Abstract
Logging systems are an essential component of security systems and their security has been widely studied. Recently (2017) it was shown that existing secure logging protocols are vulnerable to crash attack in which the adversary modifies the log file and then crashes the system to make it indistinguishable from a normal system crash. The attacker was assumed to be non-adaptive and not be able to see the file content before modifying and crashing it (which will be immediately after modifying the file). The authors also proposed a system called SLiC that protects against this attacker. In this paper, we consider an (insider) adaptive adversary who can see the file content as new log operations are performed. This is a powerful adversary who can attempt to rewind the system to a past state. We formalize security against this adversary and introduce a scheme with provable security. We show that security against this attacker requires some (small) protected memory that can become accessible to the attacker after the system compromise. We show that existing secure logging schemes are insecure in this setting, even if the system provides some protected memory as above. We propose a novel mechanism that, in its basic form, uses a pair of keys that evolve at different rates, and employ this mechanism in an existing logging scheme that has forward integrity to obtain a system with provable security against adaptive (and hence non-adaptive) crash attack. We implemented our scheme on a desktop computer and a Raspberry Pi, and showed in addition to higher security, a significant efficiency gain over SLiC.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
Available online at https://arxiv.org/abs/1910.14169.
- 2.
Note that this LStore may be the result of normal logging operation, or after a crash.
- 3.
Probabilistic Polynomial Time.
- 4.
Details of this analysis are given in the full version of the paper.
- 5.
The size of the key is 256 bits.
References
Andrews, J.H.: Testing using log file analysis: tools, methods, and issues. In: 13th IEEE International Conference on Automated Software Engineering, pp. 157–166. IEEE (1998)
Avizheh, S., Doan, T.T., Liu, X., Safavi-Naini, R.: A secure event logging system for smart homes. In: 2017 Workshop on Internet of Things Security and Privacy, pp. 37–42. ACM (2017)
Bellare, M., Yee, B.: Forward integrity for secure audit logs. Technical report, Computer Science and Engineering Department, University of California at San Diego (1997)
Bernstein, D.J.: ChaCha, a variant of Salsa20. In: Workshop Record of SASC, vol. 8, pp. 3–5 (2008)
Bitcoinwiki: Difficulty in mining (2018). https://en.bitcoinwiki.org/wiki/Difficulty_in_Mining. Accessed January 2019
Blass, E.O., Noubir, G.: Secure logging with crash tolerance. In: IEEE Conference on Communications and Network Security (CNS), pp. 1–10. IEEE (2017)
Butin, D., Le Métayer, D.: Log analysis for data protection accountability. In: Jones, C., Pihlajasaari, P., Sun, J. (eds.) FM 2014. LNCS, vol. 8442, pp. 163–178. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-06410-9_12
Holt, J.E.: Logcrypt: forward security and public verification for secure audit logs. In: Australasian Workshops on Grid Computing and E-research, vol. 54, pp. 203–211. Australian Computer Society, Inc. (2006)
Lalla, H., Flowerday, S., Sanyamahwe, T., Tarwireyi, P.: A log file digital forensic model. In: Peterson, G., Shenoi, S. (eds.) DigitalForensics 2012. IAICT, vol. 383, pp. 247–259. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-33962-2_17
Ma, D., Tsudik, G.: Forward-secure sequential aggregate authentication. In: IEEE Symposium on Security and Privacy, pp. 86–91. IEEE (2007)
Ma, D., Tsudik, G.: A new approach to secure logging. ACM Trans. Storage (TOS) 5(1), 2 (2009)
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008)
Schneier, B., Kelsey, J.: Secure audit logs to support computer forensics. ACM Trans. Inf. Syst. Secur. (TISSEC) 2(2), 159–176 (1999)
Tomescu, A., Devadas, S.: Catena: efficient non-equivocation via bitcoin. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 393–409. IEEE (2017)
Acknowledgments
This work is in part supported by a research grant from Alberta Innovates in the Province of Alberta in Canada.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Avizheh, S., Safavi-Naini, R., Li, S. (2020). Secure Logging with Security Against Adaptive Crash Attack. In: Benzekri, A., Barbeau, M., Gong, G., Laborde, R., Garcia-Alfaro, J. (eds) Foundations and Practice of Security. FPS 2019. Lecture Notes in Computer Science(), vol 12056. Springer, Cham. https://doi.org/10.1007/978-3-030-45371-8_9
Download citation
DOI: https://doi.org/10.1007/978-3-030-45371-8_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-45370-1
Online ISBN: 978-3-030-45371-8
eBook Packages: Computer ScienceComputer Science (R0)