CDN (Content Delivery Network) provider Cloudflare have unveiled a network time protocol (NTP) solution called Roughtime to protect enterprises from DDoS attacks. With this launch, Cloudflare will be validating the expiry date of SSL/TLS certificates that are being targetted by hackers, abusing the insecurity of NTP.
According to Cloudflare, NTP is a dominant protocol tool that is used for time synchronisation while authenticating network security. They say that due the inherent insecurity of the protocol, it is often abused by hackers who resort to MITM (Man-In-The-Middle) and DDoS (Distributed Denial of Service) attacks.
By launching Roughtime, a UDP (User Datagram Protocol) solution, Cloudflare claim that they will help maintain the security and mitigate the risk of MITM attacks. They also say its cryptography-based protection will help eradicate DDoS attacks by validating the date of SSL/TLS certificates.
Nick Sullivan, Head of Cryptography at Cloudflare, commented:
Our Roughtime servers get their time from the system clock of Cloudflare’s servers, which are monitored for consistency and accuracy.
The Roughtime protocol does not take latency into account [like NTP does], so depending on how far the user is from the Roughtime server, they could differ by as much as a second.
The CDN provider says that Roughtime is not a replacement for the network time protocol but is a solution that will fortify its framework. They added that this solution is scalable since it not only accepts a large volume of requests but also compresses them if the transmission packet is not large enough.
Sullivan further added:
Each timestamp requires one elliptic curve signature, which can be computed efficiently even on older hardware. That said, the main benefit of Roughtime comes from using multiple servers run by independent organizations.
Industry analysts opine that this launch will further consolidate Cloudflare’s offerings to its CDN customers, especially after they partnered with Hoplite to boost their security platform.