IETF Logo Mail Archive

Re: [Ntp] ntpv5 requirements

kristof.teichel@ptb.de Thu, 16 February 2023 12:24 UTC

Return-Path: <kristof.teichel@ptb.de>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4630BC16950C for <ntp@ietfa.amsl.com>; Thu, 16 Feb 2023 04:24:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.396
X-Spam-Level:
X-Spam-Status: No, score=-4.396 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ptb.de
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G3eqo2W_5t-Z for <ntp@ietfa.amsl.com>; Thu, 16 Feb 2023 04:24:42 -0800 (PST)
Received: from mx1.bs.ptb.de (mx1.bs.ptb.de [192.53.103.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 21590C1516EA for <ntp@ietf.org>; Thu, 16 Feb 2023 04:24:40 -0800 (PST)
Received: from smtp-hub.bs.ptb.de (smtpint01.bs.ptb.de [141.25.87.32]) by mx1.bs.ptb.de with ESMTP id 31GCOcv6006623-31GCOcv8006623 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for <stenn@nwtime.org>; Thu, 16 Feb 2023 13:24:38 +0100
In-Reply-To: <5f2d5232-2d65-ebba-a882-c17a2d45ff6b@nwtime.org>
References: <DB8PR02MB5772E45732B25646F7CAE211CFD99@DB8PR02MB5772.eurprd02.prod.outlook.com> <Y+pgBgc/5dJ9wtAP@localhost> <2bbcdc7b-a47c-8421-0278-0ac364faaeea@nwtime.org> <OF7B624B98.C1ECCBBE-ONC1258956.00440F55-C1258956.00448C93@ptb.de> <8bfc7ac6-7696-1ac8-c2a3-62aa0084e07f@nwtime.org> <OFC32EACE8.630A7650-ONC1258957.002BE096-C1258957.0030593F@ptb.de> <5f2d5232-2d65-ebba-a882-c17a2d45ff6b@nwtime.org>
To: ntp@ietf.org
Cc: Harlan Stenn <stenn@nwtime.org>
MIME-Version: 1.0
X-KeepSent: 7946EA99:C237A3AE-C1258958:003FD291; type=4; name=$KeepSent
From: kristof.teichel@ptb.de
Message-ID: <OF7946EA99.C237A3AE-ONC1258958.003FD291-C1258958.00442BAC@ptb.de>
Date: Thu, 16 Feb 2023 13:24:36 +0100
X-MIMETrack: Serialize by Router on MAILGW01/PTB at 02/16/2023 01:24:38 PM, Serialize complete at 02/16/2023 01:24:38 PM
Content-Type: multipart/alternative; boundary="=_alternative 00442BABC1258958_="
X-FE-Last-Public-Client-IP: 141.25.87.32
X-FE-Policy-ID: 5:5:5:SYSTEM
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; d=ptb.de; s=s1-ptbde; c=relaxed/relaxed; h=references:to:cc:mime-version:subject:from:message-id:date:content-type; bh=QzCwbTf4uk1SvETAY3LJWFQuMAmk0KvdEFQA9P40wg4=; b=CdL8E8OliiWB7L4RxYUr8YgwjFsB+wsVZuP6wD8VKUmTz0Oszg8J2c7k9pgwS8+2Xe+nfw16uxsZ 23KYxcSIYWB+7V9S31VFXadWO/ukXaIAmQKIvoAo2N9/LdRONtWjRis0wbSJcEr94VS3toIOrrV/ V1HDT4zjRobdn+HMIpBtdzlJiKESz5VjU9Wk/bpTeRvH0Q0w3dwmHCbyhyXFv45dhVORBi05E51h cvPG/+TFdIPsKrZ6YRHLXqSPNq7X+otYoRxAwLeM6YeYKyVCkcen7BcKXtU3+fMuANyDnQ2bQjpF 8P/qDormOmq98oQGwIWt8cNIdFPd1n2j3CTHmA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/9Nkm7-XaUFA5fFIlwtUsbLAuDks>
Subject: Re: [Ntp] ntpv5 requirements
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Feb 2023 12:24:47 -0000

Hey all,

at this point, I would be really interested to see NIST's actual scaling 
and performance requirements for their use case.
It seems like a shaky foregone conclusion by them (and/or by Harlan, see 
in-line below) that 
  a) NTS would not fulfill their requirements, and 
  b) anything else (existing or to-be-made) would fulfill them any better.

