[Cryptography] Auditable logs?

Tom Mitchell mitch at niftyegg.com
Mon Oct 27 05:45:38 EDT 2014


On Sun, Oct 26, 2014 at 5:28 PM, Sandy Harris <sandyinchina at gmail.com>
wrote:

> Various computer-mediated activities may end up in court for a range
> of reasons and in many cases log files  will be used as evidence.
> However for most log file formats, deleting a few lines or adding a
> few bogus ones is trivial. Even forging an entire file or large chunk
> thereof is not impossible.
>

There are risks here but crypto hashes of the source tree used to build a
software
product can be published without disclosing the source and any trade
secrets it might contain.

One risk is the difficulty of preserving the entire build system and the
entire process  involved.   After a couple years the hardware is unlikely
to be available.   An OS snapshot restored opens security issues patched
between then and now.  Some tools like an EMC cloud resource are
not under control (active and full audit) of customers.

However make rules could systematically generate strong hashes
of each file collect them sort compress and generate a hash...
Generated binary bits are harder to reproduce because some content
is date and time sensitive...   Make and make clean rules can reach
back a long way in time when deciding to generate an object file.
The object file set might span multiple compiler releases.  I have
yet to see a makefile that triggers a clean when the compiler changes.
I have seen engineers do it...

Ada and some milspec processes try to cover this -- Modula 4?  tried
as well.

Time is relentless...  large projects take time.

Good question.


-- 
  T o m    M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141027/43e621ca/attachment.html>


More information about the cryptography mailing list