[ntp:questions] Weak Security algorithms used in NTP Autokey protocol

Danny Mayer mayer at ntp.org
Thu Mar 24 04:30:56 UTC 2016


On 3/21/2016 12:11 PM, Joe Smithian wrote:
> H All,
> 
> I am surprised that NTP still supports insecure algorithms such as MD2, MD5
> and small key sizes  256,512,1024 in the Autokey authentication! Any plan
> to deprecate weak algorithms and add more secure algorithms such as SHA-2
> and SHA-3?
> 

Yes, although autokey is going to be replaced by NTS. The code needs to
be upgraded so that it can figure out whether or not it has a MAC and if
so how big it is.

> 
> Below is a list of supported keys and algorithms in ntp-keygen version
> 4.2.8p6
> 
> 
> ntp-keygen(8) - Linux man pageName
> 
> ntp-keygen - generate public and private keys
> 
> Synopsis
> 
> *ntp-keygen [ -deGgHIMPT ] [ -c [RSA-MD2 | RSA-MD5 | RSA-SHA | RSA-SHA1 |
> RSA-MDC2 | RSA-RIPEMD160 | DSA-SHA | DSA-SHA1 ] ] [ -i name ] [
> -m modulus ] [ -p password ] [ -q password ] [ -S [ RSA | DSA ] ] [
> -s name ] [ -vnkeys ] [ -V params ]*

We should aim to handle whatever algorithm becomes available, currently
whatever OpenSSL has for digests at any particular version. Note that
both ends need to understand the same algorithm for that to work.

Danny



More information about the questions mailing list