Cryptography in OpenBSD: an overview
作者: Theo de Raadt , Angelos D. Keromytis , Niels Provos , Niklas Hallqvist , Artur Grabowski
DOI:
关键词:
摘要: Cryptographic mechanisms are an important security component of operating system in securing the itself and its communication paths. Indeed, many situations, cryptography is only tool that can solve a particular problem, e.g., network-level security. While by does not guarantee security, when applied correctly, it significantly improve overall Since one main foci OpenBSD various cryptographic employed number different roles. This paper gives overview OpenBSD. We discuss components (IPsec, SSL libraries, stronger password encryption, Kerberos IV, random generators, etc.), their role interactions with rest (and, where applicable, network).
参考文章(16)
Robert T. Morris, A Weakness in the 4.2BSD Unix† TCP/IP Software ,(1999)
Bruce Schneier, Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish) fast software encryption. pp. 191- 204 ,(1993) , 10.1007/3-540-58108-1_24
J. Postel, Transmission Control Protocol Internet Request for Comment (RFC793). ,vol. 793, pp. 1- 91 ,(1981)
David Mazières, Niels Provos, A future-adaptive password scheme usenix annual technical conference. pp. 32- 32 ,(1999)
R. Glenn, C. Madson, The Use of HMAC-MD5-96 within ESP and AH RFC. ,vol. 2403, pp. 1- 7 ,(1998)
P. Karn, W. Simpson, Photuris: Session-Key Management Protocol rfc2522. ,vol. 2522, pp. 1- 80 ,(1999)
R. Glenn, C. Madson, The Use of HMAC-SHA-1-96 within ESP and AH RFC. ,vol. 2404, pp. 1- 7 ,(1998)
D. Piper, The Internet IP Security Domain of Interpretation for ISAKMP RFC2407. ,vol. 2407, pp. 1- 32 ,(1998)
J. Postel, Domain Name System Structure and Delegation RFC. ,vol. 1591, pp. 1- 7 ,(1994)
Whitfield Diffie, Paul C. Van Oorschot, Michael J. Wiener, Authentication and authenticated key exchanges Designs, Codes and Cryptography. ,vol. 2, pp. 107- 125 ,(1992) , 10.1007/BF00124891