[Cryptography] Auditable logs?
Henry Baker
hbaker1 at pipeline.com
Sun Oct 26 21:26:13 EDT 2014
At 05:28 PM 10/26/2014, Sandy Harris wrote:
>Various computer-mediated activities may end up in court for a range
>of reasons and in many cases log files will be used as evidence.
>However for most log file formats, deleting a few lines or adding a
>few bogus ones is trivial. Even forging an entire file or large chunk
>thereof is not impossible.
>
>Lawyers for one side or the other seem quite likely to attack the
>credibility of log files and/or of the sys admin who provides them. In
>at least some cases, proof "beyond reasonable doubt" is required and
>that is going to be very difficult if the lawyers trying to create
>some doubt are good.
>
>What sort of crypto mechanisms might help here? I can see various
>applications of digital signatures and timestamps that might help, but
>noting close to a full solution.
Auditability is one of the goals of the "crypto clock" thread.
Unfortunately, we can't even guarantee that a log entry was made
at the time that the log claims it was made.
So far, it would seem that incorporating your log (or a least a hash
of it) into the Bitcoin blockchain might seem to be the best bet for
a pretty decent guarantee. It might be worth spending the minimum
auditable Bitcoin amount to incorporate a log into the Bitcoin block
chain.
More information about the cryptography
mailing list