The Design of the Openbsd Cryptographic Framework

Total Page:16

File Type:pdf, Size:1020Kb

The Design of the Openbsd Cryptographic Framework The Design of the OpenBSD Cryptographic Framework Angelos D. Keromytis Jason L. Wright Theo de Raadt Columbia University OpenBSD Project OpenBSD Project [email protected] [email protected] [email protected] Abstract the design of these systems is intended to impede sim- ple, brute-force, computational attacks. This complexity drives the belief that strong security is fundamentally in- Cryptographic transformations are a fundamental build- imical to good performance. ing block in many security applications and protocols. To improve performance, several vendors market hard- This belief has led to the common predilection to avoid ware accelerator cards. However, until now no operating cryptography in favor of performance [22]. However, system provided a mechanism that allowed both uniform the foundation for this belief is often software imple- and efficient use of this new type of resource. mentation [8] of algorithms intended for efficient hard- ware implementation. To address this issue, vendors We present the OpenBSD Cryptographic Framework have been marketing hardware cryptographic acceler- (OCF), a service virtualization layer implemented in- ators that implement several cryptographic algorithms side the kernel, that provides uniform access to accel- used by security protocols and applications. However, erator functionality by hiding card-specific details be- modern operating systems lack the necessary support hind a carefully-designed API. We evaluate the impact to provide efficient access to such functionality to ap- of the OCF in a variety of benchmarks, measuring over- plications and the operating system itself through a all system performance, application throughput and la- uniform API that abstracts away device details. As tency, and aggregate throughput when multiple applica- a result, accelerators are often used directly through tions make use of it. libraries linked with applications, typically requiring We conclude that the OCF is extremely efficient in uti- device-specific knowledge by the applications, and pre- lizing cryptographic accelerator functionality, attaining venting the operating system itself from easily utilizing 95% of the theoretical peak device performance, and such hardware. over 800 Mbit/sec aggregate throughput using 3DES. We present the OpenBSD Cryptographic Framework We believe that this validates our decision to opt for ease (OCF), a service virtualization layer implemented inside of use by applications and kernel components through a the kernel, that provides uniform access to accelerator uniform API, and for seamless support for new accel- functionality by hiding device-specific details behind a erators. Furthermore, our evaluation points to several carefully-designed API. The abstraction introduced al- bottlenecks in system and operating system design: data lows us to easily support new hardware accelerators and copying between user and kernel modes, PCI bus signal- enable applications to use any such accelerator without ing inefficiency, protocols that use small data units, and device-specific knowledge. Furthermore, this intermedi- single-threaded applications. We offer several sugges- ate layer does not unduly impact performance, as is com- tions for improvements and directions for future work. mon when such abstractions are introduced. The OCF has been in use with OpenBSD [5] for over three years and has proven stable and efficient in practice. It offers 1 Introduction features such as load-balancing across multiple acceler- ators, session migration, and algorithm chaining. We describe the changes we made to the OpenBSD kernel Today’s computing systems are used for applications and applications to take advantage of the OCF. In pre- such as electronic commerce, tele-collaboration of vari- vious work [18] we presented a preliminary analysis of ous types, and evolving peer-to-peer systems, often con- the impact of hardware acceleration on network security taining sensitive information. Security in these sys- protocols, without describing the OCF itself in any de- tems depends on several mechanisms that utilize crypto- tail. Here, we evaluate the impact of the OCF in a variety graphic primitives as a basic building block. Such cryp- of