Pitfalls of Provably Secure Systems in Internet the Case of Chronos-NTP
The critical role that Network Time Protocol (NTP) plays in the Internet led to multiple efforts to secure it against time-shifting attacks. A recent proposal for enhancing the security of NTP with Chronos against on-path attackers seems the most promising one and is on a standardisation track of th...
Saved in:
Published in | 2020 50th Annual IEEE-IFIP International Conference on Dependable Systems and Networks-Supplemental Volume (DSN-S) pp. 49 - 50 |
---|---|
Main Authors | , , |
Format | Conference Proceeding |
Language | English |
Published |
IEEE
01.06.2020
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Abstract | The critical role that Network Time Protocol (NTP) plays in the Internet led to multiple efforts to secure it against time-shifting attacks. A recent proposal for enhancing the security of NTP with Chronos against on-path attackers seems the most promising one and is on a standardisation track of the IETF. In this work we demonstrate off-path attacks against Chronos enhanced NTP clients. The weak link is a central security feature of Chronos: The server pool generation mechanism using DNS. We show that the insecurity of DNS allows to subvert the security of Chronos making the time-shifting attacks against Chronos-NTP even easier than attacks against plain NTP. |
---|---|
AbstractList | The critical role that Network Time Protocol (NTP) plays in the Internet led to multiple efforts to secure it against time-shifting attacks. A recent proposal for enhancing the security of NTP with Chronos against on-path attackers seems the most promising one and is on a standardisation track of the IETF. In this work we demonstrate off-path attacks against Chronos enhanced NTP clients. The weak link is a central security feature of Chronos: The server pool generation mechanism using DNS. We show that the insecurity of DNS allows to subvert the security of Chronos making the time-shifting attacks against Chronos-NTP even easier than attacks against plain NTP. |
Author | Waidner, Michael Jeitner, Philipp Shulman, Haya |
Author_xml | – sequence: 1 givenname: Philipp surname: Jeitner fullname: Jeitner, Philipp organization: Technical University of Darmstadt – sequence: 2 givenname: Haya surname: Shulman fullname: Shulman, Haya organization: Fraunhofer Institute for Secure Information Technology SIT – sequence: 3 givenname: Michael surname: Waidner fullname: Waidner, Michael organization: Fraunhofer Institute for Secure Information Technology SIT |
BookMark | eNotjN9KwzAYxSO4Czd9AhHyAq1fkiZNL6XqHIxZ6HY9kuwrK3SpJFHo21txcP7cnPNbkls_eiTkiUHOGFTPr-0uayVwgJzPmQMAL2_IkpVcz1ag78i66VNnhiHSsaNNGH-MHSbaovsOSNspJrxE2nu68QmDx0TTGWltIv7t63MY_Riz3b65J4sZE_Hh2ityeH_b1x_Z9nO9qV-2Wc9BpKwzotRcqtKKExpVuVIgQlEpWTlrLRTOaqu1UswoLKxTaNxJdrYw2M0_Llbk8Z_bI-LxK_QXE6ZjxeQsLX4BCLVJWg |
CODEN | IEEPAD |
ContentType | Conference Proceeding |
DBID | 6IE 6IL CBEJK RIE RIL |
DOI | 10.1109/DSN-S50200.2020.00027 |
DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present |
DatabaseTitleList | |
Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher |
DeliveryMethod | fulltext_linktorsrc |
