Information
Strong authentication methods should be set for NTP Servers
Rationale:
Having established the need for NTP, it is essential to ensure that the devices time is not manipulated by an attacker as this could allow DoS to services relying on accurate time as well as replay attacks and other malicious activity.
NTP Version 3 introduced Authentication mechanisms for NTP messages using a Keyed Hash based Message Authentication Check (HMAC), where a hash of the message ensures both that the message is authentic and that it was not changed in transit. All JUNOS platforms support HMAC with NTP Versions 3 and 4 using MD5 and some platforms also support the more robust SHA1 and SHA2-256 algorithms.
Message Digest 5 (MD5) is an older hashing mechanism dating back to the early 90's. Since 2004 an increasing number of collision vulnerabilities have been shown in MD5 and the algorithm is no longer considered suitable for authentication and integrity protection of sensitive material or X.509 certificates.
While not supported across all devices, most JUNOS devices now support use of SHA1 and SHA2-256 HMAC for NTP message authentication. This feature is documented through Juniper Feature Explorer as Enhancement to NTP authentication method and is supported on most Junos devices from Junos OS 18.2R1 onward (though individual platform support varies).
Like MD5, SHA1 is now considered deprecated due to the risk of collisions. As a result, in high security environments it is recommended that SHA2-256 be used for authentication of all NTP Servers or Peers (where this Junos device itself is acting as an NTP Server).
NOTE - Both the keys and the algorithm must match on all NTP peers being configured.
Impact:
If keys or algorithms do not match on NTP Servers and Client devices NTP will not be able to update and this could impact Logging, Authentication, Encryption/VPN or other services which rely on consistent time.
Solution
Keys are configured on a key ring and identified by an ID number. To add a key enter the following command from the [edit system ntp] hierarchy;
[edit system ntp]
user@host#set authentication-key <Key ID> type <algorithm> value <Key>
<Key ID> is an arbitrary 32-bit non-zero integer used to identify this key locally on the device. The <algorithm> can be set to MD5 (the default), SHA1 or SHA256 (with SHA1 and SHA256 only being supported on some devices) - for Strong Authentication Methods you should use sha256 only.
Configure the key as trusted so that the router will accept NTP traffic encrypted using it. This mechanism provides an easy method to retire keys in the event of compromise. Enter following command from the [edit system ntp] hierarchy;
[edit system ntp]
user@host#set trusted-key <Key ID>
The <Key ID> which is trusted can be one key or several keys by enclosing the list in square brackets or repeating the command.
Finally, update the keys for each NTP servers using the following command under the [edit system ntp] hierarchy:
[edit system ntp]
user@host#set server <Servers IP> key <key ID>
Default Value:
NTP is not configured by default