Re: [Ntp] I-D Action: draft-roughtime-aanchal-02.txt
Watson Ladd <watsonbladd@gmail.com> Wed, 29 May 2019 15:55 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3604F120113; Wed, 29 May 2019 08:55:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kRaLI46Nl3Ev; Wed, 29 May 2019 08:55:29 -0700 (PDT)
Received: from mail-lj1-x22e.google.com (mail-lj1-x22e.google.com [IPv6:2a00:1450:4864:20::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AA0EA120004; Wed, 29 May 2019 08:55:28 -0700 (PDT)
Received: by mail-lj1-x22e.google.com with SMTP id z5so2973030lji.10; Wed, 29 May 2019 08:55:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=7hgaRLdcTkmKdItFCpaS7KfAukiDufTWrtaB4cJ8+fc=; b=pd6nSV4EPuYZSGpHaHyxAqCNA61EZITpM9tshgObj89SaCHBGI+ZCrSAzMesvbNoUm LHJglby0IS0ftCD+eEtv1IipUDsBVIYne9zTR1gZl7AA5Q/yvZLMM4QfpPTucGhVNID0 CweqAIOXuk0aKA+rIK59q6SLKoD2OjXD6cddg1RZo5bNqwMSA8wLruKaTrz0+9vAEo5b I0HODEGND+Cms/HAEqd5VWX0rChrMjO98LfHZa8WZscR0ggxSHJOi5nXdRmv1TuGEz8A 8KAUCIEoD1hSEtgoRsANwUlMO0jobwXToKMOmQpGrQoXAy6z7qkqmWBGpC0jKYl/q5jj C96Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=7hgaRLdcTkmKdItFCpaS7KfAukiDufTWrtaB4cJ8+fc=; b=S7jD6DWGLDZR/qnyv7k2Ap5ZK57s1Xhi1Macc0OjKJ9hsgHswIGGZbct9J6jT34A05 pVy8DuOQV1b+QegMVzTRPj8chuG2VWvGSqkU57BYujEilNrC5HPlDj47LK7KNwrrfcff vWpxovmA+5tcKv9Y39Zi3JJPBUO7CIa4MTzdkqyMm3MA4OYKvf9PgnXB04xiY4FMbAwu GvqGGXVLW/OOuavcBBT94VN8VbAha49lzf/8/h2g9fvnY865uAUQi51bN8a+mTtFHz4L L1OTK3AEf93sVr0+ep9EPsL1GmxwAU9uHX7uNzeIpw12wX1EjMUOzY0njLyjupIWpHhy jskA==
X-Gm-Message-State: APjAAAX9/BDg/7OD8VNeWbfp3Nbx3QsBuUdGewJV+Lk1jzC6iMkpI+Uw W9Z+OO0Y4+r7XJRQMWeNzj69GGWiG1xHqEJwZgE=
X-Google-Smtp-Source: APXvYqw67BaZpYReyeJOAndvL0NXvUUXla8/5+xYdd3nteP1bZTifKqsOP19SR0unQQiPYgcQHjINf6dm8p7hzZZC9U=
X-Received: by 2002:a2e:b0db:: with SMTP id g27mr16430289ljl.210.1559145326803; Wed, 29 May 2019 08:55:26 -0700 (PDT)
MIME-Version: 1.0
References: <155897662160.809.5527655773398720605@ietfa.amsl.com> <CABUE3Xk60A+r5fgs7H7Srkyyn7yX8M0Fyw=jEi8+ifm=KS58vA@mail.gmail.com>
In-Reply-To: <CABUE3Xk60A+r5fgs7H7Srkyyn7yX8M0Fyw=jEi8+ifm=KS58vA@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
Date: Wed, 29 May 2019 08:55:13 -0700
Message-ID: <CACsn0ckgbsHXzZ+a_uKjzH-1Wi4rLVVOWHBkyRcdThaKMTEO8g@mail.gmail.com>
To: Tal Mizrahi <tal.mizrahi.phd@gmail.com>
Cc: NTP WG <ntp@ietf.org>, draft-roughtime-aanchal@ietf.org
Content-Type: multipart/alternative; boundary="0000000000005b8374058a08cfd7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/UTDbQfXiPHd-BtUYi7wEoGUigso>
Subject: Re: [Ntp] I-D Action: draft-roughtime-aanchal-02.txt
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 May 2019 15:55:32 -0000
On Wed, May 29, 2019, 6:29 AM Tal Mizrahi <tal.mizrahi.phd@gmail.com> wrote: > Dear authors, > > Thanks for updating the draft. The new text in the Introduction is highly > appreciated, and addresses some of the concerns I raised. > > Comments: > 1. The document is still missing a threat analysis. There should probably > be a dedicated section that describes the threats that are and are not > solved by Roughtime. > 2. In IETF 104 the authors and Kristof explained that delay attacks are > mitigated by measuring the RTT and comparing it to a pre-configured upper > bound. This should be described in the draft. > That converts a delay attack into no measurement. But one still learns a bound that is valid, just not very confining. There is no MLE estimator necessarily, so delays might not induce systemic errors. Some applications are of this form. 3. The draft should discuss upper bounds on how "bad" a server can be > without being detected as a falseticker. > > Some proposed text follows. > > Cheers, > Tal. > > > Here is some (preliminary) proposed text for (2) above: > > Although delay attacks cannot be prevented, they can be limited to a > predetermined upper bound. This can be done by defining a maximal tolerable > RTT value, MAX-RTT, that a