Network Time Security for the Network Time Protocol

Document Type Expired Internet-Draft (ntp WG)
Authors Daniel Franke  , Dieter Sibold  , Kristof Teichel  , Marcus Dansarie  , Ragnar Sundblad 
Last updated 2019-01-03 (latest revision 2018-07-02)
Stream Internet Engineering Task Force (IETF)
Expired & archived
pdf htmlized bibtex
Additional Resources
- Mailing list discussion
Stream WG state Candidate for WG Adoption
Document shepherd No shepherd assigned
IESG IESG state Expired
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This memo specifies Network Time Security (NTS), a mechanism for using Transport Layer Security (TLS) and Authenticated Encryption with Associated Data (AEAD) to provide cryptographic security for the client-server mode of the Network Time Protocol (NTP). NTS is structured as a suite of two loosely coupled sub-protocols: the NTS Key Establishment Protocol (NTS-KE) and the NTS Extension Fields for NTPv4. NTS-KE handles NTS service authentication, initial handshaking, and key extraction over TLS. Encryption and authentication during NTP time synchronization is performed through the NTS Extension Fields in otherwise standard NTP packets. Except for during the initial NTS-KE process, all state required by the protocol is held by the client in opaque cookies.


Daniel Franke (
Dieter Sibold (
Kristof Teichel (
Marcus Dansarie (
Ragnar Sundblad (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)