abstract

Preventing (Network) Time Travel with Chronos

Authors:
Neta Rozen Schiff

The Hebrew University of Jerusalem

The Hebrew University of Jerusalem
View Profile

,
Michael Schapira

The Hebrew University of Jerusalem

The Hebrew University of Jerusalem
View Profile

,
Danny Dolev

The Hebrew University of Jerusalem

The Hebrew University of Jerusalem
View Profile

,
Omer Deutsch

The Hebrew University of Jerusalem

The Hebrew University of Jerusalem
View Profile

ANRW '18: Proceedings of the Applied Networking Research WorkshopJuly 2018Pages 17https://doi.org/10.1145/3232755.3232766

Published:16 July 2018Publication History

ANRW '18: Proceedings of the Applied Networking Research Workshop

Pages 17

ABSTRACT

The Network Time Protocol (NTP) synchronizes time across computer systems over the Internet. Unfortunately, NTP is highly vulnerable to "time shifting attacks", in which the attacker's goal is to shift forward/backward the local time at an NTP client. This has severe implications for the correctness and safety of time-sensitive applications and for security mechanisms. Importantly, time shifting attacks on NTP are possible even if all NTP communications are encrypted and authenticated.

We present Chronos, a new NTP client that achieves good synchronization even in the presence of powerful man-in-the-middle attackers. Chronos is backwards compatible with legacy NTP and involves no changes whatsoever to NTP servers. In addition, Chronos is carefully engineered to minimize communication overhead so as to avoid overloading NTP servers.

We evaluate Chronos' security and network efficiency guarantees via a combination of theoretical analyses and experiments with a prototype implementation. Our results indicate that to succeed in shifting time at a Chronos client by over 100ms from the UTC, even a powerful man-in-the-middle attacker requires over 20 years of effort in expectation. Based on work published at [1].

Index Terms

Preventing (Network) Time Travel with Chronos
1. Security and privacy
  1. Network security

Recommendations

Authenticated network time synchronization
SEC'16: Proceedings of the 25th USENIX Conference on Security Symposium

The Network Time Protocol (NTP) is used by many network-connected devices to synchronize device time with remote servers. Many security features depend on the device knowing the current time, for example in deciding whether a certificate is still valid. ...
Read More
Preventing time synchronization in NTP broadcast mode
Abstract
Network Time Protocol (NTP) is used by millions of hosts on the Internet today to synchronize their clocks. The clock synchronization is necessary for many network applications to function correctly. An unsynchronized clock may lead to ...
Read More
Network classless time protocol based on clock offset optimization

Time synchronization is critical in distributed environments. A variety of network protocols, middleware and business applications rely on proper time synchronization across the computational infrastructure and depend on the clock accuracy. The Network ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in

ANRW '18: Proceedings of the Applied Networking Research Workshop
July 2018
102 pages
ISBN:9781450355858
DOI:10.1145/3232755

Copyright © 2018 Owner/Author
Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 16 July 2018
Check for updates
Author Tags
Chronos
Network Time Protocol (NTP)
network security
provable security
time synchronization
Qualifiers
- abstract
- Research
- Refereed limited
Conference

Acceptance Rates
Overall Acceptance Rate34of58submissions,59%
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 0
  Total Citations
  View Citations
- 134
  Total Downloads
- Downloads (Last 12 months)9
- Downloads (Last 6 weeks)0
Other Metrics
View Author Metrics
Cited By
This publication has not been cited yet

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Preventing (Network) Time Travel with Chronos

ANRW '18: Proceedings of the Applied Networking Research Workshop

ABSTRACT

Cited By

Index Terms

Recommendations

Authenticated network time synchronization

Preventing time synchronization in NTP broadcast mode

Network classless time protocol based on clock offset optimization

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

Caption

Preventing (Network) Time Travel with Chronos

ANRW '18: Proceedings of the Applied Networking Research Workshop

ABSTRACT

Cited By

Index Terms

Recommendations

Authenticated network time synchronization

Preventing time synchronization in NTP broadcast mode

Network classless time protocol based on clock offset optimization

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

Share this Publication link

Share on Social Media