Annotation of www/crypto.html, Revision 1.28
1.10 deraadt 1: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML Strict Level 2//EN//2.0">
1.1 deraadt 2: <html>
3: <head>
1.10 deraadt 4: <title>Cryptography in OpenBSD</title>
1.1 deraadt 5: <link rev=made href=mailto:www@openbsd.org>
6: <meta name="resource-type" content="document">
1.10 deraadt 7: <meta name="description" content="OpenBSD cryptography">
8: <meta name="keywords" content="openbsd,cryptography">
1.1 deraadt 9: <meta name="distribution" content="global">
10: <meta name="copyright" content="This document copyright 1997 by OpenBSD.">
11: </head>
12:
13: <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E">
14:
1.22 deraadt 15: <img alt="[OpenBSD]" height=200 width=200 SRC="images/blowfish.jpg">
1.1 deraadt 16:
17: <p>
18: <h3><font color=#e00000><strong>OpenBSD Cryptography</strong></font></h3>
19: The OpenBSD project is based in Canada.<p>
20:
1.23 deraadt 21: The <a href=ECL.html>Export Control List of Canada</a>
22: places no significant restriction on the export of
1.5 deraadt 23: cryptographic software, and is even more explicit about the free
24: export of freely-available cryptographic software. Marc Plumb has
25: done
1.2 deraadt 26: <a href=http://insight.mcmaster.ca/org/efc/pages/doc/crypto-export.html>
1.5 deraadt 27: some research to test the cryptographic laws.</a>
1.2 deraadt 28: <p>
1.1 deraadt 29:
1.3 deraadt 30: Hence the OpenBSD project has embedded cryptography into numerous places
31: in the operating system. We require that the cryptographic software we
32: use be <a href=policy.html>freely available and with good licenses</a>.
1.4 deraadt 33: We do not use cryptography with nasty patents.
1.13 deraadt 34: We also require that such software is from countries with useful export
1.16 deraadt 35: licenses because we do not wish to break the laws of any country.
36: The cryptographic software components which we use currently were
37: written in Argentina, Australia, Canada, Germany, Greece, Norway, and
38: Sweden.
39: <p>
1.7 deraadt 40:
1.15 deraadt 41: When we create OpenBSD releases or snapshots we build our release
42: binaries in free countries to assure that the sources and binaries we
43: provide to users are free of tainting. In the past our release binary
44: builds have been done in Canada, Sweden, and Germany.<p>
45:
1.16 deraadt 46: OpenBSD ships with Kerberos IV included. The codebase we use is the
1.17 deraadt 47: exportable KTH-based release from Sweden. Our X11 source has been
48: extended to make use of Kerberos IV as well. Kerberos V support will
1.16 deraadt 49: perhaps appear in 1999, but at present time a freely exportable
50: Kerberos V release does not exist.<p>
51:
1.15 deraadt 52: Today cryptography is an important means for enhancing the <a
53: href=security.html>security</a> of an operating system. The
54: cryptography utilized in OpenBSD can be classified into three
55: different aspects:<p>
1.10 deraadt 56:
57: <ul>
1.11 deraadt 58: <li><a href=#prng>Pseudo Random Number Generators</a> (PRNG): ARC4, ...
59: <li><a href=#hash>Cryptographic Hash Functions</a>: MD5, SHA1, ...
60: <li><a href=#trans>Cryptographic Transforms</a>: DES, Blowfish, ...
1.10 deraadt 61: </ul>
62:
63: <p>
1.18 deraadt 64: <a name=prng></a>
1.10 deraadt 65: <h3><font color=#e00000><strong>Pseudo Random Number Generators</strong></font></h3>
66: A Pseudo Random Number Generator (PRNG) provides applications with a stream of
67: numbers which have certain important properties for system security:<p>
68:
69: <ul>
1.11 deraadt 70: <li>It should be impossible for an outsider to predict the output of the
71: random number generator even with knowledge of previous output.
72: <li>The generated numbers should not have repeating patterns which means
73: the PRNG should have a very long cycle length.
1.10 deraadt 74: </ul>
75:
1.13 deraadt 76: A PRNG is normally just an algorithm where the same initial starting
77: values will yield the same sequence of outputs. On a multiuser
78: operating system there are many sources which allow seeding the PRNG
79: with random data. The OpenBSD kernel uses the mouse interrupt timing,
80: network data interrupt latency, inter-keypress timing and disk IO
81: information to fill an entropy pool. Random numbers are available for
82: kernel routines and are exported via devices to userland programs.
83: So far random numbers are used in the following places<p>
84:
1.10 deraadt 85: <ul>
1.14 deraadt 86: <li>Dynamic sin_port allocation in bind(2).
87: <li>PIDs of processes.
