Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More

abort( )  2nd 

access control 

    address-based vs. authentication 

    restricting based on hostname, IP address 

    Unix 

    Windows 

access control entries (ACEs)  2nd 

access control files 

    IP address or hostname lists 

    rules 

access( ) 

accessing file information securely 

ACEs (access control entries)  2nd 

ACLs (access control lists)  2nd  3rd 

AdjustTokenPrivileges( )  2nd 

Advanced Encryption Standard  [See AES]

advisory locks 

AES (Advanced Encryption Standard)  2nd 

    Brian GladmanÕs version 

    CBC mode in OpenSSL 

    key length 

    OMAC and 

    security at 128-bits 

    supported key sizes 

anonymous pipes 

anti-debugger code 

anti-tampering 

    assembly language code examples 

    software protection  [See software protection]

arbitrary-precision libraries 

ASCII

    base64 mapping to 

    hexadecimal data, conversion into binary 

    random strings, getting 

ASN.1 language 

asprintf( ) 

assembly language

    code examples 

    Intel and AT&T syntax 

AssignProcessToJobObject( ) 

Athlon XP, counting clock cycles on 

attacks

    active vs. eavesdropping 

    against one-way constructs 

    birthday attacks 

        preventing 

    blinding attacks, preventing 

    capture replay attacks, preventing 

    collision attacks 

    cross-site scripting attacks 

    dictionary attacks 

        RSA and 

    double-encoding attacks 

    format-string attacks, preventing 

    length extension attacks  2nd 

        preventing 

    man-in-the-middle attacks  2nd  3rd  4th 

        preventing 

    methods targeting authentication 

    on entropy sources 

    replay attacks, prevention 

    rollback attacks  2nd 

    shatter attacks, protecting Windows from 

    SQL injection attacks 

    stack-smashing attacks 

    surreptitious forwarding attacks 

    timing attacks 

audit logging 

    log entries, signing and encrypting 

    logging to CD-R 

    MACs for detection of log file manipulation 

    network logging 

    VPNs (virtual private networks) 

authenticate-and-encrypt paradigm 

authenticated secure channels, building without SSL 

authentication 

    attacks against, preparing for 

    authentication factors 

    common technologies 

    cookies, using 

    delays after failed attempts 

    DSA and Diffie-Hellman 

    Kerberos, using 

    and key exchange using RSA 

    mechanisms, requirements for 

    methods, choosing 

    minimizing risk when done with no PKI 

    number of failed attempts 

    password-based using PBKDF2 

    password-based with MD5-MCF 

    securing against rollback attacks 

    throttling failed attempts 

    Unix domain sockets, using 

    via PAM API 

    without third-party 

Avaya Labs LibSafe 

AX_compute_credentials( ) 

AX_connect( ) 

AX_CRED_deserialize( ) 

AX_CRED_serialize( ) 

AX_exchange( ) 

AX_get_credentials_callback( ) 

AX_get_salt( ) 

AX_set_salt( ) 

AX_srv_accept( ) 

AX_srv_exchange( ) 

AX_srv_listen( )