Say I'm using a VPN to talk with a server, and Bob is eavesdropping for packets at the VPN.
Basically a special kind of man-in-the-middle attack.
If I'm using HTTPS, how clever would Bob have to be to bypass HTTPS and get the data from my packets?
How about metadata (e.g. my IP, target IP, time sent)?
If Bob is just listening, he can not decrypt the HTTP message (encrypted with TLS to become HTTPS). The TCP/IP packet that holds the HTTPS packet is not encrypted though (it can’t be, it’s needed for the network to work).
In the TCP/IP packet you store target and source IP, TTL And some more flags. If you see a packet on the network you can track it’s time of seeing.
In short Bob needs to break HTTPS or do a specific attack on you, just listening is not enough. Some of the metadata of your connection is present in clear text for the systems to work, this part of it will be visible to Bob.
