DeepAI AI Chat
Log In Sign Up

Secure Logging with Security against Adaptive Crash Attack

by   Sepideh Avizheh, et al.

Logging systems are an essential component of security systems and their security has been widely studied. Recently (2017) it was shown that existing secure logging protocols are vulnerable to crash attack in which the adversary modifies the log file and then crashes the system to make it indistinguishable from a normal system crash. The attacker was assumed to be non-adaptive and not be able to see the file content before modifying and crashing it (which will be immediately after modifying the file). The authors also proposed a system called SLiC that protects against this attacker. In this paper, we consider an (insider) adaptive adversary who can see the file content as new log operations are performed. This is a powerful adversary who can attempt to rewind the system to a past state. We formalize security against this adversary and introduce a scheme with provable security. We show that security against this attacker requires some (small) protected memory that can become accessible to the attacker after the system compromise. We show that existing secure logging schemes are insecure in this setting, even if the system provides some protected memory as above. We propose a novel mechanism that, in its basic form, uses a pair of keys that evolve at different rates, and employ this mechanism in an existing logging scheme that has forward integrity to obtain a system with provable security against adaptive (and hence non-adaptive) crash attack. We implemented our scheme on a desktop computer and a Raspberry Pi, and showed in addition to higher security, a significant efficiency gain over SLiC.


page 1

page 2

page 3

page 4


On the Security of Group Communication Schemes

Secure group communications are a mechanism facilitating protected trans...

How to Bypass Verified Boot Security in Chromium OS

Verified boot is an interesting feature of Chromium OS that supposedly c...

ArchiveSafe: Mass-Leakage-Resistant Storage from Proof-of-Work

Data breaches-mass leakage of stored information-are a major security co...

One Glitch to Rule Them All: Fault Injection Attacks Against AMD's Secure Encrypted Virtualization

AMD Secure Encrypted Virtualization (SEV) offers protection mechanisms f...

Passlab: A Password Security Tool for the Blue Team

If we wish to compromise some password-protected system as an attacker (...

Security of XCB and HCTR

Tweakable Enciphering Scheme (TES) is a length preserving scheme which p...

Backdooring Neural Code Search

Reusing off-the-shelf code snippets from online repositories is a common...