A Security Analysis of Network Time Protocol Andy Hospodor COEN 317 11/03/03 Paper by Matt Bishop, 1991.

Slides:



Advertisements
Similar presentations
Time in Distributed Systems
Advertisements

Chapter S1 Celestial Timekeeping and Navigation
Chapter S1 Celestial Timekeeping and Navigation
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
CMPE208 Presentation Terminal Access Controller Access Control System Plus (TACACS+) By MARVEL (Libing, Bhavana, Ramya, Maggie, Nitin)
Announcements Homework Set 1 is due today
Celestial Sphere Stars seem to be on the inner surface of a sphere surrounding the Earth.
Page # Advanced Telecommunications/Information Distribution Research Program (ATIRP) Authentication Scheme for Distributed, Ubiquitous, Real-Time Protocols.
Time in Embedded and Real Time Systems Lecture #6 David Andrews
Distributed Systems Fall 2010 Time and synchronization.
Time and Global States Chapter 11. Why time? Time is an Important and interesting issue in distributes systems. One we can measure accurately. Can use.
Time in Distributed Systems Distributed Systems. Why Time is Important? If you work in the industry, you never have to worry about this You’ll rarely.
Time Michelle Houck April 28, 2008, 4:15pm EST. What is time? Standard by which we measure Standard by which we measure One of the fundamental units of.
AST 208 Topics Time and celestial coordinates. Telescopes.
An Earth Day Sidereal Day: 23 hr 56 min 4 sec Motion relative to background stars Mean Solar Day: 24 hours The average time between meridian crossings.
Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.
Sir John Tenniel; Alice’s Adventures in Wonderland,Lewis Carroll 7-Aug-151 NTP Architecture, Protocol and Algorithms David L. Mills University of Delaware.
Lecture 9: Time & Clocks CDK4: Sections 11.1 – 11.4 CDK5: Sections 14.1 – 14.4 TVS: Sections 6.1 – 6.2 Topics: Synchronization Logical time (Lamport) Vector.
Today’s Lecture How to find astronomical objects
Lecture 2-1 CS 425/ECE 428 Distributed Systems Lecture 2 Time & Synchronization Reading: Klara Nahrstedt.
CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Modern Navigation Thomas Herring MW 11:00-12:30 Room
The Celestial Sphere The 88 official constellations cover the celestial sphere. If you do not have a model of the celestial sphere to bring to class, you.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks Locations.
Enhanced NTP IETF – TicToc BOF Greg Dowd – Jeremy Bennington –
A Security Analysis of Version 2 of the Network Time Protocol NTP Matt Bishop Presented by Alexander Gorman.
A Security Analysis of the Network Time Protocol (NTP) Presentation by Tianen Liu.
USNO Report CGSIC Timing Subcommittee April 19, 2002 Lisa Nelson Time Service Department ; DSN
Announcements Homework set 1 is due today
Sir John Tenniel; Alice’s Adventures in Wonderland,Lewis Carroll Interleaved Synchronization Protocols for LANs and Space Data Links David L. Mills University.
Last time: 2.1. Patterns in The Sky: Stars and constellations, TODAY: celestial coordinates 2.2 Seasons,…Precession 2.2 (cont.) The Moon and Eclipses.
Where is it? On the Celestial Sphere. Longitude and Latitude On Earth: Longitude is how far you are, in degrees, East or West of the “Prime Meridian”
Parallel and Distributed Simulation Synchronizing Wallclock Time.
Celestial Sphere. Earthly Sphere Latitude measures the number of degrees north or south of the equator. –DeKalb at 41° 55’ N Longitude measures degrees.
Security Issues in Control, Management and Routing Protocols M.Baltatu, A.Lioy, F.Maino, D.Mazzocchi Computer and Network Security Group Politecnico di.
Network Security David Lazăr.
Time This powerpoint presentation has been adapted from: 1) sApr20.ppt.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Announcements Homework Set 1 is due today Homework set 2: Chapter 2 # 46, 50, 52, 53 & 54 + Determine the number of kilometers in 1° of longitude at the.
Announcements No lab after lecture tonight because of the 1 st Quarter night last Tuesday Homework: Chapter 2 # 2, 3, 4, 5, 7 & 8 Binoculars are available.
NTP Header and Extension Fields Message DigestKey IDCompute Hash Message DigestCompare Message Authenticator Code (MAC) Figure 1 Message Authentication.
AstroLab-2 Locating Stars in the Sky Merav Opher-Fall 2004.
Page 1 Clock Synchronization: Physical Clocks Minqi Zhou Distributed Systems Except as otherwise noted, the content of this presentation.
Chapter S1 Celestial Timekeeping and Navigation
Ancient astronomers believed that the stars were attached to a celestial sphere surrounding the Earth.
you thought of going into teaching?”
Time=number of repetitions of a periodic phenomenon. Different types:
Network Time Protocol (NTP) General Overview
Dept. of Computer Science
Sidereal vs. Synodic Motion
Logical time (Lamport)
Clock Synchronization: Physical Clocks
NTP Security Protocol David L. Mills University of Delaware
Survivable Real-Time Network Services
NTP Cryptographic Authentication (Autokey)
On the Celestial Sphere
Timekeeping in the Interplanetary Internet
Autokey Version 2 Protocol Model and Implementation
CDK: Sections 11.1 – 11.4 TVS: Sections 6.1 – 6.2
Interleaved Synchronization Protocols for LANs and Space Data Links
NTP Architecture, Protocol and Algorithms
NTP Security Protocol David L. Mills University of Delaware
On the Celestial Sphere
Logical time (Lamport)
Logical time (Lamport)
Logical time (Lamport)
Presentation transcript:

