Presentation is loading. Please wait.

Presentation is loading. Please wait.

Building an Encrypted and Searchable Audit Log

Published byJayson Martin Holland Modified over 6 years ago

Similar presentations

Presentation on theme: "Building an Encrypted and Searchable Audit Log"— Presentation transcript:

1 Building an Encrypted and Searchable Audit Log
Brent Waters Dirk Balfanz Glenn Durfee D.K. Smetters

2 Audit Logs Employed on most server systems
Web logs Database logs Provide invaluable access to past activity Hold users accountable for their actions Diagnostics

3 Desirable Characteristics
Tamper Resistant Verifiable Can check that entries are present and have not been altered Data Access Control Entries may be sensitive to individuals or log owner Searchability Search for log on specific criteria e.g keyword search

4 Desirable Characteristics
Tamper Resistant Verifiable Can check that entries are present and have not been altered Data Access Control Entries may be sensitive to individuals or log owner Searchability Search for log on specific criteria e.g keyword search

5 An Audit Log for a Database System
user: Alice Smith keyword: cars keyword: make keyword: ford time: 2003/08/26 23:34:24 authentication clock keyword extraction “select * from cars where make=‘ford’” database audit record creation keywords for audit record log storage (untrusted)

6 Requirements Data Access Control Searchability
Entries must be encrypted on untrusted storage Forward security in case auditing device becomes compromised  asymmetric encryption Limit scope of data released to that of the search Searchability Be able to efficiently retrieve entries based on certain criteria We focus on keyword search

7 A Simple Solution Encrypt all entries with a public key
Auditor downloads all entries, then decrypts them, then performs the search

8 A Simple Solution Encrypt all entries with a public key
Auditor downloads all entries, then decrypts them, then performs the search Disadvantages Auditor sees all entries and regardless of what search criteria was All entries must be transmitted from server

9 Delegating Search Capabilities
The investigator requests a capability to search for all entries that were made by the user Alice. “user: Alice Smith” 1 capability for search master secret investigator audit escrow agent The investigator submits the capability to the audit log and receives only entries that the capability matches. capability for search 2 audit record audit record audit record investigator audit log

10 Searching on Asymmetrically Encrypted Data
Document Keywords Alice Ford Loans Auditing Device

11 Searching on Asymmetrically Encrypted Data
Document Keywords Alice Ford Loans Auditing Device Encrypted Data Keywords must not be in the clear!

12 Searching on Asymmetrically Encrypted Data
Document Keywords Alice Ford Loans master secret audit escrow agent Auditing Device Encrypted Data

13 Searching on Asymmetrically Encrypted Data
Document Keywords Alice Ford Loans master secret audit escrow agent Auditing Device Encrypted Data Honda Search Capability

14 Searching on Asymmetrically Encrypted Data
Document Keywords Alice Ford Loans master secret audit escrow agent Auditing Device Encrypted Data Honda Search Capability

15 Searching on Asymmetrically Encrypted Data
Document Keywords Alice Ford Loans master secret audit escrow agent Auditing Device Encrypted Data Honda Search Capability No information is learned

16 Searching on Asymmetrically Encrypted Data
Document Keywords Alice Ford Loans master secret audit escrow agent Auditing Device Encrypted Data

17 Searching on Asymmetrically Encrypted Data
Document Keywords Alice Ford Loans master secret audit escrow agent Auditing Device Encrypted Data Alice Search Capability

18 Searching on Asymmetrically Encrypted Data
Document Keywords Alice Ford Loans master secret audit escrow agent Auditing Device Embed decryption in search Encrypted Data Alice Search Capability Document Keywords Alice Ford Loans

19 Identity Based Encryption (IBE)
Public Key is simply a string e.g. Private Key given from master secret holder(s) Removes need for distribution of public key certificates We use scheme of Boneh and Franklin (2001)

20 Using IBE to Search on Asymmetrically Encrypted Data
Auditing Device Keywords Alice Ford Loans Document

21 Using IBE to Search on Asymmetrically Encrypted Data
Auditing Device Keywords Alice Ford Loans Document Document K

22 Using IBE to Search on Asymmetrically Encrypted Data
Auditing Device Keywords Alice Ford Loans Document FLAG | K “Alice” Document K

23 Using IBE to Search on Asymmetrically Encrypted Data
Auditing Device Keywords Alice Ford Loans Document FLAG | K “Ford” FLAG | K “Alice” Document K

