Re: [Ntp] The NTP WG has placed draft-schiff-ntp-chronos in state "Call For Adoption By WG Issued"

Harlan Stenn <stenn@nwtime.org> Tue, 10 September 2019 09:14 UTC

Return-Path: <stenn@nwtime.org>
X-Original-To: ntp@ietfa.amsl.com
Delivered-To: ntp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 403F9120052 for <ntp@ietfa.amsl.com>; Tue, 10 Sep 2019 02:14:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I-MCGUW9za93 for <ntp@ietfa.amsl.com>; Tue, 10 Sep 2019 02:14:47 -0700 (PDT)
Received: from chessie.everett.org (chessie.everett.org [66.220.13.234]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 608271200EB for <ntp@ietf.org>; Tue, 10 Sep 2019 02:14:47 -0700 (PDT)
Received: from [10.208.75.157] (75-139-194-196.dhcp.knwc.wa.charter.com [75.139.194.196]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by chessie.everett.org (Postfix) with ESMTPSA id 46SKBc67FRzL7Y; Tue, 10 Sep 2019 09:15:36 +0000 (UTC)
To: ntp@ietf.org
References: <156697054476.22343.803396183712486000.idtracker@ietfa.amsl.com> <36f6c676-7937-4876-3c38-e12d39be2666@nwtime.org> <CAM-HxCPGif77Nwj0gC4_paxczwyYTxo9tvgEFZ5V43AyUGLM7w@mail.gmail.com>
From: Harlan Stenn <stenn@nwtime.org>
Openpgp: preference=signencrypt
Autocrypt: addr=stenn@nwtime.org; prefer-encrypt=mutual; keydata= mQGNBFI2xmQBDACrPayw18eU4pIwCvKh7k0iMkAV9cvzs49kBppM+xoH+KKj4QWmkKELD39H ngQnT3RkKsTLlwxyLqPdUmeQNAY2M5fsOK+OF6EvwLPK9hbmE3Wx2moX+sbEUxJ2VzFhKSKb OPZALXwk1XxL0qBedz0xHYcDwaSAZZkEFXURv2pDIdrmnoUnq2gdC8GpoFJiXoUaCLSYzzaY ac4Njw7Mue8IqfzRQb70aMjXl/qmsmfmEVAyGXywDdc/ler4XSgiuYOV7Kf69bj9PFZZSMdJ MWgEyZH6lJ0TU5ccR2zp5ZRmWzQQkxJMyH2th7q0Nmz3aX4A0K4yE0Ba9/5Dr7ctpF15BrMF aEo4s5lwI6tUnkgMWo265mMzCz4mAPV/ac0w0OXQg7r9E2r0+dRapnzUlG43D0JLDqDr9uRR L6IrRQqoCWUC75lfmPYQYSlaTJaK68r3lXd0z1cXJUgVtEL5H3/Z71R2B20twcQVAnw2iIH6 L5vdrsIjHrMmkqRVbs9nNyEAEQEAAbQ5SGFybGFuIFN0ZW5uIChOZXR3b3JrIFRpbWUgRm91 bmRhdGlvbikgPHN0ZW5uQG53dGltZS5vcmc+iQG5BBMBAgAjBQJSNsblAhsvBwsJCAcDAgEG FQgCCQoLBBYCAwECHgECF4AACgkQyIwAt1pH+kBlzgv/QOg70vdj8wU/z97UPdlbxtN4THAB gfSX4N0VPKT5fjX1tFhuXZQAOv7wedR3Trh7TGteyg33TBAFf9A42mXZKi1IxAiQG118Hd8I 51rXwnugURIYQaIyQI+vbchRbwVyz+mVLTI/h6FdbsVzT4UFmir+ZMkb/XeZPu0HItk4OZHE 6hk+TuTiCnlqlCPLq371fXV54VOb91WZYD8EQFtK02QHGHsQqWvapdphiDVpYehmsPyiTESq NMKLVtjtyPkQ6S7QF3slSg+2q3j8lyxEA78Yl0MSFNU8B/BtKgzWP2itBOfi+rtUKg+jOY1V /s2uVk2kq2QmHJ/s5k5ldy3qVvoTpxvwBe0+EoBocTHYt+xxp0mTM6YY1xLiQpLznzluqg9z qtejX1gZOF4mgLiBIrhXzed3zsAazhTp5rNb1kn0brZFh6JC5Wk941eilnA4LqX8AWo0lmwo eb+mpwZK/5lNdage/anpVqft9wJ/8EcvST9TLUO4fPrmT3d/0LpWuQGNBFI2xmQBDADXLsBk I7CSa5UXlrNVFJQHER1VxRBKqjWWCh/8Qv9v3p3NrIc2UnhoZ1uWQ2voBGty5Xfy9k4afV5k