• No results found

Network Time Security

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Network Time Security"

Copied!
17
0
0

Loading.... (view fulltext now)

Download now ( 17 Page )

Full text

(1)

Network Time Security

draft-ietf-ntp-network-time-security-08 draft-ietf-ntp-cms-for-nts-message-02 draft-ietf-ntp-using-nts-for-ntp-00

Dr. Dieter Sibold Kristof Teichel Stephen R¨ottger

(2)

Outline

History Scope Progress/Major Changes New Structure NTS Document CMS-for-NTS Document NTS-for-NTP Document Non IETF activities

IEEE P1588 WG

(3)

History

I IETF 83: Presentation of security issues of RFC 5906 (autokey)

I IETF 84: Presentation of plan for a new autokey standard

I IETF 85–86: I-D “draft-sibold-autokey-nn”

I IETF 87–90: I-D “draft-ietf-ntp-network-time-security-nn”

I IETF 91: Continuation as “draft-ietf-ntp-network-time-security-05” and addition of document “draft-ietf-ntp-cms-for-nts-message-00”

I Submission January 2015: (January 16) draft-ietf-ntp-network-time-security-06 (January 22) draft-ietf-ntp-cms-for-nts-message-01 I Submission March 2015: (March 03) draft-ietf-ntp-network-time-security-07 (March 05) draft-ietf-ntp-network-time-security-08 (March 06) draft-ietf-ntp-cms-for-nts-message-02 (March 06) draft-ietf-ntp-using-nts-for-ntp-00

(4)

Scope

Network Time Security shall provide:

I Authenticity of time servers

I Integrity of synchronization data packets

I Conformity with TICTOC’s Security Requirements (RFC 7384)

(5)

Progress/Major Changes

I Contract signed with NTF, implementation underway

I Protocol Messages:

Added a nonce to association exchange and extended signature in response message over request data

I Feedback:

Tal Mizrahi

Authors ofAuthenticated NTP article

I Document Structure:

Overhaul of main document to be more generic (less NTP specific) Overhaul of “draft-ietf-cms-for-nts-message” to also be more generic Addition of document “draft-ietf-ntp-using-nts-on-ntp”

(6)
(7)

New Structure: Main Document

Main document now contains

I Objectives (protocol-independent)

I NTS overview (protocol-independent)

I List of message exchanges, each with:

Goals of this specific message exchange (isolated) All necessary message types

Exchange procedure overview with diagram

I Considerations on server seed, hash algorithms and MAC generation

(all generic; no specific data like bit lengths)

I Protocol-independent security considerations

(added privacy discussion)

I Table of requirements (RFC 7384)

I Description of how NTS employs TESLA

(generic with respect to bit lengths, choice of one-way function etc.)

(8)

New Structure: CMS-4-NTS

CMS-4-NTS document now contains:

I CMS conventions

Definition of archetypes

Use of pre-defined CMS content types

I ASN.1 structures for different message types

(each has a comment on what additional information is needed for the message type)

(9)

New Structure: NTS-4-NTP

NTS-4-NTP document contains:

I Objectives for NTS-secured NTP

I Overview of NTS-secured NTP (unicast and broadcast mode)

I Protocol Sequence

Split into client and server behaviour description, each split into unicast and broadcast sequence

Sequence and order as appropriate for NTP

Behaviour description overlaps with main document

I Implementation notes: extends description from CMS-for-NTS

document and gives specifics

I NTP-specific security considerations (e.g. NTP pools)

(10)

IEEE P1588 working group: NTS-4-PTP

First draft of NTS-4-PTP document contains:

I Protocol sequence as appropriate for PTP in mixed communication

mode

(11)

Report: ANTP Project (1)

ANTP Contributors:

I Queensland University of Technology:

Benjamin Dowling, Douglas Stebila

I Microsoft Research:

Greg Zaverucha

Goals for ANTP:

I Authentication of single NTP server to SNTP client

I Integrity protection

I No server-side state for each client

(12)

Report: ANTP Project (2)

Main Differences between ANTP and NTS approaches: Differences in Scope:

I ANTP has no use of client certificates

→ no client authorization

I ANTP does not secure NTP broadcast

Differences in Methods:

I ANTP encrypts server state; transmits it to appropriate client

NTS recalculates server state upon a time request

(13)

Next steps

I Version 09

I Future versions

Consideration of DANE IANA Considerations

I Review and comments are requested from:

TICTOC Working Group NTP Working Group NTP development team

(14)

APPENDIX: Detailed Diff (1)

I Overhaul of main document to be more generic (less NTP specific)

Removed differentiation of unicast and broadcast “mode” Removed NTP inspired protocol sequence

Replaced protocol sequence by message dependency diagram Removed specific data like bit length of nonces and keys Removed protocol specific discussion like usage of NTP pools

I Overhaul of “draft-ietf-cms-for-nts-message” to also be more generic

(15)

APPENDIX: Detailed Diff (2)

I Clean-up of generic main document:

Reworked Introduction Reworked Objectives section

Generalized formulation of method for achieving initial time synchronization for TESLA

Reworked message dependecy diagram Refreshed requirements table (RFC 7384) For each message exchange, added:

• description of purpose • procedure overview

Security Considerations:

• Added paragraph on privacy

• Shortened paragraph on certificate validation • Moved paragraph on random number generation here

(16)

APPENDIX: Detailed Diff (3)

I Feedback:

Feedback from Tal

• Overhaul of terminology section (common terminology NTP/PTP) • Clarified the use of client certificates and public keys

• Added message exchange flow diagrams

• Added table for required pre-shared keys during communication • Appropriately marked appendices as normative/informative

Feedback from ANTP group

• Clarified authorization

• Association exchange: added nonce, also included request data in the signature

I Corresponding changes in CMS document:

(17)

APPENDIX: Detailed Diff (4)

I Last-minute corrections in main document:

Minor syntax corrections

Inserted paragraph on different key pairs for encrypting and signing Inserted missing objective as well as necessary client checks for association exchange

References

Download now ( PDF - 17 Page - 748.02 KB )

Related documents

Common Quality Framework for International Search and Preliminary Examination

The administrative tasks of this International Searching and Examining Authority (processing all International Applications for which the ILPO will serve as the ISA, processing

6479114 Practical Guide to Swing Trading by Larry Swing

• The capital preservation order – a sell stop (stop limit) order is placed at 4% below the entry price OR 6 cents below the low of the day that was used for the trade (whichever

Rutgers Professional MBA. Expect More. Be More.

The PMBA builds on the same proven elements of the traditional Rutgers MBA and adds the value of a convenient schedule, a week-long international residency, and the cohort

Add More Pages To Word Document

The proofs to word namespace from the page will open your text file, add pages before importing into your last page.. For example, but a table format is ideal

How to Be a More Effective Homemaker

If you need to wash a load of clothes every day, beginning the wash before you leave for work every morning means that you can switch the clothes over to the dryer as soon as you

Master of Business Administration. be worth more

Graduates of both our Bachelor of Management Leadership (BML), Postgraduate Diploma in Business Administration (PGDip of Business Administration) and Master of Business

Virtualization in Healthcare: Less Can Be More

While standardization of hardware and applications has long been a cost- saving tool, enterprises are also looking to newer technologies such as virtualization to reduce

I Will Be More Than Happy To Oblige

Do also use gender when you are building about my person making someone wanted something why do not want who do or force should make you made about NOT obliged me to succeed behind