Nico,
My apologies on the white papers link. The correct one is
www.eecis.udel.edu/~mills/ntp.html. There is no intent in these papers
or in this message to promote NTP in addition to or an alternate for
PTP, just to provide additional context in the TICTOC discussion..
NTP interleaved modes, like the two-step PTP modes have nothing to do
with security. With NTP the intent is to avoid latencies due to
cryptographic computation, output queuing and message transmission. In
its present design, NTP interleaved mode is not useful in client/server
mode, but the suggestions on server state mentioned in the NTP Security
Analysis page might fix that.
An IPSEC tunnel between security gateways with constant delay is
invisible to NTP as well as PTP, as simply adds to the propagation delay
without dilution of the source ad destination timestamps. However, any
means to improve the delay measurement accuracy would benefit PTP as
well as NTP. The mention in the ID of possible revenue in the service is
intriguing; I hadn't thought of that. In the NTP model it is necessary
only to verify authenticity of the source, since the timestamps are
considered public values. Nevertheless, encryption is not much more
expensive than hash computations and does have constant delay.
In practice, the use of the NTP symmetric keys model and wrapping the
raw NTP datagram in a IPSEC header does not change the model, just
compicates module decomposition, as IPSEC support must be in the end
system. At least on and end-end basis, the two are equivalent.
Dave
Nico Williams wrote:
On Fri, Oct 14, 2011 at 7:19 PM, David L. Mills <[email protected]> wrote:
Nico and Danny,
It might help to explain the issues in the NTP white papers at the NTP
project page www.eecis.udel.edu./ntp.html. Chapter 16 in the book shows the
results of experiments using interleaved mode, which might be of interest in
PTP broadcast issues. The paper on Simulation and Analysis of the NTP
On-Wire protocol uses a two-step process similar to PTP. The paper on NTP
Security Analysis may have lessons for PTP authentication. The NTP Autokey
model needs help, as suggested in that paper.
Also helpful was to note the cc list and then look at the TICTOC WG charter.
If I understand the I-D we're talking about a an extension to IPsec to
minimize overhead in handling of packets carrying time data,
particularly in an SG environment. This would allow NTP to be run
with no crypto inside the security boundary, with IPsec providing
security outside. Is this correct? And this performs better than the
interleaved NTP scheme with asymmetric key signatures?
Nico
--
_______________________________________________
TICTOC mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tictoc
