S 5.112 Security aspects of routing protocols
Initiation responsibility: Head of IT, IT Security Officer
Implementation responsibility: Administrator
Authentication
Ideally, only routing protocols that support secure authentication of the routers when exchanging routing information should be used. Whenever an update of the routing table is sent, the router sending these routing updates needs to be authenticated. This ensures that a given router will only process reliable routing information from a trusted source (router). The security of the network is threatened by unauthorised or deliberately falsified routing updates if authentication is not performed when exchanging routing information.
Additional security is achieved through the configuration of access control lists so that only defined IP addresses are allowed to exchange routing information.
Dynamic routing protocols should only be used in secure networks. They must not be used in Demilitarised Zones (DMZ), since if an attacker were to succeed in reading data packets during the exchange of routing information in the DMZ, he/she would thereby gain knowledge of the internal network structure. Static routes should instead be entered in Demilitarised Zones.
The following routing protocols support authentication when exchanging routing information:
- Border Gateway Protocol (BGPv4)
- Open Shortest Path First (OSPFv2)
- version 2 of Routing Information Protocol (RIPv2)
- Enhanced Interior Gateway Protocol (EIGRP)
- Intermediate-System-to Intermediate-System (IS-IS)
A router that sends routing updates is authenticated by exchanging a key (password). All routers to be updated must know this key. The key is specified by the administrator in the router configuration. This key should be changed regularly.
Cryptographic authentication
The various routing protocols can be divided into protocols that use plain text authentication and those that use cryptographic authentication. We can only recommend the use of routing protocols that support cryptographic authentication.
The MD5 hash method is generally used for cryptographic authentication. In this case, a message digest is sent for authentication purposes instead of the actual key. The message digest is created with the help of the key, but the key itself is not transmitted over the network.
This prevents anyone in the network from reading the key without authorisation. In terms of key management, it must be taken into account that the keys must be distributed and replaced, and that they need to be protected against unauthorised reading and eavesdropping.
The following protocols support cryptographic authentication:
- Border Gateway Protocol (BGPv4)
- Open Shortest Path First (OSPFv2)
- version 2 of Routing Information Protocol (RIPv2)
- Enhanced Interior Gateway Protocol (EIGRP)
- Intermediate-System-to-Intermediate-System (IS-IS)
Note: Cryptographic weaknesses have been discovered in the MD5 hash algorithm. Therefore, a stronger algorithm should be used if possible. However, not all routing protocols and products provide full support yet for hash algorithms other than MD5. RFC 4822 specifies how hash algorithms in the SHA family can be used for authentication when using RIPv2. Through the use of IPSec, it is basically also possible to use hash algorithms stronger than MD5 for OSPFv3 (OSPF for IPv6). In spite of the known weaknesses of MD5, an MD5-based authentication will still offer a higher overall level of security than plain text authentication.
Key management
Some routing protocols allow the keys to be administered using key chains. A key chain consists of a series of predefined keys. These keys are used in rotation by the routers. This reduces the probability of someone spying out the keys. The keys in a key chain are only valid for a defined period. It is important in this case for the routers to have the exact time so that the keys can be changed synchronously. This can be achieved by specifying an internal NTP server. Ideally, the internal NTP server is linked to a radio-controlled clock.
The following protocols support key administration:
- version 2 of Routing Information Protocol (RIPv2)
- Enhanced Interior Gateway Protocol (EIGRP)
The following table presents the different authentication features of the routing protocols from the perspective of security:
| Name of Protocol | Authentication | Plain text | Hash | Protocol RFCs |
|---|---|---|---|---|
| RIPv1 | No | RFC 1058 | ||
| IGRP | No | Proprietary (Cisco) | ||
| RIPv2 | Yes | Yes | Yes | RFC 2453, 4822 |
| EIGRP | Yes | Yes | Proprietary (Cisco) | |
| OSPFv2 | Yes | Yes | Yes | RFC 2328 |
| IS-IS | Yes | Yes | Yes | RFC 1195, 5304 |
| BGPv4 | Yes | Yes | RFC 4271 |
Table: Authentication available in the various routing protocols
Review questions:
- Has it been specified whether authentication of the routers is required in case of routing updates?
- Is the distribution and replacement of the keys for authentication of the routers protected against unauthorised reading or eavesdropping?
- Are the keys used for sending routing updates for authentication of the routers changed regularly?
- Has it been ensured that no information on the internal network structure is transmitted to the outside in the routing packets?
- Are dynamic routing protocols avoided in Demilitarised Zones and are static routes used instead?
- Are the defined routing domains clearly separated?
- Was the decision of whether or not the routers need to be authenticated based on the corresponding protection requirements?