Implementing SSL

I wrote this book because I'm fascinated (perhaps obsessed) with details. Although it was easy enough to find high-level descriptions of SSL/TLS, I couldn't find any clear documentation on precisely how it worked - how it fit together, why it was done the way it was done, what it protected against and what it didn't. As I began putting the pieces together in late 2008, I decided to collect what I had found with an eye toward putting it together into a journal or technical magazine article. Once I had written about 100 pages, I realized it might be worth pinging a few publishers to see if there might be some interest in expanding the whole thing into a full-blown book.

This book is targeted for people who, like me, want or need to know all of the details. As such, I tried to leave nothing out - I've learned the hard way, from past experience, that when something has gone wrong, it's always something that went wrong with one trivial detail that you thought was unimportant. For that reason, I covered the included topics as thoroughly as possible, to the point of including complete code samples for every subject. This book will walk you through every step of the SSL handshake as well as the encryption process, and should serve as an excellent companion reference to industrial-grade SSL/TLS libraries such as OpenSSL or GnuTLS. Even if you're just integrating one of these libraries into a larger project, I think you'll find that the whole process is much easier if you understand the details of the certificate authentication and handshaking process - so check it out! If you liked it (or even if you didn't), I'd love to hear from you.

Have a question about the content? Check out the discussion page.

My Book

I'm the author of the book "Implementing SSL/TLS Using Cryptography and PKI". Like the title says, this is a from-the-ground-up examination of the SSL protocol that provides security, integrity and privacy to most application-level internet protocols, most notably HTTP. I include the source code to a complete working SSL implementation, including the most popular cryptographic algorithms (DES, 3DES, RC4, AES, RSA, DSA, Diffie-Hellman, HMAC, MD5, SHA-1, SHA-256, and ECC), and show how they all fit together to provide transport-layer security.

My Picture

Joshua Davies

Past Posts