Hypertext Transfer Protocol Secure.

Port Used

The port of HTTP is 80 and HTTPS is port 443. The ports used here are the ones designated for
transmitting the web pages, and the related data across the internet.

Purpose and Usage

HTTP is the most basic building block of data communication on the internet. This makes it possible for
the users to connect and share Hypertext documents such as webpage images, as well as videos. Any
time you type in an address in the location bar of your web browser or click on a hyperlink you are using
HTTP to get the data from a server. HTTP is considered to be complemented by HTTPS because the latter
offers a secure connection by encrypting the data transmitted between the browser, belonging to the
user, and the web server. This not only protects the user identity, like login information and credit details
from frauds, but also defends the distorted data transfers.

Encryption Status

HTTP transmits data in plain text and, consequently, the parties involved in the exchange of messages
can be intercepted by any third party. However, HTTPS utilises SSL (Secure Sockets Layer) or TLS
(Transport Layer Security) to encrypt the information making it impossible for anyone who may intercept
it to make any sense of it.

Type of Encryption

HTTPS is used primarily for encryption requirements and it mainly relies on TLS. Once a user starts using
the url with HTTPs the data transmitted and received is in an encrypted format and cannot be
intercepted by other malicious users through eavesdropping or with the ‘man in the middle attack.
Through this method, digital certificates are usually applied to prove the identity of the server when the
user types its address in the browser.

Encryption Methods

In HTTPS, the encryption protocols commonly result to use of different other cryptographic methods.
Key exchange systems, such as RSA (Rivest-Shamir-Adleman), are often employed for the prime purpose
of securely exchanging key encryption during the first talk of the connection. Then, mechanisms of
symmetric encrypting such as AES (Advanced Encryption Standard) are applied to encrypt the
information proper during the transferring process.

Security Assessment

HTTPS is secure and is the norm for any site that processes personal details for users in any contexts like
banking, or shopping. Currently, browsers highlight web pages that use HTTPS as ‘secure’ and in most
cases, the banner with the padlock icon appears next to the URL in the browser. On the other hand, we
have HTTP which is considered ‘old fashioned’ for websites that need to win the trust of users and
protect their information confidentiality. When it comes to website owners and developers, the most
common advice from most industry pundits is that everyone should switch to using HTTPS.

Use Case

One example use is an online retail firm that offers opportunities to purchase goods. During website
utilization, the customer has to type their data, like name, the shipping address, and credit card details
to make a purchase. If the website uses HTTP, then such essential information may be monitored by
unauthorized persons and hackers. However, when the website is HTTPS, all the information that is
transmitted between the client and the provider during the transaction is transmitted in an encrypted
form, thereby protecting the customer and their money. This makes customers feel secure thus shopping
from the website making the company more reputable and reliable among customers.

REFERENCES

Sean Collins. (2023). HTTP vs. HTTPS: Differences, Benefits, and Migration Tips. Semrush.

https://www.semrush.com/blog/http-vs-https/

Shah, R., & Correia, S. (2021b). Encryption of Data over HTTP (Hypertext Transfer Protocol)/HTTPS

(Hypertext Transfer Protocol Secure) Requests for Secure Data transfers over the Internet.

Encryption of Data Over HTTP (Hypertext Transfer Protocol)/HTTPS (Hypertext Transfer Protocol

Secure) Requests for Secure Data Transfers Over the Internet.

https://doi.org/10.1109/rteict52294.2021.9573978