Title | ||
---|---|---|
Chainiac: Proactive Software-Update Transparency Via Collectively Signed Skipchains And Verified Builds |
Abstract | ||
---|---|---|
Software-update mechanisms are critical to the security of modern systems, but their typically centralized design presents a lucrative and frequently attacked target. In this work, we propose CHAINIAC, a decentralized software update framework that eliminates single points of failure, enforces transparency, and provides efficient verifiability of integrity and authenticity for software-release processes. Independent tn collectively verify conformance of software updates to release policies, l fi validate the source-to-binary correspondence, and a tamper-proof release log stores collectively signed updates, thus ensuring that no release is accepted by clients before being widely disclosed and validated. The release log embodies a a n, a novel data structure, enabling arbitrarily out-of-date clients to efficiently validate updates and signing keys. Evaluation of our CHAINIAC prototype on reproducible Debian packages shows that the automated update process takes the average of 5 minutes per release for individual packages, and only 20 seconds for the aggregate timeline. We further evaluate the framework using real-world data from the PyPI package repository and show that it offers clients security comparable to verifying every single update themselves while consuming only one-fifth of the bandwidth and having a minimal computational overhead. |
Year | Venue | DocType |
---|---|---|
2017 | PROCEEDINGS OF THE 26TH USENIX SECURITY SYMPOSIUM (USENIX SECURITY '17) | Conference |
Volume | Citations | PageRank |
2017 | 0 | 0.34 |
References | Authors | |
11 | 8 |
Name | Order | Citations | PageRank |
---|---|---|---|
Kirill Nikitin | 1 | 4 | 1.43 |
Eleftherios Kokoris-Kogias | 2 | 149 | 14.56 |
Philipp Jovanovic | 3 | 266 | 19.22 |
Linus Gasser | 4 | 143 | 8.99 |
Nicolas Gailly | 5 | 142 | 8.64 |
Ismail Khoffi | 6 | 77 | 4.35 |
Justin Cappos | 7 | 17 | 4.48 |
Bryan Ford | 8 | 1573 | 149.56 |