(Last time we learned about HTTPS, we know that the security of HTTPS is guaranteed by TLS.You must wonder how it adds confidentiality, integrity, authentication, and non repudiation to HTTP?Let's talk about confidentiality first. It is the foundation of information security. Without confidentiality, TLS will become "a source without water" and "a tree without roots".The most common way to achieve confidentiality is "encryption", that is, the message is transformed into garbled code that cannot be understood in some way. Only a special person can have the key.Here, the "key" is called "key", the message before encryption is called "plain text / clear text", the scrambled code after encryption is called "ciphertext", and the process used by the key to recover plaintext encryption and decryption is called "decryption", which is the inverse operation of encryption. The operation process of encryption and decryption is "encryption algorithm".All encryption algorithms are public, anyone can analyze and study, and the "key" used by the algorithm must be kept confidential. So, what is the key?Since both HTTPS and TLS run on computers, "key" is a long string of numbers, but the conventional unit of measurement is "bit" rather than "byte". For example, a key with a key length of 128 is a binary string with a key length of 16 bytes, and a key with a key length of 1024 is a binary string with a key length of 128 bytes.According to the use of key, encryption can be divided into two categories: symmetric encryption and asymmetric encryption.)