It’s Surprisingly Easy to Hack the Precision Time Protocol

Posted on Jun 28, 2019

It’s Surprisingly Easy to Hack the Precision Time Protocol

When it comes to synchronizing large and important networks, for instance in the energy or financial sectors, every microsecond counts. Different protocols have been designed and implemented to achieve such precision. One of the most effective approaches is called IEEE 1588-2008 or the Precision Time Protocol (PTP).

But while PTP can in theory help networks synchronizetheir actions to within a microsecond, a team of computer scientists recently demonstrated that PTP also makes it possible—in multiple ways—to hack such a system. In a network using PTP, one central clock, referred to as a “master” clock, is responsible for coordinating and communicating time to “slave” clocks across the network (these controversial terms were recently removed fromthe popular programming language Python, but continue to be used in many fields). The master clock accomplishes this by sending time-stamped data packets to the slaves.

The protocol itself measures and compensates for time delays over the network. A team of researchers from IBM and Marist College recently sought to test PTP from a cybersecurity standpoint, probing for weaknesses. They identified a remarkably simple but effective way to hack a PTP network—throwing the timing of the slave clocks off by a whopping 2,149.5 minutes after just a 37-second attack.

They describe this approach, as well as several others, in a study published 23 Mayin IEEE Transactions on Instrumentation and Measurement.