Time Synchronization for the TESLA Protocol

1
Time Synchronization for the TESLA Protocol

• Erin Thead
• 3/22/2005
• Security Routing in Ad Hoc Networks

2
Presentation Overview

• Why time synchronization is needed
• Guaranteeing synchronization
• Direct time synchronization
• Indirect time synchronization
• Delayed time synchronization

3
Why TESLA Needs Time Synchronization

• Integrity of a packet cannot be guaranteed after
  its secret key is released
• TESLAs security protocol depends on timestamps
  for validation of packets
• Receiver must know
• Time between packet Tx and key Tx
• Greatest possible differential between its local
  time and the Senders

4
Guaranteeing Synchronization

• Denote actual local time difference between
  Sender and Receiver with Tdiff
• Receiver will discard good packets if it thinks
  the time difference is less than it actually is
• Receiver must know TD, where TDgtTdiff

5
Direct Time Synchronization

• Receiver performs explicit synchronization with
  Sender
• Receiver records its local sending time and sends
  a synchronization request containing a nonce
  value
• Sender records its local receiving time TS and
  sends signed packet with TS and the nonce value

6
Direct Time Synchronization

• Record TR

• Validate key
• Compute TD TS - TR

7
Direct Time Synchronization

• Proof that TDgtTdiff
• TD TS TR
• ? (TS T3) (T3 TR)
• TS T3 Tdiff
• T3 TR is network delay for request Tx, which is
  gt 0
• Therefore TD gt Tdiff

8
Indirect Time Synchronization

• Sender and Receivers synchronize time with a time
  reference

9
Indirect Time Synchronization

• DSC ESC is the maximum difference between
  Senders time and time references time, ESC is
  max. error
• DCR ECR is max. difference between time
  references time and Receivers time, ECR is
  max. error
• TD DSC DCR ESC ECR

10
Indirect Time Synchronization

• If Receiver is synchronized with time reference,
  it does not send anything to Sender
• Sender broadcasts signed packets containing
• Its synchronization
• Time interval and key chain information
• Maximum synchronization error ESC

11
Delayed Time Synchronization

• Receiver can Rx data before synchronizing and
  authenticate data after the synchronization
• Receiver stores packets arrival times
• Receiver synchronizes its time with Senders and
  checks arrival times to determine if the secret
  key for each was revealed before the packet was
  sent

12
Delayed Time Synchronization

• Applications of delayed synchronization
• Itrace message authentication
• Tracing network attackers
• Authenticate routers IP markings on malicious
  packets by synchronizing with the router

13
Summary

• Time synchronization needed to ensure that
  received packets were sent before the secret key
  was revealed
• Receiver must know greatest possible time
  difference between its time and Senders

14
Summary

• Direct synchronization involves Sender and
  Receiver synchronizing with each other
• Indirect synchronization involves Sender and
  Receivers synchronizing with time reference
• Delayed synchronization allows Receiver to
  synchronize after receiving data

15
References

• 1 A. Perrig et al. Efficient and Secure
  Source Authentication for Multicast,
  http//sparrow.ece.cmu.edu/7Eadrian/projects/tesl
  a-ndss/ndss.pdf, 2002 (current 20 Mar. 2005)