SecureTime: Secure Multicast Time Synchronization

Abstract: Due to the increasing dependency of critical infrastructure on synchronized clocks, network time synchronization protocols have become an attractive target for attackers. We identify data origin authentication as the key security objective and suggest to employ recently proposed high-performance digital signature schemes (Ed25519 and MQQ-SIG)) as foundation of a novel set of security measures to secure multicast time synchronization. We conduct experiments to verify the computational and communication efficiency for using these signatures in the standard time synchronization protocols NTP and PTP. We propose additional security measures to prevent replay attacks and to mitigate delay attacks. Our proposed solutions cover 1-step mode for NTP and PTP and we extend our security measures specifically to 2-step mode (PTP) and show that they have no impact on time synchronization's precision.