SSL (secure socket layer) and TLS (Transport Layer Security) are widely deployed security protocols that are used in all kinds of web-based e-commerce and e-business applications and are part of most contemporary security systems available today. This practical book provides a comprehensive introduction to these protocols, offering you a solid understanding of their design. Practitioners find discussions on the advantages and disadvantages of using SSL/TLS protocols compared to other Internet security protocols. This authoritative resource shows how to properly employ SSL and TLS and configure security solutions that are based on the use of the SSL/TLS protocols.
| Foreword |
|
xi | |
| Preface |
|
xv | |
| Acknowledgments |
|
xxi | |
|
|
|
1 | (16) |
|
OSI Security Architecture |
|
|
1 | (10) |
|
|
|
4 | (4) |
|
|
|
8 | (3) |
|
|
|
11 | (3) |
|
|
|
14 | (3) |
|
|
|
15 | (2) |
|
|
|
17 | (48) |
|
|
|
17 | (11) |
|
|
|
17 | (2) |
|
|
|
19 | (2) |
|
Classes of Cryptographic Systems |
|
|
21 | (1) |
|
|
|
22 | (2) |
|
Historical Background Information |
|
|
24 | (2) |
|
|
|
26 | (2) |
|
|
|
28 | (31) |
|
|
|
28 | (7) |
|
|
|
35 | (10) |
|
|
|
45 | (14) |
|
|
|
59 | (6) |
|
|
|
60 | (5) |
|
|
|
65 | (10) |
|
|
|
65 | (3) |
|
|
|
68 | (5) |
|
|
|
73 | (2) |
|
|
|
73 | (2) |
|
|
|
75 | (58) |
|
|
|
75 | (12) |
|
|
|
87 | (34) |
|
|
|
87 | (7) |
|
|
|
94 | (23) |
|
SSL Change Cipher Spec Protocol |
|
|
117 | (1) |
|
|
|
118 | (2) |
|
SSL Application Data Protocol |
|
|
120 | (1) |
|
Traffic Analysis of an SSL Session |
|
|
121 | (4) |
|
|
|
125 | (4) |
|
|
|
129 | (4) |
|
|
|
130 | (3) |
|
|
|
133 | (50) |
|
|
|
133 | (8) |
|
|
|
136 | (3) |
|
Generation of Keying Material |
|
|
139 | (2) |
|
|
|
141 | (6) |
|
|
|
141 | (3) |
|
|
|
144 | (1) |
|
|
|
145 | (1) |
|
|
|
146 | (1) |
|
|
|
147 | (5) |
|
|
|
147 | (2) |
|
|
|
149 | (1) |
|
|
|
150 | (1) |
|
|
|
151 | (1) |
|
|
|
151 | (1) |
|
|
|
152 | (22) |
|
|
|
153 | (15) |
|
|
|
168 | (5) |
|
|
|
173 | (1) |
|
|
|
173 | (1) |
|
|
|
174 | (1) |
|
Traffic Analysis of a TLS Session |
|
|
174 | (4) |
|
|
|
178 | (1) |
|
|
|
178 | (5) |
|
|
|
179 | (4) |
|
|
|
183 | (16) |
|
|
|
183 | (3) |
|
|
|
186 | (8) |
|
|
|
187 | (3) |
|
|
|
190 | (4) |
|
|
|
194 | (1) |
|
|
|
195 | (1) |
|
|
|
195 | (4) |
|
|
|
196 | (3) |
|
|
|
199 | (10) |
|
|
|
199 | (3) |
|
|
|
202 | (3) |
|
|
|
205 | (1) |
|
|
|
206 | (3) |
|
|
|
207 | (2) |
|
Public Key Certificates and PKIs |
|
|
209 | (18) |
|
|
|
209 | (9) |
|
|
|
213 | (2) |
|
|
|
215 | (3) |
|
|
|
218 | (4) |
|
|
|
220 | (1) |
|
International Step-Up and SGC Certificates |
|
|
220 | (1) |
|
Extended Validation Certificates |
|
|
221 | (1) |
|
|
|
222 | (1) |
|
|
|
223 | (4) |
|
|
|
224 | (3) |
|
|
|
227 | (12) |
|
|
|
227 | (3) |
|
|
|
230 | (5) |
|
|
|
230 | (2) |
|
Protection Against MITM Attacks |
|
|
232 | (3) |
|
|
|
235 | (1) |
|
|
|
235 | (4) |
|
|
|
236 | (3) |
| Appendix Standardized TLS Cipher Suites |
|
239 | (4) |
| Abbreviations and Acronyms |
|
243 | (6) |
| About the Author |
|
249 | (2) |
| Index |
|
251 | |
Rolf Oppliger is the founder and owner of eSECURITY Technologies, works for the Swiss federal administration, and teaches at the University of Zurich. He is also the author of Contemporary Cryptography, Security Technologies for the World Wide Web, Second Edition, Internet and Intranet Security, Second Edition and Secure Messaging with PGP and S/MIME (Artech House 2005, 2003, 2002, 2001) among other titles. Dr. Oppliger received his M.Sc. and Ph.D. in Computer Science from the University of Berne, Switzerland, and the Venia Legendi in Computer Science from the University of Zurich, Switzerland.
