Upload
others
View
4
Download
0
Embed Size (px)
Citation preview
When the going gets tough,Get TUF going!
Riyaz Faizullabhoy - @riyazdf
Motivation
What is TUF?
Using TUF
Hermetic Builds
Where does software come from?
$> _
$>curl | sudo bash
$>apt-get install
• authenticity
$>apt-get install
• authenticity• integrity
$>apt-get install really-old-foo
$>#not after 2007 $>apt-get install really-old-foo
• authenticity• integrity• freshness
$> $pkg-manager install foo
• authenticity (TLS)• integrity (TLS)• freshness
• authenticity (TLS - transport only)• integrity (TLS - transport only)• freshness
foo
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAABCAAGBQJXUtcbAAoJEItIrWJGklVTp6oP/ROIMdfBerB+sKswke8mau1w aalsr6MmQgARItPhsQvFUaRXEXDJvefRdPJl+xDl1zUkJJhLJIsW9VmpBk19l2pU oWuiy6Ou9BWWA2qmS/3BKdmriuXp8LtjpQ2prj3jefOfIcUUlWtusATp0qM3JvGr UWFDkxzQAqZycwuY7n1e4YNyE30iAbPtWB3cKs6Bi7nNWREeQ9cAsJJPnVIl/e6t H3KI8F2QkQ/HwfN9KYfZKyChMubBKsl1txOlgHs1QLrrhft6kP3RDoKRhJTuPvnr 3QWH3Hlo6B/nqpX7hOcAkw6gfnpVe+SHBKOE8b93nTR4Gh7l1R1hjdUdO46rQLVy iz1WcWgJkMj13kePrDC3gM+CaT7O0ug4dQ1b1brPzuJwz7j7mHIIOUdwOZ+7OWf5 ppdxXB5E6/XJN2X26V3KdHTgfsFmu2eX9PaDIjA26XP8DtPOSaz6sYrPxQtRPS2w oSp8Kkgh4kVTftymKvDcbFp7OF1qhCxWkwvCB+StTI5s+aRfkIUqQkYS12EYI6b7 uQq0r5QjM6DzsnCRKrRh2EUzgHdfax1iIEY+kC2BvG+Xw6wHro47iR4gaRzR1c7x LRm5uxrGCq5zV9Lp+LBNGkAQJzivkm8ka7yYss5DIk6gVeTsHbcSLnmt4rUViZOp BsAoXDQUdfv80oIg39BMiQIcBAABCAAGBQJXUtcbAAoJEHY40EQrkNAQp6oQAIsl 7tPJpwTzKrv6r8gEQggyRvFEp8Ubi+/8wPf+AawutClXNONB5lLvceA0SEgwPH0L js+kDrmNZRQ65PAEUf0mWwq8kdNWTcVDfKvI/Te2tr65/yaVFTLDDoAsC9M5Q9QX i3h0xCZAT6hQSl7oSzWQIJkAqAer/9ctvYE6S9hAyiUIj9MQUA/PPBmEUcxKlADd Rjg2JHJJFODkciHWyQboU7UAOwpGIW/LFgFlr+nMomP/wQoZdOKyKS0QG8I0dxbh o19tvoxBN32KS6yQM1oQDhvXIlvZiirohBCXSVXiLYIzEzZfcLqP9cRGOUlzMtKw