[ntp:questions] Weak Security algorithms used in NTP Autokey protocol

Martin Burnicki martin.burnicki at meinberg.de
Tue Mar 22 08:59:10 UTC 2016


Harlan Stenn wrote:
> Joe Smithian writes:
>> H All,
>>
>> I am surprised that NTP still supports insecure algorithms such as MD2, MD5
>> and small key sizes  256,512,1024 in the Autokey authentication! Any plan
>> to deprecate weak algorithms and add more secure algorithms such as SHA-2
>> and SHA-3?
> 
> As I mentioned in another response thread, autokey is no longer
> recommended.
> 
> We're finishing development on its replacement, Network Time Security.

See:

https://datatracker.ietf.org/doc/draft-ietf-ntp-network-time-security/
https://datatracker.ietf.org/doc/draft-ietf-ntp-extension-field/

Martin
-- 
Martin Burnicki

Senior Software Engineer

MEINBERG Funkuhren GmbH & Co. KG
Email: martin.burnicki at meinberg.de
Phone: +49 (0)5281 9309-14
Fax: +49 (0)5281 9309-30

Lange Wand 9, 31812 Bad Pyrmont, Germany
Amtsgericht Hannover 17HRA 100322
Geschäftsführer/Managing Directors: Günter Meinberg, Werner Meinberg,
Andre Hartmann, Heiko Gerstung
Web: http://www.meinberg.de


More information about the questions mailing list