Safety network time synchronizing method and device

Abstract

The invention relates to the field of network safety, in particular to a safety network time synchronizing method and device. The method comprises the following steps: key agreement: acquiring a session key and a message authentication code by a client side through a session key request and a message authentication code request, and establishing mutual trust between the client side and a server; and time synchronization: implementing safety time synchronization by time synchronizing data frame interaction. The client side transmits a client side key request data frame to a server side; after receiving the client side key request data frame, the server replies a server session key responding frame to the client side; after receiving the server session key responding frame, the client side examines frame formats and contents, and acquires a session key; the client side transmits a client side message authentication code request frame to the server; after receiving the client side message authentication code responding frame of the client side, the server computes a message authentication code according to a session key and message contents and replies a server message authentication code responding frame to the client side; and after receiving the server message authentication code responding frame, the client side examines the frame format and content, and acquires the message authentication code.

Description

Technical field [0001] The invention relates to the field of network security, in particular to a method and device for synchronizing safe network time. Background technique [0002] NTP (Network Time Protocol) is a standard network protocol used for time synchronization in the Internet. Its function is to synchronize the computer time in the network to Coordinated Universal Time (UTC). The design of NTP fully considers the complexity of time synchronization on the Internet. It adopts algorithms such as time filtering, time selection, and clock adjustment. It can not only correct the current time, but also continuously track changes in time, and can automatically adjust even if the network fails. It can also maintain time stability. NTP adopts a client / server architecture, supports a variety of working modes, is simple and flexible to operate, provides strict, practical, and effective mechanisms, and can adapt to Internet environments of various scales, speeds, and connection pa...

AI Technical Summary

Problems solved by technology

[0007] 2. NTP itself has security loopholes and is easily exploited for NTP attacks

[0008] Under normal circumstances, the client sends a request packet to the server, and the server returns a response packet to the client, but the UDP protocol is connectionless, so the source IP address of the request packet sent by the client is easy to forge. When the source IP address is changed to After the victim's IP address, the response packet returned by the final server will return to the victim's IP, which forms an NTP reflection attack

Images