Preface

• Who is this book for
• What this book covers
• To get the most out of this book
• Conventions used
• Get in touch
• Share Your Thoughts

1. Part I Getting Started

2. Chapter 1: The Role of Cryptography in the Connected World FREE CHAPTER

• 1.1 Evolution of cryptography
• 1.2 The advent of TLS and the internet
• 1.3 Increasing connectivity
• 1.4 Increasing complexity
• 1.5 Example attacks
• 1.6 Summary

3. Chapter 2: Secure Channel and the CIA Triad

• 2.1 Technical requirements
• 2.2 Preliminaries
• 2.3 Confidentiality
• 2.4 Integrity
• 2.5 Authentication
• 2.6 Secure channels and the CIA triad
• 2.7 Summary

4. Chapter 3: A Secret to Share

• 3.1 Secret keys and Kerckhoffs’s principle
• 3.2 Cryptographic keys
• 3.3 Key space
• 3.4 Key length
• 3.5 Crypto-agility and information half-life
• 3.6 Key establishment
• 3.7 Randomness and entropy
• 3.8 Summary

5. Chapter 4: Encryption and Decryption

• 4.1 Preliminaries
• 4.2 Symmetric cryptosystems
• 4.3 Information-theoretical security (perfect secrecy)
• 4.4 Computational security
• 4.5 Pseudorandomness
• 4.6 Summary

6. Chapter 5: Entity Authentication

• 5.1 The identity concept
• 5.2 Authorization and authenticated key establishment
• 5.3 Message authentication versus entity authentication
• 5.4 Password-based authentication
• 5.5 Challenge-response protocols
• 5.6 Summary

7. Chapter 6: Transport Layer Security at a Glance

• 6.1 Birth of the World Wide Web
• 6.2 Early web browsers
• 6.3 From SSL to TLS
• 6.4 TLS overview
• 6.5 TLS version 1.2
• 6.6 TLS version 1.3
• 6.7 Major differences between TLS versions 1.3 and 1.2
• 6.8 Summary

8. Part II Shaking Hands

9. Chapter 7: Public-Key Cryptography

• 7.1 Preliminaries
• 7.2 Groups
• 7.3 The Diffie-Hellman key-exchange protocol
• 7.4 Security of Diffie-Hellman key exchange
• 7.5 The ElGamal encryption scheme
• 7.6 Finite fields
• 7.7 The RSA algorithm
• 7.8 Security of the RSA algorithm
• 7.9 Authenticated key agreement
• 7.10 Public-key cryptography in TLS 1.3
• 7.11 Hybrid cryptosystems
• 7.12 Summary

10. Chapter 8: Elliptic Curves

• 8.1 What are elliptic curves?
• 8.2 Elliptic curves as abelian groups
• 8.3 Elliptic curves over finite fields
• 8.4 Security of elliptic curves
• 8.5 Elliptic curves in TLS 1.3
• 8.6 Summary

11. Chapter 9: Digital Signatures

• 9.1 General considerations
• 9.2 RSA-based signatures
• 9.3 Digital signatures based on discrete logarithms
• 9.4 Digital signatures in TLS 1.3
• 9.5 Summary

12. Chapter 10: Digital Certificates and Certification Authorities

• 10.1 What is a digital certificate?
• 10.2 X.509 certificates
• 10.3 Main components of a public-key infrastructure
• 10.4 Rogue CAs
• 10.5 Digital certificates in TLS
• 10.6 Summary

13. Chapter 11: Hash Functions and Message Authentication Codes

• 11.1 The need for authenticity and integrity
• 11.2 What cryptographic guarantees does encryption provide?
• 11.3 One-way functions
• 11.4 Hash functions
• 11.5 Message authentication codes
• 11.6 MAC versus CRC
• 11.7 Hash functions in TLS 1.3
• 11.8 Summary

14. Chapter 12: Secrets and Keys in TLS 1.3

• 12.1 Key establishment in TLS 1.3
• 12.2 TLS secrets
• 12.3 KDFs in TLS
• 12.4 Updating TLS secrets
• 12.5 TLS keys
• 12.6 TLS key exchange messages
• 12.7 Summary

15. Chapter 13: TLS Handshake Protocol Revisited

• 13.1 TLS client state machine
• 13.2 TLS server state machine
• 13.3 Finished message
• 13.4 Early data
• 13.5 Post-handshake messages
• 13.6 OpenSSL s_client
• 13.7 Summary

16. Part III Off the Record

17. Chapter 14: Block Ciphers and Their Modes of Operation

• 14.1 The big picture
• 14.2 General principles
• 14.3 The AES block cipher
• 14.4 Modes of operation
• 14.5 Block ciphers in TLS 1.3
• 14.6 Summary

18. Chapter 15: Authenticated Encryption

• 15.1 Preliminaries
• 15.2 Authenticated encryption – generic composition
• 15.3 Security of generic composition
• 15.4 Authenticated ciphers
• 15.5 Counter with cipher block chaining message authentication code (CCM)
• 15.6 AEAD in TLS 1.3
• 15.7 Summary

19. Chapter 16: The Galois Counter Mode

• 16.1 Preliminaries
• 16.2 GCM security
• 16.3 GCM performance
• 16.4 Summary

20. Chapter 17: TLS Record Protocol Revisited

• 17.1 TLS Record protocol
• 17.2 TLS record layer
• 17.3 TLS record payload protection
• 17.4 Per-record nonce
• 17.5 Record padding
• 17.6 Limits on key usage
• 17.7 An experiment with the OpenSSL s_client
• 17.8 Summary

21. Chapter 18: TLS Cipher Suites

• 18.1 Symmetric cipher suites in TLS 1.3
• 18.2 Long-term security
• 18.3 ChaCha20
• 18.4 Poly1305
• 18.5 ChaCha20-Poly1305 AEAD construction
• 18.6 Mandatory-to-implement cipher suites
• 18.7 Summary

22. Part IV Bleeding Hearts and Biting Poodles

23. Chapter 19: Attacks on Cryptography

• 19.1 Preliminary remarks
• 19.2 Passive versus active attacks
• 19.3 Local versus remote attacks
• 19.4 Interactive versus non-interactive attacks
• 19.5 Attacks on cryptographic protocols
• 19.6 Attacks on encryption schemes
• 19.7 Attacks on hash functions
• 19.8 Summary

24. Chapter 20: Attacks on the TLS Handshake Protocol

• 20.1 Downgrade attacks
• 20.2 Logjam
• 20.3 SLOTH
• 20.4 Padding oracle attacks on TLS handshake
• 20.5 Bleichenbacher attack
• 20.6 Improvements of Bleichenbacher’s attack
• 20.7 Insecure renegotiation
• 20.8 Triple Handshake attack
• 20.9 Summary

25. Chapter 21: Attacks on the TLS Record Protocol

• 21.1 Lucky 13
• 21.2 POODLE
• 21.3 BEAST
• 21.4 Sweet32
• 21.5 Compression-based attacks
• 21.6 Summary

26. Chapter 22: Attacks on TLS Implementations

• 22.1 SMACK
• 22.2 FREAK
• 22.3 Truncation attacks
• 22.4 Heartbleed
• 22.5 Insecure encryption activation
• 22.6 Random number generation
• 22.7 BERserk attack
• 22.8 Cloudbleed
• 22.9 Timing attacks
• 22.10 Summary

27. Bibliography

28. Index

29. Other Books You Might Enjoy

• Packt is searching for authors like you
• Share Your Thoughts
• Download a free PDF copy of this book