Author

WeChat Backend Team

Official account of the WeChat backend development team, sharing their experience in large-scale distributed system development.

Articles

Likes

Views

Comments

Latest from WeChat Backend Team

47 recent articles

WeChat Backend Team

May 7, 2017 · Backend Development

How WeChat’s MQ 2.0 Redefined Asynchronous Queues for Massive Scale

This article explains the design and improvements of WeChat's MQ 2.0 asynchronous queue, covering its cross‑machine consumption model, enhanced task scheduling, MapReduce‑style processing, stream tasks, and robust overload protection that together enable high‑performance, resilient backend services.

Message Queueasynchronous processingbackend architecture

0 likes · 13 min read

How WeChat’s MQ 2.0 Redefined Asynchronous Queues for Massive Scale

WeChat Backend Team

Dec 13, 2016 · Information Security

What TLS Design Lessons Can Revolutionize Modern Secure Communications?

This article distills practical design decisions for modern encrypted communication protocols—covering algorithm selection, versioning, PKI choices, library alternatives, replay protection, performance tuning, and latency considerations—while providing a concise appendix of fundamental cryptographic concepts and key references.

Protocol DesignTLSkey exchange

0 likes · 15 min read

What TLS Design Lessons Can Revolutionize Modern Secure Communications?

WeChat Backend Team

Dec 13, 2016 · Information Security

TLS Deep Dive: Implementations, Deployment Tips, and Modern Encryption Protocols

This article surveys major TLS implementations, practical deployment and optimization strategies, and explores related modern encryption protocols such as QUIC, iMessage, HomeKit, TextSecure, OTR, and libsodium, providing resources and best‑practice guidance for secure communications.

EncryptionProtocol ImplementationTLS

0 likes · 11 min read

TLS Deep Dive: Implementations, Deployment Tips, and Modern Encryption Protocols

WeChat Backend Team

Dec 12, 2016 · Information Security

TLS Security Deep Dive: Threat Models, Handshakes & Best Practices

This article provides a comprehensive security analysis of the TLS protocol, covering attacker models, authentication and key exchange mechanisms, version rollback attacks, handshake vulnerabilities, session resumption, application data protection, explicit IV concerns, DoS threats, session ticket security, TLS extensions, PKI considerations, historical flaws, and the major improvements introduced in TLS 1.3.

TLSTLS 1.3cryptography

0 likes · 30 min read

TLS Security Deep Dive: Threat Models, Handshakes & Best Practices

WeChat Backend Team

Dec 12, 2016 · Information Security

Understanding TLS Handshake: Server Certificate, Key Exchange, and Client Authentication

This article explains the TLS handshake process, covering server certificate transmission, server key exchange details, certificate request handling, server hello done, client certificate usage, client key exchange mechanisms, RSA premaster secret encryption, Diffie‑Hellman and ECDH key exchanges, and the certificate verify step.

CertificateSecurityTLS

0 likes · 24 min read

Understanding TLS Handshake: Server Certificate, Key Exchange, and Client Authentication

WeChat Backend Team

Dec 12, 2016 · Information Security

Understanding TLS Handshake: Finished Message, Session Tickets, and Alerts

This article explains the TLS handshake process, detailing the Finished message verification, the use of NewSessionTicket for stateless session resumption, and the roles of ChangeCipherSpec, Alert, and Application Data protocols in secure communications.

HandshakeSessionTicketTLS

0 likes · 11 min read

Understanding TLS Handshake: Finished Message, Session Tickets, and Alerts

WeChat Backend Team

Dec 9, 2016 · Information Security

Understanding TLS Record Protocol: Encryption, MAC, and Key Management

This article explains how the TLS record layer encrypts and authenticates application data by fragmenting, sequencing, optionally compressing, encrypting, computing HMAC, and transmitting over TCP/IP, while detailing the security parameters, key derivation, and the evolution from MAC‑then‑Encrypt to AEAD modes.

AEADEncryptionKey Expansion

0 likes · 15 min read

Understanding TLS Record Protocol: Encryption, MAC, and Key Management

WeChat Backend Team

Dec 9, 2016 · Information Security

Understanding TLS: Layered Architecture, Cipher Suites, and Secure Configuration

This article explains the layered design of TLS, details the cryptographic primitives and cipher suites it uses, and provides guidance on selecting secure configurations while avoiding unsafe legacy algorithms.

Protocol DesignTLScipher suites

0 likes · 11 min read

Understanding TLS: Layered Architecture, Cipher Suites, and Secure Configuration

WeChat Backend Team

Dec 9, 2016 · Information Security

Understanding TLS Handshake: Protocol Flow, Algorithms, and Security

This article explains the TLS handshake protocol in depth, covering its overall flow, the generation of security parameters, the role of asymmetric algorithms, message structures, performance considerations, and mechanisms like session caching and abbreviated handshakes to ensure secure communication.

HandshakeProtocolTLS

0 likes · 22 min read

Understanding TLS Handshake: Protocol Flow, Algorithms, and Security

WeChat Backend Team

Dec 7, 2016 · Information Security

Unlocking TLS: Design Goals, History, and Modern Secure Communication

This article explores the TLS protocol in depth, outlining its design objectives, cryptographic foundations, historical evolution, detailed handshake and record layer mechanisms, security analyses, common pitfalls, and lessons for designing robust modern encrypted communication protocols.

Information SecurityProtocol DesignTLS

0 likes · 12 min read

Unlocking TLS: Design Goals, History, and Modern Secure Communication