Crypto - what algorithms to use?

Hal Murray hmurray at
Tue Mar 29 06:16:18 UTC 2016

The current ntpd has a simple shared key setup to make sure the client is 
talking to the right server.  The payload is not encrypted.  This is 
authentication, not confidentiality.

It uses MD5 or SHA1.  Those are getting a bit old.  We should probably update 

Is there a good list of what algorithms are currently thought to be secure?  
I think the code changes will be simple - libcrypto does all the work.  I 
don't know my way around that area, but I think I've seen an API to get a 
list of the algorithms it supports.

Should we drop support for insecure algorithms, or retain it for backwards 

Odds and ends:

ntpd gets the SHA1 code from libcrypto from the openssl-libs package (on 
There is MD5 code in libntp/a_md5encrypt.c, so you can use MD5 without 

Looks like there is also MD5 and SHA1 code in libisc
They both use libcrypto is it's available, otherwise they provides real code.
I don't think the MD5 code is ever used.  The SHA1 code is used to verify the 

These are my opinions.  I hate spam.

More information about the devel mailing list