How we did it:
For any feedback, any questions, any notes or just for chat - feel free to follow us on social networks
John Viega, Matt Messier, Pravir Chandra
Most applications these days are at least somewhat network aware, but how do you protect those applications against common network security threats? Many developers are turning to OpenSSL, an open source version of SSL/TLS, which is the most widely used protocol for secure network communications. The OpenSSL library is seeing widespread adoption for web sites that require cryptographic functions to protect a broad range of sensitive information, such as credit card numbers and other financial transactions. The library is the only free, full-featured SSL implementation for C and C++, and it can be used programmatically or from the command line to secure most TCP-based network protocols. Network Security with OpenSSL enables developers to use this protocol much more effectively. Traditionally, getting something simple done in OpenSSL could easily take weeks. This concise book gives you the guidance you need to avoid pitfalls, while allowing you to take advantage of the library?s advanced features. And, instead of bogging you down in the technical details of how SSL works under the hood, this book provides only the information that is necessary to use OpenSSL safely and effectively. In step-by-step fashion, the book details the challenges in securing network communications, and shows you how to use OpenSSL tools to best meet those challenges. As a system or network administrator, you will benefit from the thorough treatment of the OpenSSL command-line interface, as well as from step-by-step directions for obtaining certificates and setting up your own certification authority. As a developer, you will further benefit from the in-depth discussions and examples of how to use OpenSSL in your own programs. Although OpenSSL is written in C, information on how to use OpenSSL with Perl, Python and PHP is also included. OpenSSL may well answer your need to protect sensitive data. If that?s the case, Network Security with OpenSSL is the only guide available on the subject.
John L. Hennessy, David A. Patterson
This book trains the student with the concepts needed to lay a solid foundation for joining this exciting field. More importantly, this book provides a framework for thinking about computer organization and design that will enable the reader to continue the lifetime of learning necessary for staying at the forefront of this competitive discipline. --John Crawford Intel Fellow Director of Microprocessor Architecture, Intel The performance of software systems is dramatically affected by how well software designers understand the basic hardware technologies at work in a system. Similarly, hardware designers must understand the far reaching effects their design decisions have on software applications. For readers in either category, this classic introduction to the field provides a deep look into the computer. It demonstrates the relationship between the software and hardware and focuses on the foundational concepts that are the basis for current computer design. Using a distinctive learning by evolution approach the authors present each idea from its first principles, guiding readers through a series of worked examples that incrementally add more complex instructions until they ha
""This is the best book on SSL/TLS. Rescorla knows SSL/TLS as well as anyone and presents it both clearly and completely.... At times, I felt like he's been looking over my shoulder when I designed SSL v3. If network security matters to you, buy this book."" Paul Kocher, Cryptography Research, Inc. Co-Designer of SSL v3 " "Having the right crypto is necessary but not sufficient to having secure communications. If you're using SSL/TLS, you should have "SSL and TLS"sitting on your shelf right next to "Applied Cryptography." Bruce Schneier, Counterpane Internet Security, Inc. Author of "Applied Cryptography"" "Everything you wanted to know about SSL/TLS in one place. It covers the protocols down to the level of packet traces. It covers how to write software that uses SSL/TLS. And it contrasts SSL with other approaches. All this while being technically sound and readable!"" Radia Perlman, Sun Microsystems, Inc. Author of "Interconnections" Secure Sockets Layer (SSL) and its IETF successor, Transport Layer Security (TLS), are the leading Internet security protocols, providing security for e-commerce, web services, and many other network functions. Using SSL/TLS effectively requires a firm grasp of its role in network communications, its security properties, and its performance characteristics. "SSL and TLS" provides total coverage of the protocols from the bits on the wire up to application programming. This comprehensive book not only describes how SSL/TLS is supposed to behave but also uses the author's free ssldump diagnostic tool to show the protocols in action. The author covers each protocol feature, first explaining how it works and then illustrating it in a live implementation. This unique presentation bridges the difficult gap between specification and implementation that is a common source of confusion and incompatibility. In addition to describing the protocols, "SSL and TLS" delivers the essential details required by security architects, application designers, and software engineers. Use the practical design rules in this book to quickly design fast and secure systems using SSL/TLS. These design rules are illustrated with chapters covering the new IETF standards for HTTP and SMTP over TLS. Written by an experienced SSL implementor, "SSL and TLS" contains detailed information on programming SSL applications. The author discusses the common problems faced by implementors and provides complete sample programs illustrating the solutions in both C and Java. The sample programs use the free OpenSSL and PureTLS toolkits so the reader can immediately run the examples. 0201615983B04062001
Niels Ferguson, Bruce Schneier, Tadayoshi Kohno
The ultimate guide to cryptography, updated from an author team of the world's top cryptography experts. Cryptography is vital to keeping information safe, in an era when the formula to do so becomes more and more challenging. Written by a team of world-renowned cryptography experts, this essential guide is the definitive introduction to all major areas of cryptography: message security, key negotiation, and key management. You'll learn how to think like a cryptographer. You'll discover techniques for building cryptography into products from the start and you'll examine the many technical changes in the field. After a basic overview of cryptography and what it means today, this indispensable resource covers such topics as block ciphers, block modes, hash functions, encryption modes, message authentication codes, implementation issues, negotiation protocols, and more. Helpful examples and hands-on exercises enhance your understanding of the multi-faceted field of cryptography. An author team of internationally recognized cryptography experts updates you on vital topics in the field of cryptography Shows you how to build cryptography into products from the start Examines updates and changes to cryptography Includes coverage on key servers, message security, authentication codes, new standards, block ciphers, message authentication codes, and more Cryptography Engineering gets you up to speed in the ever-evolving field of cryptography.
