4.1 RIP v2 Overview  
  4.1.7 Authentication  
A security concern with any routing protocol is the possibility of a router accepting invalid routing updates. The source of invalid updates may be an attacker trying to maliciously disrupt the internetwork. The attacker may be trying to capture packets by tricking the router into sending them to the wrong destination. A more mundane source of invalid updates may be a malfunctioning router. RIP v2 includes the capability to authenticate the source of a routing update by including a password.

Authentication is supported by modifying what would normally be the first route entry of the RIP message, as shown in Figure . Note that with authentication the maximum number of entries a single update can carry is reduced to 24. The presence of authentication is indicated by setting the Address Family Identifier field to all ones, 0xFFFF. The Authentication Type for simple password authentication is two, 0x0002, and the remaining 16 octets carry an alphanumeric password of up to 16 characters. The password is left justified in the field, and if the password is less than 16 octets, the unused bits of the field are set to zero.

Figure shows an analyzer capture of a RIP v2 message with authentication. The output reveals a security concern with default RIP v2 authentication. The password is transmitted in plain text. Anyone who can capture a packet containing a RIP v2 update message can read the authentication password.

Although RFC 1723 describes only simple password authentication, foresight is shown by including the Authentication Type field. Cisco IOS takes advantage of this feature and provides the option of using MD5 authentication instead of simple password authentication. Cisco uses the first and last route entry spaces for MD5 authentication purposes.

MD5 is a one-way message digest or secure hash function, produced by RSA Data Security, Incorporated. It is also referred to as a cryptographic checksum because it works in somewhat the same way as an arithmetic checksum. MD5 computes a 128-bit hash value from a plain text message of arbitrary length and a password. An example would be a RIP v2 update. This fingerprint is transmitted along with the message. The receiver, knowing the same password, calculates its own hash value. If nothing in the message has changed, the receiver hash value should match the sender value transmitted with the message.