Encryption is Futile: Delay Attacks on High-Precision Clock Synchronization

11/21/2018
by   Robert Annessi, et al.
0

Clock synchronization has become essential to modern societies since many critical infrastructures depend on a precise notion of time. This paper analyzes security aspects of high-precision clock synchronization protocols, particularly their alleged protection against delay attacks when clock synchronization traffic is encrypted using standard network security protocols such as IPsec, MACsec, or TLS. We use the Precision Time Protocol (PTP), the most widely used protocol for high-precision clock synchronization, to demonstrate that statistical traffic analysis can identify properties that support selective message delay attacks even for encrypted traffic. We furthermore identify a fundamental conflict in secure clock synchronization between the need of deterministic traffic to improve precision and the need to obfuscate traffic in order to mitigate delay attacks. A theoretical analysis of clock synchronization protocols isolates the characteristics that make these protocols vulnerable to delay attacks and argues that such attacks cannot be prevented entirely but only be mitigated. Knowledge of the underlying communication network in terms of one-way delays and knowledge on physical constraints of these networks can help to compute guaranteed maximum bounds for slave clock offsets. These bounds are essential for detecting delay attacks and minimizing their impact. In the general case, however, the precision that can be guaranteed in adversarial settings is orders of magnitude lower than required for high-precision clock synchronization in critical infrastructures, which, therefore, must not rely on a precise notion of time when using untrusted networks.

READ FULL TEXT
research
07/04/2022

Time synchronization protocol for the KLJN secure key exchange scheme

The information theoretically secure Kirchhoff-law-Johnson-noise (KLJN) ...
research
05/20/2021

Revisiting Time, Clocks, and Synchronization

Sub-nanosecond precision clock synchronization over the packet network h...
research
05/06/2021

Clock Synchronization in Virtualized Distributed Real-Time Systems using IEEE 802.1AS and ACRN

Virtualization of distributed real-time systems enables the consolidatio...
research
08/17/2018

Reverse Flooding: exploiting radio interference for efficient propagation delay compensation in WSN clock synchronization

Clock synchronization is a necessary component in modern distributed sys...
research
04/29/2022

FRANCIS: Fast Reaction Algorithms for Network Coordination In Switches

Distributed protocols are widely used to support network functions such ...
research
09/07/2022

TickTock: Detecting Microphone Status in Laptops Leveraging Electromagnetic Leakage of Clock Signals

We are witnessing a heightened surge in remote privacy attacks on laptop...
research
06/25/2020

Implementation of Symbol Timing Recovery for Estimation of Clock Skew

Time synchronization in any distributed network can be achieved by using...

Please sign up or login with your details

Forgot password? Click here to reset