A security analysis of the NTP protocol version 2

摘要

The network time protocol (NTP) is being used throughout the Internet to provide an accurate time service. The author examines the security requirements of such a service, analyzes version 2 of the NTP protocol to determine how well it meets these requirements, and suggests improvements where appropriate. Five types of security attacks on a time service are possible. An attacker could cause a nontime server to impersonate a time server (masquerade), an attacker could modify some (or all) time messages sent by a time server (modification), an attacker could resend a time server's time messages (replay), an attacker could intercept a time server's time messages and delete them (denial of service), and an attacker could delay the time messages by, for example, deliberately flooding the network, thereby introducing large transmission delays (delay).