[time-nuts] Time security musing - attacking the clock itself
Edgardo Molina
xe1xus at amsat.org
Tue Dec 4 01:56:14 UTC 2012
NTP is not secure in nature. MD5 key exchange between client and server is the only secure feature up to now, for the client to be sure that he/she is getting a correct time sync to the desired server. On the other side if the server does not receive a matching MD5 key, it will simply ignore the petition. Beside that, NTP is a connectionless UDP service, it is based in the open exchange of data, not establishing a session like other protocols that use TCP. This eases the transfer of information but makes it difficult to set controls to the process.
On the other hand PTP is evolving to be a future protocol for time transfer. Nowadays it is superior than NTP in the LAN environment.
Regards,
Edgardo Molina
Dirección IPTEL
www.iptel.net.mx
T : 55 55 55202444
M : 04455 10045822
Piensa en Bits SA de CV
Información anexa:
CONFIDENCIALIDAD DE INFORMACION
Este mensaje tiene carácter confidencial. Si usted no es el destinarario de este mensaje, le suplicamos se lo notifique al remitente mediante un correo electrónico y que borre el presente mensaje y sus anexos de su computadora sin retener una copia de los mismos. Queda estrictamente prohibido copiar este mensaje o hacer usode el para cualquier propósito o divulgar su en forma parcial o total su contenido. Gracias.
NON-DISCLOSURE OF INFORMATION
This email is strictly confidential and may also be privileged. If you are not the intended recipient please immediately advise the sender by replying to this e-mail and then deleting the message and its attachments from your computer without keeping a copy. It is strictly forbidden to copy it or use it for any purpose or disclose its contents to any third party. Thank you.
On Dec 3, 2012, at 7:36 PM, Chris Albertson <albertson.chris at gmail.com> wrote:
> On Mon, Dec 3, 2012 at 4:51 PM, Scott McGrath <scmcgrath at gmail.com> wrote:
>
>>
>>
>> We really need to think more about the secure distribution of time products
>>
>
> Is NTP not secure. I know it can be secured but I think in practice people
> disable passwords.
>
>
>
> --
>
> Chris Albertson
> Redondo Beach, California
> _______________________________________________
> time-nuts mailing list -- time-nuts at febo.com
> To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
> and follow the instructions there.
More information about the time-nuts
mailing list