Annotation of www/crypto.html, Revision 1.105
1.10 deraadt 1: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML Strict Level 2//EN//2.0">
1.1 deraadt 2: <html>
3: <head>
1.10 deraadt 4: <title>Cryptography in OpenBSD</title>
1.1 deraadt 5: <link rev=made href=mailto:www@openbsd.org>
6: <meta name="resource-type" content="document">
1.10 deraadt 7: <meta name="description" content="OpenBSD cryptography">
1.48 beck 8: <meta name="keywords" content="openbsd,cryptography,openssh,openssl,kerberos">
9: <meta name="keywords" content="ipsec,photuris,isakmp,ike,blowfish,des,rsa,dsa">
1.1 deraadt 10: <meta name="distribution" content="global">
1.98 horacio 11: <meta name="copyright" content="This document copyright 1997-2002 by OpenBSD.">
1.1 deraadt 12: </head>
13:
14: <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E">
1.45 deraadt 15: <img align=left alt="[OpenBSD]" height=166 width=197 SRC="images/blowfish-notext.jpg">
16: <br>
17: <br>
18: <br>
1.61 deraadt 19: "The mantra of any good security engineer is: "Security is not a
1.45 deraadt 20: product, but a process." It's more than designing strong cryptography
21: into a system; it's designing the entire system such that all security
22: measures, including cryptography, work together."<br>
23: <br>
24: -- Bruce Schneier, author of "Applied Cryptography".
25: <br clear=all>
1.37 deraadt 26: <h2><font color=#e00000>Cryptography</font><hr></h2>
1.32 deraadt 27:
28: <strong>Index</strong><br>
1.41 louis 29: <a href=#why>Why do we ship cryptography?</a>.<br>
1.47 provos 30: <a href=#ssh>OpenSSH</a>.<br>
1.32 deraadt 31: <a href=#prng>Pseudo Random Number Generators</a> (PRNG): ARC4, ...<br>
32: <a href=#hash>Cryptographic Hash Functions</a>: MD5, SHA1, ...<br>
33: <a href=#trans>Cryptographic Transforms</a>: DES, Blowfish, ...<br>
1.51 deraadt 34: <a href=#hardware>Cryptographic Hardware support</a><br>
1.32 deraadt 35: <a href=#people>International Cryptographers wanted</a><br>
1.33 deraadt 36: <a href=#papers>Further Reading</a><br>
1.1 deraadt 37: <p>
1.32 deraadt 38: <hr>
39:
40: <a name=why></a>
1.42 deraadt 41: <h3><font color=#e00000>Why do we ship cryptography?</font></h3><p>
1.32 deraadt 42:
43: In three words: <strong>because we can</strong>.<p>
44:
1.1 deraadt 45: The OpenBSD project is based in Canada.<p>
46:
1.23 deraadt 47: The <a href=ECL.html>Export Control List of Canada</a>
48: places no significant restriction on the export of
1.5 deraadt 49: cryptographic software, and is even more explicit about the free
50: export of freely-available cryptographic software. Marc Plumb has
51: done
1.2 deraadt 52: <a href=http://insight.mcmaster.ca/org/efc/pages/doc/crypto-export.html>
1.31 aaron 53: some research to test the cryptographic laws</a>.
1.2 deraadt 54: <p>
1.1 deraadt 55:
1.3 deraadt 56: Hence the OpenBSD project has embedded cryptography into numerous places
57: in the operating system. We require that the cryptographic software we
58: use be <a href=policy.html>freely available and with good licenses</a>.
1.32 deraadt 59: We do not directly use cryptography with nasty patents.
1.13 deraadt 60: We also require that such software is from countries with useful export
1.16 deraadt 61: licenses because we do not wish to break the laws of any country.
62: The cryptographic software components which we use currently were
63: written in Argentina, Australia, Canada, Germany, Greece, Norway, and
64: Sweden.
65: <p>
1.7 deraadt 66:
1.15 deraadt 67: When we create OpenBSD releases or snapshots we build our release
68: binaries in free countries to assure that the sources and binaries we
69: provide to users are free of tainting. In the past our release binary
70: builds have been done in Canada, Sweden, and Germany.<p>
71:
1.94 miod 72: OpenBSD ships with Kerberos IV and Kerberos V included. The two codebases
73: we use are the exportable KTH-based release from Sweden. Our X11 source
74: has been extended to make use of Kerberos as well.<p>
1.16 deraadt 75:
1.67 deraadt 76:
1.66 deraadt 77: <img align=right src="images/vpnc-test-partner.gif">
1.87 brad 78: OpenBSD was the first operating system to ship with an IPsec stack.
