How Encryption Works

[WinHost]

Encryption is the process of scrambling information by applying a mathematical function in such a way that it is extremely difficult for anyone other than an intended recipient to retrieve the original information. Central to this process is a mathematical value, called a key, used to scramble the information in a unique and complex way.

Your Web server uses essentially the same encryption process to secure communication links with users. After establishing a secure link, a special session key is used by both your Web server and the user's Web browser to both encrypt and decrypt information. For example, when an authenticated user attempts to download a file from a Web site requiring a secure channel, your Web server uses a session key to encrypt the file and related HTTP headers. After receiving the encrypted file, the Web browser then uses a copy of the same session key to recover the file.

This method of encryption, although secure, has an inherent drawback. During the process of creating a secure link, a copy of the session key might be transmitted across an unsecured network. Therefore, a computer vandal intent on compromising the link need only intercept and steal the session key. To safeguard against this possibility, your Web server implements an additional method of encryption.