%% You should probably cite rfc8573 instead of this I-D. @techreport{ietf-ntp-mac-03, number = {draft-ietf-ntp-mac-03}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-ntp-mac/03/}, author = {Aanchal Malhotra and Sharon Goldberg}, title = {{Message Authentication Code for the Network Time Protocol}}, pagetotal = 4, year = 2017, month = oct, day = 30, abstract = {RFC 5905 {[}RFC5905{]} states that Network Time Protocol (NTP) packets should be authenticated by appending a 128-bit key to the NTP data, and hashing the result with MD5 to obtain a 128-bit tag. This document deprecates MD5-based authentication, which is considered to be too weak, and recommends the use of AES-CMAC {[}RFC4493{]} as a replacement.}, }