1.26 aaron 88: <li>IP datagram IDs.
1.14 deraadt 89: <li>RPC transaction IDs (XID).
90: <li>NFS RPC transaction IDs (XID).
91: <li>DNS Query-IDs.
92: <li>Inode generation numbers, see getfh(2) and fsirand(8).
93: <li>Timing perturbance in traceroute(1).
94: <li>Stronger temporary names for mktemp(3) and mkstemp(3)
95: <li>Randomness added to the TCP ISS value for protection against
96: spoofing attacks.
97: <li>To generate salts for the various password algorithms.
98: <li>For generating fake S/Key challenges.
1.28 ! angelos 99: <li>In <a href=http://wserver.physnet.uni-hamburg.de/provos/photuris/>photurisd</a>
! 100: and <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd>isakmpd</a>
! 101: to provide liveness proof of key exchanges.
1.10 deraadt 102: </ul>
1.1 deraadt 103:
1.10 deraadt 104: <p>
1.18 deraadt 105: <a name=hash></a>
1.10 deraadt 106: <h3><font color=#e00000><strong>Cryptographic Hash Functions</strong></font></h3>
107: A Hash Function compresses its input data to a string of
108: constant size. For a Cryptographic Hash Function it is infeasible to find
1.1 deraadt 109: <ul>
1.11 deraadt 110: <li>two inputs which have the same output (collision resistant),
111: <li>a different input for a given input with the same output
112: (2nd preimage resistant).
1.1 deraadt 113: </ul>
1.10 deraadt 114:
1.12 millert 115: In OpenBSD MD5, SHA1, and RIPEMD-160 are used as Cryptographic Hash Functions,
116: e.g.
1.10 deraadt 117: <ul>
1.27 deraadt 118: <li>In <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=skey>S/Key</a>
119: to provide one time passwords.
120: <li>In <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=ipsec>IPsec</a>,
121: <a href=http://wserver.physnet.uni-hamburg.de/provos/photuris/>photurisd</a>
122: and
123: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd>isakmpd(8)</a>
124: to authenticate the data origin of packets and to ensure packet integrity.
125: <li>For FreeBSD-style MD5 passwords (not enabled by default), see
126: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=passwd.conf&sektion=5>
127: passwd.conf(5)</a>
128: <li>For TCP SYN cookie support (not enabled by default), see
129: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=options&sektion=4>
130: options(4)</a>
1.24 niklas 131: <li>In libssl for digital signing of messages.
1.10 deraadt 132: </ul>
133:
1.6 deraadt 134: <p>
1.18 deraadt 135: <a name=trans></a>
1.10 deraadt 136: <h3><font color=#e00000><strong>Cryptographic Transforms</strong></font></h3>
1.11 deraadt 137: Cryptographic Transforms are used to encrypt and decrypt data. These
138: are normally used with an encryption key for data encryption and with
139: a decryption key for data decryption. The security of a Cryptographic
140: Transform should rely only on the keying material.<p>
1.6 deraadt 141:
1.24 niklas 142: OpenBSD provides transforms like DES, 3DES, Blowfish and Cast for the
143: kernel and userland programs, which are used in many places like
1.10 deraadt 144: <ul>
1.27 deraadt 145: <li>In libc for creating
146: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=blf_key>Blowfish</a>
147: passwords.
148: <li>In
149: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=ipsec>IPsec</a>
150: to provide confidentiality for the network layer.
151: <li>In Kerberos and a handful of kerberized applications, like
152: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=telnet>telnet</a>,
153: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=cvs>cvs</a>,
154: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=rsh>rsh</a>,
155: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=rcp>rcp</a>,
156: and
157: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=rlogin>rlogin</a>.
1.24 niklas 158: <li>In <a href=http://wserver.physnet.uni-hamburg.de/provos/photuris/>
1.27 deraadt 159: photurisd</a> and
160: <a href=http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd>isakmpd</a>
161: to protect the exchanges where IPsec key material is negotiated.
1.24 niklas 162: <li>In AFS to protect the messages passing over the network, providing
1.27 deraadt 163: confidentiality of remote filesystem access.
1.24 niklas 164: <li>In libssl to let applications communicate over the de-facto standard
165: cryptographically secure SSL protocol.
1.10 deraadt 166: </ul>
1.1 deraadt 167:
1.10 deraadt 168: <p>
1.1 deraadt 169: <hr>
1.19 pauls 170: <a href=/index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a>
1.10 deraadt 171: <a href=mailto:www@openbsd.org>www@openbsd.org</a>
172: <br>
1.28 ! angelos 173: <small>$OpenBSD: crypto.html,v 1.27 1999/01/08 22:23:28 deraadt Exp $</small>
1.1 deraadt 174:
1.10 deraadt 175: </body>
176: </html>