Enhancing Syslog Message Security and Reliability over Unidirectional Fiber Optics

Standard log transmission protocols do not offer a robust way of segregating the log network from potential threats. A secure log transmission system and the realization of a data diode using affordable components are proposed. Unidirectional data flow prevents unauthorized access and eavesdropping, ensuring the integrity and confidentiality of sensitive log data. The system uses an encryption protocol that requires that the upstream and the downstream of the data diode are perfectly synchronized, mitigating replay attacks. It has been shown that message amplification can mitigate UDP packet loss, but this is only required when the data diode traffic is congested. The implementation of the encryption algorithm is suitable for resource-constrained devices and it has been shown to produce random-looking output even on a reduced number of rounds when compared to the parent cipher. Several improvements have been made to the original encryption algorithm for which an actual implementation was missing. Free software and datasets have been made available to reproduce the results. The complete solution is easy to reproduce in order to secure the segregation of a log network inside any scenario where logging is required by the law and log tampering must be prevented.