[ntp:hackers] SHA1 for symmetric keys?

Danny Mayer mayer at pdmconsulting.net
Thu Dec 10 17:04:32 UTC 2015


On 12/10/2015 1:55 AM, Miroslav Lichvar wrote:
> On Wed, Dec 09, 2015 at 10:18:11PM -0500, brian utterback wrote:
>> Does ntpd support SHA1 for symmetric keys? Looking at the docs it
>> suggests that the ntp.keys file should be generated with ntp-keygen
>> rather than by manual editing. Running ntp-keygen creates a file with
>> both MD5 and SHA1 keys, but when I try to use them ntpd says "invalid
>> key type" for all of the SHA1 keys. Not to mention I never heard anyone
>> say not to edit the ntp.keys file by hand. Am I misunderstanding the
>> whole thing?
> 
> ntpd supports SHA1 keys when it's compiled with openssl support. Keys
> can be generated by ntp-keygen or they can be created manually, but be
> sure they are long and random enough. These days, when GPUs can brute
> force billions of SHA1 keys per second, a random key using only 8
> alphanumeric characters could be found in few hours or days.
> 

That would require going to a different algorithm like SHA-256 or
better. The problem with that would require an overhaul of the MAC which
is something I'm intending to do anyway. I would note however that if
you do brute force attacks on the MAC, by the time you are done it's too
late to attack the recipient of the specific packet with a fake packet.

Danny



More information about the hackers mailing list