One-way accumulators: a decentralized alternative to digital signatures
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Secure audit logs to support computer forensics
ACM Transactions on Information and System Security (TISSEC)
Space/time trade-offs in hash coding with allowable errors
Communications of the ACM
Skip Lists: A Probabilistic Alternative to Balanced Trees
WADS '89 Proceedings of the Workshop on Algorithms and Data Structures
Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
A Digital Signature Based on a Conventional Encryption Function
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
How to Time-Stamp a Digital Document
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Time-Stamping with Binary Linking Schemes
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Secure History Preservation Through Timeline Entanglement
Proceedings of the 11th USENIX Security Symposium
Automatic Event-Stream Notarization Using Digital Signatures
Proceedings of the International Workshop on Security Protocols
On Certificate Revocation and Validation
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Persistent Authenticated Dictionaries and Their Applications
ISC '01 Proceedings of the 4th International Conference on Information Security
Optimally Efficient Accountable Time-Stamping
PKC '00 Proceedings of the Third International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
On Optimal Hash Tree Traversal for Interval Time-Stamping
ISC '02 Proceedings of the 5th International Conference on Information Security
FOCS '95 Proceedings of the 36th Annual Symposium on Foundations of Computer Science
Secure Aggregation for Wireless Networks
SAINT-W '03 Proceedings of the 2003 Symposium on Applications and the Internet Workshops (SAINT'03 Workshops)
Authentic data publication over the internet
Journal of Computer Security - IFIP 2000
Practical Techniques for Searches on Encrypted Data
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Proceedings of the 10th ACM conference on Computer and communications security
The LOCKSS peer-to-peer digital preservation system
ACM Transactions on Computer Systems (TOCS)
Flexible authentication of XML documents
Journal of Computer Security - Special issue on ACM conference on computer and communications security, 2001
Fossilized index: the linchpin of trustworthy non-alterable electronic records
Proceedings of the 2005 ACM SIGMOD international conference on Management of data
Enabling the Archival Storage of Signed Documents
FAST '02 Proceedings of the 1st USENIX Conference on File and Storage Technologies
CHRONOS: an authenticated dictionary based on skip lists for timestamping systems
Proceedings of the 2005 workshop on Secure web services
Forensic analysis of database tampering
Proceedings of the 2006 ACM SIGMOD international conference on Management of data
Logcrypt: forward security and public verification for secure audit logs
ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
Trustworthy keyword search for regulatory-compliant records retention
VLDB '06 Proceedings of the 32nd international conference on Very large data bases
Attribute-based encryption for fine-grained access control of encrypted data
Proceedings of the 13th ACM conference on Computer and communications security
Secure hierarchical in-network aggregation in sensor networks
Proceedings of the 13th ACM conference on Computer and communications security
Secure untrusted data repository (SUNDR)
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Extended Abstract: Forward-Secure Sequential Aggregate Authentication
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Certificate revocation and certificate update
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Design and implementation of verifiable audit trails for a versioning file system
FAST '07 Proceedings of the 5th USENIX conference on File and Storage Technologies
Strong accountability for network storage
ACM Transactions on Storage (TOS)
Zyzzyva: speculative byzantine fault tolerance
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
PeerReview: practical accountability for distributed systems
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Attested append-only memory: making adversaries stick to their word
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Detection of Mutual Inconsistency in Distributed Systems
IEEE Transactions on Software Engineering
Attribute-based encryption with non-monotonic access structures
Proceedings of the 14th ACM conference on Computer and communications security
Tamper detection in audit logs
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Casting votes in the auditorium
EVT'07 Proceedings of the USENIX Workshop on Accurate Electronic Voting Technology
Practical forward secure sequential aggregate signatures
Proceedings of the 2008 ACM symposium on Information, computer and communications security
SIA: Secure information aggregation in sensor networks
Journal of Computer Security - Special Issue on Security of Ad-hoc and Sensor Networks
Exemplifying Attack Identification and Analysis in a Novel Forensically Viable Syslog Model
SADFE '08 Proceedings of the 2008 Third International Workshop on Systematic Approaches to Digital Forensic Engineering
ICDCS '08 Proceedings of the 2008 The 28th International Conference on Distributed Computing Systems
A new approach to secure logging
ACM Transactions on Storage (TOS)
Authenticated data structures for graph and geometric searching
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Provably secure framework for information aggregation in sensor networks
ICCSA'07 Proceedings of the 2007 international conference on Computational science and its applications - Volume Part I
Naming and integrity: self-verifying data in peer-to-peer systems
Future directions in distributed computing
ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
Fuzzy identity-based encryption
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Delegating secure logging in pervasive computing systems
SPC'06 Proceedings of the Third international conference on Security in Pervasive Computing
Authentic time-stamps for archival storage
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Super-efficient aggregating history-independent persistent authenticated dictionaries
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Sensor tricorder: what does that sensor know about me?
Proceedings of the 12th Workshop on Mobile Computing Systems and Applications
ACM Transactions on Information and System Security (TISSEC)
Social networking with frientegrity: privacy and integrity with an untrusted provider
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Authenticating operation-based history in collaborative systems
Proceedings of the 17th ACM international conference on Supporting group work
Privacy-Friendly cloud storage for the data track: an educational transparency tool
NordSec'12 Proceedings of the 17th Nordic conference on Secure IT Systems
| Hi-index | 0.00 |
Many real-world applications wish to collect tamperevident logs for forensic purposes. This paper considers the case of an untrusted logger, serving a number of clients who wish to store their events in the log, and kept honest by a number of auditors who will challenge the logger to prove its correct behavior. We propose semantics of tamper-evident logs in terms of this auditing process. The logger must be able to prove that individual logged events are still present, and that the log, as seen now, is consistent with how it was seen in the past. To accomplish this efficiently, we describe a tree-based data structure that can generate such proofs with logarithmic size and space, improving over previous linear constructions. Where a classic hash chain might require an 800 MB trace to prove that a randomly chosen event is in a log with 80 million events, our prototype returns a 3 KB proof with the same semantics. We also present a flexible mechanism for the log server to present authenticated and tamper-evident search results for all events matching a predicate. This can allow large-scale log servers to selectively delete old events, in an agreed-upon fashion, while generating efficient proofs that no inappropriate events were deleted. We describe a prototype implementation and measure its performance on an 80 million event syslog trace at 1,750 events per second using a single CPU core. Performance improves to 10,500 events per second if cryptographic signatures are offloaded, corresponding to 1.1 TB of logging throughput per week.