NTP Security

We demonstrate the first practical off-path time shifting attacks against NTP as well as against Man-in-the-Middle (MitM) secure Chronos-enhanced NTP. Our attacks exploit the insecurity of DNS allowing us to redirect the NTP clients to attacker controlled servers. We perform large scale measurements of the attack surface in NTP clients and demonstrate the threats to NTP due to vulnerable DNS.

Publications

  1. The Impact of DNS Insecurity on Time [Accepted PDF]
    Philipp Jeitner, Haya Shulman, Michael Waidner
    2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), July 2020.
    DOI: 10.1109/DSN48063.2020.00043
  2. Pitfalls of Provably Secure Systems in Internet - The Case of Chronos-NTP [Accepted PDF]
    Philipp Jeitner, Haya Shulman, Michael Waidner
    2020 50th Annual IEEE-IFIP International Conference on Dependable Systems and Networks-Supplemental Volume (DSN-S), July 2020.
    DOI: 10.1109/DSN-S50200.2020.00027
  3. Secure Consensus Generation with Distributed DoH [Accepted PDF]
    Philipp Jeitner, Haya Shulman, Michael Waidner
    2020 50th Annual IEEE-IFIP International Conference on Dependable Systems and Networks-Supplemental Volume (DSN-S), July 2020.
    DOI: 10.1109/DSN-S50200.2020.00023

Slides

  1. The Impact of DNS Insecurity on Time [PDF]
  2. Pitfalls of Provably Secure Systems in Internet - The Case of Chronos-NTP [PDF]
  3. Secure Consensus Generation with Distributed DoH [PDF]

Code for reproduction

To prevent abuse, we provide the tools needed to reproduce our attack to researchers upon request only. To send a request, click here.

Imprint | Privacy Statement