The need for secure logging is well-understood by the security professionals, including both researchers and practitioners. The ability to efficiently verify all (or some) log entries is important to any application employing secure logging techniques. In this article, we begin by examining the state of the art in secure logging and identify some problems inherent to systems based on trusted third-party servers. We then propose a different approach to secure logging based upon recently developed Forward-Secure Sequential Aggregate (FssAgg) authentication techniques. Our approach offers both space-efficiency and provable security. We illustrate two concrete schemes—one private-verifiable and one public-verifiable—that offer practical secure logging without any reliance on online trusted third parties or secure hardware. We also investigate the concept of immutability in the context of forward-secure sequential aggregate authentication to provide finer grained verification. Finally we evaluate proposed schemes and report on our experience with implementing them within a secure logging system.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Bellare, M. and Palacio, A. 2002. Protecting against key exposure: strongly key-insulated encryption with optimal threshold. In Cryptology ePrint Archive, Report 2002/64.
	2	Bellare, M. and Yee, B. 1997. Forward integrity for secure audit logs. Tech. rep. University of California at San Diego ftp://www.cs.ucsd.edu/pub/bsq/pub/fi.ps.
	3	Bellare, M. and Yee, B. 2003. Forward-security in private-key cryptography. In Proceedings of the RSA Conference Cryptography Track.
	4	Randal Burns , Zachary Peterson , Giuseppe Ateniese , Stephen Bono, Verifiable audit trails for a versioning file system, Proceedings of the 2005 ACM workshop on Storage security and survivability, November 11-11, 2005, Fairfax, VA, USA  [doi>10.1145/1103780.1103787]
	5	Chong, C., Peng, Z., and Hartel, P. 2002. Secure audit logging with tamper resistant hardware. In Technical Rep. TR-CTIT-02-29, Centre for Telematics and Information Technology, Univ. Twente, The Netherlands.
	6	Yevgeniy Dodis , Jonathan Katz , Shouhuai Xu , Moti Yung, Key-Insulated Public Key Cryptosystems, Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology, p.65-82, May 02, 2002
	7	Dodis, Y., Katz, J., Xu, S., and Yung, M. 2003. Strong key-insulated public key cryptosystems. In Proceedings of the Conference on Public Key Cryptography. 130--144.
	8	Peter Gutmann, Secure deletion of data from magnetic and solid-state memory, Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography, p.8-8, July 22-25, 1996, San Jose, California
	9	Daniel Halperin , Thomas S. Heydt-Benjamin , Kevin Fu , Tadayoshi Kohno , William H. Maisel, Security and Privacy for Implantable Medical Devices, IEEE Pervasive Computing, v.7 n.1, p.30-39, January 2008  [doi>10.1109/MPRV.2008.16]
	10	Jason E. Holt, Logcrypt: forward security and public verification for secure audit logs, Proceedings of the 2006 Australasian workshops on Grid computing and e-research, p.203-211, January 16-19, 2006, Hobart, Tasmania, Australia
	11	Kelsey, J. and Schneier, B. 1999. Minimizing bandwidth for remote access to cryptographically protected audit logs. In Proceedings of the Recent Advances in Intrusion Detection (RAID'99).
	12	Di Ma, Practical forward secure sequential aggregate signatures, Proceedings of the 2008 ACM symposium on Information, computer and communications security, March 18-20, 2008, Tokyo, Japan  [doi>10.1145/1368310.1368361]
	13	Di Ma , Gene Tsudik, Extended Abstract: Forward-Secure Sequential Aggregate Authentication, Proceedings of the 2007 IEEE Symposium on Security and Privacy, p.86-91, May 20-23, 2007  [doi>10.1109/SP.2007.18]
	14	Di Ma , Gene Tsudik, A New Approach to Secure Logging, Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security, July 13-16, 2008, London, UK  [doi>10.1007/978-3-540-70567-3_4]
	15	Mykletun, E., Narasimha, M., and Tsudik, G. 2004a. Authentication and integrity in outsourced databases. In Proceedings of the ACM Annual Symposium on Network and Distributed System Security (NDSS'04).
	16	Mykletun, E., Narasimha, M., and Tsudik, G. 2004b. Signature bouquets: immutability for aggreagated/codensed signatures. In Proceedings of the European Symposium on Research in Computer Security (ESORICS'04). 160--176.
	17	Bruce Schneier , John Kelsey, Cryptographic support for secure logs on untrusted machines, Proceedings of the 7th conference on USENIX Security Symposium, p.4-4, January 26-29, 1998, San Antonio, Texas
	18	Bruce Schneier , John Kelsey, Secure audit logs to support computer forensics, ACM Transactions on Information and System Security (TISSEC), v.2 n.2, p.159-176, May 1999  [doi>10.1145/317087.317089]
	19	Swanson, M. and Guttman, B. 1996. Generally accepted principles and practices for securing information technology systems. In National Institute of Standards and Technology Data Gateway 800--14.
	20	U.S. Department of Defense, C. S. C. 1985. Trusted computer system evaluation criteria.
	21	Waters, B., Balfanz, D., Durfee, G., and Smeters, D. K. 2004. Building an encrypted and searchable audit log. In Proceedings of the ACM Annual Symposium on Network and Distributed System Security (NDSS'04).