micro-benchmarks, measuring overall system perfor- tographic primitives can be very complex [2] because mance, application throughput and latency, and aggre- choice one might prefer a second processor as it also gate throughput when multiple applications use the OCF. assists with the substantial (and perhaps dominant) non- cryptographic overheads. [18] provides some basic per- Our evaluation shows that, despite its addition in the sys- formance characterizations of IPsec as well as other net- tem as a device/service virtualization layer, the OCF is work security protocols, and the impact acceleration has extremely efficient in utilizing cryptographic accelera- on throughput. The authors conclude that the relative tor functionality, attaining 95% of the theoretical peak cost of high-grade cryptography is low enough that it device performance. In another configuration, we were should be the default configuration. able to achieve a 3DES aggregate throughput of over 800 Mbps, by employing a multi-threaded application There has been a considerable amount of work on the and load-balancing across multiple accelerators. Fur- enhancement of system performance through the addi- thermore, use of hardware accelerators can remove con- tion of cryptographic hardware [2]. This early work was tention for the CPU and thus improve overall system re- characterized by its focus on the hardware accelerator sponsiveness and performance for unrelated tasks. Our rather than its implications for overall system perfor- evaluation allowed us to determine that the limiting fac- mance. [24] began examining cryptographic subsystem tor for high-performance cryptography in modern sys- issues in the context of securing high-speed networks, tems is data copying and the PCI bus. Furthermore, and observed that the bus-attached cards would be lim- small data-buffers should be processed in software if ited by bus-sharing with a network adapter on systems possible, freeing hardware accelerators to handle larger with a single I/O bus. A second issue pointed out in that requests that better amortize the system and PCI trans- time frame [20] was the cost of system calls, and a third action costs. On the other hand, multi-threading results [21, 23, 7, 11] the cost of buffer copying. These issues in increased utilization of the OCF, improving aggregate are still with us, and continue to require aggressive de- throughput. We make recommendations for future direc- sign to reduce their impacts. tions in architectural placement of cryptographic func- [25] describes an API to cryptographic functions, the tionality, operating system provisions, and application main purpose of which is to separate cryptographic li- design, and discuss several improvements and promis- braries from applications, thus allowing independent de- ing directions for future work. velopment. Our service API is similar at a high level, The framework has been in use with IPsec since although several differences were dictated by the need OpenBSD 2.8, although it continues to evolve in re- to support actual hardware accelerators and allow it to sponse to new requirements. Public-key support and the be used efficiently by protocols such as IPsec and SSL, /dev/crypto interface were introduced in a later version. as we discuss in Section 3. Other work includes the Mi- The OCF has also been ported to FreeBSD and NetBSD, crosoft CryptoAPI [17], GSS-API [16] and IDUP-GSS- and we are working on Windows and Linux versions. API [1], PKCS #11 [14], SSAPI [26], and the CDSA [19]. These are primarily intended for use by applica- tions that also require authentication, authorization, key Paper Organization Section 2 discusses related work. management and other higher level security services. Section 3 describes the OCF’s design and implementa- Our work focuses on low-level cryptographic opera- tion, while Section 4 discusses its use by various sub- tions, providing a simple abstraction layer that does not systems and applications. In Section 5, we evaluate significantly impact performance, compared to a device- the framework’s performance, and discuss some of the specific approach. results and potential improvements and future work in [10] describes an open-source cryptographic coproces- Section 6. Section 7 concludes the paper. sor, focusing on protecting keys and other sensitive in- formation from tampering by unauthorized