The Network Time Protocol (NTP) is a
networking protocol
A communication protocol is a system of rules that allows two or more entities of a communications system to transmit information via any kind of variation of a physical quantity. The protocol defines the rules, syntax, semantics and synchroniza ...
for
clock synchronization
Clock synchronization is a topic in computer science and engineering that aims to coordinate otherwise independent clocks. Even when initially set accurately, real clocks will differ after some amount of time due to clock drift, caused by clocks ...
between computer systems over
packet-switched
In telecommunications, packet switching is a method of grouping data into '' packets'' that are transmitted over a digital network. Packets are made of a header and a payload. Data in the header is used by networking hardware to direct the pac ...
, variable-
latency data networks. In operation since before 1985, NTP is one of the oldest Internet protocols in current use. NTP was designed by
David L. Mills
David L. Mills (born June 3, 1938) is an American computer engineer and Internet pioneer.
Education
Mills earned his PhD in Computer and Communication Sciences from the University of Michigan in 1971. While at Michigan he worked on the ARPA ...
of the
University of Delaware
The University of Delaware (colloquially UD or Delaware) is a public land-grant research university located in Newark, Delaware. UD is the largest university in Delaware. It offers three associate's programs, 148 bachelor's programs, 121 mas ...
.
NTP is intended to
synchronize
Synchronization is the coordination of events to operate a system in unison. For example, the conductor of an orchestra keeps the orchestra synchronized or ''in time''. Systems that operate with all parts in synchrony are said to be synchronou ...
all participating computers to within a few
millisecond
A millisecond (from '' milli-'' and second; symbol: ms) is a unit of time in the International System of Units (SI) equal to one thousandth (0.001 or 10−3 or 1/1000) of a second and to 1000 microseconds.
A unit of 10 milliseconds may be called ...
s of
Coordinated Universal Time
Coordinated Universal Time or UTC is the primary time standard by which the world regulates clocks and time. It is within about one second of mean solar time (such as UT1) at 0° longitude (at the IERS Reference Meridian as the currently used ...
(UTC).
It uses the
intersection algorithm
The intersection algorithm is an agreement algorithm used to select sources for estimating accurate time from a number of noisy time sources. It forms part of the modern Network Time Protocol. It is a modified form of Marzullo's algorithm.Digital ...
, a modified version of
Marzullo's algorithm Marzullo's algorithm, invented by Keith Marzullo for his Ph.D. dissertation in 1984, is an agreement algorithm used to select sources for estimating accurate time from a number of noisy time sources. A refined version of it, renamed the "intersect ...
, to select accurate
time server
Time is the continued sequence of existence and events that occurs in an apparently irreversible succession from the past, through the present, into the future. It is a component quantity of various measurements used to sequence events, to co ...
s and is designed to mitigate the effects of variable
network latency
Network delay is a design and performance characteristic of a telecommunications network. It specifies the latency for a bit of data to travel across the network from one communication endpoint to another. It is typically measured in multiples ...
. NTP can usually maintain time to within tens of milliseconds over the public
Internet
The Internet (or internet) is the global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a '' network of networks'' that consists of private, pub ...
, and can achieve better than one millisecond accuracy in
local area network
A local area network (LAN) is a computer network that interconnects computers within a limited area such as a residence, school, laboratory, university campus or office building. By contrast, a wide area network (WAN) not only covers a larger ...
s under ideal conditions. Asymmetric
routes
Route or routes may refer to:
* Route (gridiron football), a path run by a wide receiver
* route (command), a program used to configure the routing table
* Route, County Antrim, an area in Northern Ireland
* ''The Route'', a 2013 Ugandan film
* Ro ...
and
network congestion
Network congestion in data networking and queueing theory is the reduced quality of service that occurs when a network node or link is carrying more data than it can handle. Typical effects include queueing delay, packet loss or the blocking of ...
can cause errors of 100 ms or more.
The protocol is usually described in terms of a
client–server model
The client–server model is a distributed application structure that partitions tasks or workloads between the providers of a resource or service, called servers, and service requesters, called clients. Often clients and servers communicate over ...
, but can as easily be used in
peer-to-peer
Peer-to-peer (P2P) computing or networking is a distributed application architecture that partitions tasks or workloads between peers. Peers are equally privileged, equipotent participants in the network. They are said to form a peer-to-peer n ...
relationships where both peers consider the other to be a potential time source.
