摘要
NTP是互联网上进行时间同步的应用底层协议,NTP客户端通过不断向服务器发送同步请求,做到自动和持续调节时钟,已成为国防、通信、金融、电力互联网等领域广泛使用的时间同步工具。通过对NTP协议、通信过程分析,发现NTP在缓冲区溢出、时间同步系统、消息摘要和自动分发等加密认证过程、客户端服务器间的安全认证机制等方面存在漏洞,容易受到攻击。通过对NTP进行梳理和初步的实验验证,实验证明,NTP的协议和使用漏洞可致时延变长、客户端同步于伪造服务的虚假时间或无法与合法服务器同步等效果,最后给出了安全建议。
NTP is an application underlying protocol for time synchronization on the Internet.The NTP client can automatically and continuously adjust the clock by continuously sending synchronization requests to the server.The NTP protocol has become a time synchronization tool widely used in the fields of national defense,communications,finance,and power Internet.Based on analysis of the NTP protocol and communication process,it is found that NTP has loopholes in the encryption authentication process such as buffer overflow,time synchronization system,message digest and automatic distribution,and the security authentication mechanism between client and server,and thus is vulnerable to attacks.Careful combing and preliminary experiments indicate that the NTP protocol and usage vulnerabilities can cause the delay to increase,the client synchronizes with the fake time of the forged service,or fails to synchronize with the legitimate server,etc.Finally,safety recommendations are given.
作者
张旭博
黄河
廖章梁
ZHANG Xu-bo;HUANG He;LIAO Zhang-liang(No.30 Institute of CETC,Chengdu Sichuan 610041;Unit 61660 of PLA,Beijing 100089;Department of Data Information,Hunan Military Region,Hunan Changsha 410011,China)
出处
《通信技术》
2020年第11期2806-2810,共5页
Communications Technology
关键词
NTP
加密
伪造服务器
认证机制
NTP
encryption
forged server
Authentication mechanism
