Roughenough
Roughenough is a Roughtime secure time synchronization client and server implementation in Rust.
The server and client are functionally complete and at feature parity with the reference C++ and Golang implementations.
Areas for improvement remain, see limitations below. Contributions are welcome.
Links
- Roughenough Github repo
- Original Roughtime project
- My blog posts giving a techncial deep-dive into Roughtime and exploring details of on-the-wire Roughtime messages.
Building and Running
# Build roughenough
The client binary is target/release/client. After building you can copy the
binary and run on its own (no cargo needed) if you wish.
Using the Client to Query a Roughtime Server
)
Validating Server Responses
Use the -p flag with the client to validate the server's response with its public key.
# The public key of 'roughtime.int08h.com' is stored in a DNS TXT record
# Validate the server response using its public key
)
Note verified=true in the output which confirms that the server's response had a valid signature.
Starting the Server
The resulting binary is target/release/server. After building you can copy the
binary and run on its own (no cargo needed):
Configuration File
The server is configured via a YAML file:
interface: 127.0.0.1
port: 8686
seed: f61075c988feb9cb700a4a6a3291bfbc9cab11b9c9eca8c802468eb38a43d7d3
batch_size: 64
Where:
interface- IP address or interface name for listening to client requestsport- UDP port to listen for requestsseed- A 32-byte hexadecimal value used to generate the server's long-term key pair. This is a secret value and must be un-guessable, treat it with care.batch_size- The number of requests to process in one batch. All nonces in a batch are used to build a Merkle tree, the root of which is signed.
Stopping the Server
Use Ctrl-C or kill the process.
Limitations
Roughtime features not implemented by the server:
- On-line key rotation. The server must be restarted to generate a new delegated key.
- The Rougheough server depends on the host's time source to comply with the smeared leap-second
requirement of the Roughtime protocol. A Roughenough server sourcing time from
Google's public NTP servers would produce compliant
smeared leap-seconds but time sourced from members of
pool.ntp.orglikely will not. - Ecosystem-style response fault injection.
Other notes:
- Per-request heap allocations could probably be reduced: a few
Vec's could be replaced by lifetime scoped slices.
About the Roughtime Protocol
Roughtime is a protocol that aims to achieve rough time synchronisation in a secure way that doesn't depend on any particular time server, and in such a way that, if a time server does misbehave, clients end up with cryptographic proof of it. It was created by Adam Langley and Robert Obryk.
Contributors
- Stuart Stock (stuart {at} int08h.com)
- Aaron Hill (aa1ronham {at} gmail.com)
Copyright and License
Roughenough is copyright (c) 2017-2018 int08h LLC. All rights reserved.
int08h LLC licenses Roughenough (the "Software") to you under the Apache License, version 2.0 (the "License"); you may not use this Software except in compliance with the License. You may obtain a copy of the License from the LICENSE file included with the Software or at:
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.