Abstract
The Network Time Protocol (NTP) synchronizes time across computer systems over the Internet and plays a crucial role in guaranteeing the correctness and security of many Internet applications. Unfortunately, NTP is vulnerable to so called time shifting attacks. This has motivated proposals and standardization efforts for authenticating NTP communications and for securing NTP clients. We observe, however, that, even with such solutions in place, NTP remains highly exposed to attacks by malicious timeservers. We explore the implications for time computation of two attack strategies: (1) compromising existing NTP timeservers, and (2) injecting new timeservers into the NTP timeserver pool. We first show that by gaining control over fairly few existing timeservers, an opportunistic attacker can shift time at state-level or even continent-level scale. We then demonstrate that injecting new timeservers with disproportionate influence into the NTP timeserver pool is alarmingly simple, and can be leveraged for launching both large-scale opportunistic attacks, and strategic, targeted attacks. We discuss a promising approach for mitigating such attacks.
Original language | English |
---|---|
Title of host publication | 28th Annual Network and Distributed System Security Symposium, NDSS 2021 |
Publisher | The Internet Society |
ISBN (Electronic) | 1891562665, 9781891562662 |
DOIs | |
State | Published - 2021 |
Event | 28th Annual Network and Distributed System Security Symposium, NDSS 2021 - Virtual, Online Duration: 21 Feb 2021 → 25 Feb 2021 |
Publication series
Name | 28th Annual Network and Distributed System Security Symposium, NDSS 2021 |
---|
Conference
Conference | 28th Annual Network and Distributed System Security Symposium, NDSS 2021 |
---|---|
City | Virtual, Online |
Period | 21/02/21 → 25/02/21 |
Bibliographical note
Publisher Copyright:© 2021 28th Annual Network and Distributed System Security Symposium, NDSS 2021. All Rights Reserved.