Skip to content
Cart (0) Free shipping over $35*
Buybacks (0) Free shipping on buybacks
loading
Help Contact
Return rental ›

SSL and TLS Designing and Building Secure Systems

Best in textbook rentals since 2012!

ISBN-10: 0201615983

ISBN-13: 9780201615982

Edition: 2001

Authors: Eric Rescorla

List price: $54.99
Blue ribbon 30 day, 100% satisfaction guarantee!
Marketplace
3 new & used from $3.94
what's this?
Rush Rewards U
Members Receive:
Carrot Coin icon
XP icon
You have reached 400 XP and carrot coins. That is the daily max!

This is a guide to designing secure systems and to how to secure web traffic, using SSL (Secure Sockets layer) and TLS (Transport Layer Security), the Web's main security protocol.
Customers also bought

Book details

List price: $54.99
Copyright year: 2001
Publisher: Addison Wesley Professional
Publication date: 10/17/2000
Binding: Paperback
Pages: 528
Size: 7.25" wide x 9.00" long x 1.25" tall
Weight: 1.694
Language: English

Preface
Security Concepts
Introduction
The Internet Threat Model
The Players
The Goals of Security
Tools of the Trade
Putting It All Together
A Simple Secure Messaging System
A Simple Secure Channel
The Export Situation
Real Cryptographic Algorithms
Symmetric Encryption: Stream Ciphers
Symmetric Encryption: Block Ciphers
Digest Algorithms
Key Establishment
Digital Signature
MACs
Key Length
Summary
Introduction to SSL
Introduction
Standards and Standards Bodies
SSL Overview
SSL/TLS Design Goals
SSL and the TCP/IP Suite
SSL History
SSL for the Web
Everything over SSL
Getting SSL
Summary
Basic SSL
Introduction
SSL Overview
Handshake
SSL Record Protocol
Putting the Pieces Together
A Real Connection
Some More Connection Details
SSL Specification Language
Handshake Message Structure
Handshake Messages
Key Derivation
Record Protocol
Alerts and Closure
Summary
Advanced SSL
Introduction
Session Resumption
Client Authentication
Ephemeral RSA
Rehandshake
Server Gated Cryptography
DSS and DH
Elliptic Curve Cipher Suites
Kerberos
FORTEZZA
The Story So Far
Session Resumption Details
Client Authentication Details
Ephemeral RSA Details
SGC Details
DH/DSS Details
FORTEZZA Details
Error Alerts
SSLv2 Backward Compatibility
Summary
SSL Security
Introduction
What SSL Provides
Protect the master_secret
Protect the Server's Private Key
Use Good Randomness
Check the Certificate Chain
Algorithm Selection
The Story So Far
Compromise of the master_secret
Protecting Secrets in Memory
Securing the Server's Private Key
Random Number Generation
Certificate Chain Verification
Partial Compromise
Known Attacks
Timing Cryptanalysis
Million Message Attack
Small-Subgroup Attack
Downgrade to Export
Summary
SSL Performance
Introduction
SSL Is Slow
Performance Principles
Cryptography Is Expensive
Session Resumption
Handshake Algorithm and Key Choice
Bulk Data Transfer
Basic SSL Performance Rules
The Story So Far
Handshake Time Allocation
Normal RSA Mode
RSA with Client Authentication
Ephemeral RSA
DSS/DHE
DSS/DHE with Client Authentication
Performance Improvements with DH
Record Processing
Java
SSL Servers under Load
Hardware Acceleration
Inline Hardware Accelerators
Network Latency
The Nagle Algorithm
Handshake Buffering
Advanced SSL Performance Rules
Summary
Designing with SSL
Introduction
Know What You Want to Secure
Client Authentication Options
Reference Integrity
Inappropriate Tasks
Protocol Selection
Reducing Handshake Overhead
Design Strategy
The Story So Far
Separate Ports
Upward Negotiation
Downgrade Attacks
Reference Integrity
Username/Password Authentication
SSL Client Authentication
Mutual Username/Password Authentication
Rehandshake
Secondary Channels
Closure
Summary
Coding with SSL
Introduction
SSL Implementations
Sample Programs
Context Initialization
Client Connect
Server Accept
Simple I/O Handling
Multiplexed I/O Using Threads
Multiplexed I/O with select ()
Closure
Session Resumption
What's Missing?
Summary
HTTP over SSL
Introduction
Securing the Web
HTTP
HTML
URLs
HTTP Connection Behavior
Proxies
Virtual Hosts
Protocol Selection
Client Authentication
Reference Integrity
HTTPS
HTTPS Overview
URLs and Reference Integrity
Connection Closure
Proxies
Virtual Hosts
Client Authentication
Referrer
Substitution Attacks
Upgrade
Programming Issues
Proxy Connect
Handling Multiple Clients
Summary
SMTP over TLS
Introduction
Internet Mail Security
Internet Messaging Overview
SMTP
RFC 822 and MIME
E-Mail Addresses
Mail Relaying
Virtual Hosts
MX Records
Client Mail Access
Protocol Selection
Client Authentication
Reference Integrity
Connection Semantics
Starttls
Starttls Overview
Connection Closure
Requiring TLS
Virtual Hosts
Security Indicators
Authenticated Relaying
Originator Authentication
Reference Integrity Details
Why Not Connect?
What's Starttls Good For?
Programming Issues
Implementing Starttls
Server Startup
Summary
Contrasting Approaches
Introduction
The End-to-End Argument
The End-to-End Argument and SMTP
Other Protocols
IPsec
Security Associations
ISAKMP and IKE
AH and ESP
Putting It All Together: IPsec
IPsec versus SSL
Secure HTTP
CMS
Message Format
Cryptographic Options
Putting It All Together: S-HTTP
S-HTTP versus HTTPS
S/MIME
Basic S/MIME Formatting
Signing Only
Algorithm Choice
Putting It All Together: S/MIME
Implementation Barriers
S/MIME versus SMTP/TLS
Choosing the Appropriate Solution
Summary
Example Code
Chapter 8
C Examples
Java Examples
Chapter 9
HTTPS Examples
mod_ssl Session Caching
SSLv2
Introduction
SSLv2 Overview
Missing Features
Security Problems
PCT
What about SSLv1?
Bibliography
Index
  • TextbookRush.com BBB Business Review
  • Trustpilot
Like TextbookRush on Facebook Follow TextbookRush on X Follow TextbookRush on Instagram Subscribe to TextbookRush on YouTube Follow TextbookRush on Pinterest Add TextbookRush on Snapchat Add TextbookRush on TikTok
© 2002-2024 TextbookRush
Subscribe