24 Using IBE to Search on Asymmetrically Encrypted Data
FLAG | K “Loans” Auditing Device Keywords Alice Ford Loans Document FLAG | K “Ford” FLAG | K “Alice” Document K

25 Using IBE to Search on Asymmetrically Encrypted Data
FLAG | K “Loans” Auditing Device Keywords Alice Ford Loans Document FLAG | K “Ford” FLAG | K “Alice” Document K FLAG used to test K to decrypt on match

26 Using IBE to Search on Asymmetrically Encrypted Data
FLAG | K “Loans” Auditing Device Keywords Alice Ford Loans Document FLAG | K “Ford” FLAG | K “Alice” Document K FLAG used to test K to decrypt on match Key-privacy propertykeywords kept private

27 Using IBE to Search on Asymmetrically Encrypted Data
FLAG | K “Loans” Auditing Device Keywords Alice Ford Loans Document FLAG | K “Ford” FLAG | K “Alice” Document K FLAG used to test K to decrypt on match Key-privacy propertykeywords kept private “Pairing” operation per keyword

28 Using IBE to Search on Asymmetrically Encrypted Data
FLAG | K “Loans” Alice Search Capability FLAG | K “Ford” FLAG | K “Alice” Document K

29 Using IBE to Search on Asymmetrically Encrypted Data
FLAG | K “Loans” Alice Search Capability FLAG | K “Ford” FLAG | K “Alice” Document K Attempt IBE decryption on each part Test for presence of FLAG

30 Using IBE to Search on Asymmetrically Encrypted Data
FLAG | K “Loans” 011010… Alice Search Capability FLAG | K “Ford” FLAG | K “Alice” Document K Attempt IBE decryption on each part Test for presence of FLAG

31 Using IBE to Search on Asymmetrically Encrypted Data
FLAG | K “Loans” Alice Search Capability FLAG | K “Ford” FLAG | K “Alice” Document K Attempt IBE decryption on each part Test for presence of FLAG

32 Using IBE to Search on Asymmetrically Encrypted Data
FLAG | K “Loans” Alice Search Capability FLAG | K “Ford” FLAG | K “Alice” FLAG | K Document K Attempt IBE decryption on each part Test for presence of FLAG

33 Using IBE to Search on Asymmetrically Encrypted Data
FLAG | K “Loans” Alice Search Capability FLAG | K “Ford” FLAG | K “Alice” FLAG | K Document K Attempt IBE decryption on each part Test for presence of FLAG On match use K to decrypt document Document

34 Using IBE to Search on Asymmetrically Encrypted Data
FLAG | K “Loans” Alice Search Capability FLAG | K “Ford” FLAG | K “Alice” FLAG | K Document K Attempt IBE decryption on each part Test for presence of FLAG On match use K to decrypt document Pairing per keyword in document Document

35 Scoping of Keywords We want to type keywords
e.g. Capability to search on entries about “Alice” vs. those made by “Alice” Solution: Prefix keywords with type “user:Alice” “kw:Alice”

36 Performance Encryption Search/Decryption
One pairing per keyword in document One exponentiation per keyword Search/Decryption One pairing per keyword per document

37 Optimizations Cache pairings of frequently used keywords
eg. ê(“user:Alice”,sP) Only need a pairing per new keyword on encryption In limit exponentiation per keyword is dominant cost

38 Optimizations Cache pairings of frequently used keywords
eg. ê(“user:Alice”,sP) Only need a pairing per new keyword on encryption In limit exponentiation per keyword is dominant cost Reuse randomness for IBE encryption within one document Okay since cannot use same public key per document In decryption only one pairing per document Save storage in log

39 Indexing Incremental update of an index on untrusted storage is insecure

40 Indexing Incremental update of an index on untrusted storage is insecure Keywords Alice Ford Loans Document Index

41 Indexing Incremental update of an index on untrusted storage is insecure Keywords Alice Ford Loans Document Index

42 Indexing Incremental update of an index on untrusted storage is insecure Keywords Alice Loans Washington Document Index

43 Indexing Incremental update of an index on untrusted storage is insecure Keywords Alice Loans Washington Document Index

44 Indexing Build local index on auditing device and flush out to storage

45 Indexing Build local index on auditing device and flush out to storage
FLAG | … “Sam” FLAG | K | K’’ “Alice” Document K Document K’ Document K’’

46 Indexing Longer index is held in auditing device more information leaked on device compromise

47 Implementation Implemented a logging system for MySQL database queries
Goal to protect individual’s privacy Used Stanford IBE library Pairing cost ~80ms on current machines

