A new approach to secure logging

The need for secure logging is well-understood by the security professionals, including both researchers and practitioners. The ability to efficiently verify all (or some) log entries is important to any application employing secure logging techniques. In this article, we begin by examining the state of the art in secure logging and identify some problems inherent to systems based on trusted third-party servers. We then propose a different approach to secure logging based upon recently developed Forward-Secure Sequential Aggregate (FssAgg) authentication techniques. Our approach offers both space-efficiency and provable security. We illustrate two concrete schemes—one private-verifiable and one public-verifiable—that offer practical secure logging without any reliance on online trusted third parties or secure hardware. We also investigate the concept of immutability in the context of forward-secure sequential aggregate authentication to provide finer grained verification. Finally we evaluate proposed schemes and report on our experience with implementing them within a secure logging system.

[1]  Mihir Bellare,et al.  Forward Integrity For Secure Audit Logs , 1997 .

[2]  Shouhuai Xu,et al.  Strong Key-Insulated Signature Schemes , 2003, Public Key Cryptography.

[3]  Gene Tsudik,et al.  Authentication and integrity in outsourced databases , 2006, TOS.

[4]  Mihir Bellare,et al.  Protecting against key-exposure: strongly key-insulated encryption with optimal threshold , 2005, Applicable Algebra in Engineering, Communication and Computing.

[5]  Kevin Fu,et al.  Security and Privacy for Implantable Medical Devices , 2008, IEEE Pervasive Comput..

[6]  Marianne Swanson,et al.  SP 800-14. Generally Accepted Principles and Practices for Securing Information Technology Systems , 1996 .

[7]  Gene Tsudik,et al.  Extended Abstract: Forward-Secure Sequential Aggregate Authentication , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[8]  Gene Tsudik,et al.  Signature Bouquets: Immutability for Aggregated/Condensed Signatures , 2004, ESORICS.

[9]  Kent E. Seamons,et al.  Logcrypt: Forward Security and Public Verification for Secure Audit Logs , 2005, IACR Cryptol. ePrint Arch..

[10]  Shouhuai Xu,et al.  Key-Insulated Public Key Cryptosystems , 2002, EUROCRYPT.

[11]  Bruce Schneier,et al.  Minimizing Bandwidth for Remote Access to Cryptographically Protected Audit Logs , 1999, Recent Advances in Intrusion Detection.

[12]  Bruce Schneier,et al.  Cryptographic Support for Secure Logs on Untrusted Machines , 1998, USENIX Security Symposium.

[13]  Peter Gutmann,et al.  Secure deletion of data from magnetic and solid-state memory , 1996 .

[14]  Mihir Bellare,et al.  Forward-Security in Private-Key Cryptography , 2003, CT-RSA.

[15]  Gene Tsudik,et al.  A New Approach to Secure Logging , 2008 .

[16]  Di Ma,et al.  Practical forward secure sequential aggregate signatures , 2008, ASIACCS '08.

[17]  Bruce Schneier,et al.  Secure audit logs to support computer forensics , 1999, TSEC.

[18]  Brent Waters,et al.  Building an Encrypted and Searchable Audit Log , 2004, NDSS.

[19]  Giuseppe Ateniese,et al.  Verifiable audit trails for a versioning file system , 2005, StorageSS '05.

[20]  Pieter H. Hartel,et al.  Secure Audit Logging with Tamper-Resistant Hardware , 2003, SEC.

[21]  Brian Berliner,et al.  CVS II: Parallelizing Software Dev elopment , 1998 .