Efficient, Compromise Resilient and Append-Only Cryptographic Schemes for Secure Audit Logging

Due to the forensic value of audit logs, it is vital to provide compromise resiliency and append-only properties in a logging system to prevent active attackers. Unfortunately, existing symmetric secure logging schemes are not publicly verifiable and cannot address applications that require public auditing (e.g., public financial auditing), besides being vulnerable to certain attacks and dependent on continuous trusted server support. Moreover, Public Key Cryptography (PKC)-based secure logging schemes require Expensive Operations (ExpOps) that are costly for both loggers and verifiers, and thus are impractical for computation-intensive environments. In this paper, we propose a new class of secure audit logging scheme called Log Forward-secure and Append-only Signature (LogFAS). LogFAS achieves the most desirable properties of both symmetric and PKCbased schemes simultaneously. LogFAS can produce publicly verifiable forward-secure and append-only signatures without requiring any online trusted server support or time factor. Most notably, LogFAS is the only PKC-based scheme that achieves the optimal verifier computational and storage efficiency. That is, LogFAS can verify L log entries with always small and constant number of ExpOps regardless of the value of L. Moreover, each verifier stores only a small and constant-size public key regardless of the number of log entries to be verified or the number of loggers in the system. In addition, a LogFAS variation allows fine-grained verification of any subset of log entries and fast detection of corrupted log entries. All these properties make LogFAS an ideal scheme for secure audit logging in computation-intensive applications.