[noise] Reliability of locally-derived timestamps

Nadim Kobeissi nadim.kobeissi at outlook.com
Tue Aug 10 22:33:33 PDT 2021


Hi,

A separate thread discusses the problem with relying on timestamps as monotonic counters:
https://moderncrypto.org/mail-archive/noise/2021/002118.html

One of the discussed “angles” as to why timestamps are likely to be unreliable:
> Angle 2) Initiators that are using the old, crusty, and insecure NTP
> protocol can have their time hijacked.”

Karolin Varner supplements discussion on this angle with:
> In my view this presents a major problem. I don't have data on this, but I think this is a common setup.

There seems to be room for improvement here in terms of empirical data. Is there interest and/or value in obtaining serious data on how big of a problem insecure NTP is, and furthermore to classify the prevalence of insecure NTP (and its impact) in different categories (desktop, mobile, server, etc.) where Noise/WireGuard could be useful?

I’d like to understand if such a study could be useful to Noise/WireGuard.

Thanks,

Nadim
Sent from my computer



More information about the Noise mailing list