[ntp:hackers] NTP Stratum FYI - L1 GPS sucks as a source of trusted time & you probably wont like this commentary!

Terje Mathisen terje at tmsw.no
Tue Mar 1 07:11:28 UTC 2011


todd glassey wrote:
>> BTW, Todd, I would be really happy if this was the last time I had to
>> read another of your complaints about insufficient authentication for
>> timestamps. :-(
>>
>> Terje
> Why because you are offended anyone would ask you to prove anything?

No, but because the actual threat model is much, _much_ simpler:

Somebody with the resources to attack you by forging bad GPS-NTP 
timestamps has the resources to develop a new Stuxnet worm as well, i.e. 
they can attack your internal infrastructure directly instead of having 
to go for a limited number of external time sources.

In this case it is _far_ simpler to attack the relevant servers directly 
and hack the local clocks than it is to attack a majority of the 
configured time sources for a competent NTP setup.

There is never such a thing as a 100% authenticated anything, what you 
can get is simply levels of trust, and most of the time you can get the 
quality far above what's needed to convince a judge/jury.

Terje
-- 
- <Terje at tmsw.no>
"almost all programming can be viewed as an exercise in caching"


More information about the hackers mailing list