Annotation of www/crypto.html, Revision 1.142
1.114 jufi 1: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
1.1 deraadt 2: <html>
3: <head>
1.114 jufi 4: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
1.1 deraadt 5: <meta name="resource-type" content="document">
1.10 deraadt 6: <meta name="description" content="OpenBSD cryptography">
1.48 beck 7: <meta name="keywords" content="openbsd,cryptography,openssh,openssl,kerberos">
1.112 jason 8: <meta name="keywords" content="ipsec,isakmp,ike,blowfish,des,rsa,dsa">
1.1 deraadt 9: <meta name="distribution" content="global">
1.130 deraadt 10: <meta name="copyright" content="This document copyright 1997-2006 by OpenBSD.">
1.114 jufi 11: <title>Cryptography in OpenBSD</title>
1.1 deraadt 12: </head>
13:
1.114 jufi 14: <body bgcolor="#ffffff" text="#000000" link="#23238e">
1.138 jcs 15: <a href="index.html"><img alt="[OpenBSD]" height="30" width="141" src="images/smalltitle.gif" border="0"></a>
16: <p>
17: <h2><font color="#e00000">Cryptography</font></h2>
18: <hr>
19:
1.114 jufi 20: <a name="why"></a>
21: <h3><font color="#e00000">Why do we ship cryptography?</font></h3><p>
1.32 deraadt 22:
23: In three words: <strong>because we can</strong>.<p>
24:
1.1 deraadt 25: The OpenBSD project is based in Canada.<p>
26:
1.114 jufi 27: The <a href="ECL.html">Export Control List of Canada</a>
1.23 deraadt 28: places no significant restriction on the export of
1.5 deraadt 29: cryptographic software, and is even more explicit about the free
30: export of freely-available cryptographic software. Marc Plumb has
31: done
1.116 nick 32: <a href="http://www.efc.ca/pages/doc/crypto-export.html">
1.31 aaron 33: some research to test the cryptographic laws</a>.
1.2 deraadt 34: <p>
1.1 deraadt 35:
1.3 deraadt 36: Hence the OpenBSD project has embedded cryptography into numerous places
37: in the operating system. We require that the cryptographic software we
1.114 jufi 38: use be <a href="policy.html">freely available and with good licenses</a>.
1.32 deraadt 39: We do not directly use cryptography with nasty patents.
1.13 deraadt 40: We also require that such software is from countries with useful export
1.16 deraadt 41: licenses because we do not wish to break the laws of any country.
42: <p>
1.7 deraadt 43:
1.87 brad 44: OpenBSD was the first operating system to ship with an IPsec stack.
1.102 brad 45: We've been including IPsec since the OpenBSD 2.1 release in 1997.
1.66 deraadt 46: <p>
47:
1.140 deraadt 48: Today cryptography is an important means for enhancing the
49: <a href="security.html">security</a> of an operating system. The
1.42 deraadt 50: cryptography utilized in OpenBSD can be classified into various
1.140 deraadt 51: aspects, described as follows.
52: <p>
1.10 deraadt 53:
1.114 jufi 54: <a name="ssh"></a>
55: <h3><font color="#e00000">OpenSSH</font></h3><p>
1.39 louis 56:
1.55 deraadt 57: As of the 2.6 release, OpenBSD contains
1.50 provos 58: <a href="http://www.openssh.com/">OpenSSH</a>, an absolutely free and
1.128 david 59: patent unencumbered version of ssh.
1.55 deraadt 60: <a href="http://www.openssh.com/">OpenSSH</a> interoperated with ssh
61: version 1 and had many added features,
1.47 provos 62: <ul>
63: <li>
1.88 brad 64: all components of a restrictive nature (i.e., patents, see
1.114 jufi 65: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&sektion=8">ssl(8)</a>)
1.55 deraadt 66: had been directly removed from the source code; any licensed or
67: patented components used external libraries.
1.47 provos 68: <li>
1.55 deraadt 69: had been updated to support ssh protocol 1.5.
1.47 provos 70: <li>
1.55 deraadt 71: supported one-time password authentication with
1.114 jufi 72: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=skey&sektion=1">skey(1)</a>.
1.47 provos 73: </ul>
74: <p>
75:
1.93 deraadt 76: Roughly said, we took a free license release of ssh, OpenBSD-ifyed it.
77: About a year later, we extended OpenSSH to also do SSH 2 protocol, the
78: result being support for all 3 major SSH protocols: 1.3, 1.5, 2.0.
1.39 louis 79:
1.114 jufi 80: <a name="prng"></a>
81: <h3><font color="#e00000">Pseudo Random Number Generators</font></h3><p>
1.32 deraadt 82:
1.128 david 83: A Pseudo Random Number Generator (PRNG) provides applications with a stream of
1.10 deraadt 84: numbers which have certain important properties for system security:<p>
85:
86: <ul>
1.11 deraadt 87: <li>It should be impossible for an outsider to predict the output of the
88: random number generator even with knowledge of previous output.
89: <li>The generated numbers should not have repeating patterns which means
90: the PRNG should have a very long cycle length.
1.10 deraadt 91: </ul>
1.32 deraadt 92: <p>
1.10 deraadt 93:
1.13 deraadt 94: A PRNG is normally just an algorithm where the same initial starting
95: values will yield the same sequence of outputs. On a multiuser
96: operating system there are many sources which allow seeding the PRNG
97: with random data. The OpenBSD kernel uses the mouse interrupt timing,
98: network data interrupt latency, inter-keypress timing and disk IO
99: information to fill an entropy pool. Random numbers are available for
100: kernel routines and are exported via devices to userland programs.
