RFC 2328 describes three OSPF authentication types: null, plain text, and MD5, while RFC 5709 adds a second method to OSPFv2 — the Hashed Message Authentication Code – Secure Hash Algorithm (HMAC-SHA) algorithms. In the next sections, you will learn what is OSPF HMAC-SHA cryptographic authentication, how it works, and how to configure it and verify it.

In the rest of this tutorial, I will be using the following network diagram. There are two routers, and both of them are in OSPF area 0.

here are the initial configurations of R1 and R2.

Router R1

Router(config)# hostname R1
R1(config)# 
R1(config)# interface GigabitEthernet0/2
R1(config-if)# ip address 10.0.12.1 255.255.255.0
R1(config-if)# no shutdown
R1(config-if)# 
R1(config-if)# router ospf 1
R1(config-router)# router-id 1.1.1.1
R1(config-router)# network 10.0.12.1 0.0.0.0 area 0

Router R2

Router(config)# hostname R2
R2(config)# 
R2(config)# interface GigabitEthernet0/1
R2(config-if)# ip address 10.0.12.2 255.255.255.0
R2(config-if)# no shutdown
R2(config-if)# 
R2(config-if)# router ospf 1
R2(config-router)# router-id 2.2.2.2
R2(config-router)# network 10.0.12.2 0.0.0.0 area 0

What is OSPF HMAC-SHA Cryptographic Authentication?

OSPF HMAC-SHA Cryptographic Authentication protects routers against unauthorized routing packets by authenticating OSPF packets using HMAC-SHA algorithms. When this feature is enabled on a particular interface, OSPF authenticates all packets received on that interface and includes a hash in all OSPF packet types sent over it.

How Does OSPF HMAC-SHA Cryptographic Authentication Work?

To implement the OSPF HMAC-SHA cryptographic authentication on a particular subnet, you need to configure a shared secret key on all routers connected to the subnet. The shared key consists of six items: ID, password, KeyStartAccept, KeyStopAccept, KeyStartGenerate, and KeyStopGenerate.

The ID is an integer. The password is a string that should not exceed 80 characters. KeyStartAccept is the time that the router begins accepting packets constructed with the key. KeyStopAccept is the time that the router discontinues accepting packets constructed with the key. KeyStartGenerate is the time that the router begins generating OSPF packets with the key. Finally, KeyStopGenerate is the time that the router discontinues generating OSPF packets with the key.

When you enable the OSPF HMAC-SHA authentication mechanism on a particular interface, OSPF applies authentication using five fields in the header of the OSPF packets sent over this interface. The fields are Auth Type, Auth Crypt Key, Auth Crypt Data Length, Auth Crypt Sequence Number, and Auth Crypt Data, as shown in the following OSPF header.

Here are the definitions of these fields:

Auth Type: provides the authentication type being applied. It is set to 2, which means a cryptographic authentication is used.

Auth Crypt Key id: indicates the HMAC-SHA algorithm and secret key applied to produce the message digest.

Auth Crypt Data Length: the size in bytes of the message digest computed using the secret shared key and an HMAC-SHA algorithm.

Auth Crypt Sequence Number: A 32-bit non-decreasing value that is used to prevent replay attacks.

Auth Crypt Data: the content of the message digest. RFC 5709 states that the message digest is added to the end of the OSPF packet, not to the OSPF packet’s header. However, Cisco’s implementation of OSPF calculates two message digests, one added to the OSPF packet’s header, while the other is added to the OSPF packet’s content, as shown in the next figure.

After building the contents of an OSPF packet, the authentication procedure indicated by the sending interface’s Autype value is called before the packet is sent. The authentication procedure modifies the OSPF packet as follows.

How Routers Implement HMAC-SHA Authentication When Sending OSPF Packets

When using Cryptographic authentication, there may be multiple keys configured for the interface. In this case, among the keys that are valid for message generation (i.e, that have KeyStartGenerate <= current time < KeyStopGenerate) choose the one with the most recent KeyStartGenerate time. Using this key, modify the packet as follows:

Step 1. OSPF sets the Autype field in the OSPF header to 2.

Step 2. OSPF sets the checksum field in the OSPF header to 0.

Step 3. OSPF sets the Key ID field in the OSPF header to the Key ID of the key chain object you configured.

Step 4. OSPF sets the Auth Data Len field to the number of bytes of the message digest that is appended to the OSPF packet as the Auth Crypt Data field. For example, if the HMAC-SHA-512 algorithm is used, the length of the message digest is 512 bits which equal 64 byes (512 bits = 512/8 bytes = 64 bytes), and thus the Auth Data Len field would be set to 64.

Step 5. OSPF sets the Cryptographic sequence number to a non-decreasing value. This field’s length is 32 bits, and it is used to prevent replay attacks.

Step 6. OSPF calculates the message digest and then assigned to Auth Crypt Data field in the OSPF packet. The authentication algorithm to be used in calculating the digest is indicated by the key itself. Input to the authentication algorithm consists of the OSPF packet and the secret key.

How Routers Verify OSPF Packets Using the HMAC-SHA Cryptographic Authentication Method

When a router receives an OSPF packet on an interface on which the HMAC-SHA authentication method is enabled, the router follows these steps to authenticate the packet:

Step 1. It checks if the interface has an active configured key with the same Key ID as the one in the OSPF packet. RFC 5709 allows configuring multiple secret keys. If the router does find a key, or if the key is invalid, the OSPF packet is discarded. An invalid key means current time < KeyStartAccept or current time >= KeyStopAccept.

