Cryptology ePrint Archive: Report 2015/171

Authenticated Network Time Synchronization

Benjamin Dowling and Douglas Stebila and Greg Zaverucha

Abstract: The Network Time Protocol (NTP) is used by many network-connected devices to synchronize device time with remote servers. Many security features depend on the device knowing the current time, for example in deciding whether a certificate is still valid. Currently, most services implement NTP without authentication, and the authentication mechanisms available in the standard have not been formally analyzed, require a pre-shared key, or are known to have cryptographic weaknesses. In this paper we design an authenticated version of NTP, called ANTP, a generic construction which protects against desynchronization attacks. To make ANTP suitable for large-scale deployments, it is designed to minimize server-side public-key operations and requires no server-side state. Additionally, ANTP ensures that authenticity does not degrade accuracy. Authentication adds no latency to server responses, by using the fact that authentication information can arrive in a separate, subsequent message. We define a novel provable security framework involving adversary control of time, and use the framework to analyze ANTP. The framework may also be used to analyze other secure time synchronization protocols.

Category / Keywords: cryptographic protocols / time-synchronization, Network Time Protocol (NTP), provable security, network security

Date: received 27 Feb 2015

Contact author: gregz at microsoft com

Available format(s): PDF | BibTeX Citation

Version: 20150227:223623 (All versions of this report)

Short URL: ia.cr/2015/171

Discussion forum: Show discussion | Start new discussion