File: [local] / www / crypto.html (download) (as text)
Revision 1.142, Fri May 2 18:55:39 2014 UTC (10 years ago) by tedu
Branch: MAIN
Changes since 1.141: +0 -269 lines
fire bomb old content
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="resource-type" content="document">
<meta name="description" content="OpenBSD cryptography">
<meta name="keywords" content="openbsd,cryptography,openssh,openssl,kerberos">
<meta name="keywords" content="ipsec,isakmp,ike,blowfish,des,rsa,dsa">
<meta name="distribution" content="global">
<meta name="copyright" content="This document copyright 1997-2006 by OpenBSD.">
<title>Cryptography in OpenBSD</title>
</head>
<body bgcolor="#ffffff" text="#000000" link="#23238e">
<a href="index.html"><img alt="[OpenBSD]" height="30" width="141" src="images/smalltitle.gif" border="0"></a>
<p>
<h2><font color="#e00000">Cryptography</font></h2>
<hr>
<a name="why"></a>
<h3><font color="#e00000">Why do we ship cryptography?</font></h3><p>
In three words: <strong>because we can</strong>.<p>
The OpenBSD project is based in Canada.<p>
The <a href="ECL.html">Export Control List of Canada</a>
places no significant restriction on the export of
cryptographic software, and is even more explicit about the free
export of freely-available cryptographic software. Marc Plumb has
done
<a href="http://www.efc.ca/pages/doc/crypto-export.html">
some research to test the cryptographic laws</a>.
<p>
Hence the OpenBSD project has embedded cryptography into numerous places
in the operating system. We require that the cryptographic software we
use be <a href="policy.html">freely available and with good licenses</a>.
We do not directly use cryptography with nasty patents.
We also require that such software is from countries with useful export
licenses because we do not wish to break the laws of any country.
<p>
OpenBSD was the first operating system to ship with an IPsec stack.
We've been including IPsec since the OpenBSD 2.1 release in 1997.
<p>
Today cryptography is an important means for enhancing the
<a href="security.html">security</a> of an operating system. The
cryptography utilized in OpenBSD can be classified into various
aspects, described as follows.
<p>
<a name="ssh"></a>
<h3><font color="#e00000">OpenSSH</font></h3><p>
As of the 2.6 release, OpenBSD contains
<a href="http://www.openssh.com/">OpenSSH</a>, an absolutely free and
patent unencumbered version of ssh.
<a href="http://www.openssh.com/">OpenSSH</a> interoperated with ssh
version 1 and had many added features,
<ul>
<li>
all components of a restrictive nature (i.e., patents, see
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&sektion=8">ssl(8)</a>)
had been directly removed from the source code; any licensed or
patented components used external libraries.
<li>
had been updated to support ssh protocol 1.5.
<li>
supported one-time password authentication with
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=skey&sektion=1">skey(1)</a>.
</ul>
<p>
Roughly said, we took a free license release of ssh, OpenBSD-ifyed it.
About a year later, we extended OpenSSH to also do SSH 2 protocol, the
result being support for all 3 major SSH protocols: 1.3, 1.5, 2.0.
<a name="prng"></a>
<h3><font color="#e00000">Pseudo Random Number Generators</font></h3><p>
A Pseudo Random Number Generator (PRNG) provides applications with a stream of
numbers which have certain important properties for system security:<p>
<ul>
<li>It should be impossible for an outsider to predict the output of the
random number generator even with knowledge of previous output.
<li>The generated numbers should not have repeating patterns which means
the PRNG should have a very long cycle length.
</ul>
<p>
A PRNG is normally just an algorithm where the same initial starting
values will yield the same sequence of outputs. On a multiuser
operating system there are many sources which allow seeding the PRNG
with random data. The OpenBSD kernel uses the mouse interrupt timing,
network data interrupt latency, inter-keypress timing and disk IO
information to fill an entropy pool. Random numbers are available for
kernel routines and are exported via devices to userland programs.
