Acerca de este artículo

Product Identifiers

PublisherAddison Wesley Professional

ISBN-100201615983

ISBN-139780201615982

eBay Product ID (ePID)1744568

Product Key Features

Number of Pages528 Pages

LanguageEnglish

Publication NameSsl and Tls : Designing and Building Secure Systems

Publication Year2000

SubjectInternet / General, Networking / Vendor Specific, Security / Networking, Networking / Network Protocols

TypeTextbook

AuthorEric Rescorla

Subject AreaComputers

FormatTrade Paperback

Dimensions

Item Height1.3 in

Item Weight28.8 Oz

Item Length9.1 in

Item Width7 in

Additional Product Features

Intended AudienceScholarly & Professional

LCCN00-057593

Dewey Edition21

IllustratedYes

Dewey Decimal005.8

Table Of ContentPreface. 1. Security Concepts. Introduction. The Internet Threat Model. The Players. The Goals of Security. Tools of the Trade. Putting It All Together. A Simple Secure Messaging System. A Simple Secure Channel. The Export Situation. Real Cryptographic Algorithms. Symmetric Encryption: Stream Ciphers. Symmetric Encryption: Block Ciphers. Digest Algorithms. Key Establishment. Digital Signature. MACs. Key Length. Summary. 2. Introduction to SSL. Introduction. Standards and Standards Bodies. SSL Over view. SSL/TLS Design Goals. SSL and the TCP/IP Suite. SSL History. SSL for the Web. Everything over SSL. Getting SSL. Summary. 3. Basic SSL. Introduction. SSL Over view. Handshake. SSL Record Protocol. Putting the Pieces Together. A Real Connection. Some More Connection Details. SSL Specification Language. Handshake Message Structure. Handshake Messages. Key Derivation. Record Protocol. Alerts and Closure. Summary. 4. Advanced SSL. Introduction. Session Resumption. Client Authentication. Ephemeral RSA. Rehandshake. Server Gated Cryptography. DSS and DH. Elliptic Curve Cipher Suites. Kerberos. FORTEZZA. The Story So Far. Session Resumption Details. Client Authentication Details. Ephemeral RSA Details. SGC Details. DH/DSS Details. FORTEZZA Details. Error Alerts. SSLv2 Backward Compatibility. Summary. 5. SSL Security. Introduction. What SSL Provides. Protect the master_secret. Protect the Server''s Private Key. Use Good Randomness. Check the Certificate Chain. Algorithm Selection. The Story So Far. Compromise of the master_secret. Protecting Secrets in Memory. Securing the Server''s Private Key. Random Number Generation. Certificate Chain Verification. Partial Compromise. Known Attacks. Timing Cryptanalysis. Million Message Attack. Small-Subgroup Attack. Downgrade to Export. Summary. 6. SSL Performance. Introduction. SSL Is Slow. Performance Principles. Cryptography Is Expensive. Session Resumption. Handshake Algorithm and Key Choice. Bulk Data Transfer. Basic SSL Performance Rules. The Story So Far. Handshake Time Allocation. Normal RSA Mode. RSA with Client Authentication. Ephemeral RSA. DSS/DHE. DSS/DHE with Client Authentication. Performance Improvements with DH. Record Processing. Java. SSL Servers under Load. Hardware Acceleration. Inline Hardware Accelerators. Network Latency. The Nagle Algorithm. Handshake Buffering. Advanced SSL Performance Rules. Summary. 7. Designing with SSL. Introduction. Know What You Want to Secure. Client Authentication Options. Reference Integrity. Inappropriate Tasks. Protocol Selection. Reducing Handshake Overhead. Design Strategy. The Story So Far. Separate Ports. Upward Negotiation. Downgrade Attacks. Reference Integrity. Username/Password Authentication. SSL Client Authentication. Mutual Username/Password Authentication. Rehandshake. Secondary Channels. Closure. Summary. 8. Coding with SSL. Introduction. SSL Implementations. Sample Programs. Context Initialization. Client Connect. Server Accept. Simple I/O Handling. Multiplexed I/O Using Threads. Multiplexed I/O with select(). Closure. Session Resumption. What''s Missing? Summary. 9. HTTP over SSL. Introduction. Securing the Web. HTTP. HTML. URLs. HTTP Connection Behavior. Proxies. Virtual Hosts. Protocol Selection. Client Authentication. Reference Integrity. HTTPS. HTTPS Overview. URLs and Reference Integrity. Connection Closure. Proxies. Virtual Hosts. Client Authentication. Referrer. Substitution Attacks.

SynopsisThis is the best book on SSL/TLS. Rescorla knows SSL/TLS as well as anyone and presents it both clearly and completely.... At times, I felt like hes been looking over my shoulder when I designed SSL v3. If network security matters to you, buy this book. Paul Kocher, Cryptography Research, Inc. Co-Designer of SSL v3 Having the right crypto is necessary but not sufficient to having secure communications. If youre using SSL/TLS, you should have SSL and TLS sitting on your shelf right next to Applied Cryptography. Bruce Schneier, Counterpane Internet Security, Inc. Author of Applied Cryptography Everything you wanted to know about SSL/TLS in one place. It covers the protocols down to the level of packet traces. It covers how to write software that uses SSL/TLS. And it contrasts SSL with other approaches. All this while being technically sound and readable Radia Perlman, Sun Microsystems, Inc. Author of Interconnections Secure Sockets Layer (SSL) and its IETF successor, Transport Layer Security (TLS), are the leading Internet security protocols, providing security for e-commerce, web services, and many other network functions. Using SSL/TLS effectively requires a firm grasp of it, Secure Sockets Layer (SSL) is used in virtually every commercial web browser and server. In this book, one of the world's leading network security experts explains how SSL works -- and gives implementers step-by-step guidance and proven design patterns for building secure systems with SSL. Eric Rescorla also provides the first in-depth introduction to Transport Layer Security (TLS), the highly anticipated, maximum-security successor to SSL. KEY TOPICS: Rescorla starts by introducing SSL's fundamentals: how it works, and the threats it is intended to address. One step at a time, he addresses each key SSL concept and technique, including cryptography, SSL performance optimization, designing and coding, and how to work around SSL's limitations. Rescorla demonstrates TLS at work in SMTP-based Internet security applications. The book includes detailed examples of SSL/TLS implementations, with in-depth insight into the key design choices that informed them. MARKET: For all network and security designers, enterprise developers, system implementers, and suppliers of Internet security products and services., Secure Sockets Layer (SSL) is used in virtually every commercial web browser and server. In this book, one of the world's leading network security experts explains how SSL works -- and gives implementers step-by-step guidance and proven design patterns for building secure systems with SSL. Eric Rescorla also provides the first in-depth introduction to Transport Layer Security (TLS), the highly anticipated, maximum-security successor to SSL. Rescorla starts by introducing SSL's fundamentals: how it works, and the threats it is intended to address. One step at a time, he addresses each key SSL concept and technique, including cryptography, SSL performance optimization, designing and coding, and how to work around SSL's limitations. Rescorla demonstrates TLS at work in SMTP-based Internet security applications. The book includes detailed examples of SSL/TLS implementations, with in-depth insight into the key design choices that informed them. For all network and security designers, enterprise developers, system implementers, and suppliers of Internet security products and services.

LC Classification NumberTK5105.59.R47 2001