Will we have a safer Internet? This is how HTTPA works

0
123

Maintaining security and privacy when we browse the Internet can be said to be essential. Our personal data can be compromised and we can suffer from very diverse cyber attacks. Simply by entering a website, we can be victims of certain attacks. That’s where using protocols like HTTPS comes into play, which came to make the previous HTTP more secure. Now, can we have an even more secure Internet? In this article we are going to talk about HTTPA and how it works.

HTTPA, the successor to HTTPS for more security

Today HTTPS is the main protocol used by applications and web pages. It offers a fast, secure connection and we can also say that it is private. However, it has certain limitations that make it not a perfect protocol in terms of security and privacy, so it can be improved.

Thanks to HTTPS, when we visit a web page we can verify that this service corresponds to the legitimate entity, something that provides security and trust. However, that protocol does not verify the actual behavior of that service. Even if that service published the source code, there would really be no way of knowing whether or not that code is running, and so there is no danger. There is no way of knowing if the data is really going to be treated in a certain way, beyond trusting that service and its behavior.

Now, a group of security researchers have come up with what they call HTTP Attestable, or HTTPA. It uses HTTPS as a base, but with improvements to make it more reliable and secure. What does this mean? Basically a test of what we mentioned before: we will be able to know if that specific service really acts as it is supposed to and we can verify the behavior.

With this we avoid having to blindly trust a web page, even if it is HTTPS, and really see how it acts. It is another plus of trust, a way of knowing that a service is reliable and further reducing the possibility of suffering some kind of cyber attack or data theft when browsing. Keep in mind that HTTPS has security limitations, even though it is a widely used and reliable protocol today.

How does this protocol work?

We can say that HTTPA works thanks to the fact that the end user can verify the guarantees of a server that he is accessing. Basically, the person who enters that page or online service can verify if it really is a trusted server or not. In this way you can decide if it is reliable and enters or, on the contrary, it is not trusted.

It should be mentioned that HTTPA inherits key parts of HTTPS, such as the use of TLS and host identity verification through a certificate. But in addition to that, it offers an additional guarantee of what they call remote attestation or verification. This will allow the HTTPA protocol that the end user, the client, only trust what they see as safe and have their own block list.

The ultimate goal of HTTPA is to further reduce the attack surface that can be compromised when using HTTPS. Basically, to improve the security of a very widespread protocol that is reliable today, in order to reduce the risk of suffering cyber attacks.

Currently we can say that HTTPS provides access to services safely, but without being reliable for what we have explained. An attacker could perform privilege attacks to control a session, for example. This way you can compromise the secure channel between the server and the client. Instead, with HTTPA we can achieve secure and reliable access to the service. An attacker could not easily hack the session keys and it is more difficult for him to break the privacy and security of the client when accessing the server.

In short, HTTPA appears as a new protocol that aspires to become the successor of HTTPS to achieve greater security and privacy when browsing the Internet. you can see all the documentation and its operation.

Previous articleHow to change the keyboard of my Android cell phone – Easy and fast
Next articleHow can I become better friends with someone on HouseParty?

LEAVE A REPLY

Please enter your comment!
Please enter your name here