Check out the new USENIX Web site.

Home About USENIX Events Membership Publications Students
USENIX Technical Program - Abstract - USENIX 99

Cryptography in OpenBSD: An Overview

Theo de Raadt, Niklas Hallqvist, Artur Grabowski, Angelos D. Keromytis, and Niels Provos, The OpenBSD Project


Cryptographic mechanisms are an important security component of an operating system in securing the system itself and its communication paths. Indeed, in many situations, cryptography is the only tool that can solve a particular problem, e.g., network-level security. While cryptography by itself does not guarantee security, when applied correctly, it can significantly improve overall security. Since one of the main foci of the OpenBSD system is security, various cryptographic mechanisms are employed in a number of different roles.

This paper gives an overview of the cryptography employed in OpenBSD. We discuss the various components (IPsec, SSL libraries, stronger password encryption, Kerberos IV, random number generators, etc.), their role in system security, and their interactions with the rest of the system (and, where applicable, the network).

  • View the full text of this paper in HTML form.

  • If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.

  • To become a USENIX Member, please see our Membership Information.

?Need help? Use our Contacts page.

Last changed: 13 Mar 2002 ml
FREENIX Technical Program
Conference index