Edit: SOLVED. Protocol authentication uses HMAC, not the plain hash function. HMAC-MD5 will of course be less secure then HMAC-SHA3 but to this date has no known attacks.
I'm a total beginner so please excuse my ignorance.
I'm currently participating in a basic LAN networking course and have a security question. It seams that network protocols like VTP and HSRP have a password option that is hashed with the message to authenticate that the sender is part of the VTP domain or HSRP group. Everywhere I've read that these authentications use MD5 or SHA1, including on Cisco's site last updated in 2018; https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp_fhrp/configuration/xe-3s/fhp-xe-3s-book/fhp-hsrp-md5.html MD5 and SHA1 have been declared unsuitable for cryptographic use since 2012 and 2010 respectively. I couldn't find change-logs to the protocol that updated the hash function to an up to date cartographic protocol. Are we still using these outdated hashing protocols? Is there a way to manually upgrade the protocol on my own private network?
No comments:
Post a Comment