Cryptology ePrint Archive: Report 2018/737

Steady: A Simple End-to-End Secure Logging System

Tobias Pulls and Rasmus Dahlberg

Abstract: We present Steady: an end-to-end secure logging system engineered to be simple in terms of design, implementation, and assumptions for real-world use. Steady gets its name from being based on a steady (heart)beat of events from a forward-secure device sent over an untrusted network through untrusted relays to a trusted collector. Properties include optional encryption and compression (with loss of confidentiality but significant gain in goodput), detection of tampering, relays that can function in unidirectional networks (e.g., as part of a data diode), cost-effective use of cloud services for relays, and publicly verifiable proofs of event authenticity. The design is formalized and security proven in the standard model. Our prototype implementation (about 2,200 loc) shows reliable goodput of over 1M events/s (about 160 MiB/s) for a realistic dataset with commodity hardware for a device on a GigE network using 16 MiB of memory connected to a relay running at Amazon EC2.

Category / Keywords: cryptographic protocols

Original Publication (with major differences): NordSec 2018
DOI:
10.1007/978-3-030-03638-6_6

Date: received 10 Aug 2018, last revised 10 Dec 2018

Contact author: tobias pulls at kau se

Available format(s): PDF | BibTeX Citation

Note: Extension in Appendix B and minor corrections

Version: 20181210:151101 (All versions of this report)

Short URL: ia.cr/2018/737


[ Cryptology ePrint archive ]