Impact of Geo-distribution and Mining Pools on Blockchains: A Study of Ethereum

Given the large adoption and economical impact of permissionless blockchains, the complexity of the underlying systems and the adversarial environment in which they operate, it is fundamental to properly study and understand the emergent behavior and properties of these systems. We describe our experience on a detailed, one-month study of the Ethereum network from several geographically dispersed observation points. We leverage multiple geographic vantage points to assess the key pillars of Ethereum, namely geographical dispersion, network efficiency, blockchain efficiency and security, and the impact of mining pools. Among other new findings, we identify previously undocumented forms of selfish behavior and show that the prevalence of powerful mining pools exacerbates the geographical impact on block propagation delays. Furthermore, we provide a set of open measurement and processing tools, as well as the data set of the collected measurements, in order to promote further research on understanding permissionless blockchains.Comment: To appear in 50th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 202

The Leap Second Behaviour of NTP Servers

The NTP network is an important part of the Internet’s infrastructure, and one of the most challenging times for the NTP network is around leap seconds. In this paper we look at the behaviour of public servers in the NTP network in 2005 and over the period from 2008 to present, focusing on leap seconds. We review the evolution of the NTP reference implementation with respect to leap seconds and show how the behaviour of the network has changed since 2005. Our results show that although the network’s performance has certain problems, these seem to be reducing over time

The security of NTP's datagram protocol

For decades, the Network Time Protocol (NTP) has been used to synchronize computer clocks over untrusted network paths. This work takes a new look at the security of NTP’s datagram protocol. We argue that NTP’s datagram protocol in RFC5905 is both underspecified and flawed. The NTP specifications do not sufficiently respect (1) the conflicting security requirements of different NTP modes, and (2) the mechanism NTP uses to prevent off-path attacks. A further problem is that (3) NTP’s control-query interface reveals sensitive information that can be exploited in off-path attacks. We exploit these problems in several attacks that remote attackers can use to maliciously alter a target’s time. We use network scans to find millions of IPs that are vulnerable to our attacks. Finally, we move beyond identifying attacks by developing a cryptographic model and using it to prove the security of a new backwards-compatible client/server protocol for NTP.https://eprint.iacr.org/2016/1006.pdfhttps://eprint.iacr.org/2016/1006.pdfPublished versio

Caraoke: An E-Toll Transponder Network for Smart Cities

Electronic toll collection transponders, e.g., E-ZPass, are a widely-used wireless technology. About 70% to 89% of the cars in US have these devices, and some states plan to make them mandatory. As wireless devices however, they lack a basic function: a MAC protocol that prevents collisions. Hence, today, they can be queried only with directional antennas in isolated spots. However, if one could interact with e-toll transponders anywhere in the city despite collisions, it would enable many smart applications. For example, the city can query the transponders to estimate the vehicle flow at every intersection. It can also localize the cars using their wireless signals, and detect those that run a red-light. The same infrastructure can also deliver smart street-parking, where a user parks anywhere on the street, the city localizes his car, and automatically charges his account. This paper presents Caraoke, a networked system for delivering smart services using e-toll transponders. Our design operates with existing unmodified transponders, allowing for applications that communicate with, localize, and count transponders, despite wireless collisions. To do so, Caraoke exploits the structure of the transponders' signal and its properties in the frequency domain. We built Caraoke reader into a small PCB that harvests solar energy and can be easily deployed on street lamps. We also evaluated Caraoke on four streets on our campus and demonstrated its capabilities.National Science Foundation (U.S.

SSL sertifikaları ile NTP’nin güvenliğine yeni bir yaklaşım

The Time and the Time Synchronization are very important especially for the computer networks performing time-sensitive operations. It is very important for all the datacenters, exchange markets, finance companies, industrial networks, commercial applications, e-mail and communication-related clients and servers, active directory services, authentication mechanisms, and wired and wireless communication. The NTP acts as a single time source in order to synchronize all the devices in a network. While the computer networks communicate with each other between different time zones and different locations on the earth; the main time doesn’t need to be the same all around the world but it must be very sensitive otherwise the networks at different locations might work on different times.Yazarlık Beyanı ii Öz iii Abstract iv Teşekkür vi Şekil Listesi ix Tablo Listesi x Kısaltmalar xi Fiziksel Katsayılar xii Simgeler xiii 1 Giriş 1 2 İlgili Çalışmalar 2 3 NTP 4 3.1 NTP (Network Time Protocol) . . . . . . . . . . . . . . . . . . . . . . . . 4 3.2 Ağ Zaman Protokolü, Zaman ve Zaman Tutma . . . . . . . . . . . . . . . 5 3.3 Evrensel Zaman Standartları . . . . . . . . . . . . . . . . . . . . . . . . . 5 3.4 Sunucu ve İstemciler . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 3.5 NTP Protokolü . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 3.6 İstemci Üzerinde Zaman Tutma . . . . . . . . . . . . . . . . . . . . . . . . 11 3.7 NTP Çalışma Modları . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 3.7.1 İstemci Modu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 3.7.2 Broadcast ve Multicast Modu . . . . . . . . . . . . . . . . . . . . . 13 3.8 Basit Bir NTP Konfigürasyon Dosyası . . . . . . . . . . . . . . . . . . . . 13 3.9 NTP Ekosistemi . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 3.9.1 NTP Protokolünün Arka Planı . . . . . . . . . . . . . . . . . . . . 14 3.9.2 NTP Ekosisteminin Ölçülmesi . . . . . . . . . . . . . . . . . . . . . 17 4 Network Time Protocol Güvenlik Modeli 20 4.1 NTP Güvenlik Modeli . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 4.2 NTP Hiyerarşik Güvenlik Modeli . . . . . . . . . . . . . . . . . . . . . . . 21 4.2.1 On-Wire Protokolü . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 4.2.2 Messege Digest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 4.2.3 Autokey Sequence Key . . . . . . . . . . . . . . . . . . . . . . . . . 22 4.2.4 The Autokey Protocol Layer . . . . . . . . . . . . . . . . . . . . . 23 4.3 Zaman Neden Önemli: NTP’ye Yapılan Bazı Saldırılar . . . . . . . . . . . 23 5 Tasarım ve Uygulama 27 5.1 NTP Paketlerine SSL Sertifika İmzasının Eklenmesi . . . . . . . . . . . . . 27 5.2 Şifreleme Algoritmaları . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 5.3 Çalışma Modeli . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 6 Tartışma ve Sonuç 36 6.1 Tartışma ve Sonuç . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 6.2 Gelecek çalışmalar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 7 Kaynakça 3