applications. The author extends the cryptlib library to communicate 2 Related Work with the co-processor. While he discusses several op- tions for hardware acceleration and identifies some po- tential performance bottlenecks, it is mostly a quali- As interest in security is currently in an upswing, recent tative analysis. That work is extended in [9], which work has been examining the overall performance im- presents a comprehensive cryptographic security archi- pact of security technologies in real systems. Work by tecture, again focusing primarily on preserving the con- Coarfa, et al. [4] has focused on the impact of hard- fidentiality of users’ (and applications’) cryptographic ware accelerators in the context of TLS web servers keys. We are interested in a much simpler problem: using a trace-based methodology, and concludes that how to accelerate cryptographic operations in a general- there is some opportunity for acceleration,
Recommended publications
  • The Eleventh Annual
    BSDCan 2014 The Eleventh Annual “I love my job” - Dan Langille About this session a few points then the auction then beer Sponsors! Sponsors (II) Sponsors (III) Sponsors (IV) food voting boxes or buffets? How many? year - # 250 237.5 2012 - 205 225 2013 - 221 212.5 200 2014 - 241 2012 2013 2014 How many? 2012 - 205 (2 + 1 +2 = 5) 2013 - 221 (2 + 2 + 1 = 5) 2014 - 241 (2 + 0 + 1 + 4 = 2 + 4 + 1) Program Committee Bob Beck - OpenBSD Project Dru Lavigne - BSD Events Greg Lehey - LEMIS Pty Ltd. Michael W. Lucas - Consultant and BSD Author David Maxwell - NetBSD Project George Neville-Neil - FreeBSD Project Volunteers Jennifer Russell - travel coordinator and speaker herder Dru Lavigne - registration desk Those of you pressed into service Insert AsiaBSDCon Here BSDP Lab Exam Sun 10am-2pm, UC 206 Beta period of the BSD Professional Lab Exam first “hands-on" exam for BSD system administrators users educators developers generally anyone who loves BSD Seats may still be available. Check with Dru Lavigne ! "C'mon - give it a try!" Insert EuroBSDCon Here Insert FreeBSD Foundation here ` Funding for OpenBSD and related Projects. The OpenBSD Foundation We fund OpenBSD, OpenSSH, OpenSMTPD, PF/Carp, etc. etc. - And hopefully LibreSSL. Financial crisis this year averted through crowdsourcing. Actively pursuing sustainable, repeated donations, especially corporate We primarily fund project infrastructure, membership and developer events. We have occasionally provided support for sponsored development (KMS Intel/Radeon) and we wish to continue that in the right situations. We are seeking a temporary increase in commitment for LibreSSL. http://www.openbsdfoundation.org/ Random giveaways Insert Auction Here Goodbye.
    [Show full text]
  • BSD UNIX Toolbox: 1000+ Commands for Freebsd, Openbsd and Netbsd Christopher Negus, Francois Caen
    To purchase this product, please visit https://www.wiley.com/en-bo/9780470387252 BSD UNIX Toolbox: 1000+ Commands for FreeBSD, OpenBSD and NetBSD Christopher Negus, Francois Caen E-Book 978-0-470-38725-2 April 2008 $16.99 DESCRIPTION Learn how to use BSD UNIX systems from the command line with BSD UNIX Toolbox: 1000+ Commands for FreeBSD, OpenBSD and NetBSD. Learn to use BSD operation systems the way the experts do, by trying more than 1,000 commands to find and obtain software, monitor system health and security, and access network resources. Apply your newly developed skills to use and administer servers and desktops running FreeBSD, OpenBSD, NetBSD, or any other BSD variety. Become more proficient at creating file systems, troubleshooting networks, and locking down security. ABOUT THE AUTHOR Christopher Negus served for eight years on development teams for the UNIX operating system at the AT&T labs, where UNIX was created and developed. He also worked with Novell on UNIX and UnixWare development. Chris is the author of the bestselling Fedora and Red Hat Linux Bible series, Linux Toys II, Linux Troubleshooting Bible, and Linux Bible 2008 Edition. Francois Caen hosts and manages business application infrastructures through his company Turbosphere LLC. As an open- source advocate, he has lectured on OSS network management and Internet services, and served as president of the Tacoma Linux User Group. He is a Red Hat Certified Engineer (RHCE). To purchase this product, please visit https://www.wiley.com/en-bo/9780470387252.