Implementations send and receive
timestamp
A timestamp is a sequence of characters or encoded information identifying when a certain event occurred, usually giving date and time of day, sometimes accurate to a small fraction of a second. Timestamps do not have to be based on some absolut ...
s using the
User Datagram Protocol
In computer networking, the User Datagram Protocol (UDP) is one of the core communication protocols of the Internet protocol suite used to send messages (transported as datagrams in packets) to other hosts on an Internet Protocol (IP) network. ...
(UDP) on
port number
In computer networking, a port is a number assigned to uniquely identify a connection endpoint and to direct data to a specific service. At the software level, within an operating system, a port is a logical construct that identifies a specific ...
123.
They can also use
broadcasting
Broadcasting is the distribution (business), distribution of sound, audio or video content to a dispersed audience via any electronic medium (communication), mass communications medium, but typically one using the electromagnetic spectrum (radio ...
or
multicasting
In computer networking, multicast is group communication where data transmission is addressed to a group of destination computers simultaneously. Multicast can be one-to-many or many-to-many distribution. Multicast should not be confused with ...
, where clients passively listen to time updates after an initial round-trip calibrating exchange.
NTP supplies a warning of any impending
leap second
A leap second is a one-second adjustment that is occasionally applied to Coordinated Universal Time (UTC), to accommodate the difference between precise time (International Atomic Time (TAI), as measured by atomic clocks) and imprecise observe ...
adjustment, but no information about local
time zone
A time zone is an area which observes a uniform standard time for legal, Commerce, commercial and social purposes. Time zones tend to follow the boundaries between Country, countries and their Administrative division, subdivisions instead of ...
s or
daylight saving time
Daylight saving time (DST), also referred to as daylight savings time or simply daylight time (United States, Canada, and Australia), and summer time (United Kingdom, European Union, and others), is the practice of advancing clocks (typicall ...
is transmitted.
The current protocol is version 4 (NTPv4), which is
backward compatible
Backward compatibility (sometimes known as backwards compatibility) is a property of an operating system, product, or technology that allows for interoperability with an older legacy system, or with input designed for such a system, especially i ...
with version 3.
Network Time Security (NTS) is a secure version of NTP with
TLS
TLS may refer to:
Computing
* Transport Layer Security, a cryptographic protocol for secure computer network communication
* Thread level speculation, an optimisation on multiprocessor CPUs
* Thread-local storage, a mechanism for allocating vari ...
and
AEAD
Authenticated Encryption (AE) and Authenticated Encryption with Associated Data (AEAD) are forms of encryption which simultaneously assure the confidentiality and authenticity of data.
Programming interface
A typical programming interface for ...
.
History
In 1979, network
time synchronization technology was used in what was possibly the first public demonstration of
Internet
The Internet (or internet) is the global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a '' network of networks'' that consists of private, pub ...
services running over a trans-Atlantic satellite network, at the
National Computer Conference The Joint Computer Conferences were a series of computer conferences in the United States held under various names between 1951 and 1987. The conferences were the venue for presentations and papers representing "cumulative work in the omputerfield ...
in New York. The technology was later described in the 1981 Internet Engineering Note (IEN) 173
and a public protocol was developed from it that was documented in . The technology was first deployed in a local area network as part of the Hello routing protocol and implemented in the
Fuzzball router Fuzzball routers were the first modern routers on the Internet. They were DEC PDP-11 computers (usually LSI-11 personal workstations) loaded with the Fuzzball software written by David L. Mills (of the University of Delaware). The name "Fuzzball ...
, an experimental operating system used in network prototyping, where it ran for many years.
Other related network tools were available both then and now. They include the
Daytime
Daytime as observed on Earth is the period of the day during which a given location experiences natural illumination from direct sunlight. Daytime occurs when the Sun appears above the local horizon, that is, anywhere on the globe's hemis ...
and
Time
Time is the continued sequence of existence and events that occurs in an apparently irreversible succession from the past, through the present, into the future. It is a component quantity of various measurements used to sequence events, to ...
protocols for recording the time of events, as well as the
ICMP Timestamp
The Internet Control Message Protocol (ICMP) is a supporting Communications protocol, protocol in the Internet protocol suite. It is used by network devices, including Router (computing), routers, to send error messages and operational informatio ...
messages and IP Timestamp option (). More complete synchronization systems, although lacking NTP's data analysis and clock disciplining algorithms, include the
Unix
Unix (; trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, and ot ...
daemon ''
timed
timed (time daemon) is an operating system program that maintains the system time in synchronization with time servers using the Time Synchronization Protocol (TSP) developed by Riccardo Gusella and Stefano Zatti. Gusella and Zatti had done ea ...
