|
|
|
In a full implementation of Key Chains, a Key Chain a set of Keys each with its own set of parameters used for MD5 encryption. The parameters are an encryption Key and the period of time that the key is valid. This key must be identical on each device that will participate in an exchange of information. In the case of RIP (version 2 only), routers can use MD5 encryption to ensure that only routing information packets (RIP packets) from authorized routers are accepted.
In a simple implementation, the user creates one Key in a Key Chain and this key is used until it expires.In an advanced implementation, a Key Chain contains multiple keys each valid for a limited amount of time. This provides a periodic change of the encryption key giving the highest level of security. The drawback to this approach is that every device participating in an exchange, such as RIP V2 routers on the same subnet, must have their clocks synchronized. Failure to synchronize would cause devices to use different keys and hence reject RIP updates from neighboring RIP routers.
|
|
|