Annotation of www/crypto.html, Revision 1.15
1.10 deraadt 1: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML Strict Level 2//EN//2.0">
1.1 deraadt 2: <html>
3: <head>
1.10 deraadt 4: <title>Cryptography in OpenBSD</title>
1.1 deraadt 5: <link rev=made href=mailto:www@openbsd.org>
6: <meta name="resource-type" content="document">
1.10 deraadt 7: <meta name="description" content="OpenBSD cryptography">
8: <meta name="keywords" content="openbsd,cryptography">
1.1 deraadt 9: <meta name="distribution" content="global">
10: <meta name="copyright" content="This document copyright 1997 by OpenBSD.">
11: </head>
12:
13: <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E">
14:
15: <img alt="[OpenBSD]" SRC="/images/smalltitle.gif">
16:
17: <p>
18: <h3><font color=#e00000><strong>OpenBSD Cryptography</strong></font></h3>
19: The OpenBSD project is based in Canada.<p>
20:
1.2 deraadt 21: The <a href=http://axion.physics.ubc.ca/ECL.html>Export Control
1.3 deraadt 22: List of Canada</a> places no significant restriction on the export of
1.5 deraadt 23: cryptographic software, and is even more explicit about the free
24: export of freely-available cryptographic software. Marc Plumb has
25: done
1.2 deraadt 26: <a href=http://insight.mcmaster.ca/org/efc/pages/doc/crypto-export.html>
1.5 deraadt 27: some research to test the cryptographic laws.</a>
1.2 deraadt 28: <p>
1.1 deraadt 29:
1.3 deraadt 30: Hence the OpenBSD project has embedded cryptography into numerous places
31: in the operating system. We require that the cryptographic software we
32: use be <a href=policy.html>freely available and with good licenses</a>.
1.4 deraadt 33: We do not use cryptography with nasty patents.
1.13 deraadt 34: We also require that such software is from countries with useful export
1.7 deraadt 35: licenses because we do not wish to break the laws of any country.<p>
36:
1.15 ! deraadt 37: When we create OpenBSD releases or snapshots we build our release
! 38: binaries in free countries to assure that the sources and binaries we
! 39: provide to users are free of tainting. In the past our release binary
! 40: builds have been done in Canada, Sweden, and Germany.<p>
! 41:
! 42: Today cryptography is an important means for enhancing the <a
! 43: href=security.html>security</a> of an operating system. The
! 44: cryptography utilized in OpenBSD can be classified into three
! 45: different aspects:<p>
1.10 deraadt 46:
47: <ul>
1.11 deraadt 48: <li><a href=#prng>Pseudo Random Number Generators</a> (PRNG): ARC4, ...
49: <li><a href=#hash>Cryptographic Hash Functions</a>: MD5, SHA1, ...
50: <li><a href=#trans>Cryptographic Transforms</a>: DES, Blowfish, ...
1.10 deraadt 51: </ul>
52:
53: <p>
54: <a name=prng>
55: <h3><font color=#e00000><strong>Pseudo Random Number Generators</strong></font></h3>
56: A Pseudo Random Number Generator (PRNG) provides applications with a stream of
57: numbers which have certain important properties for system security:<p>
58:
59: <ul>
1.11 deraadt 60: <li>It should be impossible for an outsider to predict the output of the
61: random number generator even with knowledge of previous output.
62: <li>The generated numbers should not have repeating patterns which means
63: the PRNG should have a very long cycle length.
1.10 deraadt 64: </ul>
65:
1.13 deraadt 66: A PRNG is normally just an algorithm where the same initial starting
67: values will yield the same sequence of outputs. On a multiuser
68: operating system there are many sources which allow seeding the PRNG
69: with random data. The OpenBSD kernel uses the mouse interrupt timing,
70: network data interrupt latency, inter-keypress timing and disk IO
71: information to fill an entropy pool. Random numbers are available for
72: kernel routines and are exported via devices to userland programs.
73: So far random numbers are used in the following places<p>
74:
1.10 deraadt 75: <ul>
1.14 deraadt 76: <li>Dynamic sin_port allocation in bind(2).
77: <li>PIDs of processes.
78: <li>RPC transaction IDs (XID).
79: <li>NFS RPC transaction IDs (XID).
80: <li>DNS Query-IDs.
81: <li>Inode generation numbers, see getfh(2) and fsirand(8).
82: <li>Timing perturbance in traceroute(1).
83: <li>Stronger temporary names for mktemp(3) and mkstemp(3)
84: <li>Randomness added to the TCP ISS value for protection against
85: spoofing attacks.
86: <li>To generate salts for the various password algorithms.
87: <li>For generating fake S/Key challenges.
1.10 deraadt 88: </ul>
1.1 deraadt 89:
1.10 deraadt 90: <p>
91: <a name=hash>
92: <h3><font color=#e00000><strong>Cryptographic Hash Functions</strong></font></h3>
93: A Hash Function compresses its input data to a string of
94: constant size. For a Cryptographic Hash Function it is infeasible to find
1.1 deraadt 95: <ul>
1.11 deraadt 96: <li>two inputs which have the same output (collision resistant),
97: <li>a different input for a given input with the same output
98: (2nd preimage resistant).
1.1 deraadt 99: </ul>
1.10 deraadt 100:
1.12 millert 101: In OpenBSD MD5, SHA1, and RIPEMD-160 are used as Cryptographic Hash Functions,
102: e.g.
1.10 deraadt 103: <ul>
1.14 deraadt 104: <li>In S/Key support to provide one time passwords.
105: <li>In <a href=http://wserver.physnet.uni-hamburg.de/provos/photuris/>
1.10 deraadt 106: IPSec or Photuris</a> to authenticate the data origin of packets
107: and to ensure packet integrity.
1.14 deraadt 108: <li>For FreeBSD-style MD5 passwords (not enabled by default).
109: <li>For TCP SYN cookie support (not enabled by default).
1.10 deraadt 110: </ul>
111:
1.6 deraadt 112: <p>
1.10 deraadt 113: <a name=trans>
114: <h3><font color=#e00000><strong>Cryptographic Transforms</strong></font></h3>
1.11 deraadt 115: Cryptographic Transforms are used to encrypt and decrypt data. These
116: are normally used with an encryption key for data encryption and with
117: a decryption key for data decryption. The security of a Cryptographic
118: Transform should rely only on the keying material.<p>
1.6 deraadt 119:
1.11 deraadt 120: OpenBSD provides transforms like DES and Blowfish for the kernel and userland
121: programs, which are used in many places like
1.10 deraadt 122: <ul>
1.14 deraadt 123: <li>In libc for creating Blowfish passwords.
124: <li>In <a href=http://wserver.physnet.uni-hamburg.de/provos/photuris/>IPSec</a>
125: to provide confidentiality for the network layer.
126: <li>In kerberized telnet.
127: <li>In Photuris to protect the exchanged packet content.
1.10 deraadt 128: </ul>
1.1 deraadt 129:
1.10 deraadt 130: <p>
1.1 deraadt 131: <hr>
1.10 deraadt 132: <a href=/index.html><img src=/back.gif border=0 alt=OpenBSD></a>
133: <a href=mailto:www@openbsd.org>www@openbsd.org</a>
134: <br>
1.15 ! deraadt 135: <small>$OpenBSD: crypto.html,v 1.14 1998/02/24 00:26:51 deraadt Exp $</small>
1.1 deraadt 136:
1.10 deraadt 137: </body>
138: </html>