| version 1.127, 2004/03/24 23:36:26 |
version 1.128, 2004/12/22 02:08:59 |
|
|
| </head> |
</head> |
| |
|
| <body bgcolor="#ffffff" text="#000000" link="#23238e"> |
<body bgcolor="#ffffff" text="#000000" link="#23238e"> |
| <img align="left" alt="[OpenBSD]" height="166" width="197" SRC="images/blowfish-notext.jpg"> |
<img align="left" alt="[OpenBSD]" height="166" width="197" src="images/blowfish-notext.jpg"> |
| <br> |
<br> |
| <br> |
<br> |
| <br> |
<br> |
|
|
| <hr> |
<hr> |
| |
|
| <strong>Index</strong><br> |
<strong>Index</strong><br> |
| <a href="#why">Why do we ship cryptography?</a>.<br> |
<a href="#why">Why do we ship cryptography?</a>.<br> |
| <a href="#ssh">OpenSSH</a>.<br> |
<a href="#ssh">OpenSSH</a>.<br> |
| <a href="#prng">Pseudo Random Number Generators</a> (PRNG): ARC4, ...<br> |
<a href="#prng">Pseudo Random Number Generators</a> (PRNG): ARC4, ...<br> |
| <a href="#hash">Cryptographic Hash Functions</a>: MD5, SHA1, ...<br> |
<a href="#hash">Cryptographic Hash Functions</a>: MD5, SHA1, ...<br> |
| <a href="#trans">Cryptographic Transforms</a>: DES, Blowfish, ...<br> |
<a href="#trans">Cryptographic Transforms</a>: DES, Blowfish, ...<br> |
|
|
| |
|
| As of the 2.6 release, OpenBSD contains |
As of the 2.6 release, OpenBSD contains |
| <a href="http://www.openssh.com/">OpenSSH</a>, an absolutely free and |
<a href="http://www.openssh.com/">OpenSSH</a>, an absolutely free and |
| patent unencumbered version of ssh. |
patent unencumbered version of ssh. |
| <a href="http://www.openssh.com/">OpenSSH</a> interoperated with ssh |
<a href="http://www.openssh.com/">OpenSSH</a> interoperated with ssh |
| version 1 and had many added features, |
version 1 and had many added features, |
| <ul> |
<ul> |
|
|
| <a name="prng"></a> |
<a name="prng"></a> |
| <h3><font color="#e00000">Pseudo Random Number Generators</font></h3><p> |
<h3><font color="#e00000">Pseudo Random Number Generators</font></h3><p> |
| |
|
| A Pseudo Random Number Generator (PRNG) provides applications with a stream of |
A Pseudo Random Number Generator (PRNG) provides applications with a stream of |
| numbers which have certain important properties for system security:<p> |
numbers which have certain important properties for system security:<p> |
| |
|
| <ul> |
<ul> |
|
|
| |
|
| In OpenBSD MD5, SHA1, and RIPEMD-160 are used as Cryptographic Hash Functions, |
In OpenBSD MD5, SHA1, and RIPEMD-160 are used as Cryptographic Hash Functions, |
| e.g:<p> |
e.g:<p> |
| <ul> |
<ul> |
| <li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=skey&sektion=1">S/Key(1)</a> |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=skey&sektion=1">S/Key(1)</a> |
| to provide one time passwords. |
to provide one time passwords. |
| <li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ipsec&sektion=4">IPsec(4)</a> |
<li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ipsec&sektion=4">IPsec(4)</a> |
|
|
| <li><b><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ises&sektion=4"> |
<li><b><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ises&sektion=4"> |
| Securealink PCC-ISES</a></b><br> |
Securealink PCC-ISES</a></b><br> |
| The <a href="http://www.safenet-inc.com/technology/chips/safexcel_ises.asp"> |
The <a href="http://www.safenet-inc.com/technology/chips/safexcel_ises.asp"> |
| PCC-ISES</a> is a new chipset from the Netherlands. We have received |
PCC-ISES</a> is a new chipset from the Netherlands. We have received |
| sample hardware and documentation, and work on a driver is in progress. |
sample hardware and documentation, and work on a driver is in progress. |
| At the moment, the driver is capable of feeding random numbers into |
At the moment, the driver is capable of feeding random numbers into |
| the kernel entropy pool. |
the kernel entropy pool. |
| <p> |
<p> |
| |
|
|
|
| <li>Encrypting Virtual Memory.<br> |
<li>Encrypting Virtual Memory.<br> |
| <a href="events.html#sec2000">Usenix Security 2000</a>, |
<a href="events.html#sec2000">Usenix Security 2000</a>, |
| <a href="mailto:provos@openbsd.org">Niels Provos</a>.<br> |
<a href="mailto:provos@openbsd.org">Niels Provos</a>.<br> |
| <a href="papers/swapencrypt.ps">paper</a> and |
<a href="papers/swapencrypt.ps">paper</a> and |
| <a href="papers/swapencrypt-slides.ps">slides</a>. |
<a href="papers/swapencrypt-slides.ps">slides</a>. |
| <p> |
<p> |
| <li>The Design of the OpenBSD Cryptographic Framework.<br> |
<li>The Design of the OpenBSD Cryptographic Framework.<br> |
![[BACK]](/icons/back.gif){kind=icon}
Return to crypto.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www