Annotation of www/crypto.html, Revision 1.114
1.114 ! jufi 1: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
1.1 deraadt 2: <html>
3: <head>
1.114 ! jufi 4: <link rev="made" href="mailto:www@openbsd.org">
! 5: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
1.1 deraadt 6: <meta name="resource-type" content="document">
1.10 deraadt 7: <meta name="description" content="OpenBSD cryptography">
1.48 beck 8: <meta name="keywords" content="openbsd,cryptography,openssh,openssl,kerberos">
1.112 jason 9: <meta name="keywords" content="ipsec,isakmp,ike,blowfish,des,rsa,dsa">
1.1 deraadt 10: <meta name="distribution" content="global">
1.98 horacio 11: <meta name="copyright" content="This document copyright 1997-2002 by OpenBSD.">
1.114 ! jufi 12: <title>Cryptography in OpenBSD</title>
1.1 deraadt 13: </head>
14:
1.114 ! jufi 15: <body bgcolor="#ffffff" text="#000000" link="#23238e">
! 16: <img align="left" alt="[OpenBSD]" height="166" width="197" SRC="images/blowfish-notext.jpg">
1.45 deraadt 17: <br>
18: <br>
19: <br>
1.61 deraadt 20: "The mantra of any good security engineer is: "Security is not a
1.45 deraadt 21: product, but a process." It's more than designing strong cryptography
22: into a system; it's designing the entire system such that all security
23: measures, including cryptography, work together."<br>
24: <br>
25: -- Bruce Schneier, author of "Applied Cryptography".
1.114 ! jufi 26: <br clear="all">
! 27: <h2><font color="#e00000">Cryptography</font></h2>
! 28: <hr>
1.32 deraadt 29:
30: <strong>Index</strong><br>
1.114 ! jufi 31: <a href="#why">Why do we ship cryptography?</a>.<br>
! 32: <a href="#ssh">OpenSSH</a>.<br>
! 33: <a href="#prng">Pseudo Random Number Generators</a> (PRNG): ARC4, ...<br>
! 34: <a href="#hash">Cryptographic Hash Functions</a>: MD5, SHA1, ...<br>
! 35: <a href="#trans">Cryptographic Transforms</a>: DES, Blowfish, ...<br>
! 36: <a href="#hardware">Cryptographic Hardware support</a><br>
! 37: <a href="#people">International Cryptographers wanted</a><br>
! 38: <a href="#papers">Further Reading</a><br>
1.1 deraadt 39: <p>
1.32 deraadt 40: <hr>
41:
1.114 ! jufi 42: <a name="why"></a>
! 43: <h3><font color="#e00000">Why do we ship cryptography?</font></h3><p>
1.32 deraadt 44:
45: In three words: <strong>because we can</strong>.<p>
46:
1.1 deraadt 47: The OpenBSD project is based in Canada.<p>
48:
1.114 ! jufi 49: The <a href="ECL.html">Export Control List of Canada</a>
1.23 deraadt 50: places no significant restriction on the export of
1.5 deraadt 51: cryptographic software, and is even more explicit about the free
52: export of freely-available cryptographic software. Marc Plumb has
53: done
1.114 ! jufi 54: <a href="http://insight.mcmaster.ca/org/efc/pages/doc/crypto-export.html">
1.31 aaron 55: some research to test the cryptographic laws</a>.
1.2 deraadt 56: <p>
1.1 deraadt 57:
1.3 deraadt 58: Hence the OpenBSD project has embedded cryptography into numerous places
59: in the operating system. We require that the cryptographic software we
1.114 ! jufi 60: use be <a href="policy.html">freely available and with good licenses</a>.
1.32 deraadt 61: We do not directly use cryptography with nasty patents.
1.13 deraadt 62: We also require that such software is from countries with useful export
1.16 deraadt 63: licenses because we do not wish to break the laws of any country.
64: The cryptographic software components which we use currently were
65: written in Argentina, Australia, Canada, Germany, Greece, Norway, and
66: Sweden.
