[Cryptography] Network Time Protocol security
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Sun May 19 19:40:52 EDT 2019
Phillip Hallam-Baker <phill at hallambaker.com> writes:
>Let us step back and ask what the actual security requirements are. I don't
>think they are quite the same as what secure-NTP would provide.
Read the linked requirements docs, I think they've covered things pretty well
(almost unheard of for IETF security standards, they've published a
comprehensive analysis and threat model before designing a solution). In
particular the first ref discusses both time-critical and security-critical
applications, where you need millisecond or better synchronisation and
protection against possibly quite motivated attackers.
Peter.
More information about the cryptography
mailing list