• Complain

Chandra Pravir Messier Matt Viega John - Network Security with OpenSSL: Cryptography for Secure Communications

Here you can read online Chandra Pravir Messier Matt Viega John - Network Security with OpenSSL: Cryptography for Secure Communications full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. City: Sebastopol, year: 2009, publisher: OReilly Media, Inc, genre: Romance novel. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

No cover

Network Security with OpenSSL: Cryptography for Secure Communications: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "Network Security with OpenSSL: Cryptography for Secure Communications" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

OpenSSL is a popular and effective open source version of SSL/TLS, the most widely used protocol for secure network communications. The only guide available on the subject, Network Security with OpenSSLdetails the challenges in securing network communications, and shows you how to use OpenSSL tools to best meet those challenges. Focused on the practical, this book provides only the information that is necessary to use OpenSSL safely and effectively. Read more...
Abstract: OpenSSL is a popular and effective open source version of SSL/TLS, the most widely used protocol for secure network communications. The only guide available on the subject, Network Security with OpenSSLdetails the challenges in securing network communications, and shows you how to use OpenSSL tools to best meet those challenges. Focused on the practical, this book provides only the information that is necessary to use OpenSSL safely and effectively

Chandra Pravir Messier Matt Viega John: author's other books


Who wrote Network Security with OpenSSL: Cryptography for Secure Communications? Find out the surname, the name of the author of the book and a list of all author's works by series.

Network Security with OpenSSL: Cryptography for Secure Communications — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Network Security with OpenSSL: Cryptography for Secure Communications" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make
Network Security with OpenSSL
John Viega
Matt Messier
Pravir Chandra
Editor
Laurie Petrycki

Copyright 2009 O'Reilly Media, Inc.

OReilly Media Dedication To the memory of Arthur J Zoebelein former Chief - photo 1

O'Reilly Media

Dedication

To the memory of Arthur J. Zoebelein, former Chief of the Office of Cryptologic Archives and History, National Security Agency

SPECIAL OFFER: Upgrade this ebook with OReilly

for more information on this offer!

Please note that upgrade offers are not available from sample content.

A Note Regarding Supplemental Files

Supplemental files and examples for this book can be found at http://examples.oreilly.com/9780596002701/. Please use a standard desktop web browser to access these files, as they may not be accessible from all ereader devices.

All code files or examples referenced in the book will be available online. For physical books that ship with an accompanying disc, whenever possible, weve posted all CD/DVD content. Note that while we provide as much of the media content as we are able via free download, we are sometimes limited by licensing restrictions. Please direct any questions or concerns to .

Preface
About This Book

The Internet is a dangerous place, more dangerous than most peoplerealize. Many technical people know that it'spossible to intercept and modify data on the wire, but few realizehow easy it actually is. If an application doesn'tproperly protect data when it travels an untrusted network, theapplication is a security disaster waiting to happen.

The ).

In this book, we'll teach developers andadministrators how to secure applications with OpenSSL. Wewon't just show you how to SSL-enable yourapplications, we'll be sure to introduce you to themost significant risks involved in doing so, and the methods formitigating those risks. These methods are important; it takes morework to secure an SSL-enabled application than most people think,especially when code needs to run in multithreaded, highlyinteroperable environments where efficiency is a concern.

OpenSSL is more than just a free implementation of SSL. It alsoincludes a general-purpose cryptographic library, which can be usefulfor situations in which SSL isn't an appropriatesolution. Working with cryptography at such a low level can bedangerous, since there are many pitfalls in applying cryptography ofwhich few developers are fully aware. Nonetheless, we do discuss theavailable functionality for those that wish to use it. Additionally,OpenSSL provides some high-level primitives, such as support for theS/MIME email standard.

The bulk of this book describes the OpenSSL library and the many waysto use it. We orient the discussion around working examples, insteadof simply providing reference material. We discuss all of the commonoptions OpenSSL users can support, as well as the securityimplications of each choice.

Depending on your needs, you may end up skipping around in this book.For people who want to use OpenSSL from the command line foradministrative tasks, everything they need is in the first threechapters. Developers interested in SSL-enabling an application canprobably read to understand all the code).

