Decentralized reproducible packages distribution system

Michael Bideau michael at ...545...
Fri Dec 29 17:46:24 CET 2017


Hi everyone,

I'm very new to Genode (discovered last week with seL4), so please
forgive my lack of experience.

I just wanted to bring you some information that might interest you, may
be not today but soon (I hope).

I stumble accross CHAINIAC <https://eprint.iacr.org/2017/648.pdf>
(Usenix presentation video
<https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/nikitin>),
a system to distribute software with many nice properties, that might be
used for Debian packages one day.

I copy-past Bryan Ford (co-author) description emailed at IEFT
<https://www.ietf.org/mail-archive/web/suit/current/msg00154.html> :

Abstract: Software-update mechanisms are critical to the security of
modern systems, but their typically centralized design presents a
lucrative and frequently attacked target. In this work, we propose
CHAINIAC, a decentralized software-update framework that eliminates
single points of failure, enforces transparency, and provides efficient
verifiability of integrity and authenticity for software-release
processes. Independent witness servers collectively verify conformance
of software updates to release policies, build verifiers validate the
source-to-binary correspondence, and a tamper-proof release log stores
collectively signed updates, thus ensuring that no release is accepted
by clients before being widely disclosed and validated. The release log
embodies a skipchain, a novel data structure, enabling arbitrarily
out-of-date clients to efficiently validate updates and signing keys.
Evaluation of our CHAINIAC prototype on reproducible Debian packages
shows that the automated update process takes the average of 5 minutes
per release for individual packages, and only 20 seconds for the
aggregate timeline. We further evaluate the framework using real-world
data from the PyPI package repository and show that it offers clients
security comparable to verifying every single update themselves while
consuming only one-fifth of the bandwidth and having a
minimal computational overhead.

It uses blockchain, but it is an optional feature (as discussed in the
Q&A at the end of the Usenix Conference
<https://youtu.be/xpT6L8htINU?t=24m18s>) as long as you can check
servers of the Cothority (if I have understood it well).

It is written in Go (github repo <https://github.com/dedis/paper_chainiac>).


On the subject of application portability/deployment, I know there is a
lot of initiatives trying to normalize application packaging in a Linux
kernel context, like OCI <https://www.opencontainers.org/>, Habitat
<https://www.habitat.sh/>, Flatpak <https://flatpak.org/>, each
targetting a different audience (cloud/desktop). It might be an
interesting combination with Chainiac... I don't know.


That was my $2 contribution. Hope it was not spam for you.
I really want to help. I can start a wiki page if you want? But I will
not be able to maintain it.

Disclaimer : I'm absolutely not an expert neither about kernel/OS
development, software distribution/package management, cyber security or
any technology of this topic. But, until recently I've tryed to develop
a generic desktop secure OS that isolate every process into a sandbox
(using a Linux kernel, tools like firejail/bubblewrap/minijail providing
linux-namespace and secomp-bpf, and inspiration from OpenWall for least
priviledge policy. I've a prototype runing and working well but really
too hacky. I've stopped because of not enought time and resources.
Genode is an obviously much better approach! Congrats :-) I cannot wait
to see my workstation runing a port of Qubes/SubGraph on Genode+seL4...

Best wishes and happy new year.

Michael Bideau,
from France.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.genode.org/pipermail/users/attachments/20171229/ebe3e273/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.genode.org/pipermail/users/attachments/20171229/ebe3e273/attachment.sig>


More information about the users mailing list