Guards and Watchdogs in One-Way Synchronization with Delay-Related Authentication Mechanisms

Abstract

In this paper, we consider ways of using secondary “Watchdog” mechanisms to protect primary time synchronization protocols from single-source or single-channel errors. This approach is particularly interesting when the Watchdog mechanism has stronger cryptographic protection than the primary synchronization mechanism. We specifically discuss the case where the primary mechanism employs one-way communication and is secured with an authentication scheme based on delayed disclosure of cryptographic information. Further, we present results from experiments with an implementation combining such a primary mechanism with a secured two-way control mechanism, which lead us to overall recommend the approach.