WwDyRDUIb7PX+Tj4HjVVr7qvnOVe/0KzZpNq0Azd0ggFbsM+8mydktHIwJykW0NUsGwPRYuD OA0Lro0ohb5IiCt3sSQi1X1hYjo7O1Vmn8Gy/XYOnhnMux+5zDPO2yTkCNX5PocYi9IJJy6p Mq1yQV4Y2Dl8KtQzvtq55vCUxx6n0MMzFViGwNW6F4ge9ItO4tDScsgowDrHa208ehwOpv/i wjf93lCClQ6vaKmOBX872K/tdY/hwhxPPjgl1bcrOwMRYVemOPPehwnXH5bwclk1hvDQdkJQ 5pJOkE4VCryTF/iDAt4g2QnHocUwt3b6/ChUUWmj2GZ22OR12rbnCtLedwp0DpViKPUCQHBO vpgXdzE/L9zWar9fqM0EREMgfWbsJc9028qluCcFLIN1gYsq4cC+YGAcOu7HOI5orBBV4m9j XfsAEQEAAYkDPgQYAQIACQUCUjbGZAIbLgGpCRDIjAC3Wkf6QMDdIAQZAQIABgUCUjbGZAAK CRDfCQ/G52/8P/uWDACe7OEM+VETDRqjQgAwzX+RjCVPvtgrqc1SExS0fV7i1mUUxr/B8io3 Y1cRHFoFKmedxf8prHZq316Md5u4egjFdTT6ZqEqkK0hvv+i0pRpCa5EX9VIStcJStomZp8F cY34grA+EOWITaLQ4qNZUP7rf2e7gq1ubQTj7uLr6HZZvMZ5em+IvrOWEuWDI6yOiI6px04w RDfkoR2h6kgdw4V0PT4NjK9WYYKrVCf1bjLlVImNBEcXfvlUTrIYO8y6ptvoUsBQky5pQRvP 99Pn42WfyLy50aII6+vyudD4T0yLjXAz4KteUttxtIte64m/F9/7GEIZAxTUcLyOq/7bP4le h39jBckwc62iYzeK/VkU/bMMh2D68Z3QylMnhhcW27BcgQHPKsHhmFa2SNytYcuQiSdf9+pj 4i32ETz1nJAvYAAqgTF/0PL+8ZNQoEpe/n9woMKrlZrqD4EgFmhQ3bNVhlaXz1nuTZDrwPt1 yMxBuUNbCF4jFnaruwrSiGTRoIfUZQwAjQglahrV4/mcjfnvbNoseHX0PKd9q+wjg7MIjWqr f2CI8Fa6MdanqwYphz43I2yXANKFZuMWsWqyQYlvGuPUlUUcAL3stp24RkzDB1Q+JS0IZJST T2JSu0aTfUdWVNqr2UI19eX+zxbOTckSi3Ng14ezG8ZX194ZH10b8JzntQOwmA20pd5JDhug zQfASER+CZDiPPcQ4mvC4y7rMrfV6XGQbDynC3ekDxo8SC5SvjaczXMwXg6SZ8iFtEWmEwW9 r7zPjjIPDrX8w5LXBgxArM5o/HbERpc2EdAvMh1D7LC0SvmoE7fBKxsicVBe4h6vXjEZ+LLr /wuZiBld9OnxAUIpwptbBspO6WKTQYvgFH2OeDG27hiE5P4Xs4WSp5j9ez8OVB1iZnA2nCQ+ tNTjO8c+C/P92vPLx5+bpGRXTXMNaLh34PS3ZsYoUDkKZNhczRZUWJ7nynSbeeyF+QW7SLwA qY7O7dyk9LFTsfJqRQJ7tWnIAjJPCwmSgQ8Kl0UJ
Message-ID: <3bab5589-17c6-72d8-ac3e-5eb0f4df8a7c@nwtime.org>
Date: Tue, 10 Sep 2019 02:14:45 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0
MIME-Version: 1.0
In-Reply-To: <CAM-HxCPGif77Nwj0gC4_paxczwyYTxo9tvgEFZ5V43AyUGLM7w@mail.gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ntp/hpu0BW05OynZGnUAOjBB3b-m9-k>
Subject: Re: [Ntp] The NTP WG has placed draft-schiff-ntp-chronos in state "Call For Adoption By WG Issued"
X-BeenThere: ntp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <ntp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ntp>, <mailto:ntp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ntp/>
List-Post: <mailto:ntp@ietf.org>
List-Help: <mailto:ntp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ntp>, <mailto:ntp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Sep 2019 09:14:50 -0000

Hi Neta,

I want to see this sort of information either in the actual RFC or in
related RFCs, even for Informational documents.

