BAF and FI-BAF: Efficient and Publicly Verifiable Cryptographic Schemes for Secure Logging in Resource-Constrained Systems

Audit logs are an integral part of modern computer systems due to their forensic value. Protecting audit logs on a physically unprotected machine in hostile environments is a challenging task, especially in the presence of active adversaries. It is critical for such a system to have forward security and append-only properties such that when an adversary compromises a logging machine, she cannot forge or selectively delete the log entries accumulated before the compromise. Existing public-key-based secure logging schemes are computationally costly. Existing symmetric secure logging schemes are not publicly verifiable and open to certain attacks. In this article, we develop a new forward-secure and aggregate signature scheme called Blind-Aggregate-Forward (BAF), which is suitable for secure logging in resource-constrained systems. BAF is the only cryptographic secure logging scheme that can produce publicly verifiable, forward-secure and aggregate signatures with low computation, key/signature storage, and signature communication overheads for the loggers, without requiring any online trusted third party support. A simple variant of BAF also allows a fine-grained verification of log entries without compromising the security or computational efficiency of BAF. We prove that our schemes are secure in Random Oracle Model (ROM). We also show that they are significantly more efficient than all the previous publicly verifiable cryptographic secure logging schemes.

[1]  Yi Mu,et al.  Compact sequential aggregate signatures , 2007, SAC '07.

[2]  Bruce Schneier,et al.  Secure audit logs to support computer forensics , 1999, TSEC.

[3]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[4]  Tim Kerins,et al.  Public-Key Cryptography for RFID-Tags , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerComW'07).

[5]  Ravi Sandhu,et al.  ACM Transactions on Information and System Security: Editorial , 2005 .

[6]  Tal Malkin,et al.  Efficient Generic Forward-Secure Signatures with an Unbounded Number Of Time Periods , 2002, EUROCRYPT.

[7]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice , 1995 .

[8]  Peng Ning,et al.  Hash-Based Sequential Aggregate and Forward Secure Signature for Unattended Wireless Sensor Networks , 2009, 2009 6th Annual International Mobile and Ubiquitous Systems: Networking & Services, MobiQuitous.

[9]  Brent Waters,et al.  Building an Encrypted and Searchable Audit Log , 2004, NDSS.

[10]  Mary Baker,et al.  Authenticated Append-only Skip Lists , 2003, ArXiv.

[11]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.

[12]  Bruce Schneier,et al.  Cryptographic Support for Secure Logs on Untrusted Machines , 1998, USENIX Security Symposium.

[13]  Hugo Krawczyk,et al.  Simple forward-secure signatures from any signature scheme , 2000, IACR Cryptol. ePrint Arch..

[14]  Jean-Sébastien Coron,et al.  Boneh et al.'s k-Element Aggregate Extraction Assumption Is Equivalent to the Diffie-Hellman Assumption , 2003, ASIACRYPT.

[15]  Mihir Bellare,et al.  Forward-Security in Private-Key Cryptography , 2003, CT-RSA.

[16]  Richard Laver,et al.  On the consistency of Borel's conjecture , 1976 .

[17]  Windsor W. Hsu,et al.  Technical Forum : WORM storage is not enough , 2007, IBM Syst. J..

[18]  Pieter H. Hartel,et al.  Secure Audit Logging with Tamper-Resistant Hardware , 2003, SEC.

[19]  Roberto Tamassia,et al.  Authenticated hash tables , 2008, CCS.

[20]  Peng Ning,et al.  BAF: An Efficient Publicly Verifiable Secure Audit Logging Scheme for Distributed Systems , 2009, 2009 Annual Computer Security Applications Conference.

[21]  Alina Oprea,et al.  Authentic Time-Stamps for Archival Storage , 2009, ESORICS.

[22]  Gene Tsudik,et al.  A new approach to secure logging , 2008, TOS.

[23]  Gene Tsudik,et al.  Extended Abstract: Forward-Secure Sequential Aggregate Authentication , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[24]  Mihir Bellare,et al.  Forward Integrity For Secure Audit Logs , 1997 .

[25]  Kevin R. Fall,et al.  A delay-tolerant network architecture for challenged internets , 2003, SIGCOMM '03.

[26]  Yongge Wang,et al.  Fast and Secure Magnetic WORM Storage Systems , 2003, Second IEEE International Security in Storage Workshop.

[27]  Shouhuai Xu,et al.  Key-Insulated Public Key Cryptosystems , 2002, EUROCRYPT.

[28]  Gene Tsudik,et al.  Forward-Secure Sequential Aggregate Authentication , 2007, IACR Cryptol. ePrint Arch..

[29]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[30]  Dan S. Wallach,et al.  Efficient Data Structures For Tamper-Evident Logging , 2009, USENIX Security Symposium.

[31]  Kent E. Seamons,et al.  Logcrypt: Forward Security and Public Verification for Secure Audit Logs , 2005, IACR Cryptol. ePrint Arch..

[32]  Acknowledgments , 2006, Molecular and Cellular Endocrinology.

[33]  Michael T. Goodrich,et al.  Persistent Authenticated Dictionaries and Their Applications , 2001, ISC.

[34]  Craig Gentry,et al.  Ordered multisignatures and identity-based sequential aggregate signatures, with applications to secure routing , 2007, CCS '07.

[35]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[36]  Gene Tsudik,et al.  Signature Bouquets: Immutability for Aggregated/Condensed Signatures , 2004, ESORICS.

[37]  Hovav Shacham,et al.  Aggregate and Verifiably Encrypted Signatures from Bilinear Maps , 2003, EUROCRYPT.

[38]  Di Ma,et al.  Practical forward secure sequential aggregate signatures , 2008, ASIACCS '08.

[39]  Douglas R. Stinson,et al.  Cryptography: Theory and Practice,Second Edition , 2002 .

[40]  Tanja Lange,et al.  Pairing-Based Cryptography , 2005, Handbook of Elliptic and Hyperelliptic Curve Cryptography.

[41]  Mihir Bellare,et al.  A Forward-Secure Digital Signature Scheme , 1999, CRYPTO.

[42]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[43]  Michael K. Reiter,et al.  Time-Scoped Searching of Encrypted Audit Logs , 2004, ICICS.

[44]  Leonid Reyzin,et al.  A New Forward-Secure Digital Signature Scheme , 2000, ASIACRYPT.