An Attack Possibility on Time Synchronization Protocols Secured with TESLA-Like Mechanisms

  • Kristof TeichelEmail author
  • Dieter Sibold
  • Stefan Milius
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10063)


In network-based broadcast time synchronization, an important security goal is integrity protection linked with source authentication. One technique frequently used to achieve this goal is to secure the communication by means of the TESLA protocol or one of its variants. This paper presents an attack vector usable for time synchronization protocols that protect their broadcast or multicast messages in this manner. The underlying vulnerability results from interactions between timing and security that occur specifically for such protocols. We propose possible countermeasures and evaluate their respective advantages. Furthermore, we discuss our use of the UPPAAL model checker for security analysis and quantification with regard to the attack and countermeasures described, and report on the results obtained. Lastly, we review the susceptibility of three existing cryptographically protected time synchronization protocols to the attack vector discovered.


Security protocols Broadcast Time synchronization protocols TESLA Security analysis UPPAAL 


  1. 1.
    Alur, R., Courcoubetis, C., Dill, D.: Model-checking for real-time systems. In: Proceedings of Fifth Annual IEEE Symposium on Logic in Computer Science, LICS 1990, pp. 414–425, June 1990Google Scholar
  2. 2.
    Behrmann, G., David, A., Larsen, K.G.: A tutorial on Uppaal. In: Bernardo, M., Corradini, F. (eds.) SFM-RT 2004. LNCS, vol. 3185, pp. 200–236. Springer, Heidelberg (2004). doi: 10.1007/978-3-540-30080-9_7 CrossRefGoogle Scholar
  3. 3.
    Brakke, E., Cohen, I.E., Goldberg, S., Malhotra, A.: Attacking the network time protocol. In: Network and Distributed System Security Symposium (NDSS), February 2016Google Scholar
  4. 4.
    Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inf. Theory IT–29, 198–208 (1983)MathSciNetCrossRefzbMATHGoogle Scholar
  5. 5.
    Dowling, B., Stebila, D., Zaverucha, G.: Authenticated network time synchronization. Cryptology ePrint Archive, Report 2015/171 (2015).
  6. 6.
    Floeter, R.: Authenticated TLS constraints in ntpd(8). Web Post, February 2015.
  7. 7.
    Ganeriwal, S., Pöpper, C., Capkun, S., Srivastava, M.B.: Secure time synchronization in sensor networks (E-SPS). In: Proceedings of 2005 ACM Workshop on Wireless Security (WiSe 2005), pp. 97–106, September 2005Google Scholar
  8. 8.
    Hu, X., Feng, R.: Message broadcast authentication in \(\mu \)TESLA based on double filtering mechanism. In: 2011 International Conference on Internet Technology and Applications (iTAP), pp. 1–4 (2011).
  9. 9.
    Lee, K., Eidson, J.: IEEE-1588 standard for a precision clock synchronization protocol for networked measurement and control systems. In: 34th Annual Precise Time and Time Interval (PTTI) Meeting, pp. 98–105 (2002)Google Scholar
  10. 10.
    Liu, D., Ning, P.: Multilevel \(\mu \)TESLA: broadcast authentication for distributed sensor networks. ACM Trans. Embed. Comput. Syst. 3(4), 800–836 (2004). MathSciNetCrossRefGoogle Scholar
  11. 11.
    Mills, D., Haberman, B.: Network time protocol version 4: autokey specification. RFC 5906, IETF Secretariat, June 2010.
  12. 12.
    Mills, D., Martin, J., Burbank, J., Kasch, W.: Network time protocol version 4: protocol and algorithms specification. RFC 5905, IETF Secretariat, June 2010.
  13. 13.
    Mills, D.L.: Network time protocol (version 3): specification, implementation and analysis. RFC 1305, IETF Secretariat, March 1992.
  14. 14.
    Mills, D.L.: Computer Network Time Synchronization: The Network Time Protocol. CRC Press, Boca Raton (2006). CrossRefzbMATHGoogle Scholar
  15. 15.
    Mills, D.L., Acm, M.: Adaptive hybrid clock discipline algorithm for the network time protocol. IEEE/ACM Trans. Networking 6, 505–514 (1998)CrossRefGoogle Scholar
  16. 16.
    Mizrahi, T.: Security Requirements of Time Protocols in Packet Switched Networks (2014).
  17. 17.
    Na, R., Hori, Y.: DoS attack-tolerant TESLA-based broadcast authentication protocol in Internet of Things. In: 2012 International Conference on Selected Topics in Mobile and Wireless Networking (iCOST), pp. 60–65, June 2012.
  18. 18.
    Perrig, A., Song, D., Canetti, R., Tygar, J.D., Briscoe, B.: Timed efficient stream loss-tolerant authentication (TESLA): multicast source authentication transform introduction. RFC 4082, IETF Secretariat, June 2005.
  19. 19.
    Perrig, A., Szewczyk, R., Wen, V., Culler, D., Tygar, J.D.: SPINS: security protocols for sensor networks. In: Wireless Networks, pp. 189–199 (2001)Google Scholar
  20. 20.
    Roettger, S.: Analysis of the NTP autokey procedures. Web Publication of Project Thesis, February 2012.
  21. 21.
    Shpiner, A., Revah, Y., Mizrahi, T.: Multi-path time protocols. In: 2013 International IEEE Symposium on Precision Clock Synchronization for Measurement Control and Communication (ISPCS), pp. 1–6, September 2013Google Scholar
  22. 22.
    Sibold, D., Teichel, K., Roettger, S.: Network time security, July 2013.
  23. 23.
    Sibold, D., Teichel, K., Roettger, S.: Using the network time security specification to secure the network time protocol, March 2015.
  24. 24.
    Sun, K., Ning, P., Wang, C.: TinySeRSync: secure and resilient time synchronization in wireless sensor networks. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, NY, USA, pp. 264–277 (2006).
  25. 25.
    Syverson, P., Meadows, C., Cervesato, I.: Dolev-Yao is no better than Machivelli. In: First Workshop on Issues in the Theory of Security - WITS 2000, pp. 87–92 (2000)Google Scholar
  26. 26.
    Weiss, M.A., Eidson, J., Barry, C., Broman, D., Iannucci, B., Lee, E.A., Stanton, S.K., Goldin, L.: Time-aware applications, computers, and communication systems (TAACCS). NIST Technical note 1867, February 2015Google Scholar
  27. 27.
    Xianglan, Y., Wangdong, Q., Fei, F.: ASTS: an agile secure time synchronization protocol for wireless sensor networks. In: International Conference on Wireless Communications, Networking and Mobile Computing, WiCom 2007, pp. 2808–2811, September 2007Google Scholar

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  1. 1.Physikalisch-Technische BundesanstaltBraunschweigGermany
  2. 2.Chair for Theoretical Computer ScienceFriedrich-Alexander Universität Erlangen-NürnbergErlangenGermany

Personalised recommendations