Abstract | ||
---|---|---|
The critical role that Network Time Protocol (NTP) plays in the Internet led to multiple efforts to secure it against time-shifting attacks. A recent proposal for enhancing the security of NTP with Chronos against on-path attackers seems the most promising one and is on a standardisation track of the IETF. In this work we demonstrate off-path attacks against Chronos enhanced NTP clients. The weak link is a central security feature of Chronos: The server pool generation mechanism using DNS. We show that the insecurity of DNS allows to subvert the security of Chronos making the time-shifting attacks against Chronos-NTP even easier than attacks against plain NTP. |
Year | DOI | Venue |
---|---|---|
2020 | 10.1109/DSN-S50200.2020.00027 | 2020 50th Annual IEEE-IFIP International Conference on Dependable Systems and Networks-Supplemental Volume (DSN-S) |
Keywords | DocType | ISSN |
NTP,DNS,Chronos,Attack,Off-path | Conference | 1530-0889 |
ISBN | Citations | PageRank |
978-1-7281-7261-3 | 0 | 0.34 |
References | Authors | |
6 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Philipp Jeitner | 1 | 10 | 2.70 |
Haya Shulman | 2 | 293 | 37.26 |
Michael Waidner | 3 | 3877 | 395.65 |