Abstract
The need for secure logging is well-understood by the security professionals, including both researchers and practitioners. The ability to efficiently verify all (or some) log entries is important to any application employing secure logging techniques. In this article, we begin by examining the state of the art in secure logging and identify some problems inherent to systems based on trusted third-party servers. We then propose a different approach to secure logging based upon recently developed Forward-Secure Sequential Aggregate (FssAgg) authentication techniques. Our approach offers both space-efficiency and provable security. We illustrate two concrete schemes—one private-verifiable and one public-verifiable—that offer practical secure logging without any reliance on online trusted third parties or secure hardware. We also investigate the concept of immutability in the context of forward-secure sequential aggregate authentication to provide finer grained verification. Finally we evaluate proposed schemes and report on our experience with implementing them within a secure logging system.
- Bellare, M. and Palacio, A. 2002. Protecting against key exposure: strongly key-insulated encryption with optimal threshold. In Cryptology ePrint Archive, Report 2002/64.Google Scholar
- Bellare, M. and Yee, B. 1997. Forward integrity for secure audit logs. Tech. rep. University of California at San Diego ftp://www.cs.ucsd.edu/pub/bsq/pub/fi.ps.Google Scholar
- Bellare, M. and Yee, B. 2003. Forward-security in private-key cryptography. In Proceedings of the RSA Conference Cryptography Track. Google ScholarDigital Library
- Burns, R., Gentry, C., Lynn, B., and Shacham, H. 2005. Verifiable audit trails for a versioning file system. In Proceedings of the Workshop on Storage and Security (StorageSS'05). 416--432. Google ScholarDigital Library
- Chong, C., Peng, Z., and Hartel, P. 2002. Secure audit logging with tamper resistant hardware. In Technical Rep. TR-CTIT-02-29, Centre for Telematics and Information Technology, Univ. Twente, The Netherlands.Google Scholar
- Dodis, Y., Katz, J., Xu, S., and Yung, M. 2002. Key-insulated public key cryptosystems. In Proceedings of the Annual International Conference on Theory and Practice of Cryptographic Technique (Eurocrypt'02). 65--82. Google ScholarDigital Library
- Dodis, Y., Katz, J., Xu, S., and Yung, M. 2003. Strong key-insulated public key cryptosystems. In Proceedings of the Conference on Public Key Cryptography. 130--144.Google Scholar
- Gutmann, P. 1996. Secure deletion of data from magnetic and solid-state memory. In Proceedings of the 6th USENIX Security Symposium. 22--25. Google ScholarDigital Library
- Halperin, D., Kohno, T., Heydt-Benjamin, T., Fu, K., and Maisel, W. 2008. Security and privacy for implantable medical devices. IEEE Pervas. Comput. 7, 1. Google ScholarDigital Library
- Holt, J. 2006. Logcrypt: forward security and public verification for secure audit logs. In Proceedings of the 2006 Australasian Workshops on Grid Computing and E-Research. 203--211. Google ScholarDigital Library
- Kelsey, J. and Schneier, B. 1999. Minimizing bandwidth for remote access to cryptographically protected audit logs. In Proceedings of the Recent Advances in Intrusion Detection (RAID'99).Google Scholar
- Ma, D. 2008. Practical forward secure sequential aggregate signatures. In Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS'08). Google ScholarDigital Library
- Ma, D. and Tsudik, G. 2007. Forward-secure sequentical aggregate authentication. In Proceedings of the IEEE Symposium on Security and Privacy.. Google ScholarDigital Library
- Ma, D. and Tsudik, G. 2008. A new approach to secure logging. In Proceedings of the 22nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSEC'08). Google ScholarDigital Library
- Mykletun, E., Narasimha, M., and Tsudik, G. 2004a. Authentication and integrity in outsourced databases. In Proceedings of the ACM Annual Symposium on Network and Distributed System Security (NDSS'04).Google Scholar
- Mykletun, E., Narasimha, M., and Tsudik, G. 2004b. Signature bouquets: immutability for aggreagated/codensed signatures. In Proceedings of the European Symposium on Research in Computer Security (ESORICS'04). 160--176.Google Scholar
- Schneier, B. and Kelsey, J. 1998. Cryptographic support for secure logs on untrusted machines. Proceedings of the 7th USENIX Security Symposium. Google ScholarDigital Library
- Schneier, B. and Kelsey, J. 1999. Secure audit logs to support computer forensics. ACM Trans. Inform. Syst. Secur., 159--176. Google ScholarDigital Library
- Swanson, M. and Guttman, B. 1996. Generally accepted principles and practices for securing information technology systems. In National Institute of Standards and Technology Data Gateway 800--14. Google ScholarDigital Library
- U.S. Department of Defense, C. S. C. 1985. Trusted computer system evaluation criteria.Google Scholar
- Waters, B., Balfanz, D., Durfee, G., and Smeters, D. K. 2004. Building an encrypted and searchable audit log. In Proceedings of the ACM Annual Symposium on Network and Distributed System Security (NDSS'04).Google Scholar
Recommendations
A New Approach to Secure Logging
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications SecurityThe need for secure logging is well-understood by the security researchers and practitioners. The ability to efficiently verify all (or some) log entries is important to any application employing secure logging techniques. In this paper, we begin by ...
ID-based secret-key cryptography
This paper introduces ID-based secret-key cryptography, in which secret keys are privately and uniquely binded to an identity. This enables to extend public-key cryptography features at the high throughput rate of secret-key cryptography. As ...
Secure Identity-Based Encryption in the Quantum Random Oracle Model
Proceedings of the 32nd Annual Cryptology Conference on Advances in Cryptology --- CRYPTO 2012 - Volume 7417We give the first proof of security for an identity-based encryption scheme in the quantum random oracle model. This is the first proof of security for any scheme in this model that requires no additional assumptions. Our techniques are quite general ...
Comments