1.102 brad 79: We've been including IPsec since the OpenBSD 2.1 release in 1997.
1.87 brad 80: Our fully conformant in-kernel IPsec stack, with hardware acceleration
1.66 deraadt 81: based on a number of cards, and our own free ISAKMP daemon, is used as
1.87 brad 82: one of the machines in the IPsec conformance testbed run by
1.67 deraadt 83: <a href="http://www.vpnc.org">VPNC</a>.
1.66 deraadt 84: <br clear=all>
85: <p>
86:
1.15 deraadt 87: Today cryptography is an important means for enhancing the <a
88: href=security.html>security</a> of an operating system. The
1.42 deraadt 89: cryptography utilized in OpenBSD can be classified into various
90: aspects, described as follows.<p>
1.10 deraadt 91:
1.39 louis 92: <a name=ssh></a>
1.47 provos 93: <h3><font color=#e00000>OpenSSH</font></h3><p>
1.39 louis 94:
1.40 deraadt 95: What is the first thing most people do after installing OpenBSD?
1.55 deraadt 96: They install Secure Shell
97: (<a href=http://www.openbsd.org/cgi-bin/man.cgi?query=ssh>ssh</a>)
1.46 deraadt 98: from the ports tree or the packages on the FTP sites. Until now, that is.<p>
1.39 louis 99:
1.55 deraadt 100: As of the 2.6 release, OpenBSD contains
1.50 provos 101: <a href="http://www.openssh.com/">OpenSSH</a>, an absolutely free and
102: patent unencumbered version of ssh.
1.55 deraadt 103: As of the OpenBSD 2.6 release date,
104: <a href="http://www.openssh.com/">OpenSSH</a> interoperated with ssh
105: version 1 and had many added features,
1.47 provos 106: <ul>
107: <li>
1.88 brad 108: all components of a restrictive nature (i.e., patents, see
1.104 miod 109: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=ssl>ssl</a>)
1.55 deraadt 110: had been directly removed from the source code; any licensed or
111: patented components used external libraries.
1.47 provos 112: </li>
113: <li>
1.55 deraadt 114: had been updated to support ssh protocol 1.5.
1.47 provos 115: </li>
116: <li>
1.55 deraadt 117: contained added support for
1.47 provos 118: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=kerberos>kerberos</a>
119: authentication and ticket passing.
120: </li>
121: <li>
1.55 deraadt 122: supported one-time password authentication with
1.47 provos 123: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=skey>skey</a>.
124: </li>
125: </ul>
126: <p>
127:
1.93 deraadt 128: Roughly said, we took a free license release of ssh, OpenBSD-ifyed it.
129: About a year later, we extended OpenSSH to also do SSH 2 protocol, the
130: result being support for all 3 major SSH protocols: 1.3, 1.5, 2.0.
1.39 louis 131:
1.18 deraadt 132: <a name=prng></a>
1.42 deraadt 133: <h3><font color=#e00000>Pseudo Random Number Generators</font></h3><p>
1.32 deraadt 134:
1.10 deraadt 135: A Pseudo Random Number Generator (PRNG) provides applications with a stream of
136: numbers which have certain important properties for system security:<p>
137:
138: <ul>
1.11 deraadt 139: <li>It should be impossible for an outsider to predict the output of the
140: random number generator even with knowledge of previous output.
141: <li>The generated numbers should not have repeating patterns which means
142: the PRNG should have a very long cycle length.
1.10 deraadt 143: </ul>
1.32 deraadt 144: <p>
1.10 deraadt 145:
1.13 deraadt 146: A PRNG is normally just an algorithm where the same initial starting
147: values will yield the same sequence of outputs. On a multiuser
148: operating system there are many sources which allow seeding the PRNG
149: with random data. The OpenBSD kernel uses the mouse interrupt timing,
150: network data interrupt latency, inter-keypress timing and disk IO
151: information to fill an entropy pool. Random numbers are available for
152: kernel routines and are exported via devices to userland programs.
1.36 deraadt 153: So far random numbers are used in the following places:<p>
1.13 deraadt 154:
1.10 deraadt 155: <ul>
1.14 deraadt 156: <li>Dynamic sin_port allocation in bind(2).
157: <li>PIDs of processes.
1.26 aaron 158: <li>IP datagram IDs.