I still have other issues with some of the core assumptions, and I'm not
currently able to elaborate on those now.

H

On 9/10/2019 1:16 AM, Neta R S wrote:
> Hi Harlan,
> 
> Please see a brief description of Chronos threat model, Chronos
> algorithm and security analysis below.
> 
> *_Threat model: 
> _*Chronos considers a powerful form of man-in-the-middle (MitM)
> Byzantine attacker, capable of determining precisely the values of the
> time samples gathered by the Chronos client from
> a subset of the NTP servers in its server pool (up to one-third of the
> pool).
> 
> *_A short reminder of Chronos' algorithm:
> _*- Chronos client choose m servers at random, queries them, orders
> their m samples according to their value, drop the d lowest and highest
> samples.
> - Then it tests the remaining set, and use its average as the new
> client's clock only if the two conditions are satisfied:
> 1 - All the samples are close (up to 2w)
> 2 - Their average is close to the clients clock (up to ERR+2w)
> Otherwise - the client resamples (choose again m servers at random,
> queries them, orders them from low to high and drop the d lowest and the
> d highest and tests the remaining set again).
> After the client resamples (fails in the tests) K times, it moves to the
> panic mode where all the servers are sampled.
> 
> *_Security analysis
> _*Chronos draft is based on the Chronos paper, which provide a security
> analysis.
> It was proved mathematically, that since Chronos use (slightly) more
> servers to update, and choose them at random, the probability of
> successful MitM attack decreases dramatically compares to NTPv4.
> The improvement factor depends on the number of servers queries by
> Chronos client at each update. For example, if the attacker controls 1/7
> of the servers in the pool, while querying 14 servers per update,
> Chronos client can reduce its probability for timeshifthimg by a factor
> of approximately 1000.
> 
> Moreover, we considered the spectrum of feasible attack scenarios in
> order to evaluate the
> effectiveness of Chronos in thwarting timeshifting attacks.
> The scenarios depend on how many malicious servers were queried.
> We considered two scenarios:
> 
> _-  Scenario I: Less than m-d of the queried servers are under the
> attacker’s control._
> It means, that there are more than d ''good'' samples (defined as up to
> w away from the UTC).
> In this scenario, there are two options:
> 
> 1. There is at least one ''good'' sample in the remaining set, and then
> the others should be close to it (according to condition 1, otherwise
> the client resamples). 
> Then, the average of the samples in the remaining set (which is used to
> update the client's clock) is close to the UTC.
> 
> 2. There are no ''good'' samples in the remaining set. Thus, since there
> are more than d ''good'' samples, the values of remain set are bounded
> by ''good'' samples. 
> Thus, the average of the remaining set is also close to the UTC
> 
> Therefore, these attack strategies are ineffective.
> 
> _- Scenario II:  More than m-d of the queried servers are under the
> attacker’s control._
> In the worst case of this scenario, all the samples in the remaining set
> are ''bad'' (more than w away from the UTC).
> However, we proved in the paper that the probability of this scenario is
> extremely low (since it requires malicious servers to be randomly chosen
> at a much higher ratio than their ratio in the population – the pool)..
> Thus, the probability of repeated time shift is even exponentially lower
> – negligible.
> Consequently, a significant time shift is practically infeasible
> 
> 
> Moreover, we examined the probability of DoS attack on the servers by an
> attacker who cause many clients to resample and reach the panic mode
> multiple times.
> We found that the probability of this attack is extremely low, even if
> the client moves to panic mode directly after 3 times of resampling.
> 
> *_Next step:
> _*We are continuing to evaluate Chronos's performance and security for
> different attack strategies and at different locations.
> 
> Detailed discussions (along with the parameters evaluation can be seen
> in the full paper:
> https://www.ndss-symposium.org/wp-content/uploads/2018/02/ndss2018_02A-2_Deutsch_paper.pdf)
> 
> 
> Neta
> 
> _______________________________________________
> ntp mailing list
> ntp@ietf.org
> https://www.ietf.org/mailman/listinfo/ntp
> 

-- 
Harlan Stenn, Network Time Foundation
http://nwtime.org - be a Member!