cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
35555
Views
48
Helpful
32
Replies

NTP Encryption

james.tribble
Level 1
Level 1

Is Cisco going to provide SHA1 encryption to the NTP authentication parameter?  This is now required in the DOD realm. 

32 Replies 32

According to Cisco's updated 08-21-2023 System Management Configuration Guide, Cisco IOS XE 17.x, All mention of aes/sha have been removed only leaving md5 as the option.

SUMMARY STEPS
1. enable
2. configure terminal
3. ntp authenticate
4. ntp authentication-key number md5 key
5. ntp authentication-key number md5 key
6. ntp authentication-key number md5 key
7. ntp trusted-key key-number [- end-key]
8. ntp server ip-address key key-id
9. end

 

Dustin,

Keep in mind that those are just examples using the basic capabilities of NTP authentication.  Please see other documents, such as System Management Configuration Guide, Cisco IOS XE Bengaluru 17.6.x (Catalyst 9300 Switches) - in this case, it shows that there are multiple authentication options under Step 4.

See my first post back in 2020 on this thread.  Said functionality was suppose to be introduced in 17.x code.  Given none of this seems to function and the document you reference is 2 years older than the new document published in August 2023, I'd say the writer of that document is fixing previous incorrect information.  The detailed steps in that document completely remove the "{ }" which define the authentication key options.  Only MD5 remains which makes sense if that is the only one that actually works.  If you have a documentation and proof that these other authentication keys work, everyone following this trail since 2017 would love to know.  https://www.cisco.com/c/en/us/td/docs/routers/ios/config/17-x/syst-mgmt/b-system-management/m_bsm-time-calendar-set.html

 

Dustin,

Not all documents are written the same and there is always room for clarity.  In this case, the document you referenced did not have all of the available options included.

Here is an example point-to-point client/server NTP topology.  C8000v0 is the NTP Master and C8000v1 is the NTP Client (NTP Topology.png).  The two Config pictures show the basic interface and NTP configuration on each device.  The NTP C8000v1 Ciphers.png shows the available ciphers in 17.6.X.  The two NTP Debug.png files show the HMAC-SHA2-256 authentication keys being used between the routers.  The final picture (NTP C8000v1 Association.png) shows the "show ntp association detail" output, including the HMAC-SHA2-256 algorithm being used with a full association.

You can substitute any of the other hashing algorithms as your business needs require.  Depending on the algorithm (i.e., cmac-aes-128), you may have an absolute minimum/maximum of byte values that must be entered in the NTP authentication-key.

Cheers

That is great news if this functionality is now working. Thank you.

I'd recommend the author of that new document follow Cisco's standard command line documentation practice when writing examples of commands.

If you read through that document, you will see the use of { } (Braces) when command line options are available.

It was not used with the "ntp authentication-key" example but then used with the "sntp server" example on the same page.

Typically the lack of { } (Braces) has always meant there are no options.

I.E. MD5 is the only key type available.  Consistency in documentation is essential for customers to understand functionality.

Here is an example from the Cisco IOS Basic System Management Command Reference that illustrates that point:

ntp authentication-key

To define an authentication key for Network Time Protocol (NTP), use the ntp authentication-key command in global configuration mode. To remove the authentication key for NTP, use the no form of this command.

ntp authentication-key number md5 key [encryption-type]

no ntp [authentication-key number]

Syntax Description

number

Key number from 1 to 4294967295.

md5

Specifies the authentication key. Message authentication support is provided using the message digest 5 (MD5) algorithm. The key type md5 is the only key type supported.

key

Character string of up to 32 characters that is the value of the MD5 key.

Note 

In auto secure mode, an error is displayed on the console and the authentication key is not configured if the character string length exceeds 32.

encryption-type

(Optional) Authentication key encryption type. Range: 0 to 4294967295.

We're on 17.9.4a Cupertino (previous recommended). The IOS will only for: cmac-aes-128, hmac-sha1, hmac-sha2-256, md5, sha1, sha2

I suspect this is also the case with the latest and recommended 17.9.5 as well. 

dlapier
Cisco Employee
Cisco Employee

I will try to check with engineering.

As I have dug into this some more, I think there is a flaw in Cisco's implementation of NTP Authentication with symmetric keys.  The documentation indicates you should be able to input a 32 byte key (64 HEX Characters) but only allows a 16 byte key (32 Hex Characters). It has been a few years since college but my recollection is that each hex digit is a nibble (4 bits) / half a byte. Consequently, 2 hex digits is equal 8 bits/a byte. 

Further, I am pretty sure NTP servers. other than another Cisco Switch expect to see a 160-bit key expressed in HEX format (40 Hex Characters) for SHA type keys.  If the key provided is not 160 bits/40 Hex characters, the servers truncate or zero-fill keys to make them meet that criteria. Consequently, I think Cisco's implementation is fundamentally flawed as it won't work with NTP servers other than Cisco devices acting as servers. 

 

Paragraph 4.5.1 Symmetric Key Cryptography describes truncation/zero filling. https://www.nwtime.org/wp-content/uploads/2016/04/NTP-Handbook.pdf

Roger:

This is very interesting.  I will pass it along to engineering.  I did get some feedback from the developers,

"All NTP authentication methods are disabled by default. They can be enabled by the user when needed.

Users have the option to use SHA-1 and SHA-2 in 17.4.1."   We will get it figured out.

-- David

I got some clarification from Engineering.  They confirmed that the supported key length is up to 32 characters for HMAC-SHA256.   They are researching a plan to change support key lengths of 64.   

-- David

 

Router(config)#ntp authentication-key 1 ?

  cmac-aes-128   CMAC-AES-128 (digest length = 128 bits, key length = [16 or

                 32] bytes)

  hmac-sha1      HMAC-SHA1 (digest length = 160 bits, key length = [1-32]

                 bytes)

  hmac-sha2-256  HMAC-SHA2-256 (digest length = 256 bits, key length = [1-32]

                 bytes)

  md5            MD5 authentication

  sha1           SHA1 (digest length = 160 bits, key length = [1-32] bytes)

  sha2           SHA-256 (digest length = 256 bits, key length = [1-32] bytes)

 

 

USNO is requiring 64 HEX Characters (32 Bytes) but they're using the full HEX table, to include all sorts of special characters otherwise disallowed. Is there planned support for using HEX keys?

It's the middle of 2023 and our Nexus 9ks still only support MD5 with the latest NXOS. Not meeting FIPS standard is now a Category-1 finding for DoD shops.

I will pass this on to product management for a response.

-- David

 

 We use a Microchip NTP with atomic clock. It only allows for MD5, SHA-1, or SHA-512. We can't use MD5 or SHA-1 due to those being "unsecure" algorithms in today's landscape. @kellymur or @dlapier .....any suggestions or updates? @Roger3 ,thanks for your input.

We're looking to use the SHA-512, btw.