From: Lennart Poettering Date: Tue, 18 Jun 2013 14:25:11 +0000 (+0200) Subject: journal: add references to SSKG paper FSS is based on X-Git-Tag: v205~109 X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=commitdiff_plain;h=fe004b7c3a8325eb8d5420c1b940a5ade2691417 journal: add references to SSKG paper FSS is based on --- diff --git a/man/journalctl.xml b/man/journalctl.xml index 7a8d4b2dc..564634b75 100644 --- a/man/journalctl.xml +++ b/man/journalctl.xml @@ -593,7 +593,10 @@ sealing key is stored in the journal data directory and shall remain on the host. The verification key should be - stored externally. + stored externally. Also see the + option in + journald.conf5 + for details. diff --git a/man/journald.conf.xml b/man/journald.conf.xml index fe47fdffe..26f47f897 100644 --- a/man/journald.conf.xml +++ b/man/journald.conf.xml @@ -130,9 +130,15 @@ by journalctl1's - command), forward secure sealing (FSS) for - all persistent journal files is - enabled. + command), forward secure sealing (FSS) + for all persistent journal files is + enabled. FSS is based on Seekable + Sequential Key Generators by + G. A. Marson and B. Poettering and + may be used to protect journal files + from unnoticed + alteration. diff --git a/src/journal/fsprg.c b/src/journal/fsprg.c index 6817a629c..dd9a24256 100644 --- a/src/journal/fsprg.c +++ b/src/journal/fsprg.c @@ -19,7 +19,13 @@ * License along with this library; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA * 02110-1301 USA + */ + +/* + * See "Practical Secure Logging: Seekable Sequential Key Generators" + * by G. A. Marson, B. Poettering for details: * + * http://eprint.iacr.org/2013/397 */ #include