===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/crypto.html,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- www/crypto.html 1998/02/23 18:36:03 1.10
+++ www/crypto.html 1998/02/23 18:40:25 1.11
@@ -44,9 +44,9 @@
can be classified into three different aspects:
-- Pseudo Random Number Generators (PRNG): ARC4, ...
-
- Cryptographic Hash Functions: MD5, SHA1, ...
-
- Cryptographic Transforms: DES, Blowfish, ...
+
- Pseudo Random Number Generators (PRNG): ARC4, ...
+
- Cryptographic Hash Functions: MD5, SHA1, ...
+
- Cryptographic Transforms: DES, Blowfish, ...
@@ -56,10 +56,10 @@
numbers which have certain important properties for system security:
-- It should be impossible for an outsider to predict the output of the
-random number generator even with knowledge of previous output.
-
- The generated numbers should not have repeating patterns which means
-the PRNG should have a very long cycle length.
+
- It should be impossible for an outsider to predict the output of the
+ random number generator even with knowledge of previous output.
+
- The generated numbers should not have repeating patterns which means
+ the PRNG should have a very long cycle length.
Since a PRNG is normally just an algorithm where the same initial
@@ -71,12 +71,12 @@
routines and are exported via devices to userland programs.
In OpenBSD random numbers are used in many places, such as
-- ports of a bound socket,
-
- PIDs of processes,
-
- RPC transaction IDs,
-
- DNS Query-IDs,
-
- inode generation numbers and
-
- password salts.
+
- ports of a bound socket,
+
- PIDs of processes,
+
- RPC transaction IDs,
+
- DNS Query-IDs,
+
- inode generation numbers and
+
- password salts.
@@ -85,14 +85,15 @@
A Hash Function compresses its input data to a string of
constant size. For a Cryptographic Hash Function it is infeasible to find
-- two inputs which have the same output (collision resistant),
-
- a different input for a given input with the same output (2nd preimage resistant).
+
- two inputs which have the same output (collision resistant),
+
- a different input for a given input with the same output
+ (2nd preimage resistant).
In OpenBSD MD5 and SHA1 are used as Cryptographic Hash Functions, e.g.
@@ -100,19 +101,19 @@
Cryptographic Transforms
-Cryptographic Transforms are used to encrypt and decrypt data. There are
-normally provided with an encryption key for data encryption and with a
-decryption key for data decryption. The security of a Cryptographic Transform
-should rely only on the keying material.
+Cryptographic Transforms are used to encrypt and decrypt data. These
+are normally used with an encryption key for data encryption and with
+a decryption key for data decryption. The security of a Cryptographic
+Transform should rely only on the keying material.
-OpenBSD provides, e.g. DES and Blowfish encryption for the kernel and userland
-programs, which are used, e.g.
+OpenBSD provides transforms like DES and Blowfish for the kernel and userland
+programs, which are used in many places like
-- in libc for creating Blowfish passwords,
-
- in IPSec
+
- in libc for creating Blowfish passwords,
+
- in IPSec
to provide confidentiality for the network layer,
-
- in kerberized telnet,
-
- in Photuris to protect the exchanged packet content.
+
- in kerberized telnet,
+
- in Photuris to protect the exchanged packet content.
@@ -120,7 +121,7 @@
www@openbsd.org
-$OpenBSD: crypto.html,v 1.10 1998/02/23 18:36:03 deraadt Exp $
+$OpenBSD: crypto.html,v 1.11 1998/02/23 18:40:25 deraadt Exp $