Credit to Author: Lily Hay Newman| Date: Fri, 21 Sep 2018 12:00:00 +0000
Cryptography schemes are complicated to understand and implement. A lot of things can go wrong. But when it comes to web encryption, a surprising number errors actually stem from a straightforward and seemingly basic mechanism: timekeeping.
Synced clocks in operating systems may make digital timekeeping look easy, but it takes a lot of work behind the scenes, and doesn't always solve problems online. The internet's decentralized nature means that the clocks behind every web browser and web application can actually have major discrepancies, which in turn can undermine security protections. In a step toward addressing these inconsistencies, the internet infrastructure firm Cloudflare will now support a free timekeeping protocol known as Roughtime, which helps synchronize the internet's clocks and validate timestamps.
Web encryption—like the protocols that produce encrypted "https" connections—uses certificates to verify an identity, and give a timeframe for how long until that identity needs to be checked again and reverified. For example, WIRED.com has a valid web encryption certificate that you can check in your browser by clicking the little green padlock. It expires a few months from now, at which point WIRED will work with a certificate authority to renew it. But browsers and other web applications doing time checks with an inaccurate digital clock may accept expired certificates, or reject valid ones.
"A big reason encryption fails is because someone's clock is off—the skew is actually disturbing," says Cloudflare CEO Matthew Prince. "A clock might be off by a minute, an hour, a day, a month, a year, or more. So we want to be the clock tower in every town square that people can rely on."
And Cloudflare has the reach to actually make a large-scale impact. It provides content delivery, security, and other support services to more than 10 million domains, and operates 152 data centers worldwide.
A 2017 study from Google found that 6.7 percent of digital clocks in a user sample were more than 24-hours behind, and 0.05 percent were more than 24-hours ahead. The company also reported in 2016 that about 25 percent of Chrome certificate errors seemed to be the result of inaccurate digital clocks. So Google developed Roughtime as an open standard in 2016, and maintains a Roughtime server that web services can connect to and sync with. Adding Cloudflare's implementation will expand on what Google has started, making Roughtime easier to implement around the world.
The benefits extend beyond fixing current errors, as well. The more clocks sync up on the web, the shorter the lifespan encryption certificates need, creating more rigorous authentication checks and fewer errors for users to deal with.
"A lot of security mechanisms like HTTPS certificates rely on knowing what rough time it is," says Peter Todd, an applied cryptography researcher and Bitcoin Core developer. "HTTPS certificates expire and you really don't want to be accepting out of date ones, because expiration is the main mechanism that prevents the use of stolen certificates."
Web clients, sometimes called endpoints, can already sync their clocks using a standard called Network Time Protocol. But NTP is an ancient web protocol and doesn't include security protections. As a result, a hacker can manipulate NTP using man-in-the-middle or denial of service attacks and impact timekeeping online. Roughtime improves on this by syncing only with authenticated servers, and even has a feature to audit servers for accountability. This means that if a Roughtime server is compromised and its timekeeping becomes untrustworthy, browsers or other web clients using Roughtime can detect the problem and generate cryptographic proof of the correct time.
But this ecosystem design can only really work if numerous services across the web support Roughtime. The more ubiquitous it is, the more robust the protections become.
"It's good to see adoption of it and further testing," Todd says. "You don't want to have only a single source of trust. Roughtime is designed to allow multiple Roughtime signers to be cross-checked against each other in a way that is cryptographically provable."
Adam Langley, the Google software engineer who developed Roughtime, emphasizes that wide adoption will be crucial to the protocol's success. But two years after Langley first published the protocol, buy-in from Cloudflare is the first major sign of proliferation outside of Google. "We're happy to see Cloudflare adopting Roughtime," Langley says.
Cloudflare's Prince says that the company's goal isn't simply to bring Roughtime to its own customers, but to jumpstart Roughtime adoption around the world. He says that Cloudflare's bigger aim is to make it feasible to reduce certificate expiry windows without more errors. "The question is how do you get clocks accurate enough that you can make encryption certificates much shorter?" Prince says. "If you can solve time on the internet, that's really powerful."