1.14 deraadt 159: <li>RPC transaction IDs (XID).
160: <li>NFS RPC transaction IDs (XID).
161: <li>DNS Query-IDs.
162: <li>Inode generation numbers, see getfh(2) and fsirand(8).
1.31 aaron 163: <li>Timing perturbance in traceroute(8).
1.14 deraadt 164: <li>Stronger temporary names for mktemp(3) and mkstemp(3)
165: <li>Randomness added to the TCP ISS value for protection against
166: spoofing attacks.
1.87 brad 167: <li>random padding in IPsec esp_old packets.
1.14 deraadt 168: <li>To generate salts for the various password algorithms.
169: <li>For generating fake S/Key challenges.
1.44 provos 170: <li>In <a href=http://www.physnet.uni-hamburg.de/provos/photuris/>photurisd</a>
1.28 angelos 171: and <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd>isakmpd</a>
172: to provide liveness proof of key exchanges.
1.10 deraadt 173: </ul>
1.1 deraadt 174:
1.10 deraadt 175: <p>
1.18 deraadt 176: <a name=hash></a>
1.42 deraadt 177: <h3><font color=#e00000>Cryptographic Hash Functions</font></h3><p>
1.32 deraadt 178:
1.10 deraadt 179: A Hash Function compresses its input data to a string of
1.36 deraadt 180: constant size. For a Cryptographic Hash Function it is infeasible to find:
181:
1.1 deraadt 182: <ul>
1.11 deraadt 183: <li>two inputs which have the same output (collision resistant),
184: <li>a different input for a given input with the same output
185: (2nd preimage resistant).
1.1 deraadt 186: </ul>
1.32 deraadt 187: <p>
1.10 deraadt 188:
1.12 millert 189: In OpenBSD MD5, SHA1, and RIPEMD-160 are used as Cryptographic Hash Functions,
1.36 deraadt 190: e.g:<p>
1.10 deraadt 191: <ul>
1.27 deraadt 192: <li>In <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=skey>S/Key</a>
193: to provide one time passwords.
1.87 brad 194: <li>In <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=ipsec>IPsec</a>,
1.44 provos 195: <a href=http://www.physnet.uni-hamburg.de/provos/photuris/>photurisd</a>
1.27 deraadt 196: and
197: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd>isakmpd(8)</a>
198: to authenticate the data origin of packets and to ensure packet integrity.
199: <li>For FreeBSD-style MD5 passwords (not enabled by default), see
200: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=passwd.conf&sektion=5>
201: passwd.conf(5)</a>
202: <li>For TCP SYN cookie support (not enabled by default), see
203: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=options&sektion=4>
204: options(4)</a>
1.24 niklas 205: <li>In libssl for digital signing of messages.
1.10 deraadt 206: </ul>
1.32 deraadt 207: <p>
1.10 deraadt 208:
1.6 deraadt 209: <p>
1.71 jufi 210: <a name="trans"></a>
1.42 deraadt 211: <h3><font color=#e00000>Cryptographic Transforms</font></h3><p>
1.32 deraadt 212:
1.11 deraadt 213: Cryptographic Transforms are used to encrypt and decrypt data. These
214: are normally used with an encryption key for data encryption and with
215: a decryption key for data decryption. The security of a Cryptographic
216: Transform should rely only on the keying material.<p>
1.6 deraadt 217:
1.24 niklas 218: OpenBSD provides transforms like DES, 3DES, Blowfish and Cast for the
1.36 deraadt 219: kernel and userland programs, which are used in many places like:<p>
1.10 deraadt 220: <ul>
1.27 deraadt 221: <li>In libc for creating
1.71 jufi 222: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=blf_key">Blowfish</a>
223: passwords. See also the <a href="papers/bcrypt-paper.ps">USENIX paper</a>
1.33 deraadt 224: on this topic.
1.27 deraadt 225: <li>In
1.87 brad 226: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=ipsec>IPsec</a>
1.27 deraadt 227: to provide confidentiality for the network layer.
228: <li>In Kerberos and a handful of kerberized applications, like
229: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=telnet>telnet</a>,
230: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=cvs>cvs</a>,
231: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=rsh>rsh</a>,
232: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=rcp>rcp</a>,
233: and
234: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=rlogin>rlogin</a>.
1.44 provos 235: <li>In <a href=http://www.physnet.uni-hamburg.de/provos/photuris/>
1.27 deraadt 236: photurisd</a> and
237: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd>isakmpd</a>
1.87 brad 238: to protect the exchanges where IPsec key material is negotiated.