But if I'm wrong, or if the foregone conclusion happens to be accurate, 
then we should look into whether and how we can help.


Best regards!

> > 
> >> Von: "Harlan Stenn" <stenn@nwtime.org>
> >> An: kristof.teichel@ptb.de,  ntp@ietf.org
> >> Datum: 15.02.2023 04:16
> >> Betreff: Re: [Ntp] ntpv5 requirements
> >> Gesendet von: "ntp"  <ntp-bounces@ietf.org>
> >> 
> >> I don't see that you are disagreeing with me regarding the "priority" 
 of
> >> performance.
> > 
> > Let's leave the goalpost were they were: the original 
question/statement 
> > was whether/that NTS was specifically designed to scale well with 
large 
> > number of clients.
> > Which it was (I can elaborate if anyone would like, but I feel like 
> > we've been through this).
> > I'm disagreeing with your implicit statement that your perceived 
> > priority of goals is in any way an argument against this.
> 
> Whatever.

Noted.
 
> The point remains that there are clearly environments out there where 
> NTS does not currently sufficiently scale.

Is there more than one claim about one such environment?

> > You also appear to get scaling properties mixed up with performance, 
> > though they are clearly stated as separate goals and each explained in 

> > the RFC.
> 
> Maybe, but I don't see how this is significant. 

Noted. 

> The bottom line is that NTS does not currently appear to be usable at 
high traffic volumes.

How did you get to this bottom line?
Again, I also find it unduly vague; are you just talking about NIST's 
prediction, or any more (harder?) data points?
Also again, note that PTB *is using* NTS at a volume currently sufficient 
for the interested parties on a nation-wide level.

