Method and apparatus for securing clock synchronization in a network

What is claimed is: 1. A method of a time synchronization system, the method comprising: receiving a first packet through a communication network at a first device, the first packet including a first message generated according to a precision time protocol (PTP), the first message including a first encapsulation; security-verifying the first packet based on the first message according to a security protocol; processing the first message according to the PTP after the first packet is security-verified, the first message including at least fields of (i) PTP header, (ii) PTP payload, (iii) zero or more type-length-values (TLVs), and (iv) the first encapsulation of security TLV that encapsulates the PTP header, the PTP payload, and the zero or more TLVs of the first message according to the security protocol; and transmitting the first packet according to the PTP with the security verification and measuring a transmitting time. 2. The method of claim 1 , further comprising: receiving a second packet through the communication network at the first device, the second packet including a second message having a transmitting time of the first packet at a second device and a second encapsulation that encapsulates one or more fields of the second message; security-verifying the second packet based on the second message and the second encapsulation; and synchronizing a clock based on the transmitting time of the first packet at the second device and a receiving time of the first packet at the first device. 3. The method of claim 2 , wherein the first message includes a predicted transmitting time of the first packet at the second device, and the method further comprises: synchronizing a clock of the first device based on the predicted transmitting time of the first packet at the second device, and a receiving time of the first packet at the first device. 4. The method of claim 2 , wherein the second packet includes a timing correction to account for a delay between a transmission of the first packet at the second device and a reception of the first packet at the first device. 5. The method of claim 1 , further comprising: forwarding the first packet; and measuring a first time of receiving the first packet and a second time of transmitting the first packet. 6. The method of claim 5 , further comprising: receiving a second packet through the communication network at the first device, the second packet including a second message having a timing correction and a second encapsulation that encapsulates one or more fields of the second message; updating the timing correction to account for a delay between the second time and the first time; updating the second encapsulation with the updated timing correction; and forwarding the second packet. 7. The method of claim 1 , further comprising: measuring a first time of receiving the first packet; predicting a second time of transmitting the first packet; updating a timing correction in the first message to account for a delay between the second time and the first time; updating the first encapsulation with the updated timing correction; and forwarding the updated first encapsulation. 8. An apparatus for a time synchronization system, the apparatus comprising: a receiving circuit configured to receive a first packet through a communication network and measure a first time of receiving the first packet, the first packet including a first message generated according to a precision time protocol (PTP), the first message including a first encapsulation; and a processor configured to security-verify the first packet based on the first message according to a security protocol, process the first message according to the PTP after the first packet is security-verified, the first message including at least fields of (i) PTP header, (ii) PTP payload, (iii) zero or more type-length-values (TLVs), and (iv) the first encapsulation of security TLV that encapsulates the PTP header, the PTP payload, and the zero or more TLVs of the first message according to the security protocol, transmit the first packet according to the PTP with the security verification, and measure a transmission time. 9. The apparatus of claim 8 , wherein the receiving circuit is configured to receive a second packet through the communication network, the second packet including a second message having a transmitting time of the first packet from another apparatus and a second encapsulation that encapsulates one or more fields of the second message; and the processor is configured to security-verify the second packet based on the second message and the second encapsulation, and synchronize a clock based on the transmitting time of the first packet from the other apparatus and a receiving time of the first packet at the apparatus. 10. The apparatus of claim 8 , wherein the first message includes a predicted transmitting time of the first packet from another apparatus, and the processor is configured to synchronize a clock of the apparatus based on the predicted transmitting time of the first packet from the other apparatus, and a receiving time of the first packet at the apparatus. 11. The apparatus of claim 9 , wherein the second packet includes a timing correction to account for a delay between a transmission of the first packet at the other apparatus and a reception of the first packet at the apparatus. 12. The apparatus of claim 8 , further comprising: a transmitting circuit configured to forward the first packet, and measure a second time of transmitting the first packet. 13. The apparatus of claim 12 , wherein: the receiving circuit is configured to receive a second packet through the communication network at the apparatus, the second packet including a second message having a timing correction and a second encapsulation that encapsulates one or more fields of the second message; the processor is configured to update the timing correction to account for a delay between the second time and the first time, and update the second encapsulation with the updated timing correction; and the transmitting circuit is configured to forward the second packet. 14. The apparatus of claim 8 , wherein the processor is configured to predict a second time of transmitting the first packet, update a timing correction in the first message to account for a delay between the second time and the first time, and update the first encapsulation with the updated timing correction; and a transmitting circuit configured to forwarding the updated first encapsulation. 15. A non-transitory computer readable medium storing program instructions for causing a processor to execute operations for a clock synchronization system in a communication network, the operations comprising: receiving a first packet through the communication network at a first device, the first packet including a first message generated according to a precision time protocol (PTP), the first message including a first encapsulation; security-verifying the first packet based on the first message according to a security protocol; processing the first message according to the PTP after the first packet is security-verified, the first message including at least fields of (i) PTP header, (ii) PTP payload, (iii) zero or more type-length-values (TLVs), and (iv) the first encapsulation of security TLV that encapsulates the PTP header, the PTP payload, and the zero or more TLVs of the first message according to the security protocol; and transmitting the first packet according to the PTP with the security verification and measuring a transmitting time.