'', which uses an election algorithm to appoint a server for all the clients;
and the Digital Time Synchronization Service (DTSS), which uses a hierarchy of servers similar to the NTP stratum model.
In 1985, NTP version 0 (NTPv0) was implemented in both Fuzzball and Unix, and the NTP packet header and
round-trip delay
In telecommunications, round-trip delay (RTD) or round-trip time (RTT) is the amount of time it takes for a signal to be sent ''plus'' the amount of time it takes for acknowledgement of that signal having been received. This time delay includes p ...
and offset calculations, which have persisted into NTPv4, were documented in . Despite the relatively slow computers and networks available at the time, accuracy of better than 100
millisecond
A millisecond (from '' milli-'' and second; symbol: ms) is a unit of time in the International System of Units (SI) equal to one thousandth (0.001 or 10−3 or 1/1000) of a second and to 1000 microseconds.
A unit of 10 milliseconds may be called ...
s was usually obtained on Atlantic spanning links, with accuracy of tens of milliseconds on
Ethernet
Ethernet () is a family of wired computer networking technologies commonly used in local area networks (LAN), metropolitan area networks (MAN) and wide area networks (WAN). It was commercially introduced in 1980 and first standardized in 198 ...
networks.
In 1988, a much more complete specification of the NTPv1 protocol, with associated algorithms, was published in . It drew on the experimental results and clock filter algorithm documented in and was the first version to describe the
client–server and
peer-to-peer
Peer-to-peer (P2P) computing or networking is a distributed application architecture that partitions tasks or workloads between peers. Peers are equally privileged, equipotent participants in the network. They are said to form a peer-to-peer n ...
modes. In 1991, the NTPv1 architecture, protocol and algorithms were brought to the attention of a wider engineering community with the publication of an article by
David L. Mills
David L. Mills (born June 3, 1938) is an American computer engineer and Internet pioneer.
Education
Mills earned his PhD in Computer and Communication Sciences from the University of Michigan in 1971. While at Michigan he worked on the ARPA ...
in the
IEEE Transactions on Communications
''IEEE Transactions on Communications'' is a monthly peer-reviewed scientific journal published by the IEEE Communications Society that focuses on all aspects of telecommunication technology, including telephone, telegraphy, facsimile, and point-to ...
.
In 1989, was published defining NTPv2 by means of a
state machine
A finite-state machine (FSM) or finite-state automaton (FSA, plural: ''automata''), finite automaton, or simply a state machine, is a mathematical model of computation. It is an abstract machine that can be in exactly one of a finite number o ...
, with
pseudocode
In computer science, pseudocode is a plain language description of the steps in an algorithm or another system. Pseudocode often uses structural conventions of a normal programming language, but is intended for human reading rather than machine re ...
to describe its operation. It introduced a management protocol and
cryptographic authentication scheme which have both survived into NTPv4, along with the bulk of the algorithm. However the design of NTPv2 was criticized for lacking
formal correctness by the DTSS community, and the clock selection procedure was modified to incorporate
Marzullo's algorithm Marzullo's algorithm, invented by Keith Marzullo for his Ph.D. dissertation in 1984, is an agreement algorithm used to select sources for estimating accurate time from a number of noisy time sources. A refined version of it, renamed the "intersect ...
for NTPv3 onwards.
In 1992, defined NTPv3. The RFC included an analysis of all sources of error, from the
reference clock down to the final client, which enabled the calculation of a
metric
Metric or metrical may refer to:
* Metric system, an internationally adopted decimal system of measurement
* An adjective indicating relation to measurement in general, or a noun describing a specific type of measurement
Mathematics
In mathema ...
that helps choose the best server where several candidates appear to disagree. Broadcast mode was introduced.
In subsequent years, as new features were added and algorithm improvements were made, it became apparent that a new protocol version was required.
In 2010, was published containing a proposed specification for NTPv4. The protocol has significantly progressed since then, and , an updated RFC has yet to be published.
Following the retirement of Mills from the
University of Delaware
The University of Delaware (colloquially UD or Delaware) is a public land-grant research university located in Newark, Delaware. UD is the largest university in Delaware. It offers three associate's programs, 148 bachelor's programs, 121 mas ...
, the reference implementation is currently maintained as an
open source
Open source is source code that is made freely available for possible modification and redistribution. Products include permission to use the source code, design documents, or content of the product. The open-source model is a decentralized sof ...
project led by Harlan Stenn.
