SmartSellTM - The New Way to Sell Online

We won't be beaten by anyone. Guaranteed

Network Security with OpenSSL
By

Rating
This volume is designed to enable developers to use The OpenSSL library more effectively. It offers guidance on avoiding pitfalls, while taking advantage of the library's advanced features and provides the information necessary to use OpenSSL safely and effectively. In step-by-step fashion, the book details the challenges in securing network communications, and shows you how to use OpenSSL tools to best meet those challenges. System and network administrator should benefit from the thorough treatment of the OpenSSL command-line interface, as well as from step-by-step directions for obtaining certificates and setting up certification authority. Developer should benefit from the in-depth discussions and examples of how to use OpenSSL in their own programs. Although OpenSSL is written in C, information on how to use OpenSSL with Perl, Python and PHP is also included.
Product Details

Table of Contents

Preface 1. Introduction Cryptography for the Rest of Us Overview of SSL Problems with SSL What SSL Doesn't Do Well OpenSSL Basics Securing Third-Party Software 2. Command-Line Interface The Basics Message Digest Algorithms Symmetric Ciphers Public Key Cryptography S/MIME Passwords and Passphrases Seeding the Pseudorandom Number Generator 3. Public Key nfrastructure (PKI) Certificates Obtaining a Certificate Setting Up a Certification Authority 4. Support Infrastructure Multithread Support Internal Error Handling Abstract Input/Output Random Number Generation Arbitrary Precision Math Using Engines 5. SSL/TLS Programming Programming with SSL Advanced Programming with SSL 6. Symmetric Cryptography Concepts in Symmetric Cryptography Encrypting with the EVP API General Recommendations 7. Hashes and MACs Overview of Hashes and MACs Hashing with the EVP API Using MACs Secure HTTP Cookies 8. Public Key Algorithms When to Use Public Key Cryptography Diffie-Hellman Digital Signature Algorithm (DSA) RSA The EVP Public Key Interface Encoding and Decoding Objects 9. OpenSSL in Other Languages Net::SSLeay for Perl M2Crypto for Python OpenSSL Support in PHP 10. Advanced Programming Topics Object Stacks Configuration Files X.509 PKCS7 and S/MIME PKCS12 Appendix: Command-Line Reference Index

About the Author

John Viega, well known in the field of software security, has authored and co-authored several books and over 50 articles - including 15 academic research papers - primarily on this topic. He is a contributor to George Reese's forthcoming O'Reilly book, Java Enterprise Architecture and co-authored a lengthy appendix to the Wiley book Securing Java (McGraw and Felten). Matt Messier has been writing free software for 11 years. In the early '90s, he wrote prominent software for BBSs, including ProChat, an external door program for PCBoard systems running multiple nodes in a network environment (LANtastic or Novell). The past five years, he contracted to Lotus as a software engineer working on Lotus 1-2-3, Freelance Graphics. Matt has integrated OpenSSL with the LPC programming language, and used it to add SSL support to several real-world applications, including a telnet implementation. Pravir Chandra, programming since he was 14, became interested in security at Case Western University, where he gained work-related experience in secure network design, computer forensics, secure software design and programming language-level security. He became an expert on language-level security. Pavil's extensive work on open-source projects include an entropy collection system and cryptographic random number generation implementation for the Linux kernel, and RATS (Rough Auditing Tool for Security), a program that drastically reduces the man hours required to perform source audits.

Reviews

"If you have struggled with OpenSSL and the supplied documentation then you will regret the amount of time that you have wasted before finding this book. If you are planning to use OpenSSL then you need to buy a copy - it's essential reading. What is more surprising is that even if you don't plan to use OpenSSL, then downloading it and trying out the examples in the book could be the education in practical cryptography you really need. What more can I say of any book, other than that I certainly won't be lending it to anyone else? It's going to remain firmly chained to my bookshelf for the foreseeable future - and no, you can't borrow it." - Mike James, VSJ, October 2003

Look for similar items by category
People also searched for
How Fishpond Works
Fishpond works with suppliers all over the world to bring you a huge selection of products, really great prices, and delivery included on over 25 million products that we sell. We do our best every day to make Fishpond an awesome place for customers to shop and get what they want — all at the best prices online.
Webmasters, Bloggers & Website Owners
You can earn a 5% commission by selling Network Security with OpenSSL on your website. It's easy to get started - we will give you example code. After you're set-up, your website can earn you money while you work, play or even sleep! You should start right now!
Authors / Publishers
Are you the Author or Publisher of a book? Or the manufacturer of one of the millions of products that we sell. You can improve sales and grow your revenue by submitting additional information on this title. The better the information we have about a product, the more we will sell!
Item ships from and is sold by Fishpond.com, Inc.
Back to top