version 1.111, 2002/09/11 16:53:04 |
version 1.112, 2002/09/24 23:16:31 |
|
|
<meta name="resource-type" content="document"> |
<meta name="resource-type" content="document"> |
<meta name="description" content="OpenBSD cryptography"> |
<meta name="description" content="OpenBSD cryptography"> |
<meta name="keywords" content="openbsd,cryptography,openssh,openssl,kerberos"> |
<meta name="keywords" content="openbsd,cryptography,openssh,openssl,kerberos"> |
<meta name="keywords" content="ipsec,photuris,isakmp,ike,blowfish,des,rsa,dsa"> |
<meta name="keywords" content="ipsec,isakmp,ike,blowfish,des,rsa,dsa"> |
<meta name="distribution" content="global"> |
<meta name="distribution" content="global"> |
<meta name="copyright" content="This document copyright 1997-2002 by OpenBSD."> |
<meta name="copyright" content="This document copyright 1997-2002 by OpenBSD."> |
</head> |
</head> |
|
|
<li>random padding in IPsec esp_old packets. |
<li>random padding in IPsec esp_old packets. |
<li>To generate salts for the various password algorithms. |
<li>To generate salts for the various password algorithms. |
<li>For generating fake S/Key challenges. |
<li>For generating fake S/Key challenges. |
<li>In <a href=http://www.physnet.uni-hamburg.de/provos/photuris/>photurisd</a> |
<li>In <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd>isakmpd</a> |
and <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd>isakmpd</a> |
|
to provide liveness proof of key exchanges. |
to provide liveness proof of key exchanges. |
</ul> |
</ul> |
|
|
|
|
<ul> |
<ul> |
<li>In <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=skey>S/Key</a> |
<li>In <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=skey>S/Key</a> |
to provide one time passwords. |
to provide one time passwords. |
<li>In <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=ipsec>IPsec</a>, |
<li>In <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=ipsec>IPsec</a> |
<a href=http://www.physnet.uni-hamburg.de/provos/photuris/>photurisd</a> |
|
and |
and |
<a href=http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd>isakmpd(8)</a> |
<a href=http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd>isakmpd(8)</a> |
to authenticate the data origin of packets and to ensure packet integrity. |
to authenticate the data origin of packets and to ensure packet integrity. |
|
|
<a href=http://www.openbsd.org/cgi-bin/man.cgi?query=rcp>rcp</a>, |
<a href=http://www.openbsd.org/cgi-bin/man.cgi?query=rcp>rcp</a>, |
and |
and |
<a href=http://www.openbsd.org/cgi-bin/man.cgi?query=rlogin>rlogin</a>. |
<a href=http://www.openbsd.org/cgi-bin/man.cgi?query=rlogin>rlogin</a>. |
<li>In <a href=http://www.physnet.uni-hamburg.de/provos/photuris/> |
<li>In <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd>isakmpd</a> |
photurisd</a> and |
|
<a href=http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd>isakmpd</a> |
|
to protect the exchanges where IPsec key material is negotiated. |
to protect the exchanges where IPsec key material is negotiated. |
<li>In AFS to protect the messages passing over the network, providing |
<li>In AFS to protect the messages passing over the network, providing |
confidentiality of remote filesystem access. |
confidentiality of remote filesystem access. |