Issues with existing Cryptographic Protection Methods for Routing Protocols
Routing protocols often use cryptographic mechanisms to authenticate data being received from a neighboring router has not been modified in transit, and actually originated from the nrighboring router purporting to have originating the data. Most of the cryptographic mechanisms rely on hash algorithms applied to the data in the routing protocol packet, which means the data is transported, in the clear, along with the has signature based on the data itself. These mechanisms rely on the manual configuration of the keys used to seed, or build, these hash based sigantures. This document outlines some of the problems with manual keying of these cryptographic algorithms.