1.24 niklas 239: <li>In AFS to protect the messages passing over the network, providing
1.27 deraadt 240: confidentiality of remote filesystem access.
1.24 niklas 241: <li>In libssl to let applications communicate over the de-facto standard
242: cryptographically secure SSL protocol.
1.10 deraadt 243: </ul>
1.1 deraadt 244:
1.10 deraadt 245: <p>
1.51 deraadt 246: <a name=hardware></a>
247: <h3><font color=#e00000>Cryptographic Hardware Support</font></h3><p>
248:
1.58 louis 249: OpenBSD, starting with 2.7, has begun supporting some cryptography hardware
250: such as accelerators and random number generators.
1.51 deraadt 251: <ul>
1.92 jason 252: <li><b><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=crypto&sektion=9">
253: IPsec crypto dequeue</a></b><br>
1.87 brad 254: Our IPsec stack has been modified so that cryptographic functions get
255: done out-of-line. Most simple software IPsec stacks need to do
1.82 pvalchev 256: cryptography when processing each packet. This results in synchronous
1.73 aaron 257: performance. To use hardware properly and speedily one needs to separate
1.51 deraadt 258: these two components, as we have done. Actually, doing this gains some
259: performance even for the software case.
260: <p>
1.80 deraadt 261: <li><b><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=hifn&sektion=4">
1.88 brad 262: Hifn 7751</a></b><br>
263: Cards using the Hifn 7751 can be used as a symmetric cryptographic
1.101 deraadt 264: accelerator, i.e., the
265: <a href="http://www.soekris.com/vpn1201.htm">Soekris VPN1201 or VPN1211</a>
266: (<a href="http://www.soekris.com/how_to_buy.htm">to buy</a>)
267: or
268: <a href="http://www.powercrypt.com">PowerCrypt</a>.
1.51 deraadt 269: Current performance using a single Hifn 7751 on each end of a tunnel
1.88 brad 270: is 64Mbit/sec for 3DES/SHA1 ESP, nearly a 600% improvement over
271: using a P3/550 CPU. Further improvements are under way to resolve a
1.51 deraadt 272: few more issues, but as of April 13, 2000 the code is considered
1.53 deraadt 273: stable. We wrote our own driver for supporting this chip, rather
274: than using the (USA-written)
1.88 brad 275: <a href="http://www.powercrypt.com">PowerCrypt</a> driver, as well
1.87 brad 276: our driver links in properly to the IPsec stack.
1.53 deraadt 277: The 7751 is now considered slow by industry standards and many vendors
1.88 brad 278: have faster chips (even Hifn now has a faster but more expensive
1.89 jufi 279: chip). Peak performance with 3DES SHA1 ESP is around 64Mbit/sec.
1.60 deraadt 280: <p>
1.97 jason 281: After 2.9 shipped, support was added for the Hifn 7951 chip, a
282: simplified version of the 7751 which adds a public key accelerator
283: (unsupported) and a random number generator (supported). Cards
284: were donated by <a href="http://www.soekris.com/">Soekris Engineering</a>.
285: <p>
286: After 3.0 shipped, support was added for the Hifn 7811 chip, a
287: faster version of the 7751 (around 130Mbit/s) with a random number
288: generator. A card was donated by <a href="http://www.gtgi.com/">GTGI</a>.
289: <p>
1.88 brad 290: (As an aside, Hifn was a difficult company to deal with; they even
1.60 deraadt 291: threatened to sue us over our non-USA reverse engineering of their
292: crypto unlock algorithm).
1.53 deraadt 293: <p>
1.69 deraadt 294:
1.92 jason 295: <li><b><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=lofn&sektion=4">
296: Hifn 6500</a></b><br>
1.86 brad 297: This device is an asymmetric crypto unit. It has support for RSA, DSA,
1.69 deraadt 298: and DH algorithms, as well as other major big number functions. It also
299: contains a very high performance random number generator. We have one
1.105 ! jason 300: device, full documentation, and sample code. Development has started, and
! 301: both the random number generator and big number unit are working.
! 302: <p>
! 303:
! 304: <li><b><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=nofn&sektion=4">
! 305: Hifn 7814/7851/7854</a></b><br>
! 306: This device is a packet processor and asymmetric crypto unit. It has
! 307: support for RSA, DSA, and DH algorithms, as well as other major big number
! 308: functions and also has a random number generator. Currently, only the
! 309: big number engine and the random number generator are supported (no
! 310: packet transforms).
