IETF Logo Mail Archive

Re: [Ntp] ntpv5 requirements

Doug Arnold <doug.arnold@meinberg-usa.com> Tue, 14 February 2023 14:17 UTC

Return-Path: <doug.arnold@meinberg-usa.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 963BAC16950A for <ntp@ietfa.amsl.com>; Tue, 14 Feb 2023 06:17:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.096
X-Spam-Level:
X-Spam-Status: No, score=-7.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=meinberg-usa.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hgjN8AH6x75l for <ntp@ietfa.amsl.com>; Tue, 14 Feb 2023 06:17:34 -0800 (PST)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-he1eur04on0631.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe0d::631]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B3CE2C13A07D for <ntp@ietf.org>; Tue, 14 Feb 2023 06:17:33 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=aPhum2bExlqwMQSJfaZOUOhsENyo9+hStdYU6Mx7UoLfyAhsVxIOkPMpzOaKMzx24CeMhKUlZxJ21FxF5ywUDGcKHkSQx6XHQiqmAYXzBs1KZMDNri05h6enbyrvjEIADZmX82OnHu3luXGxN9h25G5IqLXrempZfcHwXlkEz6x50xJRSqWHXUF27I8C1lcKqYMA2BXkgiDzkc2tuPC9r+M+IDh8dg+oe+pOceosSrEFrmyV5gfIS1AF4weL14d4c9Ul1fptE+earWdp6bi/tpLQWNL7E0FfNM6+GlI6Jxaz/K850eokcDxVZGWrXVIscv7KQg/Nm8kfMrF7rupzdg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5oBTbW528DA8ZRC5BxgNNOh2C/LgK7EWoialwnCS1qI=; b=T8OTpmw5fGglnv2/zMPSDSRE+ZGibFTqI8siLIpI4fblEgzV0ZzWyvzxtf+Ezjyy1amHWXXxehjBvNujk/1UbFHfVg+RcPyZGnf+GcUwRUAFsKIv/wZddYV4o2zA6iSil916DJ2Tce3M9nekziO1K5Hih0zSi7ux5ykCpE/BEdq9cTiRRwhJpi1uoBdN9AYseV01gMkXCa0PKDLvNrqBxJLWz4fAQqUNyZ99aNQGa2uIfYq9HbSDkVk92wrGFfqjK8h2UArUA3r7XM1fJ1HggDm7bR8BuRIv624nidgLxAity+n5HTZXlBHSALXjBJd8Bp4JUcGIF6fdetL5ibqgfQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=meinberg-usa.com; dmarc=pass action=none header.from=meinberg-usa.com; dkim=pass header.d=meinberg-usa.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=meinberg-usa.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5oBTbW528DA8ZRC5BxgNNOh2C/LgK7EWoialwnCS1qI=; b=TuOUh9/XRIrtisyfkifPJgP8gi8zLKBDZZKVzOxRuPEyNY77nXHUSdRord2KY2oIGM+ds6N5B1YfQ4azPcGKSFmsTVIW8ePpztTRcZJ3vKkDh5lEMCcWvvbnsEdDOTX+noxEsmr5UcpAlD8BWNjDIRkqLngWt2ZpWbWN1P4NIcK6vLItGmV8X/1rEUWz9p+FyD+ScLneQms4KY/91NUfzZMTh/YEpAHiMrHEMCiX0Y4ahkHucHhKK0G4NnFTEVWyOcxZaEnoPLjebfboziLmSsG5iv5pO9ZZanCGjnTSjA/QpwuJKJN5NIr/2vFMvwszZuxGbrP+p6r2aeoMoPbciA==
Received: from AM7PR02MB5765.eurprd02.prod.outlook.com (2603:10a6:20b:102::15) by AS8PR02MB9481.eurprd02.prod.outlook.com (2603:10a6:20b:5a4::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6086.24; Tue, 14 Feb 2023 14:17:29 +0000
Received: from AM7PR02MB5765.eurprd02.prod.outlook.com ([fe80::5b06:19c7:472b:52b1]) by AM7PR02MB5765.eurprd02.prod.outlook.com ([fe80::5b06:19c7:472b:52b1%3]) with mapi id 15.20.6086.024; Tue, 14 Feb 2023 14:17:29 +0000
From: Doug Arnold <doug.arnold@meinberg-usa.com>
To: Miroslav Lichvar <mlichvar@redhat.com>
CC: NTP WG <ntp@ietf.org>
Thread-Topic: [Ntp] ntpv5 requirements
Thread-Index: AQHZPKfs8q+9+ztUm0KZb8+1uSZyiq7NEPQAgAAa0UeAAP0XgIAAWwsP
Date: Tue, 14 Feb 2023 14:17:28 +0000
Message-ID: <AM7PR02MB576506FDAB08CB5E7D4AC58BCFA29@AM7PR02MB5765.eurprd02.prod.outlook.com>
References: <DB8PR02MB5772E45732B25646F7CAE211CFD99@DB8PR02MB5772.eurprd02.prod.outlook.com> <Y+pgBgc/5dJ9wtAP@localhost> <AM7PR02MB576579AFC2D5733F7F112F03CFDD9@AM7PR02MB5765.eurprd02.prod.outlook.com> <Y+tK0/ThzDSRFlXu@localhost>
In-Reply-To: <Y+tK0/ThzDSRFlXu@localhost>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=meinberg-usa.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: AM7PR02MB5765:EE_|AS8PR02MB9481:EE_
x-ms-office365-filtering-correlation-id: b231aa7e-261c-4c90-6ec6-08db0e963468
