Wiley
Wiley.com
Print this page Share

Implementing SSL / TLS Using Cryptography and PKI

ISBN: 978-0-470-92041-1
696 pages
January 2011
Implementing SSL / TLS Using Cryptography and PKI (0470920416) cover image
Hands-on, practical guide to implementing SSL and TLS protocols for Internet security

If you are a network professional who knows C programming, this practical book is for you.  Focused on how to implement Secure Socket Layer (SSL) and Transport Layer Security (TLS), this book guides you through all necessary steps, whether or not you have a working knowledge of cryptography. The book covers SSLv2, TLS 1.0, and TLS 1.2, including implementations of the relevant cryptographic protocols, secure hashing, certificate parsing, certificate generation, and more. 

Coverage includes:

  • Understanding Internet Security
  • Protecting against Eavesdroppers with Symmetric Cryptography
  • Secure Key Exchange over an Insecure Medium with Public Key Cryptography
  • Authenticating Communications Using Digital Signatures
  • Creating a Network of Trust Using X.509 Certificates
  • A Usable, Secure Communications Protocol: Client-Side TLS
  • Adding Server-Side TLS 1.0 Support
  • Advanced SSL Topics
  • Adding TLS 1.2 Support to Your TLS Library
  • Other Applications of SSL
  • A Binary Representation of Integers: A Primer
  • Installing TCPDump and OpenSSL
  • Understanding the Pitfalls of SSLv2

Set up and launch a working implementation of SSL with this practical guide.

See More
Introduction xxvii

Chapter 1 Understanding Internet Security 1

Chapter 2 Protecting Against Eavesdroppers with Symmetric Cryptography 29

Chapter 3 Secure Key Exchange over an Insecure Medium with Public Key Cryptography 91

Chapter 4 Authenticating Communications Using Digital Signatures 157

Chapter 5 Creating a Network of Trust Using X.509 Certifi cates 221

Chapter 6 A Usable, Secure Communications Protocol: Client-Side TLS 297

Chapter 7 Adding Server-Side TLS 1.0 Support 381

Chapter 8 Advanced SSL Topics 415

Chapter 9 Adding TLS 1.2 Support to Your TLS Library 479

Chapter 10 Other Applications of SSL 543

Appendix A Binary Representation of Integers: A Primer 567

Appendix B Installing TCPDump and OpenSSL 573

Appendix C Understanding the Pitfalls of SSLv2 579

Index 629

See More
Joshua Davies is a principal architect for Travelocity.com, responsible for the architecture of the main Web site with a focus on networking and security. Previously, he designed distributed systems for AT&T, Digex, and the Mexican telecommunications giant Pegaso.
See More
Download TitleSizeDownload
Implementing SSL GCC 296.92 KB Click to Download
Implementing SSL VS 414.83 KB Click to Download
See More

Do you think you've discovered an error in this book? Please check the list of errata below to see if we've already addressed the error. If not, please submit the error via our Errata Form. We will attempt to verify your error; if you're right, we will post a correction below.

ChapterPageDetailsDatePrint Run
29 Error in Text
"GET."
should be the letters G, E, and T followed by a space.
This is referring to a specific character sequence.
3/11/11
71 Error in Text
Third paragraph, second sentence:
"If you multiply this with any other (four-column) matrix"

should read:
"If you multiply this with any other (four row) matrix"

ALSO The lowest matrix, on the left-hand, should show a ^-1 inversion notation
3/11/11
90 Error in Text
Last paragraph, last sentence should read:
"CTR mode didn't make it into TLS..."
3/11/11
100 Error in Text
Second paragraph, second sentence, should read:
"That is, look for extraneous chars..."
3/11/11
101 Error in Text
At the bottom, should read:
"49200 + 6150 + 738 = 56088"
3/11/11
129 Error in Text
the "Procedure for generating RSA keypairs" sidebar states:
3. Compute the totient function (p-1)(1-1)

This should read:
3. Compute the totient function (p-1)(q-1)
3/28/11
130 Error in Text
Reads: "its slow runtime limits is practical uses".

Should read: "its slow runtime limits its practical uses".
4/25/2011
133 Error in Text
Reads: "sqrt(x^3-ax) has no solutions between 0 and 1 because x^3 - ax < 0".

Should read: "sqrt(x^3-x) has no solutions between 0 and 1 because x^3 - x < 0".
4/25/2011
155 Error in Text
Text states:
"OpenSSL 1.0, although it includes elliptic-curve operations, doesn't support TLS 1.2, and therefore doesn't support online ECC".

Actually, as of February 8, 2011, while openssl 0.9.8r does not support elliptic-curve ciphersuites, openssl 1.0.0 does.
8/15/11
160 Error in Text
Text states:
"Obviously, with such a 4:1 ratio of input blocks to output blocks, there will be at least a one in four chance of a collision."

Actually, over the entire input space, the chance of a collision is actually significantly smaller than 1 in 4.
8/15/11
See More
Buy Both and Save 25%!
+

Implementing SSL / TLS Using Cryptography and PKI (US $60.00)

-and- Liars and Outliers: Enabling the Trust that Society Needs to Thrive (US $24.95)

Total List Price: US $84.95
Discounted Price: US $63.71 (Save: US $21.24)

Buy Both
Cannot be combined with any other offers. Learn more.

Related Titles

Back to Top