First round of my stupid questions about NTS

Gary E. Miller gem at rellim.com
Sat Jan 19 01:26:38 UTC 2019 

Yo Hal!

On Fri, 18 Jan 2019 16:58:31 -0800
Hal Murray via devel <devel at ntpsec.org> wrote:

> Gary said:
> > There is no TLS session between NTP client and NTP server.  UDP
> > only. And yet the NTP server must provide a new cookie every client
> > request. Since there is no TLS session, the master key used can not
> > be from the TLS session.   
> 
> The NTP server extracts S2C and C2S and AEAD number by using the
> master key to decrypt them from the cookie.  (That's the whole point
> of the cookie.) 


Yes!  And the point is?

> So it can use them to make new cookies.

No, you use the master key to make new cookies.

> > Here is another way.  If each connection used a different master
> > key, then the NTPD server would need to store state for each client
> > to know what master key to use.  Instead the NTPD server just
> > generates a new master key every day or so.   
> 
> I think you are confusing things with that use of "master key".

Yup, that is what I have been saying!

> Each TLS session sets up new working keys.

Yes, just for THAT session.  And only for NTS-KE connections.  No
NTPD client to NTPD server TLS session ever exists.

>  I'm not familiar with the details.

I am.

> More info in Richard's recent msg.

Which I disagreed with.

> Each end has whatever
> it takes to use RFC 5705 to make more keys without exchanging any
> packets.

Yes, each end has, as the Proposed RFC calls it: the current master key.

This master key is used to make new C2S and S2C as required, on demand.

RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 109 NW Wilmington Ave., Suite E, Bend, OR 97703
	gem at rellim.com  Tel:+1 541 382 8588

	    Veritas liberabit vos. -- Quid est veritas?
    "If you can’t measure it, you can’t improve it." - Lord Kelvin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 851 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20190118/601d210f/attachment.bin>

More information about the devel mailing list