]> Precision Time Protocol (PTP) Authentication Extension Samsung R&D Bangalore
sri.mohan@samsung.com
Spirent
rama.subbareddy@spirent.com
Precision Time Protocol (PTP), as defined in IEEE 1588-2019, lacks cryptographic security mechanisms, exposing deployments to message spoofing, delay attacks, and timestamp manipulation. This document defines an optional Authentication TLV (AUTH_TLV) using modern Authenticated Encryption with Associated Data (AEAD) algorithms to ensure message integrity,authenticity, and replay protection. It also provides example configurations, implementation approaches, and test strategies.
Introduction The PTP protocol is widely used for time synchronization in telecom, industrial automation, and financial systems. However, the protocol lacks built-in security. This draft proposes a lightweight extension for cryptographic message authentication and integrity without impacting compatibility.
Problem Statement PTP messages are susceptible to:
  • Spoofing of SYNC or ANNOUNCE messages
  • Timestamp alteration during transit
  • Replay or delay injection attacks
These vulnerabilities can compromise distributed systems relying on synchronized time for control, logs, or access control.
AUTH TLV Format A new TLV is introduced as follows: The nonce is derived from the message sequence ID and clock ID. Supported AEAD algorithms:
  • AES-GCM-128/256 (ID 0x0001)
  • ChaCha20-Poly1305 (ID 0x0002)
AEAD Algorithm Support The AUTH TLV uses AEAD for combined encryption and authentication, though only authentication is used in this extension. The message body is used as AAD, and only the tag is appended in the TLV.
Key Management Keys may be provisioned using:
  • Manual configuration (secure local access)
  • Enrollment via PKI (e.g., EST, SCEP)
  • TPM-based secure provisioning (future work)
Backward Compatibility As per IEEE 1588 TLV rules, unknown TLVs are ignored by legacy systems. Authentication failures are not enforced unless explicitly configured.
Example Implementations
Modify ptp4l to:
  • Enable auth_tlv_enable = 1 in configuration
  • Parse and verify AUTH TLV using OpenSSL or libsodium
  • Generate tag for outgoing messages with unique nonce
Suggested flow for hardware timestamping with AUTH:
  • Timestamp before encryption
  • Use on-NIC AEAD (if supported) or offload via driver extensions
  • Expose configuration via ethtool or netlink extensions
Use the following filter: Custom dissector patches can be developed to interpret the AUTH_TLV fields.
Security Considerations - Nonce reuse must be avoided; use a deterministic counter with a unique base per node. - Replay attacks are mitigated by validating sequence IDs and time windows. - Integrity is ensured only for messages using AUTH TLV.
IANA Considerations Request registration of:
  • AUTH_TLV type code (tentatively 0xFE00 for testing)
  • AEAD Algorithm ID registry for PTP
Appendix A. Sample ptp4l.conf
Appendix B. Example AUTH TLV
Appendix C: Change Log draft-kumarvarigonda-ospf-precomputed-frr-00 - Initial version including use case, diagram, and examples.