P9m1tM0Lx+yY8OZTshedR+u+6lW+vdPQ0Ar3MzE+98DE3zT+NDgGUJQNAtfkFesW az6bMS07c947zbBZIAg0iO0ys2PCI7bwNdJAJ9VjujAKZ5R5c9IZOltF3RRiQcn9 QODaFM4cGrndS53tmtjR2vPNoEk8jVR0mbp6Nyr7t4sgCGkiDyqO1xZOIOX1pCMQ seD6XOq2cWTSSisIRo8Cccdo3ciE4yfYZQ/3+gLaqDOrtBIGxj9iumS1ELI6XHb7 7LjYz72Z5gjzK2X+jQCJFD/QNZv4n8dkoYgRVk4ZgEg+BuctUA85RggaLR2R9JCV NRcXJtGybbGDQ85vFuzLYyUrSnfc5Vcm31tcy94h =nSRR -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAABCAAGBQJXUtcbAAoJEItIrWJGklVTp6oP/ROIMdfBerB+sKswke8mau1w aalsr6MmQgARItPhsQvFUaRXEXDJvefRdPJl+xDl1zUkJJhLJIsW9VmpBk19l2pU oWuiy6Ou9BWWA2qmS/3BKdmriuXp8LtjpQ2prj3jefOfIcUUlWtusATp0qM3JvGr UWFDkxzQAqZycwuY7n1e4YNyE30iAbPtWB3cKs6Bi7nNWREeQ9cAsJJPnVIl/e6t H3KI8F2QkQ/HwfN9KYfZKyChMubBKsl1txOlgHs1QLrrhft6kP3RDoKRhJTuPvnr 3QWH3Hlo6B/nqpX7hOcAkw6gfnpVe+SHBKOE8b93nTR4Gh7l1R1hjdUdO46rQLVy iz1WcWgJkMj13kePrDC3gM+CaT7O0ug4dQ1b1brPzuJwz7j7mHIIOUdwOZ+7OWf5 ppdxXB5E6/XJN2X26V3KdHTgfsFmu2eX9PaDIjA26XP8DtPOSaz6sYrPxQtRPS2w oSp8Kkgh4kVTftymKvDcbFp7OF1qhCxWkwvCB+StTI5s+aRfkIUqQkYS12EYI6b7 uQq0r5QjM6DzsnCRKrRh2EUzgHdfax1iIEY+kC2BvG+Xw6wHro47iR4gaRzR1c7x LRm5uxrGCq5zV9Lp+LBNGkAQJzivkm8ka7yYss5DIk6gVeTsHbcSLnmt4rUViZOp BsAoXDQUdfv80oIg39BMiQIcBAABCAAGBQJXUtcbAAoJEHY40EQrkNAQp6oQAIsl 7tPJpwTzKrv6r8gEQggyRvFEp8Ubi+/8wPf+AawutClXNONB5lLvceA0SEgwPH0L js+kDrmNZRQ65PAEUf0mWwq8kdNWTcVDfKvI/Te2tr65/yaVFTLDDoAsC9M5Q9QX i3h0xCZAT6hQSl7oSzWQIJkAqAer/9ctvYE6S9hAyiUIj9MQUA/PPBmEUcxKlADd Rjg2JHJJFODkciHWyQboU7UAOwpGIW/LFgFlr+nMomP/wQoZdOKyKS0QG8I0dxbh o19tvoxBN32KS6yQM1oQDhvXIlvZiirohBCXSVXiLYIzEzZfcLqP9cRGOUlzMtKw P9m1tM0Lx+yY8OZTshedR+u+6lW+vdPQ0Ar3MzE+98DE3zT+NDgGUJQNAtfkFesW az6bMS07c947zbBZIAg0iO0ys2PCI7bwNdJAJ9VjujAKZ5R5c9IZOltF3RRiQcn9 QODaFM4cGrndS53tmtjR2vPNoEk8jVR0mbp6Nyr7t4sgCGkiDyqO1xZOIOX1pCMQ seD6XOq2cWTSSisIRo8Cccdo3ciE4yfYZQ/3+gLaqDOrtBIGxj9iumS1ELI6XHb7 