version 1.26, 1998/12/29 01:36:26 |
version 1.27, 1999/01/08 22:23:28 |
|
|
In OpenBSD MD5, SHA1, and RIPEMD-160 are used as Cryptographic Hash Functions, |
In OpenBSD MD5, SHA1, and RIPEMD-160 are used as Cryptographic Hash Functions, |
e.g. |
e.g. |
<ul> |
<ul> |
<li>In S/Key support to provide one time passwords. |
<li>In <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=skey>S/Key</a> |
<li>In IPsec, <a href=http://wserver.physnet.uni-hamburg.de/provos/photuris/> |
to provide one time passwords. |
photurisd</a> and isakmpd to authenticate the data origin of packets |
<li>In <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=ipsec>IPsec</a>, |
and to ensure packet integrity. |
<a href=http://wserver.physnet.uni-hamburg.de/provos/photuris/>photurisd</a> |
<li>For FreeBSD-style MD5 passwords (not enabled by default). |
and |
<li>For TCP SYN cookie support (not enabled by default). |
<a href=http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd>isakmpd(8)</a> |
|
to authenticate the data origin of packets and to ensure packet integrity. |
|
<li>For FreeBSD-style MD5 passwords (not enabled by default), see |
|
<a href=http://www.openbsd.org/cgi-bin/man.cgi?query=passwd.conf&sektion=5> |
|
passwd.conf(5)</a> |
|
<li>For TCP SYN cookie support (not enabled by default), see |
|
<a href=http://www.openbsd.org/cgi-bin/man.cgi?query=options&sektion=4> |
|
options(4)</a> |
<li>In libssl for digital signing of messages. |
<li>In libssl for digital signing of messages. |
</ul> |
</ul> |
|
|
|
|
OpenBSD provides transforms like DES, 3DES, Blowfish and Cast for the |
OpenBSD provides transforms like DES, 3DES, Blowfish and Cast for the |
kernel and userland programs, which are used in many places like |
kernel and userland programs, which are used in many places like |
<ul> |
<ul> |
<li>In libc for creating Blowfish passwords. |
<li>In libc for creating |
<li>In IPsec to provide confidentiality for the network layer. |
<a href=http://www.openbsd.org/cgi-bin/man.cgi?query=blf_key>Blowfish</a> |
<li>In Kerberos and a handful of kerberized applications, like telnet, cvs |
passwords. |
rsh, rcp & rlogin. |
<li>In |
|
<a href=http://www.openbsd.org/cgi-bin/man.cgi?query=ipsec>IPsec</a> |
|
to provide confidentiality for the network layer. |
|
<li>In Kerberos and a handful of kerberized applications, like |
|
<a href=http://www.openbsd.org/cgi-bin/man.cgi?query=telnet>telnet</a>, |
|
<a href=http://www.openbsd.org/cgi-bin/man.cgi?query=cvs>cvs</a>, |
|
<a href=http://www.openbsd.org/cgi-bin/man.cgi?query=rsh>rsh</a>, |
|
<a href=http://www.openbsd.org/cgi-bin/man.cgi?query=rcp>rcp</a>, |
|
and |
|
<a href=http://www.openbsd.org/cgi-bin/man.cgi?query=rlogin>rlogin</a>. |
<li>In <a href=http://wserver.physnet.uni-hamburg.de/provos/photuris/> |
<li>In <a href=http://wserver.physnet.uni-hamburg.de/provos/photuris/> |
photurisd</a> and isakmpd to protect the exchanges where IPsec key |
photurisd</a> and |
material is negotiated. |
<a href=http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd>isakmpd</a> |
|
to protect the exchanges where IPsec key material is negotiated. |
<li>In AFS to protect the messages passing over the network, providing |
<li>In AFS to protect the messages passing over the network, providing |
confidentiality of remote filesystem access. |
confidentiality of remote filesystem access. |
<li>In libssl to let applications communicate over the de-facto standard |
<li>In libssl to let applications communicate over the de-facto standard |
cryptographically secure SSL protocol. |
cryptographically secure SSL protocol. |
</ul> |
</ul> |