Claims:We claim:
1. A method to mitigate Precision Time Protocol (PTP) spoofing attacks in a IPv6 PTP unaware network, the method comprising:
at a network comprising one or more master nodes and plurality of slave nodes, prior to initiating a PTP network session:
storing (610), by a master node, a master-key table at one or more slave nodes;
generating (620), by the one or more slave nodes, one or more requests;
receiving (630), by the master node, a request from a slave node, for a secret message;
generating (640) and assigning, by the master node, the secret message to the slave node;
storing (650), by the master node, the assigned secret message;
receiving (660), by the slave node, the assigned secret message; establishing (670), communication with the master node by the slave node using the secret message; and
calculating (680)UDP checksum, at master node and the slave node, to identify any spoofing master node or slave node.

2. The method as claimed in claim 1, wherein the slave nodes generates one or more request for the secret message using a modified IPv6 protocol header of the IPv6 data packet, wherein the request comprises a slave public key encapsulated by the master public key, wherein the request is encrypted using public key of the master node.

3. The method as claimed in claim 1, wherein the master node transmits the secret message to the slave node using a modified IPv6 header, wherein the modified IPv6 datagram is encrypted using a client public key.

4. The method as claimed in claim 2, wherein the modified IPv6 protocol uses a next header present in the IPv6 base header for transmission from slave node to the master node.

5. The method as claimed in claim 3, wherein the modified IPv6 protocol uses a next header present in the IPv6 extension header for transmission of the secret message.

6. The method as claimed in claim 1, wherein calculating a UDP checksum at the slave node comprises:
calculating UDP checksum for each datagram received by the client using the assigned secret message;
flagging, if UDP checksum mismatch, the master node from which the datagram was received from as a spoofed master node.

7. The method as claimed in claim 1, wherein calculating a UDP checksum at the master node comprises:
calculating UDP datagram for each datagram received by the master node from the one or more slave nodes using the assigned secret message;
identifying, if there is a UDP checksum mismatch, the slave node from the assigned secret message; and
flagging the identified slave node as a spoofed slave node.

8. The method as claimed in claim 1, wherein the secret message is of 64 bits.

9. The method as claimed in claim 1, wherein UDP checksum calculation is utilized to identify spoofed master node, spoofed slave node and identify man in the middle attacks.

10. A IPv6 data packet for communication between one or more master nodes and plurality of slave nodes in a IPv6 Precision Time Protocol (PTP) unaware network, the IPv6 protocol data packet comprising:
an IPv6 base header comprising a modified Next header configured to carry an encrypted master key, wherein the modified Next Header is encapsulated using the encrypted Master key ; and
an IPv6 extension header comprising a modified Next header configured to carry a secret message, wherein the secret message is encapsulated using a client public key.

Dated this 23rd day of March, 2022

Bharat Electronics Limited
(By their Agent)

(D. Manoj Kumar) (IN/PA 2110)
KRISHNA & SAURASTRI ASSOCIATES LLP
, Description:FORM – 2

THE PATENTS ACT, 1970
(39 of 1970)
&
THE PATENTS RULES, 2003

COMPLETE SPECIFICATION
(SEE SECTION 10, RULE 13)

A METHOD TO MITIGATE PRECISION TIME PROTOCOL (PTP) SPOOFING ATTACKS IN A IPV6 PTP UNAWARE NETWORK

BHARAT ELECTRONICS LIMITED
HAVING ITS ADDRESS AT
OUTER RING ROAD, NAGAVARA,
BANGALORE,
KARNATAKA-560045

THE FOLLOWING SPECIFICATION PARTICULARLY DESCRIBES THE INVENTION AND THE MANNER IN WHICH IT IS TO BE PERFORMED.
TECHNICAL FIELD
[0001] The present invention relates generally to network security in a Precision Time Protocol network. The invention, more particularly, relates to mitigation of Precision Time Protocol (PTP) spoofing attacks in a IPv6 PTP unaware network.

