Preventing (Network) Time Travel with Chronos
Host
Alin Tomescu
MIT CSAIL
ABSTRACT
The Network Time Protocol (NTP) synchronizes time across computer systems over the Internet. Unfortunately, NTP is highly vulnerable to “time shifting attacks”, which has severe implications for time-sensitive applications and for security mechanisms. We present Chronos, a new NTP client whose design leverages ideas from distributed computing theory to achieve good synchronization even in the presence of powerful man-in-the-middle attackers. Chronos is backwards compatible with legacy NTP and involves no changes whatsoever to NTP servers. Our results indicate that to shift time at a Chronos client by over 100ms from the universal time (UTC), even powerful man-in-the-middle attackers require over 20 years of effort in expectation.
Joint work with Omer Deutsch, Neta Rozen Schiff, and Danny Dolev
SPEAKER BIO
Michael Schapira is an associate professor and the co-leader of the Fraunhofer Cybersecurity Center at the Hebrew University. His research focuses on the design and analysis of (Inter)network architectures and protocols. Prior to joining Hebrew U, he worked at Google NYC's Infrastructure Networking Group and was a postdoctoral researcher at UC Berkeley, Yale University, and Princeton University. He is a recipient of the Microsoft Research Faculty Fellowship, 2 IETF/IRTF Applied Networking Research Prizes, a Google Faculty Research Award, and the ERC Starting Grant.
The Network Time Protocol (NTP) synchronizes time across computer systems over the Internet. Unfortunately, NTP is highly vulnerable to “time shifting attacks”, which has severe implications for time-sensitive applications and for security mechanisms. We present Chronos, a new NTP client whose design leverages ideas from distributed computing theory to achieve good synchronization even in the presence of powerful man-in-the-middle attackers. Chronos is backwards compatible with legacy NTP and involves no changes whatsoever to NTP servers. Our results indicate that to shift time at a Chronos client by over 100ms from the universal time (UTC), even powerful man-in-the-middle attackers require over 20 years of effort in expectation.
Joint work with Omer Deutsch, Neta Rozen Schiff, and Danny Dolev
SPEAKER BIO
Michael Schapira is an associate professor and the co-leader of the Fraunhofer Cybersecurity Center at the Hebrew University. His research focuses on the design and analysis of (Inter)network architectures and protocols. Prior to joining Hebrew U, he worked at Google NYC's Infrastructure Networking Group and was a postdoctoral researcher at UC Berkeley, Yale University, and Princeton University. He is a recipient of the Microsoft Research Faculty Fellowship, 2 IETF/IRTF Applied Networking Research Prizes, a Google Faculty Research Award, and the ERC Starting Grant.