[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] [Tails-dev] secure and simple network time (hack)

Jacob Appelbaum:
> I think adding an option to verify the leaf certificate's
> fingerprint, rather than just the signature alone would be a fine
> idea.

Yes, then we could ask eff, tpo and similars about their policy to
change the certificates. If we pin their certificates, we don't have
to trust any CAs.

> so, it depends a lot on what you mean by "getting rid of all CAs"

In this particlar discussion I meant "no need to use any CAs". (In
general I would be happy to see a widespread replacement for the CAs
as a whole.)

>> And even if you use only a single source over TLS (pinned) as
>> time source... How is it better than using a single authenticated
>> NTP server over TCP?
> I've never seen a system that shipped with authenticated NTP
> enabled.

It doesn't exist, unfortunately. It's also a critical security
vulnarability in all major operating system, not only for Tor users,
for anyone. No one cares about as long as no one uses it for a big
scale attack. If an attacker moves back the time several years he can
use revoked certificates.

> I'm sure it has happened but generally, ntp is unauthenticated and
> is run as a UDP service.


> I'd be interested to see a client configuration that works over TCP
> and has strong integrity protection of the remote time.

It's certainly possible but almost no one is using it. I found two
guides about adding authenication to NTP.

(Over TCP is possible as well, Google tells.)

As Tails pointed out...

The system can not be adapted since you will have a hard time finding
public, free NTP servers, which support authenitcated NTP. And even if
you find a very few, you can not rely on a small amount of servers. A
big pool is required for distribiuted trust.
tor-talk mailing list