48 Related Work Searching on Encrypted Data
Boneh, Crescenzo, Ostrovsky and Persiano (2003) Song, Wagner and Perrig (2000) Goh (2003) Identity Based Encryption Boneh and Franklin (2001)

49 Conclusion Tension between data access control and searchability in audit logs Asymmetric scheme for searching on encrypted data Explored optimizations for practical systems

50

51 Searching on Asymmetrically Encrypted Data
audit escrow agent master secret Keywords Alice Ford Loans Document Auditing Device Encrypted Data Bob Search Capability Keywords Alice Ford Loans Document

52 Using IBE to Search on Asymmetrically Encrypted Data
Document K FLAG | K “Alice” “Ford” “Loans” Auditing Device Document Keywords Alice Ford Loans FLAG used to test K to decrypt on match Key-privacy propertykeywords kept private “Pairing” operation per keyword

53 Using IBE to Search on Asymmetrically Encrypted Data
Document K FLAG | K “Alice” “Ford” “Loans” Alice Search Capability Attempt IBE decryption on each part Test for presence of FLAG On match use K to decrypt document Pairing per test

Download ppt "Building an Encrypted and Searchable Audit Log"

Similar presentations

Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,

Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,
Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.

Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.
Building an Encrypted and Searchable Audit Log Brent Waters Dirk Balfanz Glenn Durfee D.K. Smetters.

Building an Encrypted and Searchable Audit Log Brent Waters Dirk Balfanz Glenn Durfee D.K. Smetters.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Public Key Management and X.509 Certificates

Public Key Management and X.509 Certificates
Offline Untrusted Storage with Immediate Detection of Forking and Replay Attacks Marten van Dijk, Jonathan Rhodes, Luis Sarmenta Srini Devadas MIT Computer.

Offline Untrusted Storage with Immediate Detection of Forking and Replay Attacks Marten van Dijk, Jonathan Rhodes, Luis Sarmenta Srini Devadas MIT Computer.
Introduction to Practical Cryptography Lecture 9 Searchable Encryption.

Introduction to Practical Cryptography Lecture 9 Searchable Encryption.
Negotiated Privacy CS551/851CRyptographyApplicationsBistro Mike McNett 30 March 2004 Stanislaw Jarecki, Pat Lincoln, Vitaly Shmatikov. Negotiated Privacy.Negotiated.

Negotiated Privacy CS551/851CRyptographyApplicationsBistro Mike McNett 30 March 2004 Stanislaw Jarecki, Pat Lincoln, Vitaly Shmatikov. Negotiated Privacy.Negotiated.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Security Chapters 14,15. The Security Environment Threats Security goals and threats.

Security Chapters 14,15. The Security Environment Threats Security goals and threats.
Practical Techniques for Searches on Encrypted Data Author: Dawn Xiaodong Song, David Wagner, Adrian Perrig Presenter: 紀銘偉.

Practical Techniques for Searches on Encrypted Data Author: Dawn Xiaodong Song, David Wagner, Adrian Perrig Presenter: 紀銘偉.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
21 June 2006Copyright 2006 University of Kent1 Delegation of Authority (DyVOSE project) David Chadwick University of Kent.

21 June 2006Copyright 2006 University of Kent1 Delegation of Authority (DyVOSE project) David Chadwick University of Kent.
Efficient Search on Encrypted Data. Outline SWP Linear Scan SWP encrypted index Goh Bloom Filter Hybird scheme Discussion.

Efficient Search on Encrypted Data. Outline SWP Linear Scan SWP encrypted index Goh Bloom Filter Hybird scheme Discussion.
Key Management and Distribution. YSLInformation Security – Mutual Trust2 Major Issues Involved in Symmetric Key Distribution For symmetric encryption.

Key Management and Distribution. YSLInformation Security – Mutual Trust2 Major Issues Involved in Symmetric Key Distribution For symmetric encryption.
Building an Encrypted and Searchable Audit Log 11th Annual Network and Distributed Security Symposium (NDSS '04); 2004 February 5-6; San Diego; CA. Presented.

Building an Encrypted and Searchable Audit Log 11th Annual Network and Distributed Security Symposium (NDSS '04); 2004 February 5-6; San Diego; CA. Presented.
BR1 Protection and Security B. Ramamurthy Chapters 18 and 19.

BR1 Protection and Security B. Ramamurthy Chapters 18 and 19.

Similar presentations

Ads by Google