Emerging Solutions in Network Time Synchronization Security

Slides:



Advertisements
Similar presentations
Adapted Multimedia Internet KEYing (AMIKEY): An extension of Multimedia Internet KEYing (MIKEY) Methods for Generic LLN Environments draft-alexander-roll-mikey-lln-key-mgmt-01.txt.
Advertisements

Internet Protocol Security (IP Sec)
Unifying the conceptual levels of network security through use of patterns Ph.D Dissertation Proposal Candidate: Ajoy Kumar, Advisor: Dr Eduardo B. Fernandez.
Chapter 5 Network Security Protocols in Practice Part I
IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.
What is in Presentation What is IPsec Why is IPsec Important IPsec Protocols IPsec Architecture How to Implement IPsec in linux.
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),
Karlstad University IP security Ge Zhang
IPsec Introduction 18.2 Security associations 18.3 Internet Security Association and Key Management Protocol (ISAKMP) 18.4 Internet Key Exchange.
IP Security: Security Across the Protocol Stack. IP Security There are some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS.
IP security Ge Zhang Packet-switched network is not Secure! The protocols were designed in the late 70s to early 80s –Very small network.
Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol.
IPSec – IP Security Protocol By Archis Raje. What is IPSec IP Security – set of extensions developed by IETF to provide privacy and authentication to.
IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.
RPSEC WG Issues with Routing Protocols security mechanisms Vishwas Manral, SiNett Russ White, Cisco Sue Hares, Next Hop IETF 63, Paris, France.
1 IPSec: An Overview Dr. Rocky K. C. Chang 4 February, 2002.
K. Salah1 Security Protocols in the Internet IPSec.
IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.
Cryptography CSS 329 Lecture 13:SSL.
History and Implementation of the IEEE 802 Security Architecture
11 SECURING NETWORK TRAFFIC WITH IPSEC Chapter 6.
IP Security
Network security Presentation AFZAAL AHMAD ABDUL RAZAQ AHMAD SHAKIR MUHAMMD ADNAN WEB SECURITY, THREADS & SSL.
Computer and Network Security
VPNs & IPsec Dr. X Slides adopted by Prof. William Enck, NCSU.
IPsec Problems and Solutions
IPSec Detailed Description and VPN
History and Implementation of the IEEE 802 Security Architecture
Chapter 5 Network Security Protocols in Practice Part I
IPSecurity.
Analysis of secured VoIP services
Reviews Rocky K. C. Chang 20 April 2007.
November 14, 2016 Secure MAC algorithms for use with NTP draft-aanchal4-ntp-mac-03 CFRG: IETF97 Aanchal Malhotra Sharon Goldberg.
CSE 4905 IPsec.
Chapter 18 IP Security  IP Security (IPSec)
Somesh Jha University of Wisconsin
RPSEC WG Issues with Routing Protocols security mechanisms
Katrin Hoeper Channel Bindings Katrin Hoeper
SECURING NETWORK TRAFFIC WITH IPSEC
Internet and Intranet Fundamentals
IT443 – Network Security Administration Instructor: Bo Sheng
Secure Sockets Layer (SSL)
Internet Security CS457 Seminar Zhao Cheng
UNIT.4 IP Security.
Goals of soBGP Verify the origin of advertisements
In-Band Authentication Extension for Protocol Independent Multicast (PIM) draft-bhatia-zhang-pim-auth-extension-00 Manav Bhatia
IPSec IPSec is communication security provided at the network layer.
BINF 711 Amr El Mougy Sherif Ismail
Kristof Teichel, Dieter Sibold, Daniel Franke
Daily Update Cisco Questions Dumps4download.us
Originally by Yu Yang and Lilly Wang Modified by T. A. Yang
CSE 4095 Transport Layer Security TLS
Network Security (contd.)
Virtual Private Networks
draft-ipdvb-sec-01.txt ULE Security Requirements
Virtual Private Networks (VPNs)
Working Group Draft for TCPCLv4
SSL (Secure Socket Layer)
Securing the CASP Protocol
Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls
The University of Adelaide, School of Computer Science
PAA-2-EP protocol PANA wg - IETF 58 Minneapolis
Lightweight Security Scheme for Vehicle Tracking System Using CoAP
Lecture 36.
Lecture 36.
Presentation transcript:

Emerging Solutions in Network Time Synchronization Security The Internet Society September 26, 2017 31 May 2017 TNC 17, Linz, Austria Emerging Solutions in Network Time Synchronization Security Karen O’Donoghue odonoghue@isoc.org

Agenda Setting the stage… IETF NTP NTS IEEE 1588 (PTP) Why Now? Requirements What currently exists? IETF NTP NTS IEEE 1588 (PTP) Next steps and parting thoughts…

Time Trust Why Security Now? Security has not been a high priority of the time synchronization in the past… What has changed... Increasing interconnection and decentralization Increasing evidence of the impact of inadequate security Interdependency between security and time Legal and Compliance requirements Time Trust

Requirements for Time Synchronization Security RFC 7384: Security Requirements of Time Protocols in Packet Switched Networks, Oct 2014 Threat model Internal versus external attacker Man-in-the-middle versus injection Threats Requirements analysis IEEE 1588 requirements analysis based on RFC 7384

RFC 7384: Threats Manipulation of time synchronization packets, Masquerading as a legitimate participant in the time synchronization protocol, Replay of legitimate packets, Tricking nodes into believing time from the wrong master, Intercepting and removing valid synchronization packets, Delaying legitimate time synchronization packets on the network, Denial of service attacks on the network at layer 2 and layer 3, Denial of service by overloading the cryptographic processing components, Denial of service by overloading the time synchronization protocol, Corruption of the time source used by the grand master, Protocol design and implementation vulnerabilities, and Using the time synchronization protocol for broader network surveillance and fingerprinting types of activities.