67: <p>
1.7 deraadt 68:
1.15 deraadt 69: When we create OpenBSD releases or snapshots we build our release
70: binaries in free countries to assure that the sources and binaries we
71: provide to users are free of tainting. In the past our release binary
72: builds have been done in Canada, Sweden, and Germany.<p>
73:
1.94 miod 74: OpenBSD ships with Kerberos IV and Kerberos V included. The two codebases
75: we use are the exportable KTH-based release from Sweden. Our X11 source
76: has been extended to make use of Kerberos as well.<p>
1.16 deraadt 77:
1.67 deraadt 78:
1.114 ! jufi 79: <img align="right" src="images/vpnc-test-partner.gif" alt="VPNC TEST PARTNER">
1.87 brad 80: OpenBSD was the first operating system to ship with an IPsec stack.
1.102 brad 81: We've been including IPsec since the OpenBSD 2.1 release in 1997.
1.87 brad 82: Our fully conformant in-kernel IPsec stack, with hardware acceleration
1.66 deraadt 83: based on a number of cards, and our own free ISAKMP daemon, is used as
1.87 brad 84: one of the machines in the IPsec conformance testbed run by
1.67 deraadt 85: <a href="http://www.vpnc.org">VPNC</a>.
1.114 ! jufi 86: <br clear="all">
1.66 deraadt 87: <p>
88:
1.15 deraadt 89: Today cryptography is an important means for enhancing the <a
1.114 ! jufi 90: href="security.html">security</a> of an operating system. The
1.42 deraadt 91: cryptography utilized in OpenBSD can be classified into various
92: aspects, described as follows.<p>
1.10 deraadt 93:
1.114 ! jufi 94: <a name="ssh"></a>
! 95: <h3><font color="#e00000">OpenSSH</font></h3><p>
1.39 louis 96:
1.40 deraadt 97: What is the first thing most people do after installing OpenBSD?
1.55 deraadt 98: They install Secure Shell
1.114 ! jufi 99: (<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>)
1.46 deraadt 100: from the ports tree or the packages on the FTP sites. Until now, that is.<p>
1.39 louis 101:
1.55 deraadt 102: As of the 2.6 release, OpenBSD contains
1.50 provos 103: <a href="http://www.openssh.com/">OpenSSH</a>, an absolutely free and
104: patent unencumbered version of ssh.
1.55 deraadt 105: As of the OpenBSD 2.6 release date,
106: <a href="http://www.openssh.com/">OpenSSH</a> interoperated with ssh
107: version 1 and had many added features,
1.47 provos 108: <ul>
109: <li>
1.88 brad 110: all components of a restrictive nature (i.e., patents, see
1.114 ! jufi 111: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&sektion=8">ssl(8)</a>)
1.55 deraadt 112: had been directly removed from the source code; any licensed or
113: patented components used external libraries.
1.47 provos 114: <li>
1.55 deraadt 115: had been updated to support ssh protocol 1.5.
1.47 provos 116: <li>
1.55 deraadt 117: contained added support for
1.114 ! jufi 118: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=kerberos&sektion=1">kerberos(1)</a>
1.47 provos 119: authentication and ticket passing.
120: <li>
1.55 deraadt 121: supported one-time password authentication with
1.114 ! jufi 122: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=skey&sektion=1">skey(1)</a>.
1.47 provos 123: </ul>
124: <p>
125:
1.93 deraadt 126: Roughly said, we took a free license release of ssh, OpenBSD-ifyed it.
127: About a year later, we extended OpenSSH to also do SSH 2 protocol, the
128: result being support for all 3 major SSH protocols: 1.3, 1.5, 2.0.
1.39 louis 129:
1.114 ! jufi 130: <a name="prng"></a>
! 131: <h3><font color="#e00000">Pseudo Random Number Generators</font></h3><p>
1.32 deraadt 132:
1.10 deraadt 133: A Pseudo Random Number Generator (PRNG) provides applications with a stream of
134: numbers which have certain important properties for system security:<p>
135:
136: <ul>
1.11 deraadt 137: <li>It should be impossible for an outsider to predict the output of the
138: random number generator even with knowledge of previous output.