Clock strata
NTP uses a hierarchical, semi-layered system of time sources. Each level of this hierarchy is termed a ''stratum'' and is assigned a number starting with zero for the reference clock at the top. A server synchronized to a stratum ''n'' server runs at stratum ''n'' + 1. The number represents the distance from the reference clock and is used to prevent cyclical dependencies in the hierarchy. Stratum is not always an indication of quality or reliability; it is common to find stratum 3 time sources that are higher quality than other stratum 2 time sources. A brief description of strata 0, 1, 2 and 3 is provided below.
; Stratum 0
: These are high-precision timekeeping devices such as
atomic clock
An atomic clock is a clock that measures time by monitoring the resonant frequency of atoms. It is based on atoms having different energy levels. Electron states in an atom are associated with different energy levels, and in transitions betwee ...
s,
GNSS
A satellite navigation or satnav system is a system that uses satellites to provide autonomous geo-spatial positioning. It allows satellite navigation devices to determine their location (longitude, latitude, and altitude/elevation) to high pre ...
(including
GPS
The Global Positioning System (GPS), originally Navstar GPS, is a Radionavigation-satellite service, satellite-based radionavigation system owned by the United States government and operated by the United States Space Force. It is one of t ...
) or other
radio clock
A radio clock or radio-controlled clock (RCC), and often (incorrectly) referred to as an atomic clock is a type of quartz clock or watch that is automatically synchronized to a time code transmitted by a radio transmitter connected to a time st ...
s. They generate a very accurate
pulse per second
A pulse per second (PPS or 1PPS) is an electrical signal that has a width of less than one second and a sharply rising or abruptly falling edge that accurately repeats once per second. PPS signals are output by radio beacons, frequency standards ...
signal that triggers an
interrupt
In digital computers, an interrupt (sometimes referred to as a trap) is a request for the processor to ''interrupt'' currently executing code (when permitted), so that the event can be processed in a timely manner. If the request is accepted, ...
and timestamp on a connected computer. Stratum 0 devices are also known as reference clocks. NTP servers cannot advertise themselves as stratum 0. A stratum field set to 0 in NTP packet indicates an unspecified stratum.
[RFC 5905, p. 21]
; Stratum 1
: These are computers whose
system time
In computer science and computer programming, system time represents a computer system's notion of the passage of time. In this sense, ''time'' also includes the passing of days on the calendar.
System time is measured by a ''system clock'', w ...
is synchronized to within a few microseconds of their attached stratum 0 devices. Stratum 1 servers may peer with other stratum 1 servers for
sanity check
A sanity check or sanity test is a basic test to quickly evaluate whether a claim or the result of a calculation can possibly be true. It is a simple check to see if the produced material is rational (that the material's creator was thinking ration ...
and backup.
They are also referred to as primary time servers.
; Stratum 2
: These are computers that are synchronized over a network to stratum 1 servers. Often a stratum 2 computer queries several stratum 1 servers. Stratum 2 computers may also peer with other stratum 2 computers to provide more stable and robust time for all devices in the peer group.
; Stratum 3
: These are computers that are synchronized to stratum 2 servers. They employ the same algorithms for peering and data sampling as stratum 2, and can themselves act as servers for stratum 4 computers, and so on.
The upper limit for stratum is 15; stratum 16 is used to indicate that a device is unsynchronized. The NTP algorithms on each computer interact to construct a
Bellman-Ford shortest-path
spanning tree
In the mathematical field of graph theory, a spanning tree ''T'' of an undirected graph ''G'' is a subgraph that is a tree which includes all of the vertices of ''G''. In general, a graph may have several spanning trees, but a graph that is not ...
, to minimize the accumulated round-trip delay to the stratum 1 servers for all the clients.
In addition to stratum, the protocol is able to identify the synchronization source for each server in terms of a reference identifier (refid).
Timestamps
The 64-bit
binary fixed-point timestamps used by NTP consist of a 32-bit part for seconds and a 32-bit part for fractional second, giving a time scale that
rolls over every 2
32 seconds (136 years) and a theoretical resolution of 2
−32 seconds (233 picoseconds). NTP uses an
epoch
In chronology and periodization, an epoch or reference epoch is an instant in time chosen as the origin of a particular calendar era. The "epoch" serves as a reference point from which time is measured.
The moment of epoch is usually decided by ...
of January 1, 1900. Therefore, the first rollover occurs on February 7, 2036.
NTPv4 introduces a 128-bit date format: 64 bits for the second and 64 bits for the fractional-second. The most-significant 32-bits of this format is the ''Era Number'' which resolves rollover ambiguity in most cases.