RFC 7384: Requirements Authentication and authorization of a clock’s identity, Integrity of the time synchronization protocol messages, Prevention of various spoofing techniques, Protection against Denial of Service (availability), Protection against packet replay, Timely refreshing of cryptographic keys, Support for both unicast and multicast security associations, Minimal impact on synchronization performance, Confidentiality of the data in the time synchronization messages, Protection against packet delay and interception, and Operation in a mixed secure and non-secure environment.

What currently exists? Network Time Protocol (NTP) Pre-shared key scheme for server authentication in the core specification (scaling issues) Autokey – Authentication of time servers using PKI (known flaws) IEEE 1588 Precision Time Protocol (PTP) Annex K – Group source authentication, message integrity, and replay attack protection (defined as Experimental, flaws identified)

IETF NTP Network Time Security (NTS)

Network Time Protocol Security Problems… Sources of recent NTP security issues (resulting NTP wg activity) Flaws in implementation (BCP) Weaknesses in the protocol (protocol tweaks/clarifications) Lack of an adequate security mechanism (NTS) Network Time Security NTS (NTS) NTS for NTP: draft-ietf-ntp-using-nts-for-ntp Generic NTS: draft-ietf-ntp-network-time-security

Network Time Security (NTS) provides… The Internet Society September 26, 2017 Network Time Security (NTS) provides… Integrity for NTP packets (not confidentiality) Unlinkability (once an NTS session has been established and if the client uses data minimization techniques) Request-Response consistency (for avoiding replay attacks) Authentication of servers Authorization of clients (optionally) Support for client-server and symmetric peer modes (broadcast mode not currently supported) Caveat emptor!!! (This is not published (done) yet… ) unlinkability for devices that (1) use NTS as clients and (2) minimize the information they expose in client query (mode 3) packets per

(D)TLS for NTP Security NTS-encapsulated NTPv4 NTP over DTLS: DTLS handshake followed by NTP encapsulated as DTLS Most suitable for symmetric and control modes NTS Key Establishment protocol (NTS-KE) TLS to establish key material and negotiate some additional protocol options NTS extensions for NTPv4 A collection of NTP extension fields for cryptographically securing NTPv4 using key material previously negotiated using NTS-KE. Suitable for client/server mode

IEEE 1588 PTP Security

IEEE 1588 Security Approach IEEE 1588 security will include a set of mechanisms and tools that can be used together or individually. Individual mechanisms will be optional. The specific mechanisms chosen will vary by application and environment. More Caveat emptor!!! (This is also still in DRAFT at this point!)

IEEE 1588 Security The multi-pronged approach: PTP Integrated Security Mechanisms (Prong A) External Transport Security Mechanisms (Prong B) Architecture Guidance (Prong C) Monitoring and Management Guidance (Prong D)

PTP Integrated Security Mechanism (Prong A) TLV definition and processing rules (normative but optional) Guidance of key management schemes (informative) Examples for immediate or delayed security processing Specification of key management schemes in IETF Transport Trailer PTP Payload PTP Header Transport Header 0 or more TLVs Security TLV S I C V Security Indication in the PTP Header to signal the support of a security TLV (re-using former Annex K field) Security TLV, structured to support different key management options Integrity Check Value (ICV) providing integrity protection for marked PTP packet area Utilized common header information: sourcePortIdentity sequenceNo SPI secParam Indicator disclosedKey (optional) Security Parameter Index ICV Key Identifier or Current Key Time Interval depending on verification scheme Disclosed key from prior period (optional) Length tlvType TLV Type TLV Length Information RES ICV based on algorithm OID Sequence number (optional) sequenceNo (optional) keyID Security Parameter Indicator Reserved (optional)

Key Management for Group Based Security

External Transport Security Mechanisms (Prong B) MACSec Based on IEEE 802.1AE Media Access Control (MAC) Security Integrity protection between two IEEE 802 ports Key management is manual or based on MACsec Key Agreement (MKA) specified in IEEE 802.1X-2010. IPSec Base architecture defined in IETF RFC 4301 Node authentication and key exchange defined in RFC 7296 Integrity checking and encryption of data defined in RFC 4303

Architecture Guidance (Prong C) Redundancy Redundant timing systems Redundant PTP grandmasters Redundant paths Monitoring and Management Guidance (Prong D) Definition of parameters in IEEE 1588 data sets that can be monitored to detect security problems A recommendation to not use unsecure management protocols including IEEE 1588 native management … and Best Practices!

Next Steps

Gather feedback from implementers and users!!! Next Steps NTS Finalize NTS for NTP specification Publish BCP Clean up protocol issues Data minimization Extension field clarifications REFID updates IEEE 1588 Complete proposal for next revision of IEEE 1588 Continue specification of key management options Gather feedback from implementers and users!!!

Final remarks Why has this been so hard? When will we be done? Hopefully these two solutions will be somewhat aligned to help development, deployment, and operation! Contact me if you are interested in helping: Karen O’Donoghue, odonoghue@isoc.org

For questions (or to volunteer!): The Internet Society September 26, 2017 Questions? For questions (or to volunteer!): odonoghue@isoc.org

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.