Cryptographic Support for Secure Logs on Untrusted Machines

B. Schneier and J. Kelsey

The Seventh USENIX Security Symposium Proceedings, USENIX Press, January 1998, pp. 53-62.

ABSTRACT: In many real-world applications, sensitive information must be kept in log files on an untrusted machine. In the event that an attacker captures this machine, we would like to guarantee that he will gain little or no information from the log files and to limit his ability to corrupt the log files. We describe a computationally cheap method for making all log entries generated prior to the logging machine's compromise impossible for the attacker to read, and also impossible to undetectably modify or destroy.

[full text - postscript] [full text - PDF (Acrobat)]

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Resilient Systems, Inc..