139: <li>The generated numbers should not have repeating patterns which means
140: the PRNG should have a very long cycle length.
1.10 deraadt 141: </ul>
1.32 deraadt 142: <p>
1.10 deraadt 143:
1.13 deraadt 144: A PRNG is normally just an algorithm where the same initial starting
145: values will yield the same sequence of outputs. On a multiuser
146: operating system there are many sources which allow seeding the PRNG
147: with random data. The OpenBSD kernel uses the mouse interrupt timing,
148: network data interrupt latency, inter-keypress timing and disk IO
149: information to fill an entropy pool. Random numbers are available for
150: kernel routines and are exported via devices to userland programs.
1.36 deraadt 151: So far random numbers are used in the following places:<p>
1.13 deraadt 152:
1.10 deraadt 153: <ul>
1.14 deraadt 154: <li>Dynamic sin_port allocation in bind(2).
155: <li>PIDs of processes.
1.26 aaron 156: <li>IP datagram IDs.
1.14 deraadt 157: <li>RPC transaction IDs (XID).
158: <li>NFS RPC transaction IDs (XID).
159: <li>DNS Query-IDs.
160: <li>Inode generation numbers, see getfh(2) and fsirand(8).
1.31 aaron 161: <li>Timing perturbance in traceroute(8).
1.14 deraadt 162: <li>Stronger temporary names for mktemp(3) and mkstemp(3)
163: <li>Randomness added to the TCP ISS value for protection against
164: spoofing attacks.
1.87 brad 165: <li>random padding in IPsec esp_old packets.
1.14 deraadt 166: <li>To generate salts for the various password algorithms.
167: <li>For generating fake S/Key challenges.
1.114 ! jufi 168: <li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&sektion=8">isakmpd(8)</a>
1.28 angelos 169: to provide liveness proof of key exchanges.
1.10 deraadt 170: </ul>
1.1 deraadt 171:
1.10 deraadt 172: <p>
1.114 ! jufi 173: <a name="hash"></a>
! 174: <h3><font color="#e00000">Cryptographic Hash Functions</font></h3><p>
1.32 deraadt 175:
1.10 deraadt 176: A Hash Function compresses its input data to a string of
1.36 deraadt 177: constant size. For a Cryptographic Hash Function it is infeasible to find:
178:
1.1 deraadt 179: <ul>
1.11 deraadt 180: <li>two inputs which have the same output (collision resistant),
181: <li>a different input for a given input with the same output
182: (2nd preimage resistant).
1.1 deraadt 183: </ul>
1.32 deraadt 184: <p>
1.10 deraadt 185:
1.12 millert 186: In OpenBSD MD5, SHA1, and RIPEMD-160 are used as Cryptographic Hash Functions,
1.36 deraadt 187: e.g:<p>
1.10 deraadt 188: <ul>
1.114 ! jufi 189: <li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=skey&sektion=1">S/Key(1)</a>
1.27 deraadt 190: to provide one time passwords.
1.114 ! jufi 191: <li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ipsec&sektion=4">IPsec(4)</a>
1.27 deraadt 192: and
1.114 ! jufi 193: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&sektion=8">isakmpd(8)</a>
1.27 deraadt 194: to authenticate the data origin of packets and to ensure packet integrity.
195: <li>For FreeBSD-style MD5 passwords (not enabled by default), see
1.114 ! jufi 196: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=passwd.conf&sektion=5">
1.27 deraadt 197: passwd.conf(5)</a>
198: <li>For TCP SYN cookie support (not enabled by default), see
1.114 ! jufi 199: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=options&sektion=4">
1.27 deraadt 200: options(4)</a>
1.24 niklas 201: <li>In libssl for digital signing of messages.