BACKGROUND
[0002] Precision Time Protocol (PTP), also known as IEEE 1588v2, is a packet-based technology that enables the operator to deliver synchronization services on packet-based mobile backhaul networks. IEEE 1588 PTP clock synchronization standard is a highly precise protocol for time synchronization that synchronizes clocks in a distributed system. The IEEE 1588 precision time protocol (PTP) is important for defence applications, that require time synchronization accuracy between computers down to nanosecond accuracy. PTP and its underlying network infrastructure are susceptible to spoofing and man-in-middle attacks, which can stealthily reduce the time synchronization accuracy or even divert time to an unacceptable extent. Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet.
[0003] The Patent Application 2939/DEL/2013 titled "Secure transmission of time synchronization packets” proposes a method comprises encrypting, by the processor, the time packet marking using a lightweight encryption technique to generate a master signature. Further, the method comprises appending, by the processor, the master signature to an encrypted time synchronization packet generated by the master node to obtain an extended encrypted packet, where the encrypted time. synchronization packet includes a transmittal time stamp for time synchronization. However, in this patent a secret key is used with both master and slave and the authentication is done by decoding the checksum with the keys.
[0004] The Patent application CN102801733A titled "Method for setting security authentication in precision time protocol (PTP)" proposes a combination of setting keys on a time synchronous source and time synchronous equipment in advance, and adding an identity authentication field in the transmitted PTP message when the time synchronous source transmits synchronous information to the time synchronous equipment, wherein the field comprises a first MD5 value, and the MD5 value consists of a sequence ID field and key logic operation. However, in this patent the security does not depend on the sequence id of the packet and neither does it extends the packet size. It uses the UPD checksum which is calculated by a preinstalled key apart from the packet header details.
[0005] There is still a need of an invention which solves the above defined problems and provides a method to mitigate precision time protocol (PTP) spoofing attacks in an IPv6 PTP unaware network.
SUMMARY OF THE INVENTION
[0006] This summary is provided to introduce concepts of the present invention. This summary is neither intended to identify essential features of the present invention nor is it intended for use in determining or limiting the scope of the present invention.
[0007] In one aspect of the invention, a method to mitigate Precision Time Protocol (PTP) spoofing attacks in a IPv6 PTP unaware network is disclosed. The method is performed at a network comprising one or more master nodes and plurality of slave nodes, prior to initiating a PTP network session, comprising the steps of : storing, by a master node, a master-key table at one or more slave nodes; generating, by the one or more slave nodes, one or more requests; receiving, by the master node, a request from a slave node, for a secret message; generating and assigning, by the master node, the secret message to the slave node; storing, by the master node, the assigned secret message; receiving, by the slave node, the assigned secret message; establishing, communication with the master node by the slave node using the secret message; and calculating UDP checksum, at master node and the slave node, to identify any spoofing master node or slave node.
[0008] In another aspect of the invention, A IPv6 data packet for communication between one or more master nodes and plurality of slave nodes in a IPv6 Precision Time Protocol (PTP) unaware network, the IPv6 protocol data packet comprising: an IPv6 base header comprising a modified Next header configured to carry an encrypted master key, wherein the modified Next Header is encapsulated using the encrypted Master key and an IPv6 extension header comprising a modified Next header configured to carry a secret message, wherein the secret message is encapsulated using a client public key.
[0009] The features, aspects and advantages of the present invention will become better understood with reference to the following drawings, description, and claims.
BRIEF DESCRIPTION OF ACCOMPANYING DRAWINGS
[0010] The detailed description is described with reference to the accompanying figures. In the figures, the left-most digit(s) of a reference number identifies the figure in which the reference number first appears. The same numbers are used throughout the drawings to reference like features and modules.
[0011] Figure 1 illustrates the exchange of packets between a PTP Time Server and PTP Client as implemented in a PTP protocol enabled network.
