Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Sat, 20 Dec 2014 09:47:35 -0800
From: "ncl@...k.li" <ncl@...k.li>
To: oss-security@...ts.openwall.com
Subject: Re: can we talk about secure time?

On 20/12/14 03:27, Hanno Böck wrote:
> A strange discussion. Because ntp is insecure by design. It is an
> unauthenticated, insecure protocol that is suspectible to
> man-in-the-middle-attacks. Frankly, I don't care which implementation
> of an insecure protocol has less buffer overflows.

How broken are the authentication methods already present in ntpd?[1]
So far there appears to be only DES/MD5 keys, and with autokey, RSA/DH
(but apparently autokey doesn't work behind NAT?)
As far as I know, distros don't typically set these up, would it be
worth it to enable and improve on these, or just make something new?

Considering OSes already set up their own ntp pools[2], they could also
provide their own trusted keys in their ntpd packages.


[1] http://www.ntp.org/ntpfaq/NTP-s-config-adv.htm#AEN3143
[2] (ubuntu|openbsd|debian|netbsd|fedora).pool.ntp.org

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.