[Cryptography] Network Time Protocol security

Peter Gutmann pgut001 at cs.auckland.ac.nz
Sun May 19 19:40:52 EDT 2019


Phillip Hallam-Baker <phill at hallambaker.com> writes:

>Let us step back and ask what the actual security requirements are. I don't 
>think they are quite the same as what secure-NTP would provide.

Read the linked requirements docs, I think they've covered things pretty well
(almost unheard of for IETF security standards, they've published a 
comprehensive analysis and threat model before designing a solution).  In 
particular the first ref discusses both time-critical and security-critical 
applications, where you need millisecond or better synchronisation and 
protection against possibly quite motivated attackers.

Peter.


More information about the cryptography mailing list