=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/crypto.html,v retrieving revision 1.9 retrieving revision 1.10 diff -u -r1.9 -r1.10 --- www/crypto.html 1998/02/21 00:43:42 1.9 +++ www/crypto.html 1998/02/23 18:36:03 1.10 @@ -1,11 +1,11 @@ - +
-
The Export Control
@@ -35,32 +34,93 @@
We also require that such software is from a countries with useful export
licenses because we do not wish to break the laws of any country.
-We use strong and weak crypto in different parts of the system:
+When we make OpenBSD releases or snapshots we do our build processes
+in free countries to assure that the sources and binaries we provide
+to users are free of tainting. In the past our release binary builds
+have been done in Canada, Sweden, and Germany.
+Today cryptography is an important mean for enhancing the security
+of an operating system. The cryptography utilized in OpenBSD
+can be classified into three different aspects:
+
+
+
-When we make OpenBSD releases or snapshots we do our build processes
-in free countries to assure that the sources and binaries we provide
-to users are free of tainting. In the past our release binary builds
-have been done in Canada, Sweden, and Germany.
+
+
+
+
+
+
-
+
Pseudo Random Number Generators
+A Pseudo Random Number Generator (PRNG) provides applications with a stream of
+numbers which have certain important properties for system security:
+
+Since a PRNG is normally just an algorithm where the same initial
+starting values will yield the same output. On a multiuser operating
+system there are many sources which allow seeding the PRNG with random
+data. The OpenBSD kernel uses the mouse interrupt timing, network data
+interrupt latency, inter-keypress timing and disk IO information to
+fill an entropy pool. Random numbers are available for kernel
+routines and are exported via devices to userland programs.
+In OpenBSD random numbers are used in many places, such as
+
+
+Cryptographic Hash Functions
+A Hash Function compresses its input data to a string of
+constant size. For a Cryptographic Hash Function it is infeasible to find
+
+
+
+In OpenBSD MD5 and SHA1 are used as Cryptographic Hash Functions, e.g.
+
+
+
+Cryptographic Transforms
+Cryptographic Transforms are used to encrypt and decrypt data. There are
+normally provided with an encryption key for data encryption and with a
+decryption key for data decryption. The security of a Cryptographic Transform
+should rely only on the keying material.
+
+OpenBSD provides, e.g. DES and Blowfish encryption for the kernel and userland
+programs, which are used, e.g.
+
+
+
+
-
-This site Copyright © 1996-1998 OpenBSD.
-$OpenBSD: crypto.html,v 1.9 1998/02/21 00:43:42 deraadt Exp $
-
+
+www@openbsd.org
+
+$OpenBSD: crypto.html,v 1.10 1998/02/23 18:36:03 deraadt Exp $
-
-