Cryptology ePrint Archive: Report 2019/376

SELL v1.0: Searchable Encrypted Logging Library

Amir Jalali and Neil Davenport

Abstract: We present a practical solution to design a secure logging system that provides confidentiality, integrity, completeness, and non-repudiation. To the best of our knowledge, our solution is the first practical implementation of a logging system that brings all the above security aspects together. Our proposed library makes use of a Dynamic Searchable Symmetric Encryption (DSSE) scheme to provide keyword search operations through encrypted logs without decryption. This helps us to keep each log confidential, preventing unauthorized users from decrypting the encrypted logs. Moreover, we deploy a set of new features such as log sequence generation and digital signatures on top of the DSSE scheme, which makes our library a complete proof of concept solution for a secure logging system, providing all the necessary security assurances. We also analyze the library's performance on a real setting, bootstrapping with 10,000 lines of logs. Based on our observation, the entire search operation for a keyword takes about 10 milliseconds. Although SELL v1.0 is developed purely in Python without any low level optimization, the benchmarks show promising timing results for all the operations.

Category / Keywords: applications / Secure logging, dynamic searchable symmetric encryption, privacy-preserving, information security

Date: received 8 Apr 2019, last revised 18 Apr 2019

Contact author: ajalali at linkedin com,ndavenport@linkedin com

Available format(s): PDF | BibTeX Citation

Version: 20190418:221044 (All versions of this report)

Short URL: ia.cr/2019/376


[ Cryptology ePrint archive ]