WingNews logo WingNews
top | item 25995586

(no title)

cocktailpeanuts | 5 years ago

Maybe I'm missing something, but there is already the term "append only logs" which we use everywhere. How is this different from append only logs? Append only logs rely on cryptography to make the history transparent too. I skimmed through the website but couldn't find a distinction.

Also, the website format is kinda weird. As I reach the bottom of the page, it looks like this is a promotional site for Trillian. Maybe the confusion comes from here. What is this site really about?

discuss

order

tleb_|5 years ago

What cryptography are you referring to when talking about append-only logs? To me, an AOL is just a list of records that has a single operation, append. It could be implemented as a file that is only opened in append mode, multiple files (eg logrotate), a lib that works in memory, a process that exposes an API, etc. I don't see any cryptography here.

MertsA|5 years ago

In general, yes, an append only log might be weakly "append only". If you want a cryptographic approach look at how forward secure sealing works with systemd. Basically you make a cryptographic ratchet on the system doing the logging such that given some arbitrary key you can find out what the next key is but not the previous one. You generate a verification key that you take off of the system in question at the start and the verification key can be used to efficiently check any part of that series. During operation you sign the log segment you just wrote out on some regular interval and then ratchet the key forward and delete the old key in memory to where even if the system was completely compromised it no longer holds a key that could rewrite the previous log segment.

drdeca|5 years ago

There is something called an authenticated append only skip list, which I think is kinda neat. It is basically what it sounds like. Iirc it allows certificates showing that something has a particular place in the list, given the assumption of the latest thing added to it, in length at most logarithmic in the length of the list.