1.10 deraadt 202: </ul>
1.32 deraadt 203: <p>
1.10 deraadt 204:
1.6 deraadt 205: <p>
1.71 jufi 206: <a name="trans"></a>
1.114 ! jufi 207: <h3><font color="#e00000">Cryptographic Transforms</font></h3><p>
1.32 deraadt 208:
1.11 deraadt 209: Cryptographic Transforms are used to encrypt and decrypt data. These
210: are normally used with an encryption key for data encryption and with
211: a decryption key for data decryption. The security of a Cryptographic
212: Transform should rely only on the keying material.<p>
1.6 deraadt 213:
1.24 niklas 214: OpenBSD provides transforms like DES, 3DES, Blowfish and Cast for the
1.36 deraadt 215: kernel and userland programs, which are used in many places like:<p>
1.10 deraadt 216: <ul>
1.27 deraadt 217: <li>In libc for creating
1.114 ! jufi 218: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=blf_key&sektion=3">Blowfish</a>
1.71 jufi 219: passwords. See also the <a href="papers/bcrypt-paper.ps">USENIX paper</a>
1.33 deraadt 220: on this topic.
1.27 deraadt 221: <li>In
1.114 ! jufi 222: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ipsec&sektion=4">IPsec(4)</a>
1.27 deraadt 223: to provide confidentiality for the network layer.
224: <li>In Kerberos and a handful of kerberized applications, like
1.114 ! jufi 225: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=telnet&sektion=1">telnet(1)</a>,
! 226: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1">cvs(1)</a>,
! 227: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rsh&sektion=1">rsh(1)</a>,
! 228: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rcp&sektion=1">rcp(1)</a>,
1.27 deraadt 229: and
1.114 ! jufi 230: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rlogin&sektion=1&manpath=OpenBSD+3.1">rlogin(1)</a>.
! 231: <li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&sektion=8">isakmpd(8)</a>
1.87 brad 232: to protect the exchanges where IPsec key material is negotiated.
1.24 niklas 233: <li>In AFS to protect the messages passing over the network, providing
1.27 deraadt 234: confidentiality of remote filesystem access.
1.24 niklas 235: <li>In libssl to let applications communicate over the de-facto standard
236: cryptographically secure SSL protocol.
1.10 deraadt 237: </ul>
1.1 deraadt 238:
1.10 deraadt 239: <p>
1.114 ! jufi 240: <a name="hardware"></a>
! 241: <h3><font color="#e00000">Cryptographic Hardware Support</font></h3><p>
1.51 deraadt 242:
1.58 louis 243: OpenBSD, starting with 2.7, has begun supporting some cryptography hardware
244: such as accelerators and random number generators.
1.51 deraadt 245: <ul>
1.114 ! jufi 246: <li><b><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=crypto&sektion=9">
1.92 jason 247: IPsec crypto dequeue</a></b><br>
1.87 brad 248: Our IPsec stack has been modified so that cryptographic functions get
249: done out-of-line. Most simple software IPsec stacks need to do
1.82 pvalchev 250: cryptography when processing each packet. This results in synchronous
1.73 aaron 251: performance. To use hardware properly and speedily one needs to separate
1.51 deraadt 252: these two components, as we have done. Actually, doing this gains some
253: performance even for the software case.
254: <p>
1.114 ! jufi 255: <li><b><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=hifn&sektion=4">
1.88 brad 256: Hifn 7751</a></b><br>
257: Cards using the Hifn 7751 can be used as a symmetric cryptographic
1.101 deraadt 258: accelerator, i.e., the
259: <a href="http://www.soekris.com/vpn1201.htm">Soekris VPN1201 or VPN1211</a>
260: (<a href="http://www.soekris.com/how_to_buy.htm">to buy</a>)
261: or
262: <a href="http://www.powercrypt.com">PowerCrypt</a>.
1.51 deraadt 263: Current performance using a single Hifn 7751 on each end of a tunnel
1.88 brad 264: is 64Mbit/sec for 3DES/SHA1 ESP, nearly a 600% improvement over
265: using a P3/550 CPU. Further improvements are under way to resolve a
1.51 deraadt 266: few more issues, but as of April 13, 2000 the code is considered
1.53 deraadt 267: stable. We wrote our own driver for supporting this chip, rather
268: than using the (USA-written)
1.88 brad 269: <a href="http://www.powercrypt.com">PowerCrypt</a> driver, as well
1.87 brad 270: our driver links in properly to the IPsec stack.
