![Page 1: A Secure Selection and Filtering Mechanism for the Network](https://reader034.vdocuments.mx/reader034/viewer/2022042708/6266804c55d64614071de46b/html5/thumbnails/1.jpg)
A Secure Selection and Filtering Mechanism for
the Network Time Protocol Version 4
draft-schiff-ntp-chronos-02
Neta Rozen Schiff, Danny Dolev, Tal Mizrahi, Michael Schapira
![Page 2: A Secure Selection and Filtering Mechanism for the Network](https://reader034.vdocuments.mx/reader034/viewer/2022042708/6266804c55d64614071de46b/html5/thumbnails/2.jpg)
Reminder: Threat Model
The attacker:
• Controls a large fraction of the NTP servers in the pool (say, ¼)
• Capable of both deciding the content of NTP responses and
timing when responses arrive at the client
• Malicious NTP serverNTP serverNTP server
client
…….
![Page 3: A Secure Selection and Filtering Mechanism for the Network](https://reader034.vdocuments.mx/reader034/viewer/2022042708/6266804c55d64614071de46b/html5/thumbnails/3.jpg)
Reminder: Chronos ArchitectureChronos’ design combines several ingredients:
• Rely on many NTP servers
Generate a large server pool (hundreds) per client
E.g., by repeatedly resolving NTP pool hostnames and storing returned IPs
Sets a very high threshold for a MitM attacker
• Query few servers
Randomly query a small fraction of the servers in the pool (e.g., 10-20)
Avoids overloading NTP servers
• Smart filtering
Remove outliers via a technique used in approximate agreement algorithms
Limits the MitM attacker’s ability to contaminate the chosen time samples
![Page 4: A Secure Selection and Filtering Mechanism for the Network](https://reader034.vdocuments.mx/reader034/viewer/2022042708/6266804c55d64614071de46b/html5/thumbnails/4.jpg)
Chronos and NTPd
• Chronos compared to NTPv4:• Greater variety of sampled servers over time
• Avoids (NTPv4) source quality filters
• Provable security guarantees
• Possible adverse effects on precision and accuracy.
![Page 5: A Secure Selection and Filtering Mechanism for the Network](https://reader034.vdocuments.mx/reader034/viewer/2022042708/6266804c55d64614071de46b/html5/thumbnails/5.jpg)
New in draft 002: Precision Evaluation
• We evaluated Chronos precision in different locations inEurope and US.
• Preliminary results:• Chronos has fair precision, up to several ms from NTP
• Chronos updates are close on average to NTP (several ms gap)
• We considered smoothing mechanisms in order to improveChronos’ precision
![Page 6: A Secure Selection and Filtering Mechanism for the Network](https://reader034.vdocuments.mx/reader034/viewer/2022042708/6266804c55d64614071de46b/html5/thumbnails/6.jpg)
New in draft 002: Smoothing algorithms for Chronos
•Two smoothing mechanism were tested:
• Return the offset with minimum value unless its distancefrom the average offset is larger than a predefined value.Yielded improvements.
• Use the same set of servers as in the previous sample, unlessthe difference between their offset and the offset of newservers is larger than a predefined value. Didn’t yield asignificant improvement.
![Page 7: A Secure Selection and Filtering Mechanism for the Network](https://reader034.vdocuments.mx/reader034/viewer/2022042708/6266804c55d64614071de46b/html5/thumbnails/7.jpg)
Average offsets and derivatives
• Chronos usually has morefluctuations compared to NTP,when not under attack
• The smoothing algorithmmitigates these fluctuationsand leads to a reduction in theoffsets (in absolute values).
• We verified this on severallocations:
![Page 8: A Secure Selection and Filtering Mechanism for the Network](https://reader034.vdocuments.mx/reader034/viewer/2022042708/6266804c55d64614071de46b/html5/thumbnails/8.jpg)
Average offsets and derivatives
Oregon• Chronos usually has morefluctuations compared to NTP,when not under attack
• The smoothing algorithmmitigates these fluctuationsand leads to a reduction in theoffsets (in absolute values).
• We verified this on severallocations:
![Page 9: A Secure Selection and Filtering Mechanism for the Network](https://reader034.vdocuments.mx/reader034/viewer/2022042708/6266804c55d64614071de46b/html5/thumbnails/9.jpg)
Average offsets and derivatives
Frankfurt• Chronos usually has morefluctuations compared to NTP,when not under attack
• The smoothing algorithmmitigates these fluctuationsand leads to a reduction in theoffsets (in absolute values).
• We verified this on severallocations:
![Page 10: A Secure Selection and Filtering Mechanism for the Network](https://reader034.vdocuments.mx/reader034/viewer/2022042708/6266804c55d64614071de46b/html5/thumbnails/10.jpg)
Average offsets and derivatives
Virginia• Chronos usually has morefluctuations compared to NTP,when not under attack
• The smoothing algorithmmitigates these fluctuationsand leads to a reduction in theoffsets (in absolute values).
• We verified this on severallocations:
![Page 11: A Secure Selection and Filtering Mechanism for the Network](https://reader034.vdocuments.mx/reader034/viewer/2022042708/6266804c55d64614071de46b/html5/thumbnails/11.jpg)
Average offsets and derivatives
London• Chronos usually has morefluctuations compared to NTP,when not under attack
• The smoothing algorithmmitigates these fluctuationsand leads to a reduction in theoffsets (in absolute values).
• We verified this on severallocations:
![Page 12: A Secure Selection and Filtering Mechanism for the Network](https://reader034.vdocuments.mx/reader034/viewer/2022042708/6266804c55d64614071de46b/html5/thumbnails/12.jpg)
Preliminary results under attack
• Attack type: rapidly increasing shift + fake stratum 1
• Both Chronos and NTP remain accurate
![Page 13: A Secure Selection and Filtering Mechanism for the Network](https://reader034.vdocuments.mx/reader034/viewer/2022042708/6266804c55d64614071de46b/html5/thumbnails/13.jpg)
Preliminary results under attack – cont.
• Attack type: slowly increasing shift + fake stratum 1
• Chronos precision remains while NTP is shifted
![Page 14: A Secure Selection and Filtering Mechanism for the Network](https://reader034.vdocuments.mx/reader034/viewer/2022042708/6266804c55d64614071de46b/html5/thumbnails/14.jpg)
Conclusion
• We tested POC Chronos implementation under normal scenarios and under attack
• Chronos precision is closer to NTP than expected (several msinstead of w=25ms), while the smoothing algorithm yields even better results
• Chronos is secure even facing slowly increasing shift, while NTP isn’t. Smoothing didn’t affect Chronos’ security.
• We are continuing to evaluate Chronos's performence andsecurity for different attack strategies and at different locations