    [Show full text]
  • Aktuelles in Openbsd
    Aktuelles in OpenBSD Sebastian Benoit <[email protected]> Stefan Sperling <[email protected]> Schwerpunkte des Projekts UNIX-artiges Betriebssystem 1 offener Quellcode freie Lizenz (ISC) Fokus auf Korrektheit und Sicherheit hochwertige Dokumentation auf dem laufenden System 1basierend auf 4.4BSD-lite von UC Berkeley Aktuelles in OpenBSD 2/18 Aktuelle Daten Oktober 2015: 20 Jahre OpenBSD, Release 5.8 Aktueller Release: 6.2 Wir bringen 2 Releases im Jahr raus. Wir patchen Bugs in den letzten 2 Releases. -current ist derzeit bereits 6.3-beta ca. 70 aktive bis semi-aktive Entwickler (base + ports) ca. 5 Hackathons jedes Jahr, einer davon gross (ca. 40 Entwickler) Aktuelles in OpenBSD 3/18 Entwicklergemeinschaft Aktuelles in OpenBSD 4/18 Anwendergemeinschaft https://xkcd.com/349/ Technische Experten Individuen Firmen und Konzerne Spenden an die OpenBSD Foundation (Geld) Reisekosten Hackathons, Stromrechnung Infrastruktur, Hardware Spenden an individuelle Entwickler (Hardware, Bier, ...) Aktuelles in OpenBSD 5/18 Releasezyklus zwei Releases im Jahr (ca. alle 6 Monate) Sicherheits-Patches f¨ur1 Jahr Fokus auf Stabilit¨atbevor ein Release geschnitten wird Invasive und experimentelle Anderungen¨ warten bis nach dem Release Snapshots Zum Release passende Bildmaterialien und Lieder Aktuelles in OpenBSD 6/18 Basissystem versus Ports vollfunktionales und konsistentes Basissystem vern¨unftigeVoreinstellungen vereinfachen die Systemkonfiguration Der Quellcode des Basissystems wird kontinuierlich gesichtet Applikationen von Dritten werden separat verpackt Desktop Umgebungen, Firefox, LibreOffice, ... Programmiersprachen, Datenbanken, wissentschaftliche Werkzeuge, ... Multimedia, Videospiele, ... Aktuelles in OpenBSD 7/18 Hardwareunterst¨utzung Architekturen (amd64, i386, sparc64, arm, powerpc, ...) Clang als Compiler f¨urarm64 importiert inzwischen auch amd64, sparc64 und i386. aktuelle Laptops Grafikkarten (Intel und AMD, kein Nvidia Treiber) Netzwerk Ger¨ate(Ethernet, WLAN, UMTS) ACPI inkl.
    [Show full text]
  • Advanced Openbsd Hardening
    Advanced Hardening WrongunWrongun && DCDC JuneJune 20052005 ssh://root:[email protected] Lab Challenge JoinJoin thethe wifiwifi netnet andand sshssh intointo thethe boxbox usingusing thethe accountaccount specifiedspecified inin thethe footerfooter TryTry toto pwnpwn thethe boxbox byby addingadding anan accountaccount forfor yourselfyourself oror backdooringbackdooring sshdsshd ssh://root:[email protected] “Only one remote hole in the default install, in more than 8 years! “ ssh://root:[email protected] So OpenBSD is uber secure, right? Actually,Actually, nono …… TheThe defaultdefault installinstall hashas nothingnothing enabledenabled (except(except ssh)ssh) ““NoNo wonderwonder itit ’’ss secure,secure, itit ’’ss poweredpowered off!off! ”” SourceSource --onlyonly patchingpatching strategystrategy makesmakes itit difficultdifficult toto rollroll outout fixesfixes toto platformsplatforms w/ow/o compilerscompilers (i.e.(i.e. disklessdiskless firewalls,firewalls, etc.)etc.) ssh://root:[email protected] Brief History of OpenBSD Vulnerabilities 30 March 05: Bugs in the cp(4) stack can lead to memory exhaustion or processing of TCP segments with invalid SACK optio ns and cause a system crash. 14 Dec 04: On systems running sakmpd(8) it is possible for a local user to cause kernel memory corruption and system panic by setti ng psec(4) credentials on a socket 20 Sept 04: radius authentication, as implemented by ogin_radius(8) , was not checking the shared secret used for replies sent by the radius server. This could allow an attacker to spoof
    [Show full text]
  • Lecture 1: Introduction to UNIX
    The Operating System Course Overview Getting Started Lecture 1: Introduction to UNIX CS2042 - UNIX Tools September 29, 2008 Lecture 1: UNIX Intro The Operating System Description and History Course Overview UNIX Flavors Getting Started Advantages and Disadvantages Lecture Outline 1 The Operating System Description and History UNIX Flavors Advantages and Disadvantages 2 Course Overview Class Specifics 3 Getting Started Login Information Lecture 1: UNIX Intro The Operating System Description and History Course Overview UNIX Flavors Getting Started Advantages and Disadvantages What is UNIX? One of the first widely-used operating systems Basis for many modern OSes Helped