Crypto - what algorithms to use?

Mark Atwood fallenpegasus at
Thu Mar 31 23:47:05 UTC 2016

We should live with MD5/SHA1 in shared key protocol, for now, for reasons
of compatibility, but document that we know it's not the current best

Who maintains the leap-file?


On Mon, Mar 28, 2016 at 11:16 PM Hal Murray <hmurray at> wrote:

> The current ntpd has a simple shared key setup to make sure the client is
> talking to the right server.  The payload is not encrypted.  This is
> authentication, not confidentiality.
> It uses MD5 or SHA1.  Those are getting a bit old.  We should probably
> update
> things.
> Is there a good list of what algorithms are currently thought to be secure?
> I think the code changes will be simple - libcrypto does all the work.  I
> don't know my way around that area, but I think I've seen an API to get a
> list of the algorithms it supports.
> Should we drop support for insecure algorithms, or retain it for backwards
> compatibility?
> Odds and ends:
> ntpd gets the SHA1 code from libcrypto from the openssl-libs package (on
> Fedora)
> There is MD5 code in libntp/a_md5encrypt.c, so you can use MD5 without
> libcrypto.
> Looks like there is also MD5 and SHA1 code in libisc
> They both use libcrypto is it's available, otherwise they provides real
> code.
> I don't think the MD5 code is ever used.  The SHA1 code is used to verify
> the
> leap-file.
> --
> These are my opinions.  I hate spam.
> _______________________________________________
> devel mailing list
> devel at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the devel mailing list