Professional Documents
Culture Documents
Cisco IOS and Cisco IOS XE Type 4 Passwords Issue
Cisco IOS and Cisco IOS XE Type 4 Passwords Issue
Cisco IOS and Cisco IOS XE Type 4 Passwords Issue
Revision 1.2
Last Updated on 2015 April 7 19 : 54 UTC (GMT)
For Public Release 2013 March 18 16 : 00 UTC (GMT)
Contents
Response
Additional Information
Status of this Notice: Final
Revision History
Cisco Security Procedures
Cisco Response
This is the Cisco response to research performed by Mr. Philipp Schmidt and Mr. Jens Steube from the Hashcat Project on the weakness of Type 4 passwords on Cisco
IOS and Cisco IOS XE devices. Mr. Schmidt and Mr. Steube reported this issue to the Cisco PSIRT on March 12, 2013.
Cisco would like to thank Mr. Schmidt and Mr. Steube for sharing their research with Cisco and working toward a coordinated disclosure of this issue.
This Cisco Security Response is available at http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20130318-type4
Additional Information
A limited number of Cisco IOS and Cisco IOS XE releases based on the Cisco IOS 15 code base include support for a new algorithm to hash user-provided plaintext
passwords. This algorithm is called Type 4, and a password hashed using this algorithm is referred to as a Type 4 password. The Type 4 algorithm was designed to be a
stronger alternative to the existing Type 5 and Type 7 algorithms to increase the resiliency of passwords used for the enable secret password and username username
secret password commands against brute-force attacks.
The design called for using Password-Based Key Derivation Function version 2 (PBKDF2), as described in RFC 2898 section 5.2, with the following input values:
Hash algorithm = SHA-256
Password = the user-provided plaintext password
Salt = 80 bits (generated by calling a cryptographically secure random number generator)
Iteration count = 1,000 (one thousand)
Due to an implementation issue, the Type 4 password algorithm does not use PBKDF2 and does not use a salt, but instead performs a single iteration of SHA-256 over
the user-provided plaintext password. This approach causes a Type 4 password to be less resilient to brute-force attacks than a Type 5 password of equivalent
complexity.
The following issues were also introduced because of the implementation of Type 4 passwords:
A device running a Cisco IOS or IOS XE release with support for Type 4 passwords lost the capability to create a Type 5 password from a user-provided
plaintext password
Backward compatibility problems may arise when downgrading from a device running a Cisco IOS or IOS XE release with Type 4 password support and Type 4
passwords configured to a Cisco IOS or Cisco IOS XE release that does not support Type 4 passwords. Depending on the specific device configuration, the
administrator may not be able to log in to the device or to change into privileged EXEC mode, requiring a password recovery process to be performed.
All the preceding issues apply only to devices running Cisco IOS or Cisco IOS XE releases with support for Type 4 passwords, and only to the "enable secret
<password>" and "username <username> secret <password>" commands. No other Cisco IOS or IOS XE features use this algorithm to hash passwords or keys.
For example, these issues do not affect Open Shortest Path First (OSPF), Border Gateway Protocol (BGP), Routing Information Protocol (RIP), any other routing
protocol keys, or pre-shared keys for IPsec.
These issues do not apply to devices running a Cisco IOS or Cisco IOS XE release without support for Type 4 passwords.
This issue is documented in Cisco Bug ID CSCue95644 (registered customers only).
Determining Whether a Cisco IOS or Cisco IOS XE Release Supports Type 4 Passwords
Administrators can use the following procedure to determine whether the Cisco IOS or Cisco IOS XE release running on a given device includes support for Type 4
passwords:
1) Log in to the device and execute the show version | include IOS command:
router#show version | include IOS
Cisco IOS Software, 1841 Software (C1841-ADVENTERPRISEK9-M), Version 15.3(1)T, RELEASE SOFTWARE (fc1)
router#
If the version number starts with "15" proceed to the next step. Otherwise, the Cisco IOS or Cisco IOS XE release running on the device does not include support
for Type 4 passwords.
