1 / 53

Building an Encrypted and Searchable Audit Log

Building an Encrypted and Searchable Audit Log. Brent Waters Dirk Balfanz Glenn Durfee D.K. Smetters. Audit Logs. Employed on most server systems Web logs Database logs Provide invaluable access to past activity Hold users accountable for their actions Diagnostics .

domani
Download Presentation

Building an Encrypted and Searchable Audit Log

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Building an Encrypted and Searchable Audit Log Brent Waters Dirk Balfanz Glenn Durfee D.K. Smetters

  2. Audit Logs • Employed on most server systems • Web logs • Database logs • Provide invaluable access to past activity • Hold users accountable for their actions • Diagnostics

  3. Desirable Characteristics • Tamper Resistant • Verifiable • Can check that entries are present and have not been altered • Data Access Control • Entries may be sensitive to individuals or log owner • Searchability • Search for log on specific criteria • e.g keyword search

  4. Desirable Characteristics • Tamper Resistant • Verifiable • Can check that entries are present and have not been altered • Data Access Control • Entries may be sensitive to individuals or log owner • Searchability • Search for log on specific criteria • e.g keyword search

  5. “select * from cars where make=‘ford’” audit record creation database authentication keyword extraction clock user: Alice Smithkeyword: carskeyword: makekeyword: fordtime: 2003/08/26 23:34:24 keywords for audit record An Audit Log for a Database System log storage (untrusted)

  6. Requirements • Data Access Control • Entries must be encrypted on untrusted storage • Forward security in case auditing device becomes compromised  asymmetric encryption • Limit scope of data released to that of the search • Searchability • Be able to efficiently retrieve entries based on certain criteria • We focus on keyword search

  7. A Simple Solution • Encrypt all entries with a public key • Auditor downloads all entries, then decrypts them, then performs the search

  8. A Simple Solution • Encrypt all entries with a public key • Auditor downloads all entries, then decrypts them, then performs the search Disadvantages • Auditor sees all entries and regardless of what search criteria was • All entries must be transmitted from server

  9. Delegating Search Capabilities The investigator requests a capability to search for all entries that were made by the user Alice. “user: Alice Smith” 1 capabilityfor search mastersecret investigator audit escrow agent The investigator submits the capability to the audit log and receives only entries that the capability matches. capabilityfor search 2 auditrecord auditrecord auditrecord … audit log investigator

  10. Auditing Device Keywords Alice Ford Loans Searching on Asymmetrically Encrypted Data Document

  11. Auditing Device Keywords Alice Ford Loans Searching on Asymmetrically Encrypted Data Document Encrypted Data Keywords must not be in the clear!

  12. Auditing Device Keywords Alice Ford Loans Searching on Asymmetrically Encrypted Data Document mastersecret audit escrow agent Encrypted Data

  13. Honda Auditing Device Keywords Alice Ford Loans Search Capability Searching on Asymmetrically Encrypted Data Document mastersecret audit escrow agent Encrypted Data

  14. Honda Auditing Device Keywords Alice Ford Loans Search Capability Searching on Asymmetrically Encrypted Data Document mastersecret audit escrow agent Encrypted Data

  15. Honda Auditing Device Keywords Alice Ford Loans Search Capability Searching on Asymmetrically Encrypted Data Document mastersecret audit escrow agent Encrypted Data No information is learned

  16. Auditing Device Searching on Asymmetrically Encrypted Data Document Keywords Alice Ford Loans mastersecret audit escrow agent Encrypted Data

  17. Alice Auditing Device Keywords Alice Ford Loans Search Capability Searching on Asymmetrically Encrypted Data Document mastersecret audit escrow agent Encrypted Data

  18. Alice Auditing Device Keywords Alice Ford Loans Keywords Alice Ford Loans Search Capability Searching on Asymmetrically Encrypted Data Document mastersecret audit escrow agent Embed decryption in search Encrypted Data Document

  19. Identity Based Encryption (IBE) • Public Key is simply a string e.g. bob@parc.com • Private Key given from master secret holder(s) • Removes need for distribution of public key certificates • We use scheme of Boneh and Franklin (2001)

  20. Auditing Device Document Keywords Alice Ford Loans Using IBE to Search on Asymmetrically Encrypted Data

  21. Auditing Device Document Keywords Alice Ford Loans K Document Using IBE to Search on Asymmetrically Encrypted Data

  22. Auditing Device Document Keywords Alice Ford Loans K Document “Alice” FLAG | K Using IBE to Search on Asymmetrically Encrypted Data

  23. Auditing Device Document Keywords Alice Ford Loans K Document “Alice” “Ford” FLAG | K FLAG | K Using IBE to Search on Asymmetrically Encrypted Data

  24. Auditing Device Document Keywords Alice Ford Loans K Document “Alice” “Ford” “Loans” FLAG | K FLAG | K FLAG | K Using IBE to Search on Asymmetrically Encrypted Data