set the standard for multi-tasking, multi-user systems Strictly a teaching tool (in its original form) Lecture 1: UNIX Intro The Operating System Description and History Course Overview UNIX Flavors Getting Started Advantages and Disadvantages A Brief History of UNIX Origins The first version of UNIX was created in 1969 by a group of guys working for AT&T's Bell Labs. It was one of the first big projects written in the emerging C language. It gained popularity throughout the '70s and '80s, although non-AT&T versions eventually took the lion's share of the market. Predates Microsoft's DOS by 12 years! Lecture 1: UNIX Intro The Operating System Description and History Course Overview UNIX Flavors Getting Started Advantages and Disadvantages Lecture Outline 1 The Operating System Description and History UNIX Flavors Advantages and Disadvantages 2 Course Overview Class Specifics 3
    [Show full text]
  • The Netbsd Project
    The NetBSD Project Introducción a NetBSD Julio M. Merino Vidal <[email protected]> iParty 8 22 de abril de 2006 Contenido NetBSD vs. Linux. Un poco de historia. Objetivos. Política de versiones. pkgsrc. Cómo obtener NetBSD. Dónde obtener ayuda. Cómo reportar fallos. NetBSD vs. GNU/Linux Sistema completo. Núcleo = Linux. Basado en 4.4BSD. Aplicaciones de GNU. Licencia BSD. Escrito desde cero. Licencia GPL. Un poco de historia (1/4) Fork de 4.3BSD Networking/2: 386BSD. Motivo: Frustración en la integración de parches. Un poco de historia (2/4) 386BSD deriva en: NetBSD (portabilidad) FreeBSD (i386) Primera versión: NetBSD 0.8 20 de abril de 1993 Un poco de historia (3/4) Integración de las mejoras en 4.4BSD (Lite). NetBSD 1.0 ve la luz 26 de octubre de 1994. Un poco de historia (4/4) Últimas versiones: NetBSD 2.0.3, 31 de octubre de 2005. NetBSD 2.1, 2 de noviembre de 2005. NetBSD 3.0, 23 de diciembre de 2005. Objetivos (1/5) Diseño correcto: Posiblemente el objetivo más importante. Ejemplo: abstracción del acceso al bus del sistema. “It doesn't work unless it's right”. Completitud del sistema: Protocolos de red. Utilidades de desarrollo. Sistema de paquetes. Objetivos (2/5) Estabilidad: Sistema usado en producción. Rapidez: Plataformas antiguas vs. nuevas. Micro vs. macro-optimizaciones. Objetivos (3/5) Libre distribución: Uso de la licencia BSD. Algunas herramientas añadidas son GPL. Transportable: División MI/MD. Ejemplo: fxp(4) funciona sobre alpha, i386, macppc, etc. 40 arquitecturas soportadas. Objetivos (4/5) Interoperable: Emulación binaria: Linux, FreeBSD, Solaris, etc.
    [Show full text]
  • The Dragonflybsd Operating System
    1 The DragonFlyBSD Operating System Jeffrey M. Hsu, Member, FreeBSD and DragonFlyBSD directories with slightly over 8 million lines of code, 2 million Abstract— The DragonFlyBSD operating system is a fork of of which are in the kernel. the highly successful FreeBSD operating system. Its goals are to The project has a number of resources available to the maintain the high quality and performance of the FreeBSD 4 public, including an on-line CVS repository with mirror sites, branch, while exploiting new concepts to further improve accessible through the web as well as the cvsup service, performance and stability. In this paper, we discuss the motivation for a new BSD operating system, new concepts being mailing list forums, and a bug submission system. explored in the BSD context, the software infrastructure put in place to explore these concepts, and their application to the III. MOTIVATION network subsystem in particular. A. Technical Goals Index Terms— Message passing, Multiprocessing, Network The DragonFlyBSD operating system has several long- operating systems, Protocols, System software. range technical goals that it hopes to accomplish within the next few years. The first goal is to add lightweight threads to the BSD kernel. These threads are lightweight in the sense I. INTRODUCTION that, while user processes have an associated thread and a HE DragonFlyBSD operating system is a fork of the process context, kernel processes are pure threads with no T highly successful FreeBSD operating system. Its goals are process context. The threading model makes several to maintain the high quality and performance of the FreeBSD guarantees with respect to scheduling to ensure high 4 branch, while exploring new concepts to further improve performance and simplify reasoning about concurrency.
