Re: [Ntp] A simpler way to secure PTP

Doug Arnold <doug.arnold@meinberg-usa.com> Mon, 10 May 2021 16:18 UTC

Return-Path: <doug.arnold@meinberg-usa.com>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B06C53A225D for <ntp@ietfa.amsl.com>; Mon, 10 May 2021 09:18:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=meinbergfunkuhren.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RzGOJkXOTa8p for <ntp@ietfa.amsl.com>; Mon, 10 May 2021 09:18:43 -0700 (PDT)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2044.outbound.protection.outlook.com [40.107.21.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6FD1D3A2259 for <ntp@ietf.org>; Mon, 10 May 2021 09:18:43 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KjG2kirFN20I/REQyJnNWMmk1Vp4Zow5VZvmVz2Qhi1NvQG5bj/BkfHxYnJMo5eOPpdEb6iesY06guM99gF7kjlhYkubTwOx2N4XEPAJtax/MuIGkp62UETUclvdrC/YW2S7eVTTngiUVOSSxWJz8oflTEfuV6pYZkmcSNM8vbSZQYrHzixwo0b759K39O9s7XPwvmqFJtmjI92F0I8W1KDhxsaEdgCx1ZClTYj0dsLiT+hJ4BqaKFpnWYKFUALySYVqirbUn0Qwa08InLrIzCmutpCBhGol4WafXBsQXi1NXFJcWTFVKtqYmvaObyM0ekf5M1sFkf8UDBClnH5N4w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kJE0/HWnNERP8vdshNbBudQ3aAwa6/3WvrZtMSjsERY=; b=fHPHn8dVe96Jbb0UnqOMo+F47D5ZgOrv0aCCr562jozNe/zslGjZSbGgUryTJmoPz9zYzTcWv8wIGBfk8AH5hvOJxJafmRYPbb0sjtptyrnAecRNjW4s43dB//9PpH9pGFsHDtAV711Wbf47hKPO/anGMj0dJH9B47Q9//mb6e8MYHS0cJv8l7Qtwd5UqafhxhCp0rjOP3vKBVyEjsNZsC8P8kR5LNo1vpdDtk78ZOKYK2tq36lk/S7VCrqAgpvj1fDSZRkhICk8Iy6OQAZW6yqdaQE0eh60HqS/1tShyFCKfA01UoOfz+U9IwpkxgVe9pEJ7TJlNCvPHqW0busmRg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=meinberg-usa.com; dmarc=pass action=none header.from=meinberg-usa.com; dkim=pass header.d=meinberg-usa.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=meinbergfunkuhren.onmicrosoft.com; s=selector1-meinbergfunkuhren-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kJE0/HWnNERP8vdshNbBudQ3aAwa6/3WvrZtMSjsERY=; b=G+8IYy+HCBmie3NbvFXXbuHxJ3QO4FzbzVafKy03gcfJ5yf424RCMudgdgkEId1q+E4YcHM8DmN3ztiiPKYo+WQ6KnYWGYiXJ47TOuR5tLvLigG8/wFrdRxeqI8ab+e6idenTKfgHD25XsSS6WlKPsQaazB0xb4HKSf5UNjnrQ4=
Received: from AM7PR02MB5765.eurprd02.prod.outlook.com (2603:10a6:20b:102::15) by AM6PR02MB5365.eurprd02.prod.outlook.com (2603:10a6:20b:90::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4108.29; Mon, 10 May 2021 16:18:39 +0000
Received: from AM7PR02MB5765.eurprd02.prod.outlook.com ([fe80::aca9:7944:745f:78ef]) by AM7PR02MB5765.eurprd02.prod.outlook.com ([fe80::aca9:7944:745f:78ef%5]) with mapi id 15.20.4087.050; Mon, 10 May 2021 16:18:39 +0000
From: Doug Arnold <doug.arnold@meinberg-usa.com>
To: Daniel Franke <dfoxfranke@gmail.com>
CC: Miroslav Lichvar <mlichvar@redhat.com>, NTP WG <ntp@ietf.org>
Thread-Topic: [Ntp] A simpler way to secure PTP
Thread-Index: AQHXREw3H/RmYyg7o0aEx8XpTG+waarcrFMAgAAf1ziAAAuWgIAAA4F9
Date: Mon, 10 May 2021 16:18:39 +0000
Message-ID: <AM7PR02MB576597311CBC1EC81F961FB4CF549@AM7PR02MB5765.eurprd02.prod.outlook.com>
References: <CAJm83bCpio5WwigY6nc9Y0Gt_XSdjUV=sHUz04dOQ0zELPwZxw@mail.gmail.com> <YJkrFjnRPJJHz9da@localhost> <AM7PR02MB57657C935D0E94D223B1D703CF549@AM7PR02MB5765.eurprd02.prod.outlook.com>, <CAJm83bCRMJr4V59m97CUtOnF8Dbsg=pGPTD=n359imxUByJhVg@mail.gmail.com>
In-Reply-To: <CAJm83bCRMJr4V59m97CUtOnF8Dbsg=pGPTD=n359imxUByJhVg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: gmail.com; dkim=none (message not signed) header.d=none; gmail.com; dmarc=none action=none header.from=meinberg-usa.com;
x-originating-ip: [64.30.82.72]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 33da8cb8-1176-4e57-0e2f-08d913cf45c5
x-ms-traffictypediagnostic: AM6PR02MB5365:
x-microsoft-antispam-prvs: <AM6PR02MB5365E67419AB5669FA2E1EA3CF549@AM6PR02MB5365.eurprd02.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:3383;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: sqe/JWSsUOrXBsL2F94Qc0Rxo/Khh7cuOTi1+Dl0Tx0bR2cFeCAxvNhjeHeEMJ51K31afdT7925RsX499s+lNb+irszg0xgTXeGhUO9QlOa7JmnXvl7248L7BD/iadBG6+guMF8E0t+X+1LhcfNUbUbrLopgtCetBQxhn0Vd5Nu3bQx0zZyTbCX+Egl2yymMq6hsk9yz6ko2D3K8EgcBkLfYVKZxUoEpj6ARuLub1CQElybQAJZIe9vVvRfJOL1Edj+lWBqTW3vLV3m6PbZ/6/TQpzHfNNp/V+Tltct3ocf9pTWpZqDbJ9ZP6fHVlWOAOJXJHgj0YOK8dSRvoNj6084rKCRZwVrT5FcD/JvdRKuDg6Ea/RfkoffwOt6xsKT7hl9Xf9Xz/mTLd83w4VOm3jdPxip8T4LBHFNQBtbeGjtyP1fX+TjHFCPFxA70beUqzotsjON3KpsecT2vy9EFuz3LwbZ9TrhRpwkRqimkQzlqw/g8oR/mWch2imahR8rSXbDup/z5OMaDPxIa+Wl36XenbmhbApfmBmyvW1fpq6wq64tiDccsA6YB7AJdfwSfAzuidFF/MWGUs2bKVzXihzvdNGGfcdbUqw1NipJA8Oxs90HBxdOi5HkoeXstWTGXJdVOnNhWhHbXwLNW8htQFQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM7PR02MB5765.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(39830400003)(136003)(366004)(346002)(396003)(376002)(508600001)(54906003)(7696005)(55016002)(6506007)(66446008)(76116006)(66476007)(66556008)(66946007)(33656002)(5660300002)(91956017)(52536014)(186003)(71200400001)(6916009)(2906002)(8936002)(86362001)(122000001)(316002)(53546011)(64756008)(26005)(44832011)(38100700002)(83380400001)(8676002)(9686003)(4326008)(43043002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?CYgAY1AXkkYXKrXKsxyUoozwB2u4yF/aT3B5CQQL3KSev6DjFUPFcMMyuT4c?= =?us-ascii?Q?zRLnDuaxz+gkw9T+UybtmHeS1Gfz9kMzZUycvZzy/UchAk+1FnW+cE+I9DGN?= =?us-ascii?Q?hWokGJSSj7LE/3BZ1NIu5/Gi47rF8OYJaNb/sbMZsSGjlptU7e0yWQhN3jXD?= =?us-ascii?Q?ryRj5XV6AMbVmsWHV8cqYf5qwCnZp0GMMqw0qWre1Bo+88GHhGk6jIAynOYe?= =?us-ascii?Q?krLQTid05PQ373R1JOgz4lZZx7aT1gbgcqCfVLo1xeD3Yv9o2XkHtyfi5x6r?= =?us-ascii?Q?lAfYxIXOneFrMTVAZ8Wo3ywHpBRo2zzq0LRI9A2EMbxPG4y0LwUJYjJzmeOG?= =?us-ascii?Q?Tau43bzVdAc16RShTh8PbZLks1SUQlvu9M7nAQi2iwJJtk6z4RbrRmaFzYxp?= =?us-ascii?Q?X4IclkjssIRoTsAEVUZK7YVU29x+LctP3Vdk2EYb1pn5OB9ifzjZ1WvGTVa2?= =?us-ascii?Q?mxQrZoVPXTpsuYsxHzl0PBRll45KslD6LxfUYHBA/mKA6sFDE3JildviQlje?= =?us-ascii?Q?Rrsf8Ocva8t/Mu2LBdzEWcjZl4Uhj1Rof/1rc7kNqRo140lcEYgdgt7oL70h?= =?us-ascii?Q?9Ky3tACsT5DFCgdN5TSlY4AElwRLtoYKrFSnZ9L4M2RghrDfrh3YoSmtHz5d?= =?us-ascii?Q?RUIjAujMZfmvonF75Vpa4OgUMlpu+wHU+KZN9UR1Nl+Rh7Ylg5DCTL+KfvC+?= =?us-ascii?Q?7QtHpslxwX0qDuNToXpsqU2LRmunTYkgfPAvg59rwI1VR5q/p5Q7yCfhvVbX?= =?us-ascii?Q?3Dh7GYGxfguBUcKXiwLVf/FTfeOxecsjJrlo2R9uTYH3l+Z+clU19g5qoINM?= =?us-ascii?Q?AQpPPvRnhEVeDyGXpHS5JZQ3nAXjG7gLh/0x26QVvcSq79K2s5hMLxe3sdii?= =?us-ascii?Q?Dxm+Pd25kRx70kbXBwD/2xRChjqFV2eBguQdUs1ycs7BUel7JAYoLcrV4vUE?= =?us-ascii?Q?XWRIB7u4SObHjjzABsiFZJA0cMVxAk60gGIv0Pl4h2KdI1WI504xO8wgdCtJ?= =?us-ascii?Q?9Rb0DkIgr4x+GfL414O/I8RU7L338trQohEq1iVt7iyYCwSfqzm9qJp9q8rJ?= =?us-ascii?Q?WWefZd1TzUGJe2oo3ZKHldCCIjxJzDU2YMs1EPZYvok36kUQ6IfRy+Uwz6oO?= =?us-ascii?Q?RdCTuHvebkmVehgKtO7pCvkTw9oTsbGHH+d6Vpa3xFMHDH11IkRPFvPpZJJd?= =?us-ascii?Q?idyWeBb29eKQlXiZQHa5uRdhapmcjDM+EKUx6+TI56y7b39vREcHntZtqgf/?= =?us-ascii?Q?6BgkzoE1fMTt8ECmjP9MIxTmGI48MWdQSzJrGPzqhQ7nRY6R3pWXLTMoZbfC?= =?us-ascii?Q?CShFRrlsGvkAyBZukGFSmQm4EUQrdMZLztWb5iUBtsFNXA=3D=3D?=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_AM7PR02MB576597311CBC1EC81F961FB4CF549AM7PR02MB5765eurp_"
MIME-Version: 1.0
X-OriginatorOrg: meinberg-usa.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM7PR02MB5765.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 33da8cb8-1176-4e57-0e2f-08d913cf45c5
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 May 2021 16:18:39.8091 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d59904cd-769f-4368-8bd0-f5f435893a38
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: SZexf4Wod7hpAyyAKHmz0DV9907YtDoCCJUWnFomMNdooSlyuMXIA/My9JTecVsJ9yXxTZSq02RPGTVZBmAsxxC1GYx4VP02WP+vznNfT2s=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR02MB5365
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/Zcseh3UMSxyMKnEoCGrTqoBjjq4>
Subject: Re: [Ntp] A simpler way to secure PTP
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 May 2021 16:18:49 -0000

