Implementing SSL/TLS Using Cryptography and PKI

  • 10h 30m
  • Joshua Davies
  • John Wiley & Sons (US)
  • 2011

Let's get down to a practical implementation of SSL and TLS

SSL/TLS is a standardized, widely implemented, peer-reviewed protocol for applying cryptographic primitives to arbitrary networked communications. It provides privacy, integrity, and a measure of authenticity to otherwise inherently untrustworthy network connections.

While most books detail the protocol, this one is intended to provide you with a nearly complete SSL/TLS library, developed incrementally using C code. Whether or not you have a working knowledge of cryptography, you'll find this practical guide helps you understand the internals of these libraries so that, when it comes time to use one, you will have a firm understanding of what takes place at each stage.

  • Understand secure sockets and the HTTP protocol
  • Learn to protect against eavesdroppers with symmetric cryptography
  • Secure key exchanges over an insecure medium with public key cryptography and boost security with elliptic curve cryptography
  • Examine the use of digital signatures and X.509 certificates
  • Develop a usable, secure communications protocol with client-side TLS
  • Add server-side TLS 1.0 support
  • Use SSL in advanced situations, including safely reusing key material with session resumption and verifying identity with client authentication

About the Author

Joshua Davies is a principal architect for Travelocity.com, responsible for the architecture of the main Web site with a focus on networking and security. Previously, he designed distributed systems for AT&T, Digex, and the Mexican telecommunications giant Pegaso.

In this Book

  • Introduction
  • Understanding Internet Security
  • Protecting against Eavesdroppers with Symmetric Cryptography
  • Secure Key Exchange over an Insecure Medium with Public Key Cryptography
  • Authenticating Communications Using Digital Signatures
  • Creating a Network of Trust Using X.509 Certificates
  • A Usable, Secure Communications Protocol—Client-Side TLS
  • Adding Server-Side TLS 1.0 Support
  • Advanced SSL Topics
  • Adding TLS 1.2 Support to Your TLS Library
  • Other Applications of SSL
SHOW MORE
FREE ACCESS

YOU MIGHT ALSO LIKE

Course Cryptography: Introduction to PKI
Rating 4.6 of 71 users Rating 4.6 of 71 users (71)
Course CompTIA Cybersecurity Analyst+: Cryptography
Rating 5.0 of 4 users Rating 5.0 of 4 users (4)
Book Pro Active Directory Certificate Services: Creating and Managing Digital Certificates for Use in Microsoft Networks