Assessing SSL implementation security

For decades, people have been using encryption, hashing, and key exchange mechanisms to securely communicate information over untrusted networks. They will use complex and convoluted combinations of hashing, encrypting, and exchanging of cryptographic primitives to establish a secure communication channel. The SSL and TLS family of protocols are a set of rules specifying how cryptographic primitives, communication data, and other attributes of communication are managed in order to ensure secure conversations from client to server and vice versa.

Unfortunately, many SSL/TLS versions have suffered a number of devastating vulnerabilities throughout their existence. Some of the attacks published have only surfaced ...

Get Penetration Testing with the Bash shell now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.