cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
59955
Views
106
Helpful
11
Comments
Philip D'Ath
VIP Alumni
VIP Alumni

Back when the Internet was born it was primarily used by academics and Universities and the Internet was not perceived as a place of threats, so simple passwords were used.

But as always happens when you have something great and let humans access it, a small minority try to cause grief.  So "type 7" passwords came into life.

Type 7

Type 7 passwords are an obfuscation of the original plain text password.  It is really only intended to provide protection against someone looking over a config to obscure the real passwords.  The algorithm is based on the Vigenere algorithm.  It is easily reversible.  It is trivial to reveal the original password.  I have written a tool that runs in Javascript that can do this using only your web browser.

http://www.ifm.net.nz/cookbooks/passwordcracker.html

Type 5

Then came Type 5 passwords.  A big improvement.  This was based on the Unix password storage system.  The passwords are salted (this basically means extra random information is added so that you can't use a simple encrypted password lookup table (called a rainbow table) to get back the plain text password, and then MD5 is run over the result 1000 times with a little of bit magic happening at each iteration.

All was well with the world for quite some time, but then Moore's law kicked in.  And we had so much CPU power that MD5 hashing became too weak.

Guess what, even a modern web browser now has enough power to break simple type 5 passwords.  I wrote a proof of concept that demonstrates this using Javascript again.

http://www.ifm.net.nz/cookbooks/cisco-ios-enable-secret-password-cracker.html

There was also another fundamental problem.  Hashes, like MD5, SHA1, SHA256, etc, are intended to detect modification of the encrypted data.  Or to put it another way, hashes allow you to detect when someone has tampered with the data.  Hashes were never intended to be used for actual password storage.  Hashes were used because they were common - but it seems mis-understood.

Type 4

Then came an abortion, type 4 passwords.  This was meant to be an implementation of PBKDF2.  But there was an accident.  Cisco's implementation "forgot" to add a salt, and used only a single iteration of SHA256.  Under no circumstances should this be used.  You are better of using a type 5 password.

http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20130318-type4

Type 8

Then came type 8 passwords using PBKDF2, but implemented properly.  This was a huge step forward.  It uses 20,000 iterations of SHA256.  I consider PBKDF2 very good, but I don't use it.  Basically it relies on using lots of iterations of SHA256 to provide the security.  I don't use it because it is primarily SHA256 based - once again something designed to detect changes in the original data - not for storing passwords.

Type 9 - Use Me!

And lastly came type 9 passwords using scrypt.  script does use SHA256, but it is just a small part of a much larger crypto algorithm - and for the first time in a very long time in the history of passwords, it was purpose built to store passwords.  At last!

scrypto is hellishly CPU intensive.  So you can't just do a brute force attack (at least not on a reasonably complex password).  It needs a good dob of memory for password encryption.  When you are only encrypting one password you won't notice it.  However it means it is hard to use a GPU or hardware ASIC to do password breaking in parallel because all those these kinds of devices have lots of compute cores they don't have enough RAM to be able to use them.  scrypt has been deliberately designed to make it difficult to decrypt in parallel.

So now we have a super strong, purpose designed password storage algorithm.  The question is why wouldn't you use it?

To create an enable password using it simply use the "algorithm-type scrypt" option.

enable algorithm-type scrypt secret <password>

Or to create a user account using scrypt:

username <user> privilege 15 algorithm-type scrypt secret <password>

The Future

We are screwed.  Quantum computing is going to turn the world of encryption on its head.  We have maybe 10 years.

There is no long term future for passwords.  We need something completely different.  Maybe a DNA print, but humans are 99.5% similar, so perhaps not.  I suspect it will be something that does not exist at this point in time.

Maybe you can solve the problem, and become the future savour of computer security.

Comments
Michael Muenz
Level 5
Level 5

Nice write-up! I'm wondering why Cisco doesn't push Type 8 and 9? I remember when Type 4 was released, there were many blogposts and Cisco news proposing the new password type (before the iteration woes were known), but Type 8 and 9 were not mentioned anywhere and never saw something similiar in any release notes. 

Thanks! :)

Philip D'Ath
VIP Alumni
VIP Alumni

I think after the type 4 catastrophe Cisco will be a little shy of pushing anything "new" until it has had a lot of maturity time.  Probably a very wise approach.

Jeremy Moschner
Cisco Employee
Cisco Employee

Note that as of IOS-XE 16.9.1, you will start to receive warning messages when older password types are used (ie, Types 0, 5 and 7).  You'll see an syslog like this:

 

*Mar 16 2019 16:21:02.618 PDT: %AAAA-4-CLI_DEPRECATED: WARNING: Command has been added to the configuration using a type 5 password. However, type 5 passwords will soon be deprecated. Migrate to a supported password type
perkin
Level 1
Level 1

also I wonder why tacacs key (one of the biggest and common key) was not introduced the type 8 and 9 and even the latest ios-XE 16.11 -- only type 6 and 7 for tacacs.

piotrn001
Level 1
Level 1

any chance there is a option to go type 9 for radius server configurations?

 

(config)#radius server  xxx

(config-radius-server)#key 7 xxxx

WARNING: Command has been added to the configuration using a type 7 password. However, type 7 passwords will soon be deprecated. Migrate to a supported password type

 

i am running Cisco IOS XE Software, Version 16.09.03

 



metinvestnet
Level 1
Level 1

AES Password Encryption and Master Encryption Keys

You can enable strong, reversible 128-bit Advanced Encryption Standard (AES) password encryption, also known as type-6 encryption. To start using type-6 encryption, you must enable the AES password encryption feature and configure a master encryption key, which is used to encrypt and decrypt passwords. After you enable AES password encryption and configure a master key, all existing and newly created clear-text passwords for supported applications are stored in type-6 encrypted format, unless you disable type-6 password encryption. You can also configure the device to convert all existing weakly encrypted passwords to type-6 encrypted passwords.

Type 0 and type 7 passwords can be autoconverted to type 6 if the AES password encryption feature and master encryption key are configured.

 

configure terminal
key config-key password-encryption
password encryption aes
end
UserMike
Level 1
Level 1

Nice write up, this explains clearly to me the different security levels!

Rich R
VIP
VIP

To answer the questions about TACACS and radius - you can't use 8 or 9 for these because, like VPN keys, they *need* to be reversible because the router must use the actual password to connect to the TACACS or radius servers.

The answer to strong encryption (not hashing) for those is AES (type 6) which @metinvestnet has explained above.

Bilal Al-Sardar
Level 1
Level 1

Nice article.  I have a question for evidence purposes, Are type8 & type9 supported on IOS 12.2?

Rich R
VIP
VIP

@Bilal Al-Sardar 
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/d1/sec-d1-cr-book/sec-cr-e1.html

Command History

  Modification

15.3(3)M3

This command was introduced.

15.5(1)S

This command was integrated into the Cisco IOS Release 15.5(1)S.

Bilal Al-Sardar
Level 1
Level 1

@Rich R 

Thanks a lot! appreciated.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: