Paper 2018/737

Steady: A Simple End-to-End Secure Logging System

Tobias Pulls and Rasmus Dahlberg

Abstract

We present Steady: an end-to-end secure logging system engineered to be simple in terms of design, implementation, and assumptions for real-world use. Steady gets its name from being based on a steady (heart)beat of events from a forward-secure device sent over an untrusted network through untrusted relays to a trusted collector. Properties include optional encryption and compression (with loss of confidentiality but significant gain in goodput), detection of tampering, relays that can function in unidirectional networks (e.g., as part of a data diode), cost-effective use of cloud services for relays, and publicly verifiable proofs of event authenticity. The design is formalized and security proven in the standard model. Our prototype implementation (about 2,200 loc) shows reliable goodput of over 1M events/s (about 160 MiB/s) for a realistic dataset with commodity hardware for a device on a GigE network using 16 MiB of memory connected to a relay running at Amazon EC2.

Note: Extension in Appendix B and minor corrections

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Major revision. NordSec 2018
DOI
10.1007/978-3-030-03638-6_6
Keywords
cryptographic protocols
Contact author(s)
tobias pulls @ kau se
History
2018-12-10: revised
2018-08-15: received
See all versions
Short URL
https://ia.cr/2018/737
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/737,
      author = {Tobias Pulls and Rasmus Dahlberg},
      title = {Steady: A Simple End-to-End Secure Logging System},
      howpublished = {Cryptology ePrint Archive, Paper 2018/737},
      year = {2018},
      doi = {10.1007/978-3-030-03638-6_6},
      note = {\url{https://eprint.iacr.org/2018/737}},
      url = {https://eprint.iacr.org/2018/737}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.