© MOBATIME 82 / 120 800652.11
8.7.2 NTP Autokey
The validity of the time received to the NTP clients is assured by symmetric keys. For a
higher degree of certainty, exchanging the keys used regularly is, however, necessary
to obtain protection, e.g. from replay attacks (i.e. attacks in which recorded network
traffic is simply played back).
The autokey procedure was introduced as the exchange is very involved in a large
network. A combination of group keys and public keys enables all NTP clients to check
the validity of the time information which they receive from servers in their own autokey
group.
NTP Autokey is relatively complex in its use and studying the functionality is definitely
necessary beforehand.
Autokey is descrbied at http://www.cis.udel.edu/~mills/proto.html or on the NTP
homepage http://www.ntp.org.
Autokey is currently defined in an IETF draft.
http://www.ietf.org/internet-drafts/draft-ietf-ntp-autokey-04.txt
The configuration of Autokey is explained in
http://support.ntp.org/bin/view/Support/ConfiguringAutokey or in
http://www.ntp.org/ntpfaq/NTP-s-config-adv.htm#S-CONFIG-ADV-AUTH.
To Next Page
Loading...
