Implementing SSL/TLS is very informative book of over 600 pages is written by Joshua Davies and is available in a Kindle edition and as a paperback. It is a practical as well as hands-on guide to the implementation of SSL/TLS protocols for your internet security. There are 10 chapters and 3 appendices that give you all the information needed to implement these security protocols.
Overview:
The book is ideal for a person who is a network professional with having knowledge of C-programming. It focuses on the implementation of SSL (Secure Socket Layer) and TLS (Transport Layer Security) and it will guide you through all of the required steps whether or not you are proficient in cryptography.
The range of covered topics includes versions of SSL and TLS with the implementation of cryptographic protocols, certificate parsing, generation and secure hashing. This is an ideal book to help you understand internet security and its various protocols. You must try this book in order to liven up your knowledge.
Book Written by Joshua Davies:
Joshua Davies has over 20 years experience in security and network programming with degrees from Valdosta and the University of Texas. He is currently the principle architect at Travelocity.com and has previously worked for One, Inc. where he was the designer of systems for Neiman Marcus, AT&T, Digex as well as the Mexican giant in Telecommunications, Pegasus.
System level programming is his true passion and he plays around with family computer assigning drives and filling it with as many operating systems it will take. He is married and has two children and lives in Texas.
- Chapter 1: Understanding Internet Security
This chapter deals with everything you need to know about security including understanding HTTP protocols, proxies and clients, reliable transmission of data and an overview of using the book.
- Chapter 2: Protecting against eavesdroppers
Here you will learn about block cipher cryptography and all things to do with the implementation of Data Encryption Standards (DES), understanding faster encryption with the Advanced Encryption Standard (AES), understanding stream cipher algorithms and the RC4 Algorithm.
- Chapter 3: Secure Key Exchange
Here you will find information about the theory behind algorithms, achieving confidentiality and improving security.
- Chapter 4: Authenticating Communications Using Digital Signatures
This chapter deals with message digests, collision resistance, hash functions and elliptic curve DSA.
- Chapter 5: Creating a Network of Trust Using Digital Signatures
This chapter shows you how to put the protocols together, encoding using ASN.1, certificates and developing an ASN.1 parser.
- Chapter 6: A Usable, Secure Communications Protocol
Here you will learn about the implementation of the TLS.1 Handshake and all of its associated functions and the differences between the different protocols.
- Chapter 7: Adding Server-Side TLS 1.0 Support
This chapter deals with more about differing points of view of the client and server on how TLS handshake acts common pitfalls and errors you will encounter.
- Chapter 8: Advanced SSL Topics
Here you will learn about Reusing Key Material, Avoiding fixed parameters with Temporary Key Exchange, verifying identity and Discarding Key Material.
- Chapter 9: Adding TLS 1.2 Support
This chapter looks at supporting TLS1.2, impact to Diffie-Hellman Key exchange, support for AEAD ciphers, and working ECC extensions into the TLS library.
- Chapter 10: Other Applications of SSL
Here you will learn the other applications such as adding a ‘Multi-hop’ SMTP over TLS, securing datagram traffic and supporting SSL and SSL with Open SSL.
Appendices:
These 3 appendices deal with pitfalls of SSL2, installing TCP Dump and Open SSL and the binary representation of integers.
Conclusion:
This is a very informative book for both the experienced and beginner to get a grip on internet security using the SSL and TSL protocols. The index is very comprehensive and any term you are looking for is easy to find with page notations that are clear and understandable.
The book uses examples of computer screens that will help you both in understanding the procedure as well as implementing the different protocols, examples of output between your computer and the internet is shown so you know exactly the sort of information you are looking for.
John S Lam is an IT Instructor at Test4prep. He is a Certified Professional. Take the benefit of our CompTIA Security+ material and assure your success. Check out our free demo of all certifications Exams.
