Next: Introduction
Up: Cryptography in OpenBSD: An
Previous: Cryptography in OpenBSD: An
Cryptographic mechanisms are an important security component of an
operating system in securing the system itself and its communication
paths. Indeed, in many situations, cryptography is the only tool that
can solve a particular problem, e.g., network-level security.
While cryptography by itself does not guarantee security, when applied
correctly, it can significantly improve overall security. Since one of
the main foci of the OpenBSD system is security, various cryptographic
mechanisms are employed in a number of different roles.
This paper gives an overview of the cryptography employed in OpenBSD.
We discuss the various components (IPsec, SSL libraries, stronger
password encryption, Kerberos IV, random number generators,
etc.), their role in system security, and their interactions with the
rest of the system (and, where applicable, the network).
& D. Keromytis
4/26/1999