NTS - Network TIme Security

Hal Murray hmurray at megapathdsl.net
Tue Mar 29 08:42:52 UTC 2016

There is work in progress in the IETF on authenticated NTP.  As far as I can 
tell, getting off the ground is a really hard problem.  All the classical 
crypto work uses time to decide if the info you have is still valid and 
prevent replay attacks and things like that.

I think we should have a way for something dumb, like a toaster, to be able 
to get the right time.

Another nasty case is a board that has been on the spares shelf for 10 years.

There is a specific proposal called NTS.  The next to last draft is 40 pages. 
 (I'm one behind.)

It takes 6 packets to set things up.  The last step uses a certificate chain 
so you need to know the time.  ...

There is another proposal on how o use the above on NTP.  (It's intended to 
cover PTP too.)  The basic problem there is that the NTP packet format wasn't 
designed with extensions in mind.  It seems simple to me.  Just grandfather 
the old magic lengths and make all the new stuff use TLV (type, length, 
value) type formats.  But it hasn't settled down yet.

These are my opinions.  I hate spam.

More information about the devel mailing list