Attacking and securing Network Time Protocol

Network Time Protocol (NTP) is used to synchronize time between computer systems communicating over unreliable, variable-latency, and untrusted network paths. Time is critical for many applications; in particular it is heavily utilized by cryptographic protocols. Despite its importance, the community still lacks visibility into the robustness of the NTP ecosystem itself, the integrity of the timing information transmitted by NTP, and the impact that any error in NTP might have upon the security of other protocols that rely on timing information. In this thesis, we seek to accomplish the following broad goals: 1. Demonstrate that the current design presents a security risk, by showing that network attackers can exploit NTP and then use it to attack other core Internet protocols that rely on time. 2. Improve NTP to make it more robust, and rigorously analyze the security of the improved protocol. 3. Establish formal and precise security requirements that should be satisfied by a network time-synchronization protocol, and prove that these are sufficient for the security of other protocols that rely on time. We take the following approach to achieve our goals incrementally. 1. We begin by (a) scrutinizing NTP's core protocol (RFC 5905) and (b) statically analyzing code of its reference implementation to identify vulnerabilities in protocol design, ambiguities in specifications, and flaws in reference implementations. We then leverage these observations to show several off- and on-path denial-of-service and time-shifting attacks on NTP clients. We then show cache-flushing and cache-sticking attacks on DNS(SEC) that leverage NTP. We quantify the attack surface using Internet measurements, and suggest simple countermeasures that can improve the security of NTP and DNS(SEC). 2. Next we move beyond identifying attacks and leverage ideas from Universal Composability (UC) security framework to develop a cryptographic model for attacks on NTP's datagram protocol. We use this model to prove the security of a new backwards-compatible protocol that correctly synchronizes time in the face of both off- and on-path network attackers. 3. Next, we propose general security notions for network time-synchronization protocols within the UC framework and formulate ideal functionalities that capture a number of prevalent forms of time measurement within existing systems. We show how they can be realized by real-world protocols (including but not limited to NTP), and how they can be used to assert security of time-reliant applications-specifically, cryptographic certificates with revocation and expiration times. Our security framework allows for a clear and modular treatment of the use of time in security-sensitive systems. Our work makes the core NTP protocol and its implementations more robust and secure, thus improving the security of applications and protocols that rely on time

Software-hardware systems for the Internet-of-Things

Thesis: Ph. D., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2018.Cataloged from PDF version of thesis.Includes bibliographical references (pages [187]-201).Although interest in connected devices has surged in recent years, barriers still remain in realizing the dream of the Internet of Things (IoT). The main challenge in delivering IoT systems stems from a huge diversity in their demands and constraints. Some applications work with small sensors and operate using minimal energy and bandwidth. Others use high-data-rate multimedia and virtual reality systems, which require multiple-gigabits-per-second throughput and substantial computing power. While both extremes stress the computation, communications, and energy resources available to the underlying devices, each intrinsically requires different solutions to satisfy its needs. This thesis addresses both bandwidth and energy constraints by developing custom software-hardware systems. To tackle the bandwidth constraint, this thesis introduces three systems. First, it presents AirShare, a synchronized abstraction to the physical layer, which enables the direct implementation of diverse kinds of distributed protocols for loT sensors. This capability results in a much higher throughput in today's IoT networks. Then, it presents Agile-Link and MoVR, new millimeter wave devices and protocols which address two main problems that prevent the adoption of millimeter wave frequencies in today's networks: signal blockage and beam alignment. Lastly, this thesis shows how these systems enable new IoT applications, such as untethered high-quality virtual reality. To tackle the energy constraint, this thesis introduces a VLSI chip, which is capable of performing a million-point Fourier transform in real-time, while consuming 40 times less power than prior fast Fourier transforms. Then, it presents Caraoke, a small, low-cost and low-power sensor, which harvests its energy from solar and enables new smart city applications, such as traffic management and smart parking.by Omid Salehi-Abari.Ph. D

Characterizing quality of time and topology in a time synchronization network

Abstract — As Internet computing gains speed, complexity, and becomes ubiquitous, the need for precise and accurate time synchronization increases. In this paper, we present a characterization of a clock synchronization network managed by Network Time Protocol (NTP), composed by thousands of nodes, including hundreds of Stratum 1 servers, based on data collected recently by a robot. NTP is the most common protocol for time synchronization in the Internet. Many aspects that define the quality of timekeeping are analyzed, as well as topological characteristics of the network. The results are compared to previous characterizations of the NTP network, showing the evolution of clock synchronization in the last fifteen years. I