  25. Auditing Device Document Keywords Alice Ford Loans K Document “Alice” “Ford” “Loans” FLAG | K FLAG | K FLAG | K Using IBE to Search on Asymmetrically Encrypted Data • FLAG used to test • K to decrypt on match

  26. Auditing Device Document Keywords Alice Ford Loans K Document “Alice” “Ford” “Loans” FLAG | K FLAG | K FLAG | K Using IBE to Search on Asymmetrically Encrypted Data • FLAG used to test • K to decrypt on match • Key-privacy propertykeywords kept private

  27. Auditing Device Document Keywords Alice Ford Loans K Document “Alice” “Ford” “Loans” FLAG | K FLAG | K FLAG | K Using IBE to Search on Asymmetrically Encrypted Data • FLAG used to test • K to decrypt on match • Key-privacy propertykeywords kept private • “Pairing” operation per keyword

  28. Alice K Document Search Capability “Alice” “Ford” “Loans” FLAG | K FLAG | K FLAG | K Using IBE to Search on Asymmetrically Encrypted Data

  29. Alice K Document Search Capability “Alice” “Ford” “Loans” FLAG | K FLAG | K FLAG | K Using IBE to Search on Asymmetrically Encrypted Data • Attempt IBE decryption on each part • Test for presence of FLAG

  30. Alice K Document Search Capability “Alice” “Ford” “Loans” FLAG | K FLAG | K FLAG | K Using IBE to Search on Asymmetrically Encrypted Data 011010… • Attempt IBE decryption on each part • Test for presence of FLAG

  31. Alice K Document Search Capability “Alice” “Ford” “Loans” FLAG | K FLAG | K FLAG | K Using IBE to Search on Asymmetrically Encrypted Data 0011100… • Attempt IBE decryption on each part • Test for presence of FLAG

  32. Alice K Document Search Capability “Alice” “Ford” “Loans” FLAG | K FLAG | K FLAG | K Using IBE to Search on Asymmetrically Encrypted Data FLAG | K • Attempt IBE decryption on each part • Test for presence of FLAG

  33. Alice K Document Search Capability “Alice” “Ford” “Loans” FLAG | K FLAG | K FLAG | K Using IBE to Search on Asymmetrically Encrypted Data FLAG | K • Attempt IBE decryption on each part • Test for presence of FLAG • On match use K to decrypt document Document

  34. Alice K Document Search Capability “Alice” “Ford” “Loans” FLAG | K FLAG | K FLAG | K Using IBE to Search on Asymmetrically Encrypted Data FLAG | K • Attempt IBE decryption on each part • Test for presence of FLAG • On match use K to decrypt document • Pairing per keyword in document Document

  35. Scoping of Keywords • We want to type keywords • e.g. Capability to search on entries about “Alice” vs. those made by “Alice” • Solution: Prefix keywords with type • “user:Alice” • “kw:Alice”

  36. Performance • Encryption • One pairing per keyword in document • One exponentiation per keyword • Search/Decryption • One pairing per keyword per document

  37. Optimizations • Cache pairings of frequently used keywords • eg. ê(“user:Alice”,sP) • Only need a pairing per new keyword on encryption • In limit exponentiation per keyword is dominant cost

  38. Optimizations • Cache pairings of frequently used keywords • eg. ê(“user:Alice”,sP) • Only need a pairing per new keyword on encryption • In limit exponentiation per keyword is dominant cost • Reuse randomness for IBE encryption within one document • Okay since cannot use same public key per document • In decryption only one pairing per document • Save storage in log

  39. Indexing • Incremental update of an index on untrusted storage is insecure

  40. Document Keywords Alice Ford Loans Indexing • Incremental update of an index on untrusted storage is insecure Index

  41. Document Keywords Alice Ford Loans Indexing • Incremental update of an index on untrusted storage is insecure Index

  42. Document Keywords Alice Loans Washington Indexing • Incremental update of an index on untrusted storage is insecure Index

  43. Document Keywords Alice Loans Washington Indexing • Incremental update of an index on untrusted storage is insecure Index

  44. Indexing • Build local index on auditing device and flush out to storage

  45. K’ K’’ K Document Document Document “Alice” “Sam” FLAG | K | K’’ FLAG | … Indexing • Build local index on auditing device and flush out to storage

  46. Indexing • Longer index is held in auditing device more information leaked on device compromise

  47. Implementation • Implemented a logging system for MySQL database queries • Goal to protect individual’s privacy • Used Stanford IBE library • Pairing cost ~80ms on current machines

  48. Related Work Searching on Encrypted Data • Boneh, Crescenzo, Ostrovsky and Persiano (2003) • Song, Wagner and Perrig (2000) • Goh (2003) Identity Based Encryption • Boneh and Franklin (2001)

  49. Conclusion • Tension between data access control and searchability in audit logs • Asymmetric scheme for searching on encrypted data • Explored optimizations for practical systems

More Related