Next Steps in Security for Time Synchronization: Experiences from implementing IEEE 1588 v2.1

2019 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control, and Communication (ISPCS) Pub Date : 2019-09-01 DOI:10.1109/ISPCS.2019.8886641

Ezzeldin Shereen, Florian Bitard, G. Dán, Tolga Sel, S. Fries

{"title":"Next Steps in Security for Time Synchronization: Experiences from implementing IEEE 1588 v2.1","authors":"Ezzeldin Shereen, Florian Bitard, G. Dán, Tolga Sel, S. Fries","doi":"10.1109/ISPCS.2019.8886641","DOIUrl":null,"url":null,"abstract":"The lack of integrated support for security has been a major shortcoming of Precision Time Protocol version 2 (PTPv2) for a long time. The upcoming PTPv2.1 aims at addressing this shortcoming in a variety of ways, including the introduction of lightweight message authentication. In this paper we provide an overview of the planned security features, and report results based on an implementation of the proposed integrated security mechanism based on the open source Linux PTP, including support for hardware timestamping. Our implementation includes an extension of Linux PTP to support transparent clocks. We provide results from an experimental testbed including a transparent clock, which illustrate that the extensions can be implemented in software at a low computational overhead, while supporting hardware timestamping. We also provide a discussion of the remaining vulnerabilities of PTP time synchronization, propose countermeasures, and discuss options for key management, which is not covered by the standard.","PeriodicalId":193584,"journal":{"name":"2019 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control, and Communication (ISPCS)","volume":"39 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"21","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control, and Communication (ISPCS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISPCS.2019.8886641","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 21

Abstract

The lack of integrated support for security has been a major shortcoming of Precision Time Protocol version 2 (PTPv2) for a long time. The upcoming PTPv2.1 aims at addressing this shortcoming in a variety of ways, including the introduction of lightweight message authentication. In this paper we provide an overview of the planned security features, and report results based on an implementation of the proposed integrated security mechanism based on the open source Linux PTP, including support for hardware timestamping. Our implementation includes an extension of Linux PTP to support transparent clocks. We provide results from an experimental testbed including a transparent clock, which illustrate that the extensions can be implemented in software at a low computational overhead, while supporting hardware timestamping. We also provide a discussion of the remaining vulnerabilities of PTP time synchronization, propose countermeasures, and discuss options for key management, which is not covered by the standard.

查看原文本刊更多论文

时间同步安全性的后续步骤:来自实现IEEE 1588 v2.1的经验

长期以来，缺乏对安全性的集成支持一直是精确时间协议版本2 (PTPv2)的一个主要缺点。即将发布的PTPv2.1旨在通过各种方式解决这个缺点，包括引入轻量级消息身份验证。在本文中，我们概述了计划的安全特性，并报告了基于开源Linux PTP的拟议集成安全机制的实现结果，包括对硬件时间戳的支持。我们的实现包括Linux PTP的扩展，以支持透明时钟。我们提供了一个包含透明时钟的实验测试平台的结果，表明该扩展可以在软件中以较低的计算开销实现，同时支持硬件时间戳。我们还讨论了PTP时间同步的剩余漏洞，提出了对策，并讨论了密钥管理的选项，这在标准中没有涵盖。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2019 IEEE International Symposium on Precision Clock Synchronization for Measurement, Control, and Communication (ISPCS)

自引率

0.00%

发文量