Tuesday, 23 September 2025

MD5 to SHA/AES Migration

1. Why Replace MD5?

- MD5 is vulnerable to collision attacks, allowing attackers to generate the same hash with different inputs.

- It is not resistant to brute-force attacks with modern compute power.

- Officially deprecated by IETF (RFC 6151).

Impact in Cisco Protocols:

- BGP/OSPF/HSRP: Forged packets could establish false adjacencies, hijack sessions, or disrupt routing.

- SNMPv3: MD5 + DES weakens management plane security, allowing interception/alteration of NMS traffic.

2. Cisco Cryptography Alternatives

BGP:

- Legacy: MD5 neighbor password.

- Modern: HMAC-SHA-256 key-chains or TCP-AO with SHA-256 (IOS-XE 17.x+, NX-OS 9.3+, IOS-XR 7.x+).

- For untrusted eBGP links: IPsec tunnel protection.

OSPF:

- Legacy: MD5 authentication.

- Modern: OSPFv2 with HMAC-SHA-256 key-chains, OSPFv3 with IPsec ESP/AH (SHA-2).

HSRP:

- Legacy: MD5 standby authentication.

- Modern: HSRPv2/v3 with HMAC-SHA-256 key-chains.

SNMPv3:

- Legacy: MD5 authentication with DES privacy.

- Modern: SHA authentication with AES-128/192/256 for privacy.

3. Technical Migration Principles

- Dual Authentication: Cisco supports key-chains with multiple keys/lifetimes (MD5 + SHA overlap).

- Protocol Dependency: Routing protocols (BGP, OSPF, HSRP) first; management plane (SNMPv3) last.

- Platform Considerations:

   * IOS-XE: HMAC-SHA-256 since 15.1(2)SY / XE 3.7.

   * NX-OS: SHA since 7.0(3)I7; TCP-AO in 9.3+.

   * IOS-XR: SHA/TCP-AO since 6.0+.

   * ASA/FTD: SNMPv3 with SHA/AES since 9.x.

4. Example – Dual Authentication with Key-Chain

key chain BGP_KEYS
 key 1
  key-string OLD-MD5-KEY
  cryptographic-algorithm md5
  accept-lifetime 00:00:00 Jan 1 2024 infinite
  send-lifetime 00:00:00 Jan 1 2024 23:59:59 Dec 31 2024
 key 2
  key-string NEW-SHA-KEY
  cryptographic-algorithm hmac-sha-256
  accept-lifetime 00:00:00 Jan 1 2024 infinite
  send-lifetime 00:00:00 Jan 1 2025 infinite

- During migration: both MD5 and SHA valid.
- After cutover: disable MD5 lifetime, leaving only SHA active.

5. Risks of Not Migrating

- Vulnerable to route hijacking (BGP).

- HSRP hijack: attacker takes over virtual IP.

- SNMPv3 downgrade: attacker reads/changes monitoring data.

- Non-compliance with NIST SP 800-131A, PCI-DSS, ISO 27001.

6. Operational Benefits After Migration

- Stronger compliance (SHA-256/AES-256).

- Reduced risk of cryptographic attacks.

- Consistent key rotation policies across protocols.

- Future-proof with TCP-AO, OSPFv3 IPsec, SNMP AES-256.

Part II – Migration Plan

1. Objectives

- Eliminate weak cryptography (MD5, DES/3DES).

- Standardize on SHA-256 (or higher) and AES.

- Ensure minimal disruption with staged rollout and rollback.

2. Scope

Protocols: BGP, OSPFv2/OSPFv3, HSRP, SNMPv3.

Platforms: IOS-XE (Cat9K, ISR, ASR1K), NX-OS (Nexus 9K/7K/3K), IOS-XR (ASR9K, NCS), ASA/FTD.

3. Phased Migration Approach

Phase 1 – Discovery & Assessment

1. Inventory devices (OS version, crypto configs).

2. Verify feature support for SHA-2/TCP-AO.

3. Identify OS upgrade needs.

4. Prioritize migration order: Core (BGP/OSPF), Edge (HSRP), Management (SNMPv3).

Phase 2 – Lab Validation

1. Build lab/DR setup.

2. Validate SHA-256 configs for BGP, OSPF, HSRP.

3. Validate OSPFv3 with IPsec ESP/AH.

4. Validate SNMPv3 with SHA/AES.

5. Test dual-auth fallback.

6. Check interoperability (multi-vendor if applicable).

Phase 3 – Pilot Rollout

1. Select low-risk sites.

2. Implement SHA configs in parallel with MD5.

3. Monitor adjacency/polling.

4. Rollback to MD5-only if needed.

Phase 4 – Production Migration

Step A: BGP – SHA-256 key-chain, validate, remove MD5.

Step B: OSPF – SHA-256 key-chain, validate adjacency, remove MD5.

Step C: HSRP – SHA-256, validate, remove MD5.

Step D: SNMPv3 – Add SHA/AES users, migrate NMS, remove MD5/DES users.

Phase 5 – Decommission & Hardening

1. Remove MD5/DES configs.

2. Standardize on SHA-256 and AES.

3. Update golden configs and DNAC/Prime templates.

4. Document cryptographic standards in LLD/HLD.

4. Rollback Plan

- Retain MD5 in parallel until stable.

- For BGP/OSPF, fallback to MD5-only key-chain.

- For HSRP, revert to MD5 authentication.

- For SNMPv3, retain MD5/DES users until migration confirmed.

5. Risk Mitigation

- Perform change in maintenance window.

- Stagger per protocol.

- Ensure console/OOB access.

- Monitor syslog, SNMP traps, debug logs.

6. Example Cisco Configurations

BGP (IOS-XE/NX-OS):

key chain BGP_KEYS
 key 1
  key-string <secure-key>
  cryptographic-algorithm hmac-sha-256
!
router bgp 65000
 neighbor 192.0.2.1 password keychain BGP_KEYS

OSPFv2 (IOS-XE):

key chain OSPF_KEYS
 key 1
  key-string <secure-key>
  cryptographic-algorithm hmac-sha-256
!
interface Gig0/0
 ip ospf authentication key-chain OSPF_KEYS

HSRP (IOS-XE):

key chain HSRP_KEYS
 key 1
  key-string <secure-key>
  cryptographic-algorithm hmac-sha-256
!
interface Gig0/1
 standby 1 ip 10.10.10.1
 standby 1 authentication md5 key-chain HSRP_KEYS

SNMPv3 (IOS-XE/NX-OS/ASA):

snmp-server group SECURE v3 priv
snmp-server user netops SECURE v3 auth sha <auth-pass> priv aes 256 <priv-pass>

Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)