Pitfalls of Provably Secure Systems in Internet the Case of Chronos-NTP
The critical role that Network Time Protocol (NTP) plays in the Internet led to multiple efforts to secure it against time-shifting attacks. A recent proposal for enhancing the security of NTP with Chronos against on-path attackers seems the most promising one and is on a standardisation track of th...
Saved in:
| Published in | 2020 50th Annual IEEE-IFIP International Conference on Dependable Systems and Networks-Supplemental Volume (DSN-S) pp. 49 - 50 |
|---|---|
| Main Authors | , , |
| Format | Conference Proceeding |
| Language | English |
| Published |
IEEE
01.06.2020
|
| Subjects | |
| Online Access | Get full text |
Cover
Loading…
| Abstract | The critical role that Network Time Protocol (NTP) plays in the Internet led to multiple efforts to secure it against time-shifting attacks. A recent proposal for enhancing the security of NTP with Chronos against on-path attackers seems the most promising one and is on a standardisation track of the IETF. In this work we demonstrate off-path attacks against Chronos enhanced NTP clients. The weak link is a central security feature of Chronos: The server pool generation mechanism using DNS. We show that the insecurity of DNS allows to subvert the security of Chronos making the time-shifting attacks against Chronos-NTP even easier than attacks against plain NTP. |
|---|---|
| AbstractList | The critical role that Network Time Protocol (NTP) plays in the Internet led to multiple efforts to secure it against time-shifting attacks. A recent proposal for enhancing the security of NTP with Chronos against on-path attackers seems the most promising one and is on a standardisation track of the IETF. In this work we demonstrate off-path attacks against Chronos enhanced NTP clients. The weak link is a central security feature of Chronos: The server pool generation mechanism using DNS. We show that the insecurity of DNS allows to subvert the security of Chronos making the time-shifting attacks against Chronos-NTP even easier than attacks against plain NTP. |
| Author | Waidner, Michael Jeitner, Philipp Shulman, Haya |
| Author_xml | – sequence: 1 givenname: Philipp surname: Jeitner fullname: Jeitner, Philipp organization: Technical University of Darmstadt – sequence: 2 givenname: Haya surname: Shulman fullname: Shulman, Haya organization: Fraunhofer Institute for Secure Information Technology SIT – sequence: 3 givenname: Michael surname: Waidner fullname: Waidner, Michael organization: Fraunhofer Institute for Secure Information Technology SIT |
| BookMark | eNotjN9KwzAYxSO4Czd9AhHyAq1fkiZNL6XqHIxZ6HY9kuwrK3SpJFHo21txcP7cnPNbkls_eiTkiUHOGFTPr-0uayVwgJzPmQMAL2_IkpVcz1ag78i66VNnhiHSsaNNGH-MHSbaovsOSNspJrxE2nu68QmDx0TTGWltIv7t63MY_Riz3b65J4sZE_Hh2ityeH_b1x_Z9nO9qV-2Wc9BpKwzotRcqtKKExpVuVIgQlEpWTlrLRTOaqu1UswoLKxTaNxJdrYw2M0_Llbk8Z_bI-LxK_QXE6ZjxeQsLX4BCLVJWg |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/DSN-S50200.2020.00027 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| EISBN | 1728172608 9781728172606 |
