Https
From LinuxReviews
Jump to navigationJump to searchhttps is a protocol identical to normal http:// which uses a different port (443, not http's port 80) and an additional encryption/authentication layer between HTTP and TCP.
Security[edit]
https provides an additional encryption layer between HTTP and TCP, and that's it.
- http will fetch many resources pr. request. (the HTML page, stylesheet, images, etc).
- https does not disturb timing much. It does not hide the lenght of request.
Attacks[edit]
- Visit SSL websites and profile the requests. Make a list of the requests, retrieved resources and their lenghts.
- Then observe the sequence of retrieved resource lenghts of the victim. Compare it to the profiles and you can make a relatively good guess about which page they match.
This can further be used by looking at the links on the web-pages on a https protected website. Guess which pages a user are likely to go to from other pages, and you're able to make a good guess at the sequence.
Additional security[edit]
Tor is a network security tool which protects against traffic analysis. Tor is a excellent way of adding additional protection to protocols such as https and SSH.