Cryptology ePrint Archive: Report 2017/107

Secure Logging with Crash Tolerance

Erik-Oliver Blass and Guevara Noubir

Abstract: Forward-secure logging protects old log entries in a log file against an adversary compromising the log device. However, we show that previous work on forward-secure logging is prone to crash-attacks where the adversary removes log entries and then crashes the log device. As the state of the log after a crash-attack is indistinguishable from the state after a real crash, e.g., power failure, the adversary can hide attack traces. We present SLiC, a new logging protocol that achieves forward-security against crash-attacks. Our main idea is to decouple the time of a log event with the position of its resulting log entry in the log file. Each event is encrypted and written to a pseudo-random position in the log file. Consequently, the adversary can only remove random log events, but not specific ones. Yet, during forensic analysis, the verifier can replay pseudo-random positions. This allows to distinguish a real crash (last events missing) from a crash-attack (random events missing). Besides a formal analysis, we also present an evaluation of SLiC as a syslog server to indicate its practicality.

Category / Keywords: cryptographic protocols /

Date: received 10 Feb 2017, last revised 28 Apr 2017

Contact author: erik-oliver blass at airbus com

Available format(s): PDF | BibTeX Citation

Version: 20170429:002515 (All versions of this report)

Short URL: ia.cr/2017/107

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]