According to Mills, "The 64-bit value for the fraction is enough to resolve the amount of time it takes a photon to pass an electron at the speed of light. The 64-bit second value is enough to provide unambiguous time representation until the universe goes dim."
University of Delaware
The University of Delaware (colloquially UD or Delaware) is a public land-grant research university located in Newark, Delaware. UD is the largest university in Delaware. It offers three associate's programs, 148 bachelor's programs, 121 mas ...
Digital Systems Seminar presentation by David Mills, 2006-04-26
Clock synchronization algorithm
A typical NTP client regularly
polls one or more NTP servers. The client must compute its time offset and
round-trip delay
In telecommunications, round-trip delay (RTD) or round-trip time (RTT) is the amount of time it takes for a signal to be sent ''plus'' the amount of time it takes for acknowledgement of that signal having been received. This time delay includes p ...
. Time offset ''θ'' is positive or negative (client time > server time) difference in absolute time between the two clocks. It is defined by
and the round-trip delay ''δ'' by
where
*''t''
0 is the client's timestamp of the request packet transmission,
*''t''
1 is the server's timestamp of the request packet reception,
*''t''
2 is the server's timestamp of the response packet transmission and
*''t''
3 is the client's timestamp of the response packet reception.
To derive the expression for the offset, note that for the request packet,
and for the response packet,
Solving for ''θ'' yields the definition of the time offset.
The values for ''θ'' and ''δ'' are passed through filters and subjected to statistical analysis.
Outliers
In statistics, an outlier is a data point that differs significantly from other observations. An outlier may be due to a variability in the measurement, an indication of novel data, or it may be the result of experimental error; the latter are ...
are discarded and an estimate of time offset is derived from the best three remaining candidates. The clock frequency is then adjusted to reduce the offset gradually, creating a
feedback loop
Feedback occurs when outputs of a system are routed back as inputs as part of a chain of cause-and-effect that forms a circuit or loop. The system can then be said to ''feed back'' into itself. The notion of cause-and-effect has to be handled c ...
.
Accurate synchronization is achieved when both the incoming and outgoing routes between the client and the server have symmetrical nominal delay. If the routes do not have a common nominal delay, a
systematic bias
Systematic may refer to:
Science
* Short for systematic error
* Systematic fault
* Systematic bias, errors that are not determined by chance but are introduced by an inaccuracy (involving either the observation or measurement process) inherent ...
exists of half the difference between the forward and backward travel times.
Software implementations
Reference implementation
The NTP
reference implementation
In the software development process, a reference implementation (or, less frequently, sample implementation or model implementation) is a program that implements all requirements from a corresponding specification. The reference implementation o ...
, along with the protocol, has been continuously developed for over 20 years. Backwards compatibility has been maintained as new features have been added. It contains several sensitive algorithms, especially to discipline the clock, that can misbehave when synchronized to servers that use different algorithms. The software has been
ported
In software engineering, porting is the process of adapting software for the purpose of achieving some form of execution in a computing environment that is different from the one that a given program (meant for such execution) was originally desi ...
to almost every computing platform, including personal computers. It runs as a
daemon
Daimon or Daemon (Ancient Greek: , "god", "godlike", "power", "fate") originally referred to a lesser deity or guiding spirit such as the daimons of ancient Greek religion and mythology and of later Hellenistic religion and philosophy.
The word ...
called
ntpd
The Network Time Protocol daemon (ntpd) is an operating system program that maintains the system time in synchronization with time servers using the Network Time Protocol (NTP).
Description
The ntpd program is an operating-system daemon that se ...
under Unix or as a
service
Service may refer to:
Activities
* Administrative service, a required part of the workload of university faculty
* Civil service, the body of employees of a government
* Community service, volunteer service for the benefit of a community or a pu ...
under Windows. Reference clocks are supported and their offsets are filtered and analysed in the same way as remote servers, although they are usually polled more frequently.
This implementation was audited in 2017, finding numerous potential security issues.
SNTP
Simple Network Time Protocol (SNTP) is a less complex implementation of NTP, using the same protocol but without requiring the storage of
state
State may refer to:
Arts, entertainment, and media Literature
* ''State Magazine'', a monthly magazine published by the U.S. Department of State
* ''The State'' (newspaper), a daily newspaper in Columbia, South Carolina, United States
* ''Our S ...
over extended periods of time.
It is used in some
embedded system
An embedded system is a computer system—a combination of a computer processor, computer memory, and input/output peripheral devices—that has a dedicated function within a larger mechanical or electronic system. It is ''embedded'' as ...
s and in applications where full NTP capability is not required.
