CloudFlare Roughtime Uses Clockchain Blockchain to Assure Clients are Using the Proper Clock Time
CloudFlare has decided to launch a Roughtime service which will be used to ensure clients are using the proper clock time. Google has originally came up with this idea for Roughtime, however, the latest version presented by CloudFlare has exclusive features.
Cloudflare’s Roughtime service includes a Clockchain that lists queries to servers that have the Roughtime enabled. In this way, the Clockchain will always inform if the server or client has an improper time displayed.
This Roughtime has been created with the intention to display correct clock time on different servers. In general TLS certificates show up as expired if the clock time is far in the future. It is also possible for TLS certificates to appear as not valid if the clock time is far in the past.
According to the company, 6.75% of internet users’ clock times are changed more than 24 hours. And indeed, these users have large amounts of TLS certificate errors. This means that the user can skip several errors since they became used to them. In this way, the chances of ending up in a malicious site increase.
There are currently some other services that help solve this issue, but they lack the encryption process that would protect users. Hackers are able to intercept the services and change clock times. For example, it is possible for hackers to change users’ clock time and make him believe that he is in a website with a valid certificate.
WIth Cloudflare’s Roughtime, users can have their clock synchronized. With it, TLS certificates will not appear expired or valid because of the wrong time. The service is highly scalable and is able to handle different requests.
Users are able to make Roughtime requests to different servers and verify that the current time is accurate. When a user queries a list of servers using Roughtime, it generates a random nonce. The timestamp and signature from the first response then are hashed into a nonce for the nex request.
CloudFlare’s Roughtime and Clockchain could end TLS certificate errors caused by wrong times.