Here's an overview of the book'scontents:

This chapter introduces SSL and the OpenSSL library. We give anoverview of the biggest security risks involved with deploying thelibrary and discuss how to mitigate them at a high level. We alsolook at how to use OpenSSL along with Stunnel to secure third-partysoftware, such as POP servers that don't otherwisehave built-in SSL support.

Here we discuss how to use basic OpenSSL functionality from thecommand line, for those who wish to use OpenSSL interactively, callout to it from shell scripts, or interface with it from languageswithout native OpenSSL support.

This chapter explains the basics of Public Key Infrastructure (PKI),especially as it manifests itself in OpenSSL. This chapter isprimarily concerned with how to go about getting certificates for usein SSL, S/MIME, and other PKI-dependent cryptography. We also discusshow to manage your own PKI using the OpenSSL command line, if you sochoose.

In this chapter, we talk about the various low-level APIs that aremost important to OpenSSL. Some of these APIs need to be mastered inorder to make full use of the OpenSSL library. Particularly, we laythe foundation for enabling multithreaded application support andperforming robust error handling with OpenSSL. Additionally, wediscuss the OpenSSL IO API, its randomness API, its arbitraryprecision math API, and how to use cryptographic acceleration withthe library.

Here we discuss the ins and outs of SSL-enabling applications,particularly with SSLv3 and its successor, TLSv1. We not only coverthe basics but also go into some of the more obscure features ofthese protocols, such as session resumption, which is a tool that canhelp speed up SSL connection times in some circumstances.

This chapter covers everything you need to know to useOpenSSL's interface to secret-key cryptographicalgorithms such as Triple DES, RC4, and AES (the new AdvancedEncryption Standard). In addition to covering the standard API, weprovide guidelines on selecting algorithms that you should supportfor your applications, and we explain the basics of these algorithms,including different modes of operation, such as counter mode.Additionally, we talk about how to provide some security forUDP-based traffic, and discuss general considerations for securelyintegrating symmetric cryptography into your applications.

In this chapter, we discuss how to use nonreversible (one-way)cryptographic hash functions, often called message digest algorithms.We also show how to use Message Authentication Codes (MACs), whichcan be used to provide data integrity via a shared secret. We showhow to apply MACs to ensure that tampering with HTTP cookies will bedetected.

Here we talk about the various public key algorithms OpenSSL exports,including Diffie-Hellman key exchange, the Digital SignatureAlgorithm (DSA), and RSA. Additionally, we discuss how to read andwrite common storage formats for public keys.

This chapter describes how to use OpenSSL programmatically from Perlusing the Net::SSLeay package, from Python using the M2Cryptolibrary, and from PHP.

In this chapter, we discuss many of the more esoteric parts of theOpenSSL API that are still useful, including the OpenSSLconfiguration API, creating and using S/MIME email, and performingcertificate management programmatically.

Here we provide a reference to the many options in the OpenSSLcommand-line interface.

Additionally, the book's web site (http://www.opensslbook.com) contains APIreference material that supplements this book. We also give pointersto the official OpenSSL documentation.

Note that we do not cover using SSL from Apache. While Apache does use OpenSSL for itscryptography, it provides its own API for configuring everything.Covering that isn't in the scope of this book. Referto the Apache documentation, or the book Apache: TheDefinitive Guide by Ben Laurie and Peter Laurie(O'Reilly & Associates).

As we finish this book,OpenSSLis at Version 0.9.6c, and 0.9.7 is in feature freeze, though a finalrelease is not expected until well after this book'spublication. Additionally, we expect developers to have tointeroperate with 0.9.6 for some time. Therefore, we have gone out ofour way to support both versions. Usually, our discussion will applyto both 0.9.6 and 0.9.7 releases unless otherwise noted. If there arefeatures that were experimental in 0.9.6 and changed significantly in0.9.7 (most notably support for hardware acceleration), we tend toexplain only the 0.9.7 solution.

Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «Network Security with OpenSSL: Cryptography for Secure Communications»

Look at similar books to Network Security with OpenSSL: Cryptography for Secure Communications. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «Network Security with OpenSSL: Cryptography for Secure Communications»

Discussion, reviews of the book Network Security with OpenSSL: Cryptography for Secure Communications and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.