A few weekends ideas from an IT guy about log-management shared on arXiv:2110.02103 cs.CR:
Notarial timestamps savings in logs management via Merkle trees and Key Derivation Functions
Nowadays log files handling imposes to ISPs (intended in their widest scope) strict normative duties apart from common technological issues. This work analyses how retention time policies and timestamping are deeply interlinked from the point of view of service providers, possibly leading to costs rise. A new schema is proposed trying to mitigate the need for third-party suppliers, enforcing cryptographic primitives well established in other fields of Information Technology but perhaps not yet widespread in logs management. The foundations of timestamping are recapped, and properties of cryptographic primitives introduced as a natural way to bypass legacy schema inefficiency and as an extra level of protection: these choices are justified by savings estimation (with regard to different ISP magnitudes) and by some basic security considerations.