1.69 deraadt 311: <p>
312:
1.80 deraadt 313: <li><b><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ubsec&sektion=4">
1.105 ! jason 314: Broadcom BCM5805/BCM5820/BCM5821
! 315: (or beta chip Bluesteelnet 5501/5601)</a></b><br>
1.65 deraadt 316: Just after the OpenBSD 2.7 release, we succeeded at adding preliminary
317: support for these early release parts provided to us by the vendor,
1.76 deraadt 318: specifically starting with the test chip 5501.
1.69 deraadt 319: These devices provide the highest performance symmetric cryptography
320: we have seen.
321: <p>
1.59 deraadt 322: Bluesteelnet was bought by Broadcom and started making real parts.
1.84 pvalchev 323: Their new BCM5805 is similar, except that they also add an asymmetric
1.65 deraadt 324: engine for running DSA, RSA, and other such algorithms. With approximate
1.88 brad 325: performance starting at more than four times as fast as the Hifn,
1.65 deraadt 326: hopefully this chip will become more common soon.
1.60 deraadt 327: <p>
328: The Broadcom/Bluesteelnet people have been great to deal with. They gave
1.69 deraadt 329: us complete documentation and sample code for their chips and a
330: sufficient number of cards to test with.
1.60 deraadt 331: <p>
1.74 deraadt 332: Post 2.8, this driver was also modified to generate random numbers on
333: the BCM5805 and similar versions, and feed that data into the kernel
334: entropy pool.
335: <p>
1.96 jason 336: Post 2.9, support was added for the BCM5820, which is mostly just a
337: faster (64bit, higher clock speed) version of the BCM5805. Untested
338: support for the BCM5821 was also added post 3.0.
1.100 jason 339: <p>
1.60 deraadt 340:
1.80 deraadt 341: <li><b><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ises&sektion=4">
1.88 brad 342: Securealink PCC-ISES</a></b><br>
343: The <a href="http://www.securealink.com/pcc-ises.html">PCC-ISES</a> is
344: a new chipset from the Netherlands. We have received sample hardware
345: and documentation, and work on a driver is in progress. At the moment,
346: the driver is capable of feeding random numbers into the kernel entropy
347: pool.
1.60 deraadt 348: <p>
349:
1.88 brad 350: <li><b>SafeNet SafeXcel 2141</b><br>
1.60 deraadt 351: We have received documentation and sample hardware for the
1.88 brad 352: <a href="http://www.safenet-inc.com/technology/chips/Chip2141.asp">SafeNet</a>
1.72 deraadt 353: crypto cards. Work to support at least the symmetric cryptography of
354: these devices has started.
1.57 deraadt 355: <p>
356:
1.80 deraadt 357: <li><b><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=txp&sektion=4">
358: 3com 3c990</a></b><br>
1.77 deraadt 359: 3com gave us a driver to support the ethernet component of this chipset,
1.79 ericj 360: and based on that, we have written our own ethernet driver. This driver
361: has now been integrated once we were able to get a free license on the
1.88 brad 362: microcode. We have also received the information needed for supporting
363: the cryptographic functions, which will require a little bit of IPsec
364: subsystem rearranging. Check back later..
1.69 deraadt 365: <p>
366:
1.87 brad 367: <li><b>Intel IPsec card</b><br>
1.77 deraadt 368: Much like Intel does for all their networking division components, and
1.93 deraadt 369: completely unlike most other vendors, Intel steadfastly refuses to provide
1.77 deraadt 370: us with documentation. We have talked to about five technical people who
371: are involved in the development of those products. They all want us to
372: have documentation. They commend us on what we have done. But their hands
373: are tied by management who does not perceive a benefit to themselves for
374: providing documentation. Forget about Intel. (If you want to buy gigabit
375: ethernet hardware, we recommend anything else... for the same reason:
376: most drivers we have for Intel networking hardware were written without
377: documentation).
1.52 deraadt 378: <p>
1.69 deraadt 379:
1.80 deraadt 380: <li><b><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pchb&sektion=4">
381: Intel 82802AB/82802AC Firmware Hub RNG</a></b><br>
1.74 deraadt 382: The 82802 FWH chip (found on i810, i820, i840, i850, and i860 motherboards)
1.87 brad 383: contains a random number generator (RNG). High-performance IPsec
1.74 deraadt 384: requires more random number entropy. As of April 10, 2000, we support
1.90 jsyn 385: the RNG. We will add support for other RNGs found on crypto chips.
