Paper 2017/107

Secure Logging with Crash Tolerance

Erik-Oliver Blass and Guevara Noubir

Abstract

Forward-secure logging protects old log entries in a log file against an adversary compromising the log device. However, we show that previous work on forward-secure logging is prone to crash-attacks where the adversary removes log entries and then crashes the log device. As the state of the log after a crash-attack is indistinguishable from the state after a real crash, e.g., power failure, the adversary can hide attack traces. We present SLiC, a new logging protocol that achieves forward-security against crash-attacks. Our main idea is to decouple the time of a log event with the position of its resulting log entry in the log file. Each event is encrypted and written to a pseudo-random position in the log file. Consequently, the adversary can only remove random log events, but not specific ones. Yet, during forensic analysis, the verifier can replay pseudo-random positions. This allows to distinguish a real crash (last events missing) from a crash-attack (random events missing). Besides a formal analysis, we also present an evaluation of SLiC as a syslog server to indicate its practicality.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Contact author(s)
erik-oliver blass @ airbus com
History
2017-04-29: revised
2017-02-14: received
See all versions
Short URL
https://ia.cr/2017/107
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2017/107,
      author = {Erik-Oliver Blass and Guevara Noubir},
      title = {Secure Logging with Crash Tolerance},
      howpublished = {Cryptology ePrint Archive, Paper 2017/107},
      year = {2017},
      note = {\url{https://eprint.iacr.org/2017/107}},
      url = {https://eprint.iacr.org/2017/107}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.