| version 1.139, 2014/03/11 07:02:06 |
version 1.140, 2014/03/28 04:13:10 |
|
|
| <h2><font color="#e00000">Cryptography</font></h2> |
<h2><font color="#e00000">Cryptography</font></h2> |
| <hr> |
<hr> |
| |
|
| <img align="left" alt="[OpenBSD]" height="166" width="197" src="images/blowfish-notext.jpg"> |
|
| <br> |
|
| <br> |
|
| <br> |
|
| "The mantra of any good security engineer is: "Security is not a |
|
| product, but a process." It's more than designing strong cryptography |
|
| into a system; it's designing the entire system such that all security |
|
| measures, including cryptography, work together."<br> |
|
| <br> |
|
| -- Bruce Schneier, author of "Applied Cryptography". |
|
| <br clear="all"> |
|
| <hr> |
|
| |
|
| <strong>Index</strong><br> |
|
| <a href="#why">Why do we ship cryptography?</a>.<br> |
|
| <a href="#ssh">OpenSSH</a>.<br> |
|
| <a href="#prng">Pseudo Random Number Generators</a> (PRNG): ARC4, ...<br> |
|
| <a href="#hash">Cryptographic Hash Functions</a>: MD5, SHA1, ...<br> |
|
| <a href="#trans">Cryptographic Transforms</a>: DES, Blowfish, ...<br> |
|
| <a href="#hardware">Cryptographic Hardware support</a><br> |
|
| <a href="#people">International Cryptographers wanted</a><br> |
|
| <a href="#papers">Further Reading</a><br> |
|
| <p> |
|
| <hr> |
|
| |
|
| <a name="why"></a> |
<a name="why"></a> |
| <h3><font color="#e00000">Why do we ship cryptography?</font></h3><p> |
<h3><font color="#e00000">Why do we ship cryptography?</font></h3><p> |
| |
|
|
|
| extended to make use of Kerberos as well.<p> |
extended to make use of Kerberos as well.<p> |
| |
|
| |
|
| <img align="right" src="images/vpnc-test-partner.gif" alt="VPNC TEST PARTNER"> |
|
| OpenBSD was the first operating system to ship with an IPsec stack. |
OpenBSD was the first operating system to ship with an IPsec stack. |
| We've been including IPsec since the OpenBSD 2.1 release in 1997. |
We've been including IPsec since the OpenBSD 2.1 release in 1997. |
| Our fully conformant in-kernel IPsec stack, with hardware acceleration |
|
| based on a number of cards, and our own free ISAKMP daemon, is used as |
|
| one of the machines in the IPsec conformance testbed run by |
|
| <a href="http://www.vpnc.org">VPNC</a>. |
|
| <br clear="all"> |
|
| <p> |
<p> |
| |
|
| Today cryptography is an important means for enhancing the <a |
Today cryptography is an important means for enhancing the |
| href="security.html">security</a> of an operating system. The |
<a href="security.html">security</a> of an operating system. The |
| cryptography utilized in OpenBSD can be classified into various |
cryptography utilized in OpenBSD can be classified into various |
| aspects, described as follows.<p> |
aspects, described as follows. |
| |
<p> |
| |
|
| <a name="ssh"></a> |
<a name="ssh"></a> |
| <h3><font color="#e00000">OpenSSH</font></h3><p> |
<h3><font color="#e00000">OpenSSH</font></h3><p> |
![[BACK]](/icons/back.gif){kind=icon}
Return to crypto.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www