| Foreword | p. xiii |
| Preface | p. xvii |
| Safe Initialization | p. 1 |
| Sanitizing the Environment | p. 1 |
| Restricting Privileges on Windows | p. 7 |
| Dropping Privileges in setuid Programs | p. 16 |
| Limiting Risk with Privilege Separation | p. 20 |
| Managing File Descriptors Safely | p. 23 |
| Creating a Child Process Securely | p. 26 |
| Executing External Programs Securely | p. 28 |
| Executing External Programs Securely | p. 33 |
| Disabling Memory Dumps in the Event of a Crash | p. 35 |
| Access Control | p. 38 |
| Understanding the Unix Access Control Model | p. 38 |
| Understanding the Windows Access Control Model | p. 41 |
| Determining Whether a User Has Access to a File on Unix | p. 43 |
| Determining Whether a Directory Is Secure | p. 45 |
| Erasing Files Securely | p. 47 |
| Accessing File Information Securely | p. 53 |
| Restricting Access Permissions for New Files on Unix | p. 55 |
| Locking Files | p. 57 |
| Synchronizing Resource Access Across Processes on Unix | p. 60 |
| Synchronizing Resource Access Across Processes on Windows | p. 63 |
| Creating Files for Temporary Use | p. 65 |
| Restricting Filesystem Access on Unix | p. 68 |
| Restricting Filesystem and Network Access on FreeBSD | p. 69 |
| Input Validation | p. 71 |
| Understanding Basic Data Validation Techniques | p. 71 |
| Preventing Attacks on Formatting Functions | p. 75 |
| Preventing Buffer Overflows | p. 78 |
| Using the SafeStr Library | p. 85 |
| Preventing Integer Coercion and Wrap-Around Problems | p. 88 |
| Using Environment Variables Securely | p. 92 |
| Validating Filenames and Paths | p. 97 |
| Evaluating URL Encodings | p. 99 |
| Validating Email Addresses | p. 101 |
| Preventing Cross-Site Scripting | p. 103 |
| Preventing SQL Injection Attacks | p. 107 |
| Detecting Illegal UTF-8 Characters | p. 110 |
| Preventing File Descriptor Overflows When Using select() | p. 112 |
| Symmetric Cryptography Fundamentals | p. 116 |
| Representing Keys for Use in Cryptographic Algorithms | p. 117 |
| Generating Random Symmetric Keys | p. 119 |
| Representing Binary Keys (or Other Raw Data) as Hexadecimal | p. 120 |
| Turning ASCII Hex Keys (or Other ASCII Hex Data) into Binary | p. 121 |
| Performing Base64 Encoding | p. 123 |
| Performing Base64 Decoding | p. 125 |
| Representing Keys (or Other Binary Data) as English Text | p. 128 |
| Converting Text Keys to Binary Keys | p. 130 |
| Using Salts, Nonces, and Initialization Vectors | p. 133 |
| Deriving Symmetric Keys from a Password | p. 136 |
| Algorithmically Generating Symmetric Keys from One Base Secret | p. 141 |
| Encrypting in a Single Reduced Character Set | p. 146 |
| Managing Key Material Securely | p. 149 |
| Timing Cryptographic Primitives | p. 150 |
| Symmetric Encryption | p. 155 |
| Deciding Whether to Use Multiple Encryption Algorithms | p. 155 |
| Figuring Out Which Encryption Algorithm Is Best | p. 156 |
| Selecting an Appropriate Key Length | p. 160 |
| Selecting a Cipher Mode | p. 162 |
| Using a Raw Block Cipher | p. 171 |
| Using a Generic CBC Mode Implementation | p. 175 |
| Using a Generic CFB Mode Implementation | p. 186 |
| Using a Generic OFB Mode Implementation | p. 192 |
| Using a Generic CTR Mode Implementation | p. 197 |
| Using CWC Mode | p. 202 |
| Manually Adding and Checking Cipher Padding | p. 205 |
| Precomputing Keystream in OFB, CTR, CCM, or CWC Modes (or with Stream Ciphers) | p. 207 |
| Parallelizing Encryption and Decryption in Modes That Allow It (Without Breaking Compatibility) | p. 208 |
| Parallelizing Encryption and Decryption in Arbitrary Modes (Breaking Compatibility) | p. 212 |
| Performing File or Disk Encryption | p. 213 |
| Using a High-Level, Error-Resistant Encryption and Decryption API | p. 217 |
| Performing Block Cipher Setup (for CBC, CFB, OFB, and ECB Modes) in OpenSSL | p. 221 |
| Using Variable Key-Length Ciphers in OpenSSL | p. 226 |
| Disabling Cipher Padding in OpenSSL in CBC Mode | p. 227 |
| Performing Additional Cipher Setup in OpenSSL | p. 228 |
