In order for the attack to succeed Eve needs to be able to MITM every configured ntp server association and do so before the daemon starts up.
FYI Stephen Röttger is also the same guy who is a co-author of the two IETF proposals for the successor to autokey; Network Time Security[1] and Crypto Message Syntax for NTS[2].
