Categories
IT Security Outsourced IT

Network Time Security

What is Network Time Security?

Network Time Protocol (NTP) is an online protocol dating back to 1985 that synchronizes computer clock times in a network to within a few milliseconds of UTC, allowing devices connected to a TCP/IP network to work at the same adjusted time. NTP is the most common way to receive time and has the advantage of being free, easy to set up, and available over the public Internet. That said, NTP services typically use connections meant for other data traffic, so these connections are not optimized for highly accurate time, creating the potential for latency and asymmetry issues. 1 NTP also has a number of security issues which make it vulnerable to attacks such as packet manipulation, replay attacks, amplification attacks, Man-in-the-Middle attacks, and spoofing.

Network Time Security (NTS) is a standard approved in 2020 that provides a more secure version of NTP. NTS includes a Key Establishment (NTS-KE) protocol that automatically creates the encryption keys used between the server and its clients. NTS introduces encryption into the time distribution system to allow time packets to be authenticated without increasing latency and affecting the accuracy of the time received. NTS does this by keeping the encryption process separate from the low latency time synchronization. NTP follows this process2:

  1. The protocol client requests an exchange with the time server.
  2. The client calculates its delay/offset and readjusts to match the server’s clock.
  3. There must be six-time exchanges within 10 minutes to update the clock every 10 minutes (or sometimes hourly) to maintain its time accuracy. The messages transact the updates via the User Datagram Protocol (UDP)—Port 123.

NTP and time synchronization are important for the following reasons:

  • Security. Security systems rely on synchronized time to prevent and responds to crime.
  • Log timestamps. Files, such as software applications, are time-stamped for guarantees and warranties and carry expiration dates or update calendars depending on when they are installed.
  • Troubleshooting. NTP and time synchronization are highly useful in troubleshooting network problems.
  • Precision and accuracy. Some medical procedures are timed and use timed medical equipment for precision and accuracy.
  • Time value. Synchronized time is why regional clocks can work with respect to the Coordinated Universal Time (UTC).
  • Time-dependency. Project steps may be sequential and time-sensitive.
  • Messaging and telecommunications. Timestamps are highly relevant in elements such as emails, SMS, delivery reports, and broadcasting frameworks.
  • Traffic Control. Infrastructure like trains or air traffic control are highly dependent on synchronized time to prevent collision accidents through the timed switching of rails (for trains) and in giving instructions from air traffic control towers to land planes safely.
  • Analysis and auditing. It is only possible to carry out credible auditing or forensic analysis with synchronized time.
  • Accurate Time. Automatic time synchronization makes things easier for device users so that all devices are set to precisely and accurately reflect true time.

1 NetNod, 2023, “What is Network Time Security (NTS)?”

2 Afolabi, 2022, “What Is Network Time Protocol? Why Is It Important?”