> > That said, even when confounding them I don't see the argument:
> > NTS was also specifically designed to affect performance "not 
> > significantly" (we can go there if need be), and I would argue it 
simply 
> > affects performance *as little as possible* (possible while reaching 
the 
> > stated security goals).
>  >
> >> And blindly following "amplification goal-stated as zero"  has some
> >> pretty onerous consequences.
> > 
> > The above is already a pretty hard detour from NTPv5 requirements 
> > discussions.
> 
> I was merely responding to something you said on the thread.
> 
> > But this is so far beside the point, let's either open up a separate 
> > thread for it or drop it.
> 
> I have no preference.
>
> H
> --
> >> H
> >> 
> >> On 2/14/2023 4:28 AM, kristof.teichel@ptb.de wrote:
> >> > The reason that scalability and performance have traditionally been
> >> > listed last in NTS documents is less that they are in any way 
secondary
> >> > -- and more that they follow a pattern of "...and it needs  to do 
all of
> >> > the above in such a way that it retains scalability and performance 
 as
> >> > far as possible".
> >> > (And perhaps a bit of them being quantitative goals rather than
> >> > absolute/qualitative; performance is gonna get worse with crypto 
rather
> >> > than without, the goal is to keep it reasonable/best possible  -- 
whereas
> >> > e.g. amplification can be cleanly goal-stated as zero.)
> >> > 
> >> > 
> >> > Besten Gruß / Kind regards,
> >> > Kristof Teichel
> >> > 
> >> > __________________________________________
> >> > 
> >> > Dr.-Ing. Kurt Kristof Teichel
> >> > Physikalisch-Technische Bundesanstalt (PTB)
> >> > Arbeitsgruppe 4.42 "Zeitübertragung"
> >> > Bundesallee 100
> >> > 38116 Braunschweig (Germany)
> >> > Tel.:    +49 (531) 592-4471
> >> > E-Mail: kristof.teichel@ptb.de
> >> > __________________________________________
> >> > 
> >> > 
> >> > 
> >> > Von: "Harlan Stenn" <stenn@nwtime.org>
> >> > An: ntp@ietf.org
> >> > Datum: 13.02.2023 23:29
> >> > Betreff: Re: [Ntp] ntpv5 requirements
> >> > Gesendet von: "ntp" <ntp-bounces@ietf.org>
> >> > 
------------------------------------------------------------------------
> >> > 
> >> > 
> >> > 
> >> > On 2/13/2023 8:06 AM, Miroslav Lichvar wrote:
> >> >> On Thu, Feb 09, 2023 at 05:18:20PM +0000, Doug Arnold wrote:
> >> >>> For example: Judah Levine at NIST recently told me that  he
> >> cannot  implement NTS with his current server resources and the 
number of
> >> > clients NIST supports.  However, when I told him about TESLA  he 
thought
> >> > a scheme based on that would be doable, as long as the keys didn?t 
have
> >> > to change too often.
> >> >> 
> >> >> That is interesting as NTS was specifically designed to scale well 
 to
> >> >> very large numbers of clients.
> >> > 
> >> > I don't recall performance in NTS as being a primary goal of  the 
design.
> >> > 
> >> > Sure, it was listed as *a* goal, but the primary goals were around
> >> > "security".
> >> > 
> >> >> Is their concern about decryption
> >> >> and encryption of NTS-protected NTP packets, or rather TLS  in 
NTS-KE?
> >> >  >
> >> >> In 2016 they reported they had about 200k requests per second 
across
> >> >> all their servers [1]. Even if it was 100x more today and  all 
clients
> >> >> were using NTS, that could still be handled by a dozen of  servers 
 with
> >> >> multi-core CPUs and AES acceleration. In my tests I get about 
200k/s
> >> >> per core.
> >> > 
> >> >  From what I've heard, NTS key operations take 5-10x the  amount of
> >> > compute power beyond what NTP needs.
> >> > 
> >> >> NTS-KE traffic is more difficult to predict as it depends  on the
> >> >> client implementations. I would be curious to see what NTS-NTP  to
> >> >> NTS-KE request ratio do the well-known NTS providers like 
Cloudflare
> >> >> and Netnod have.
> >> >> 
> >> >> [1] https://nvlpubs.nist.gov/nistpubs/jres/121/jres.121.003.pdf 
> > <https://nvlpubs.nist.gov/nistpubs/jres/121/jres.121.003.pdf>
> >> > <https://nvlpubs.nist.gov/nistpubs/jres/121/jres.121.003.pdf 
> > <https://nvlpubs.nist.gov/nistpubs/jres/121/jres.121.003.pdf>>
> >> >> 
> >> > 
> >> > -- 
> >> > Harlan Stenn <stenn@nwtime.org>
> >> > http://networktimefoundation.org 
> > <http://networktimefoundation.org/><http://networktimefoundation.org/ 
> > <http://networktimefoundation.org/>>- be
> >> > a member!
> >> > 
> >> > _______________________________________________
> >> > ntp mailing list
> >> > ntp@ietf.org
> >> > https://www.ietf.org/mailman/listinfo/ntp 
> > <https://www.ietf.org/mailman/listinfo/ntp>
> >> > <https://www.ietf.org/mailman/listinfo/ntp 
> > <https://www.ietf.org/mailman/listinfo/ntp>>
> >> > 
> >> > 
> >> 
> >> -- 
> >> Harlan Stenn <stenn@nwtime.org>
> >> http://networktimefoundation.org <http://networktimefoundation.org/>- 
be 
> > a member!
> >> 
> >> _______________________________________________
> >> ntp mailing list
> >> ntp@ietf.org
> >> https://www.ietf.org/mailman/listinfo/ntp 
> > <https://www.ietf.org/mailman/listinfo/ntp>
> 
> -- 
> Harlan Stenn <stenn@nwtime.org>
> http://networktimefoundation.org - be a member!

v2.23.0 | Report a Bug | By Email