An official website of the United States government
Here's how you know
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

sky background image

DoD NTP Customers

 
DoD entities should use only the DoD authenticated USNO NTP servers and NOT the following USNO Public NTP servers:
 
tick.usno.navy.mil
tock.usno.navy.mil
ntp2.usno.navy.mil
tick.usnogps.navy.mil
tock.usnogps.navy.mil
 
DoD users should contact USNO at the link below for information on its exclusive DoD NTP servers.
 

Authenticated NTP

USNO offers authenticated NTP service to DoD and U.S. Government agencies operating on the NIPR and SIPR networks. To obtain information on the servers and/or a key for authentication, please provide the following information in a signed email to: 
usno-ops-center@us.navy.mil.  Please include:
 
  • POC Name:
  • POC Phone Number:
  • POC Email (prefer unclass):
  • Organization:
  • DoD organization you're supporting (if different):
  • What keys are needed (NIPR, SIPR, or both):
  • What type of key (SHA256, CISCO-SHA256-ASCII, SHA1, MD5):​
USNO highly recommends SHA256 keys in 64-character hex format, or in 32-byte ASCII format (Cisco IOS compatible).  Legacy systems not supporting SHA256 may request SHA1 or MD5 keys, but be aware that these less secure formats may soon be deprecated.

 
COMING SOON - - NTS :  NETWORK TIME SECURITY
      
Network Time Security (NTS) developed by the Internet Engineering Task Force as standard RFC 8915 is an authentication mechanism for Network Time Protocol (NTP), designed to scale substantial numbers of clients. It verifies that the packets received from the server machines are unaltered in transit to the client machine.

NTS includes a Key Establishment protocol (NTS-KE) that automatically creates the encryption keys used between the server and its clients, eliminating the need for symmetric-key authentication.

NTS extends NTP as a pair of protocols: the NTS Key Establishment protocol (NTS-KE), an automated exchange of ephemeral secret keys and cookies via standard TLS (TCP/4460), followed by NTP’s low-latency UDP-based time synchronization (UDP/123).   NTS-KE is analogous to https, using TLS to provide to each client at startup the server’s X.509 certificate chain, which must be verifiable as rooted in a trusted certificate authority. 
NTS is projected to be supported by USNO on NIPRNET beginning in 1QTR 2025. 
 

 
 

Commander, Naval Meteorology and Oceanography Command | 1100 Balch Blvd. | Stennis Space Center, Mississippi 39529

Guidance-Card-Icon Dept-Exclusive-Card-Icon