| The Network Time Protocol (NTP) is an Internet | | | | Each record in the file describes an authentication key |
| protocol designed to propagate accurate time around | | | | in the format: 'key-number' 'encryption-code' 'key'. |
| a computer network. NTP utilises UDP over TCP/IP | | | | The 'key-number' is a reference to the key. The |
| to synchronise network time clients to an accurate | | | | 'encryption code' describes the encryption algorithm in |
| time reference. This article describes the security | | | | use, usually 'M' for MD5 encryption. The 'key' field is |
| aspects of the NTP protocol and specifically using | | | | the agreed key that is to be encrypted by the |
| MD5 keys to authenticate a time server. | | | | encryption algorithm. A subset of 'trusted keys' may |
| The Network Time Protocol may be used to | | | | be specified in the NTP configuration file 'ntp.conf'. |
| synchronise many time critical processes on | | | | This allows a reduced subset of keys to be utilised |
| distributed computers across a network. The NTP | | | | by the server. Allowing compromised keys to be |
| protocol is therefore a potential security risk. Hackers | | | | easily excluded from use. Trusted keys are specified |
| or malicious users could attempt to disrupt system | | | | using the 'trusted-keys' command followed by a |
| synchronisation by attempting to modify or replicate | | | | space-delimited list of key references. |
| NTP time stamps. | | | | Many CISCO routers utilise secure MD5 authentication |
| Luckily, NTP has an integral security feature to | | | | in the installed implementation of NTP. To enable a |
| thwart attempts to tamper with system time | | | | Cisco router to perform MD5 authentication you must |
| synchronisation. NTP can use MD5 encrypted keys to | | | | follow a number of steps. Firstly, enable NTP |
| authenticate time stamps received from a time | | | | authentication with the 'ntp authenticate' command. |
| server. Network time clients and devices can utilise | | | | Secondly, define an NTP authentication key using the |
| secure keys to authenticate time stamps and ensure | | | | 'ntp authentication-key' command. A unique reference |
| their source of origin. | | | | number identifies each NTP key. The key reference |
| NTP implements authentication by utilising an agreed | | | | number is supplied as the first paramater to the 'ntp |
| set of keys between a server and client that are | | | | authentication-key' command. Thirdly, use the 'ntp |
| encrypted in time stamps. A NTP time server passes | | | | trusted-key' command to tell the router which keys |
| a timestamp to a client with one of a selection of | | | | are valid. The command's only argument is the |
| keys encrypted and appended to the message. | | | | reference number of the key defined in the previous |
| When a timestamp is received by the client, the | | | | step |
| security key is un-encrypted and checked against the | | | | The Windows 2000\2003\XP operating systems |
| list of stored secure keys. In this manner the client | | | | adopt a SNTP (Simple Network Time Protocol) |
| can ensure that the received timestamp originated | | | | application for time synchronisation. The |
| from the expected time source. | | | | implementation used by Microsoft does not include |
| The Network Time Protocol utilises MD5 (Message | | | | authentication keys. |
| Digest Encryption 5) encrypted keys. MD5 is a widely | | | | To summarise, MD5 key authentication can be utilised |
| used secure encryption algorithm that utilises a | | | | to overcome potential security risks when |
| 128-bit cryptographic hash function. The algorithm | | | | implementing the NTP protocol. Network time clients |
| outputs a fingerprint of the supplied key, which is | | | | can be sure that timestamps have indeed emanated |
| appended to the timestamp. | | | | from the expected time reference and have not |
| Linux NTP installations store keys in a file 'ntp.keys'. | | | | been intercepted for malicious purposes. |