1.69 deraadt 386: <p>
387:
1.52 deraadt 388: <li><b>OpenSSL</b><br>
389: We have grand schemes for supporting crypto cards that can do RSA or DSA,
390: and exporting the functions of all crypto cards to OpenSSL so that
1.88 brad 391: userland programs (i.e., <a href="http://www.openssh.com">ssh</a>,
1.52 deraadt 392: <a href="http://www.modssl.org/">apache https</a>, etc)
393: can benefit.
1.51 deraadt 394: </ul>
395:
396: <p>
1.69 deraadt 397: <b>If people wish to help with writing drivers,
398: <a href=#people>come and help us</a>.</b>
399:
400: <p>
1.32 deraadt 401: <a name=people></a>
1.42 deraadt 402: <h3><font color=#e00000>International Cryptographers Wanted</font></h3><p>
1.32 deraadt 403:
404: Of course, our project needs people to work on these systems. If any
405: non-American cryptographer who meets the constraints listed earlier is
406: interested in helping out with embedded cryptography in OpenBSD,
407: please contact us.<p>
408:
1.33 deraadt 409: <p>
410: <a name=papers></a>
1.42 deraadt 411: <h3><font color=#e00000>Further Reading</font></h3><p>
1.33 deraadt 412:
413: A number of papers have been written by OpenBSD team members, about
414: cryptographic changes they have done in OpenBSD. The postscript
1.34 deraadt 415: versions of these documents are available as follows.<p>
1.33 deraadt 416:
417: <ul>
1.43 deraadt 418: <li>A Future-Adaptable Password Scheme.<br>
1.49 deraadt 419: <a href=events.html#usenix99>Usenix 1999</a>,
1.71 jufi 420: by <a href=mailto:provos@openbsd.org>Niels Provos</a>,
1.43 deraadt 421: <a href=mailto:dm@openbsd.org>David Mazieres</a>.<br>
1.33 deraadt 422: <a href=papers/bcrypt-paper.ps>paper</a> and
423: <a href=papers/bcrypt-slides.ps>slides</a>.
1.43 deraadt 424: <p>
425: <li>Cryptography in OpenBSD: An Overview.<br>
1.49 deraadt 426: <a href=events.html#usenix99>Usenix 1999</a>,
1.43 deraadt 427: by <a href=mailto:deraadt@openbsd.org>Theo de Raadt</a>,
428: <a href=mailto:niklas@openbsd.org>Niklas Hallqvist</a>,
429: <a href=mailto:art@openbsd.org>Artur Grabowski</a>,
430: <a href=mailto:angelos@openbsd.org>Angelos D. Keromytis</a>,
431: <a href=mailto:provos@openbsd.org>Niels Provos</a>.<br>
1.33 deraadt 432: <a href=papers/crypt-paper.ps>paper</a> and
433: <a href=papers/crypt-slides.ps>slides</a>.
1.62 niklas 434: <p>
435: <li>Implementing Internet Key Exchange (IKE).<br>
436: <a href=events.html#usenix2000>Usenix 2000</a>,
437: by <a href=mailto:niklas@openbsd.org>Niklas Hallqvist</a> and
438: <a href=mailto:angelos@openbsd.org>Angelos D. Keromytis</a>.<br>
439: <a href=papers/ikepaper.ps>paper</a> and
440: <a href=papers/ikeslides.ps>slides</a>.
1.63 deraadt 441: <p>
442: <li>Encrypting Virtual Memory</a><br>
443: <a href=events.html#sec2000>Usenix Security 2000</a>,
444: <a href=mailto:provos@openbsd.org>Niels Provos</a>.<br>
1.64 provos 445: <a href=papers/swapencrypt.ps>paper</a> and
446: <a href=papers/swapencrypt-slides.ps>slides</a>.
1.33 deraadt 447: </ul>
448:
1.32 deraadt 449: <p>
1.1 deraadt 450: <hr>
1.75 wvdputte 451: <a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a>
1.10 deraadt 452: <a href=mailto:www@openbsd.org>www@openbsd.org</a>
453: <br>
1.105 ! jason 454: <small>$OpenBSD: crypto.html,v 1.104 2002/04/28 21:57:08 miod Exp $</small>
1.1 deraadt 455:
1.10 deraadt 456: </body>
457: </html>