Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
TLS Cryptography In-Depth

You're reading from   TLS Cryptography In-Depth Explore the intricacies of modern cryptography and the inner workings of TLS

Arrow left icon
Product type Paperback
Published in Jan 2024
Publisher Packt
ISBN-13 9781804611951
Length 712 pages
Edition 1st Edition
Arrow right icon
Authors (2):
Arrow left icon
Dr. Roland Schmitz Dr. Roland Schmitz
Author Profile Icon Dr. Roland Schmitz
Dr. Roland Schmitz
Dr. Paul Duplys Dr. Paul Duplys
Author Profile Icon Dr. Paul Duplys
Dr. Paul Duplys
Arrow right icon
View More author details
Toc

Table of Contents (30) Chapters Close

Preface 1. Part I Getting Started
2. Chapter 1: The Role of Cryptography in the Connected World FREE CHAPTER 3. Chapter 2: Secure Channel and the CIA Triad 4. Chapter 3: A Secret to Share 5. Chapter 4: Encryption and Decryption 6. Chapter 5: Entity Authentication 7. Chapter 6: Transport Layer Security at a Glance 8. Part II Shaking Hands
9. Chapter 7: Public-Key Cryptography 10. Chapter 8: Elliptic Curves 11. Chapter 9: Digital Signatures 12. Chapter 10: Digital Certificates and Certification Authorities 13. Chapter 11: Hash Functions and Message Authentication Codes 14. Chapter 12: Secrets and Keys in TLS 1.3 15. Chapter 13: TLS Handshake Protocol Revisited 16. Part III Off the Record
17. Chapter 14: Block Ciphers and Their Modes of Operation 18. Chapter 15: Authenticated Encryption 19. Chapter 16: The Galois Counter Mode 20. Chapter 17: TLS Record Protocol Revisited 21. Chapter 18: TLS Cipher Suites 22. Part IV Bleeding Hearts and Biting Poodles
23. Chapter 19: Attacks on Cryptography 24. Chapter 20: Attacks on the TLS Handshake Protocol 25. Chapter 21: Attacks on the TLS Record Protocol 26. Chapter 22: Attacks on TLS Implementations 27. Bibliography
28. Index
29. Other Books You Might Enjoy

Preface

Hello and welcome to TLS Cryptography In-Depth!

As you perhaps know, there are already many excellent books on cryptography out there, written by renowned experts in the field. So why did we write yet another?

First of all, we wanted to make cryptography easier to grasp by showing how the theory of cryptography is used in real-world cryptographic applications. It is impossible to provide a serious introduction to cryptography without delving deeply into abstract mathematical concepts, and this book is no exception. But oftentimes, these mathematical concepts are presented in a way that is difficult for a beginner to follow, and particularly to relate theory to practice, so it takes a lot of patience and energy until you get to the seemingly far-away applications. Finally, these applications are often presented quite briefly, almost like an afterthought.

Yet applications of cryptography profoundly affect our daily lives and are not remote at all. Perhaps most importantly, practically everybody who is surfing the web today uses web addresses starting with https, which stands for Hypertext Transport Protocol Secure, and the Secure part is realized by a cryptographic protocol called Transport Layer Security, or TLS for short. If you are using the Firefox browser, for example, and click on the padlock icon next to the URL you are visiting, a few clicks later, you will arrive at the technical details of the Security tab of the page info. Here, a typical entry could be as follows:

   TLS_AES_128_GCM_SHA256, 128 bit keys, TLS 1.3

What do these abbreviations mean? Is this really a secure connection? Providing you with the knowledge necessary to answer these questions is one of the main goals of this book.

As we will see, much of present-day cryptography comes together in TLS. We therefore use TLS not just as an application but as a leitmotif of our book. That is, all cryptographic concepts are ultimately motivated by their appearance within the TLS protocol, and advanced cryptanalytic techniques such as linear and differential cryptanalysis are discussed only if they affect TLS protocol design.

TLS is a rather old protocol: its first version dates back to 1994 (under the name Secure Sockets Layer, or SSL). In 2018, TLS underwent a major revision: not only were many old, insecure cryptographic options deprecated but also protocol messages and their sequence were changed in the latest TLS version, 1.3. The underlying internet standard, IETF RFC 8446, however, is rather complex, densely written, and provides little in the way of motivation.

Therefore, our second reason for writing this book was to show how the design of TLS 1.3 is motivated by good cryptographic practices and earlier cryptographic attacks. Very often, we also dive deeply into TLS 1.3 specification and investigate the meaning of its various data structures. Therefore, you may also read this book as a detailed introduction to the TLS protocol and its nuts and bolts, or use it as a companion to IETF RFC 8446.

lock icon The rest of the chapter is locked
Next Section arrow right
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime