www/crypto.html - diff

Return to crypto.html CVS log

Up to [local] / www

Diff for /www/crypto.html between version 1.23 and 1.24

version 1.23, 1998/11/14 20:23:31

version 1.24, 1998/12/01 08:19:03

Line 95

spoofing attacks.

<li>To generate salts for the various password algorithms.

<li>For generating fake S/Key challenges.

<li>In isakmpd to provide liveness proof of key exchanges.

</ul>

<p>

Line 112

Line 113

e.g.

<ul>

<li>In S/Key support to provide one time passwords.

<li>In IPsec, <a href=http://wserver.physnet.uni-hamburg.de/provos/photuris/>

IPSec or Photuris</a> to authenticate the data origin of packets

photurisd</a> and isakmpd to authenticate the data origin of packets

and to ensure packet integrity.

<li>For FreeBSD-style MD5 passwords (not enabled by default).

<li>For TCP SYN cookie support (not enabled by default).

<li>In libssl for digital signing of messages.

</ul>

<p>

Line 127

Line 129

a decryption key for data decryption. The security of a Cryptographic

Transform should rely only on the keying material.<p>

OpenBSD provides transforms like DES and Blowfish for the kernel and userland

OpenBSD provides transforms like DES, 3DES, Blowfish and Cast for the

programs, which are used in many places like

kernel and userland programs, which are used in many places like

<ul>

<li>In libc for creating Blowfish passwords.

<li>In <a href=http://wserver.physnet.uni-hamburg.de/provos/photuris/>IPSec</a>

<li>In IPsec to provide confidentiality for the network layer.

to provide confidentiality for the network layer.

<li>In kerberized telnet.

<li>In Photuris to protect the exchanged packet content.

photurisd</a> and isakmpd to protect the exchanges where IPsec key

material is negotiated.

<li>In AFS to protect the messages passing over the network, providing

confidentiality of remote filesystem access.

<li>In libssl to let applications communicate over the de-facto standard

cryptographically secure SSL protocol.

</ul>

<p>