Security Seminar: Aanchal Malhotra

Speaker: Aanchal Malhotra

Time/Location: 11/4 at 10:30am in BUSN 106

Abstract: For decades, the Network Time Protocol (NTP) has been used to synchronize computer clocks over untrusted network paths. We explore the risk that network attackers can exploit unauthenticated NTP traffic to alter the time on client systems. First, we present an extremely low-rate (single packet) denial-of-service attack that an off-path attacker, located anywhere on the network, can use to disable NTP clock synchronization on a client. Next, we show how an off-path attacker can exploit IPv4 packet fragmentation to shift time on a client.

In the following work, we identify two attacks on the NTP’s cryptographically-authenticated broadcast mode. First, we present a replay attack that allows an on-path attacker to inde finitely stick a broadcast client to a specific time. Second, we present a DoS attack that allows an off-path attacker to prevent a broadcast client from ever updating its system clock.

In our most recent work we take a new look at the security of NTP’s datagram protocol. We argue that NTP’s datagram protocol in RFC5905 is both underspecified and flawed, which has lead to vulnerabilities in NTP’s ‘reference implementation’. We then present one of the strongest off-path attacks on NTP client the ‘Zero 0rigin timestamp attack’. Finally, we move beyond identifying attacks by developing a cryptographic model and using it to prove the security of two improved client/server protocols for NTP.

Bio: Aanchal Malhotra is a PhD student at Boston University and is part of the BU Security Group (BUSec). Her research uses cryptography, and the insights gained from network measurement and simulations, to improve the security and reliability of core Internet protocols like BGP, DNS, and NTP.