| Querying Cipher Configuration Properties in OpenSSL | p. 229 |
| Performing Low-Level Encryption and Decryption with OpenSSL | p. 230 |
| Setting Up and Using RC4 | p. 233 |
| Using One-Time Pads | p. 236 |
| Using Symmetric Encryption with Microsoft's CryptoAPI | p. 237 |
| Creating a CryptoAPI Key Object from Raw Key Data | p. 244 |
| Extracting Raw Key Data from a CryptoAPI Key Object | p. 246 |
| Hashes and Message Authentication | p. 249 |
| Understanding the Basics of Hashes and MACs | p. 249 |
| Deciding Whether to Support Multiple Message Digests or MACs | p. 253 |
| Choosing a Cryptographic Hash Algorithm | p. 254 |
| Choosing a Message Authentication Code | p. 258 |
| Incrementally Hasing Data | p. 262 |
| Hashing a Single String | p. 267 |
| Using a Cryptographic Hash | p. 269 |
| Using a Nonce to Protect Against Birthday Attacks | p. 270 |
| Checking Message Integrity | p. 274 |
| Using HMAC | p. 276 |
| Using OMAC (a Simple Block Cipher-Based MAC) | p. 280 |
| Using HMAC or OMAC with a Nonce | p. 285 |
| Using a MAC That's Reasonably Fast in Software and Hardware | p. 286 |
| Using a MAC That's Optimized for Software Speed | p. 287 |
| Constructing a Hash Function from a Block Cipher | p. 291 |
| Using a Block Cipher to Build a Full-Strength Hash Function | p. 294 |
| Using Smaller MAC Tags | p. 298 |
| Making Encryption and Message Integrity Work Together | p. 298 |
| Making Your Own MAC | p. 300 |
| Encrypting with a Hash Function | p. 301 |
| Securely Authenticating a MAC (Thwarting Capture Replay Attacks) | p. 303 |
| Parallelizing MACs | p. 304 |
| Public Key Cryptography | p. 307 |
| Determining When to Use Public Key Cryptography | p. 309 |
| Selecting a Public Key Algorithm | p. 311 |
| Selecting Public Key Sizes | p. 312 |
| Manipulating Big Numbers | p. 315 |
| Generating a Prime Number (Testing for Primality) | p. 323 |
| Generating an RSA Key Pair | p. 327 |
| Disentangling the Public and Private Keys in OpenSSL | p. 329 |
| Converting Binary Strings to Integers for Use with RSA | p. 330 |
| Converting Integers into Binary Strings for Use with RSA | p. 331 |
| Performing Raw Encryption with an RSA Public Key | p. 332 |
| Performing Raw Decryption Using an RSA Private Key | p. 336 |
| Signing Data Using an RSA Private Key | p. 338 |
| Verifying Signed Data Using an RSA Public Key | p. 340 |
| Securely Signing and Encrypting with RSA | p. 343 |
| Using the Digital Signature Algorithm (DSA) | p. 347 |
| Representing Public Keys and Certificates in Binary (DER Encoding) | p. 352 |
| Representing Keys and Certificates in Plaintext (PEM Encoding) | p. 355 |
| Authentication and Key Exchange | p. 362 |
| Choosing an Authentication Method | p. 362 |
| Getting User and Group Information on Unix | p. 372 |
| Getting User and Group Information on Windows | p. 375 |
| Restricting Access Based on Hostname or IP Address | p. 379 |
| Generating Random Passwords and Passphrases | p. 387 |
| Testing the Strength of Passwords | p. 391 |
| Prompting for a Password | p. 392 |
| Throttling Failed Authentication Attempts | p. 398 |
| Performing Password-Based Authentication with crypt() | p. 400 |
| Performing Password-Based Authentication with MD5-MCF | p. 402 |
| Performing Password-Based Authentication with PBKDF2 | p. 408 |
| Authenticating with PAM | p. 411 |
| Authenticating with Kerberos | p. 414 |
| Authenticating with HTTP Cookies | p. 419 |
| Performing Password-Based Authentication and Key Exchange | p. 422 |
| Performing Authenticated Key Exchange Using RSA | p. 429 |
| Using Basic Diffie-Hellman Key Agreement | p. 432 |
| Using Diffie-Hellman and DSA Together | p. 436 |
| Minimizing the Window of Vulnerability When Authenticating Without a PKI | p. 438 |
| Providing Forward Secrecy in a Symmetric System | p. 444 |
| Ensuring Forward Secrecy in a Public Key System | p. 445 |
| Confirming Requests via Email | p. 447 |
| Networking | p. 454 |
| Creating an SSL Client | p. 455 |
| Creating an SSL Server | p. 457 |
