[ntp:questions] Weak Security algorithms used in NTP Autokey protocol

Harlan Stenn stenn at ntp.org
Tue Mar 22 05:17:22 UTC 2016


Joe Smithian writes:
> H All,
> 
> I am surprised that NTP still supports insecure algorithms such as MD2, MD5
> and small key sizes  256,512,1024 in the Autokey authentication! Any plan
> to deprecate weak algorithms and add more secure algorithms such as SHA-2
> and SHA-3?

As I mentioned in another response thread, autokey is no longer
recommended.

We're finishing development on its replacement, Network Time Security.

As far as private key encryption goes, we've supported whatever digest
algorithms are present in OpenSSL for a long time.

We invite your support for these efforts.
-- 
Harlan Stenn <stenn at ntp.org>
http://networktimefoundation.org - be a member!


More information about the questions mailing list