What is Network Time Security (NTS)?

NTS history and evolution

The development of NTS was driven by the need to improve the security of time synchronisation communications, which were previously unsecured or not sufficiently secured by NTP. The first proposals for a specification of the NTS protocol date back from 2015 and were issued by Sibold, Roettger and Teichel.

However, the specification will not be published until September 2020 in the RFC 8915 called “Network Time Security for the Network Time Protocol”. This document is the result of several years of work by the Internet Engineering Task Force (IETF).

NTS operation and implementation

NTS corrects NTP shortcomings in terms of security by providing an authentication and encryption mechanism for NTP packets. This mechanism ensures that time synchronisation data between the client and the server is both authentic and reliable.

The three main advantages of NTS:

• Authentication. NTS uses a modern cryptographic method (based on key sharing on top of TLS) to authenticate the source of NTP messages. This enables checking the legitimacy of servers providing the reference time in a network.
• Confidentiality. NTS encrypts the message flow using a variant of the AES algorithm (Advanced Encryption Standard). This encryption guarantees the confidentiality of exchanges between clients and the time server.
• Protection against replay attacks. A replay attack against NTP consists in intercepting a message sent by a server and replaying it to the client. The format of NTS packets enables the client to identify the replay.

NTS has been developed as an extension to NTP, which means that it complements the existing protocol without requiring major changes to the existing infrastructure. Besides, servers and clients that support the NTS protocol can still communicate with NTP devices that do not support it. In that case, connections to these devices will not benefit from the security enhancements provided by NTS.

The importance of securing time and of NTS

Time accuracy is paramount for numerous operations within modern IT systems. These operations include event logging, synchronisation of distributed database transactions and securing of communications via TLS/SSL.

Before the IETF introduced the NTS protocol, the security of NTP exchanges was a potential security flaw in an organisation’s infrastructure. The NTPv4 already had mechanisms for securing the NTP flow (see the RFC 8633), based on the exchange of a symmetric encryption key. However, the mechanism responsible for managing these keys, called AutoKey, is itself subject to critical vulnerabilities and its use is therefore discouraged.

With NTS, organisations are now able to strengthen the security of their time synchronisation. Using an asymmetric cryptography mechanism enables the authenticity of the message senders to be verified, while the encryption will guarantee the integrity of time data.

As a result, by reducing the risk of attacks and manipulations, NTS improves the confidence of organisations whose operations rely on accurate time.

NTS is a significant milestone in the ongoing effort to secure critical infrastructures involved in time synchronisation. It is essential that time service providers, network administrators and device manufacturers use NTS to improve the overall security of the Internet and organisations’ network infrastructures.