1.53 deraadt 271: The 7751 is now considered slow by industry standards and many vendors
1.88 brad 272: have faster chips (even Hifn now has a faster but more expensive
1.89 jufi 273: chip). Peak performance with 3DES SHA1 ESP is around 64Mbit/sec.
1.60 deraadt 274: <p>
1.97 jason 275: After 2.9 shipped, support was added for the Hifn 7951 chip, a
276: simplified version of the 7751 which adds a public key accelerator
277: (unsupported) and a random number generator (supported). Cards
278: were donated by <a href="http://www.soekris.com/">Soekris Engineering</a>.
279: <p>
280: After 3.0 shipped, support was added for the Hifn 7811 chip, a
281: faster version of the 7751 (around 130Mbit/s) with a random number
282: generator. A card was donated by <a href="http://www.gtgi.com/">GTGI</a>.
283: <p>
1.88 brad 284: (As an aside, Hifn was a difficult company to deal with; they even
1.60 deraadt 285: threatened to sue us over our non-USA reverse engineering of their
286: crypto unlock algorithm).
1.53 deraadt 287: <p>
1.69 deraadt 288:
1.114 ! jufi 289: <li><b><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=lofn&sektion=4">
1.92 jason 290: Hifn 6500</a></b><br>
1.86 brad 291: This device is an asymmetric crypto unit. It has support for RSA, DSA,
1.69 deraadt 292: and DH algorithms, as well as other major big number functions. It also
293: contains a very high performance random number generator. We have one
1.107 deraadt 294: device, full documentation, and sample code. As of OpenBSD 3.1,
1.105 jason 295: both the random number generator and big number unit are working.
296: <p>
297:
1.114 ! jufi 298: <li><b><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=nofn&sektion=4">
1.105 jason 299: Hifn 7814/7851/7854</a></b><br>
300: This device is a packet processor and asymmetric crypto unit. It has
301: support for RSA, DSA, and DH algorithms, as well as other major big number
302: functions and also has a random number generator. Currently, only the
303: big number engine and the random number generator are supported (no
304: packet transforms).
1.69 deraadt 305: <p>
306:
1.114 ! jufi 307: <li><b><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ubsec&sektion=4">
1.108 jason 308: Broadcom BCM5801/BCM5802/BCM5805/BCM5820/BCM5821/BCM5822
1.105 jason 309: (or beta chip Bluesteelnet 5501/5601)</a></b><br>
1.65 deraadt 310: Just after the OpenBSD 2.7 release, we succeeded at adding preliminary
311: support for these early release parts provided to us by the vendor,
1.76 deraadt 312: specifically starting with the test chip 5501.
1.69 deraadt 313: These devices provide the highest performance symmetric cryptography
314: we have seen.
315: <p>
1.59 deraadt 316: Bluesteelnet was bought by Broadcom and started making real parts.
1.84 pvalchev 317: Their new BCM5805 is similar, except that they also add an asymmetric
1.65 deraadt 318: engine for running DSA, RSA, and other such algorithms. With approximate
1.88 brad 319: performance starting at more than four times as fast as the Hifn,
1.65 deraadt 320: hopefully this chip will become more common soon.
1.60 deraadt 321: <p>
322: The Broadcom/Bluesteelnet people have been great to deal with. They gave
1.69 deraadt 323: us complete documentation and sample code for their chips and a
324: sufficient number of cards to test with.
1.60 deraadt 325: <p>
1.74 deraadt 326: Post 2.8, this driver was also modified to generate random numbers on
327: the BCM5805 and similar versions, and feed that data into the kernel
328: entropy pool.
