@article{yavuz_ning_reiter_2012, title={BAF and FI-BAF: Efficient and Publicly Verifiable Cryptographic Schemes for Secure Logging in Resource-Constrained Systems}, volume={15}, ISSN={["1557-7406"]}, DOI={10.1145/2240276.2240280}, abstractNote={
            Audit logs are an integral part of modern computer systems due to their forensic value. Protecting audit logs on a physically unprotected machine in hostile environments is a challenging task, especially in the presence of active adversaries. It is critical for such a system to have
            forward security
            and
            append-only
            properties such that when an adversary compromises a logging machine, she cannot forge or selectively delete the log entries accumulated before the compromise. Existing public-key-based secure logging schemes are computationally costly. Existing symmetric secure logging schemes are not publicly verifiable and open to certain attacks.
          }, number={2}, journal={ACM TRANSACTIONS ON INFORMATION AND SYSTEM SECURITY}, author={Yavuz, Attila A. and Ning, Peng and Reiter, Michael K.}, year={2012}, month={Jul} }
 @article{yavuz_ning_2012, title={Self-sustaining, efficient and forward-secure cryptographic constructions for Unattended Wireless Sensor Networks}, volume={10}, ISSN={["1570-8713"]}, DOI={10.1016/j.adhoc.2012.03.006}, abstractNote={Unattended Wireless Sensor Networks (UWSNs) operating in hostile environments face great security and performance challenges due to the lack of continuous real-time communication with the final data receivers (e.g., mobile data collectors). The lack of real-time communication forces sensors to accumulate sensed data possibly for long time periods, along with the corresponding authentication tags. It also makes UWSNs vulnerable to active adversaries, which can compromise sensors and manipulate the collected data. Hence, it is critical to have forward security property such that even if the adversary can compromise the current keying materials, she cannot forge authentication tags generated before the compromise. Forward secure and aggregate signature schemes are developed to address these issues. Unfortunately, existing schemes either impose substantial overhead, or do not allow public verifiability, thereby impractical for resource-constrained UWSNs.In this paper, we propose a new class of cryptographic schemes, referred to as Hash-BasedSequentialAggregate andForwardSecureSignature (HaSAFSS), which allows a signer to sequentially generate a compact, fixed-size, and publicly verifiable signature efficiently. We develop three HaSAFSS schemes, Symmetric HaSAFSS (Sym-HaSAFSS), Elliptic Curve Cryptography (ECC) based HaSAFSS (ECC-HaSAFSS) and self-SUstaining HaSAFSS (SU-HaSAFSS). These schemes integrate the efficiency of MAC-based aggregate signatures and the public verifiability of Public Key Cryptography (PKC)-based signatures by preserving forward security via Timed-Release Encryption (TRE). We demonstrate that our schemes are secure and also significantly more efficient than previous approaches.}, number={7}, journal={AD HOC NETWORKS}, author={Yavuz, Attila Altay and Ning, Peng}, year={2012}, month={Sep}, pages={1204–1220} }
 @article{yavuz_alagoz_anarim_2010, title={A new multi-tier adaptive military MANET security protocol using hybrid cryptography and signcryption}, volume={18}, number={1}, journal={Turkish Journal of Electrical Engineering and Computer Sciences}, author={Yavuz, A. A. and Alagoz, F. and Anarim, E.}, year={2010}, pages={1–21} }
 @article{yavuz_ning_2009, title={BAF: An Efficient Publicly Verifiable Secure Audit Logging Scheme for Distributed Systems}, ISBN={["978-0-7695-3919-5"]}, DOI={10.1109/acsac.2009.28}, abstractNote={Audit logs, providing information about the current and past states of systems, are one of the most important parts of modern computer systems. Providing security for audit logs on an untrusted machine in a large distributed system is a challenging task, especially in the presence of active adversaries. In such a system, it is critical to have forward security such that when an adversary compromises a machine, she cannot modify or forge the log entries accumulated before the compromise. Unfortunately, existing secure audit logging schemes have significant limitations that make them impractical for real-life applications: Existing Public Key Cryptography (PKC) based schemes are computationally expensive for logging in task intensive or resource-constrained systems, while existing symmetric schemes are not publicly verifiable and incur significant storage and communication overheads. In this paper, we propose a novel forward secure and aggregate logging scheme called Blind-Aggregate-Forward (BAF) logging scheme, which is suitable for large distributed systems. BAF can produce publicly verifiable forward secure and aggregate signatures with near-zero computational, storage, and communication costs for the loggers, without requiring any online Trusted Third Party (TTP) support. We prove that BAF is secure under appropriate computational assumptions, and demonstrate that BAF is significantly more efficient and scalable than the previous schemes. Therefore, BAF is an ideal solution for secure logging in both task intensive and resource-constrained systems.}, journal={25TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE}, author={Yavuz, Attila A. and Ning, Peng}, year={2009}, pages={219–228} }