SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsThis paper investigates the authentication protocols used with NTP-V4. It does not review the NTP protocol itself, nor does it cover in detail the authentication protocol used in its predecessor, NTP-V3. For those new to the topic, NTP is the Network Time Protocol, used to acquire a reliable time standard for a site/host from the Internet. A brief overview of the full NTP protocol can be found in Addendum 1. NTP Authentication is unique in that it must operate in an initial environment of untrusted sources coupled with inaccurate clocks. The problem is exacerbated by computational overhead constraints which impact the ultimate accuracy of the timestamps required for proper operation of the NTP Protocol. These unique requirements are why standard techniques such as IPSEC, and the naive approach of signing each timestamp message are inappropriate for use as an authentication mechanism.