7LjYz72Z5gjzK2X+jQCJFD/QNZv4n8dkoYgRVk4ZgEg+BuctUA85RggaLR2R9JCV NRcXJtGybbGDQ85vFuzLYyUrSnfc5Vcm31tcy94h =nSRR -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAABCAAGBQJXUtcbAAoJEItIrWJGklVTp6oP/ROIMdfBerB+sKswke8mau1w aalsr6MmQgARItPhsQvFUaRXEXDJvefRdPJl+xDl1zUkJJhLJIsW9VmpBk19l2pU oWuiy6Ou9BWWA2qmS/3BKdmriuXp8LtjpQ2prj3jefOfIcUUlWtusATp0qM3JvGr UWFDkxzQAqZycwuY7n1e4YNyE30iAbPtWB3cKs6Bi7nNWREeQ9cAsJJPnVIl/e6t H3KI8F2QkQ/HwfN9KYfZKyChMubBKsl1txOlgHs1QLrrhft6kP3RDoKRhJTuPvnr 3QWH3Hlo6B/nqpX7hOcAkw6gfnpVe+SHBKOE8b93nTR4Gh7l1R1hjdUdO46rQLVy iz1WcWgJkMj13kePrDC3gM+CaT7O0ug4dQ1b1brPzuJwz7j7mHIIOUdwOZ+7OWf5 ppdxXB5E6/XJN2X26V3KdHTgfsFmu2eX9PaDIjA26XP8DtPOSaz6sYrPxQtRPS2w oSp8Kkgh4kVTftymKvDcbFp7OF1qhCxWkwvCB+StTI5s+aRfkIUqQkYS12EYI6b7 uQq0r5QjM6DzsnCRKrRh2EUzgHdfax1iIEY+kC2BvG+Xw6wHro47iR4gaRzR1c7x LRm5uxrGCq5zV9Lp+LBNGkAQJzivkm8ka7yYss5DIk6gVeTsHbcSLnmt4rUViZOp BsAoXDQUdfv80oIg39BMiQIcBAABCAAGBQJXUtcbAAoJEHY40EQrkNAQp6oQAIsl 7tPJpwTzKrv6r8gEQggyRvFEp8Ubi+/8wPf+AawutClXNONB5lLvceA0SEgwPH0L js+kDrmNZRQ65PAEUf0mWwq8kdNWTcVDfKvI/Te2tr65/yaVFTLDDoAsC9M5Q9QX i3h0xCZAT6hQSl7oSzWQIJkAqAer/9ctvYE6S9hAyiUIj9MQUA/PPBmEUcxKlADd Rjg2JHJJFODkciHWyQboU7UAOwpGIW/LFgFlr+nMomP/wQoZdOKyKS0QG8I0dxbh o19tvoxBN32KS6yQM1oQDhvXIlvZiirohBCXSVXiLYIzEzZfcLqP9cRGOUlzMtKw P9m1tM0Lx+yY8OZTshedR+u+6lW+vdPQ0Ar3MzE+98DE3zT+NDgGUJQNAtfkFesW az6bMS07c947zbBZIAg0iO0ys2PCI7bwNdJAJ9VjujAKZ5R5c9IZOltF3RRiQcn9 QODaFM4cGrndS53tmtjR2vPNoEk8jVR0mbp6Nyr7t4sgCGkiDyqO1xZOIOX1pCMQ seD6XOq2cWTSSisIRo8Cccdo3ciE4yfYZQ/3+gLaqDOrtBIGxj9iumS1ELI6XHb7 7LjYz72Z5gjzK2X+jQCJFD/QNZv4n8dkoYgRVk4ZgEg+BuctUA85RggaLR2R9JCV NRcXJtGybbGDQ85vFuzLYyUrSnfc5Vcm31tcy94h =nSRR -----END PGP SIGNATURE-----
$>apt-get install really-old-foo
Freeze and Rollback Attacks?
