A Devil of a Time: How Vulnerable is NTP to Malicious Timeservers?

Yarin Perry, Neta Rozen-Schiff, Michael Schapira

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

4 Scopus citations

Abstract

The Network Time Protocol (NTP) synchronizes time across computer systems over the Internet and plays a crucial role in guaranteeing the correctness and security of many Internet applications. Unfortunately, NTP is vulnerable to so called time shifting attacks. This has motivated proposals and standardization efforts for authenticating NTP communications and for securing NTP clients. We observe, however, that, even with such solutions in place, NTP remains highly exposed to attacks by malicious timeservers. We explore the implications for time computation of two attack strategies: (1) compromising existing NTP timeservers, and (2) injecting new timeservers into the NTP timeserver pool. We first show that by gaining control over fairly few existing timeservers, an opportunistic attacker can shift time at state-level or even continent-level scale. We then demonstrate that injecting new timeservers with disproportionate influence into the NTP timeserver pool is alarmingly simple, and can be leveraged for launching both large-scale opportunistic attacks, and strategic, targeted attacks. We discuss a promising approach for mitigating such attacks.

Original languageAmerican English
Title of host publication28th Annual Network and Distributed System Security Symposium, NDSS 2021
PublisherThe Internet Society
ISBN (Electronic)1891562665, 9781891562662
DOIs
StatePublished - 2021
Event28th Annual Network and Distributed System Security Symposium, NDSS 2021 - Virtual, Online
Duration: 21 Feb 202125 Feb 2021

Publication series

Name28th Annual Network and Distributed System Security Symposium, NDSS 2021

Conference

Conference28th Annual Network and Distributed System Security Symposium, NDSS 2021
CityVirtual, Online
Period21/02/2125/02/21

Bibliographical note

Publisher Copyright:
© 2021 28th Annual Network and Distributed System Security Symposium, NDSS 2021. All Rights Reserved.

Fingerprint

Dive into the research topics of 'A Devil of a Time: How Vulnerable is NTP to Malicious Timeservers?'. Together they form a unique fingerprint.

Cite this