IETF Logo Mail Archive

Re: [Ntp] NTP Security (was NTPv5: big picture)

Magnus Danielson <magnus@rubidium.se> Thu, 28 January 2021 10:27 UTC

Return-Path: <magnus@rubidium.se>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E87223A0C74 for <ntp@ietfa.amsl.com>; Thu, 28 Jan 2021 02:27:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rubidium.se
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pzVgWM_0zvMr for <ntp@ietfa.amsl.com>; Thu, 28 Jan 2021 02:27:48 -0800 (PST)
Received: from pio-pvt-msa2.bahnhof.se (pio-pvt-msa2.bahnhof.se [79.136.2.41]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C636C3A0C70 for <ntp@ietf.org>; Thu, 28 Jan 2021 02:27:44 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by pio-pvt-msa2.bahnhof.se (Postfix) with ESMTP id C350D3F3E9 for <ntp@ietf.org>; Thu, 28 Jan 2021 11:27:41 +0100 (CET)
Authentication-Results: pio-pvt-msa2.bahnhof.se; dkim=pass (2048-bit key; unprotected) header.d=rubidium.se header.i=@rubidium.se header.b=INPavjWf; dkim-atps=neutral
X-Virus-Scanned: Debian amavisd-new at bahnhof.se
Received: from pio-pvt-msa2.bahnhof.se ([127.0.0.1]) by localhost (pio-pvt-msa2.bahnhof.se [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c6Bzu2h5-vWU for <ntp@ietf.org>; Thu, 28 Jan 2021 11:27:36 +0100 (CET)
Received: by pio-pvt-msa2.bahnhof.se (Postfix) with ESMTPA id 0875A3F3DA for <ntp@ietf.org>; Thu, 28 Jan 2021 11:27:34 +0100 (CET)
Received: from machine.local (unknown [192.168.0.15]) by magda-gw (Postfix) with ESMTPSA id 24DF99A04B0; Thu, 28 Jan 2021 11:27:34 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=rubidium.se; s=rubidium; t=1611829654; bh=yhVq5mllSG9Plzv02pDXZLWaKRIu0bV919HtvnSLBek=; h=Cc:Subject:To:References:From:Date:In-Reply-To:From; b=INPavjWfPp9iwaX8u1wqn7BrEzGJQwv8e6DyAQzKv9+30EI2U8YfM8m3OjtGcUl1h 8XkdEkCZiAsRjjoxhgpDB0NSyLnQQ7cjqe3sapQ4vGHZgu/secSkGd0U23uvhwo7UN nXuJ75l2sBu8G61ceO+T+0Lj9zLSh05JrezJOASd7z5ybYhEpnsr4QlLHuJK5Wcvu6 1+TFxwWYJsiovJevbvNCWAWkZUaoha2hHhAE+8TIIpOTzFwSYPbPHB/vBC4g7CrJlQ j8WyZws+w4jlYl6unWo4RKrXMrskrQTjnQn0YHVYzIxBeYo7lWu17EXMni++DPWB9T Q4tXu7mIOT6jw==
Cc: magnus@rubidium.se
To: ntp@ietf.org
References: <20210118113806.33BBE40605C@ip-64-139-1-69.sjc.megapath.net> <c6fda979-0b3e-99fc-2dc5-25b7cde4c42b@rubidium.se> <20210118162517.GA2410317@localhost> <acdd42d0-9b58-4b26-0798-55a42bc0b6de@rubidium.se> <YAX6gJiREb2RE6Gs@roeckx.be> <c5378682-e03f-9e46-24d5-025eb4a57c05@rubidium.se> <20210119094217.GB2430794@localhost> <68c0d807-2290-3c44-d760-35306af20434@rubidium.se> <123A8671-C143-443A-840C-A8960041DADF@redfish-solutions.com>
From: Magnus Danielson <magnus@rubidium.se>
Message-ID: <6e52b053-ed87-fb47-9089-ea321284ef35@rubidium.se>
Date: Thu, 28 Jan 2021 11:27:32 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:78.0) Gecko/20100101 Thunderbird/78.6.1
MIME-Version: 1.0
In-Reply-To: <123A8671-C143-443A-840C-A8960041DADF@redfish-solutions.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/YvXF-tO1sn1giPAeOBc8OGZ6fZE>
Subject: Re: [Ntp] NTP Security (was NTPv5: big picture)
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Jan 2021 10:27:52 -0000

Philip,

On 2021-01-22 03:34, Philip Prindeville wrote:
>
>> On Jan 19, 2021, at 5:24 AM, Magnus Danielson <magnus@rubidium.se> wrote:
>>
>>> I think the point is that you cannot bootstrap secure time out of
>>> nothing.
>> That's a conjecture, yet to be proven.
>
> No, that's basic Information Theory.  Lost or non-existent information can't be recreated from a void.
>
> ...
Which needs to be properly proven to apply, because we end up shutting
this WG down if it truely applies.
>
>>> You either do full validation using some trusted time source
>>> (e.g. RTC), or you don't.
>> RTC is not a trusted time source. 
>
> I think I'm more likely to trust that which I can control or verify for myself, than that which I can't.

Which makes it an operational issue, which turns out to fail eventually,
and when it fails and NTP is your only way to resolve, you do not have
time and hence you are out of service. That is not leading towards a
robust solution.

So, in conclusion, rather than quickly dismiss the notion of being able
to bootstrap, it needs to be revisited. I through out a proposal to get
something to test. People did not like that, so now I let others find a
solution to replace it, and the purpose of my proposal was to provide
something for people to think and analyze, and find flaws and then fix
those flaws. What you ended up doing was dismissing the bare thought.

The lack of interest to solve this means that I see less use and
therefore less interest in NTPv5.

Cheers,
Magnus

v2.23.0 | Report a Bug | By Email