[ntp:hackers] NTP Stratum FYI - L1 GPS sucks as a source of trusted time & you probably wont like this commentary!
Terje Mathisen
terje at tmsw.no
Tue Mar 1 07:11:28 UTC 2011
todd glassey wrote:
>> BTW, Todd, I would be really happy if this was the last time I had to
>> read another of your complaints about insufficient authentication for
>> timestamps. :-(
>>
>> Terje
> Why because you are offended anyone would ask you to prove anything?
No, but because the actual threat model is much, _much_ simpler:
Somebody with the resources to attack you by forging bad GPS-NTP
timestamps has the resources to develop a new Stuxnet worm as well, i.e.
they can attack your internal infrastructure directly instead of having
to go for a limited number of external time sources.
In this case it is _far_ simpler to attack the relevant servers directly
and hack the local clocks than it is to attack a majority of the
configured time sources for a competent NTP setup.
There is never such a thing as a 100% authenticated anything, what you
can get is simply levels of trust, and most of the time you can get the
quality far above what's needed to convince a judge/jury.
Terje
--
- <Terje at tmsw.no>
"almost all programming can be viewed as an exercise in caching"
More information about the hackers
mailing list