Jonathan Katz, Yehuda Lindell
Cryptography plays a key role in ensuring the privacy and integrity of data and the security of computer networks. Introduction to Modern Cryptography provides a rigorous yet accessible treatment of modern cryptography, with a focus on formal definitions, precise assumptions, and rigorous proofs. The authors introduce the core principles of modern cryptography, including the modern, computational approach to security that overcomes the limitations of perfect secrecy. An extensive treatment of private-key encryption and message authentication follows. The authors also illustrate design principles for block ciphers, such as the Data Encryption Standard (DES) and the Advanced Encryption Standard (AES), and present provably secure constructions of block ciphers from lower-level primitives. The second half of the book focuses on public-key cryptography, beginning with a self-contained introduction to the number theory needed to understand the RSA, Diffie-Hellman, El Gamal, and other cryptosystems. After exploring public-key encryption and digital signatures, the book concludes with a discussion of the random oracle model and its applications. Serving as a textbook, a reference, or for self-study, Introduction to Modern Cryptography presents the necessary tools to fully understand this fascinating subject.
Russ Housley, Tim Polk
"Planning for PKI" examines this cornerstone Internet security technology.Written by the architects of the Internet Public Key Infrastructure (PKI),this book provides authoritative technical guidance for network engineers,architects, and managers who need to implement the right PKI architecture for their organization. Readers will learn that building a successful PKI is an on going process, not a one-time event. The authors discuss results and lessons learned from three early PKI deployments, helping readers avoid the pitfalls and emulate the successes of early PKI adopters. Using plain and direct language, the authors share their extensive knowledge of PKI standards development in the Internet Engineering Task Force (IETF) and elsewhere. Subtle points about the Internet PKI standards are liberally sprinkled throughout the book. These nuggets provide insight into the intent of some of the esoteric topics in the standards, enabling greater interoperability. "Planning for PKI" gathers the PKI state-of-the-art into one volume, covering everything from PKI history to emerging PKI-related technologies.
In the style of Richard Steven's “TCP/IP Illustrated, Vol. 2” and Maurice Bach's “The Design of the Unix Operating System”, this book will present, along with explanatory text, a complete C-language implementation of SSLv2, TLS 1.0 and TLS 1.2, including implementations of the relevant cryptographic protocols, secure hashing, and certificate parsing and generation. Topics covered: HTTP, HTTPS and HTTP proxy support (including how HTTP proxies interact with SSL) Symmetric cryptography, including DES, 3DES, AES and RC4, along with CBC, OFB, COUNTER and AEAD Public-key cryptography including RSA, Diffie-Hellman key exchange and Elliptic-curve cryptography Digital signature algorithms including RSA, DSA, ECDSA, SHA-1, MD5 and HMAC X.509 Certificates and ASN.1 SSLv2, TLS1.0 (client, server, and extensions), and TLS 1.2
Der Autor vermittelt eine solide Grundlage f r die Entwicklung leistungsstarker, skalierbarer und sicherer UNIX-Netzwerkanwendungen. Ausgehend von der Programmierung parallel zueinander arbeitender Prozesse erfolgt eine kompakte Einf hrung in die UNIX-Systemprogrammierung und in die Programmierung von POSIX-Threads (Pthreads), die insbesondere f r parallele Anwendungen Effizienzsteigerungen bietet. Anschlie_end wird die Entwicklung von Netzwerkanwendungen ausf hrlich dargelegt: basierend auf den Prinzipien des TCP/IP-Protokolls, wie z.B. Drei-Wege-Handshake, erfolgt eine fundierte Darstellung der Programmierung von UNIX-Sockets, dem De-facto-Standard f r die UNIX-Netzwerkprogrammierung, und aller wichtigen Socket-Funktionen und -Optionen sowie der IP-Namens- und IP-Adressumwandlungen. Der Autor legt damit ein solides Fundament f r die Entwicklung netzwerkfdhiger Anwendungen. Dabei wird auf Sicherheitsaspekte insbesondere durch die ausf hrliche Darstellung des SSL- und TLS-Protokolls eingegangen.
Kevin R. Fall, W. Richard Stevens
A major revision of the classic TCP/IP bestseller that has sold more than 162,000 units! * *W. Richard Stevens' legendary TCP/IP guide, now updated by top network protocol developer and instructor Kevin Fall. *Shows how each protocol actually operates, and explains why they work that way. *New coverage includes RPC, access control, authentication, privacy, NFS, SMB/CIFS, DHCP, NAT, firewalls, email, Web, web services, wireless, wireless security, and much more More than 162,000 networking professionals have relied on W. Richard Stevens' classic TCP/IP Illustrated, Volume 1 to gain the detailed understanding of TCP/IP they need to be effective. Now, the world's leading TCP/IP bestseller has been thoroughly updated to reflect a new generation of TCP/IPbased networking technologies. TCP/IP Illustrated, Volume 1, Second Edition doesn't just describe protocols: it enables readers to observe how these protocols operate under different conditions, using publicly available tools, and explains why key design decisions were made. The result: readers gain a deep understanding of how TCP/IP protocols function, and why they function that way. Now thoroughly updated by long-time networking expert Kevin Fall, this brand-new second edition's extensive new coverage includes: * *Remote procedure call. *Identity management (access control / authentication). *Network and transport layer security (authentication / privacy). *File access protocols, including NFS and SMB/CIFS. *Host initialization and DHCP. *NAT and firewalls. *E-mail. *Web and web services. *Wireless and wireless security. *New tools, including Ethereal, nmap and netcat
Nathan Yocom, John Turner, Keir Davis
The Definitive Guide to Linux Network Programming offers a clear, concise treatment of creating clients and servers under the Linux operating system. This book assumes that you know C and have experience developing code on Linux, but it provides everything else you'll need as a programmer for real-world network programming. Whether you’re a Windows developer looking to expand to Linux, or you’re a proficient Linux developer looking to incorporate client-server programming into your applications, this book has a wealth of invaluable information to suit your needs. This book covers design, implementation, debugging, and security. You’ll also learn about the many kinds of socket types, sessioned versus sessionless protocols, and encryption, as well as how to build a custom protocol, how to use SSL, and how to tunnel data. Table of Contents Networks and Protocols Functions Socket Programming Protocols, Sessions, and State Client-Server Architecture Implementing Custom Protocols Design Decisions Debugging and Development Cycle Case Study: A Networked Application Securing Network Communication Authentication and Data Signing Common Security Problems Case Study: A Secure Networked Application
Pro PayPal E-Commerce contains the most comprehensive collection of information on PayPal technologies. It takes the approach of PayPal as a digital money platform, and shows how its a dynamic service that offers far more than just payment processing. With its breadth of technologies and APIs, the PayPal platform is a basis for development and innovation for an unlimited number of possibilities. It offers a wide range of payment technologies, but its not always easy to decipher which technology is the best choice for a web site. This book gets under the hood to show you how the different technologies work, how to choose the right solution, and how to implement the solutioncomplete with real-world PayPal success stories. Youll learn how to integrate PayPal directly into web sites to make use of its payment technologies. This allows you, no matter what language you program in, to build shopping carts or similar channel products with PayPal as a payment option. You can also use this book to learn about the basics of e-commerce, where PayPal fits in, and how you can meet your own e-commerce needs. This book covers How PayPal works Using the PayPal API Website Payments Standard Website Payments Pro Instant Payment Notification Payment Data Transfer Encrypted Website Payments Administration Reporting Fraud protection Payflow Gateway Table of Contents Introduction to PayPal The PayPal Account Basic Website Payments Encrypted Website Payments Postpayment Processing The PayPal API Payflow Gateway Reporting Managing Online Disputes