IETF Logo Mail Archive

Re: [Ntp] NTP Security (was NTPv5: big picture)

Magnus Danielson <magnus@rubidium.se> Mon, 18 January 2021 15:46 UTC

Return-Path: <magnus@rubidium.se>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D7E323A0813 for <ntp@ietfa.amsl.com>; Mon, 18 Jan 2021 07:46:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.361
X-Spam-Level:
X-Spam-Status: No, score=-2.361 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.262, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rubidium.se
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 40T0NZTgW51A for <ntp@ietfa.amsl.com>; Mon, 18 Jan 2021 07:46:31 -0800 (PST)
Received: from ste-pvt-msa2.bahnhof.se (ste-pvt-msa2.bahnhof.se [213.80.101.71]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 416093A07FC for <ntp@ietf.org>; Mon, 18 Jan 2021 07:46:29 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by ste-pvt-msa2.bahnhof.se (Postfix) with ESMTP id 99B0F3F66E for <ntp@ietf.org>; Mon, 18 Jan 2021 16:46:26 +0100 (CET)
Authentication-Results: ste-pvt-msa2.bahnhof.se; dkim=pass (2048-bit key; unprotected) header.d=rubidium.se header.i=@rubidium.se header.b=eJO1TltR; dkim-atps=neutral
X-Virus-Scanned: Debian amavisd-new at bahnhof.se
Authentication-Results: ste-ftg-msa2.bahnhof.se (amavisd-new); dkim=pass (2048-bit key) header.d=rubidium.se
Received: from ste-pvt-msa2.bahnhof.se ([127.0.0.1]) by localhost (ste-ftg-msa2.bahnhof.se [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S1D6sCHDeIzW for <ntp@ietf.org>; Mon, 18 Jan 2021 16:46:24 +0100 (CET)
Received: by ste-pvt-msa2.bahnhof.se (Postfix) with ESMTPA id B78A63F67B for <ntp@ietf.org>; Mon, 18 Jan 2021 16:46:23 +0100 (CET)
Received: from machine.local (unknown [192.168.0.15]) by magda-gw (Postfix) with ESMTPSA id 4470B9A04FF; Mon, 18 Jan 2021 16:46:23 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=rubidium.se; s=rubidium; t=1610984783; bh=Qo9UmnFd+LBnMAvWrTthzslHQ3LbQhhXjdI+aJzn+WY=; h=Cc:Subject:To:References:From:Date:In-Reply-To:From; b=eJO1TltRqieK7MYk5xlVYZ01MaN5kkscm+K6mIAI0eDZiOYB3FooHCTma3Ta0X/lM dMyDtWiT0pG4ED1gRzJ55avgszbxwkoWKG+BYSeEVk/I7VIFPBO+J0QQ6Um5m23uVg 5OGgRtNb7YMjbYg+QHlS4ixWnzepdOLK15oN8M/vIkMOlSgtVVRTa4Z+x5yJTr9zR7 GxM7dUAYQB3+ibB8D8bieIVlxNhwjhb44p8Y/gtEXH9nbbSPOzIT3srterRFq6od/F 7ZNIJlE2XRhULbeP77Eam3N6DPPozow3RuFy49V0ceak9lGaboyojkGSKaZwzMX9rQ 6rIBllF83vsDQ==
Cc: magnus@rubidium.se
To: ntp@ietf.org
References: <20210118113806.33BBE40605C@ip-64-139-1-69.sjc.megapath.net>
From: Magnus Danielson <magnus@rubidium.se>
Message-ID: <c6fda979-0b3e-99fc-2dc5-25b7cde4c42b@rubidium.se>
Date: Mon, 18 Jan 2021 16:46:22 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:78.0) Gecko/20100101 Thunderbird/78.6.1
MIME-Version: 1.0
In-Reply-To: <20210118113806.33BBE40605C@ip-64-139-1-69.sjc.megapath.net>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/E8eSMEnkqQa9Jtjb2aF8LIbCMe8>
Subject: Re: [Ntp] NTP Security (was NTPv5: big picture)
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Jan 2021 15:46:35 -0000

Hi,

On 2021-01-18 12:38, Hal Murray wrote:
> emmanuel.fuste@thalesgroup.com said:
>> And all bootstrapping problems could be solved with CD / DO flags  controls
>> and validation back checking with the first returned time of day. 
> How is that back checking going to work?  You don't know the time yet.
>
> Sure, it will say "OK" if you are talking to an honest server, but if you are talking to a bad guy, it can lie consistently.  Am I missing something?

So, you only need to have sufficiently accurate time that DNSSEC will
give thumbs up.

Also, it only really need to match of that handshake.

So, if you talk to server A, you can query which NTP server A say I
should be able to trust.

1) Query A for NTP server B for A.

2) Query B for NTP time to use in initial exchange.

3) Query A for DNSSEC verified answer, using the time as initiated from B.

4) With verified answer, now handshake B using verified DNS records. If
not verified, it fails.

5) Query B for NTP time.

6) If verified time matches that of the initial handshake request (as
updated using local time progess), then unauthenticated time in step 2
and 3 was valid, and thus the verification was valid and progress, else
fail.

So, we see how unauthenticated time can be used to bootstrap the
handshake. Notice that this is not used to initiate node time, but only
for that handshake. Only after things is secured, you accept time as
being secured.

This will work if the DNSSEC part and the consistency check in 6 leave
enough margin.

If it fails, it fails. This is why you want multiple sources for redundancy.

>
> ---------
>
> I know of 2 solutions for the 10 years on the shelf problem.
>
> 1) Have a battery that lasts long enough.  Watches are good for ballpark of 1 second per day so 10 years will be within an hour.  (worse if the device is stored in hot or cold)
>
> 2) Preload the box with whatever is needed to get off the ground without good time.  I think that is long lifetime certificates and long lifetime IP Addresses.
>
> Neither is easy, but I think both are possible.
Cheers,
Magnus

v2.23.0 | Report a Bug | By Email