SealFSv2: combining storage-based and ratcheting for tamper-evident logging
-
Published:2022-12-06
Issue:2
Volume:22
Page:447-466
-
ISSN:1615-5262
-
Container-title:International Journal of Information Security
-
language:en
-
Short-container-title:Int. J. Inf. Secur.
Author:
Guardiola-Múzquiz GorkaORCID, Soriano-Salvador EnriqueORCID
Abstract
AbstractTamper-evident logging is paramount for forensic audits and accountability subsystems. It is based on a forward integrity model: upon intrusion, the attacker is not able to counterfeit the logging data generated before controlling the system. There are local and distributed solutions to this problem. Distributed solutions are suitable for common scenarios, albeit not appropriate for autonomous and loosely connected systems. Moreover, they can be complex and introduce new security issues. Traditional local tamper-evident logging systems use cryptographic ratchets. In previous works, we presented SealFS (from now on, SealFSv1), a system that follows a radically different approach for local tamper-evident logging based on keystream storage. In this paper, we present a new version, SealFSv2, which combines ratcheting and storage-based log anti-tamper protection. This new approach is flexible and enables the user to decide between complete theoretical security (like in SealFSv1) and partial linear degradation (like in a classical ratchet scheme), exchanging storage for computation with user-defined parameters to balance security and resource usage. We also describe an implementation of this scheme. This implementation, which showcases our approach, is an optimized evolution of the original Linux kernel module. It implements a stackable file system that enables transparent tamper-evident logging to all user space applications and provides instant deployability. Last, we present a complete performance evaluation of our current implementation and a fair performance comparison of the two opposite approaches for local tamper-evident logging (i.e., storage-based vs. ratcheting). This comparison suggests that, on current systems and general-purpose hardware, the storage-based approach and hybrid schemes perform better than the traditional ratchet approach.
Funder
Agencia Estatal de Investigación
Publisher
Springer Science and Business Media LLC
Subject
Computer Networks and Communications,Safety, Risk, Reliability and Quality,Information Systems,Software
Reference45 articles.
1. Bellare, M., Yee, B.S.: Forward Integrity for Secure Audit Logs. University of California at San Diego, Tech. Rep. (1997) 2. Bellare, M., Singh, A.C., Jaeger, J., Nyayapati, M., Stepanovs, I.: Ratcheted encryption and key exchange: The security of messaging. In: Katz, J., Shacham, H. (eds.) Advances in Cryptology—CRYPTO 2017, pp. 619–650. Springer International Publishing, Cham (2017) 3. Cohn-Gordon, K., Cremers, C., Garratt, L.: On post-compromise security. In: 2016 IEEE 29th Computer Security Foundations Symposium (CSF), June, pp. 164–178 (2016) 4. Schneier, B., Kelsey, J.: Cryptographic support for secure logs on untrusted machines. In: Proceedings of the 7th Conference on USENIX Security Symposium - Volume 7, ser. SSYM’98. Berkeley, CA, USA: USENIX Association, 1998, pp. 4. [Online]. http://dl.acm.org/citation.cfm?id=1267549.1267553 5. Kelsey, J., Schneier, B.: Minimizing bandwidth for remote access to cryptographically protected audit logs. In: Recent Advances in Intrusion Detection, pp. 9 (1999)
Cited by
4 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
|
|