BSDCan Banner
Home
Call for papers
Papers
Committee
Presentations
Speakers
Registration
Tutorials
Schedule
Sponsors

Social
BOFs
Network Stack Randomness

The OpenBSD project has been very aggressive in its use of strong pseudo-random data in its network code; as a policy, pseudo-random data is used in protocol fields wherever possible, in many cases in a way not envisioned by the protocol designers. Randomness is also used within the network code to protect against denial of service attacks.

This presentation outlines the reasons for this approach, discusses how and where it is implemented in OpenBSD, and provides examples of attacks which this approach has mitigated.

Why this is important: This provides real security benefits. We want people to:

  1. implement and turn on this stuff by default in other OSes,
  2. in particular, the more people that do this, the less applications will depend on the broken behaviour.
  3. point out any other possible randomisations that we have missed

speaker: Ryan McBride

location: SITE H0104

Hotel + Travel
About Ottawa
FAQ

Links
Help out!
Contact Us
News
Privacy
What is BSD?

BSDCan 2004
BSDCan 2005
BSDCan 2006
BSDCan 2007
BSDCan 2008
BSDCan 2009
BSDCan 2010
BSDCan 2011
BSDCan 2012
BSDCan 2013
BSDCan 2014
BSDCan 2015
BSDCan 2016
BSDCan 2017
Copyright © 2003-2011 BSDCan. All rights reserved.
Valid HTML, and CSS