Malhotra, Aanchal, et al. "Attacking the Network Time Protocol." NDSS. 2016.
https://eprint.iacr.org/2015/1020.pdf
Authors:
Talk https://www.youtube.com/watch?v=_m4rPgi-b90&feature=youtu.be
Slides https://www.cs.bu.edu/~goldbe/papers/ntpTCEschool.pdf
Protocol | Minimum time shift |
---|---|
TLS Certs | years |
HTTP Strict Transport Security (HSTS) | 1 year |
DNSSEC | a month |
HTTP Public Key Pinning (HPKP) | months |
DNS Caches | days |
Resource Public Key Infrastructure (RPKI) | days |
Bitcoin | hours |
API authentication | minutes |
Kerberos | minutes |
Table I - Attacking various applications with NTP.
For an amusing talk by Joe Klein detailing the possible (and past) impact of timing attacks, see https://youtu.be/XogpQ-iA6Lw.
Source: https://labs.apnic.net/?p=462
Round trip delay: ฮด = (T4 โ T1 ) โ (T3 โ T2 )
Timeshift between client and server assuming forward and reverse dealy are symetric: ฮธ = 1/2 ((T2 โ T1) + (T3 โ T4))
Special messages:
Monlist responses are a trove of information, listing all IPs that had recently sent NTP packets (of any mode) to the server.
Nobody should be using autokey. Or from the other direction, if you are using autokey you should stop using it.
โ ~ dig +short pool.ntp.org
85.90.244.165
159.69.150.81
185.207.104.70
78.47.249.55
โ ~ dig +short 2.debian.pool.ntp.org
159.69.150.81
94.16.116.137
82.100.248.10
162.159.200.123
โ ~ dig +short time.apple.com
time-osx.g.aaplimg.com.
17.253.54.123
17.253.52.253
17.253.52.125
17.253.54.251
17.253.54.253
โ ~ timedatectl timesync-status
Server: 82.100.248.10 (2.debian.pool.ntp.org)
Poll interval: 34min 8s (min: 32s; max 34min 8s)
Leap: normal
Version: 4
Stratum: 2
Reference: BD8DA03D
Precision: 1us (-23)
Root distance: 34.308ms (max: 5s)
Offset: -69.660ms
Delay: 24.523ms
Jitter: 29.104ms
Packet count: 29
Frequency: +25,316ppm
Query a specific NTP server:
โ ~ sudo ntpdate 0.debian.pool.ntp.org
24 Jan 17:59:23 ntpdate[19211]: adjust time server 131.234.220.231 offset 0.030175 sec
โ ~ sudo ntpdate localhost
24 Jan 17:59:43 ntpdate[19216]: no server suitable for synchronization found
Number of publicly reachable computers running ntpd:
a total of 13,076,290 IPs that potentially run NTP servers
Large amounts of badly outdated deployments:
Meanwhile, Table II shows that ntpd v4.1.1 (released 2001) and v4.2.6 (released 2008) are most popular; the current release v4.2.8 (released 2014) is ranked only 8 th amongst the systems we see.