Calibration of Timestamp Authorities

1
On Calibration of Network Time Services
Vladimír Smotlacha, Jan Cermák, Juan Palacio
V International Symposium on Time Scale
Algorithms San Fernando 29. April 2008
2
Internet Time Services

• One-Way server transmits time information
• datetime (RFC 867) - ASCII string, no fixed
  format
• time (RFC 868) - binary, 32-bit unsigned
  integer, number of seconds since 1.1.1900
• TSA (RFC 3161) - cryptographically signed
  certificates with time information
• Two-Way server and client exchange time
  information
• NTP (RFC 1305) - 64-bit timestamps
• IEEE 1588

3
Network Issues

• Service parameters depend on
• locality
• Internet connectivity - ISP
• epoch of utilization
• Two-way service assumes symmetrical one-way delay
  but
• network path changes
• routing, node configuration
• per-node delay variation
• overload, congestion
• delay in software is not equal for
  sender/receiver
• queuing, process context switching

4
Network Delays

• Per-Link delay
• propagation delay
• given by link length L and velocity factor VF
  L / (c VF)
• serialization delay
• given by packet size SZ and link capacity CAP
• SZ bit / CAP bit/s
• Per-Node delay
• forwarding delay
• reading information, making forwarding decision
  
• queuing delay
• waiting in the output link queue

5
Timestamp Evaluation

• Physical level (interface port)
• sender - first bit on-wire
• receiver - last bit on-wire
• Operating system (device driver)
• based on system clock
• significant uncertainty due to queuing
• Application level (process)
• based on system clock
• uncertainty due to process scheduling
• Commonly used in Internet time services

6
NTP Calibration System

• Calibration system consists of
• Device under test (NTP server)
• Calibration computer (CC)
• provides internal time scale T(C) synchronized
  to UTC via 1pps
• provides software-generated a 1 pps signal
  representing T(C) and/or refers a 1 pps input to
  T(C)
• runs NTP client asking the NTP serve for time
  information
• Source of local prediction of UTC UTC(k) or
  UTC(GPS)
• Time interval counter

7
NTP Calibration Method

• Goal calibrate the service at access point
  defined by client
• Client-oriented calibration
• CC functions as servers client
• Compares T(C) and T(S)

8
TSA Service

• Time-Stamp Authority (TSA) - uses time-stamp
  protocol
• Time-Stamp Query (TSQ)
• Request for time-stamp sent by client
• Contains a nonce (e.g. a hash of document to be
  time-stamped)
• Time-Stamp Reply (TSR)
• Response message from time-stamp authority (TSA)
• Cryptography signed certificate
• Contains an issued time-stamp
• Contains a nonce of corresponding TSQ
• Problem How to calibrate the time provided by
  TSA?
• TSA is proprietary hardware/software ('black
  box')
• TSA clock is accessible only through client
  computer

9
TSA Calibration

• Calibration system consists of
• TSA - device under test
• TSA client - asks TSA for time-stamps
• Calibration computer (CC)
• Collects and parses TSP communication between TSA
  and client
• Source of local prediction of UTC
• Time interval counter

10
TSA Calibration Method I

• Goal calibrate the service at TSA site
• Provider-oriented calibration
• CC listens to replicated TSA traffic
• Possible passive measurement not involving TSA

11
TSA Calibration Method II

• Goal calibrate the service at client site
• Client-oriented calibration
• CC sends his own TSQ and receives TSR
• Active probing

12
Project Participants

• BEV Bundesamt für Eich- und Vermessungswessen
  (Austria)
• INRIM Istituto Nazionale di Ricerca
  Metrologica (Italy)
• PTB Physikalisch-Technische Bundesanstalt
  (Germany)
• ROA Real Observatorio de la Armada (Spain)
• UFE Institute of Photonics and Electronics
  (Czech republic)
• CES CESNET (Czech republic)

13
NTP Results (ROA -gt UFE)
Timing error (95 ) NTP server ROA e lt
2.72 ms CC UFE
14
NTP Results (CESNET -gt UFE)
Timing error (95 ) NTP server CESNET
e lt 56 µs CC UFE
15
Results detail (CESNET -gt UFE)
Timing error (95 ) NTP server CESNET
e lt 56 µs CC UFE
16
NTP Results (BEV / UFE)
Timing error (95 ) NTP server BEV e lt
2.45 ms CC CESNET
17
NTP Results (BEV / CESNET)
Timing error (95 ) NTP server BEV e lt
8.47 ms CC CESNET
18
TSA Results (UFE, ROA)
Green Tq - Ts Tq, Tr epoch of query /
response Red Tr - Tq Ts time-stamp
provided by TSA
19
TSA Results (BEV, CESNET)
Green Tq - Ts Tq, Tr epoch of query /
response Red Tr - Tq Ts time-stamp
provided by TSA
20
Conclusions

• We have demonstrated the use of a
  UTC-synchronized Calibration Computer for
  calibration of NTP servers and Time Stamp
  Appliances.
• Calibration of network time services is a new
  issue in TF metrology. No calibration procedures
  have been generally adopted so far.
• Calibration Computer can be used as active or
  passive device for a client-oriented or
  provider-oriented calibration according to
  calibration goal.

21

Thank you
22
NTP Time-Transfer Model

• T(S) - NTP server time scale
• T(C) - calibration computer (CC) time scale
• y(t) - frequency between T(C) and T(S)
• t
• T(S)(t) T(C)(t) x0 ?y(?)d?
• t0