SSL and TLS:
Designing and Building Secure Systems

Eric Rescorla

Addison-Wesley 2001
A book review by Danny Yee © 2001
Covering pretty much everything about the Secure Sockets Layer, in some depth, SSL and TLS is not for those who only want to get a secure web site up and running quickly. The layout makes it easy to browse just those portions that interest, however, and to skip unwanted detail, so it can be profitably used by those (like me) who are simply curious, as well as by protocol designers, application programmers, and SSL/TLS implementors. (It was nice to find Rescorla recognising the "just curious" in his preface.) A basic understanding of TCP/IP is all that's absolutely necessary to get something from SSL and TLS, but a solid understanding will be needed to follow its details.

Rescorla begins with a rapid introduction to security and cryptography and a brief history of SSL protocols (TLS or Transport Layer Security is the IETF-endorsed version). Two chapters then describe SSL itself, the first covering server authentication using RSA (the original motivation for SSL and still by far its most common use) and the second other algorithms (Kerberos, FORTEZZA) and modes such as client authentication and session resumption.

The remaining chapters cover specialised topics. A chapter on security looks at protecting keys, random number generation, certificate chain verification, and some of the known attacks on SSL, such as timing cryptanalysis and the "million message attack". A chapter on performance explains the basic problem (cryptography is expensive), then goes into the details of variations with algorithm and mode (and language, with C recommended over Java) and the use of hardware acceleration. There is also a chapter on designing with SSL and one on coding (and appendix A has forty-odd pages of sample code).

Two chapters consider special issues with running HTTP over SSL (HTTPS) and SMTP over TLS. Issues with HTTP include reference integrity (ensuring the client is talking to the server it thinks it's talking to), virtual hosts, proxies, and downgrade attacks. With SMTP relaying introduces major complications. A final chapter looks at some alternative approaches, most importantly IPsec, Secure HTTP, and S/MIME. This material provides some interesting examples of interaction between complex protocols.

Note: thanks to Timothy Lord for suggestions for this review.

March 2001

External links:
- buy from or
- details at Addison-Wesley
Related reviews:
- books about networking
- books published by Addison-Wesley
%T SSL and TLS
%S Designing and Building Secure Systems
%A Rescorla, Eric
%I Addison-Wesley
%D 2001
%O paperback, bibliography, index
%G ISBN 0201615983
%P xxv,499pp