Step 2. It accepts the OSPF packet if the cryptographic sequence number included in the OSPF header is greater or equal to the one recorded in the data structure of the router originating the packet. Otherwise, the OSPF packet gets ignored.

Step 3. The router calculates a message digest is calculated based the HMAC-SHA authentication data in the packet’s header. If the calculated message digest matches the one in the OSPF packet’s header, the packet is accepted; otherwise, it gets dropped. Additionally, the router sets the cryptographic sequence number in the sending neighbor’s data structure to the sequence number included in the packet’s OSPF header.

How To Configure OSPF HMAC-SHA Cryptographic Authentication on Cisco IOS

On Cisco IOS, OSPF HMAC-SHA Cryptographic Authentication can be configured on a per-interface basis only. Here are the steps to set up OSPF HMAC-SHA Cryptographic Authentication between routers R1 and R2.

Step 1. Create a key chain object, using the key chain name command in router configuration mode, where name is a string.

Step 2. Configure the secret key’s identifier using the key command in key chain configuration mode.

Step 3. Configure the secret key’s password using the key-string pwd command, where pwd is a string that should not exceed 80 characters.

Step 4. Set the cryptographic authentication algorithm using the cryptographic-algorithm command.

Step 5. (optional) configure the KeyStartAccept and KeyStopAccept time constants of the key using the accept-lifetime command.

Step 6. (optional) configure the KeyStartGenerate and KeyStopGenerate time constants of the key using the send-lifetime command.

Step 7. Apply the key chain to the interface using the ip ospf authentication key-chain command.

Note that under the same key chain object, you can configure multiple keys to be used for different roles. For example, you add a key to use when a router received an OSPF packet, and a different key to be applied when the router sends an OSPF packet.

In the configurations below, we configure routers R1 and R2 to generate and authenticate OSPF packets using the HMAC-SHA-512 algorithm, key 1, and password CISCO.

Router R1

R1(config)# key chain kc1
R1(config-keychain)# key 1
R1(config-keychain-key)# cryptographic-algorithm hmac-sha-512
R1(config-keychain-key)# key-string CISCO
R1(config-keychain-key)# 
R1(config-keychain-key)# interface GigabitEthernet 0/2
R1(config-if)# ip ospf authentication key-chain kc1

Router R2

R2(config)# key chain kc1
R2(config-keychain)# key 1
R2(config-keychain-key)# cryptographic-algorithm hmac-sha-512
R2(config-keychain-key)# key-string CISCO
R2(config-keychain-key)# 
R2(config-keychain-key)# interface GigabitEthernet 0/1
R2(config-if)# ip ospf authentication key-chain kc1

How to Verify OSPF HMAC-SHA Cryptographic Authentication

The show ip ospf interface command displays the type of the OSPF cryptographic authentication enabled on an interface. When the HMAC-SHA authentication is active, the command gives the key and HMAC-SHA algorithm that are used, as shown in this example.

R1# show ip ospf interface gigabitEthernet 0/2
GigabitEthernet0/2 is up, line protocol is up 
  Internet Address 10.0.12.1/24, Area 0, Attached via Network Statement
  Process ID 1, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 1
  Topology-MTID    Cost    Disabled    Shutdown      Topology Name
        0           1         no          no            Base
  Transmit Delay is 1 sec, State BDR, Priority 1
  Designated Router (ID) 2.2.2.2, Interface address 10.0.12.2
  Backup Designated router (ID) 1.1.1.1, Interface address 10.0.12.1
  Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
    oob-resync timeout 40
    Hello due in 00:00:05
  Supports Link-local Signaling (LLS)
  Cisco NSF helper support enabled
  IETF NSF helper support enabled
  Index 1/1/1, flood queue length 0
  Next 0x0(0)/0x0(0)/0x0(0)
  Last flood scan length is 1, maximum is 1
  Last flood scan time is 0 msec, maximum is 0 msec
  Neighbor Count is 1, Adjacent neighbor count is 1 
    Adjacent with neighbor 2.2.2.2  (Designated Router)
  Suppress hello for 0 neighbor(s)
  Cryptographic authentication enabled
    Sending SA: Key 1, Algorithm HMAC-SHA-512 - key chain kc1

The obvious drawback of the show ip ospf interface command is that it does not display the secret key’s password. To do so, use the show key chain command, as you can see in the example.

R1# show key chain kc1
Key-chain kc1:
    key 1 -- text "CISCO"
        accept lifetime (always valid) - (always valid) [valid now]
        send lifetime (always valid) - (always valid) [valid now]

Related Lessons to OSPF HMAC-SHA Cryptographic Authentication

Conclusion

I hope this blog post helps you learn something.
Now I’d like to turn it over to you:
What did you like about this tutorial?
Or maybe you have an excellent idea that you think I need to add.
Either way, let me know by leaving a comment below right now.

Mohamed Ouamer
Mohamed Ouamer is a computer science teacher and a self-published author. He taught networking technologies and programming for more than fifteen years. While he loves to share knowledge and write, Mohamed's best passions include spending time with his family, visiting his parents, and learning new things.