client is willing to accept. A Roughtime client > can measure the RTT of every request-response handshake and compare it to > MAX-RTT; if the RTT exceeds MAX-RTT, the corresponding server is assumed to > be a falseticker. When this approach is used the maximal time error that > can be caused by a delay attack is MAX-RTT/2. It should be noted that this > approach assumes that the nature of the system is known to the client, > including reasonable upper bounds on the RTT value. > > > Here is a preliminary proposal for some text for (3) above (needs to be > reviewed and discussed): > > As discussed in the introduction, the absence of proof of malfeasance does > not indicate that all the servers are "good". However, if the Roughtime > mechanism indicates that all servers are well-behaved then Roughtime > timestamps can be used to compute an upper bound on the time error of a > potential falseticker. For example, for a given set of responses (r_1, r_2, > r_3) from three servers, if it is guaranteed that server 1 and server 3 are > truechimers, then the client has an upper bound on the time error that may > be caused by the reply from server 2, as the timestamp of server 2 is > bounded by the timestamps of server 1 and server 3. Thus, the time error > from server 2 cannot exceed: > > max{MIDP_3 - MIDP_2 + RADI_3 + RADI_2, > MIDP_2 - MIDP_1 + RADI_2 + RADI_1}. > > More generally, if n servers are used in the protocol, and for a given set > of responses (r_1, r_2, ..., r_n, r_1'), if server 1 is guaranteed to be a > truechimer, then the time error that may be caused by each of the servers > 2, 3, ..., n is bounded by: > > MIDP_1' - MIDP_1 + 2*RADI_1 > This does not seem quite right: the error in the timestamp is bounded (which is explained in definition of a falseticker: perhaps that needs to be relabled). The error induced in the time is a very different beast. Thanks for the suggested text. > > On Mon, May 27, 2019 at 8:03 PM <internet-drafts@ietf.org> wrote: > >> >> A New Internet-Draft is available from the on-line Internet-Drafts >> directories. >> This draft is a work item of the Network Time Protocol WG of the IETF. >> >> Title : Roughtime >> Authors : Aanchal Malhotra >> Adam Langley >> Watson Ladd >> Filename : draft-roughtime-aanchal-02.txt >> Pages : 11 >> Date : 2019-05-27 >> >> Abstract: >> This document specifies Roughtime - a protocol that aims to achieve >> rough time synchronization while detecting servers that provide >> inaccurate time and providing cryptographic proof of their >> malfeasance. >> >> >> The IETF datatracker status page for this draft is: >> https://datatracker.ietf.org/doc/draft-roughtime-aanchal/ >> >> There are also htmlized versions available at: >> https://tools.ietf.org/html/draft-roughtime-aanchal-02 >> https://datatracker.ietf.org/doc/html/draft-roughtime-aanchal-02 >> >> A diff from the previous version is available at: >> https://www.ietf.org/rfcdiff?url2=draft-roughtime-aanchal-02 >> >> >> Please note that it may take a couple of minutes from the time of >> submission >> until the htmlized version and diff are available at tools.ietf.org. >> >> Internet-Drafts are also available by anonymous FTP at: >> ftp://ftp.ietf.org/internet-drafts/ >> >> _______________________________________________ >> ntp mailing list >> ntp@ietf.org >> https://www.ietf.org/mailman/listinfo/ntp >> > _______________________________________________ > ntp mailing list > ntp@ietf.org > https://www.ietf.org/mailman/listinfo/ntp >
- [Ntp] I-D Action: draft-roughtime-aanchal-02.txt internet-drafts
- Re: [Ntp] I-D Action: draft-roughtime-aanchal-02.… Thomas Peterson
- [Ntp] Antw: Re: I-D Action: draft-roughtime-aanch… Ulrich Windl
- Re: [Ntp] I-D Action: draft-roughtime-aanchal-02.… Tal Mizrahi
- Re: [Ntp] I-D Action: draft-roughtime-aanchal-02.… Watson Ladd
- Re: [Ntp] Antw: Re: I-D Action: draft-roughtime-a… Thomas Peterson