329: <p>
1.96 jason 330: Post 2.9, support was added for the BCM5820, which is mostly just a
331: faster (64bit, higher clock speed) version of the BCM5805. Untested
332: support for the BCM5821 was also added post 3.0.
1.100 jason 333: <p>
1.111 jufi 334: As of 3.1, the big num engine is supported, and RSA/DH/DSA operations
1.107 deraadt 335: can be accelerated.
336: <p>
1.108 jason 337: Support for the BCM5801, BCM5802, BCM5821 and BCM5822 was added before
1.109 jason 338: OpenBSD 3.2 (the untested BCM5821 support in 3.1 was broken because of
339: some undocumented interrupt handling requirements).
1.108 jason 340: <p>
1.60 deraadt 341:
1.114 ! jufi 342: <li><b><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ises&sektion=4">
1.88 brad 343: Securealink PCC-ISES</a></b><br>
1.114 ! jufi 344: The <a href="http://www.securealink.com/pcc-ises.html">PCC-ISES</a> is
1.88 brad 345: a new chipset from the Netherlands. We have received sample hardware
346: and documentation, and work on a driver is in progress. At the moment,
347: the driver is capable of feeding random numbers into the kernel entropy
348: pool.
1.60 deraadt 349: <p>
350:
1.88 brad 351: <li><b>SafeNet SafeXcel 2141</b><br>
1.60 deraadt 352: We have received documentation and sample hardware for the
1.114 ! jufi 353: <a href="http://www.safenet-inc.com/technology/chips/Chip2141.asp">SafeNet</a>
1.72 deraadt 354: crypto cards. Work to support at least the symmetric cryptography of
355: these devices has started.
1.57 deraadt 356: <p>
357:
1.114 ! jufi 358: <li><b><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=txp&sektion=4">
1.110 jason 359: 3com 3cr990</a></b><br>
1.77 deraadt 360: 3com gave us a driver to support the ethernet component of this chipset,
1.79 ericj 361: and based on that, we have written our own ethernet driver. This driver
362: has now been integrated once we were able to get a free license on the
1.110 jason 363: microcode. Due to poor documentation and lack of cooperation (partly
364: because of the high turnover rates at 3Com), the IPsec functions of the
365: chip are not supported.... so this turned out to be a less than completely
366: useful exercise.
1.69 deraadt 367: <p>
368:
1.87 brad 369: <li><b>Intel IPsec card</b><br>
1.77 deraadt 370: Much like Intel does for all their networking division components, and
1.93 deraadt 371: completely unlike most other vendors, Intel steadfastly refuses to provide
1.77 deraadt 372: us with documentation. We have talked to about five technical people who
373: are involved in the development of those products. They all want us to
374: have documentation. They commend us on what we have done. But their hands
375: are tied by management who does not perceive a benefit to themselves for
376: providing documentation. Forget about Intel. (If you want to buy gigabit
377: ethernet hardware, we recommend anything else... for the same reason:
378: most drivers we have for Intel networking hardware were written without
379: documentation).
1.52 deraadt 380: <p>
1.69 deraadt 381:
1.114 ! jufi 382: <li><b><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pchb&sektion=4">
1.80 deraadt 383: Intel 82802AB/82802AC Firmware Hub RNG</a></b><br>
1.74 deraadt 384: The 82802 FWH chip (found on i810, i820, i840, i850, and i860 motherboards)
1.87 brad 385: contains a random number generator (RNG). High-performance IPsec
1.74 deraadt 386: requires more random number entropy. As of April 10, 2000, we support
1.90 jsyn 387: the RNG. We will add support for other RNGs found on crypto chips.
1.69 deraadt 388: <p>
389:
1.52 deraadt 390: <li><b>OpenSSL</b><br>
1.107 deraadt 391: Years ago, we had a grand scheme to support crypto cards that can do
392: RSA/DH/DSA automatically via OpenSSL calls. As of OpenBSD 3.2, that
393: support works, and any card that is supported with such functionality
394: will automatically use the hardware, including OpenSSH and httpd in
395: SSL mode. No application changes are required.
