Article

Free access

Logcrypt: forward security and public verification for secure audit logs

Author:

Jason E. HoltAuthors Info & Claims

ACSW Frontiers '06: Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54

January 2006

Pages 203 - 211

Published: 01 January 2006 Publication History

Abstract

Logcrypt provides strong cryptographic assurances that data stored by a logging facility before a system compromise cannot be modified after the compromise without detection. We build on prior work by showing how log creation can be separated from log verification, and describing several additional performance and convenience features not previously considered.

References

[1]

{1} M. Bellare and P. Rogaway, Random Oracles are Practical: A Paradigm for Designing Efficient Protocols, ACM Conference on computer and Communications Security 1993, pp62-73.]]

Digital Library

[2]

{2} M. Bellare, S. Miner. A Forward-Secure Digital Signature Scheme. In Proc. of Crypto, pp. 431- 448, 1999.]]

Digital Library

[3]

{3} M. Bellare and B. Yee, "Forward Integrity for Secure Audit Logs," Technical Report, Computer Science and Engineering Department, University of California at San Diego, November 1997.]]

[4]

{4} J. Cha, J. Cheon, "An ID-based signature from Gap-Diffle-Hellman Groups," Proc. of PKC 2003, Lecture Notes in Computer Science, Vol. 2567, pp. 18-30 (2003).]]

Digital Library

[5]

{5} C. N. Chong, Z. Peng, and P. H. Hartel. Secure audit logging with tamper resistant hard-ware. Technical report TR-CTIT-02-29, Centre for Telematics and Information Technology, Univ. of Twente, The Netherlands, Aug 2002.]]

[6]

{6} A Cost-Based Security Analysis of Symmetric and Asymmetric Key Lengths, RSA Laboratories Bulletin #13, April 2000.]]

[7]

{7} A. Futoransky and E. Kargieman. PEO Revised. DISC 98 (Diá Intrenacional de la Seguridad en Cómputo). DF, Mexico. 1998.]]

[8]

{8} A. Futoransky and E. Kargieman. VCR y PEO, dos protocolos criptográficos simples. 25 Jornadas Argentinas de Informática e Investigación Operativa, July 1995.]]

[9]

{9} J. Kelsey, B. Schneier. Minimizing Bandwidth for Remote Access to Cryptographically Protected Audit Logs. Recent Advances in Intrusion Detection, 1999.]]

[10]

{10} MSyslog (Unix syslogd with integrity protection). http://oss.coresecurity.com/projects/msyslog.html]]

[11]

{11} H. Orman and P. Hoffman, Determining Strengths For Public Keys Used For Exchanging Symmetric Keys, Internet Engineering Task Force RFC 3766, April 2004.]]

Digital Library

[12]

{12} B. Schneier, J. Kelsey. Cryptographic Support for Secure Logs on Untrusted Machines. In Proceedings of the 7th USENIX Security Symposium, San Antonio, TX, USA, Jan. 1998.]]

Digital Library

[13]

{13} B. Schneier, J. Kelsey. Secure Audit Logs to Support Computer Forensics. ACM Transactions on Information and System Security 2(2): 159-176, 1999.]]

Digital Library

[14]

{14} K. Thompson, "Reflections on Trusting Trust," Communications of the ACM, Vol. 27, No. 8, August 1984, pp. 761-763.]]

Digital Library

[15]

{15} B. R. Waters, D. Balfanz, G. Durfee, D. K. Smetters. Building an Encrypted and Searchable Audit Log. ACM Annual Symposium on Network and Distributed System Security, 2004]]

Cited By

Zieglmeier VPretschner A(2023)Rethinking People Analytics With Inverse Transparency by DesignProceedings of the ACM on Human-Computer Interaction10.1145/36100837:CSCW2(1-29)Online publication date: 4-Oct-2023
https://dl.acm.org/doi/10.1145/3610083
Shekhtman LWaisbard E(2019)EngraveChainProceedings of the 2nd Workshop on Blockchain-enabled Networked Sensor10.1145/3362744.3363346(8-14)Online publication date: 10-Nov-2019
https://dl.acm.org/doi/10.1145/3362744.3363346
Lee SChoi WJo HLee DGalbraith SRussello GSusilo WGollmann DKirda ELiang Z(2019)How to Securely Record Logs based on ARM TrustZoneProceedings of the 2019 ACM Asia Conference on Computer and Communications Security10.1145/3321705.3331001(664-666)Online publication date: 2-Jul-2019
https://dl.acm.org/doi/10.1145/3321705.3331001
Show More Cited By

