| |
| |
Preface | |
| |
| |
| |
Security Concepts | |
| |
| |
| |
Introduction | |
| |
| |
| |
The Internet Threat Model | |
| |
| |
| |
The Players | |
| |
| |
| |
The Goals of Security | |
| |
| |
| |
Tools of the Trade | |
| |
| |
| |
Putting It All Together | |
| |
| |
| |
A Simple Secure Messaging System | |
| |
| |
| |
A Simple Secure Channel | |
| |
| |
| |
The Export Situation | |
| |
| |
| |
Real Cryptographic Algorithms | |
| |
| |
| |
Symmetric Encryption: Stream Ciphers | |
| |
| |
| |
Symmetric Encryption: Block Ciphers | |
| |
| |
| |
Digest Algorithms | |
| |
| |
| |
Key Establishment | |
| |
| |
| |
Digital Signature | |
| |
| |
| |
MACs | |
| |
| |
| |
Key Length | |
| |
| |
| |
Summary | |
| |
| |
| |
Introduction to SSL | |
| |
| |
| |
Introduction | |
| |
| |
| |
Standards and Standards Bodies | |
| |
| |
| |
SSL Overview | |
| |
| |
| |
SSL/TLS Design Goals | |
| |
| |
| |
SSL and the TCP/IP Suite | |
| |
| |
| |
SSL History | |
| |
| |
| |
SSL for the Web | |
| |
| |
| |
Everything over SSL | |
| |
| |
| |
Getting SSL | |
| |
| |
| |
Summary | |
| |
| |
| |
Basic SSL | |
| |
| |
| |
Introduction | |
| |
| |
| |
SSL Overview | |
| |
| |
| |
Handshake | |
| |
| |
| |
SSL Record Protocol | |
| |
| |
| |
Putting the Pieces Together | |
| |
| |
| |
A Real Connection | |
| |
| |
| |
Some More Connection Details | |
| |
| |
| |
SSL Specification Language | |
| |
| |
| |
Handshake Message Structure | |
| |
| |
| |
Handshake Messages | |
| |
| |
| |
Key Derivation | |
| |
| |
| |
Record Protocol | |
| |
| |
| |
Alerts and Closure | |
| |
| |
| |
Summary | |
| |
| |
| |
Advanced SSL | |
| |
| |
| |
Introduction | |
| |
| |
| |
Session Resumption | |
| |
| |
| |
Client Authentication | |
| |
| |
| |
Ephemeral RSA | |
| |
| |
| |
Rehandshake | |
| |
| |
| |
Server Gated Cryptography | |
| |
| |
| |
DSS and DH | |
| |
| |
| |
Elliptic Curve Cipher Suites | |
| |
| |
| |
Kerberos | |
| |
| |
| |
FORTEZZA | |
| |
| |
| |
The Story So Far | |
| |
| |
| |
Session Resumption Details | |
| |
| |
| |
Client Authentication Details | |
| |
| |
| |
Ephemeral RSA Details | |
| |
| |
| |
SGC Details | |
| |
| |
| |
DH/DSS Details | |
| |
| |
| |
FORTEZZA Details | |
| |
| |
| |
Error Alerts | |
| |
| |
| |
SSLv2 Backward Compatibility | |
| |
| |
| |
Summary | |
| |
| |
| |
SSL Security | |
| |
| |
| |
Introduction | |
| |
| |
| |
What SSL Provides | |
| |
| |
| |
Protect the master_secret | |
| |
| |
| |
Protect the Server's Private Key | |
| |
| |
| |
Use Good Randomness | |
| |
| |
| |
Check the Certificate Chain | |
| |
| |
| |
Algorithm Selection | |
| |
| |
| |
The Story So Far | |
| |
| |
| |
Compromise of the master_secret | |
| |
| |
| |
Protecting Secrets in Memory | |
| |
| |
| |
Securing the Server's Private Key | |
| |
| |
| |
Random Number Generation | |
| |
| |
| |
Certificate Chain Verification | |
| |
| |
| |
Partial Compromise | |
| |
| |
| |
Known Attacks | |
| |
| |
| |
Timing Cryptanalysis | |
| |
| |
| |
Million Message Attack | |
| |
| |
| |
Small-Subgroup Attack | |
| |
| |
| |
Downgrade to Export | |
| |
| |
| |
Summary | |
| |
| |
| |
SSL Performance | |
| |
| |
| |
Introduction | |
| |
| |
| |
SSL Is Slow | |
| |
| |
| |
Performance Principles | |
| |
| |
| |
Cryptography Is Expensive | |
| |
| |
| |
Session Resumption | |
| |
| |
| |
Handshake Algorithm and Key Choice | |
| |
| |
| |
Bulk Data Transfer | |
| |
| |
| |
Basic SSL Performance Rules | |
| |
| |
| |
The Story So Far | |
| |
| |
| |
Handshake Time Allocation | |
| |
| |
| |
Normal RSA Mode | |
| |
| |
| |
RSA with Client Authentication | |
| |
| |
| |
Ephemeral RSA | |
| |
| |
| |
DSS/DHE | |
| |
| |
| |
DSS/DHE with Client Authentication | |
| |
| |
| |
Performance Improvements with DH | |
| |
| |
| |
Record Processing | |
| |
| |
| |
Java | |
| |
| |
| |
SSL Servers under Load | |
| |
| |
| |
Hardware Acceleration | |
| |
| |
| |
Inline Hardware Accelerators | |
| |
| |
| |
Network Latency | |
| |
| |
| |
The Nagle Algorithm | |
| |
| |
| |
Handshake Buffering | |
| |
| |
| |
Advanced SSL Performance Rules | |
| |
| |
| |
Summary | |
| |
| |
| |
Designing with SSL | |
| |
| |
| |
Introduction | |
| |
| |
| |
Know What You Want to Secure | |
| |
| |
| |
Client Authentication Options | |
| |
| |
| |
Reference Integrity | |
| |
| |
| |
Inappropriate Tasks | |
| |
| |
| |
Protocol Selection | |
| |
| |
| |
Reducing Handshake Overhead | |
| |
| |
| |
Design Strategy | |
| |
| |
| |
The Story So Far | |
| |
| |
| |
Separate Ports | |
| |
| |
| |
Upward Negotiation | |
| |
| |
| |
Downgrade Attacks | |
| |
| |
| |
Reference Integrity | |
| |
| |
| |
Username/Password Authentication | |
| |
| |
| |
SSL Client Authentication | |
| |
| |
| |
Mutual Username/Password Authentication | |
| |
| |
| |
Rehandshake | |
| |
| |
| |
Secondary Channels | |
| |
| |
| |
Closure | |
| |
| |
| |
Summary | |
| |
| |
| |
Coding with SSL | |
| |
| |
| |
Introduction | |
| |
| |
| |
SSL Implementations | |
| |
| |
| |
Sample Programs | |
| |
| |
| |
Context Initialization | |
| |
| |
| |
Client Connect | |
| |
| |
| |
Server Accept | |
| |
| |
| |
Simple I/O Handling | |
| |
| |
| |
Multiplexed I/O Using Threads | |
| |
| |
| |
Multiplexed I/O with select () | |
| |
| |
| |
Closure | |
| |
| |
| |
Session Resumption | |
| |
| |
| |
What's Missing? | |
| |
| |
| |
Summary | |
| |
| |
| |
HTTP over SSL | |
| |
| |
| |
Introduction | |
| |
| |
| |
Securing the Web | |
| |
| |
| |
HTTP | |
| |
| |
| |
HTML | |
| |
| |
| |
URLs | |
| |
| |
| |
HTTP Connection Behavior | |
| |
| |
| |
Proxies | |
| |
| |
| |
Virtual Hosts | |
| |
| |
| |
Protocol Selection | |
| |
| |
| |
Client Authentication | |
| |
| |
| |
