SyncServer S100
The message digest is computed using preferred Message Digest 5 (MD5). An alternative is the Digital Encryption Standard, Cipher Block Chaining
The Message Authentication Code (MAC) is made up of a key identifier, then the message digest. Keys are held in a key cache; the cache is initialized from a private file.
Authentication: NTP v4 Autokey
NTP v4 uses
Public Domain NTP Package
For clients not using the public domain NTP package, the NTP packet is enlarged by 8 bytes to handle the entire cryptochecksum, which is 16 bytes (128 bits) in size as generated by the MD5. Since this field is the last in the packet, it should not present any difficulty.
How NTP Defines the Authentication Process
If authentication is enabled, and a valid authentication key identifier and cryptochecksum is received, then the NTP packet is filled in and a new cryptochecksum is computed and added to the packet. The packet is then sent back to the client.
More information
For more about NTP authentication, see both the NTP help available from the S100 web interface and from:
http://www.ntp.org.
Typical NTP Configuration Considerations
This section provides additional information on using NTP and network configuration. The examples provided for explanatory purposes only.
94 | S100 User Guide – Rev. D – June 2005 |