The Internet Engineering Task Force (IETF) has published its proposed standard for network time security after an arduous five-year process. The standard is intended to fix vulnerabilities that exist in the current network time protocol (NTP), which is used to synchronize time between different computers over data networks. The vulnerabilities could enable distributed denial-of-service (DDoS) amplification, packet manipulation, and replay attacks.
- The synchronization of time is crucial for the functioning of critical infrastructure, such as electrical power systems and transportation systems.
- Among other things, the proposed standard uses asymmetric cryptography for initial server authentication, which is designed to prevent man-in-the-middle attacks.
- The standard prevents the use of NTP implementations in DDoS amplification attacks.