2) While logged in to the device as a privileged user, enter configuration mode and execute an enable secret ? command:
router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
router#(config)#enable secret ?
0
Specifies an UNENCRYPTED password will follow
4
Specifies an SHA256 ENCRYPTED secret will follow
5
Specifies a MD5 ENCRYPTED secret will follow
LINE
The UNENCRYPTED (cleartext) 'enable' secret
level Set exec level password
router(config)#
In the preceding example, the line "4 Specifies an SHA256 ENCRYPTED secret will follow" indicates the Cisco IOS or Cisco IOS XE release running on the
device does supports Type 4 passwords.
router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
router#(config)#enable secret ?
0
Specifies an UNENCRYPTED password will follow
5
Specifies a MD5 ENCRYPTED secret will follow
LINE
The UNENCRYPTED (cleartext) 'enable' secret
level Set exec level password
router(config)#
In the preceding example, there is no "4 Specifies an SHA256 ENCRYPTED secret will follow" in the help output of the enable secret command. This output indicates
the Cisco IOS or Cisco IOS XE release running on this device does not support Type 4 passwords.
Behavior of a Cisco IOS or Cisco IOS XE Release with Support for Type 4 Passwords
A device running a Cisco IOS or Cisco IOS XE release with support for Type 4 passwords will exhibit the following behavior:
1) Configuring an enable secret password or username username secret password command (with password being a plaintext password) will cause a Type 4
password to be generated:
router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
router(config)#enable secret Th1z#1s+53kri7
router(config)#username demo secret Th1z#1s+53kri7
router(config)#do show running-config | include ^(enable|username)
enable secret 4 ohKCwRDiX5YiRkTbLspqXvQkxiL91lDUlt.JzPd33RY
username demo secret 4 ohKCwRDiX5YiRkTbLspqXvQkxiL91lDUlt.JzPd33RY
router(config)#
Note: There is no way to supply a plaintext password as an argument to either the enable secret password or username username secret password and indicate that a
Type 5 password should be generated. The only way to configure either an enable secret password or username username secret password with a Type 5 password is
using the enable secret 5 password or username username secret 5 password commands, where password is a previously generated Type 5 password.
2) Configuring an enable secret 5 password or username username secret 5 password (where password is a previously generated Type 5 password) will result in a
warning, but the password will be correctly parsed, added to the configuration, and fully functional. The generated warning can safely be ignored. An example follows:
router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
router(config)#enable secret 5 $1$YXEj$Fr7OC1Jh62xJRb/rdIm9d0
Warning: The CLI will be deprecated soon
'enable secret 5 $1$YXEj$Fr7OC1Jh62xJRb/rdIm9d0'
Please move to 'enable secret <password>' CLI
router(config)#username demo secret 5 $1$Gd0I$VJkZkCRG1d1FvY7we7dzM.
Warning: MD5 encryption will be deprecated soon.Please move to SHA256 encryption.
router(config)#do show running-config | include ^(enable|username)
enable secret 5 $1$YXEj$Fr7OC1Jh62xJRb/rdIm9d0
username demo secret 5 $1$Gd0I$VJkZkCRG1d1FvY7we7dzM.
router(config)#
3) If the device was upgraded from a previous Cisco IOS or Cisco IOS XE release without support for Type 4 passwords, and the configuration included the commands
enable secret 5 password or username username secret 5 password, those Type 5 passwords will be parsed, added to the configuration, and fully functional. There is
no automatic conversion of existing Type 5 passwords to Type 4 passwords after upgrading a device to a Cisco IOS or Cisco IOS XE release that has support
for Type 4 passwords.
Paste the previously generated Type 5 password into the appropriate command, either enable secret 5 password or username username secret 5 password. Remember
to specify the type of encryption by adding the number 5 after the secret keyword in both commands. Otherwise, the provided password will be interpreted as a
plaintext password.
The following example uses the Type 5 password generated on another device as the enable secret password, and the Type 5 password generated by openssl becomes
the user password for the user named demo:
router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
router(config)#username demo secret 5 $1$dxVt$FSJmj1O6JUZdbUjxZkIuD.
Warning: MD5 encryption will be deprecated soon.Please move to SHA256 encryption.
router(config)#enable secret 5 $1$M/wf$iqBnv/g3GuVUsCpWcDFS20
Warning: The CLI will be deprecated soon
'enable secret 5 $1$M/wf$iqBnv/g3GuVUsCpWcDFS20'
Please move to 'enable secret <password>' CLI
router(config)#
Notes
A deprecation warning will be generated when using a Type 5 password for either the enable secret 5 command or the username username secret 5 password
command. This warning can be safely ignored.
If the deprecation warning for either the enable secret 5 command or the username username secret 5 password command does not occur, the device is not
interpreting the provided password as a Type 5 password. Make sure the number 5 is included after the secret keyword in either command.
15.0EA
15.0(2)EA
15.0EB
15.0(2)EB
15.0EC
15.0(2)EC
15.0ED
15.0(2)ED
15.0EX
15.0EY
15.0(2)EY, 15.0(2)EY1
15.0EZ
15.0(1)EZ, 15.0(2)EZ
15.0MR
15.0(1)MR, 15.0(2)MR
15.0MRA
15.0(1)MRA
15.0S
15.0SE
15.1EY
15.1GC
15.1(4)GC, 15.1(4)GC1
15.1M
15.1MR
15.1MRA
15.1(3)MRA, 15.1(3)MRA1
15.1S
15.1(1)S, 15.1(1)S1, 15.1(1)S2, 15.1(2)S, 15.1(2)S1, 15.1(2)S2, 15.1(3)S, 15.1(3)S0a, 15.1(3)S1, 15.1(3)S2, 15.1(3)S3, 15.1(3)S4,
15.1(3)S5, 15.1(3)S6
15.1SA
15.1SG
15.1SNG
15.1(2)SNG
15.1SNH
15.1(2)SNH, 15.1(2)SNH1
15.1SNI
15.1(2)SNI
15.1SVA
15.1(3)SVA
15.1SVB
15.1(3)SVB, 15.1(3)SVB1
15.1SVC
15.1(3)SVC
15.1XB
15.1(4)XB8, 15.1(4)XB8a
15.2E
15.2(1)E, 15.2(2)E
15.2GC
15.2GCA
15.2(3)GCA, 15.2(3r)GCA
15.2JA
15.2(4)JA
15.2M
15.2(4)M, 15.2(4)M1, 15.2(4)M10, 15.2(4)M2, 15.2(4)M3, 15.2(4)M4, 15.2(4)M5, 15.2(4)M6, 15.2(4)M7, 15.2(4)M8, 15.2(4)M9
15.2S
15.2(1)S, 15.2(1)S0a, 15.2(1)S1, 15.2(1)S2, 15.2(2)S, 15.2(2)S0a, 15.2(2)S0b, 15.2(2)S0c, 15.2(2)S0d, 15.2(2)S1, 15.2(2)S2,
15.2(4)S, 15.2(4)S0c, 15.2(4)S0xb, 15.2(4)S1, 15.2(4)S1c, 15.2(4)S2, 15.2(4)S2t, 15.2(4)S3, 15.2(4)S4, 15.2(4)S5, 15.2(4)S6
15.2SA
15.2(1)SA, 15.2(2)SA
15.2SB
15.2SC
15.2(1)SC, 15.2(1)SC1
15.2SNG
15.2(2)SNG
15.2SNH
15.2(2)SNH, 15.2(2)SNH1
15.2SNI
15.2(2)SNI
15.2T
15.2XB
15.2(4)XB10, 15.2(4)XB11
15.3T
15.3S
15.4S
15.4(1)S
Revision History
Revision 1.2
2015-April-07
Revision 1.1
2013-March-22
Revision 1.0
2013-March-18