Index Terms

Recommendations

Parallel integer sorting and simulation amongst CRCW models
Abstract
In this paper a general technique for reducing processors in simulation without any increase in time is described. This results in an O(√logn) time algorithm for simulating one step of PRIORITY on TOLERANT with processor-time product of O(n log ...
Read More
Brief Announcement: An Exponential Separation Between Randomized and Deterministic Complexity in the LOCAL Model
PODC '16: Proceedings of the 2016 ACM Symposium on Principles of Distributed Computing
Over the past 30 years numerous algorithms have been designed for symmetry breaking problems in the LOCAL model, such as maximal matching, MIS, vertex coloring, and edge-coloring. For most problems the best randomized algorithm is at least exponentially ...
Read More
Work-Time Optimal k-Merge Algorithms on the PRAM

For 2 k n, the k-merge problem is to merge a collection of k sorted sequences of total length n into a new sorted sequence. The k-merge problem is fundamental as it provides a common generalization of both merging and sorting. The main contribution of ...
Read More

Comments

Information & Contributors

Information

Published In

cover image DL Hosted proceedings

ACSW Frontiers '06: Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54

January 2006

230 pages

ISBN:1920682368

Publisher

Australian Computer Society, Inc.

Australia

Publication History

Published: 01 January 2006

Qualifiers

Article

Conference

ACSW Frontiers '06

ACSW Frontiers '06: Grid computing and e-research

January 16 - 19, 2006

Tasmania, Hobart, Australia

Acceptance Rates

Overall Acceptance Rate 204 of 424 submissions, 48%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

21
Total Citations
View Citations
371
Total Downloads

Downloads (Last 12 months)74
Downloads (Last 6 weeks)15

Other Metrics

View Author Metrics

Citations

Cited By

Zieglmeier VPretschner A(2023)Rethinking People Analytics With Inverse Transparency by DesignProceedings of the ACM on Human-Computer Interaction10.1145/36100837:CSCW2(1-29)Online publication date: 4-Oct-2023
https://dl.acm.org/doi/10.1145/3610083
Shekhtman LWaisbard E(2019)EngraveChainProceedings of the 2nd Workshop on Blockchain-enabled Networked Sensor10.1145/3362744.3363346(8-14)Online publication date: 10-Nov-2019
https://dl.acm.org/doi/10.1145/3362744.3363346
Lee SChoi WJo HLee DGalbraith SRussello GSusilo WGollmann DKirda ELiang Z(2019)How to Securely Record Logs based on ARM TrustZoneProceedings of the 2019 ACM Asia Conference on Computer and Communications Security10.1145/3321705.3331001(664-666)Online publication date: 2-Jul-2019
https://dl.acm.org/doi/10.1145/3321705.3331001
Tian HChen ZChang CHuang YWang THuang ZCai YChen Y(2019)Public audit for operation behavior logs with error locating in cloud storageSoft Computing - A Fusion of Foundations, Methodologies and Applications10.1007/s00500-018-3038-823:11(3779-3792)Online publication date: 1-Jun-2019
https://dl.acm.org/doi/10.1007/s00500-018-3038-8
Jin HZhou KLuo Y(2018)A framework with data-centric accountability and auditability for cloud storageThe Journal of Supercomputing10.1007/s11227-018-2504-574:11(5903-5926)Online publication date: 1-Nov-2018
https://dl.acm.org/doi/10.1007/s11227-018-2504-5
Hartung G(2016)Secure Audit Logs with Verifiable ExcerptsProceedings of the RSA Conference on Topics in Cryptology - CT-RSA 2016 - Volume 961010.1007/978-3-319-29485-8_11(183-199)Online publication date: 29-Feb-2016
https://dl.acm.org/doi/10.1007/978-3-319-29485-8_11
Chowdhury OGarg DJia LDatta ARay ILi NKruegel C(2015)Equivalence-based Security for Querying Encrypted DatabasesProceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security10.1145/2810103.2813638(1130-1143)Online publication date: 12-Oct-2015
https://dl.acm.org/doi/10.1145/2810103.2813638
Kampanakis PYavuz A(2015)BAFiSecurity and Communication Networks10.1002/sec.12428:17(3180-3190)Online publication date: 25-Nov-2015
https://dl.acm.org/doi/10.1002/sec.1242
Pulls TPeeters RWouters KSadeghi AForesti S(2013)Distributed privacy-preserving transparency loggingProceedings of the 12th ACM workshop on Workshop on privacy in the electronic society10.1145/2517840.2517847(83-94)Online publication date: 4-Nov-2013
https://dl.acm.org/doi/10.1145/2517840.2517847
Truong HIgnat CMolli PFinholt TTellioğlu HInkpen KGross T(2012)Authenticating operation-based history in collaborative systemsProceedings of the 2012 ACM International Conference on Supporting Group Work10.1145/2389176.2389197(131-140)Online publication date: 27-Oct-2012
https://dl.acm.org/doi/10.1145/2389176.2389197
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents