Bulletproof TLS and PKI

Understanding and deploying SSL/TLS and PKI to secure servers and web applications, by Ivan Ristić

For system administrators, developers, and IT security professionals, this book provides a comprehensive coverage of the ever-changing field of SSL/TLS and Internet PKI. Written by Ivan Ristić, a security researcher and author of SSL Labs, this book will teach you everything you need to know to protect your systems from eavesdropping and impersonation attacks.
The paperback is available to order from Amazon.com, Amazon.co.uk, Amazon.de, Amazon.ca, and other major book stores.

Buy Ebook £39 (about $53)

What's In The Book

Hover over the chapter list for more information about what's covered.

Part I: SSL/TLS and PKI

1. SSL, TLS, and Cryptography 2. TLS 1.3 3. TLS 1.2 4. Public Key Infrastructure

Part II: Problems and Attacks

5. Attacks against PKI 6. HTTP and Browser Issues 7. Implementation Issues 8. Protocol Attacks

Part III: Deployment and Development

9. Performance 10. HSTS, CSP, and Pinning 11. Configuration Guide

Part IV: OpenSSL Command-Line

12. Working with OpenSSL 13. Testing TLS servers with OpenSSL

Last update: January 2022
Digital formats: PDF, EPUB (no DRM) Print length: 512 pages
ISBN: 978-1907117091
Technical reviewers: Emily Stark and Matt Caswell

You are about to undertake a journey into the mysterious world of cryptography. If you are like me, and you find the experience equal parts challenging and rewarding, you may stay on this journey long after you finish reading this book. I am writing this in late 2021, seven years after the publication of the first edition, and my own journey is still very much ongoing. I don’t think it’s going to end any time soon.

I spent about two years writing the first edition of this book. At first, I thought I’d be able to spread the effort so that I wouldn’t have to work on it full time, but that didn’t work. At some point, I realized that things are changing so quickly that I constantly needed to go back and rewrite the chapters I thought were finished. I had to switch to working full time on this book after all.

I am now working on the second edition, and the situation is very similar. Since the first edition’s publication, TLS 1.3 was released, and that’s a brand-new protocol that has led to many other changes elsewhere. It’s not surprising that I needed to write a new chapter for TLS 1.3. But in the next three chapters I worked on, I made deep changes and added a great deal of new content throughout. More work followed. In the end, it took another two years to complete the second edition.

I wrote this book to save you time. I’ve spent many years learning everything I could about SSL/TLS and PKI and I know that only a few can afford to do the same. I thought that if I put the most important parts of what I’ve learned into a book, others might be able to achieve a similar level of understanding in a fraction of the time—and here we are.

Here's what changed since the first edition: 1) The TLS 1.3 chapter is brand new and the Configuration chapter has been completely rewritten; 2) With exception of possibly two chapters, most other chapters have seen heavy updates and rewrites; 3) The last four chapters from the first edition are no longer in the second. This blog post as well as this one detail the changes.

—Ivan Ristić

Part I: SSL/TLS and PKI

The first part, chapters 1 through 4, lays out the foundations with a discussion of cryptography, SSL, TLS, and PKI.

Chapter 1, SSL, TLS, and Cryptography, begins with an introduction to SSL and TLS and discusses where these secure protocols fit in the Internet infrastructure. The remainder of the chapter provides an introduction to cryptography and discusses the classic threat model of the active network attacker.

Chapter 2, TLS 1.3, focuses on the most recent TLS protocol revision. At the time of writing, TLS 1.3 is well supported by both clients and servers, and widely used. This is the chapter you should read to understand how things work today.

Chapter 3, TLS 1.2, discusses previous major revision, TLS 1.2, which is still very relevant and needed in practice. Understanding this protocol is also very useful to understand what improvements were made in TLS 1.3 and why. Information about earlier protocol revisions is provided where appropriate. An overview of the protocol evolution from SSL 3 onwards is included at the end for reference.

Chapter 4, Public Key Infrastructure, is an introduction to Internet PKI, which is the predominant trust model used on the Internet today. The focus is on the standards and organizations as well as governance, ecosystem weaknesses and possible future improvements. This chapter now includes coverage of Certificate Transparency.

Part II: Problems and Attacks

The second part, chapters 5 through 8, details the various problems with trust infrastructure, our security protocols, and their implementations in libraries and programs.

Chapter 5, Attacks against PKI, deals with attacks on the trust ecosystem. It covers all the major CA compromises, detailing the weaknesses, attacks, and consequences. This chapter gives a thorough historical perspective on the security of the PKI ecosystem, which is important for understanding its evolution.

Chapter 6, HTTP and Browser Issues, is all about the relationship between HTTP and TLS, the problems arising from the organic growth of the Web, and the messy interactions between different pieces of the web ecosystem.

Chapter 7, Implementation Issues, deals with issues arising from design and programming mistakes related to random number generation, certificate validation, and other key TLS and PKI functionality. In addition, it discusses voluntary protocol downgrade and truncation attacks, as well as high-profile issues, such as Heartbleed, FREAK, and Logjam.

