[time-nuts] When NTP goes wrong...

Florian Teply usenet at teply.info
Sun Oct 25 15:27:31 UTC 2015 

Am Sun, 25 Oct 2015 07:14:24 +0000
schrieb "Poul-Henning Kamp" <phk at phk.freebsd.dk>:

> --------
> In message <20151024123614.7bbfe893 at aluminium.mobile.teply.info>,
> Florian Teply writes:
> 
> >But if I read that article on ars technica correctly, it looks like
> >it is something inherent to the ntp protocol itself and the
> >definitions it makes.
> 
> Correct.
> 
> The article is basically about how you can change the time on a
> computer you are attacking by spoofing NTP replies.
> 
> Apart from a little mitigation, all implementations will be vulnerable
> to this, because that is what happens when you get your time from an
> unauthenticated server somewhere on the net.
> 
Of course proper authentication would make this kind of attack more
difficult, but as far as I can see, I'd estimate the amount of
authenticated NTP traffic on the internet to be negligible. Symmetric
cryptography probably would fail due to configuration issues -
Essentially, one would need to obtain and configure the keys for every
single server, and the server admin would need to generate keys for
every single client, because a well-known server key is as secure as
using none at all. This would work for a setup of a limited number of
servers and clients, say between us time nuts, but definitely not for
serving the general public. And a proper public key authentication also
needs a way to sort of securely distributing public keys or
certificates or whatever is used today. Which for the general public
means running into the same hen-and-egg problem we already have for
all other sorts of communication in use today.

> The only real cure is to have your own NTP servers.
> 
Which then of course must not rely on external sources for their time,
meaning at least one of them needs to be fed by a time source
independent of NTP. A simple PPS (that is, just the pulses) without
additional information on time-of-day probably would be as vulnerable
as native NTP and therefore wouldn't suffice. Feeding it the correct
time and date once should suffice though, as time is known to never
move backwards under normal circumstances.

Anyways, I guess for most time nuts this is a moot point as I'd expect
those to be somewhat independent of NTP as a time source.

Best regards,
Florian

More information about the Time-nuts_lists.febo.com mailing list