Even More Practical Secure Logging: Tree-Based Seekable Sequential Key Generators

Sequential key generators produce a forward-secure sequence of symmetric cryptographic keys and are traditionally based on hash chains. An inherent disadvantage of such constructions is that they do not offer a fast-forward capability, i.e., lack a way to efficiently skip a large number of keys--a functionality often required in practice. This limitation was overcome only recently, with the introduction of seekable sequential key generators SSKGs. The only currently known construction is based on the iterated evaluation of a shortcut one-way permutation, a factoring-based --and hence in practice not too efficient-- building block. In this paper we revisit the challenge of marrying forward-secure key generation with seekability and show that symmetric primitives like PRGs, block ciphers, and hash functions suffice for obtaining secure SSKGs. Our scheme is not only considerably more efficient than the prior number-theoretic construction, but also extends the seeking functionality in a way that we believe is important in practice. Our construction is provably forward-secure in the standard model.

[1]  Pieter H. Hartel,et al.  Secure Audit Logging with Tamper-Resistant Hardware , 2003, SEC.

[2]  Rafael Accorsi,et al.  BBox: A Distributed Secure Log Architecture , 2010, EuroPKI.

[3]  Hugo Krawczyk,et al.  Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels , 2001, EUROCRYPT.

[4]  Bruce Schneier,et al.  Secure audit logs to support computer forensics , 1999, TSEC.

[5]  Mihir Bellare,et al.  Forward-Security in Private-Key Cryptography , 2003, CT-RSA.

[6]  Peng Ning,et al.  BAF: An Efficient Publicly Verifiable Secure Audit Logging Scheme for Distributed Systems , 2009, 2009 Annual Computer Security Applications Conference.

[7]  Mihir Bellare,et al.  Forward Integrity For Secure Audit Logs , 1997 .

[8]  OpenSSL OpenSSL : The open source toolkit for SSL/TSL , 2002 .

[9]  Peng Ning,et al.  BAF and FI-BAF: Efficient and Publicly Verifiable Cryptographic Schemes for Secure Logging in Resource-Constrained Systems , 2012, TSEC.

[10]  Kent E. Seamons,et al.  Logcrypt: Forward Security and Public Verification for Secure Audit Logs , 2005, IACR Cryptol. ePrint Arch..

[11]  Michael Backes,et al.  Secure Key-Updating for Lazy Revocation , 2006, ESORICS.

[12]  Victor Shoup,et al.  On Formal Models for Secure Key Exchange , 1999, IACR Cryptol. ePrint Arch..

[13]  Panayiotis Kotzanikolaou,et al.  A Framework for Secure and Verifiable Logging in Public Communication Networks , 2006, CRITIS.

[14]  Ran Canetti,et al.  A Forward-Secure Public-Key Encryption Scheme , 2003, Journal of Cryptology.

[15]  Bertram Poettering,et al.  Practical Secure Logging: Seekable Sequential Key Generators , 2013, ESORICS.

[16]  Mihir Bellare,et al.  A Forward-Secure Digital Signature Scheme , 1999, CRYPTO.

[17]  Bruce Schneier,et al.  Minimizing Bandwidth for Remote Access to Cryptographically Protected Audit Logs , 1999, Recent Advances in Intrusion Detection.

[18]  Bruce Schneier,et al.  Cryptographic Support for Secure Logs on Untrusted Machines , 1998, USENIX Security Symposium.

[19]  John Kelsey,et al.  Signed Syslog Messages , 2010, RFC.

[20]  Gene Tsudik,et al.  Extended Abstract: Forward-Secure Sequential Aggregate Authentication , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[21]  Peter Gutmann,et al.  Secure deletion of data from magnetic and solid-state memory , 1996 .

[22]  Gene Tsudik,et al.  A new approach to secure logging , 2008, TOS.