I read and watched many articles and videos about SSL AES and RSA, but one thing: ALWAYS is missing in each explanation (or I just donβt understand) how the client decrypts the confidential data that comes from the server! (e.g. how much money you have)
I understand that your public key can encrypt something and send it to the server, and anyone can have it, but what do you do when you want to get something from the server? Does it come out like plain text?
In any of the articles and videos it is indicated that they all simply say that you have a private key that you should not use, and a public key that you can encrypt your messages and share it on the Internet, t say how the client makes the request GET with an encrypted message and decrypts it so that it can be readable by a person.
As stated in this link about AES:
Asymmetric cryptography works with two different keys: one for encryption and one for decryption. It is also often called the "cryptography" public key, because you can make one key publication (allowing someone to encrypt the message) while preserving the other private ones (only the owner of the private key can decrypt the message encrypted using the associated public key).
Any help is appreciated!
I will leave some web security links that I found useful for learning: https://www.coursera.org/learn/internet-history/lecture/L7HzI/security-integrity-and-certificate-authorities
source share