[0012] Figure 2 illustrates an PTP protocol header used to implement a PTP enabled network, according to an exemplary implementation of the present invention.
[0013] Figure 3 illustrates a secure PTP protocol implemented in an IPv6 network, according to an exemplary implementation of the present invention.
[0014] Figure 4 illustrates a Client Master table stored at a PTP client (slave) node, according to an exemplary implementation of the present invention.
[0015] Figure 5 illustrates a Master Secret to Connected Client mapping table, stored at a PTP Time server, according to an exemplary implementation of the present invention.
[0016] Figure 6 illustrates a flowchart showing a method to mitigate precision time protocol (PTP) spoofing attacks in an IPv6 PTP unaware network, according to an exemplary implementation of the present invention.
[0017] Figure 7 illustrates a scenario where a PTP Master node is spoofed, according to an exemplary implementation of the present invention.
[0018] Figure 8 illustrates a scenario where a PTP Slave node is spoofed, according to an exemplary implementation of the present invention.
[0019] Figure 9 illustrates a Man in the middle spoofing scenario is illustrated, according to an exemplary implementation of the present invention.
[0020] It should be appreciated by those skilled in the art that any block diagrams herein represent conceptual views of illustrative methods embodying the principles of the present invention. Similarly, it will be appreciated that any flow charts, flow diagrams, and the like represent various processes which may be substantially represented in computer readable medium and so executed by a computer or processor, whether or not such computer or processor is explicitly shown.
DETAILED DESCRIPTION
[0021] The various embodiments of the present invention describe about a method and a modified IPv6 packet for mitigating precision time protocol (PTP) spoofing attacks in a IPv6 PTP unaware network .
[0022] In the following description, for purpose of explanation, specific details are set forth in order to provide an understanding of the present invention. It will be apparent, however, to one skilled in the art that the present invention may be practiced without these details. One skilled in the art will recognize that embodiments of the present invention, some of which are described below, may be incorporated into a number of systems.
[0023] However, the systems and methods are not limited to the specific embodiments described herein. Further, structures and devices shown in the figures are illustrative of exemplary embodiments of the presently invention and are meant to avoid obscuring of the present invention.
[0024] It should be noted that the description merely illustrates the principles of the present invention. It will thus be appreciated that those skilled in the art will be able to devise various arrangements that, although not explicitly described herein, embody the principles of the present invention. Furthermore, all examples recited herein are principally intended expressly to be only for explanatory purposes to help the reader in understanding the principles of the invention and the concepts contributed by the inventor to furthering the art and are to be construed as being without limitation to such specifically recited examples and conditions. Moreover, all statements herein reciting principles, aspects, and embodiments of the invention, as well as specific examples thereof, are intended to encompass equivalents thereof.
[0025] Fig. 1 illustrates a standard implementation of a Precision Time Protocol (PTP) in a IPv6 network. It may be observed that there is a Time Server that interacts with the Client to exchange messages and perform the necessary actions for the implementation of the protocol. The PTP time server uses the following messages for communicating the necessary time data with the PTP client: Sync msg., Sync Follow-up msg., and Delay response message. The PTP uses standard messages such as : Delay Request message sent to the PTP time server for performing specific actions. The PTP server and the PTP client uses the IPv6 packets to communicate with each other. The typical exchange of messages between the PTP time Server and the PTP client is as follows: PTP Time Server sends a “Synchronization (Sync.) Msg” to the PTP client, then the PTP Time Server sends a “ Synchronization (Sync.) Follow up message” and then when the PTP client sends a “Delay Request message” and then the PTP time server sends a “Delay response message”. In a Normal PTP protocol operation the PTP time server sends announce, sync and sync-delay packets and announce delay packet is sent by slave, Master then responds with announce response message. Each of these messages are exchanged in a IPv6 network using a IPv6 data packet.

