Full Disclosure mailing list archives
Fwd: Re: FullDisclosure: Security aspects of time synchronization infrastructure
From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Fri, 20 Aug 2004 10:26:08 +0400
--This is a forwarded message From: Robert Brown <eli () typhoon xnet com> To: 3APA3A () security nnov ru <3APA3A () security nnov ru> Date: Friday, August 20, 2004, 7:34:40 AM Subject: FullDisclosure: Security aspects of time synchronization infrastructure ===8<==============Original message text=============== NB: I do not have membership in FullDisclosure mailing list; I only read web archives. If you desire, you may echo this message to the list. :-) ---------------- In your paper at: http://www.security.nnov.ru/advisories/timesync.asp you state: If there is a host with reliable time on the network (that is host synchronized with some hardware source, like radio clocks, cesium clocks, GPS clocks, etc) - whole network will be finally, after some time, synchronized with this host. Depending upon the criticality of the time sensitive applications on the network, you might want to reconsider the use of "radio clocks" and especially "GPS clocks". These time sources are also subject to attacks. Any free air broadcast is subject to jamming. This is essentially a DoS. Spoofing to provide incorrect time signal is also possible with free air broadcast, but less easy to do. Furthermore, in this age of global military instability, there is alway the possibility of "tinkering" with GPS signals -- especially the time base -- for the purpose of preventing uninformed receivers getting correct time or position information. In particular, "meakoning" is likely to be used with navigational services to deliberately mis-guide a vehicle and cause it to follow a trajectory of the choosing of the GPS signal controlling force, instead of the intended trajectory of the pilot of that vehicle -- human or autonomous. This is reason why military vehicles augment GPS navigation with inertial navigation and other means, including Kalman filtering to establish optimal point statistic for position and time by combining all available positioning sources. Meaconing may also be done with LORAN and OMEGA navigation signales as well. Inertial navigation is only completely self-contained positioning mechanism. For these reasons, in certain applications, the time source should only be one that is self contained and under the complete control of the network administrator or owner. It is not always necessary for a network to be synchronized to external world time; some applications only require that all the nodes on the network be synchronized to each other. In a case like this, there can be certain advantage to deliberately running the entire network at a time out of sync with the rest of the world, as this can add immunity to attack. How accurate your time needs to be, in terms of the frequency accuracy and precision of the time base, is a function of the time sensitive applications running on that network, and many such applications do not necessarily require cesium quality time base; quartz is perfectly adequate for many uses. Line frequency clocks should be avoided unless line frequency is under local control -- such as is the case when you generate your own power, as on board a vehicle such as a ship or aircraft. -- -------- "And there came a writing to him from Elijah" [2Ch 21:12] -------- R. J. Brown III rj () elilabs com http://www.elilabs.com/~rj voice 859 567-7311 Elijah Laboratories Inc. P. O. Box 166, Warsaw KY 41095 fax 859 567-7311 ----- M o d e l i n g t h e M e t h o d s o f t h e M i n d ------ ===8<===========End of original message text=========== -- ~/ZARAZA ЭНИАКам - по морде! (Лем) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Fwd: Re: FullDisclosure: Security aspects of time synchronization infrastructure 3APA3A (Aug 20)
- Re: Fwd: Re: FullDisclosure: Security aspects of time synchronization infrastructure gadgeteer (Aug 22)
- Re: Fwd: Re: FullDisclosure: Security aspects of time synchronization infrastructure Robert Brown (Aug 22)
- Re: Re: Fwd: Re: FullDisclosure: Security aspects of time synchronization infrastructure Valdis . Kletnieks (Aug 23)
- Re: Re: Fwd: Re: FullDisclosure: Security aspects of time synchronization infrastructure stephane nasdrovisky (Aug 23)
- Re: Fwd: Re: FullDisclosure: Security aspects of time synchronization infrastructure Robert Brown (Aug 22)
- Re: Fwd: Re: FullDisclosure: Security aspects of time synchronization infrastructure gadgeteer (Aug 22)