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAABCAAGBQJXUtcbAAoJEItIrWJGklVTp6oP/ROIMdfBerB+sKswke8mau1w aalsr6MmQgARItPhsQvFUaRXEXDJvefRdPJl+xDl1zUkJJhLJIsW9VmpBk19l2pU oWuiy6Ou9BWWA2qmS/3BKdmriuXp8LtjpQ2prj3jefOfIcUUlWtusATp0qM3JvGr UWFDkxzQAqZycwuY7n1e4YNyE30iAbPtWB3cKs6Bi7nNWREeQ9cAsJJPnVIl/e6t H3KI8F2QkQ/HwfN9KYfZKyChMubBKsl1txOlgHs1QLrrhft6kP3RDoKRhJTuPvnr 3QWH3Hlo6B/nqpX7hOcAkw6gfnpVe+SHBKOE8b93nTR4Gh7l1R1hjdUdO46rQLVy iz1WcWgJkMj13kePrDC3gM+CaT7O0ug4dQ1b1brPzuJwz7j7mHIIOUdwOZ+7OWf5 ppdxXB5E6/XJN2X26V3KdHTgfsFmu2eX9PaDIjA26XP8DtPOSaz6sYrPxQtRPS2w oSp8Kkgh4kVTftymKvDcbFp7OF1qhCxWkwvCB+StTI5s+aRfkIUqQkYS12EYI6b7 uQq0r5QjM6DzsnCRKrRh2EUzgHdfax1iIEY+kC2BvG+Xw6wHro47iR4gaRzR1c7x LRm5uxrGCq5zV9Lp+LBNGkAQJzivkm8ka7yYss5DIk6gVeTsHbcSLnmt4rUViZOp BsAoXDQUdfv80oIg39BMiQIcBAABCAAGBQJXUtcbAAoJEHY40EQrkNAQp6oQAIsl 7tPJpwTzKrv6r8gEQggyRvFEp8Ubi+/8wPf+AawutClXNONB5lLvceA0SEgwPH0L js+kDrmNZRQ65PAEUf0mWwq8kdNWTcVDfKvI/Te2tr65/yaVFTLDDoAsC9M5Q9QX i3h0xCZAT6hQSl7oSzWQIJkAqAer/9ctvYE6S9hAyiUIj9MQUA/PPBmEUcxKlADd Rjg2JHJJFODkciHWyQboU7UAOwpGIW/LFgFlr+nMomP/wQoZdOKyKS0QG8I0dxbh o19tvoxBN32KS6yQM1oQDhvXIlvZiirohBCXSVXiLYIzEzZfcLqP9cRGOUlzMtKw P9m1tM0Lx+yY8OZTshedR+u+6lW+vdPQ0Ar3MzE+98DE3zT+NDgGUJQNAtfkFesW az6bMS07c947zbBZIAg0iO0ys2PCI7bwNdJAJ9VjujAKZ5R5c9IZOltF3RRiQcn9 QODaFM4cGrndS53tmtjR2vPNoEk8jVR0mbp6Nyr7t4sgCGkiDyqO1xZOIOX1pCMQ seD6XOq2cWTSSisIRo8Cccdo3ciE4yfYZQ/3+gLaqDOrtBIGxj9iumS1ELI6XHb7 7LjYz72Z5gjzK2X+jQCJFD/QNZv4n8dkoYgRVk4ZgEg+BuctUA85RggaLR2R9JCV NRcXJtGybbGDQ85vFuzLYyUrSnfc5Vcm31tcy94h =nSRR -----END PGP SIGNATURE-----
Survivable Key Compromise?
• authenticity • integrity• freshness• survivable key compromise
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAABCAAGBQJXUtcbAAoJEItIrWJGklVTp6oP/ROIMdfBerB+sKswke8mau1w aalsr6MmQgARItPhsQvFUaRXEXDJvefRdPJl+xDl1zUkJJhLJIsW9VmpBk19l2pU oWuiy6Ou9BWWA2qmS/3BKdmriuXp8LtjpQ2prj3jefOfIcUUlWtusATp0qM3JvGr UWFDkxzQAqZycwuY7n1e4YNyE30iAbPtWB3cKs6Bi7nNWREeQ9cAsJJPnVIl/e6t H3KI8F2QkQ/HwfN9KYfZKyChMubBKsl1txOlgHs1QLrrhft6kP3RDoKRhJTuPvnr 3QWH3Hlo6B/nqpX7hOcAkw6gfnpVe+SHBKOE8b93nTR4Gh7l1R1hjdUdO46rQLVy iz1WcWgJkMj13kePrDC3gM+CaT7O0ug4dQ1b1brPzuJwz7j7mHIIOUdwOZ+7OWf5 ppdxXB5E6/XJN2X26V3KdHTgfsFmu2eX9PaDIjA26XP8DtPOSaz6sYrPxQtRPS2w oSp8Kkgh4kVTftymKvDcbFp7OF1qhCxWkwvCB+StTI5s+aRfkIUqQkYS12EYI6b7 uQq0r5QjM6DzsnCRKrRh2EUzgHdfax1iIEY+kC2BvG+Xw6wHro47iR4gaRzR1c7x LRm5uxrGCq5zV9Lp+LBNGkAQJzivkm8ka7yYss5DIk6gVeTsHbcSLnmt4rUViZOp BsAoXDQUdfv80oIg39BMiQIcBAABCAAGBQJXUtcbAAoJEHY40EQrkNAQp6oQAIsl 7tPJpwTzKrv6r8gEQggyRvFEp8Ubi+/8wPf+AawutClXNONB5lLvceA0SEgwPH0L js+kDrmNZRQ65PAEUf0mWwq8kdNWTcVDfKvI/Te2tr65/yaVFTLDDoAsC9M5Q9QX i3h0xCZAT6hQSl7oSzWQIJkAqAer/9ctvYE6S9hAyiUIj9MQUA/PPBmEUcxKlADd Rjg2JHJJFODkciHWyQboU7UAOwpGIW/LFgFlr+nMomP/wQoZdOKyKS0QG8I0dxbh o19tvoxBN32KS6yQM1oQDhvXIlvZiirohBCXSVXiLYIzEzZfcLqP9cRGOUlzMtKw P9m1tM0Lx+yY8OZTshedR+u+6lW+vdPQ0Ar3MzE+98DE3zT+NDgGUJQNAtfkFesW az6bMS07c947zbBZIAg0iO0ys2PCI7bwNdJAJ9VjujAKZ5R5c9IZOltF3RRiQcn9 QODaFM4cGrndS53tmtjR2vPNoEk8jVR0mbp6Nyr7t4sgCGkiDyqO1xZOIOX1pCMQ seD6XOq2cWTSSisIRo8Cccdo3ciE4yfYZQ/3+gLaqDOrtBIGxj9iumS1ELI6XHb7 7LjYz72Z5gjzK2X+jQCJFD/QNZv4n8dkoYgRVk4ZgEg+BuctUA85RggaLR2R9JCV NRcXJtGybbGDQ85vFuzLYyUrSnfc5Vcm31tcy94h =nSRR -----END PGP SIGNATURE-----
Trust Thresholding?
• authenticity • integrity• freshness• survivable key compromise• thresholding
• authenticity • integrity• freshness• survivable key compromise• thresholding
• authenticity • integrity• freshness• survivable key compromise• thresholding• ease of use
Get TUF(The Update Framework)
•Diplomat: Using Delegations to Protect Community Repositories •Survivable Key Compromise in Software Update Systems •A Look in the Mirror: Attacks on Package Managers •Package Management Security
TUF repository
TUF repository packages
root timestamp snapshot targets delegation
Root:
Timestamp:
Snapshot:
Targets:
Expiry: ...
Root Metadata
Root:
Timestamp:
Snapshot:
Targets:
Expiry: ...
Root Metadata
USA
Switzerland
China
Offline for security
• Backup in bank vault
• Use signing hardware
TUF repository packages
?
java : { hashes }openssl : { hashes }…
Expiry: ...
Targets Metadata
Keys: { Alice: Bob:}
Expiry: ...
Targets Metadata
A
B
java:openssl:
[Alice][Bob]
Delegation Metadata
Ajava-8-jre : { hashes }java-7-jre : { hashes }...Expiry: ...
Bopenssl-1.0.1t : { hashes }openssl-1.0.2h : { hashes }...Expiry: ...
java-8-jre java-7-jre
openssl-1.0.1t openssl-1.0.2h
A
B
openssl-1.0.1t openssl-1.0.2h
java java-8-jdkjava-7-jdk
java-8-jrejava-7-jre
apt
openssl
A
B
C
A
jdk
jre
openssl-1.0.1t openssl-1.0.2h
java java-8-jdkjava-7-jdk
java-8-jrejava-7-jre
apt
openssl
A
B
C
A
jdk
jre
E
D
• authenticity • integrity• freshness• survivable key compromise• thresholding
• authenticity • integrity• freshness• survivable key compromise• thresholding
• authenticity • integrity• freshness• survivable key compromise• thresholding
Root : { hashes }Targets : { hashes }
Alice : { hashes }Bob : { hashes }…
Expiry: ...