1.51 deraadt 396: </ul>
397:
398: <p>
1.69 deraadt 399: <b>If people wish to help with writing drivers,
1.114 ! jufi 400: <a href="#people">come and help us</a>.</b>
1.69 deraadt 401:
402: <p>
1.114 ! jufi 403: <a name="people"></a>
! 404: <h3><font color="#e00000">International Cryptographers Wanted</font></h3><p>
1.32 deraadt 405:
406: Of course, our project needs people to work on these systems. If any
407: non-American cryptographer who meets the constraints listed earlier is
408: interested in helping out with embedded cryptography in OpenBSD,
409: please contact us.<p>
410:
1.33 deraadt 411: <p>
1.114 ! jufi 412: <a name="papers"></a>
! 413: <h3><font color="#e00000">Further Reading</font></h3><p>
1.33 deraadt 414:
415: A number of papers have been written by OpenBSD team members, about
416: cryptographic changes they have done in OpenBSD. The postscript
1.34 deraadt 417: versions of these documents are available as follows.<p>
1.33 deraadt 418:
419: <ul>
1.43 deraadt 420: <li>A Future-Adaptable Password Scheme.<br>
1.114 ! jufi 421: <a href="events.html#usenix99">Usenix 1999</a>,
! 422: by <a href="mailto:provos@openbsd.org">Niels Provos</a>,
! 423: <a href="mailto:dm@openbsd.org">David Mazieres</a>.<br>
! 424: <a href="papers/bcrypt-paper.ps">paper</a> and
! 425: <a href="papers/bcrypt-slides.ps">slides</a>.
1.43 deraadt 426: <p>
427: <li>Cryptography in OpenBSD: An Overview.<br>
1.114 ! jufi 428: <a href="events.html#usenix99">Usenix 1999</a>,
! 429: by <a href="mailto:deraadt@openbsd.org">Theo de Raadt</a>,
! 430: <a href="mailto:niklas@openbsd.org">Niklas Hallqvist</a>,
! 431: <a href="mailto:art@openbsd.org">Artur Grabowski</a>,
! 432: <a href="mailto:angelos@openbsd.org">Angelos D. Keromytis</a>,
! 433: <a href="mailto:provos@openbsd.org">Niels Provos</a>.<br>
! 434: <a href="papers/crypt-paper.ps">paper</a> and
! 435: <a href="papers/crypt-slides.ps">slides</a>.
1.62 niklas 436: <p>
437: <li>Implementing Internet Key Exchange (IKE).<br>
1.114 ! jufi 438: <a href="events.html#usenix2000">Usenix 2000</a>,
! 439: by <a href="mailto:niklas@openbsd.org">Niklas Hallqvist</a> and
! 440: <a href="mailto:angelos@openbsd.org">Angelos D. Keromytis</a>.<br>
! 441: <a href="papers/ikepaper.ps">paper</a> and
! 442: <a href="papers/ikeslides.ps">slides</a>.
! 443: <p>
! 444: <li>Encrypting Virtual Memory.<br>
! 445: <a href="events.html#sec2000">Usenix Security 2000</a>,
! 446: <a href="mailto:provos@openbsd.org">Niels Provos</a>.<br>
! 447: <a href="papers/swapencrypt.ps">paper</a> and
! 448: <a href="papers/swapencrypt-slides.ps">slides</a>.
1.33 deraadt 449: </ul>
450:
1.32 deraadt 451: <p>
1.1 deraadt 452: <hr>
1.114 ! jufi 453: <a href="index.html"><img height="24" width="24" src="back.gif" border="0" alt="OpenBSD"></a>
! 454: <a href="mailto:www@openbsd.org">www@openbsd.org</a>
1.10 deraadt 455: <br>
1.113 deraadt 456: <small>$OpenBSD: crypto.html,v 1.112 2002/09/24 23:16:31 jason Exp $</small>
1.1 deraadt 457:
1.10 deraadt 458: </body>
459: </html>
![[BACK]](/icons/back.gif){kind=icon}
Return to crypto.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www