| NTP (Network Time Protocol) synchronises networks | | | | recommends that a hardware source is used as a |
| to a single time source using timestamps to represent | | | | timing reference as Internet sources can't be |
| the current time of the day, this is essential for time | | | | authenticated. |
| sensitive transactions and many system applications | | | | NTP is vital in keeping networks synchronised but |
| such as email. | | | | equally important is keeping systems secure. Whilst |
| NTP is therefore vulnerable to security threats, | | | | network administrators spend thousands in anti-viral |
| whether from a malicious hacker who wants to alter | | | | malware software many fail to spot the vulnerability in |
| the timestamp to commit fraud or a DDoS attack | | | | their time servers. |
| (Distributed Denial of Service - normally caused by | | | | Many network administrators still entrust Internet |
| malicious malware that floods a server with traffic) | | | | sources for their time reference. Whilst many do |
| that blocks server access. | | | | provide a good source for UTC time (Coordinated |
| However, being one of the Internet's oldest protocols | | | | Universal Time - the international standard of time), |
| and having been developed for over 25 years, NTP is | | | | such as nist.gov, the lack of authentication means the |
| equipped with its own security measures in the form | | | | network is open to abuse. |
| of authentication. | | | | Other sources of UTC time are more secure and can |
| Authentication verifies that each timestamp has come | | | | be utilized with relatively low cost equipment. The |
| from the intended time reference by analysing a set of | | | | easiest method is to use a specialist NTP server that |
| agreed encryption keys that are sent along with the | | | | can connect to a GPS antenna and receive an |
| time information. NTP, using Message Digest | | | | authenticated timestamp by satellite. |
| encryption (MD5) to un-encrypt the key, analyses it | | | | GPS time servers can provide accuracy to UTC time |
| and confirms whether it has come from the trusted | | | | to within a few nanoseconds as long as the antenna |
| time source by verifying it against a set of trusted | | | | has a good view of the sky. They are relatively cheap |
| keys. | | | | and the signal is authenticated providing a secure time |
| Trusted authentication keys are listed in the NTP | | | | reference. |
| server configuration file (ntp.conf) and are normally | | | | Alternatively there are several national broadcasts that |
| stored in the ntp.keys file. The key file is normally very | | | | transmit a time reference. In the UK this is broadcast |
| large but trusted keys tell the NTP server which set of | | | | by the National Physics Laboratory (NPL) in Cumbria. |
| subset of keys is currently active and which are not. | | | | Similar systems operate in Germany, France and the |
| Different subsets can be activated without editing the | | | | US. Whilst this signal is authenticated, these radio |
| ntp.keys file using the trusted-keys config command. | | | | transmissions are vulnerable to interference and have |
| Authentication is therefore highly important in protecting | | | | a finite range. |
| a NTP server from malicious attack; however there | | | | Authentication for NTP has been developed to |
| are many time references were authentication can't | | | | prevent malicious tampering with system |
| be trusted. | | | | synchronisation just as firewalls have been developed |
| Microsoft, who has installed a version of NTP in their | | | | to protect networks from attack but as with any |
| operating systems since Windows 2000, strongly | | | | system of security it only works if it is utilised. |