    [Show full text]
  • BSD UNIX Toolbox 1000+ Commands for Freebsd, Openbsd
    76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page iii BSD UNIX® TOOLBOX 1000+ Commands for FreeBSD®, OpenBSD, and NetBSD®Power Users Christopher Negus François Caen 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page ii 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page i BSD UNIX® TOOLBOX 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page ii 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page iii BSD UNIX® TOOLBOX 1000+ Commands for FreeBSD®, OpenBSD, and NetBSD®Power Users Christopher Negus François Caen 76034ffirs.qxd:Toolbox 4/2/08 12:50 PM Page iv BSD UNIX® Toolbox: 1000+ Commands for FreeBSD®, OpenBSD, and NetBSD® Power Users Published by Wiley Publishing, Inc. 10475 Crosspoint Boulevard Indianapolis, IN 46256 www.wiley.com Copyright © 2008 by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada ISBN: 978-0-470-37603-4 Manufactured in the United States of America 10 9 8 7 6 5 4 3 2 1 Library of Congress Cataloging-in-Publication Data is available from the publisher. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permis- sion should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355, or online at http://www.wiley.com/go/permissions.
    [Show full text]
  • Mandoc: Becoming the Main BSD Manual Toolbox
    mandoc: becoming the main BSD manual toolbox BSDCan 2015, June 13, Ottawa Ingo Schwarze <[email protected]> Cynthia Livingston’sOTTB “Bedifferent” (c) 2013 C. Livingston (with permission) > Ingo Schwarze: mandoc page 2: INTROI BSDCan 2015, June 13, Ottawa Brief history of UNIX documentation • The key point: All documentation in one place and one format. Easy to find, uniform and easy to read and write. Be correct, complete, concise. • 1964: RUNOFF/roffmarkup syntax by Jerome H. Saltzer,MIT. Unobtrusive,diff(1)-friendly,easy to hand-edit, simple tools, high quality output. • 1971: Basic manual structure by Ken Thompson and Dennis Ritchie for the AT&T Version 1 UNIX manuals, Bell Labs. • 1979: man(7) physical markup language for AT&T Version 7 UNIX. • 1989: mdoc(7) semantic markup by Cynthia Livingston for 4.3BSD-Reno. Powerful, self-contained, portable. • 1989: GNU troffbyJames Clarke. • 2001: mdoc(7) rewrite by Werner Lemberg and Ruslan Ermilovfor groff-1.17. • 2008: mandoc(1) started by Kristaps Dzonsons. • 2010: mandoc(1) is the only documentation formatter in the OpenBSD base system. • 2014: mandoc(1) used by default in OpenBSD, FreeBSD, NetBSD, illumos. 16:19:30 What is the mandoc toolbox? → < > Ingo Schwarze: mandoc page 3: INTROIIBSDCan 2015, June 13, Ottawa What is the mandoc toolbox? User perspective:man(1), the manual viewer One comprehensive tool! Normal operation always proceeds in three steps: 1. Find one or more manuals in the file system or using a database by manual name — man(1) — or by search query — apropos(1) =man -k The result of this step can be printed out with man -w.
    [Show full text]
  • OPENBSD HARDWARE SENSORS FRAMEWORK a Unified and Ready-To-Use System for Hassle-Ee Hardware Monitoring
    OPENBSD HARDWARE SENSORS FRAMEWORK A unified and ready-to-use system for hassle-ee hardware monitoring. Constantine A. Murenin and Raouf Boutaba University of Waterloo AsiaBSDCon 2009 — 12–15 March 2009 — Tokyo, Japan Abstract In this paper, we will discuss the origin, history, design guidelines, API and the device drivers of the hardware sensors framework available in OpenBSD. The framework spans multiple utilities in the base system and the ports tree, is utilised by over 70 drivers, and is considered to be a distinctive and ready-to-use feature that sets OpenBSD apart from many other operating systems, and in its root is inseparable from the OpenBSD experience. 1. Introduction Another trend that has been particularly common in the recent years is the availability of defined inter- We will start by investigating into the matter of what faces for software-based temperature readout from hardware monitoring sensors represent, how common individual components of personal computers, such as is it for them to appear in the general-purpose com- the CPU, or the add-on cards, such as those imple- puter hardware that has been available on the market menting the 802.11 wireless functionality or 10 Giga- in the last decade or so, and what benefits can we gain bit Ethernet. Popular examples include recent Intel by having a unified, simple and straightforward inter- Xeon and Core series of processors (as well as budget face for getting the data out of these sensors. models that are marketed under different brands) Although it may come as a surprise to some users, the [admtemp.4] [cpu.4]; all AMD64 processors from majority of personal computers that have been avail- AMD (Families 0Fh, 10h, 11h) [kate.4] [km.4]; Intel able on the market in the last decade have an inte- WiFi Link 4965/5100/5300 wireless network devices grated hardware monitoring circuitry whose main [iwn.4].