Reference Integrity | |
| |
| |
| |
HTTPS | |
| |
| |
| |
HTTPS Overview | |
| |
| |
| |
URLs and Reference Integrity | |
| |
| |
| |
Connection Closure | |
| |
| |
| |
Proxies | |
| |
| |
| |
Virtual Hosts | |
| |
| |
| |
Client Authentication | |
| |
| |
| |
Referrer | |
| |
| |
| |
Substitution Attacks | |
| |
| |
| |
Upgrade | |
| |
| |
| |
Programming Issues | |
| |
| |
| |
Proxy Connect | |
| |
| |
| |
Handling Multiple Clients | |
| |
| |
| |
Summary | |
| |
| |
| |
SMTP over TLS | |
| |
| |
| |
Introduction | |
| |
| |
| |
Internet Mail Security | |
| |
| |
| |
Internet Messaging Overview | |
| |
| |
| |
SMTP | |
| |
| |
| |
RFC 822 and MIME | |
| |
| |
| |
E-Mail Addresses | |
| |
| |
| |
Mail Relaying | |
| |
| |
| |
Virtual Hosts | |
| |
| |
| |
MX Records | |
| |
| |
| |
Client Mail Access | |
| |
| |
| |
Protocol Selection | |
| |
| |
| |
Client Authentication | |
| |
| |
| |
Reference Integrity | |
| |
| |
| |
Connection Semantics | |
| |
| |
| |
Starttls | |
| |
| |
| |
Starttls Overview | |
| |
| |
| |
Connection Closure | |
| |
| |
| |
Requiring TLS | |
| |
| |
| |
Virtual Hosts | |
| |
| |
| |
Security Indicators | |
| |
| |
| |
Authenticated Relaying | |
| |
| |
| |
Originator Authentication | |
| |
| |
| |
Reference Integrity Details | |
| |
| |
| |
Why Not Connect? | |
| |
| |
| |
What's Starttls Good For? | |
| |
| |
| |
Programming Issues | |
| |
| |
| |
Implementing Starttls | |
| |
| |
| |
Server Startup | |
| |
| |
| |
Summary | |
| |
| |
| |
Contrasting Approaches | |
| |
| |
| |
Introduction | |
| |
| |
| |
The End-to-End Argument | |
| |
| |
| |
The End-to-End Argument and SMTP | |
| |
| |
| |
Other Protocols | |
| |
| |
| |
IPsec | |
| |
| |
| |
Security Associations | |
| |
| |
| |
ISAKMP and IKE | |
| |
| |
| |
AH and ESP | |
| |
| |
| |
Putting It All Together: IPsec | |
| |
| |
| |
IPsec versus SSL | |
| |
| |
| |
Secure HTTP | |
| |
| |
| |
CMS | |
| |
| |
| |
Message Format | |
| |
| |
| |
Cryptographic Options | |
| |
| |
| |
Putting It All Together: S-HTTP | |
| |
| |
| |
S-HTTP versus HTTPS | |
| |
| |
| |
S/MIME | |
| |
| |
| |
Basic S/MIME Formatting | |
| |
| |
| |
Signing Only | |
| |
| |
| |
Algorithm Choice | |
| |
| |
| |
Putting It All Together: S/MIME | |
| |
| |
| |
Implementation Barriers | |
| |
| |
| |
S/MIME versus SMTP/TLS | |
| |
| |
| |
Choosing the Appropriate Solution | |
| |
| |
| |
Summary | |
| |
| |
| |
Example Code | |
| |
| |
| |
Chapter 8 | |
| |
| |
| |
C Examples | |
| |
| |
| |
Java Examples | |
| |
| |
| |
Chapter 9 | |
| |
| |
| |
HTTPS Examples | |
| |
| |
| |
mod_ssl Session Caching | |
| |
| |
| |
SSLv2 | |
| |
| |
| |
Introduction | |
| |
| |
| |
SSLv2 Overview | |
| |
| |
| |
Missing Features | |
| |
| |
| |
Security Problems | |
| |
| |
| |
PCT | |
| |
| |
| |
What about SSLv1? | |
| |
| |
Bibliography | |
| |
| |
Index | |