1. Encryption (keeps data secret)

HTTPS uses Transport Layer Security (TLS) to encrypt the data between your browser and the website.

• Even if an attacker intercepts the data, it looks like unreadable gibberish
• Sensitive info (passwords, credit card details) stays private

Without HTTPS: attacker can read everything
With HTTPS: attacker sees encrypted nonsense

2. Authentication (proves the website is real)

HTTPS uses SSL/TLS certificates issued by trusted organizations called Certificate Authority (CAs).

• These certificates verify that the website is legitimate
• Your browser checks the certificate before connecting

Prevents attackers from impersonating real websites

3. Data Integrity (prevents tampering)

HTTPS ensures that:

• Data cannot be changed during transmission
• If an attacker tries to modify anything, the connection breaks or shows a warning

Stops attackers from injecting malicious content

4. Secure Handshake (key exchange)

When you visit an HTTPS site:

1. Your browser and server perform a TLS handshake
2. They agree on encryption methods
3. They securely exchange keys

This process often uses public-key cryptography:

• A public key (shared openly)
• A private key (kept secret by the server)

Ensures only the intended server can decrypt the data

HTTPS greatly reduces MITM risk, but it’s not foolproof if:

• You ignore browser warnings
• A device is already compromised
• Attackers use advanced tricks (like fake certificates)