If memory serves, ntpq and ntpdc use the authentication mechanism described in html/notes.html . The "session" is not encrypted, it is authenticated. If you feel that session encryption would be useful, I recommend that you bring this up on the IETF list. It will require Changes. H