Applications and Challenges in Securing Time

In this paper, we establish the importance of trusted time for the safe and correct operation of various applications. There are, however, challenges in securing time against hardware timer manipulation, software attacks, and malicious network delays on current systems. To provide security of time, we explore the timing capabilities of trusted execution technologies that put their root of trust in hardware. A key concern is that these technologies do not protect time integrity and are susceptible to various timing attacks by a malicious operating system and an untrusted network. We argue that it is essential to safeguard time-based primitives across all layers of a time stack – the hardware timers, platform software, and network time packets. This paper provides a detailed examination of vulnerabilities in current time services, followed by a set of requirements to build a secure time architecture.

[1]  Galen C. Hunt,et al.  Shielding Applications from an Untrusted Cloud with Haven , 2014, OSDI.

[2]  P.F. Swaszek,et al.  An Evaluation of eLoran as a Backup to GPS , 2007, 2007 IEEE Conference on Technologies for Homeland Security.

[3]  David L. Mills,et al.  Internet time synchronization: the network time protocol , 1991, IEEE Trans. Commun..

[4]  Daniel P. Shepard,et al.  Evaluation of Smart Grid and Civilian UAV Vulnerability to GPS Spoofing Attacks , 2012 .

[5]  Christof Fetzer,et al.  ShieldBox: Secure Middleboxes using Shielded Execution , 2018, SOSR.

[6]  Todd E. Humphreys,et al.  GNSS Spoofing and Detection , 2016, Proceedings of the IEEE.

[7]  Alec Wolman,et al.  fTPM: A Software-Only Implementation of a TPM Chip , 2016, USENIX Security Symposium.

[8]  Srdjan Capkun,et al.  Secure Time Synchronization in Sensor Networks , 2008, TSEC.

[9]  Ratul Mahajan,et al.  Timecard: controlling user-perceived delays in server-based mobile applications , 2013, SOSP.

[10]  Bart Preneel,et al.  Location verification using secure distance bounding protocols , 2005, IEEE International Conference on Mobile Adhoc and Sensor Systems Conference, 2005..

[11]  Amin Vahdat,et al.  Exploiting a Natural Network Effect for Scalable, Fine-grained Clock Synchronization , 2018, NSDI.

[12]  Bela Gipp,et al.  Virtual Patent - Enabling the Traceability of Ideas Shared Online Using Decentralized Trusted Timestamping , 2017, ISI.

[13]  Srdjan Capkun,et al.  ROTE: Rollback Protection for Trusted Execution , 2017, USENIX Security Symposium.

[14]  David Norton Instrumenting a Data Center with InfluxDB , 2015 .

[15]  Anshul Jaiswal,et al.  Realtime Data Processing at Facebook , 2016, SIGMOD Conference.

[16]  Sharon Goldberg,et al.  The Security of NTP's Datagram Protocol , 2017, Financial Cryptography.