TY - GEN
T1 - A Devil of a Time
T2 - 28th Annual Network and Distributed System Security Symposium, NDSS 2021
AU - Perry, Yarin
AU - Rozen-Schiff, Neta
AU - Schapira, Michael
N1 - Publisher Copyright: © 2021 28th Annual Network and Distributed System Security Symposium, NDSS 2021. All Rights Reserved.
PY - 2021
Y1 - 2021
N2 - The Network Time Protocol (NTP) synchronizes time across computer systems over the Internet and plays a crucial role in guaranteeing the correctness and security of many Internet applications. Unfortunately, NTP is vulnerable to so called time shifting attacks. This has motivated proposals and standardization efforts for authenticating NTP communications and for securing NTP clients. We observe, however, that, even with such solutions in place, NTP remains highly exposed to attacks by malicious timeservers. We explore the implications for time computation of two attack strategies: (1) compromising existing NTP timeservers, and (2) injecting new timeservers into the NTP timeserver pool. We first show that by gaining control over fairly few existing timeservers, an opportunistic attacker can shift time at state-level or even continent-level scale. We then demonstrate that injecting new timeservers with disproportionate influence into the NTP timeserver pool is alarmingly simple, and can be leveraged for launching both large-scale opportunistic attacks, and strategic, targeted attacks. We discuss a promising approach for mitigating such attacks.
AB - The Network Time Protocol (NTP) synchronizes time across computer systems over the Internet and plays a crucial role in guaranteeing the correctness and security of many Internet applications. Unfortunately, NTP is vulnerable to so called time shifting attacks. This has motivated proposals and standardization efforts for authenticating NTP communications and for securing NTP clients. We observe, however, that, even with such solutions in place, NTP remains highly exposed to attacks by malicious timeservers. We explore the implications for time computation of two attack strategies: (1) compromising existing NTP timeservers, and (2) injecting new timeservers into the NTP timeserver pool. We first show that by gaining control over fairly few existing timeservers, an opportunistic attacker can shift time at state-level or even continent-level scale. We then demonstrate that injecting new timeservers with disproportionate influence into the NTP timeserver pool is alarmingly simple, and can be leveraged for launching both large-scale opportunistic attacks, and strategic, targeted attacks. We discuss a promising approach for mitigating such attacks.
UR - http://www.scopus.com/inward/record.url?scp=85134643828&partnerID=8YFLogxK
U2 - https://doi.org/10.14722/ndss.2021.24302
DO - https://doi.org/10.14722/ndss.2021.24302
M3 - منشور من مؤتمر
T3 - 28th Annual Network and Distributed System Security Symposium, NDSS 2021
BT - 28th Annual Network and Distributed System Security Symposium, NDSS 2021
PB - The Internet Society
Y2 - 21 February 2021 through 25 February 2021
ER -