Opened 9 months ago

Last modified 7 months ago

#26359 new defect

DoS and timed attacks via unencrypted network time protocols

Reported by: time_attacker Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: time, NTP, DoS, attack, clock-skew
Cc: catalyst, intrigeri Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

If a device relies on NTP (or any other unencrypted network time protocol), ISP or other party in the middle can manipulate unencrypted packages to set wrong time. Tor relies on correct time, so ISP can deny Tor usage any time it wants to. Moreover, attacker controlling the ISP (government or hackers compromising ISP's server) can manipulate time on tor-using device, assisting attacks that involve wrong time.

Embedded systems like routers have no real-time clock hardware and need to set time via network. PCs are often configured to synchronize time via NTP.

Tor should have other way to set the time it needs. It could set time from directory servers and known relays.

Child Tickets

Change History (4)

comment:1 Changed 9 months ago by time_attacker

This seems to be a good way to address this problem but it should apply to Tor itself, not only Tails:
https://tails.boum.org/contribute/design/Time_syncing/

comment:2 Changed 9 months ago by catalyst

Cc: catalyst added
Keywords: clock-skew added
Priority: HighMedium
Severity: MajorNormal

comment:3 Changed 9 months ago by catalyst

Milestone: Tor: unspecified

comment:4 Changed 7 months ago by intrigeri

Cc: intrigeri added
Note: See TracTickets for help on using tickets.