A security analysis of the NTP protocol version 2

Author

Bishop, Matt

Author_Institution

Dept. of Math. & Comput. Sci., Dartmouth Coll., Hanover, NH, USA

fYear

1990

fDate

3-7 Dec 1990

Firstpage

20

Lastpage

29

Abstract

The network time protocol (NTP) is being used throughout the Internet to provide an accurate time service. The author examines the security requirements of such a service, analyzes version 2 of the NTP protocol to determine how well it meets these requirements, and suggests improvements where appropriate. Five types of security attacks on a time service are possible. An attacker could cause a nontime server to impersonate a time server (masquerade), an attacker could modify some (or all) time messages sent by a time server (modification), an attacker could resend a time server´s time messages (replay), an attacker could intercept a time server´s time messages and delete them (denial of service), and an attacker could delay the time messages by, for example, deliberately flooding the network, thereby introducing large transmission delays (delay)

Keywords

computer networks; protocols; security of data; time measurement; Internet; NTP protocol version 2; WAN protocol; accurate time service; large transmission delays; masquerade; modification; network time protocol; nontime server; replay; security analysis; security requirements; time messages; Access protocols; Clocks; Computer science; Delay effects; Educational institutions; Frequency synchronization; Liver; Mathematics; Network servers; Propagation delay;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Applications Conference, 1990., Proceedings of the Sixth Annual

Conference_Location

Tucson, AZ

Print_ISBN

0-8186-2105-2

Type

conf

DOI

10.1109/CSAC.1990.143746

Filename

143746