SSL and TLS: Theory and Practice, Second Edition

Front Cover
Artech House, Mar 31, 2016 - Computers - 304 pages

 This completely revised and expanded second edition of SSL and TLS: Theory and Practice provides an overview and a comprehensive discussion of the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram TLS (DTLS) protocols that are omnipresent in today's e-commerce and e-business applications and respective security solutions. It provides complete details on the theory and practice of the protocols, offering readers a solid understanding of their design principles and modes of operation. Updates to this edition include coverage of the recent attacks against the protocols, newly specified extensions and firewall traversal, as well as recent developments related to public key certificates and respective infrastructures. This book targets software developers, security professionals, consultants, protocol designers, and chief security officers who will gain insight and perspective on the many details of the SSL, TLS, and DTLS protocols, such as cipher suites, certificate management, and alert messages. The book also comprehensively discusses the advantages and disadvantages of the protocols compared to other Internet security protocols and provides the details necessary to correctly implement the protocols while saving time on the security practitioner's side.

 

Selected pages

Contents

Chapter 1 Introduction
1
Chapter 2 SSL Protocol
21
Chapter 3 TLS Protocol
91
Chapter 4 DTLS Protocol
177
Chapter 5 Firewall Traversal
191
Chapter 6 Public Key Certificates and Internet Public Key Infrastructure PKI
201
Chapter 7 Concluding Remarks
233
Appendix A Registered TLS Cipher Suites
237
Appendix B Padding Oracle Attacks
245
Appendix C Abbreviations and Acronyms
263
About the Author
271
Index
273
Copyright

Other editions - View all

SSL and TLS: Theory and Practice
Rolf Oppliger
No preview available - 2016
SSL and TLS: Theory and Practice
Rolf Oppliger
No preview available - 2009
SSL and TLS: Theory and Practice
Rolf Oppliger
No preview available - 2009

Common terms and phrases

3DES adversary AES AES AES alert messages ARIA ARIA ARIA block cipher browser bytes CAMELLIA CAMELLIA CAMELLIA CBC CBC CBC CBC SHA cipher suites ciphertext block CLIENTHELLO message CLIENTKEYEXCHANGE message comprises Computer cryptographic cryptographic hash function decrypt DH DH DHE Diffie-Hellman key exchange DSS RSA DTLS ECDHE ECDHE ECDHE ECDSA encryption example EXPORT FINISHED message firewall FORTEZZA handshake messages hence HMAC IETF illustrated in Figure implementations Informational RFC Internet key exchange algorithm Layer Security TLS length field master secret message type MITM NULL OpenPGP OpenSSL padding oracle attacks parameters PKCS plaintext premaster secret protocol specification proxy server PSK PSK PSK public key certificate refers renegotiation respective RSA RSA RSA Section sends sequence number SERVERHELLO message session ID SHA TLS SHA SSL protocol SSL/TLS protocols Standards Track RFC stream cipher TLS extension TLS record TLS SHA TLS TLS SHA256 TLS TLS SHA384 TLS Transport Layer Security Vaudenay

About the author (2016)

 Rolf Oppliger leads eSECURITY Technologies, works for the Swiss federal administration, serves as an adjunct professor of computer science at the University of Z¸rich, Switzerland, and is the Information Security and Privacy editor at Artech House. He earned his Ph.D. in computer science from the University of Berne, Switzerland.

Bibliographic information

TitleSSL and TLS: Theory and Practice, Second Edition
Artech House information security and privacy series
AuthorRolf Oppliger
PublisherArtech House, 2016
ISBN1608079996, 9781608079995
Length304 pages
Subjects ›  › 

Computers / Electronic Commerce
Computers / Security / General
  
Export CitationBiBTeX EndNote RefMan