Secure Audit Logs to Support Computer Forensics

Bruce Schneier and John Kelsey

ACM Transactions on Information and System Security, v. 1, n. 3, 1999, to appear.

ABSTRACT: In many real-world applications, sensitive information must be kept in log files on an untrusted machine. In the event that an attacker captures this machine, we would like to guarantee that he will gain little or no information from the log files and to limit his ability to corrupt the log files. We describe a computationally cheap method for making all log entries generated prior to the logging machine's compromise impossible for the attacker to read, and also impossible to undetectably modify or destroy.

[full text - PDF (Acrobat)] [full text - Postscript]

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..