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: sQOQFcPeSblypX/2NTE6EbpZUoW9IktZ01bXdCJ0xbhe24730KF00CCQtxnvYj/AgF2MQpEj9MmP42iWIZ0MqIqDi6ZT2Z1OudpzeN1peXxa6qYDS3V4F6hdwDbNAZKnf97KARlr+fffAJaRXkReWGpe9kEOb0kd/kFIPoW4OZNRpsjMu5l3VYEkepYI9KM0T2jL3vspnvieab0n+Zeye9cnq4EmC5A4FRe74Nowfr5317wlUPse4ahhao1R583BGk1vVySTql4n5WjoPLtj8Ahi7PPmgaItyl/j8cjb1UqirCQtCZHkuXuC1dKqBdo+6dlaY8jUNoQKkMUpc2O8aFPc8wpziHhmRcSzoHWfB0OZkjCxiCxrOgixKFEYEA0PEZ5TXdrPNk5unr68IckjWbajN+GaJuWopsSaqNPmFsqnPUtrWv9Dwhp4dKLp725evkM0uWQd6PTqmyaVU1fhEHP/de7AIqFR4GUO2zzTPXkmqplW7Ty7FCg79CCqDTIqz9urNPAvTcl5eLMif5M8DFbmp9VXxWJRcBs/WGq43Vq4JotzLhruKZwH4CSvXdkpJpxCGbPs/51hlOw5iwzPelS5jsG1OWPU/Adur7Ynk3dnsMm2U8H7HLyblpmrIr+yCg86rLJimVpdCVo2K2Sdp0K1ymvzNzLCAu7TOKStXGV7eEjDqQaEwu72+4gqOmN3tH1GCr4i/f8xbkDqO3VbHQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM7PR02MB5765.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230025)(136003)(396003)(39830400003)(376002)(346002)(366004)(451199018)(5660300002)(44832011)(2906002)(7696005)(38100700002)(122000001)(55016003)(86362001)(478600001)(9686003)(53546011)(186003)(38070700005)(316002)(33656002)(26005)(71200400001)(64756008)(8676002)(4326008)(6506007)(66556008)(6916009)(66476007)(66446008)(76116006)(41300700001)(8936002)(83380400001)(52536014)(91956017)(66946007); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: zWkvUj1AEiAT61kdcHmX18u7gLn5phLvEyIIw2tLoxEbI80cFbp/I6zdp/XuXmoEwWLxtW03kX992Hxr4uvbSFZLzDQvGsyVjJYzmogTKDflFO81jsCx0Rbq5b4Cn6RwasUEP2DD5KfyQqG/dqTZVJUWvY8AhSGZZktfqCdC31c2ONurssc5M0RztWwzMcA8o43nIB79nj0++lbN4f+dgm7EeBDPK4qk3qQAjgzMotbb9s8kNZdM+lDw4OlG8bG2TuIP/swqDgcEJxRWrame5XsMmHC2rvHbRhGr+PKPs66cqHx+fjKANpWYmy8+LpBTDSqMWyrK/g+Doed0ti3TSXe2Jfd/armVZnB8xEDP/tFeyghbofDCU2HLBrn4hiMspUBeGpZPwUGqjs4rw/oLuVqcGwWBpxuNgX3Ky0ZMFvgWW6M8O7z9Nx/gIXf5UDtP+xhdpHJxBfa7oEIwsQLKhBKJwBk6R9Fo1kLwYq+7o7vPyDQ4auK5rYNbW+AEKmh+R2ODmp2fW2CrnoU4yhSVOUcA9aC3cqh4OsE5JolK3V2SPQiP6Ju3b+WgqZAg+dH4XGZ9m+lrYor/zvsize8LYzE83Fjrg9/4gnD27+VPnCyvMDMj5REReJZ64KYyXuWfRDjmSFO5S3QPGm6NJAkgsl0UFdDvDM53ZVDralCB4XHv1OpkMAB/KCVRmd1/C2LmpzXMdvHIb/NZLsRkgHx02gkkBezqG0H4g4jQaCNmNKPpWD1ynAbrc/ZlgX6kgKjcp2KjHGemnivYWSX1KHOpDt86wdsyeIoQmGE/aRPe+/YnKDLUhC3PHDPmjE+rWmGbmpAClL8P0uaXwnQ2L7jY7mLjMP0EWX8sTu01GTVjO1QT8aYPYTjDC6Em8Kl6gTxrhL2xVQOclCq81jwWhXBrq/rV89/DQzvk975DaCDDbAGb9DDbR8IqHSNmaWyVEoN63bYOfZwfJ/Oh+jhtLHqtWn7VDlcB5kuBP70f2gGfaJ1TUE6jW3ccNBFVgHo5tuLTnWXazbKTfX3tf6i3db7NEEw3YINzA2tifSAfPT6ndJyYqdaiqGIikusMTpC5XrRZbZV3+W+tTYtZi9I349WBn3vKcYdIEuBForMjbC27Fo31cwDxGGVDV5rE0igRYalj3ZLZDn8nXWQyypKHUr3VHpR4yVKE06ocTtsf9ySBYDYCPnmQiNdn069uItAdutpFTyQEAyy/vsPho7ifhkdCPNWs14YDdkM9F6y4U5HNIQb6m5E48xreP6aJuMwKB0F534Q/4XT/g8zHtN6gPzBSwLwmv6Ri/uz7ak0RVFxY3ZD7L1pKintNnH5MZEX+p7BMpBAggyQRwJaK/PRls0bxbOsU/IYA8PYtmG2oJLlHZk3D5cvLPD3SO5eEBtXw1cdJ/wMUhMXJMpFmRCK3/skemp8UJMUv+sfwmylgglIK99KfVAGUevlV8L7uVROJS3aJ+3uR2nxoLf4IODNIm+ws04cK7iXwfV7M7sNaYZkYTEsEkvydprNu/+wEwWiq3629wBepHsfKGRQDk4IzmECqe//LeBnnNykeCeowc4RqFUzkbaBP7FkH3d1qK7bK9cjJNS1TYJzki2q2T+nZjllEYmoVJohu/0eySNmc05bz/qg=
Content-Type: multipart/alternative; boundary="_000_AM7PR02MB576506FDAB08CB5E7D4AC58BCFA29AM7PR02MB5765eurp_"
MIME-Version: 1.0
X-OriginatorOrg: meinberg-usa.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM7PR02MB5765.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: b231aa7e-261c-4c90-6ec6-08db0e963468
X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Feb 2023 14:17:28.9574 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d59904cd-769f-4368-8bd0-f5f435893a38
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: jGb4teX3h1GOifSVrhTErlazRNCcYAPlNzVli7026rgpBUGD2qKgIo0DqFd2Hf80esDkgPy5wxR1iuVKCZQTtX5AuDFUuKiHxgb4SHuuH3A=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS8PR02MB9481
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/Fpm7TkIMJYXm2t5-QQi2wqhDWjI>
Subject: Re: [Ntp] ntpv5 requirements
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Network Time Protocol <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Feb 2023 14:17:39 -0000