Windows Time
All
Microsoft Windows
Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for serv ...
versions since
Windows 2000
Windows 2000 is a major release of the Windows NT operating system developed by Microsoft and oriented towards businesses. It was the direct successor to Windows NT 4.0, and was Software release life cycle#Release to manufacturing (RTM), releas ...
include the Windows Time service (W32Time),
which has the ability to synchronize the computer clock to an NTP server.
W32Time was originally implemented for the purpose of the
Kerberos version 5 authentication protocol, which required time to be within 5 minutes of the correct value to prevent
replay attack
A replay attack (also known as a repeat attack or playback attack) is a form of network attack in which valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary wh ...
s. The version in Windows 2000 and Windows XP only implements SNTP, and violates several aspects of the NTP version 3 standard.
Beginning with
Windows Server 2003
Windows Server 2003 is the sixth version of Windows Server operating system produced by Microsoft. It is part of the Windows NT family of operating systems and was released to manufacturing on March 28, 2003 and generally available on April 24, 2 ...
and
Windows Vista
Windows Vista is a major release of the Windows NT operating system developed by Microsoft. It was the direct successor to Windows XP, which was released five years before, at the time being the longest time span between successive releases of ...
, W32Time became compatible with a significant subset of NTPv3.
Microsoft states that W32Time cannot reliably maintain time synchronization with one second accuracy.
If higher accuracy is desired, Microsoft recommends using a newer version of Windows or different NTP implementation.
Beginning with
Windows 10
Windows 10 is a major release of Microsoft's Windows NT operating system. It is the direct successor to Windows 8.1, which was released nearly two years earlier. It was released to manufacturing on July 15, 2015, and later to retail on J ...
version 1607 and
Windows Server 2016
Windows Server 2016 is the eighth release of the Windows Server server operating system developed by Microsoft as part of the Windows NT family of operating systems. It was developed concurrently with Windows 10 and is the successor to the Wind ...
, W32Time can be configured to reach time accuracy of 1 s, 50 ms or 1 ms under certain specified operating conditions.
OpenNTPD
In 2004, Henning Brauer presented
OpenNTPD
OpenNTPD (also known as OpenBSD NTP Daemon) is a Unix daemon implementing the Network Time Protocol to synchronize the local clock of a computer system with remote NTP servers. It is also able to act as an NTP server to NTP-compatible clients.
...
, an NTP implementation with a focus on security and encompassing a privilege separated design. Whilst it is aimed more closely at the simpler generic needs of
OpenBSD
OpenBSD is a security-focused, free and open-source, Unix-like operating system based on the Berkeley Software Distribution (BSD). Theo de Raadt created OpenBSD in 1995 by forking NetBSD 1.0. According to the website, the OpenBSD project em ...
users, it also includes some protocol security improvements while still being compatible with existing NTP servers. A portable version is available in Linux package repositories.
Ntimed
Ntimed was started by
Poul-Henning Kamp
Poul-Henning Kamp (; born 1966) is a Danish computer software developer known for work on various projects including FreeBSD and Varnish. He currently resides in Slagelse, Denmark.
Involvement in the FreeBSD project
Poul-Henning Kamp has been c ...
in 2014 and abandoned in 2015.
The implementation was sponsored by the
Linux Foundation
The Linux Foundation (LF) is a non-profit technology consortium founded in 2000 as a merger between Open Source Development Labs and the Free Standards Group to standardize Linux, support its growth, and promote its commercial adoption. Additi ...
.
NTPsec
NTPsec is a
fork
In cutlery or kitchenware, a fork (from la, furca 'pitchfork') is a utensil, now usually made of metal, whose long handle terminates in a head that branches into several narrow and often slightly curved tines with which one can spear foods ei ...
of the reference implementation that has been systematically
security-hardened. The fork point was in June 2015 and was in response to a series of compromises in 2014. The first production release shipped in October 2017.
Between removal of unsafe features, removal of support for obsolete hardware, and removal of support for obsolete Unix variants, NTPsec has been able to pare away 75% of the original codebase, making the remainder easier to
audit
An audit is an "independent examination of financial information of any entity, whether profit oriented or not, irrespective of its size or legal form when such an examination is conducted with a view to express an opinion thereon.” Auditing ...
.
A 2017 audit of the code showed eight security issues, including two that were not present in the original reference implementation, but NTPsec did not suffer from eight other issues that remained in the reference implementation.
chrony
chrony
chrony is an implementation of the Network Time Protocol (NTP). It's an alternative to ntpd, which is a reference implementation of NTP. It runs on Unix-like operating systems (including Linux and macOS) and is released under the GNU GPL v2. It' ...
comes by default in
Red Hat
Red Hat, Inc. is an American software company that provides open source software products to enterprises. Founded in 1993, Red Hat has its corporate headquarters in Raleigh, North Carolina, with other offices worldwide.
