Efficient Record-Level Keyless Signatures for Audit Logs

  • Ahto BuldasEmail author
  • Ahto Truu
  • Risto Laanoja
  • Rainer Gerhards
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8788)


We propose a log signing scheme that enables (a) verification of the integrity of the whole log, and (b) presentation of any record, along with a compact proof that the record has not been altered since the log was signed, without leaking any information about the contents of other records in the log. We give a formal security proof of the scheme, discuss practical considerations, and provide an implementation case study.


applied security secure logging keyless signatures cryptographic time-stamps syslog rsyslog 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Accorsi, R.: BBox: A distributed secure log architecture. In: Camenisch, J., Lambrinoudakis, C. (eds.) EuroPKI 2010. LNCS, vol. 6711, pp. 109–124. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  2. 2.
    Adams, C., Cain, P., Pinkas, D., Zuccherato, R.: Internet X.509 public key infrastructure time-stamp protocol (TSP). IETF RFC 3161 (2001)Google Scholar
  3. 3.
    Buldas, A., Kroonmaa, A., Park, A.: OpenKSI digital signature format (2012)Google Scholar
  4. 4.
    Buldas, A., Saarepera, M.: On provably secure time-stamping schemes. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 500–514. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  5. 5.
    Buldas, A., Truu, A., Laanoja, R., Gerhards, R.: Efficient record-level keyless signatures for logs. Cryptology ePrint Archive, Report 2014/552 (2014)Google Scholar
  6. 6.
    Callas, J., Donnerhacke, L., Finney, H., Thayer, R.: OpenPGP message format. IETF RFC 4880 (2007)Google Scholar
  7. 7.
    Gerhards, R.: The syslog protocol. IETF RFC 5424 (2009)Google Scholar
  8. 8.
    Holt, J.E.: Logcrypt: Forward security and public verification for secure audit logs. In: Buyya, R., Ma, T., Safavi-Naini, R., Steketee, C., Susilo, W. (eds.) AISW 2006, pp. 203–211. Australian Computer Society (2006)Google Scholar
  9. 9.
    Housley, R.: Cryptographic message syntax (CMS). IETF RFC 5652 (2009)Google Scholar
  10. 10.
    Kaliski, B.: PKCS#7: Cryptographic message syntax v 1.5. IETF RFC 2315 (1998)Google Scholar
  11. 11.
    Kelsey, J., Callas, J., Clemm, A.: Signed syslog messages. IETF RFC 5848 (2010)Google Scholar
  12. 12.
    Ma, D., Tsudik, G.: A new approach to secure logging. ACM Transactions on Storage 5(1), 2:1–2:21 (2009)Google Scholar
  13. 13.
    Merkle, R.C.: Protocols for public key cryptosystems. In: IEEE Symposium on Security and Privacy, pp. 122–134. IEEE Computer Society (1980)Google Scholar
  14. 14.
    Schneier, B., Kelsey, J.: Secure audit logs to support computer forensics. ACM Transactions on Information Systems Security 2(2), 159–176 (1999)CrossRefGoogle Scholar
  15. 15.
    Stathopoulos, V., Kotzanikolaou, P., Magkos, E.: A framework for secure and verifiable logging in public communication networks. In: López, J. (ed.) CRITIS 2006. LNCS, vol. 4347, pp. 273–284. Springer, Heidelberg (2006)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Ahto Buldas
    • 1
    Email author
  • Ahto Truu
    • 1
  • Risto Laanoja
    • 1
  • Rainer Gerhards
    • 2
  1. 1.Guardtime ASTallinnEstonia
  2. 2.Adiscon GmbHGroßrinderfeldGermany

Personalised recommendations