CHAINIAC: Proactive software-update transparency via collectively signed skipchains and verified builds

Nikitin K, Kokoris Kogias E, Jovanovic P, Gasser L, Gailly N, Khoffi I, Cappos J, Ford B. 2017. CHAINIAC: Proactive software-update transparency via collectively signed skipchains and verified builds. Proceedings of the 26th USENIX Conference on Security Symposium. SEC: Security Symposium, 1271–1287.

Conference Paper | Published | English
Author
Nikitin, Kirill; Kokoris Kogias, LefterisISTA; Jovanovic, Philipp; Gasser, Linus; Gailly, Nicolas; Khoffi, Ismail; Cappos, Justin; Ford, Bryan
Abstract
Software-update mechanisms are critical to the security of modern systems, but their typically centralized design presents a lucrative and frequently attacked target. In this work, we propose CHAINIAC, a decentralized software-update framework that eliminates single points of failure, enforces transparency, and provides efficient verifiability of integrity and authenticity for software-release processes. Independent witness servers collectively verify conformance of software updates to release policies, build verifiers validate the source-to-binary correspondence, and a tamper-proof release log stores collectively signed updates, thus ensuring that no release is accepted by clients before being widely disclosed and validated. The release log embodies a skipchain, a novel data structure, enabling arbitrarily out-of-date clients to efficiently validate updates and signing keys. Evaluation of our CHAINIAC prototype on reproducible Debian packages shows that the automated update process takes the average of 5 minutes per release for individual packages, and only 20 seconds for the aggregate timeline. We further evaluate the framework using real-world data from the PyPI package repository and show that it offers clients security comparable to verifying every single update themselves while consuming only one-fifth of the bandwidth and having a minimal computational overhead.
Publishing Year
Date Published
2017-09-01
Proceedings Title
Proceedings of the 26th USENIX Conference on Security Symposium
Publisher
USENIX Association
Page
1271–1287
Conference
SEC: Security Symposium
Conference Location
Vancouver, Canada
Conference Date
2017-08-16 – 2017-08-18
IST-REx-ID

Cite this

Nikitin K, Kokoris Kogias E, Jovanovic P, et al. CHAINIAC: Proactive software-update transparency via collectively signed skipchains and verified builds. In: Proceedings of the 26th USENIX Conference on Security Symposium. USENIX Association; 2017:1271–1287.
Nikitin, K., Kokoris Kogias, E., Jovanovic, P., Gasser, L., Gailly, N., Khoffi, I., … Ford, B. (2017). CHAINIAC: Proactive software-update transparency via collectively signed skipchains and verified builds. In Proceedings of the 26th USENIX Conference on Security Symposium (pp. 1271–1287). Vancouver, Canada: USENIX Association.
Nikitin, Kirill, Eleftherios Kokoris Kogias, Philipp Jovanovic, Linus Gasser, Nicolas Gailly, Ismail Khoffi, Justin Cappos, and Bryan Ford. “CHAINIAC: Proactive Software-Update Transparency via Collectively Signed Skipchains and Verified Builds.” In Proceedings of the 26th USENIX Conference on Security Symposium, 1271–1287. USENIX Association, 2017.
K. Nikitin et al., “CHAINIAC: Proactive software-update transparency via collectively signed skipchains and verified builds,” in Proceedings of the 26th USENIX Conference on Security Symposium, Vancouver, Canada, 2017, pp. 1271–1287.
Nikitin K, Kokoris Kogias E, Jovanovic P, Gasser L, Gailly N, Khoffi I, Cappos J, Ford B. 2017. CHAINIAC: Proactive software-update transparency via collectively signed skipchains and verified builds. Proceedings of the 26th USENIX Conference on Security Symposium. SEC: Security Symposium, 1271–1287.
Nikitin, Kirill, et al. “CHAINIAC: Proactive Software-Update Transparency via Collectively Signed Skipchains and Verified Builds.” Proceedings of the 26th USENIX Conference on Security Symposium, USENIX Association, 2017, pp. 1271–1287.
All files available under the following license(s):
Copyright Statement:
This Item is protected by copyright and/or related rights. [...]

Link(s) to Main File(s)
Access Level
OA Open Access

Export

Marked Publications

Open Data ISTA Research Explorer

Search this title in

Google Scholar
ISBN Search