EISBN | 1728172608 9781728172606 |
EndPage | 50 |
ExternalDocumentID | 9159158 |
Genre | orig-research |
GroupedDBID | 6IE 6IL CBEJK RIE RIL |
ID | FETCH-LOGICAL-i203t-fa3782567b3dea69c73ee049659cbbb04cb8b88661a6e4bc6eacd5fb4aef82523 |
IEDL.DBID | RIE |
IngestDate | Mon Jul 08 05:39:00 EDT 2024 |
IsPeerReviewed | false |
IsScholarly | true |
Language | English |
LinkModel | DirectLink |
MergedId | FETCHMERGED-LOGICAL-i203t-fa3782567b3dea69c73ee049659cbbb04cb8b88661a6e4bc6eacd5fb4aef82523 |
PageCount | 2 |
ParticipantIDs | ieee_primary_9159158 |
PublicationCentury | 2000 |
PublicationDate | 2020-Jun |
PublicationDateYYYYMMDD | 2020-06-01 |
PublicationDate_xml | – month: 06 year: 2020 text: 2020-Jun |
PublicationDecade | 2020 |
PublicationTitle | 2020 50th Annual IEEE-IFIP International Conference on Dependable Systems and Networks-Supplemental Volume (DSN-S) |
PublicationTitleAbbrev | DSN-S |
PublicationYear | 2020 |
Publisher | IEEE |
Publisher_xml | – name: IEEE |
Score | 2.189238 |
Snippet | The critical role that Network Time Protocol (NTP) plays in the Internet led to multiple efforts to secure it against time-shifting attacks. A recent proposal... |
SourceID | ieee |
SourceType | Publisher |
StartPage | 49 |
SubjectTerms | Attack Chronos Computer crime DNS Internet IP networks NTP Off-path Protocols Servers |
Title | Pitfalls of Provably Secure Systems in Internet the Case of Chronos-NTP |
URI | https://ieeexplore.ieee.org/document/9159158 |
hasFullText | 1 |
inHoldings | 1 |
isFullTextHit | |
isPrint | |
link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV3PS8MwFA7bTp5UNvE3OXi0W5YmbXqeziFsDNxgt5GkLzAcrbhW0L_el7ZOFA_e-iMhaUPf997r-74QcsMjKbRw-H07EQbCaRnoxCVBCFpxkVrFnCcnT2fRZCkeV3LVIrd7LgwAVMVn0PeH1b_8NLelT5UNEsTeoVRt0laM11ythpQzZMng7gltkET3h2HYx33FFuM_N02pMGN8SKZfo9WlIs_9sjB9-_FLiPG_0zkivW92Hp3vceeYtCDrkof5pnB6u93R3Pm7b9ps32mVTQfayJLTTUbrDCAUFB0_OkII8-0rhdx8F8wW8x5Zju8Xo0nQbJIQbDgLi8DpEEFeRrEJU9BRYuMQgFUq8NYYw4Q1yiiFMKwjEMZGaGlT6YzQ4LAfD09IJ8szOCVU4rmRVqQagwwpuUqx9dArzscRi21yRrr-Jaxfah2MdfP8539fviAHfhnqsqpL0ileS7hCAC_MdbVyn-wbnIw |
link.rule.ids | 310,311,786,790,795,796,802,27958,55109 |
linkProvider | IEEE |
linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV3PT8IwFG4QD3pSA8bf9uDRQdnabjujiAqEREi4kbZ7TYhkMzJM9K_3dZsYjQdvbdem3Zr163t931dCrnwpuOIW_2_LA49bJTwV29gLQEU-T0zErCMnD0eyP-UPMzGrkesNFwYAiuAzaLlkcZafZGbtXGXtGLG3I6Itso04z-KSrVXRcjDfvnnCVUjgBoih4ee7mC3m_7w2pUCN3h4ZfvVXBos8t9a5bpmPX1KM_x3QPml-8_PoeIM8B6QGaYPcjRe5VcvlimbWPX1TevlOC3860EqYnC5SWvoAIae49aNdBDFXv9DIzVbeaDJukmnvdtLte9U1Cd7CZ0HuWRUgzAsZ6iABJWMTBgCs0IE3WmvGjY50FCEQKwlcG4lrbSKs5gostvODQ1JPsxSOCBWY18LwRKGZIYQfJVi74zTnQ8lCEx-ThvsI85dSCWNevf_J38WXZKc_GQ7mg_vR4ynZdVNSBlmdkXr-uoZzhPNcXxSz-AlgjZ_i |
openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2020+50th+Annual+IEEE-IFIP+International+Conference+on+Dependable+Systems+and+Networks-Supplemental+Volume+%28DSN-S%29&rft.atitle=Pitfalls+of+Provably+Secure+Systems+in+Internet+the+Case+of+Chronos-NTP&rft.au=Jeitner%2C+Philipp&rft.au=Shulman%2C+Haya&rft.au=Waidner%2C+Michael&rft.date=2020-06-01&rft.pub=IEEE&rft.spage=49&rft.epage=50&rft_id=info:doi/10.1109%2FDSN-S50200.2020.00027&rft.externalDocID=9159158 |