New milestone in Network Time Security as Internet Draft approved
The approval came from the Internet Engineering Steering Group (IESG) on 25 March during the virtual IETF meeting. Netnod staff have been instrumental in developing this protocol which adds a much needed layer of security to the Network Time Protocol (NTP) and follows from Netnod’s launch of one of the first NTS-enabled NTP services in October 2019.
The new standard adds an important layer of security to NTP in a similar way that Transport Layer Security (TLS) adds security to the Hypertext Transfer Protocol (HTTP), which users can see in their web browsers as a closed padlock. As described in the Proposed Standard, NTS is:
"a mechanism for using Transport Layer Security (TLS) and Authenticated Encryption with Associated Data (AEAD) to provide cryptographic security for the client-server mode of the Network Time Protocol (NTP)."
NTP, the most popular protocol in use for synchronizing time, is more than 30 years old and vulnerable to Man-in-the-Middle (MITM) attacks. With many of today’s most important security processes dependent on accurate time, the consequences of receiving time from a malicious source are serious. Everything from establishing encrypted TLS sessions and using DNSSEC to time-stamping financial transactions and preventing online fraud depends on accurate and secure time. The approval of this new Proposed Standard is a milestone in bringing more secure and accurate time to the Internet.
"As a leading player in providing services at the core of the Internet, Netnod is proud to be at the forefront of NTS,” said Lars Michael Jogbäck, Netnod CEO. “Developing services such as NTS is part of Netnod’s commitment to ensuring that the Internet is as secure and robust as possible for everyone.”
Netnod staff have been instrumental in the creation of NTS. Apart from editing the document itself (Ragnar Sundblad and Marcus Dansarie), we have developed both server side and client side implementations of NTS (Christer Weinigel and Michael Cardell Widerkrantz among others).
From October 2019, Netnod’s NTS service has been freely available. More information on how to use the service is available here.
More information about Netnod’s work on NTS and some useful background is available here.
Since 2015, Netnod has been working with the Swedish Post and Telecom Authority (PTS) and RISE as the provider of Swedish Time and Frequency. This includes services over Network Time Protocol (NTP) and Precision Time Protocol (PTP).
Netnod provides critical infrastructure support ranging from interconnection services and Internet Exchanges to DNS services, root server operations and activities for the good of the Internet. With a worldwide reputation for its services and the expertise of its staff, Netnod ensures a stable and secure Internet for the Nordics and beyond. Established in 1996 as a neutral and independent Internet infrastructure organisation, Netnod is fully owned by the non-profit foundation TU-stiftelsen (Stiftelsen för Telematikens utveckling).
More information is available at: www.netnod.se