<p>
<a name="hash"></a>
<h3><font color="#e00000">Cryptographic Hash Functions</font></h3><p>
A Hash Function compresses its input data to a string of
constant size. For a Cryptographic Hash Function it is infeasible to find:
<ul>
<li>two inputs which have the same output (collision resistant),
<li>a different input for a given input with the same output
(2nd preimage resistant).
</ul>
<p>
<p>
<a name="trans"></a>
<h3><font color="#e00000">Cryptographic Transforms</font></h3><p>
Cryptographic Transforms are used to encrypt and decrypt data. These
are normally used with an encryption key for data encryption and with
a decryption key for data decryption. The security of a Cryptographic
Transform should rely only on the keying material.<p>
<p>
<a name="people"></a>
<h3><font color="#e00000">International Cryptographers Wanted</font></h3><p>
Of course, our project needs people to work on these systems. If any
non-American cryptographer who meets the constraints listed earlier is
interested in helping out with embedded cryptography in OpenBSD,
please contact us.<p>
<p>
<a name="papers"></a>
<h3><font color="#e00000">Further Reading</font></h3><p>
A number of papers have been written by OpenBSD team members, about
cryptographic changes they have done in OpenBSD. The postscript
versions of these documents are available as follows.<p>
<ul>
<li>A Future-Adaptable Password Scheme.<br>
<a href="events.html#usenix99">Usenix 1999</a>,
by <a href="mailto:provos@openbsd.org">Niels Provos</a>,
<a href="mailto:dm@openbsd.org">David Mazieres</a>.<br>
<a href="papers/bcrypt-paper.ps">paper</a> and
<a href="papers/bcrypt-slides.ps">slides</a>.
<p>
<li>Cryptography in OpenBSD: An Overview.<br>
<a href="events.html#usenix99">Usenix 1999</a>,
by <a href="mailto:deraadt@openbsd.org">Theo de Raadt</a>,
<a href="mailto:niklas@openbsd.org">Niklas Hallqvist</a>,
<a href="mailto:art@openbsd.org">Artur Grabowski</a>,
<a href="mailto:angelos@openbsd.org">Angelos D. Keromytis</a>,
<a href="mailto:provos@openbsd.org">Niels Provos</a>.<br>
<a href="papers/crypt-paper.ps">paper</a> and
<a href="papers/crypt-slides.ps">slides</a>.
<p>
<li>Implementing Internet Key Exchange (IKE).<br>
<a href="events.html#usenix2000">Usenix 2000</a>,
by <a href="mailto:niklas@openbsd.org">Niklas Hallqvist</a> and
<a href="mailto:angelos@openbsd.org">Angelos D. Keromytis</a>.<br>
<a href="papers/ikepaper.ps">paper</a> and
<a href="papers/ikeslides.ps">slides</a>.
<p>
<li>Encrypting Virtual Memory.<br>
<a href="events.html#sec2000">Usenix Security 2000</a>,
<a href="mailto:provos@openbsd.org">Niels Provos</a>.<br>
<a href="papers/swapencrypt.ps">paper</a> and
<a href="papers/swapencrypt-slides.ps">slides</a>.
<p>
<li>The Design of the OpenBSD Cryptographic Framework.<br>
<a href="events.html#usenix2003">Usenix 2003</a>, by
<a href="mailto:angelos@openbsd.org">Angelos D. Keromytis</a>,
<a href="mailto:jason@openbsd.org">Jason L. Wright</a>, and
<a href="mailto:deraadt@openbsd.org">Theo de Raadt</a>.<br>
<a href="papers/ocf.pdf">paper</a>.
<p>
<li>Cryptography As an Operating System Service: A Case Study.<br>
<a href="http://www.acm.org/tocs/">ACM Transactions on Computer Systems</a>,
February 2006, by
<a href="mailto:angelos@openbsd.org">Angelos D. Keromytis</a>,
<a href="mailto:jason@openbsd.org">Jason L. Wright</a>, and
<a href="mailto:deraadt@openbsd.org">Theo de Raadt</a>.<br>
<a href="papers/crypt-service.pdf">paper</a>.
</ul>
</body>
</html>
![[BACK]](/icons/back.gif){kind=icon}
Return to crypto.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www