Skip to content

Secure NTP Server

The Network Time Protocol (NTP) is an Internet protocol built to distribute precise time around a computer network. NTP makes use of UDP over TCP/IP to synchronize network time clients to a precise time reference. This informative article talks about the security and safety elements of the NTP protocol and particularly making use of MD5 keys to authenticate a time server. Secure NTP Servers will be explained below.

The Network Time Protocol can be used to synchronize numerous time essential processes on distributed computers across a network. The NTP protocol is consequently a great security risk. Hackers or hazardous users could make an effort to interrupt system synchronization by attempting to adjust or replicate NTP time stamps.

Fortunately, NTP has an integral security attribute to put a stop to endeavors to tamper with system time synchronization. NTP may use MD5 encrypted keys to authenticate time stamps provided by a time server. Network time clients and devices can make use of secure keys to authenticate time stamps and ensure their supply of origin.

NTP executes authentication by employing an agreed set of keys between a server and client which are encrypted in time stamps. A NTP time server transmits a timestamp to a client with one of a selection of keys encrypted and appended to the message. When a timestamp is obtained by the client, the security key is un-encrypted and checked against the listing of filed secure keys. In this way the client can be sure that the received time stamp came the expected time source.

The Network Time Protocol utilises MD5 (Message Digest Encryption 5) encrypted keys. MD5 is a commonly used secure encryption algorithm that makes use of a 128-bit cryptographic hash feature. The algorithm generates a fingerprint of the provided key, which is appended to the time-stamp.

UNIX and LINUX NTP installations store secure keys in a file known as ‘ntp.keys’. Each and every record in the file gives information about an authentication key in the format: ‘key-number’ ‘encryption-code’ ‘key’. The ‘key-number’ is a reference point to the key. The ‘encryption code’ explains the encryption algorithm being used, generally ‘M’ for MD5 encryption. The ‘key’ field is the agreed key which is to be encrypted by the encryption algorithm. A subset of ‘trusted keys’ can be specified in the NTP configuration file ‘ntp.conf’. This enables a lower subset of keys to be utilised by the server. Enabling compromised keys to be conveniently ruled out from use. Trusted keys are specified using the ‘trusted-keys’ command accompanied by a space-delimited listing of key references.

Multiple CISCO routers make use of secure MD5 authentication in the installed execution of NTP. To make it possible for a Cisco router to perform MD5 authentication you have to adhere to a handful of steps. To begin with, NTP authentication has to be enabled using the ‘ntp authenticate’ command. Next, outline an NTP authentication key using the ‘ntp authentication-key’ command. A distinctive reference number identifies each and every NTP key. The key reference number comes into play as the first parameter to the ‘ntp authentication-key’ command. Finally, use the ‘ntp trusted-key’ command to inform the router which keys are legitimate. The command’s only argument is the reference number of the key defined in the previous step.

Fundamentally, secure key authentication is a technique used to eradicate the chance for the interception of time-stamps for malicious reasons. Network time clients can be sure that time-stamps have without a doubt emanated from the expected time reference and have not been intercepted for vicious reasons.