A discrepancy of a few seconds that makes it impossible to reconstruct when — and why — a power outage that affected the entire Eastern seaboard was triggered. A weakness in the distribution of timing information across a web server that makes it vulnerable to a malicious attack, which renders it unresponsive to users.
For most of us, errors in the devices we use to track time are an inconvenience — making us late for a meeting, perhaps, or causing us to miss our train. But timing errors on the Internet can have much larger implications and are the reason many network-based entities employ something called network time protocol (NTP) to synchronize the clocks across their computer systems within milliseconds. With a new gift from the Internet Society, UNH’s InterOperability Laboratory (IOL) is undertaking a project to increase the security of the widely deployed NTP using a new standard called network time security (NTS). NTS, when used in conjunction with NTP, ensures that different networks’ solutions can “talk” to each other now and in the future. and increasing the security of existing protocols without compromising the performance of the networks they support.
Bob Noseworthy, principal engineer for the IOL, says NTS is critical to the future of online commerce: “The sooner these standards are widely adopted, the more secure transactions will be,” he says.
The 33-year-old IOL has a long history with the Internet Society, a global nonprofit organization created to keep the internet open, globally connected, secure and trustworthy. It was on the basis of that relationship — and the IOL’s track record in conformance, or ensuring that the products it tests meet standards not just today but going forward — that Internet Society Director of Internet Trust and Technology Karen O’Donoghue reached out to Noseworthy at the end of 2020 with a proposal to support a project focused on NTS.
“The Internet Society encourages broad adoption of NTS to improve the security of deployed NTS support for NTP and the internet,” O’Donoghue explains. “Enabling the IOL to validate conformance, interoperability and performance of NTS will help accelerate that adoption.”
The gift is the IOL’s first in the area of NTP, and Noseworthy hopes it will serve as a “seed” of sorts for further work in the field. As it is, it’s already providing rich opportunities for computer science graduate students Griffin Leclerc ’21, ’23G and Garrick Craft ’21, ’23G, both of whom began working at the IOL even before they enrolled at UNH and had the opportunity to earn four years of practical experience alongside their computer science degrees.
In his last semester as an undergraduate, Leclerc undertook an independent study on the topic of NTP and NTS with Radim Bartos, department chair and professor of computer science in the College of Engineering and Physical Sciences. Bartos is overseeing the security and performance aspect of the IOL’s NTS project and serving as advisor to both Craft and Leclerc as they now work on the project as part of their graduate studies.
“The IOL was the reason I chose UNH, and I wouldn’t be pursuing this master’s degree without the university’s financial support,” Leclerc says.
And while the NTS gift wasn’t designated specifically to support student learning, Noseworthy says the ability to provide and fund cutting edge projects like NTS is critical to retaining students like Leclerc and Craft, both of whom he describes as “shining examples of what the IOL is all about.”
In other words, a case of particularly well-synchronized timing.