| Using Session Caching to Make SSL Servers More Efficient | p. 460 |
| Securing Web Communication on Windows Using the WinInet API | p. 463 |
| Enabling SSL without Modifying Source Code | p. 468 |
| Using Kerberos Encryption | p. 470 |
| Performing Interprocess Communication Using Sockets | p. 475 |
| Performing Authentication with Unix Domain Sockets | p. 482 |
| Performing Session ID Management | p. 486 |
| Securing Database Connections | p. 487 |
| Using a Virtual Private Network to Secure Network Connections | p. 490 |
| Building an Authenticated Secure Channel Without SSL | p. 491 |
| Public Key Infrastructure | p. 502 |
| Understanding Public Key Infrastructure (PKI) | p. 502 |
| Obtaining a Certificate | p. 513 |
| Using Root Certificates | p. 519 |
| Understanding X.509 Certificate Verification Methodology | p. 522 |
| Performing X.509 Certificate Verification with OpenSSL | p. 525 |
| Performing X.509 Certificate Verification with CryptoAPI | p. 530 |
| Verifying an SSL Peer's Certificate | p. 535 |
| Adding Hostname Checking to Certificate Verification | p. 539 |
| Using a Whitelist to Verify Certificates | p. 544 |
| Obtaining Certificate Revocation Lists with OpenSSL | p. 547 |
| Obtaining CRLs with CryptoAPI | p. 556 |
| Checking Revocation Status via OCSP with OpenSSL | p. 562 |
| Random Numbers | p. 568 |
| Determining What Kind of Random Numbers to Use | p. 568 |
| Using a Generic API for Randomness and Entropy | p. 573 |
| Using the Standard Unix Randomness Infrastructure | p. 575 |
| Using the Standard Windows Randomness Infrastructure | p. 580 |
| Using an Application-Level Generator | p. 581 |
| Reseeding a Pseudo-Random Number Generator | p. 591 |
| Using an Entropy Gathering Daemon--Compatible Solution | p. 594 |
| Getting Entropy or Pseudo-Randomness Using EGADS | p. 599 |
| Using the OpenSSL Random Number API | p. 603 |
| Getting Random Integers | p. 605 |
| Getting a Random Integer in a Range | p. 606 |
| Getting a Random Floating-Point Value with Uniform Distribution | p. 608 |
| Getting Floating-Point Values with Nonuniform Distributions | p. 609 |
| Getting a Random Printable ASCII String | p. 611 |
| Shuffling Fairly | p. 612 |
| Compressing Data with Entropy into a Fixed-Size Seed | p. 613 |
| Getting Entropy at Startup | p. 614 |
| Statistically Testing Random Numbers | p. 615 |
| Performing Entropy Estimation and Management | p. 621 |
| Gathering Entropy from the Keyboard | p. 630 |
| Gathering Entropy from Mouse Events on Windows | p. 638 |
| Gathering Entropy from Thread Timings | p. 643 |
| Gathering Entropy from System State | p. 644 |
| Anti-Tampering | p. 647 |
| Understanding the Problem of Software Protection | p. 648 |
| Detecting Modification | p. 653 |
| Obfuscating Code | p. 658 |
| Performing Bit and Byte Obfuscation | p. 664 |
| Performing Constant Transforms on Variables | p. 667 |
| Merging Scalar Variables | p. 667 |
| Splitting Variables | p. 669 |
| Disguising Boolean Values | p. 670 |
| Using Function Pointers | p. 671 |
| Restructuring Arrays | p. 672 |
| Hiding Strings | p. 678 |
| Detecting Debuggers | p. 681 |
| Detecting Unix Debuggers | p. 682 |
| Detecting Windows Debuggers | p. 685 |
| Detecting SoftICE | p. 685 |
| Countering Disassembly | p. 688 |
| Using Self-Modifying Code | p. 693 |
| Other Topics | p. 700 |
| Performing Error Handling | p. 700 |
| Erasing Data from Memory Securely | p. 704 |
| Preventing Memory from Being Paged to Disk | p. 707 |
| Using Variable Arguments Properly | p. 709 |
| Performing Proper Signal Handling | p. 712 |
| Protecting against Shatter Attacks on Windows | p. 716 |
| Guarding Against Spawning Too Many Threads | p. 718 |
| Guarding Against Creating Too Many Network Sockets | p. 724 |
| Guarding Against Resource Starvation Attacks on Unix | p. 727 |
| Guarding Against Resource Starvation Attacks on Windows | p. 730 |
| Following Best Practices for Audit Logging | p. 734 |
| Index | p. 739 |
| Table of Contents provided by Ingram. All Rights Reserved. |
