A New Approach to Secure Logging

Authors:
Di Ma;Gene Tsudik
Affiliations:
Computer Science Department, University of California, Irvine,;Computer Science Department, University of California, Irvine,
Venue:
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Year:
2008

Citing 9
Cited 3

Secure audit logs to support computer forensics

ACM Transactions on Information and System Security (TISSEC)
Key-Insulated Public Key Cryptosystems

EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Strong Key-Insulated Signature Schemes

PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Logcrypt: forward security and public verification for secure audit logs

ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
Extended Abstract: Forward-Secure Sequential Aggregate Authentication

SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Cryptographic support for secure logs on untrusted machines

SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Security and Privacy for Implantable Medical Devices

IEEE Pervasive Computing
Practical forward secure sequential aggregate signatures

Proceedings of the 2008 ACM symposium on Information, computer and communications security
Forward-security in private-key cryptography

CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track

BAF and FI-BAF: Efficient and Publicly Verifiable Cryptographic Schemes for Secure Logging in Resource-Constrained Systems

ACM Transactions on Information and System Security (TISSEC)
Self-sustaining, efficient and forward-secure cryptographic constructions for Unattended Wireless Sensor Networks

Ad Hoc Networks
Distributed privacy-preserving transparency logging

Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society

Quantified Score

Hi-index	0.00

Visualization

Abstract

The need for secure logging is well-understood by the security researchers and practitioners. The ability to efficiently verify all (or some) log entries is important to any application employing secure logging techniques. In this paper, we begin by examining the state-of-the-art in secure logging and identify some problems inherent to systems based on trusted third-party servers. We then propose a different approach based upon recently developed Forward-Secure Sequential Aggregate (FssAgg) authentication techniques. Our approach offers both space-efficiency and provable security. We illustrate two concrete schemes --- one private-verifiable and one public-verifiable --- that offer practical secure logging without any reliance on on-line trusted third parties or secure hardware. We evaluate proposed schemes and report on our experience with implementing them within a secure logging system.