0

Let's say that I have an executable running on a client machine, and, it requires to download some updates on a regular basis. The solution uses TLS to communicate with the download server.

I would like to include authenticating these updates before applying them, i.e., that these updates are cryptographically signed.

My suggestion is to use Asymmetric Encryption, this requires distributing the Public Key with the executable running on the client machine. The download server will sign the updates with the private key. This would allow the client machine use the public key to verify the updates.

My questions:

  • Is this the general standard approach?

  • Would the public key be generally pushed with the executable running on the client machine or would this just be a look up via some REST API?

  • Do Apple (or others) implement a similar approach when they verify the downloaded file for when they are applying an update to the IOS platform?

  • Would I need to include the use of a certificate ?

I am not interested in merits of TLS etc.

Darragh
  • 1,102
  • 9
  • 15
  • 1
    You should checkout The Update Framework (TUF) project: https://github.com/theupdateframework/tuf. All of your concerns are discussed and covered there. – mricon Jan 24 '20 at 15:44

1 Answers1

1

Yes, code signing with asymmetric crypto is very common. The exact mechanics vary by OS, but the general principal that the author of the software package, or the central repo / app store, or both, signs every code package with their asymmetric key:

The tricky part here is that you need some way for the end-user's device to trust your signing key; simply attaching the public key to the binary doesn't work because an attacker could modify your binary, re-sign it with their own key, and replace your public key with theirs.

Typically this is solved by signing with a certificate that chains to a trusted CA or PGP root key, for example either a publicly-trusted CA, or an internal CA or PGP key that is trusted by your whizpop devices.

You could do as you suggest and have client fetch the public key of the signer via an API, in which case trust in the key will be rooted in the TLS certificate that the API server is using. There are lots of options.

TL;DR

Yes, signing binaries with asymmetric crypto is very common. You'll probably need to do some work to establish trust in the signing key. For inspiration and ideas, see the links to how each OS handles code signing.

Community
  • 1
Mike Ounsworth
  • 57,707
  • 21
  • 150
  • 207