Top

Published in:

2016 | OriginalPaper | Chapter

Distributed Immutabilization of Secure Logs

Authors : Jordi Cucurull, Jordi Puiggalí

Published in: Security and Trust Management

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Several applications require robust and tamper-proof logging systems, e.g. electronic voting or bank information systems. At Scytl we use a technology, called immutable logs, that we deploy in our electronic voting solutions. This technology ensures the integrity, authenticity and non-repudiation of the generated logs, thus in case of any event the auditors can use them to investigate the issue. As a security recommendation it is advisable to store and/or replicate the information logged in a location where the logger has no writing or modification permissions. Otherwise, if the logger gets compromised, the data previously generated could be truncated or altered using the same private keys. This approach is costly and does not protect against collusion between the logger and the entities that hold the replicated data. In order to tackle these issues, in this article we present a proposal and implementation to immutabilize integrity proofs of the secure logs within the Bitcoin’s blockchain. Due to the properties of the proposal, the integrity of the immutabilized logs is guaranteed without performing log data replication and even in case the logger gets latterly compromised.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Securely Derived Identity Credentials on Smart Phones via Self-enrolment

next chapter A Stochastic Framework for Quantitative Analysis of Attack-Defense Trees

https://proofofexistence.com.

Although it is not enforced by the implementation of Bitcoin, it is recommended by the community not to reuse Bitcoin addresses. Thus, we decided to regenerate the reception address for each transaction generated.

https://github.com/priiduneemre/btcd-cli4j.

https://bitcoin.org/en/bitcoin-core/.

https://www.blocktrail.com/.

https://bitcoinfees.21.co/.

Bellare, M., Yee, B.S.: Forward integrity for secure audit logs. Technical report (1997)

Bentov, I., Gabizon, A., Mizrahi, A.: Cryptocurrencies without proof of work. In: Proceedings of 3rd Workshop on Bitcoin and Blockchain Research (2016)

Colu. Colored Coins Protocol Specification. Accessed June 2016

Cornet, A.O., Bosch, J.M.B.: Method and system of generating immutable audit logs, 15 January 2009. US Patent App. 12/096,048

Croman, K., Decker, C., Eyal, I., Gencer, A.E., Juels, A., Kosba, A., Miller, A., Saxena, P., Shi, E., Gün, E.: On scaling decentralized blockchains. In: Proceedings of 3rd Workshop on Bitcoin and Blockchain Research (2016)

Eyal, I., Sirer, E.G.: Majority is not enough: bitcoin mining is vulnerable. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 436–454. Springer, Heidelberg (2014). doi:10.1007/978-3-662-45472-5_28

Galindo, D., Guasch, S., Puiggalí, J.: 2015 Neuchâtel’s Cast-as-Intended Verification Mechanism. In: Haenni, R., Koenig, R.E., Wikström, D. (eds.) VOTELID 2015. LNCS, vol. 9269, pp. 3–18. Springer, Heidelberg (2015). doi:10.1007/978-3-319-22270-7_1 CrossRef

BitFury Group, Garzik, J.: Public versus private blockchains. Part 1: permissioned blockchains. Technical report, BitFury Group, October 2015

Karame, G.O., Androulaki, E., Roeschlin, M., Gervais, A., Čapkun, S.: Misbehavior in bitcoin: a study of double-spending and accountability. ACM Trans. Inf. Syst. Secur. 18(1), 2: 1–2: 32 (2015)CrossRef

10.

Ma, D., Tsudik, G.: A new approach to secure logging. Trans. Storage 5(1), 2: 1–2: 21 (2009)CrossRef

11.

Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008)

12.

National Institute of Standards and Technology. FIPS 198-1, The Keyed-Hash Message Authentication Code (HMAC), Federal Information Processing Standard (FIPS), Publication 198-1. Technical report, U.S. Department of Commerce, July 2008

13.

National Institute of Standards and Technology. FIPS 180-4, Secure Hash Standard, Federal Information Processing Standard (FIPS), Publication 180-4. Technical report, U.S. Department of Commerce, March 2012

14.

National Institute of Standards and Technology. FIPS 186-4, Digital Signature Standard (DSS), Federal Information Processing Standard (FIPS), Publication 186-4. Technical report, U.S. Department of Commerce, July 2013

15.

Puiggalí, J., Chóliz, J., Guasch, S.: Best practices in internet voting. In: NIST: Workshop on UOCAVA Remote Voting Systems, Washington DC, August 2010

16.

Snodgrass, R.T., Yao, S.S., Collberg, C.: Tamper detection in audit logs. In: Proceedings of the Thirtieth International Conference on Very Large Data Bases, VLDB 2004, vol. 30, pp. 504–515. VLDB Endowment (2004)

17.

Snow, P., Deery, B., Lu, J., Johnston, D., Kirby, P.: Factom: business processes secured by immutable audit trails on the blockchain. Whitepaper, Factom, November 2014

18.

Zyskind, G., Nathan, O., Pentland, A.S.: Decentralizing privacy: using blockchain to protect personal data. In: 2015 IEEE on Security and Privacy Workshops (SPW), pp. 180–184, May 2015

Title: Distributed Immutabilization of Secure Logs
Authors: Jordi Cucurull
Jordi Puiggalí
Publisher: Springer International Publishing
Book: Security and Trust Management
Print ISBN: 978-3-319-46597-5

Electronic ISBN: 978-3-319-46598-2

Copyright Year: 2016
DOI: https://doi.org/10.1007/978-3-319-46598-2_9

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner