code signing

Code Signing to secure software and updates must use an HSM

Why Code Signing – a fundamental way to secure innovation

We increasingly trust important parts of our business and lives to software-enabled (cyber-physical) systems or services, such as increasingly connected cars, smart energy distribution grids, or electronic payment infrastructures.

The potential for abuse cannot be understated. Criminal groups use malicious software to steal and monitor data, to capture intellectual property, to extort money. Blocking malicious software has to happen at every level – one should not assume that “it won’t get as far as that”. Cryptographically secure “over-the-air” software update procedures are required, as they ensure code arrives at the point of use, intact and unaltered. It is fundamentally important, however, to allow the operating system to know the provenance of its code libraries, and to reject or disable unrecognized software when it is detected. This way assets and information are protected.

The most common technique used to guarantee the provenance of software is known as the digital signature, or more specifically, code signing. Code signing is important, both

• for first-time deployment of a cyber-physical system, and
• for an update, be it for bug fixing or feature enhancement (i.e. over-the-air updating).

Code signing – How is it done?

In order to prevent compromise, the private key is kept in a well-controlled environment by the software publisher, e.g. in an HSM. For cyber-physical systems, the public key is injected upon initial manufacturing and deployed with the device. When a piece of software is ready for deployment, it is digitally signed with the publisher’s private code signing key and the signature is distributed along with the software. Any receiving party can now verify the integrity and the authenticity of the software, by means of the matching public key and the provided digital signature. Cyber-physical systems – the ‘thing’ in the Internet of Things – should reject any code whereof the digital signature cannot be positively verified.

Code signing is a powerful tool to assure system integrity and to prevent tampering. To be effective, it is critically important that unauthorized parties have no access to the (private) code signing key of a software publisher. A software publishing company must treat this key as restrictively as access to their financial accounts. In case of a suspected leakage of this certificate, it should be immediately revoked and refreshed. Old code can no longer be trusted in and must be re-signed in such case – which in the case of embedded devices may not be practical at all. All of this can have tremendous impact on a company’s reputation and economic situation. Utimaco HSMs are particularly well suited for this purpose as they come with RSA and ECDSA signing capabilities, both out of the box, and for all practical key sizes and curves.

• It is therefore best practice for a software publisher to always keep the code signing private key/certificate in an HSM so it cannot be copied, stolen or otherwise compromised.
• Deployed devices “are owned” by the holder of the private key used to sign its code libraries. This can be the owner of the private key, or the individual, team or nation-state that compromised the key.

Why use an HSM?

• Web browsers and operating systems tend to do this verification automatically – in case it succeeds, the software is silently installed and run. In case it fails a warning will be issued to the user, discouraging her/him from using the software. In PC environments, users may be allowed to overrule this warning and still use the software.
• Mobile devices usually require software developers to submit their apps or updates to the owner of the App store (Apple, Google, Microsoft) for signature before being published in the respective store. In such cases, the device (e.g. the iPhone or Android phone) is being rolled-out with the App store’s public key. During this process, the corresponding signing certificate, including the private key, is administered by the store owner. The App store provider then requires that software be signed by the publisher, using the publisher’s private key. This way, a complete chain of trust can be built between the publisher and the App store, and the App store and the device.
• The corresponding public key is made available to the user of the software. For PC software or browser applications, this is typically done by means of a digital certificate, signed by a reputable Certificate Authority (CA).
• In a first step, a software publisher needs to obtain (generate, or buy) a key pair for performing a digital signature operation. This key must be protected from compromise, because its misuse can provide third-parties with the ability to sign counterfeit software, and have the signature be validated by the devices in the field as “legitimate”.
• Deployed systems may come with the ability to update themselves in an unattended way, “over the air”. Here, it is important to automatically assure integrity and authenticity of the update, as there are few human cross-checks possible in such scenarios.