draft-ietf-ntp-mac-02.txt   draft-ietf-ntp-mac-03.txt 
Internet Engineering Task Force A. Malhotra Internet Engineering Task Force A. Malhotra
Internet-Draft S. Goldberg Internet-Draft S. Goldberg
Intended status: Standards Track Boston University Intended status: Standards Track Boston University
Expires: May 3, 2018 October 30, 2017 Expires: May 3, 2018 October 30, 2017
Message Authentication Code for the Network Time Protocol Message Authentication Code for the Network Time Protocol
draft-ietf-ntp-mac-02 draft-ietf-ntp-mac-03
Abstract Abstract
RFC 5905 [RFC5905] states that Network Time Protocol (NTP) packets RFC 5905 [RFC5905] states that Network Time Protocol (NTP) packets
should be authenticated by appending a 128-bit key to the NTP data, should be authenticated by appending a 128-bit key to the NTP data,
and hashing the result with MD5 to obtain a 128-bit tag. This and hashing the result with MD5 to obtain a 128-bit tag. This
document deprecates MD5-based authentication, which is considered to document deprecates MD5-based authentication, which is considered to
be too weak, and recommends the use of AES-CMAC [RFC4493] as a be too weak, and recommends the use of AES-CMAC [RFC4493] as a
replacement. replacement.
skipping to change at page 3, line 42 skipping to change at page 3, line 42
Reyzin, Harlan Stenn, and Mayank Varia. Reyzin, Harlan Stenn, and Mayank Varia.
7. IANA Considerations 7. IANA Considerations
This memo includes no request to IANA. This memo includes no request to IANA.
8. References 8. References
8.1. Normative References 8.1. Normative References
[RFC1321] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321,
DOI 10.17487/RFC1321, April 1992,
<https://www.rfc-editor.org/info/rfc1321>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC4493] Song, JH., Poovendran, R., Lee, J., and T. Iwata, "The [RFC4493] Song, JH., Poovendran, R., Lee, J., and T. Iwata, "The
AES-CMAC Algorithm", RFC 4493, DOI 10.17487/RFC4493, June AES-CMAC Algorithm", RFC 4493, DOI 10.17487/RFC4493, June
2006, <https://www.rfc-editor.org/info/rfc4493>. 2006, <https://www.rfc-editor.org/info/rfc4493>.
[RFC5905] Mills, D., Martin, J., Ed., Burbank, J., and W. Kasch, [RFC5905] Mills, D., Martin, J., Ed., Burbank, J., and W. Kasch,
"Network Time Protocol Version 4: Protocol and Algorithms "Network Time Protocol Version 4: Protocol and Algorithms
Specification", RFC 5905, DOI 10.17487/RFC5905, June 2010, Specification", RFC 5905, DOI 10.17487/RFC5905, June 2010,
<https://www.rfc-editor.org/info/rfc5905>. <https://www.rfc-editor.org/info/rfc5905>.
[RFC6151] Turner, S. and L. Chen, "Updated Security Considerations
for the MD5 Message-Digest and the HMAC-MD5 Algorithms",
RFC 6151, DOI 10.17487/RFC6151, March 2011,
<https://www.rfc-editor.org/info/rfc6151>.
[RFC7696] Housley, R., "Guidelines for Cryptographic Algorithm
Agility and Selecting Mandatory-to-Implement Algorithms",
BCP 201, RFC 7696, DOI 10.17487/RFC7696, November 2015,
<https://www.rfc-editor.org/info/rfc7696>.
8.2. Informative References 8.2. Informative References
[BCK] Bellare, M., Canetti, R., and H. Krawczyk, "Keyed Hash [BCK] Bellare, M., Canetti, R., and H. Krawczyk, "Keyed Hash
Functions and Message Authentication", in Proceedings of Functions and Message Authentication", in Proceedings of
Crypto'96, 1996. Crypto'96, 1996.
[Joux] Joux, A., "Authentication Failures in NIST version of [Joux] Joux, A., "Authentication Failures in NIST version of
GCM", GCM",
<http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/ <http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/
comments/800-38_Series-Drafts/GCM/Joux_comments.pdf>. comments/800-38_Series-Drafts/GCM/Joux_comments.pdf>.
[RFC1321] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321,
DOI 10.17487/RFC1321, April 1992,
<https://www.rfc-editor.org/info/rfc1321>.
[RFC6151] Turner, S. and L. Chen, "Updated Security Considerations
for the MD5 Message-Digest and the HMAC-MD5 Algorithms",
RFC 6151, DOI 10.17487/RFC6151, March 2011,
<https://www.rfc-editor.org/info/rfc6151>.
[RFC7696] Housley, R., "Guidelines for Cryptographic Algorithm
Agility and Selecting Mandatory-to-Implement Algorithms",
BCP 201, RFC 7696, DOI 10.17487/RFC7696, November 2015,
<https://www.rfc-editor.org/info/rfc7696>.
Authors' Addresses Authors' Addresses
Aanchal Malhotra Aanchal Malhotra
Boston University Boston University
111 Cummington St 111 Cummington St
Boston, MA 02215 Boston, MA 02215
US US
Email: aanchal4@bu.edu Email: aanchal4@bu.edu
 End of changes. 4 change blocks. 
15 lines changed or deleted 15 lines changed or added

This html diff was produced by rfcdiff 1.46. The latest version is available from http://tools.ietf.org/tools/rfcdiff/