Networking vendor Cisco Systems Inc. has issued a security advisory regarding password issues discovered in a limited...
number of its IOS- and IOS XE-based networking devices that could create conditions for successful brute-force attacks.
Cisco was notified about the issue a week ago by Hashcat Project researchers Philipp Schmidt and Jens Steube. It is centered on the Type 4 algorithm, which is used in the Cisco IOS 15 code base to hash user-provided plaintext passwords.
Originally designed to be a strong alternative to Type 5 and Type 7 password protection mechanisms, the researchers found that an implementation flaw with Type 4 user passwords leaves them vulnerable to brute-force attacks because they are not salted; a single iteration of the SHA-256 cryptographic hash function is used instead of the intended Password-Based Key Derivation Function version 2 (PBKDF2).
The networking giant noted that only IOS and IOS XE devices with support for Type 4 passwords are vulnerable to this issue.
According to Schmidt, this discovery came about after some discussion on Hashcat forums regarding the security of the Type 4 passwords. Though the user interface running on Cisco's devices referred to the hashes as SHA-256, he commented that they expected "something more secure" from Cisco. With the newest version of oclHashcat-plus password cracking and recovery tool, Schmidt said the encryption used with Type 4 passwords can be cracked quickly.
Schmidt also took Cisco to task for replacing what he considers to be the more secure Type 5 passwords with the highly vulnerable Type 4 passwords.
"Our discoveries show that the problems around Type 4 secrets are severe, and shockingly, Cisco even wanted to replace older secret types (e.g. Type 5) with the Type 4 secrets," he said via email. "Indeed, the newest versions of IOS and IOS XE display warnings whenever Type 5 is used. In our opinion, Type 5 hashes, which have 1,000 iterations plus salting, are much more secure."
For those seeking to revert to Type 5 passwords, the Cisco advisory delivered more bad news. Devices running its IOS and IOS XE software with support for Type 4 passwords are incapable of creating a Type 5 password. Customers that wish to generate Type 5 passwords must do so using another device without Type 4 support, and then copy the Type 5 password to the device configuration. For those companies considering downgrading from a release that supports Type 4 passwords to one that doesn't, Cisco also warned that backward compatibility problems may arise, depending on the specific device configuration.
Regarding future IOS and IOS XE passwords, Cisco has stated that it intends to deprecate Type 4 passwords and remove the deprecation warning for Type 5 passwords. The company also plans to introduce a new password protection scheme based on the original design intended for Type 4 passwords, including the use of PBKDF2 with SHA-256 encryption, with an 80-bit salt and 1,000 iterations.