[Full-Disclosure] Fwd: Re: FullDisclosure: Security aspects of time synchronization infrastructure

From: 3APA3A (3APA3A_at_SECURITY.NNOV.RU)
Date: 08/20/04

  • Next message: 3APA3A: "Re[2]: [Full-Disclosure] Security aspects of time synchronization infrastructure" 
    To: full-disclosure@lists.netsys.com
Date: Fri, 20 Aug 2004 10:26:08 +0400

    --This is a forwarded message
    From: Robert Brown <eli@typhoon.xnet.com>
    To: 3APA3A@security.nnov.ru <3APA3A@security.nnov.ru>
    Date: Friday, August 20, 2004, 7:34:40 AM
    Subject: FullDisclosure: Security aspects of time synchronization infrastructure

    ===8<==============Original message text===============
    NB: I do not have membership in FullDisclosure mailing list; I only
    read web archives. If you desire, you may echo this message to the
    list. :-)

    ----------------

    In your paper at:

       http://www.security.nnov.ru/advisories/timesync.asp

    you state:

        If there is a host with reliable time on the network (that is host
        synchronized with some hardware source, like radio clocks, cesium
        clocks, GPS clocks, etc) - whole network will be finally, after some
        time, synchronized with this host.

    Depending upon the criticality of the time sensitive applications on
    the network, you might want to reconsider the use of "radio clocks"
    and especially "GPS clocks". These time sources are also subject to
    attacks. Any free air broadcast is subject to jamming. This is
    essentially a DoS. Spoofing to provide incorrect time signal is also
    possible with free air broadcast, but less easy to do.

    Furthermore, in this age of global military instability, there is
    alway the possibility of "tinkering" with GPS signals -- especially
    the time base -- for the purpose of preventing uninformed receivers
    getting correct time or position information. In particular,
    "meakoning" is likely to be used with navigational services to
    deliberately mis-guide a vehicle and cause it to follow a trajectory
    of the choosing of the GPS signal controlling force, instead of the
    intended trajectory of the pilot of that vehicle -- human or
    autonomous. This is reason why military vehicles augment GPS
    navigation with inertial navigation and other means, including Kalman
    filtering to establish optimal point statistic for position and time
    by combining all available positioning sources. Meaconing may also be
    done with LORAN and OMEGA navigation signales as well. Inertial
    navigation is only completely self-contained positioning mechanism.

    For these reasons, in certain applications, the time source should
    only be one that is self contained and under the complete control of
    the network administrator or owner.

    It is not always necessary for a network to be synchronized to
    external world time; some applications only require that all the nodes
    on the network be synchronized to each other. In a case like this,
    there can be certain advantage to deliberately running the entire
    network at a time out of sync with the rest of the world, as this can
    add immunity to attack.

    How accurate your time needs to be, in terms of the frequency accuracy
    and precision of the time base, is a function of the time sensitive
    applications running on that network, and many such applications do
    not necessarily require cesium quality time base; quartz is perfectly
    adequate for many uses. Line frequency clocks should be avoided
    unless line frequency is under local control -- such as is the case
    when you generate your own power, as on board a vehicle such as a ship
    or aircraft. 

    -- 
--------  "And there came a writing to him from Elijah"  [2Ch 21:12]  --------
R. J. Brown III  rj@elilabs.com http://www.elilabs.com/~rj  voice 859 567-7311
Elijah Laboratories Inc.    P. O. Box 166, Warsaw KY 41095    fax 859 567-7311
-----  M o d e l i n g   t h e   M e t h o d s   o f   t h e   M i n d  ------
===8<===========End of original message text===========
-- 
~/ZARAZA
ÝÍÈÀÊàì - ïî ìîðäå!  (Ëåì)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
  • Next message: 3APA3A: "Re[2]: [Full-Disclosure] Security aspects of time synchronization infrastructure"

    Relevant Pages

    • Re: Testing NTP server
      ... I have a similar requirement where I need two Suns to have their clocks as close as possible to each other during an experiment which lasts 4 hours. ... SANs require proper synchronization for filesystem ... Any network using Kerberos authentication must keep all clocks within something like two minutes of each other. ... One of the useful consequences of using NTP is that you can make meaningful comparisons of time stamps with anyone else who is using NTP. ...
      (comp.unix.solaris)
    • Re: ABSOLUTE TRUTH ABOUT ABSOLUTE SPACETIME
      ... your synchronization scheme would lead to ... I'm just pointing out the important fact that if all inertial frames define ... mass, momentum, energy, electrodynamics, etc. E-synching clocks allows the ... > I interpret the PofR as a law of physics. ...
      (sci.physics.relativity)
    • Re: A funny kind of rectilinearity
      ... > frame, but its direction in any frame clearly depends on the orientation ... toward an empty section of space where the detector will be in future, ... when S' believes that a pair of clocks have been properly ... special case) the clock synchronization procedure. ...
      (sci.physics.relativity)
    • Re: Are SR effects real or not? Simplified case.
      ... to that coordinate system is well-defined. ... and is more convenient to use for General Relativity. ... Einstein's synchronization procedure.) ... synchronize clocks. ...
      (sci.physics.relativity)
    • Re: What happened between Newton and Einstein?
      ... Please describe how this "measurement" can be made. ... postulate that says anything about clock synchronization. ... I can synchronize clocks without using light. ... Einstein cannot really synchronize ...
      (sci.physics.relativity)