    [Show full text]
  • Cryptanalysis of the Random Number Generator of the Windows Operating System
    Cryptanalysis of the Random Number Generator of the Windows Operating System Leo Dorrendorf School of Engineering and Computer Science The Hebrew University of Jerusalem 91904 Jerusalem, Israel [email protected] Zvi Gutterman Benny Pinkas¤ School of Engineering and Computer Science Department of Computer Science The Hebrew University of Jerusalem University of Haifa 91904 Jerusalem, Israel 31905 Haifa, Israel [email protected] [email protected] November 4, 2007 Abstract The pseudo-random number generator (PRNG) used by the Windows operating system is the most commonly used PRNG. The pseudo-randomness of the output of this generator is crucial for the security of almost any application running in Windows. Nevertheless, its exact algorithm was never published. We examined the binary code of a distribution of Windows 2000, which is still the second most popular operating system after Windows XP. (This investigation was done without any help from Microsoft.) We reconstructed, for the ¯rst time, the algorithm used by the pseudo- random number generator (namely, the function CryptGenRandom). We analyzed the security of the algorithm and found a non-trivial attack: given the internal state of the generator, the previous state can be computed in O(223) work (this is an attack on the forward-security of the generator, an O(1) attack on backward security is trivial). The attack on forward-security demonstrates that the design of the generator is flawed, since it is well known how to prevent such attacks. We also analyzed the way in which the generator is run by the operating system, and found that it ampli¯es the e®ect of the attacks: The generator is run in user mode rather than in kernel mode, and therefore it is easy to access its state even without administrator privileges.
    [Show full text]
  • Free, Functional, and Secure
    Free, Functional, and Secure Dante Catalfamo What is OpenBSD? Not Linux? ● Unix-like ● Similar layout ● Similar tools ● POSIX ● NOT the same History ● Originated at AT&T, who were unable to compete in the industry (1970s) ● Given to Universities for educational purposes ● Universities improved the code under the BSD license The License The license: ● Retain the copyright notice ● No warranty ● Don’t use the author's name to promote the product History Cont’d ● After 15 years, the partnership ended ● Almost the entire OS had been rewritten ● The university released the (now mostly BSD licensed) code for free History Cont’d ● AT&T launching Unix System Labories (USL) ● Sued UC Berkeley ● Berkeley fought back, claiming the code didn’t belong to AT&T ● 2 year lawsuit ● AT&T lost, and was found guilty of violating the BSD license History Cont’d ● BSD4.4-Lite released ● The only operating system ever released incomplete ● This became the base of FreeBSD and NetBSD, and eventually OpenBSD and MacOS History Cont’d ● Theo DeRaadt ○ Originally a NetBSD developer ○ Forked NetBSD into OpenBSD after disagreement the direction of the project *fork* Innovations W^X ● Pioneered by the OpenBSD project in 3.3 in 2002, strictly enforced in 6.0 ● Memory can either be write or execute, but but both (XOR) ● Similar to PaX Linux kernel extension (developed later) AnonCVS ● First project with a public source tree featuring version control (1995) ● Now an extremely popular model of software development anonymous anonymous anonymous anonymous anonymous IPSec ● First free operating system to implement an IPSec VPN stack Privilege Separation ● First implemented in 3.2 ● Split a program into processes performing different sub-functions ● Now used in almost all privileged programs in OpenBSD like httpd, bgpd, dhcpd, syslog, sndio, etc.
    [Show full text]