[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: time resolution (was Re: six-page binary format draft)
As I recall the NTP specified security feature depends on shared
secret keys with no specified key distribution mechanism.
Yes, but that isn't the point -- NTP's authentication is hop-by-hop,
not end-to-end. See
@inproceedings{Bishop-ntp,
author = {Bishop, Matt},
title = "A Security Analysis of the {NTP} Protocol",
booktitle = {Sixth Annual Computer Security Conference Proceedings},
address = {Tucson, AZ},
pages = {20--29},
year = 1990,
month = {December},
url = {ftp://louie.udel.edu/pub/ntp/doc/security.ps.Z}
}
for a more complete analysis. (As an aside, there's a new draft RFC
on NTP authentication. I haven't read it yet, and I don't know if it
addresses Bishop's concerns.)