Dear CT folks, I just wanted to let you know about some recent transparency work from my lab at EPFL, which we presented at USENIX Security ’17 and may be of interest to this group:
CHAINIAC: Proactive Software-Update Transparency via Collectively Signed Skipchains and Verified Builds https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/nikitin <https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/nikitin> Abstract: Software-update mechanisms are critical to the security of modern systems, but their typically centralized design presents a lucrative and frequently attacked target. In this work, we propose CHAINIAC, a decentralized software-update framework that eliminates single points of failure, enforces transparency, and provides efficient verifiability of integrity and authenticity for software-release processes. Independent witness servers collectively verify conformance of software updates to release policies, build verifiers validate the source-to-binary correspondence, and a tamper-proof release log stores collectively signed updates, thus ensuring that no release is accepted by clients before being widely disclosed and validated. The release log embodies a skipchain, a novel data structure, enabling arbitrarily out-of-date clients to efficiently validate updates and signing keys. Evaluation of our CHAINIAC prototype on reproducible Debian packages shows that the automated update process takes the average of 5 minutes per release for individual packages, and only 20 seconds for the aggregate timeline. We further evaluate the framework using real-world data from the PyPI package repository and show that it offers clients security comparable to verifying every single update themselves while consuming only one-fifth of the bandwidth and having a minimal computational overhead. I’ll be at IETF 100 but unfortunately can’t make it until after the trans meeting. But I will be doing two brief Chainiac-related presentations in two IRTF meetings later in the week: - In the CFRG meeting on Wednesday I’ll talk about SkipChains, the cryptographically traversable blockchain structure enabling offline and peer-to-peer verification of updates. - In the HRPC meeting on Friday I’ll talk about the end-to-end software supply chain security and transparency issues that the Chainiac architecture addresses. Thanks Bryan
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