A Security Analysis of Network Time Protocol Andy Hospodor COEN /03/03 Paper by Matt Bishop, 1991

Sequence NTP Architecture Overview of Security features Types of attacks on NTP Countermeasures Further reading

Where does time come from? Originally from the motion of the earth around the sun Today, NIST operates atomic clocks and masers that generate time More recently, USNO –is responsible for distribution of time in the US –is the standard for time in the US –

NTP Architecture Primary servers are synchronized by radio or atomic clocks Secondary servers exist at multiple strata on fixed route paths Secondary servers measure path delay to n-1 strata periodically Clients sample multiple secondary time servers Clock filters select best from a window of eight time offset samples Combining algorithm computes weighted average of time offsets. top level stratum level 2 stratum level 3 stratum 1212 Primary Servers Secondary Servers 11 hydrogen masers50 HP-5071 cesiums

NTP Packet Format StratPollLIModeVN NTP v3 and v4 Root Delay Root Dispersion Reference Identifier Reference Timestamp (64) Originate Timestamp (64) Receive Timestamp (64) Transmit Timestamp (64) Message Hash (64 or 128) NTP Protocol Header Format (32 bits) LIleap warning indicator VNversion number (4) Stratstratum (0-15) Pollpoll interval (log2) Precprecision (log2) Seconds (32)Fraction (32) NTP Timestamp Format (64 bits) Value is in seconds and fraction since 0 h 1 January 1900 Authenticator uses DES-CBC or MD5 cryptosum of NTP header plus extension fields (NTPv4) Key/Algorithm Identifier Cryptosum Authenticator (Optional) Extension Field 1 (optional) Extension Field 2… (optional) NTP v4 only Prec Extension Field (padded to 32-bit boundary) Field LengthField Type NTPv4 Extension Field Last field padded to 64-bit boundary authentication only

Security Features Sanity checks –Is the packet correct and reasonable? Access Control –Can the host change the clock? Authentication –Is the message from a trusted source? Redundant Time Sources –Is one of the secondary servers getting weird?

Types of attacks on NTP Masquerade Attack –Impersonate a time server Modification Attack –Intercept and modify messages from time server Replay Attack –Resend messages from a time server Denial of Service Attack –Intercept and delete messages from a time server Delay Attack –Delay the time messages, typically by flooding

Countermeasures Masquerade Attack Modification Attack Replay Attack Denial of Service Attack Delay Attack Sanity checks Access Control Authentication Redundant Time Sources

NTP Shortcomings Susceptible to Combined attacks –Deny service except for one source –Delay packets from that source –Allow client clocks to drift 64 bit DES encryption is broken Keys authenticated per host, not per path Does not deal with “wiretapping” Cooperation amongst gov’t agencies?

Further reading Network Time Protocol (NTP) v3 and v4: David L. Mills: FTP server ftp.udel.edu ( pub/ntp directory)ftp.udel.edu Related project descriptions and briefings – US Naval Ovservatory – the US time standard

Time Trivia Sidereal time is the hour angle of the vernal equinox, the ascending node of the ecliptic on the celestial equator. The daily motion of this point provides a measure of the rotation of the Earth with respect to the stars, rather than the Sun. Local mean sidereal time is computed from the current Greenwich Mean Sideral Time plus an input offset in longitude (converted to a sidereal offset by the ratio of the mean solar day to the mean sidereal day.) Applying the equation of equinoxes, or nutation of the mean pole of the Earth from mean to true position, yields local apparent sidereal time. Astronomers use local sidereal time because it corresponds to the coordinate right ascension of a celestial body that is presently on the local meridian. Leap Second is a second added to Coordinated Universal Time (UTC) to make it agree with astronomical time to within 0.9 second. UTC is an atomic time scale, based on the performance of atomic clocks. Astronomical time is based on the rotational rate of the Earth. Since atomic clocks are more stable than the rate at which the Earth rotates, leap seconds are needed to keep the two time scales in agreement.secondCoordinated Universal Time (UTC)atomic time scaleatomic clocks The first leap second was added on June 30, 1972, and so far, leap seconds have occurred at an average rate of about 8 every 10 years. So far, all leap seconds have been added on either June 30th or December 31st. Although it is possible to have a negative leap second (a second removed from UTC), so far, all leap seconds have been positive (a second has been added to UTC). Based on what we know about the Earth's rotation, it is unlikely that we will ever have a negative leap second. For more information and a table of leap seconds, visit the NIST Time Scale Data Archive.NIST Time Scale Data Archive

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.