SSL and TLS: Theory and Practice, Third Edition

A book written by Rolf Oppliger and published in 2023 by Artech House in the Information Security and Privacy Series (visit the Insider Blog)

ISBN: 978-1-68569-015-1

Order from US office of Artech House
Order from UK office of Artech House

Aims and Scope

This book provides a comprehensive introduction, detailed overview, and discussion of the SSL/TLS and DTLS protocols that are omnipresent on the Internet today.

Target Audience

The book is intended for anyone who has a basic understanding of cryptography and TCP/IP networking, and who wants to learn more about the SSL/TLS and DTLS protocols and their proper use. It speaks to theorists and practitioners.

Table of Contents

Preface
Acknowledgments
Chapter 1: Introduction (slide deck)
Chapter 2: SSL Protocol (slide deck)
Chapter 3: TLS Protocol (slide deck)
Chapter 4: DTLS Protocol (slide deck)
Chapter 5: Firewall Traversal (slide deck)
Chapter 6: Public Key Certificates and Internet PKI (slide deck)
Chapter 7: Concluding Remarks (slide deck)
Appendix A: Attacks Against SSL/TLS
Appendix B: TLS Cipher Suites
Appendix C: TLS Extensions
Appendix D: Abbreviations and Acronyms
About the Author
Index

Reviews

News

• A comprehensive 2024 survey on post-quantum TLS is available here.
• In 2023, it was shown that many TLS implementations are susceptible to the Marvin attack that is actually a reincarnation of the Bleichenbacher attack (cf. Appendix A.1).

Additional Material

• The slide decks itemized above can be used to teach courses and give lectures. They are preliminary and moving targets, meaning that they are permanently updated.
• Exemplary protocol transcripts in Wireshark’s packet capture (PCAP) format are available for TLS 1.2 and TLS 1.3 (see here to have Wireshark decrypt the SSL/TLS traffic).

Errata List