[0026] Figure 2 illustrates a IPv6 data packet which is used to exchange data between a PTP time server and a PTP client. It may be observed that the IPv6 protocol header an IPv6 Base header and a IPv6 Extension header. The IPv6 base header has fields such as Version, Traffic Class, Flow Label, Payload Length, Next Header, Hop Limit, Source Address and Destination Address. The IPv6 Extension Header contains fields such as Next Header and Header Extension Length. Of the fields present in the IPv6 data packets, the following concepts are necessary to understand the features of the invention: IPv6 Next Header, IPv6 Pseudo Header and UDP checksum.

[0027] The IPv6 Next Header indicates type of extension header (if present) immediately following the IPv6 header. In some cases, the IPv6 Next Header indicates the protocols contained within upper-layer packet, such as Transfer Control Protocol (TCP), User Datagram Protocol (UDP). The size of this field is 8 bits. When indicating an upper-layer protocol, the Next Header field uses the same values that are used in the IPv4 Protocol field.

[0028] The IPv6 pseudo header includes the Source Address field, the Destination Address field, an Upper Layer Packet Length field that indicates the length of the upper-layer PDU, and a Next Header field that indicates the upper-layer protocol for which the checksum is being calculated.

[0029] The UDP checksum is mandatory, in IPV6 packet and is summation of all the octets in IPv6 Pseudo header fields. The manner in which a secure PTP protocol using the modified IPv6 data packet is explained below with respect to Figure 3.

[0030] Figure 3 illustrates a secure PTP protocol implemented using a PTP time server and a PTP client. The PTP time server loads a Master Public key table as illustrated in Figure 4 on to a PTP client, prior to the initiation of a PTP session. The PTP client requests a secret message from a specific PTP master using the corresponding public key of the PTP time server. The PTP Client Public key is incorporated in the Next header of IPv6 data gram and encrypted with master public key of the PTP time server. The PTP Master public key then assigns a randomly generated 64-bit master code and encapsulates it in IPv6 next header field and then sent it to PTP client. The PTP Time Server then caches all such assigned codes to client in “Master Secret to Connected Client Mapping” table as shown in Figure 5.

[0031] In all communications between the PTP time server and PTP client, when a session is initiated, the secret message is used in UDP checksum calculation. Any spoofing nodes are not aware of the secret code, such nodes will not include it in UDP checksum and spoofed packets are detected at both PTP time server and PTP client. Based on the spoofed packets, the spoofing nodes or spurious nodes are identified. The specific tables used in the storage and mapping of the PTP time servers and the PTP clients are explained with respect to Figure 4 and Figure 5.

