Paper Info
Title
Baton: certificate agility for android's decentralized signing infrastructure
Abstract
Android's trust-on-first-use application signing model associates developers with a fixed code signing certificate, but lacks a mechanism to enable transparent key updates or certificate renewals. The model allows application updates to be recognized as authorized by a party with access to the original signing key. However, changing keys or certificates requires that end users manually uninstall/reinstall apps, losing all non-backed up user data. In this paper, we show that with appropriate OS support, developers can securely and without user intervention transfer signing authority to a new signing key. Our proposal, Baton, modifies Android's app installation framework enabling key agility while preserving backwards compatibility with current apps and current Android releases. Baton is designed to work consistently with current UID sharing and signature permission requirements. We discuss technical details of the Android-specific implementation, as well as the applicability of the Baton protocol to other decentralized environments.
Year
DOI
Venue
2014
10.1145/2627393.2627397
WISEC
Keywords
Field
DocType
android,application signing,cryptographic controls,mobile operating systems
Permission,World Wide Web,Android (operating system),End user,Computer science,Computer security,Public key certificate,Code signing,Computer network,Backward compatibility,Certificate,Certificate signing request
Conference
Citations 
PageRank 
References 
3
0.40
18
Authors
4
Name
Order
Citations
PageRank
David Barrera133623.52
Daniel McCarney2492.54
Jeremy Clark324714.30
P. C. van Oorschot44230414.39