Overview#
Time synchronization is the process that attempts to ensure all systems within a Domain have the same TimeTwo primary Operating System Time synchronization Services:
Time synchronization is essential to Internet security as many security protocols and other applications require Time synchronization MCBG (RFC 7384). Unfortunately widely deployed protocols such as the Network Time Protocol (NTP) (RFC 5905) lack essential Security Considerations, and even newer protocols like Network Time Security (NTS) I-D.ietf-ntp-using-nts-for-ntp fail to ensure that the servers behave correctly. Authenticated time servers prevents network adversaries from modifying time packets. An authenticated time server still has full control over the contents of time packet and may go rogue.
Roughtime protocol provides cryptographic proof of malfeasance, enabling clients to detect and prove to a Third-party server's attempts to influence the time a client computes.
| Protocol | Authenticated Server | Server Malfeasance Evidence |
|---|---|---|
| NTP, Chronos | N | N |
| NTP-MD5 | Y* | N |
| NTP-Autokey | Y** | N |
| NTS | Y | N |
| Roughtime | Y | Y |
- Y* For security issues with Symmetric Key based NTP-MD5 authentication, please refer to Message Authentication Code for the Network Time Protocol draft
- Y** For security issues with NTP-Autokey Public Key Authentication, refer to NTP-Autokey
More Information#
There might be more information for this subject on one of the following:- Event 4625
- Microsoft TIME
- RFC 7384
- Synchronization
- Time sync
- Time.cloudflare.com
- Windows Time service
- [#1] - draft-roughtime-aanchal-00
- based on information obtained 2019-06-25