[ntp:questions] Weak Security algorithms used in NTP Autokey protocol

Brian Inglis Brian.Inglis at SystematicSw.ab.ca
Mon Mar 21 20:02:52 UTC 2016


Hopefully the NTPSEC project https://www.ntpsec.org/ will be able to address those issues.
See https://gitlab.com/groups/NTPsec mirror at https://github.com/ntpsec/ntpsec

On 2016-03-21 10:11, Joe Smithian wrote:
> H All,
>
> I am surprised that NTP still supports insecure algorithms such as MD2, MD5
> and small key sizes  256,512,1024 in the Autokey authentication! Any plan
> to deprecate weak algorithms and add more secure algorithms such as SHA-2
> and SHA-3?
>
>
> Below is a list of supported keys and algorithms in ntp-keygen version
> 4.2.8p6
>
>
> ntp-keygen(8) - Linux man pageName
>
> ntp-keygen - generate public and private keys
>
> Synopsis
>
> *ntp-keygen [ -deGgHIMPT ] [ -c [RSA-MD2 | RSA-MD5 | RSA-SHA | RSA-SHA1 |
> RSA-MDC2 | RSA-RIPEMD160 | DSA-SHA | DSA-SHA1 ] ] [ -i name ] [
> -m modulus ] [ -p password ] [ -q password ] [ -S [ RSA | DSA ] ] [
> -s name ] [ -vnkeys ] [ -V params ]*
>
> Thanks,
>
> Joe
> _______________________________________________
> questions mailing list
> questions at lists.ntp.org
> http://lists.ntp.org/listinfo/questions
>


-- 
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada


More information about the questions mailing list