Red Hat has become ass ...
distributions
and is available in the
Ubuntu
Ubuntu ( ) is a Linux distribution based on Debian and composed mostly of free and open-source software. Ubuntu is officially released in three editions: ''Desktop'', ''Server'', and ''Core'' for Internet of things devices and robots. All the ...
repositories.
is aimed at ordinary computers, which are unstable, go into sleep mode or have intermittent connection to the Internet.
is also designed for virtual machines, a much more unstable environment. It is characterized by low resource consumption (cost) and supports
Precision Time Protocol
The Precision Time Protocol (PTP) is a protocol used to synchronize clocks throughout a computer network. On a local area network, it achieves clock accuracy in the sub-microsecond range, making it suitable for measurement and control systems. ...
hardware for greater timestamp precision.
It has two main components: , a daemon that is executed when the computer starts, and , a command line interface to the user for its configuration. It has been evaluated as very safe and with just a few incidents,
its advantage is the versatility of its code, written from scratch to avoid unnecessary complexity.
Support for Network Time Security (NTS) was added on version 4.0. is available under
GNU General Public License version 2
The GNU General Public License (GNU GPL or simply GPL) is a series of widely used free software licenses that guarantee end users the four freedoms to run, study, share, and modify the software. The license was the first copyleft for general us ...
, was created by
Richard Curnow
Richard is a male given name. It originates, via Old French, from Old Frankish and is a compound of the words descending from Proto-Germanic ''*rīk-'' 'ruler, leader, king' and ''*hardu-'' 'strong, brave, hardy', and it therefore means 'stron ...
in 1997 and is currently maintained by
Miroslav Lichvar Miroslav may refer to:
* Miroslav (given name), a Slavic masculine given name
* ''Young America'' (clipper) or ''Miroslav'', an Austrian clipper ship in the Transatlantic case oil trade
* Miroslav (Znojmo District), a town in the Czech Republic
S ...
.
Leap seconds
On the day of a
leap second
A leap second is a one-second adjustment that is occasionally applied to Coordinated Universal Time (UTC), to accommodate the difference between precise time (International Atomic Time (TAI), as measured by atomic clocks) and imprecise observe ...
event, ntpd receives notification from either a
configuration file
In computing, configuration files (commonly known simply as config files) are computer file, files used to configure the Parameter (computer programming), parameters and Initialization (programming), initial settings for some computer programs. T ...
, an attached reference clock, or a remote server. Although the NTP clock is actually halted during the event, because of the requirement that time must appear to be
strictly increasing
In mathematics, a monotonic function (or monotone function) is a function between ordered sets that preserves or reverses the given order. This concept first arose in calculus, and was later generalized to the more abstract setting of order ...
, any
processes that query the system time cause it to increase by a tiny amount, preserving the order of events. If a negative leap second should ever become necessary, it would be deleted with the sequence 23:59:58, 00:00:00, skipping 23:59:59.
An alternative implementation, called leap smearing, consists in introducing the leap second incrementally during a period of 24 hours, from noon to noon in UTC time. This implementation is used by Google (both internally and on their public NTP servers) and by Amazon AWS.
Security concerns
Only a few other security problems have been identified in the reference implementation of the NTP codebase, but those that appeared in 2009 were cause for significant concern.
The protocol has been undergoing revision and review throughout its history. The codebase for the reference implementation has undergone security audits from several sources for several years.
A
stack buffer overflow
In software, a stack buffer overflow or stack buffer overrun occurs when a program writes to a memory address on the program's call stack outside of the intended data structure, which is usually a fixed-length buffer.
Stack buffer overflow bugs a ...
exploit was discovered and patched in 2014.
Apple
An apple is an edible fruit produced by an apple tree (''Malus domestica''). Apple fruit tree, trees are agriculture, cultivated worldwide and are the most widely grown species in the genus ''Malus''. The tree originated in Central Asia, wh ...
was concerned enough about this vulnerability that it used its auto-update capability for the first time.
Some implementation errors are basic, such as a missing return statement in a routine, that can lead to unlimited access to systems that are running some versions of NTP in the root daemon. Systems that do not use the root daemon, such as those derived from
Berkeley Software Distribution
The Berkeley Software Distribution or Berkeley Standard Distribution (BSD) is a discontinued operating system based on Research Unix, developed and distributed by the Computer Systems Research Group (CSRG) at the University of California, Berk ...
