Researchers from the Hebrew University of Jerusalem have been trying to prevent time-shifting threat actors. No, seriously, they really have…
In their paper entitled ‘Preventing (Network) Time Travel with Chronos’ the quartet of computer science and engineering researchers put forward a potential solution to the legacy problem of Network Time Protocol (NTP) insecurity. “NTP’s security vulnerabilities have severe implications for time-sensitive applications and for security mechanisms” the researchers state, adding “while technically NTP supports cryptographic authentication, it is very rarely used in practice.” These ‘timeshifting attacks’ on NTP are possible even if all its communications are both encrypted and authenticated, the paper states. So what, exactly, are the real-world implications of such attacks to the enterprise user?