Snapshot Metadata
• authenticity • integrity• freshness• survivable key compromise• thresholding
Snapshot : { hashes }
…
Expiry: 24 hours from now
Timestamp Metadata
openssl-1.0.1t openssl-1.0.2h
java java-8-jdkjava-7-jdk
java-8-jrejava-7-jre
apt
openssl
A
B
C
A
jdk
jre
E
D X
• authenticity • integrity• freshness• survivable key compromise• thresholding
#
# #
#
#
#
Timestamp
Lifetime
Snapshot
Targets/ Delegations
Root
Metadata Lifetime
t
Timestamp
Lifetime
Snapshot
Targets/ Delegations
Root
Keeping Freshness
t
Timestamp
Lifetime
Snapshot
Targets/ Delegations
Root
Snapshot Expired!
t
Timestamp
Lifetime
Snapshot
Targets/ Delegations
Root
Sign a new Snapshot
t
Timestamp
Lifetime
Snapshot
Targets/ Delegations
Root
Sign a new Timestamp to point the Snapshot
t
Timestamp
Lifetime
Snapshot
Targets/ Delegations
Root
Want to publish something?
t
Timestamp
Lifetime
Snapshot
Targets/ Delegations
Root
Sign the hash into a new Targets or Delegation file
t
Timestamp
Lifetime
Snapshot
Targets/ Delegations
Root
Sign a new Snapshot that references this Targets file
t
Timestamp
Lifetime
Snapshot
Targets/ Delegations
Root
Sign a new Timestamp that references the new Snapshot
t
Timestamp
Lifetime
Snapshot
Targets/ Delegations
Root
Situation normal
t
Timestamp
Lifetime
Snapshot
Targets/ Delegations
Root
Oh no, I think my Snapshot key was compromised!
t
Compromise is “when” not “if”
Root: Timestamp: Snapshot: Targets:
Root Metadata
Root: Timestamp: Snapshot: Targets:
Root Metadata
Snapshot Metadata
Timestamp
Lifetime
Snapshot
Targets/ Delegations
Root
Before recovery
t
Timestamp
Lifetime
Snapshot
Targets/ Delegations
Root
Create and sign the new Snapshot key into Root
t
Timestamp
Lifetime
Snapshot
Targets/ Delegations
Root
Sign a new Snapshot with the new key
t
Timestamp
Lifetime
Snapshot
Targets/ Delegations
Root
Sign new Timestamp to reference new Snapshot
t
• authenticity • integrity• freshness• survivable key compromise• thresholding• ease of use
coming soon!
GPG TUF
• …• auditability
?
How can we start using TUF?
Demo
• ease of use?
Demo
• authenticity • integrity• freshness• survivable key compromise• thresholding• ease of use
github.com/docker/notary
$> export DOCKER_CONTENT_TRUST=1
alpine
latest: {hash} edge: {hash} 2.6: {hash} 3.3: {hash} 3.4: {hash}
alpine
$> $pkg-manager install openssl
Design Goals: - root of trust in package manager maintainers - with thresholding
- freshness guarantees
- signed index of all packages
- signed package targets by package maintainers - name to hash resolution - with thresholding
package-manager maintainer(s)
freshness
package-manager maintainer(s)
signs indexfreshness
package-manager maintainer(s)
signs indexfreshness
maintainer keys
package-manager maintainer(s)
signs indexfreshness
maintainer keys
openssl: {hash}
package-manager maintainer(s)
Future work: hermetic builds
Learn More• Read the spec:
• github.com/theupdateframework/tuf/ (docs/tuf-spec.txt)
• Look at Notary: • github.com/docker/notary
• Read the Docker Content Trust docs:• docs.docker.com/engine/security/trust/content_trust/
THANK YOU
Root:
Timestamp:
Snapshot:
Targets:
Expiry: ...
Root Metadata
Appendix: root key rotations
Root:
Timestamp:
Snapshot:
Targets:
Expiry: ...
Root Metadata
Appendix: root key rotations
Root:
Timestamp:
Snapshot:
Targets:
newRoot:
Timestamp:
Snapshot:
Targets:
old
Appendix: root key rotations
Root:
Timestamp:
Snapshot:
Targets:
newRoot:
Timestamp:
Snapshot:
Targets:
oldXAppendix: root key rotations
Appendix: DCT pull flow
Appendix: DCT pull flow
uses manifest/layer merkle tree