The Network Time Protocol is generally used completely unprotected, much like the web was before HTTPS. At @fosdem 2026, Ruben explained how we aim to push adoption of secure time (NTS) using pools of NTS servers.
Video and slides: https://fosdem.org/2026/schedule/event/J8UN83-securing_time_with_nts/
David and Ruben went to ISPCS in Tokyo to put Statime (PTP in Rust) to the test at Plugfest, and David gave a talk at the Symposium.
Read Ruben's recap of the IEEE Symposium on Precision Clock Synchronization here: https://tweedegolf.nl/en/blog/143/travelling-to-the-land-of-the-rising-sun-with-statime
Thanks to @nlnet and @sovtechfund for supporting the continued progress on Statime!
Time synchronization is essential to the security of our devices and our internet, but at the same time, the most commonly used (S)NTP clients are easy to manipulate.
Michiel explains the problems, the consequences, and how secure time can solve them: https://tweedegolf.nl/en/blog/142/manipulating-time-through-sntp
The Network Time Protocol is the last major security gap in universally used Internet protocols.
Pools of secure time servers (NTS) are the solution; what is an NTS pool and how can we build them?
Ruben explains in this blog: https://tweedegolf.nl/en/blog/139/enabling-pools-in-nts
@sovtechfund
@ProssimoISRG
@trifectatech
@nlnet
@SIDNlabs
@marcodavids
@ekline
@reitinger
@hesselma
@benno
#rust #rustlang #security #infrastructure #timesynchronization
Ruben and David will be at IETF 121 in Dublin! Chat about NTPv5 (the next version of the Network Time Protocol), or our proof-of-work for mitigating TLS attacks? Reach out to them, or see them in action at the Hackaton!
David and Ruben are at the Symposium on Precision Clock Synchronization in Tokyo this week! They are currently testing Statime during the Plugfest. Curious to see how our PTP implementation will hold up? So are we!
David wrote a scientific paper explaining how we use the Kalman filter to automatically estimate clock stability and network noise at runtime in Statime, our Rust implementation of the Precision Time Protocol.
Read the paper here: https://tweedegolf.nl/en/blog/138/ispcs-paper-estimating-noise-for-clock-synchronizing-kalman-filters
David and Ruben will be testing and presenting their work on Statime at the Symposium on Precision Clock Synchronization in Tokyo on from 7 to 11 October!
For a comprehensive overview of how time synchronization works, the various protocols, how the security measures work, and how our Rust implementations (ntpd-rs and Statime) fit into this picture, watch @tamme's 'introduction to network-based time synchronization' talk from the RIOT Summit:
https://www.youtube.com/watch?v=qeKdt6qtvlI
#timesynchronization #rust #rustlang @sovtechfund @nlnetfdn @sidnfonds
We've measured performance for Statime (our Rust implementation of the Precision Time Protocol) comparable to Linux PTP!
Read David's explanation of the setup and results here: https://tweedegolf.nl/en/blog/129/statime-vs-linux-ptp-comparison-of-precision
NTS4PTP (a mechanism for distributing the keys for PTP authentication) is currently going through the IETF process. This led David to take a closer look at NTS4PTP and the underlying PTP security mechanism.
Read his blog about the potential security problems he encountered: https://tweedegolf.nl/en/blog/125/authentication-for-ptp
Trifecta Tech Foundation
Tweede golf
