Guards and Watchdogs in One-Way Synchronization with Delay-Related Authentication Mechanisms

In this paper, we consider ways of using secondary “Watchdog” mechanisms to protect primary time synchronization protocols from single-source or single-channel errors. This approach is particularly interesting when the Watchdog mechanism has stronger cryptographic protection than the primary synchronization mechanism. We specifically discuss the case where the primary mechanism employs one-way communication and is secured with an authentication scheme based on delayed disclosure of cryptographic information. Further, we present results from experiments with an implementation combining such a primary mechanism with a secured two-way control mechanism, which lead us to overall recommend the approach.

[1]  Ran Canetti,et al.  Efficient and Secure Source Authentication for Multicast , 2001, NDSS.

[2]  Mourad Debbabi,et al.  A Detection and Mitigation Model for PTP Delay Attack in an IEC 61850 Substation , 2018, IEEE Transactions on Smart Grid.

[3]  Kristof Teichel,et al.  Network Time Security specification , 2016, 2016 European Frequency and Time Forum (EFTF).

[4]  Kristof Teichel,et al.  Experimental Evaluation of Attacks on TESLA-Secured Time Synchronization Protocols , 2018, SSR.

[5]  Sasikanth Avancha,et al.  Security for Sensor Networks , 2004 .

[6]  Dawn Song,et al.  The TESLA Broadcast Authentication Protocol , 2002 .

[7]  Douglas Stebila,et al.  Authenticated Network Time Synchronization , 2016, USENIX Security Symposium.

[8]  Wojciech Owczarek,et al.  Using a multi-source NTP watchdog to increase the robustness of PTPv2 in financial industry networks , 2014, 2014 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control, and Communication (ISPCS).

[9]  David L. Mills,et al.  Internet Engineering Task Force (ietf) Network Time Protocol Version 4: Protocol and Algorithms Specification , 2010 .

[10]  Tal Mizrahi,et al.  Security Requirements of Time Protocols in Packet Switched Networks , 2014, RFC.

[11]  Kang B. Lee,et al.  Standard for a Precision Clock Synchronization Protocol for Networked Measurement and Control Systems , 2004 .

[12]  Peng Ning,et al.  TinySeRSync: secure and resilient time synchronization in wireless sensor networks , 2006, CCS '06.

[13]  Fu Fei,et al.  ASTS: An Agile Secure Time Synchronization Protocol for Wireless Sensor Networks , 2007, 2007 International Conference on Wireless Communications, Networking and Mobile Computing.

[14]  Judah Levine,et al.  A review of time and frequency transfer methods , 2008 .

[15]  Kristof Teichel,et al.  Delayed Authentication and Delayed Measurement Application in One-Way Synchronization , 2018, 2018 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control, and Communication (ISPCS).

[16]  Todd E. Humphreys,et al.  Requirements for Secure Clock Synchronization , 2017, IEEE Journal of Selected Topics in Signal Processing.

[17]  Stefan Milius,et al.  An Attack Possibility on Time Synchronization Protocols Secured with TESLA-Like Mechanisms , 2016, ICISS.

[18]  Anthony Rowe,et al.  Timeline: An Operating System Abstraction for Time-Aware Applications , 2016, 2016 IEEE Real-Time Systems Symposium (RTSS).

[19]  Vincent Rijmen,et al.  A Navigation Message Authentication Proposal for the Galileo Open Service , 2016 .

[20]  Andrzej Duda,et al.  Secure Time Synchronization Protocol , 2018, 2018 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control, and Communication (ISPCS).