[time-nuts] Time security musing - attacking the clock itself
r.rezaian at earthlink.net
Tue Dec 4 16:50:46 UTC 2012
CDMA requires accurate time information in the air interface as part of
the low level protocol.
From the standards documents I have read, and the BTS devices I
personally have had exposure to, this always comes from GPS.
The air interface for CDMA also includes a local time offset that is
used along with the time signal to drive time of day for most feature
phones. Smart phones can ignore all of this. And the local time offset
can be wrong and the phone will still work, so even phones that display
the CDMA time may be off by hours if the LTO is wrong.
From a security standpoint CDMA can provide an extra data point to
check a local GPS receiver, but it's not really any better than if you
just had a few extra GPS receivers. And given that CDMA is a fairly
short range radio signal, those extra CDMA provided GPS receivers are
all still fairly close to each other physically (normally within a few
miles at most).
So using CDMA as a backup time source might be useful, but still leaves
you vulnerable to any wide area disruption to GPS.
More information about the time-nuts