A Secure Selection and Filtering Mechanism for the Network Time Protocol Version 4
draft-schiff-ntp-chronos-03
|
| Document |
Type |
|
Active Internet-Draft (ntp WG)
|
|
Last updated |
|
2019-11-05
(latest revision 2019-09-03)
|
|
Stream |
|
IETF
|
|
Intended RFC status |
|
(None)
|
|
Formats |
|
plain text
xml
pdf
htmlized
bibtex
|
| Stream |
WG state
|
|
Adopted by a WG
|
|
Document shepherd |
|
No shepherd assigned
|
| IESG |
IESG state |
|
I-D Exists
|
|
Consensus Boilerplate |
|
Unknown
|
|
Telechat date |
|
|
|
Responsible AD |
|
(None)
|
|
Send notices to |
|
(None)
|
Network Working Group N. R.Schiff
Internet-Draft D. Dolev
Intended status: Informational Hebrew University of Jerusalem
Expires: March 5, 2020 T. Mizrahi
Huawei Network.IO Innovation Lab
M. Schapira
Hebrew University of Jerusalem
September 2, 2019
A Secure Selection and Filtering Mechanism for the Network Time Protocol
Version 4
draft-schiff-ntp-chronos-03
Abstract
The Network Time Protocol version 4 (NTPv4) defines the peer process,
the clock filter algorithm, the system process and the clock
description algorithm. The clock filter algorithm and the system
process, as defined in RFC 5905, are the mechanism according to which
an NTP client chooses the NTP servers it synchronized with. This
document specifies an alternative set of client mechanisms, named
Chronos, that is backward compatible with NTPv4, and offers an
improved level of security against time shifting attacks.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 5, 2020.
Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved.
R.Schiff, et al. Expires March 5, 2020 [Page 1]
Internet-Draft NTP Extention with Chronos September 2019
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Conventions Used in This Document . . . . . . . . . . . . . . 3
2.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3
2.2. Terms and Abbreviations . . . . . . . . . . . . . . . . . 3
2.3. Notations . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Extension for NTP Selection Process . . . . . . . . . . . . . 4
3.1. Peer calibration Process . . . . . . . . . . . . . . . . 4
3.2. Chronos Selection Process . . . . . . . . . . . . . . . . 4
4. Chronos Pseudocode . . . . . . . . . . . . . . . . . . . . . 5
5. Precision Vs. Security . . . . . . . . . . . . . . . . . . . 5
6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6
8. Security Considerations . . . . . . . . . . . . . . . . . . . 6
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 7
9.1. Normative References . . . . . . . . . . . . . . . . . . 7
9.2. Informative References . . . . . . . . . . . . . . . . . 7
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8
1. Introduction
According to RFC 5905 [RFC5905], the NTP servers used for updating
the client's time are chosen by the clock filter algorithm and the
system process. However, this method may be vulnerable to time
shifting attacks, in which the attacker's goal is to shift the local
time of an NTP client. Time shifting attacks on NTP are possible
even if all NTP communications are encrypted and authenticated. This
document introduces an improved system process with a secure
algorithm called Chronos. Chronos is backwards compatible with
NTPv4, as an NTP client that runs Chronos is interoperable with
[RFC5905]-compatible NTPv4 servers.
Chronos achieves accurate synchronization even in the presence of
powerful attackers who are in direct control of a large number of NTP
servers. Chronos leverages ideas from distributed computing
Show full document text