《CloudNativeSecurityCon 2023 .pdf》由会员分享,可在线阅读,更多相关《CloudNativeSecurityCon 2023 .pdf(28页珍藏版)》请在三个皮匠报告上搜索。
1、Marina Moore and Zachary NewmanNot all thats Signed is Secure:Verify the Right Way with TUF and SigstoreThe problem Sigstore has more developers signing software So users are more secure,right?Signatures only help when verified correctly Antipattern:verify software was signed,but not who signed itSo
2、lution summary Enable flexible,smart policy enforcement Flexible:different policies in different settings Smart:existing,secure solutions(TUF+in-toto)Worked examples:Open source package repositories Internal container registries Everything in betweenSoftware supply chain securityWhy sign software?Pa
3、rt of the solution.You download software from the right place,but its not what the owner intended Compromised account Compromised build process Compromised package repositoryWhy sign software?Part of the solution.Not all attacks!Normal vulnerabilities Underhanded PRs Blackmailing authors If you know
4、 whos supposed to sign a package,signing helps.Big“if;”will revisit laterSigstore Easy signing for containers and more No key management:Sign with SSO Sign with machine identity Transparency:detect misbehaviorSigstore Fulcio(CA):issues short-lived certificates for OIDC credentials(“login with Facebo
5、ok”)Rekor(log):timestamps signatures,record metadata Cosign:stick signatures in OCI registriesVerification PoliciesContainer RegistryUserGET nginx:latestnginxsha256:.x _ Verified!Verification PoliciesContainer RegistryUserGET nginx:latestnginxsha256:.x _EVIL HACKER Verified!Verification PoliciesVeri
6、fication policies help us interpret signatures.What do I mean when I sign something?Did I look at every byte in the binary?We can attach specific meanings to signatures(claims)I claim Signed,Verification PoliciesSimple:universal signer.Signature=“this binary is good”Ownership:package P came from Ali
7、ceBuild integrity:machine M built this artifactCombination:BOTHMachine M:“I built package P from source code S”AND Alice:“I audited S”I audited SSigned,AliceI built P from SSigned,MUserSourceArtifactBuildGetting a Policy SecurelyContainer RegistryUserGET nginx:latestnginxsha256:.x _ Verified!By the
8、wayWhos supposed to sign that container?Marina Moore!Getting a Policy SecurelyContainer RegistryUserGET nginx:latestnginxsha256:.x _ Verified!By the wayWhos supposed to sign that container?Evil Hacker!x _EVIL HACKERSolution:TUF and in-totoYou have to know what youre running.Theres a context for soft
9、ware.The Update Framework(TUF)does secure distributionWHO uploaded,WHAT did they upload,WHY you trust themCompromise resilient:secure even when a repository or signer is compromisedIn-toto does“combinations”Beyond distribution:who built,tested,etc.TUF CNCF Graduated ProjectBased on peer-review acade
10、mic researchUsed by Fuschia,Datadog,automotive industry,.TUF principles:Separation of responsibilitiesMinimize consequence of any one compromiseMulti-signature trustExplicit and implicit revocationSecure recovery from a compromiseFull talk:TUF-en Up Your Signatures(KubeCon NA 2022)TUF:DelegationsAli
11、cePyPInumpyscipyBobTUF:Explicit Revocationv1.0.2 Respond to new information:Vulnerabilities New versions Timeliness:client never gets revoked/out-of-date packagesv1.0.1TUF Implicit RevocationSIGNED PACKAGE All keys expire Helps with undetected compromises Ensure all keys are current TUF signature th
12、resholds Require multiple signatures for the same package Developer team AND security team signed a packageUndetected key compromiseRemaining issues with using TUF:Detecting when your key is used by an attacker Are you seeing the same signatures as everyone else?We also need auditabilityTUF+Sigstore
13、 We get auditability with Sigstore!Use Sigstores transparency with TUF for:User auditing of key usage Global consistencyTUF/Sigstore Internal Containers Store signatures+TUF metadata in OCI Fixed policy:Dev team must sign every image(using SSO)Image built by GitHub Actions(using workload ID)For free
14、:revocation,key rotation,freshness Enforced by Kubernetes admission controllerTUF/Sigstore Package Repository Delegate to every uploader to the repository Uploaders can use key pair or Sigstore identity Default policy:All packages signed by correct uploader For paranoid users:allowlist trusted uploa
15、ders Enforced by package manager For free:revocation,key rotation,freshness,protection from repository compromiseTUF+Sigstore other usesApp store Trusted developers Curated package repository Additional signatures from analysis/security teams Single product updater Mitigate compromise of distributio
16、n server(Mimi)Details/learn more/future workRevocation Scalability In-band key rotation Post quantum Source signing Simplifying setup of TUF repositories Federation Share TUF roots in-toto Get involvedTUFSpecification:theupdateframework.github.io/specification/latest/python-tuf: rust-tuf: CNCF slackSigstoreGithub: page:sigstore.dev/Sigstore SlackPlease scan the QR Code aboveto leave feedback on this session