Published: June 14, 2005
Authors:
Monica Ene-Pietrosanu , Kelvin Yiu (Microsoft Corporation)
Antony Crossman, Alan Lewis, Daniel Murton (nCipher)
Abstract
This paper describes the role of Microsoft Authenticode code-signing and time-stamping in establishing user trust in code that is published online. It provides an overview of the Authenticode code-signing and time-stamping process and examines the role of public key cryptography in proving the identity of the code publisher and proving that code has not been tampered with since original publication. The paper looks at the importance of protecting the credentials that underpin Authenticode and the role of cryptographic hardware in securing digital keys and certificates.
Introduction
The ability of users to trust code that is published on the Internet is a major challenge facing the software industry. Similarly, large organizations deploying line of business applications such as enterprise resource planning (ERP) systems must decide what software to trust. Packaged software has traditionally relied upon branding and trusted sales outlets to assure users of the legitimacy and integrity of the software. This is not available when code is transmitted across the Internet. Building trust requires a reliable mechanism by which users can verify the identity of a code publisher and verify that the code has not been changed since its publication date.
Malicious code in the form of viruses, worms, and Trojans is now a serious threat that impacts every computer user, whether network-connected or not. Recent reports indicate that, in the United States alone, the effect of malicious code costs industry and consumers between $427M and $522M in 2004.1
Because software on the Internet is not labelled or "shrink-wrapped", end users cannot be sure who published a particular piece of software. It is also difficult to identify whether a piece of code has been tampered with. As a result, end users assume a certain amount of risk when downloading Java applets, plug-ins, Microsoft ActiveX controls, and other executables over the Internet.
Microsoft Authenticode is a technology that can significantly reduce the level of risk and minimize user exposure to malicious code. It identifies the publisher of signed software and verifies that it has not been tampered with before users download software to their PCs. As a result, end users can make a more informed decision as to whether to download code.
Authenticode operates in conjunction with trusted entities, such as the platform, application, and public key infrastructure (PKI). At the heart of this trust, it relies on digital certificates certified by a trusted certificate authority (CA) and digital signature techniques to deliver two critical benefits.
- Strong authentication of the publisher of the code.
- A cryptographic seal, a ’hash’, which mathematically identifies the content of the document so that even the smallest change to the code will invalidate the signature—thus making the code tamper-evident.
These techniques are underpinned by the use of one or more private keys to sign and time-stamp the published software. The protection of private keys is essential in securing any PKI application, including Authenticode. If the secrecy of these keys were to be compromised, they could be used to fraudulently sign software that can then masquerade as the legitimate application.
Protecting keys within Hardware Security Modules (HSM) provides physical and logical barriers to attack that do not exist with a software-only security solution. The keys never exist in an unencrypted form outside the HSM and all operations with the keys occur within the HSM. Authenticode code-signing keys are bound to a digital certificate that identifies the publisher. Time-stamping is an essential component of the Authenticode code-signing process. It establishes that the code-signing took place at a specific point in time, specifically during the period for which the signing certificate was valid, thus extending the validity of the code past its certificate expiration date. However, such a time-stamp will only have value if it can be tied to a recognized source of time and if the time values are protected from manipulation when in transit from a recognized time authority or when applied to the signed code.
This paper presents an overview of Authenticode, examines some of the cryptographic techniques that underpin the solution, and looks at the role of cryptographic hardware in providing a robust platform for trusted code.
Read More »