[0032] Figure 4 illustrates a Client Master table that is stored in all PTP clients by a PTP server (master). The table comprises of the following fields : Master ID that identifies the PTP time server, MAC Address of the PTP server (master) and the corresponding public key of the PTP server (master). In an example embodiment, if a PTP client is connected one or more PTP time servers (Master 1, Master 2, and Master 3), their corresponding MAC addresses (Mac address 1, Mac address 2, and Mac address 3) and their corresponding public keys (Public_key 1, Public_key 2, and Public_key 3) are stored in the PTP client. The PTP client while requesting a Secret to be assigned from a PTP time server, for e.g., say Master 1, utilizes the public key of master via next header field in IPv6 datagram to request the Secret. The manner in which the PTP time server responds to the request and tracks the assigned secret is explained using Figure 5.
[0033] Figure 5 illustrates a Master Secret to Connected Client mapping table, stored at a PTP Time server. It may be observed that the PTP Time server (Master) generates a secret for transmission to the PTP client (slave). In one embodiment, the secret may be of 64 bits. The PTP Time server (Master) on generating and assigning the secret, caches the data in the Master Secret to Connected Client mapping table. The Master Secret to Connected Client mapping table contains the following fields: Assigned Secret, Client MAC address, Client IPv6 address and the corresponding Client public key. In one embodiment, the PTP time server may generate “Assigned Secret 1” and assign to a PTP Client having its MAC address as Client MAC address 1, its corresponding Client IPv6 Address1 and Client Public key1. By conveying the specific Assigned Secret1, all communications between the PTP Time server and the PTP Client will need to incorporate the Assigned Secret1. If the communication is flagged from that of PTP Client having the Client IPv6 Address1 and Client MAC address 1 without the AssignedSecret 1, the client may be flagged as spoofed client and necessary security operations be begun.
[0034] The manner in which the PTP server and the clients interact to identify spoofing masters or clients is explained using the flow chart of Figure 6.
[0035] Figure 6 illustrates a flowchart showing a method to mitigate precision time protocol (PTP) spoofing attacks in an IPv6 PTP unaware network. For the purposes of explanation, the term “master” refers to the PTP time server and the term “slave” refers to the PTP client . The steps 600-660 are performed prior to the start of a PTP communication session.
[0036] The flowchart begins at Step 600. At step 610, the PTP time server (Master) stores a master-key table at one or more PTP client (slave) nodes. At step 620, the slave (PTP clients) generate, one or more requests to be sent to the PTP time server (master). In one embodiment, the PTP client (slave) sends the request via a modified IPv6 protocol header of the IPv6 data packet, wherein the request comprises a slave public key encapsulated by the master public key, wherein the request is encrypted using public key of the PTP time server (master). The PTP client (slave) sends the request via “Request Secret” message. At step 630, the PTP time server (master) receives the request from the PTP client (slave). In one embodiment, the PTP time server (master), receives the secret message, decrypts the encrypted request to get the client public key from the request. At step 640, the PTP time server (master) generates the secret message and assigns to the specific PTP client via “Assign secret” message. In one embodiment, the PTP time server transmits the secret message to the slave node using a modified IPv6 header, wherein the modified IPv6 datagram is encrypted using a client public key. At step 650, the PTP time server, stores the assigned secret message in the Master Secret to Connected Client mapping table along with the PTP client MAC address, PTP client IPv6 address and Client Public Key. At step 660, the PTP client receives the secret message and processes the same. In one embodiment, the PTP slave uses the secret message for all communication with the PTP time server. At step 670, a PTP session is established between the PTP time server and the PTP client. At each exchange, the PTP time server and the PTP client use the secret message for UDP checksum calculation.
[0037] If the UDP checksum calculation does not have the specific secret message, the sender of the packet (PTP time server or the PTP client) are identified and marked as “spoofing” node. Accordingly, appropriate security measures are triggered so as to mitigate the risks and stop the probable security attacks from the spoofing node.
[0038] Figures 7, 8, and 9 illustrate probable spoofing attacks and their detection mechanisms which are described below.
[0039] Figure 7 illustrates a probable security scenario where a PTP time server (master node) has been spoofed. It may be observed that a Master clock 1, Master clock 2 along with a probable PTP time server (Master node) that has been spoofed are interfaced with one or more PTP clients. The Master clock 1 is designated grand master. The Master clock 1 interacts with one or more PTP clients marked as client. By performing the steps 610-660 of Figure 6, the grandmaster Master clock 1 enables a secure PTP session with one or more client nodes. During the PTP session, the clients of the Master Clock 1 exchange protocol messages with the Master Clock 1. If the UDP checksum as received by client does not contain the assigned secret message of Master Clock 1, the PTP client flags the message received. Based on the stored MAC addresses and processing of the received packets, the spoofed Master Node is identified, and appropriate security measures are initiated accordingly.
[0040] Figure 8 illustrates a probable security scenario where a PTP client has been spoofed. It may be observed that a Master clock 1, Master clock 2 along are interfaced with one or more PTP clients. The Master clock 1 is designated grand master. The Master clock 1 interacts with one or more PTP clients marked as client. By performing the steps 610-660 of Figure 6, the grandmaster Master clock 1 enables a secure PTP session with one or more client nodes. During the PTP session, the Master clock 1 receives messages from all clients. The Master Clock 1 calculates checksum and in a received message, if the UDP checksum mismatch is observed, the Master Clock 1 processes the cached Master Secret to Connected Client mapping table to check whether the client is present. Based on the stored MAC addresses and processing of the received packets, the spoofed client is identified. Appropriate security measures are initiated.
[0041] Figure 9 illustrates a probable a Man in the middle spoofing scenario. It may be observed that a Master clock 1, Master clock 2 along are interfaced with one or more PTP clients. The Master clock 1 is designated grand master. The Master clock 1 interacts with one or more PTP clients marked as client. By performing the steps 610-660 of Figure 6, the grandmaster Master clock 1 enables a secure PTP session with one or more client nodes. During the PTP session, the Master clock 1 receives messages from all clients. The Master Clock 1 calculates checksum and in a received message, if the UDP checksum mismatch is observed, the Master Clock 1 processes the cached Master Secret to Connected Client mapping table to check whether the client is present. The spoofed client may use a port of the PTP client to communicate with the Master Clock 1. Based on the stored MAC addresses and processing of the received packets, the spoofed client is identified. Appropriate security measures are initiated.
[0042] The person skilled in the art can understand that the whole or part of the steps for achieving the above-described embodiments can be accomplished by hardware, or be accomplished by a program instructing relevant hardware, the program may be stored in a computer readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disc or an optical disc, FPGA, or using relevant combinations of hardware and software etc.
[0043] The foregoing description of the invention has been set merely to illustrate the invention and is not intended to be limiting. Since modifications of the disclosed embodiments incorporating the substance of the invention may occur to person skilled in the art, the invention should be construed to include everything within the scope of the invention.