Efficient, Compromise Resilient and Append-Only Cryptographic Schemes for Secure Audit Logging
Due to the forensic value of audit logs, it is vital to provide compromise resiliency and append-only properties in a logging system to prevent active attackers. Unfortunately, existing symmetric secure logging schemes are not publicly verifiable and cannot address applications that require public auditing (e.g., public financial auditing), besides being vulnerable to certain attacks and dependent on continuous trusted server support. Moreover, Public Key Cryptography (PKC)-based secure logging schemes require Expensive Operations (ExpOps) that are costly for both loggers and verifiers, and thus are impractical for computation-intensive environments. In this paper, the authors propose a new class of secure audit logging scheme called Log Forward-secure and Append-only Signature (LogFAS).