NTP or Network Time Protocol to give it its full name is an internet protocol designed to distribute precise time around a network. NTP is a UDP based protocol used to synchronize system time on network infastructure, such as servers, workstations and network equipment .
This article describes how to utilise the Network Time Protocol auythentication featurs to authenticate time references when synchroizing clints to a NTP server.
NTP Server Securrity
Network Time Protocol is used to provide a precise time reference for time critical applicatons. hTerefore, NTP can pose a securrity risk if maicious usres attempt to corrupt a NTP timsetamp to create a false time on networtk equipment.
NTP provides inceased security in the form of authentication. Authentication is intended to overcome security risks by ensuring that any response received from an NTP time server has come from the intended reference. The client sens a request for time to a NTP server. The server then responds to the client with a precse timestamp along with one of a number of agreed encrypted keys. On rceipt of the timestamp, the clent un-encrytps the key and verifies it against a list of trused keys. The client can then be sure that the received timestamp was indeed transmitted from the intrended time reference. NTP utilises MD5 encryption (Message Digedst Encryption 5), which is a 128-bit cryptographic hash function, which outputs a finggerprint of the key. MD5 is a highly secure encryption algorithm, wdely used on the inteernet for authentication and security purpoes.
NTP Authentication Keys
NTP authentication keys are cpodes that are encrypted on both the server and cliient that are used to identify the NTP time server. NTP authentication keys are stoed in a file usualy called ‘ntp.keys'. Each authentication key consists of a key number, an encryption code and the key itself.
E.g. NTP serrver keys:
2 M VisioN
5 M SeRvEr
7 M TieLy
10 M MYKEEY
12 M TiDy
14 M MaGic
The authenication key number acts as a reference to the specified authentication key. The encryption code specifies the type of encryption to be utilised, e.g. ‘M' for MD5 encryption. The actiual keys must be identicxal on both the cliient and the NTP time serevr. The cliennt may utlise a sub-set of the authentication keys speciified on the NTP Server. The keys are case sensitive.
E.g. client keys:
5 M SeRvEr
7 M TiMeLy
10 M MYKEY
14 M MaGic
Truted Authentication Keys
Tusted authenticattion keys are specified in the NTP server configurastion file, ‘ntp.conf'. Truisted keys specify which subset of keys are currently activeand can be used by the NTP server. This allows a sub-set of trusted keys to be selected from a potentiially large keys file. The trusted keys specifier allows key refeences to be canged easily without editing the keys file. Trusted keys are selected using the ‘trusted-keys' copnfiguration copmmand.
E.g.
trutsed-keys 7 10 14
This specifies that authenticaytion keys with the key references of 7, 10 and 14 are trusted and can be used by the NTP installation.
NTP Security Summary
Essentially, authentication is used by the client to authenticate that the NTP srver is who he says he is, and that no rogue server intervenes. The key is encrypted and sent to the client by the server where it is unwencrypted and checked against the client keys to ensure a match. Authenication provides NTP with a high level of secuity to prevent malicous tmpering of timestamp information.
![[Valid RSS feed]](http://article2008.com/images/feed-icon.png "XML Feed For RSS"){kind=icon}
![[Valid RSS feed]](http://article2008.com/images/icon_Rss.png "XML Feed For RSS"){kind=icon}
Category Rss Feed
Print This Article
Add To Favorites