Implementing SSL/TLS Using Cryptography and PKI

Table of contents

1. Cover Page
2. Title Page
3. Copyright
4. Dedication
5. About the Author
6. About the Technical Editor
7. Credits
8. Acknowledgments
9. Contents at a Glance
10. Contents
11. Introduction
    1. Supplemental Web Sites
    2. Roadmap and Companion Source Code
    3. Outline of the Book
    4. How to Read This Book
12. CHAPTER 1: Understanding Internet Security
    1. What Are Secure Sockets?
    2. Insecure Communications: Understanding the HTTP Protocol
    3. Roadmap for the Rest of This Book
13. CHAPTER 2: Protecting Against Eavesdroppers with Symmetric Cryptography
    1. Understanding Block Cipher Cryptography Algorithms
    2. Understanding Stream Cipher Algorithms
14. CHAPTER 3: Secure Key Exchange over an Insecure Medium with Public Key Cryptography
    1. Understanding the Theory Behind the RSA Algorithm
    2. Performing Arbitrary Precision Binary Math to Implement Public-Key Cryptography
    3. Encryption and Decryption with RSA
    4. Achieving Perfect Forward Secrecy with Diffie-Hellman Key Exchange
    5. Getting More Security per Key Bit: Elliptic Curve Cryptography
    6. Making ECC Work with Whole Integers: Elliptic-Curve Cryptography over Fp
15. CHAPTER 4: Authenticating Communications Using Digital Signatures
    1. Using Message Digests to Create Secure Document Surrogates
16. CHAPTER 5: Creating a Network of Trust Using X.509 Certificates
    1. Putting It Together: The Secure Channel Protocol
    2. Encoding with ASN.1
    3. Developing an ASN.1 Parser
    4. Managing Certificates
    5. Other Problems with Certificates
17. CHAPTER 6: A Usable, Secure Communications Protocol: Client-Side TLS
    1. Implementing the TLS 1.0 Handshake (Client Perspective)
    2. Secure Data Transfer with TLS
    3. Implementing TLS Shutdown
    4. Examining HTTPS End-to-End Examples (TLS 1.0)
    5. Differences Between SSL 3.0 and TLS 1.0
    6. Differences Between TLS 1.0 and TLS 1.1
18. CHAPTER 7: Adding Server-Side TLS 1.0 Support
    1. Implementing the TLS 1.0 Handshake from the Server's Perspective
    2. Avoiding Common Pitfalls When Adding HTTPS Support to a Server
    3. When a Browser Displays Errors: Browser Trust Issues
19. CHAPTER 8: Advanced SSL Topics
    1. Passing Additional Information with Client Hello Extensions
    2. Safely Reusing Key Material with Session Resumption
    3. Avoiding Fixed Parameters with Ephemeral Key Exchange
    4. Verifying Identity with Client Authentication
    5. Dealing with Legacy Implementations: Exportable Ciphers
    6. Discarding Key Material Through Session Renegotiation
20. CHAPTER 9: Adding TLS 1.2 Support to Your TLS Library
    1. Supporting TLS 1.2 When You Use RSA for the Key Exchange
    2. Impact to Diffie-Hellman Key Exchange
    3. Adding Support for AEAD Mode Ciphers
    4. Working ECC Extensions into the TLS Library
    5. The Current State of TLS 1.2
21. CHAPTER 10: Other Applications of SSL
    1. Adding the NTTPS Extension to the NTTP Algorithm
    2. Implementing "Multi-hop" SMTP over TLS and Protecting Email Content with S/MIME
    3. Securing Datagram Traffic
    4. Supporting SSL When Proxies Are Involved
    5. SSL with OpenSSL
22. APPENDIX A: Binary Representation of Integers: A Primer
    1. The Decimal and Binary Numbering Systems
    2. Understanding Binary Logical Operations
    3. Two's-Complement Representation of Negative Numbers
    4. Big-Endian versus Little-Endian Number Formats
23. APPENDIX B: Installing TCPDump and OpenSSL
    1. Installing TCPDump
    2. Installing OpenSSL
24. APPENDIX C: Understanding the Pitfalls of SSLv2
    1. Implementing the SSL Handshake
25. Index