Network Time Foundation is Improving its NTP Project Security with NTS – Network Time Security Project
First, some history about Network Time Protocol (NTP) and authentication. NTP saw its original cryptographic authentication code back around 1992, in the ntp3 distribution, when it used MD5 hashes to authenticate remote configuration requests. This was a “private key” protocol, meaning each side needs to know the same key, and there was an expectation that these individual keys would ordinarily be kept secret.
NTP’s security model was augmented in February of 2003 with the publication of the Autokey protocol. Autokey was created as an Informational IETF draft – it was never proposed or adopted as a standard. According to the IETF, “An Informational specification is published for the general information of the Internet community, and does not represent an Internet community consensus or recommendation."
The Autokey specification included public key authentication mechanisms, which means machine A can encrypt a message to machine B using B’s public key, with reasonable assurance that only machine B can decrypt that message. This protocol used data widths and algorithms that were expected to survive the brute force computational attacks of their day, and for the next several years' time. Back in 2003. It’s now 2015.
While the Autokey protocol was sufficient in its day and its code was included in the Reference Implementation of NTP, it was never promoted as a production specification. With the ongoing advances in computing technology it is no longer adequate in its current form. Additionally, a small number of flaws in the Autokey implementation have been addressed by a few recent security fixes. The Autokey code could be updated to extend its longevity, and to date nobody has offered to fund that effort.
In 2007 work began on the Network Time Security (NTS) proposal, a freshly-designed protocol security model for NTP that will replace Autokey. The current IETF draft of NTS is in version 9 and soon will be in Last Call status. Network Time Foundation (NTF) has nearly completed its core implementation of this specification, and with timely funding, the complete specification should be completed by December. As soon as we’re satisfied with the implementation, NTF’s implementation of the NTS specification will become part of the NTP Project’s published codebase.