| EndPage | 50 |
| ExternalDocumentID | 9159158 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IL CBEJK RIE RIL |
| ID | FETCH-LOGICAL-i203t-fa3782567b3dea69c73ee049659cbbb04cb8b88661a6e4bc6eacd5fb4aef82523 |
| IEDL.DBID | RIE |
| IngestDate | Mon Jul 08 05:39:00 EDT 2024 |
| IsPeerReviewed | false |
| IsScholarly | true |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i203t-fa3782567b3dea69c73ee049659cbbb04cb8b88661a6e4bc6eacd5fb4aef82523 |
| PageCount | 2 |
| ParticipantIDs | ieee_primary_9159158 |
| PublicationCentury | 2000 |
| PublicationDate | 2020-Jun |
| PublicationDateYYYYMMDD | 2020-06-01 |
| PublicationDate_xml | – month: 06 year: 2020 text: 2020-Jun |
| PublicationDecade | 2020 |
| PublicationTitle | 2020 50th Annual IEEE-IFIP International Conference on Dependable Systems and Networks-Supplemental Volume (DSN-S) |
| PublicationTitleAbbrev | DSN-S |
| PublicationYear | 2020 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| Score | 2.189238 |
| Snippet | The critical role that Network Time Protocol (NTP) plays in the Internet led to multiple efforts to secure it against time-shifting attacks. A recent proposal... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 49 |
| SubjectTerms | Attack Chronos Computer crime DNS Internet IP networks NTP Off-path Protocols Servers |
| Title | Pitfalls of Provably Secure Systems in Internet the Case of Chronos-NTP |
| URI | https://ieeexplore.ieee.org/document/9159158 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV3PS8MwFA7bTp5UNvE3OXi0W5YmbXqeziFsDNxgt5GkLzAcrbhW0L_el7ZOFA_e-iMhaUPf997r-74QcsMjKbRw-H07EQbCaRnoxCVBCFpxkVrFnCcnT2fRZCkeV3LVIrd7LgwAVMVn0PeH1b_8NLelT5UNEsTeoVRt0laM11ythpQzZMng7gltkET3h2HYx33FFuM_N02pMGN8SKZfo9WlIs_9sjB9-_FLiPG_0zkivW92Hp3vceeYtCDrkof5pnB6u93R3Pm7b9ps32mVTQfayJLTTUbrDCAUFB0_OkII8-0rhdx8F8wW8x5Zju8Xo0nQbJIQbDgLi8DpEEFeRrEJU9BRYuMQgFUq8NYYw4Q1yiiFMKwjEMZGaGlT6YzQ4LAfD09IJ8szOCVU4rmRVqQagwwpuUqx9dArzscRi21yRrr-Jaxfah2MdfP8539fviAHfhnqsqpL0ileS7hCAC_MdbVyn-wbnIw |
| link.rule.ids | 310,311,786,790,795,796,802,27958,55109 |
| linkProvider | IEEE |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV3PT8IwFG4QD3pSA8bf9uDRQdnabjujiAqEREi4kbZ7TYhkMzJM9K_3dZsYjQdvbdem3Zr163t931dCrnwpuOIW_2_LA49bJTwV29gLQEU-T0zErCMnD0eyP-UPMzGrkesNFwYAiuAzaLlkcZafZGbtXGXtGLG3I6Itso04z-KSrVXRcjDfvnnCVUjgBoih4ee7mC3m_7w2pUCN3h4ZfvVXBos8t9a5bpmPX1KM_x3QPml-8_PoeIM8B6QGaYPcjRe5VcvlimbWPX1TevlOC3860EqYnC5SWvoAIae49aNdBDFXv9DIzVbeaDJukmnvdtLte9U1Cd7CZ0HuWRUgzAsZ6iABJWMTBgCs0IE3WmvGjY50FCEQKwlcG4lrbSKs5gostvODQ1JPsxSOCBWY18LwRKGZIYQfJVi74zTnQ8lCEx-ThvsI85dSCWNevf_J38WXZKc_GQ7mg_vR4ynZdVNSBlmdkXr-uoZzhPNcXxSz-AlgjZ_i |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2020+50th+Annual+IEEE-IFIP+International+Conference+on+Dependable+Systems+and+Networks-Supplemental+Volume+%28DSN-S%29&rft.atitle=Pitfalls+of+Provably+Secure+Systems+in+Internet+the+Case+of+Chronos-NTP&rft.au=Jeitner%2C+Philipp&rft.au=Shulman%2C+Haya&rft.au=Waidner%2C+Michael&rft.date=2020-06-01&rft.pub=IEEE&rft.spage=49&rft.epage=50&rft_id=info:doi/10.1109%2FDSN-S50200.2020.00027&rft.externalDocID=9159158 |