"Because the OpenBSD project is based in Canada, no United States export restrictions on cryptography apply, allowing the distribution to make full use of modern algorithms for encryption. Encryption can be found almost everywhere in the operating system, from file transfers to file systems to networking. Pseudo-random number generators are also included in OpenBSD, which ensures that random numbers cannot be predicted based on the system state. Other features include cryptographic hash functions, cryptographic transform libraries, and cryptographic hardware support.
"Another heavily exported piece of OpenBSD is the IP Security Protocol (IPSec), which the operating system uses rather than relying on the inherently insecure TCP/IP version 4 (IPv4). (IPV4 chooses to trust just about everybody and everything.) IPSec encrypts and validates packets to protect the privacy of data and to ensure that no changes are made to packets during the delivery process. IPSec became an integral piece of the standard Internet Protocol with the introduction of TCP/IP version 6 (IPv6), making the future of the Internet more secure by default."
