A Security Analysis and Revised Security Extension for the Precision Time Protocol

TL;DR

This paper conducts a detailed security analysis of the Precision Time Protocol, identifies new vulnerabilities, and proposes a revised security extension using elliptic-curve cryptography to enhance security and practicality.

Contribution

It provides the first comprehensive threat analysis of PTP, introduces new attack vectors, and proposes a novel elliptic-curve based security extension that outperforms previous methods.

Findings

New attacks on PTP identified and demonstrated.

Cryptographic defenses using elliptic-curve signatures are practical.

Proposed security extension significantly improves protocol security.

Abstract

The Precision Time Protocol (PTP) aims to provide highly accurate and synchronised clocks. Its defining standard, IEEE 1588, has a security section ("Annex K") which relies on symmetric-key secrecy. In this paper we present a detailed threat analysis of the PTP standard, in which we highlight the security properties that should be addressed by any security extension. During this analysis we identify a sequence of new attacks and non-cryptographic network-based defenses that mitigate them. We then suggest to replace Annex K's symmetric cryptography by an efficient elliptic-curve Public-Key signatures. We implemented all our attacks to demonstrate their effectiveness, and also implemented and evaluated both the network and cryptographic defenses. Our results show that the proposed schemes are extremely practical, and much more secure than previous suggestions.