KEMBAR78
Web Security With SSL | PDF | Transport Layer Security | Public Key Certificate
0% found this document useful (0 votes)
100 views2 pages

Web Security With SSL

This document covers web security using SSL/TLS protocols across 5 chapters. Chapter 1 introduces web security, the history of SSL and TLS, and limitations of security protocols. Chapter 2 discusses cryptography techniques used in SSL/TLS like secret key cryptography, public key cryptography, and certificates. Chapter 3 describes the SSL operation process, including handshake messages and establishing encrypted communications. Chapter 4 discusses advanced SSL features and compatibility with previous versions. Chapter 5 provides a checklist for ensuring SSL security.

Uploaded by

Mangesh Abnave
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
100 views2 pages

Web Security With SSL

This document covers web security using SSL/TLS protocols across 5 chapters. Chapter 1 introduces web security, the history of SSL and TLS, and limitations of security protocols. Chapter 2 discusses cryptography techniques used in SSL/TLS like secret key cryptography, public key cryptography, and certificates. Chapter 3 describes the SSL operation process, including handshake messages and establishing encrypted communications. Chapter 4 discusses advanced SSL features and compatibility with previous versions. Chapter 5 provides a checklist for ensuring SSL security.

Uploaded by

Mangesh Abnave
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

Web Security with SSL/TLS

Module 1 Introduction
Web Security and Electronic Commerce
History of ssl and tls
Approaches to Network Security
Separate Security Protocol
Application-Specific Security
Security within Core Protocols
Parallel Security Protocol
Protocol Limitations
Fundamental Protocol Limitations
Tool Limitation
Environmental Limitations

Module 2 Basic Cryptography


Using Cryptography
Keeping Secrets
Proving Identity
Verifying Information
Types of Cryptography
Secret Key Cryptography
Public Key Cryptography
Combining Secret & Public Key Cryptography
Key Management
Public Key Certificates
Certificate Authorities
Certificate Hierarchies
Certificate Revocation Lists

Chapter 3 SSL Operation


SSL Roles
SSL Messages
Establishing Encrypted Communications
ClientHello
ServerHello
ServerKeyExchange
ServerHelloDone
ClientKeyExchange
ChangeCipherSpec
Finished
Ending Secure Communications
Authenticating the Server’s Identity
Certificate
ClientKeyExchange
Separating Encryption from Authentication
Certificate
ServerKeyExchange
ClientKeyExchange
Authenticating the Client’s Identity
CertificateRequest
Certificate
CertificateVerify
Resuming a Previous Session

Chapter 4: Advanced SSL


Compatibility with Previous Versions
Negotiating ssl Versions
SSL Version 2.0 ClientHello
SSL Version 2.0 Cipher Suites
Netscape International Step-Up
Server Components
Client Components
Controlling Full-Strength Encryption
Microsoft Server Gated Cryptography
Server Gated Cryptography Certificates
Cipher Suite Renegotiation
The Transport Layer Security Protocol
TLS Protocol Version
Alert Protocol Message Types
Message Authentication
Key Material Generation
CertificateVerify
Baseline Cipher Suites
Interoperability with SSL
The Future of ssl and tls

Chapter 5 SSL Security Checklist


Authentication Issues
Certificate Authority
Certificate Signature
Certificate Validity Times
Certificate Revocation Status
Certificate Subject
Diffie-Hellman Trapdoors
Algorithm Rollback
Dropped ChangeCipherSpec Messages
Encryption Issues
Encryption Key Size
Traffic Analysis
The Bleichenbacher Attack
General Issues
RSA Key Size Version Rollback Attacks
Premature Closure
SessionID Values
Random Number Generation
Random Number Seeding

You might also like