Even More Practical Secure Logging: Tree-Based Seekable Sequential Key Generators
- Cite this paper as:
- Marson G.A., Poettering B. (2014) Even More Practical Secure Logging: Tree-Based Seekable Sequential Key Generators. In: Kutyłowski M., Vaidya J. (eds) Computer Security - ESORICS 2014. ESORICS 2014. Lecture Notes in Computer Science, vol 8713. Springer, Cham
Sequential key generators produce a forward-secure sequence of symmetric cryptographic keys and are traditionally based on hash chains. An inherent disadvantage of such constructions is that they do not offer a fast-forward capability, i.e., lack a way to efficiently skip a large number of keys—a functionality often required in practice. This limitation was overcome only recently, with the introduction of seekable sequential key generators (SSKGs). The only currently known construction is based on the iterated evaluation of a shortcut one-way permutation, a factoring-based —and hence in practice not too efficient— building block. In this paper we revisit the challenge of marrying forward-secure key generation with seekability and show that symmetric primitives like PRGs, block ciphers, and hash functions suffice for obtaining secure SSKGs. Our scheme is not only considerably more efficient than the prior number-theoretic construction, but also extends the seeking functionality in a way that we believe is important in practice. Our construction is provably (forward-)secure in the standard model.
Keywordssecured logging forward security seekable PRGs
Unable to display preview. Download preview PDF.