“Verify the clock”: what is known about the new server time synchronization protocol

We talk about the reasons for the appearance of Roughtime and the features of its work.


/ Unsplash / Djim loic

Why do we need a new protocol

Networks with variable latency are based on protocols like NTP (Network Time Protocol). It synchronizes the internal clock of computing systems. But there are a number of problems with the work of NTP – the latest versions of the protocol provide the ability to authenticate requests from the server, but in practice this function rarely used. Most computers unconditionally trust the response of the exact time server when setting the system clock. As a result, an attacker can conduct a MITM attack and control the victim’s clock, disrupting the cryptographic protocols and gaining the ability to influence the “freshness” of keys. NTP also has a number of vulnerabilities that cybercriminals use. for DDoS attacks.

Engineers from Boston University, along with colleagues from Google and Cloudflare, presented a different approach for “reconciling watches” – Roughtime – protocol with cryptographic protection based on UDP. The technology is based on a time-stamping system for the blockchain, which back in 2011 described cryptographer Ben Laurie is the founder of the Apache Software Foundation and lead developer of OpenSSL. By the way, Ben himself also participated in the design of Roughtime.

How it works

Roughtime Server Response includes of three parts. The first is a timestamp with the number of microseconds elapsed since “Unix era“. The second is called radius – this is the error of the transmitted value. The third component of the response is a one-time digitally signed code (nonce). The nonce value is generated by the client when requesting a timestamp. This approach allows you to make sure that the transmitted information is relevant.

About other protocols from our blog on Habré:

  • The new protocol will increase the radius of the possible use of Wi-Fi by 60 meters
  • Retrospective: How IPv4 Addresses Dwindled
  • Who implements IPv6, and what hinders its development

If for some reason the client does not trust the received data, it can send a request to other servers. But in this case, nonce is generated by hashing the response received from the previous server. So the client remembers the sequence in which the timestamps arrive, and can verify that they are correct. At the same time, he gets the opportunity to identify compromised or improperly configured machines – the time value provided by them will seriously differ.

Protocol perspective

Last March, the Internet Engineering Council (IETF) submitted a draft Roughtime specifications. This week the network appeared its updated version. In the future, Roughtime can be made a full-fledged Internet standard and issued in RFC. But Cloudflare’s senior provider and cryptographer Nick Sullivan says Roughtime cannot be considered direct replacement of NTP. It has no mechanisms for compensating latency in the network, which can create problems when reconciling clocks between two remote nodes (the error will be very high). Difficulties are added by cryptography – in particular, the SHA512 function, for the implementation of the algorithms of which additional computational resources are spent.


/ PD / Free photos

In this regard, experts say that one of the key applications of the protocol will be checking the validity period of SSL certificates in browsers, since this task does not require high accuracy. The first implementation of such a solution has already been presented by one of the western cloud providers.

Also interest in technology expresses SpiderOak company. She develops the software of the same name for data backup. They plan to use Roughtime for secure messaging in another company product – the Semaphor messenger.

What we write about in the VAS Experts corporate blog:

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *