=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/crypto.html,v retrieving revision 1.31 retrieving revision 1.32 diff -u -r1.31 -r1.32 --- www/crypto.html 1999/05/10 16:47:56 1.31 +++ www/crypto.html 1999/09/22 05:54:08 1.32 @@ -14,8 +14,28 @@ +
-
+ +In three words: because we can.
+ The OpenBSD project is based in Canada.
The Export Control List of Canada @@ -30,7 +50,7 @@ Hence the OpenBSD project has embedded cryptography into numerous places in the operating system. We require that the cryptographic software we use be freely available and with good licenses. -We do not use cryptography with nasty patents. +We do not directly use cryptography with nasty patents. We also require that such software is from countries with useful export licenses because we do not wish to break the laws of any country. The cryptographic software components which we use currently were @@ -54,15 +74,10 @@ cryptography utilized in OpenBSD can be classified into three different aspects:
-
+ A Pseudo Random Number Generator (PRNG) provides applications with a stream of numbers which have certain important properties for system security:
@@ -72,6 +87,7 @@
A PRNG is normally just an algorithm where the same initial starting values will yield the same sequence of outputs. On a multiuser @@ -104,7 +120,8 @@
+ A Hash Function compresses its input data to a string of constant size. For a Cryptographic Hash Function it is infeasible to find
In OpenBSD MD5, SHA1, and RIPEMD-160 are used as Cryptographic Hash Functions, e.g. @@ -131,10 +149,12 @@ options(4)
+ Cryptographic Transforms are used to encrypt and decrypt data. These are normally used with an encryption key for data encryption and with a decryption key for data decryption. The security of a Cryptographic @@ -167,11 +187,22 @@
+ +Of course, our project needs people to work on these systems. If any +non-American cryptographer who meets the constraints listed earlier is +interested in helping out with embedded cryptography in OpenBSD, +please contact us.
+ + + +