Pitfalls of Provably Secure Systems in Internet The Case of Chronos-NTP

10/16/2020
by   Philipp Jeitner, et al.
0

The critical role that Network Time Protocol (NTP) plays in the Internet led to multiple efforts to secure it against time-shifting attacks. A recent proposal for enhancing the security of NTP with Chronos against on-path attackers seems the most promising one and is on a standardisation track of the IETF. In this work we demonstrate off-path attacks against Chronos enhanced NTP clients. The weak link is a central security feature of Chronos: The server pool generation mechanism using DNS. We show that the insecurity of DNS allows to subvert the security of Chronos making the time-shifting attacks against Chronos-NTP even easier than attacks against plain NTP.

READ FULL TEXT
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

page 2

page 3

10/19/2020

Secure Consensus Generation with Distributed DoH

Many applications and protocols depend on the ability to generate a pool...
10/19/2020

The Impact of DNS Insecurity on Time

We demonstrate the first practical off-path time shifting attacks agains...
04/03/2018

Blockchain-based TLS Notary Service

The Transport Layer Security (TLS) protocol is a de facto standard of se...
05/30/2020

Introducing Network Coding to RPL: The Chained Secure Mode (CSM)

As the de facto routing protocol for many Internet of Things (IoT) netwo...
01/05/2021

SG-PBFT: a Secure and Highly Efficient Blockchain PBFT Consensus Algorithm for Internet of Vehicles

The Internet of Vehicles (IoV) is an application of the Internet of thin...
11/25/2019

Message Time of Arrival Codes: A Fundamental Primitive for Secure Distance Measurement

Secure distance measurement and therefore secure Time-of-Arrival (ToA) m...
06/13/2021

Security Analysis of the Silver Bullet Technique for RowHammer Prevention

The purpose of this document is to study the security properties of the ...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.