Other Directory Sites: SeekWonder | Directory Owners Forum
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:20:47 ADT
Julian Assange (proff@iq.org)
19 Jul 1998 17:29:57 +1000
"Cryptographic Support for Secure Logs on Untrusted Machines"
B. Schneier and J. Kelsey, The Seventh USENIX Security Symposium
Proceedings, USENIX Press, January 1998, pp. 53-62.
In many real-world applications, sensitive information must be
kept in log files on an untrusted machine. In the event that an
attacker captures this machine, we would like to guarantee that
he will gain little or no information from the log files and
limit his ability to corrupt the log files. This paper describes
an efficient method for making all log entries generated prior to
the logging machine's compromise impossible for the attacker to
read, and also impossible to undetectably modify or destroy.
I haven't read Bruce's paper, but Bruce (and others) might be
interested to know that Darren Reed and I have actually implemented
one of these for unix. It's also a very flexible syslogd replacement in
it's own right (thanks to Darren). It's called nsyslog and is
available from http://cheops.anu.edu.au/~avalon/nsyslog.html. It will
be included in the default NetBSD distribution (although it should run
on most unix platforms).
It uses only secure hashes, and essentially does for logs what
S/KEY does for authentication.
Cheers,
Julian.
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:20:47 ADT