[tor-talk] [Tails-dev] secure and simple network time (hack)

Jacob Appelbaum jacob at appelbaum.net
Fri Jul 20 15:55:15 UTC 2012


adrelanos:
> Jacob Appelbaum:
>> I think adding an option to verify the leaf certificate's
>> fingerprint, rather than just the signature alone would be a fine
>> idea.
> 
> Yes, then we could ask eff, tpo and similars about their policy to
> change the certificates. If we pin their certificates, we don't have
> to trust any CAs.
> 

I'd prefer to trust a CA (or well, Tor identity) run by EFF, Tor or
someone else.

>> so, it depends a lot on what you mean by "getting rid of all CAs"
> 
> In this particlar discussion I meant "no need to use any CAs". (In
> general I would be happy to see a widespread replacement for the CAs
> as a whole.)
> 

So does that mean you do or do not like DNSSEC? :)

>>> And even if you use only a single source over TLS (pinned) as
>>> time source... How is it better than using a single authenticated
>>> NTP server over TCP?
>>
>> I've never seen a system that shipped with authenticated NTP
>> enabled.
> 
> It doesn't exist, unfortunately. It's also a critical security
> vulnarability in all major operating system, not only for Tor users,
> for anyone. No one cares about as long as no one uses it for a big
> scale attack. If an attacker moves back the time several years he can
> use revoked certificates.

I agree. That's one of the reasons why I have been working on tlsdate.

> 
>> I'm sure it has happened but generally, ntp is unauthenticated and
>> is run as a UDP service.
> 
> Yes.
> 
>> I'd be interested to see a client configuration that works over TCP
>> and has strong integrity protection of the remote time.
> 
> It's certainly possible but almost no one is using it. I found two
> guides about adding authenication to NTP.
> https://ntp3.sp.se/howto.html
> http://support.ntp.org/bin/view/Support/ConfiguringAutokey
> 
> (Over TCP is possible as well, Google tells.)

I'd like to see a normal ntp client that runs over Tor safely - can you
show us an example of a way to do that? If so, I'd gladly consider
running such an NTP service. I already run a normal UDP OpenNTP server
in the pool.

> 
> As Tails pointed out...
> https://tails.boum.org/todo/authenticate_time_servers/
> https://tails.boum.org/contribute/design/Time_syncing/
> 
> The system can not be adapted since you will have a hard time finding
> public, free NTP servers, which support authenitcated NTP. And even if
> you find a very few, you can not rely on a small amount of servers. A
> big pool is required for distribiuted trust.

That's a resource issue, not a technical issue. We can solve both, I
think. I'd like to know if someone has actually used normal NTP clients
over Tor, even with private servers and found that it was suitable?

All the best,
Jacob


More information about the tor-talk mailing list