1.1 deraadt 101:
1.10 deraadt 102: <p>
1.114 jufi 103: <a name="hash"></a>
104: <h3><font color="#e00000">Cryptographic Hash Functions</font></h3><p>
1.32 deraadt 105:
1.10 deraadt 106: A Hash Function compresses its input data to a string of
1.36 deraadt 107: constant size. For a Cryptographic Hash Function it is infeasible to find:
108:
1.1 deraadt 109: <ul>
1.11 deraadt 110: <li>two inputs which have the same output (collision resistant),
111: <li>a different input for a given input with the same output
112: (2nd preimage resistant).
1.1 deraadt 113: </ul>
1.32 deraadt 114: <p>
1.10 deraadt 115:
1.6 deraadt 116: <p>
1.71 jufi 117: <a name="trans"></a>
1.114 jufi 118: <h3><font color="#e00000">Cryptographic Transforms</font></h3><p>
1.32 deraadt 119:
1.11 deraadt 120: Cryptographic Transforms are used to encrypt and decrypt data. These
121: are normally used with an encryption key for data encryption and with
122: a decryption key for data decryption. The security of a Cryptographic
123: Transform should rely only on the keying material.<p>
1.69 deraadt 124:
125: <p>
1.114 jufi 126: <a name="people"></a>
127: <h3><font color="#e00000">International Cryptographers Wanted</font></h3><p>
1.32 deraadt 128:
129: Of course, our project needs people to work on these systems. If any
130: non-American cryptographer who meets the constraints listed earlier is
131: interested in helping out with embedded cryptography in OpenBSD,
132: please contact us.<p>
133:
1.33 deraadt 134: <p>
1.114 jufi 135: <a name="papers"></a>
136: <h3><font color="#e00000">Further Reading</font></h3><p>
1.33 deraadt 137:
138: A number of papers have been written by OpenBSD team members, about
139: cryptographic changes they have done in OpenBSD. The postscript
1.34 deraadt 140: versions of these documents are available as follows.<p>
1.33 deraadt 141:
142: <ul>
1.43 deraadt 143: <li>A Future-Adaptable Password Scheme.<br>
1.114 jufi 144: <a href="events.html#usenix99">Usenix 1999</a>,
145: by <a href="mailto:provos@openbsd.org">Niels Provos</a>,
146: <a href="mailto:dm@openbsd.org">David Mazieres</a>.<br>
147: <a href="papers/bcrypt-paper.ps">paper</a> and
148: <a href="papers/bcrypt-slides.ps">slides</a>.
1.43 deraadt 149: <p>
150: <li>Cryptography in OpenBSD: An Overview.<br>
1.114 jufi 151: <a href="events.html#usenix99">Usenix 1999</a>,
152: by <a href="mailto:deraadt@openbsd.org">Theo de Raadt</a>,
153: <a href="mailto:niklas@openbsd.org">Niklas Hallqvist</a>,
154: <a href="mailto:art@openbsd.org">Artur Grabowski</a>,
155: <a href="mailto:angelos@openbsd.org">Angelos D. Keromytis</a>,
156: <a href="mailto:provos@openbsd.org">Niels Provos</a>.<br>
157: <a href="papers/crypt-paper.ps">paper</a> and
158: <a href="papers/crypt-slides.ps">slides</a>.
1.62 niklas 159: <p>
160: <li>Implementing Internet Key Exchange (IKE).<br>
1.114 jufi 161: <a href="events.html#usenix2000">Usenix 2000</a>,
162: by <a href="mailto:niklas@openbsd.org">Niklas Hallqvist</a> and
163: <a href="mailto:angelos@openbsd.org">Angelos D. Keromytis</a>.<br>
164: <a href="papers/ikepaper.ps">paper</a> and
165: <a href="papers/ikeslides.ps">slides</a>.
166: <p>
167: <li>Encrypting Virtual Memory.<br>
168: <a href="events.html#sec2000">Usenix Security 2000</a>,
169: <a href="mailto:provos@openbsd.org">Niels Provos</a>.<br>
1.128 david 170: <a href="papers/swapencrypt.ps">paper</a> and
1.114 jufi 171: <a href="papers/swapencrypt-slides.ps">slides</a>.
1.121 jason 172: <p>
173: <li>The Design of the OpenBSD Cryptographic Framework.<br>
174: <a href="events.html#usenix2003">Usenix 2003</a>, by
175: <a href="mailto:angelos@openbsd.org">Angelos D. Keromytis</a>,
176: <a href="mailto:jason@openbsd.org">Jason L. Wright</a>, and
177: <a href="mailto:deraadt@openbsd.org">Theo de Raadt</a>.<br>
178: <a href="papers/ocf.pdf">paper</a>.
1.133 steven 179: <p>
1.132 jason 180: <li>Cryptography As an Operating System Service: A Case Study.<br>
1.133 steven 181: <a href="http://www.acm.org/tocs/">ACM Transactions on Computer Systems</a>,
1.132 jason 182: February 2006, by
183: <a href="mailto:angelos@openbsd.org">Angelos D. Keromytis</a>,
184: <a href="mailto:jason@openbsd.org">Jason L. Wright</a>, and
185: <a href="mailto:deraadt@openbsd.org">Theo de Raadt</a>.<br>
186: <a href="papers/crypt-service.pdf">paper</a>.
1.33 deraadt 187: </ul>
1.1 deraadt 188:
1.10 deraadt 189: </body>
190: </html>