Attacks on Secure Logging Schemes
نویسنده
چکیده
We present four attacks on three cryptographic schemes intended for securing log files against illicit retroactive modification. Our first two attacks regard the LogFAS scheme by Yavuz et al. (Financial Cryptography 2012), whereas our third and fourth attacks break the BMand AR-FssAgg schemes by Ma (AsiaCCS 2008). All schemes have an accompanying security proof, seemingly contradicting the existence of attacks. We point out flaws in these proofs, resolving the contradiction.
منابع مشابه
Efficient, Compromise Resilient and Append-Only Cryptographic Schemes for Secure Audit Logging
Due to the forensic value of audit logs, it is vital to provide compromise resiliency and append-only properties in a logging system to prevent active attackers. Unfortunately, existing symmetric secure logging schemes are not publicly verifiable and cannot address applications that require public auditing (e.g., public financial auditing), besides being vulnerable to certain attacks and depend...
متن کاملComputationally secure multiple secret sharing: models, schemes, and formal security analysis
A multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants. in such a way a multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants, such that any authorized subset of participants can reconstruct the secrets. Up to now, existing MSSs either require too long shares for participants to be perfect secur...
متن کاملEfficient, Compromise Resilient and Append-only Cryptographic Constructions for Digital Forensics
Due to the forensic value of the audit logs, it is vital to provide forwardsecure integrity and append-only properties in a logging system to prevent attackers who have gained control of the system from modifying or selectively deleting log entries generated before they took control. Existing forward-secure logging solutions are either based on symmetric cryptography or public key cryptography ...
متن کاملSecure Audit Logging with Tamper-Resistant Hardware
Secure perimeter schemes (e.g. DRM) and tracing traitor schemes (e.g. watermarking, audit logging) strive to mitigate the problems of content escaping the control of the rights holder. Secure audit logging records the user’s actions on content and enables detection of some forms of tampering with the logs. We implement Schneier and Kelsey’s secure audit logging protocol [1], strengthening the p...
متن کاملA Forensic Logging System Based on a Secure OS
This paper describes a forensic logging system that collects fine-grained trace evidence from target servers and networks. To provide a more reliable and efficient forensic logging system, we developed a dedicated network processor that collects network traffic and a hardened TCSEC-B1 level secure operating system. The system also is capable of defending servers from malicious attacks as well a...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2017 شماره
صفحات -
تاریخ انتشار 2017