Chapter 8, Protocol Attacks, is the longest chapter in the book. It covers all the major protocol flaws discovered in recent years: insecure renegotiation, BEAST, CRIME, Lucky 13, POODLE and POODLE TLS, RC4, TIME and BREACH, and Triple Handshake Attack. The newer ROBOT and Raccoon attacks are also there, among others. A brief discussion of Bullrun and its impact on the security of TLS is also included.

Part III: Deployment and Development

The third part, chapters 9 through 11, provides comprehensive advice about deploying TLS in a secure and efficient fashion.

Chapter 9, Performance, focuses on the speed of TLS, going into great detail about various performance improvement techniques for those who want to squeeze every bit of speed out of their servers.

Chapter 10, HSTS, CSP, and Pinning, covers some advanced topics that strengthen web applications, such as HTTP Strict Transport Security and Content Security Policy. It also covers pinning, which is an effective way of reducing the large attack surface imposed by our current PKI model.

Chapter 11, TLS Configuration Guide, is the map for the entire book and provides step-by-step instructions on how to deploy secure and well-performing TLS servers and web applications. This chapter has effectively been rewritten for the second edition

Part IV: OpenSSL Command-Line

The fourth and final part consists of chapters 12 and 13, which focus on OpenSSL, the de facto standard for everyday TLS and PKI work on the command line.

Chapter 12, OpenSSL, describes the most frequently used OpenSSL functionality, with a focus on installation, configuration, and key and certificate management. The last section in this chapter provides instructions on how to construct and manage a private certification authority.

Chapter 13, Testing with OpenSSL, continues with OpenSSL and explains how to use its command-line tools to test server configuration. Even though it’s often much easier to use an automated tool for testing, OpenSSL remains the tool you turn to when you want to be sure about what’s going on.

Testimonials

“The most comprehensive book about deploying TLS in the real world!

Nasko Oskov, Chrome Security developer and former SChannel developer

“Meticulously researched.

Eric Lawrence, Fiddler author and former Internet Explorer Program Manager

“The most to the point and up to date book about SSL/TLS I've read.

Jakob Schlyter, IT security advisor and DANE co-author

“Ivan wrote a real page turner that can be used as both a point of reference and read from cover to cover with ease. Every page reveals more about what I don't know and anyone experienced in the industry will appreciate the feeling as you can't fix what you don't know is broken.”

Anonymous, via Amazon.com

“This book has something to offer for everyone. The ebook was updated in a matter of days as new relevant information became available.

Kevin Jones, via Amazon.com

“What's not to love? It's a very comprehensive guide. I constantly forget the details of SSL/TLS and frequently must refer to this book.

Spencer Williams, via Amazon.com

“Not only is the book technically on-spot, Ivan has made the book accessible and easy to follow.

Chris Kissel, via Amazon.com

“Hands down the best book on TLS I've found. A must read for those wanting to understand how Internet security works.

Walrus, via Amazon.com

“Page 40 of 500 odd, already more than paid for itself.

CryptoStev, via Twitter

“Comprehensive, thorough, and an engaging book—a rare combination, especially for a field that is mired in jargon and subtle but critical technical insights. Imagine sitting down with an expert for a (long) cup of coffee, and getting an end-to-end story on SSL/TLS.

Ilya Grigorik, author of High Performance Browser Networking

“Tremendous guide on how to correctly deploy TLS by one of the top experts in the field.

Ben Rothke, via Amazon.com

“This book is outstanding. Without it, one would have to navigate through a large quantity of unrelated documentation from different companies and spend significant effort in piecing it together.

Wolt, via Amazon.com

“Great read. Great reference. Should be in your library.

Dave, via Amazon.co.uk

“A book totally suitable for those who want to understand in depth how the universe of digital certificates works. Easy and extremely well-grounded reading through the use of an infinite number of references. A great acquisition.

Antonio Cosme, via Amazon Brazil

“Helped me better understand the various implementations and how to score the risks when assessing systems. The text and footnotes have led me to answers for all of the questions I've had so far. Highly recommended.

Bryan Egan, via Amazon.com

“You have to simply LOVE the fact that @ivanristic keeps updating his book.

Martin Schmiedecker, via Twitter

“The best TLS book out there, should carry a $200 price tag and that would still be a bargain.

Amin Khoshnoodr, via Twitter

“By far, the best book I've ever read about SSL and TLS.

Simone Carletti, via Amazon Italy

Sample Chapters

If you'd like to get a better look at Bulletproof TLS and PKI before you consider buying, take a look at the PDF sample, which includes the Table of Contents, Preface, Chapter 1 (an introduction to SSL/TLS and cryptography), and the index.

Should you want to see more, we publish two OpenSSL chapters as a standalone free book called OpenSSL Cookbook.

About the Author

Ivan Ristić writes computer security books and builds security products. His book Bulletproof TLS and PKI, the result of more than a decade of research and study, is widely recognised as the de facto SSL/TLS and PKI reference manual. His work on SSL Labs made millions of web sites more secure. Before that, he created ModSecurity, a leading open-source web application firewall.

More recently, Ivan founded Hardenize—now part of Red Sift—as a platform for continuous discovery and monitoring of network infrastructure. He now works as Chief Scientist at Red Sift.