[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] [Tails-dev] secure and simple network time (hack)

On Thu, Apr 18, 2013 at 1:18 AM, Jacob Appelbaum <jacob@xxxxxxxxxxxxx> wrote:
> Whenever a less friendly person gives me a hard time about the obvious
> futility of tlsdate, I think:
> "Let me know how your ntp replacement project goes and I'll gladly use
> it when my shitty one trick pony isn't beating the pants off of your arm
> chair hacking."
> I'd say I'm kidding but really, we need a secure network time client and
> we need one badly. If we don't have one, we can't hold certain
> assumptions to be correct and entire systems can be broken. There is
> also the attack surface and architecture of other ntp/ntp-like clients.

There are now apparently enough openly accessible and stable
authenticated NTP servers around to rely on them in a distro. The
problem is that authenticated NTP protocol (more precisely, its
asymmetric crypto Autokey variant) does not support NAT traversal in
either the server *or* the client, since both IP addresses are signed.
I guess the reason is that NTP has no clear distinction between client
and server.

Maxim Kammerer
Liberté Linux: http://dee.su/liberte
tor-talk mailing list