[noise] Reliability of locally-derived timestamps
Nadim Kobeissi
nadim.kobeissi at outlook.com
Tue Aug 10 22:33:33 PDT 2021
Hi,
A separate thread discusses the problem with relying on timestamps as monotonic counters:
https://moderncrypto.org/mail-archive/noise/2021/002118.html
One of the discussed “angles” as to why timestamps are likely to be unreliable:
> Angle 2) Initiators that are using the old, crusty, and insecure NTP
> protocol can have their time hijacked.”
Karolin Varner supplements discussion on this angle with:
> In my view this presents a major problem. I don't have data on this, but I think this is a common setup.
There seems to be room for improvement here in terms of empirical data. Is there interest and/or value in obtaining serious data on how big of a problem insecure NTP is, and furthermore to classify the prevalence of insecure NTP (and its impact) in different categories (desktop, mobile, server, etc.) where Noise/WireGuard could be useful?
I’d like to understand if such a study could be useful to Noise/WireGuard.
Thanks,
Nadim
Sent from my computer
More information about the Noise
mailing list