Advertisement

Steady

A Simple End-to-End Secure Logging System
  • Tobias PullsEmail author
  • Rasmus Dahlberg
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11252)

Abstract

We present Steady: an end-to-end secure logging system engineered to be simple in terms of design, implementation, and assumptions for real-world use. Steady gets its name from being based on a steady (heart)beat of events from a forward-secure device sent over an untrusted network through untrusted relays to a trusted collector. Properties include optional encryption and compression (with loss of confidentiality but significant gain in goodput), detection of tampering, relays that can function in unidirectional networks (e.g., as part of a data diode), cost-effective use of cloud services for relays, and publicly verifiable proofs of event authenticity. The design is formalized and security proven in the standard model. Our prototype implementation (\(\approx \)2,200 loc) shows reliable goodput of over 1M events/s (\(\approx \)160 MiB/s) for a realistic dataset with commodity hardware for a device on a GigE network using 16 MiB of memory connected to a relay running at Amazon EC2.

Keywords

Secure logging Protocols Applied cryptography 

Notes

Acknowledgments

We would like to thank Christian Gotare, Anders Lidén, Mattias Nordlund, and Roel Peeters for valuable feedback. This research as part of the HITS research profile was funded by the Swedish Knowledge Foundation.

References

  1. 1.
    Blum, M., Evans, W.S., Gemmell, P., Kannan, S., Naor, M.: Checking the correctness of memories. Algorithmica 12(2/3), 225–244 (1994)MathSciNetCrossRefGoogle Scholar
  2. 2.
    Bowers, K.D., Hart, C., Juels, A., Triandopoulos, N.: PillarBox: Combating next-generation malware with fast forward-secure logging. In: RAID (2014)Google Scholar
  3. 3.
    Buldas, A., Truu, A., Laanoja, R., Gerhards, R.: Efficient record-level keyless signatures for audit logs. In: Bernsmed, K., Fischer-Hübner, S. (eds.) NordSec 2014. LNCS, vol. 8788, pp. 149–164. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-11599-3_9 CrossRefGoogle Scholar
  4. 4.
    Crosby, S.A., Wallach, D.S.: Efficient data structures for tamper-evident logging. In: Monrose, F. (ed.) Proceedings of the 18th USENIX Security Symposium, Montreal, Canada, August 10–14, 2009, pp. 317–334. USENIX Association (2009)Google Scholar
  5. 5.
    Hartung, G., Kaidel, B., Koch, A., Koch, J., Hartmann, D.: Practical and robust secure logging from fault-tolerant sequential aggregate signatures. In: Okamoto, T., Yu, Y., Au, M.H., Li, Y. (eds.) ProvSec 2017. LNCS, vol. 10592, pp. 87–106. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-68637-0_6 CrossRefGoogle Scholar
  6. 6.
    Holt, J.E.: Logcrypt: forward security and public verification for secure audit logs. In: The proceedings of AusGrid and AISW (2006)Google Scholar
  7. 7.
    Karande, V., Bauman, E., Lin, Z., Khan, L.: SGX-Log: Securing system logs with SGX. In: AsiaCCS (2017)Google Scholar
  8. 8.
    Kelsey, J.: Compression and information leakage of plaintext. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, pp. 263–276. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-45661-9_21 CrossRefGoogle Scholar
  9. 9.
    Kotz, D., Henderson, T., Abyzov, I., Yeo, J.: CRAWDAD dataset dartmouth/campus (v. 2009–09-09), September 2009. https://crawdad.org/dartmouth/campus/20090909
  10. 10.
    Ma, D., Tsudik, G.: A new approach to secure logging. TOS 5(1), 2:1–2:21 (2009)CrossRefGoogle Scholar
  11. 11.
    Merkle, R.C.: A digital signature based on a conventional encryption function. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 369–378. Springer, Heidelberg (1988).  https://doi.org/10.1007/3-540-48184-2_32 CrossRefGoogle Scholar
  12. 12.
    Pulls, T., Dahlberg, R.: Steady: A simple end-to-end secure logging system. IACR Cryptology ePrint Archive p. 737 (2018). https://eprint.iacr.org/2018/737
  13. 13.
    Schneier, B., Kelsey, J.: Cryptographic Support for Secure Logs on Untrusted Machines. In: USENIX Security Symposium, pp. 53–62. USENIX (1998)Google Scholar
  14. 14.
    Shepherd, C., Akram, R.N., Markantonakis, K.: EmLog: tamper-resistant system logging for constrained devices with TEEs. In: Hancke, G.P., Damiani, E. (eds.) WISTP 2017. LNCS, vol. 10741, pp. 75–92. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-93524-9_5 CrossRefGoogle Scholar
  15. 15.
    Sinha, A., Jia, L., England, P., Lorch, J.R.: Continuous tamper-proof logging using TPM 2.0. In: Holz, T., Ioannidis, S. (eds.) Trust 2014. LNCS, vol. 8564, pp. 19–36. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-08593-7_2 CrossRefGoogle Scholar
  16. 16.
    Yavuz, A.A., Ning, P.: BAF: an efficient publicly verifiable secure audit logging scheme for distributed systems. In: ACSAC (2009)Google Scholar
  17. 17.
    Yavuz, A.A., Ning, P., Reiter, M.K.: Efficient, compromise resilient and append-only cryptographic schemes for secure audit logging. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 148–163. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32946-3_12 CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  1. 1.Department of Mathematics and Computer ScienceKarlstad UniversityKarlstadSweden

Personalised recommendations