True, TESLA makes the time/security startup problem much worse.  A client needs to start out within a time ~ second (for TESLA) instead of ~ hour (to accept a digital certificate).

Doug

From: Miroslav Lichvar <mlichvar@redhat.com>
Date: Tuesday, February 14, 2023 at 3:48 AM
To: Doug Arnold <doug.arnold@meinberg-usa.com>
Cc: NTP WG <ntp@ietf.org>
Subject: Re: [Ntp] ntpv5 requirements
On Mon, Feb 13, 2023 at 06:10:44PM +0000, Doug Arnold wrote:
> I think that he sees TESLA as super-efficient. One could generate 1 key per second to be used by all clients that second, never open a TLS channel, never look up keys in an a key index table, never encrypt a cookie.

There would still need to be some asymmetric operation and
certificates in order to authenticate the first key for the client, so
something like NTS-KE/TLS would need to be used anyway.

TESLA requires a reasonably accurate clock to be able to tell when a
key is disclosed. Some clients probably wouldn't want to wait more
than few seconds for the key (e.g. to set the clock on boot), so the
clock would have to be kept accurate to a second.

Some devices have very unstable clocks (e.g. in virtual machines) and
would need to poll the server very frequently to stay within that
limit. Some computers don't have an RTC and lose time while suspended.
There are other reasons for unexpected steps of a clock.

If the clock is not kept accurate, it completely breaks the security,
just to avoid decoding a cookie. I don't think that is acceptable for
NTP.

--
Miroslav Lichvar

v2.23.0 | Report a Bug | By Email