Many of the applications of PTP I know of require time transfer accuracy better than half the RTT.  This is achieved using a variety of mechanisms, including:

  *   On-path support
  *   High message rates + lucky packet filters
  *   Synchronous Ethernet
  *   Networks with lightly loaded switches
  *   Preemptive switches
  *   Asymmetry calibration
  *   Multiple PTP domains with different paths to devices needing time
  *   Multiple sources of time, that is PTP, plus other non-PTP time transfer mechanisms in a redundant system

A switch in the middle could mount a delay attack, which is of course immune to cryptography, but the risk could be reduced by non-cryptographic defenses such as time source, or network path redundancy.

NTS4PTP could help against malicious agents which have gained access to the network and start sending bogus PTP messages, for example impersonating the Grandmaster.

Doug





From: Daniel Franke <dfoxfranke@gmail.com>
Date: Monday, May 10, 2021 at 11:21 AM
To: Doug Arnold <doug.arnold@meinberg-usa.com>
Cc: Miroslav Lichvar <mlichvar@redhat.com>om>, NTP WG <ntp@ietf.org>
Subject: Re: [Ntp] A simpler way to secure PTP
On Mon, May 10, 2021 at 10:43 AM Doug Arnold <doug.arnold@meinberg-usa.com<mailto:doug.arnold@meinberg-usa.com>> wrote:
I have heard of people actually doing this in the field as a sanity check.

However, some applications that use PTP can be broken by introducing timing errors that are less than the expected difference between PTP and NTP.

You cannot solve this with cryptography. An adversarial network is, by definition, one where you can't rely on statistical behavior and can't neglect the probability of worst-case outcomes. The worst-case outcome for any unicast protocol is going to be at least half the measured RTT, and for a broadcast protocol the worst case is unbounded. As I've mentioned before, you can improve this a little bit if you know a lower bound on the physical distance `d` between the client and server, in which case you can shrink each of your bounds by `d/c` where `c` is the speed of light, but this still won't get you anywhere near the kind of precision you have in mind. If worst-case, let alone typical-case, NTS4NTP behavior is going to break your application in critical ways, then you MUST have a physically-secure link to your time source. If you have an adversary on your communication path, you're just screwed and cryptography can't save you.