1/20/97
N
N
T
T
S
S
-
-
2
2
0
0
1
1
.
.
M
M
A
A
N
N
6
6
-
-
1
1
R
R
e
e
v
v
.
.
A
A
SECTION VI
6.
MD5 AUTHENTICATION PROTOCOL
6.1 MD5
INTRODUCTION
6.1.1
MD5 is a security protocol that can be used to authenticate NTP client - server
communications. TrueTime’s version of MD5 is completely compatible with current
versions of NTP client software xntpd 3.XX and ntpdate 3.XX furnished by Dr. David Mills
at the University of Delaware. MD5 was drafted into a standard by MIT Laboratory for
Computer Science and RSA Data Security, Inc. MD5 authentication means the
information within the NTP packet is guaranteed to be unaltered and from a user having
privileged access. Unlike other cryptographic ciphers, MD5 does not hide the data within
the packet. The MD5 authenticated NTP packet is still readable. This means MD5 is
faster to generate than other cryptographic protocols, and as Dr. Mills notes, there is no
reason to hide the actual time from anyone. Further, MD5 does not suffer from any
export restrictions. Think of MD5 as a very sophisticated NTP data checksum that is
extremely difficult to reverse generate.
6.1.2
The MD5 cryptographic key identifier and cryptographic message digest are tacked on to
the end of a normal NTP packet and the two pieces of information are referred together
as an MD5 signature. The key identifier is the first field in the signature and it is a 32 bit
integer in the range from 1 to 4294967295 (0xFFFFFFFF). Note: Zero is an illegal
value, and for TrueTime setup purposes, 0 internally means the key identification is
unused. This number specifies an index into a table of many possible MD5 keys. A key
is an ASCII alpha/numeric character string that is from 1 to 31 characters in length. The
key is most secure when all 31 characters are filled with numbers and letters chosen at
random. The ASCII key string is combined with the NTP packet data and results in a
secure message digest. The MD5 message digest is 16 bytes in length and it follows the
key identifier in the signature. A server authenticates the NTP packet from a client by
looking up the key by reference to the key identifier; generates the MD5 message digest
based on the key and the NTP data; and compares the resulting message digest to the
client packet’s MD5 message digest. If the two compare, a NTP reply packet is
generated with a new MD5 signature. If the MD5 message digests do not agree, then
the NTP client packet is ignored by the TrueTime server.
6.1.3
For more technical information on MD5 see the MD5 RFC 1321, NTP RFC 1305, and the
release notes for NTP client software furnished by Dr. David Mills’ web site located at the
University of Delaware at http://www.eecis.udel.edu/~ntp, or http://www
.eecis.udel.edu/~ntp/software.html.
6.2
TRUETIME NTP MD5 OPERATION
6.2.1
A TrueTime NTP time server can handle both unauthenticated and MD5 authenticated
packets at the same time. A packet is assumed to be MD5 authenticated if the total UDP
data size of the packet is equal to the size of a normal NTP packet plus the exact size of
an MD5 signature. A normal unauthenticated NTP packet is one that has no extra bytes
beyond the last NTP timestamp. The procedure used is functionally the one followed by
Dr. David Mills’ NTP software. Packets without authentication are returned without
signatures and packets with authentication are returned with authentication signature