(BSD), are not subject to this flaw.
A 2017 security audit of three NTP implementations, conducted on behalf of the Linux Foundation's Core Infrastructure Initiative, suggested that both NTP
NTP SecurityNotice Page
''
NVD NIST Product Search NTP
' and NTPsec
NVD NIST Product Search NTPsec
'' were more problematic than Chrony
NVD NIST Product Search Chrony
'' from a security standpoint.
NTP servers can be susceptible to
man-in-the-middle attack
In cryptography and computer security, a man-in-the-middle, monster-in-the-middle, machine-in-the-middle, monkey-in-the-middle, meddler-in-the-middle, manipulator-in-the-middle (MITM), person-in-the-middle (PITM) or adversary-in-the-middle (AiTM) ...
s unless packets are cryptographically signed for authentication.
The computational overhead involved can make this impractical on busy servers, particularly during
denial of service
In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connect ...
attacks.
NTP message
spoofing from a man-in-the-middle attack can be used to alter clocks on client computers and allow a number of attacks based on bypassing of cryptographic key expiration.
Some of the services affected by fake NTP messages identified are
TLS
TLS may refer to:
Computing
* Transport Layer Security, a cryptographic protocol for secure computer network communication
* Thread level speculation, an optimisation on multiprocessor CPUs
* Thread-local storage, a mechanism for allocating vari ...
,
DNSSEC
The Domain Name System Security Extensions (DNSSEC) are a suite of extension specifications by the Internet Engineering Task Force (IETF) for securing data exchanged in the Domain Name System (DNS) in Internet Protocol (IP) networks. The protocol ...
, various caching schemes (such as DNS cache),
Border Gateway Protocol
Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems (AS) on the Internet. BGP is classified as a path-vector routing protocol, and it makes ...
(BGP), Bitcoin and a number of persistent login schemes.
NTP has been used in
distributed denial of service attack
In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connect ...
s.
A small query is sent to an NTP server with the return
IP address spoofed to be the target address. Similar to the
DNS amplification attack
In computing, a denial-of-service attack (DoS attack) is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connect ...
, the server responds with a much larger reply that allows an attacker to substantially increase the amount of data being sent to the target. To avoid participating in an attack, NTP server software can be upgraded or servers can be configured to ignore external queries.
To improve NTP security, a secure version called Network Time Security (NTS) was developed and currently supported by several time servers.
See also
*
Allan variance
The Allan variance (AVAR), also known as two-sample variance, is a measure of frequency stability in clock
A clock or a timepiece is a device used to measure and indicate time. The clock is one of the oldest human inventions, meetin ...
*
Clock network
A clock network or clock system is a set of synchronized clocks designed to always show exactly the same time by communicating with each other. Clock networks usually consist of a central master clock kept in sync with an official time source, ...
*
International Atomic Time
International Atomic Time (abbreviated TAI, from its French name ) is a high-precision atomic coordinate time standard based on the notional passage of proper time on Earth's geoid. TAI is a weighted average of the time kept by over 450 atomic ...
*
IRIG timecode
Inter-range instrumentation group timecodes, commonly known as IRIG timecode, are standard formats for transferring timing information. Atomic frequency standards and GPS receivers designed for precision timing are often equipped with an IRIG outp ...
*
NITZ Network Identity and Time Zone (NITZ) is a mechanism for provisioning local Time of day, time and date, time zone and daylight saving time (DST) offset, as well as wireless service provider, network provider identity information, to mobile devices v ...
*
NTP pool
The NTP pool is a dynamic collection of networked computers that volunteer to provide highly accurate time via the Network Time Protocol to clients worldwide. The machines that are "in the pool" are part of the ''pool.ntp.org'' domain as well ...
*
Ntpdate
ntpdate is a computer program used to quickly synchronize and set computers' date and time by querying a Network Time Protocol (NTP) server. It is available for a wide variety of unix-like operating systems.
The accuracy and reliability of nt ...
Notes
References
Further reading
*
*
External links
*
Official Stratum One Time Servers listIETF NTP working groupMicrosft Windows accurate time guidean
moreTime and NTP paperNTP Survey 2005Current NIST leap seconds file compatible with ntpd* {{citation , author=David L. Mills , url=https://www.eecis.udel.edu/~mills/database/papers/history.pdf , title=A Brief History of NTP Time: Confessions of an Internet Timekeeper , access-date=2021-02-07
Application layer protocols
Internet Standards
Network time-related software