27 June 2019
Bulletproof TLS Newsletter is a free periodic newsletter bringing you commentary and news surrounding SSL/TLS and Internet PKI, designed to keep you informed about the latest developments in this space. Received monthly by more than 50,000 subscribers. Written by Hanno Böck.
As part of its crypto week, the company Cloudflare recently announced that it will operate a time server supporting the Network Time Security (NTS) extension for the Network Time Protocol (NTP). This solves a long-standing problem with time in the context of secure protocols.
Most computers and other network-connected devices these days synchronize their clocks with time sources from the internet. However, the traditional way of doing so—the Network Time Protocol—supports no way of authenticating that data by default. This essentially means that for a man-in-the-middle attacker, it’s trivial to deliver a wrong time.
This can have security consequences because a working clock is assumed by many other security protocols, including X.509 certificates, which have an expiration date, and features like HSTS that have a lifetime. Practical attacks on HSTS have been shown in the past.
In the past, the TLS timestamp has been used as an alternative in the tlsdate tool, but it’s no longer maintained and TLS 1.3 removed the timestamp. OpenNTPD has a feature by which it can use TLS to provide authenticated time constraints, but it relies on LibreSSL and thus is not usable on many systems. Google’s Adam Langley has developed the Roughtime protocol as an alternative to NTP, but it’s not widely used.
NTP itself attempted to provide authentication in the past by a procedure called Autokey, but it’s been shown to be insecure. It also supports authentication with symmetric keys, but that’s not practical for widespread use.
NTS is a new attempt to fix this issue. It exchanges a key over an authenticated TLS channel and uses that to secure NTP itself. It’s been in development for a while, but now it seems it’ll be finished soon and implementations are starting to pick it up. There is a reference implementation of NTS, NTPsec just released a new version with support for NTS, Chrony has an experimental fork with NTS support, and more implementations are expected to come soon.
Chances are this will finally provide a widely supported option to synchronize time over the internet in a secure and authenticated way.
This subscription is just for the newsletter; we won't send you anything else.
Designed by Ivan Ristić, the author of SSL Labs, Bulletproof TLS and PKI, and Hardenize, our course covers everything you need to know to deploy secure servers and encrypted web applications.
Remote and trainer-led, with small classes and a choice of timezones.
Join over 2,000 students who have benefited from more than a decade of deep TLS and PKI expertise.