Attacking the Network Time Protocol

Speaker/Bio

Aanchal Malhotra is a PhD student at Boston University and is part of the BU Security Group (BUSec). Her research uses cryptography, and the insights gained from network measurement and simulations, to improve the security and reliability of core Internet protocols like BGP, DNS, and NTP.

Abstract

We explore the risk that network attackers can exploit unauthenticated Network Time Protocol (NTP) traffic to alter the time on client systems. We first discuss how an on- path attacker, that hijacks traffic to an NTP server, can quickly shift time on the server\x92s clients. Then, we present a extremely low-rate (single packet) denial-of-service attack that an off-path attacker, located anywhere on the network, can use to disable NTP clock synchronization on a client. Next, we show how an off-path attacker can exploit IPv4 packet fragmentation to shift time on a client. We discuss the implications on these attacks on other core Internet protocols, quantify their attack surface using Internet measurements, and suggest a few simple countermeasures that can improve the security of NTP.

References

• Malhotra, A., Cohen, I. E., Brakke, E., & Goldberg, S. (2016). Attacking the Network Time Protocol. NDSS\x9216: http://www.cs.bu.edu/~goldbe/papers/NTPattack.pdf