Skip to main content
SpringerLink
Log in

Bootstrapping Trust in Community Repository Projects

  • Conference paper
  • First Online:
Security and Privacy in Communication Networks (SecureComm 2022)

  • 1278 Accesses

Abstract

Community repositories such as PyPI and NPM are immensely popular and collectively serve more than a billion packages per day. However, existing software certification mechanisms such as code signing, which seeks to provide to end users authenticity and integrity for a piece of software, are not suitable for community repositories and are not used in this context. This is very concerning, given the recent increase in the frequency and variety of attacks against community repositories. In this work, we propose a different approach for certifying the validity of software projects hosted on community repositories. We design and implement a Software Certification Service (SCS) that receives certification requests from a project owner for a specific project and then issues a project certificate once the project owner successfully completes a protocol for proving ownership of the project. The proposed certification protocol is inspired from the highly-successful ACME protocol used by Let’s Encrypt and can be fully automated on the SCS side. It is, however, fundamentally different in its attack mitigation capabilities and in how ownership is proven. It is also compatible with existing community repositories such as PyPI, RubyGems, or NPM, without requiring changes to these repositories. To support this claim, we instantiate the proposed certification service with several practical deployments.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 99.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 129.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    We picked 7 d based on previous repository breaches, which were detected as early as a few hours in some cases or it took 5–7 d in other cases  [21,22,23].

References

  1. Aguirre, J.: Fake npm Roblox API Package Installs Ransomware and has a Spooky Surprise. https://blog.sonatype.com/fake-npm-roblox-api-package-installs-ransomware-spooky-surprise (2021)

  2. Barnes, R., Hoffman-Andrews, J., McCarney, D., Kasten, J.: Automatic Certificate Management Environment (ACME). RFC 8555 (Mar 2019). https://datatracker.ietf.org/doc/html/rfc8555

  3. Barsan, A.: Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies. https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610/ (February 2021)

  4. Burt, J.: Supply Chain Flaws Found in Python Package Repository. https://www.esecurityplanet.com/threats/supply-chain-flaws-found-in-python-package-repository/ (August 2021)

  5. Cappos, J., Samuel, J., Baker, S., Hartman, J.H.: A look in the mirror: Attacks on package managers. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 565–574. CCS ’08, ACM, New York, NY, USA (2008)

    Google Scholar 

  6. Cappos, J., Samuel, J., Baker, S., Hartman, J.H.: Package Management Security. Tech. rep., University of Arizona (2008)

    Google Scholar 

  7. Cimpanu, C.: Malware found in npm package with millions of weekly downloads. https://therecord.media/malware-found-in-npm-package-with-millions-of-weekly-downloads/ (October 2021)

  8. Decan, A., Mens, T., Constantinou, E.: On the impact of security vulnerabilities in the npm package dependency network. In: Proceedings of the 15th International Conference on Mining Software Repositories, pp. 181–191. MSR ’18, ACM (2018)

    Google Scholar 

  9. Garrett, K., Ferreira, G., Jia, L., Sunshine, J., Kästner, C.: Detecting suspicious package updates. In: Proceedings of the 41st International Conference on Software Engineering: New Ideas and Emerging Results, pp. 13–16. ICSE-NIER ’19, IEEE Press (2019). https://doi.org/10.1109/ICSE-NIER.2019.00012

  10. Goodin, D.: Software downloaded 30,000 times from PyPI ransacked developers’ machines. https://arstechnica.com/gadgets/2021/07/malicious-pypi-packages-caught-stealing-developer-data-and-injecting-code/ (July 2021)

  11. Kuppusamy, T.K., Diaz, V., Cappos, J.: Mercury: Bandwidth-effective prevention of rollback attacks against community repositories. In: Proceedings of the 2017 USENIX Conference on Usenix Annual Technical Conference, pp. 673–688. USENIX ATC ’17 (2017)

    Google Scholar 

  12. Kuppusamy, T.K., Torres-Arias, S., Diaz, V., Cappos, J.: Diplomat: Using delegations to protect community repositories. In: 13th USENIX Symposium on Networked Systems Design and Implementation (NSDI 16), pp. 567–581 (2016)

    Google Scholar 

  13. Lakshmanan, R.: Two NPM Packages With 22 Million Weekly Downloads Found Backdoored. https://thehackernews.com/2021/11/two-npm-packages-with-22-million-weekly.html (November 2021)

  14. Rfc 8259. https://datatracker.ietf.org/doc/html/rfc8259

  15. Ruohonen, J., Hjerppe, K., Rindell, K.: A Large-Scale Security-Oriented Static Analysis of Python Packages in PyPI. In: Proceedings of the 18th International Conference on Privacy, Security and Trust (PST). IEEE (2021)

    Google Scholar 

  16. Sharma, A.: Sonatype Catches New PyPI Cryptomining Malware. https://blog.sonatype.com/sonatype-catches-new-pypi-cryptomining-malware-via-automated-detection/ (June 2021)

  17. Torres-Arias, S., Afzali, H., Kuppusamy, T.K., Curtmola, R., Cappos, J.: In-toto: Providing farm-to-table guarantees for bits and bytes. In: Proceedings of the 28th USENIX Conference on Security Symposium, pp. 1393–1410. SEC’19 (2019)

    Google Scholar 

  18. TUF: The Update Framework. https://www.updateframework.com/

  19. Vaidya, R.K., Carli, L.D., Davidson, D., Rastogi, V.: Security issues in language-based sofware ecosystems. CoRR abs/1903.02613 (2019)

    Google Scholar 

  20. Vu, D.L., Pashchenko, I., Massacci, F., Plate, H., Sabetta, A.: Typosquatting and combosquatting attacks on the python ecosystem. In: 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS PW). pp. 509–514 (2020). https://doi.org/10.1109/EuroSPW51379.2020.00074

  21. Bitcoin gold issues critical alert. https://www.enterprisetimes.co.uk/2017/11/27/bitcoin-gold-issues-critical-alert

  22. Npm packages disguised as roblox api code caught carrying ransomware. https://www.theregister.com/2021/10/27/npm_roblox_ransomware/

  23. Typosquatting attacks on rubygems. https://thehackernews.com/2020/04/rubygem-typosquatting-malware.html

  24. Introduction to Code Signing. https://docs.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/platform-apis/ms537361(v=vs.85)

  25. Minimum Requirements for the Issuance and Mgmt. of Publicly-Trusted Code Signing Certificates. https://casecurity.org/wp-content/uploads/2016/09/Minimum-requirements-for-the-Issuance-and-Management-of-code-signing.pdf

  26. Leading Certificate Authorities and Microsoft Introduce New Standards to Protect Consumers Online. https://casecurity.org/2016/12/08/leading-certificate-authorities-and-microsoft-introduce-new-standards-to-protect-consumers-online/

  27. Comprehensive Perl Archive Network. https://www.cpan.org/

  28. in-toto. https://in-toto.io/

  29. Keybase. https://keybase.io/

  30. Let’s Encrypt. https://letsencrypt.org/

  31. ACME client implementation. https://letsencrypt.org/docs/client-options/

  32. Javascript Node package manager. https://npmjs.com

  33. NPM download stats. https://npmcharts.com/

  34. Python Packaging Index. https://pypi.org

  35. PyPI download stats. https://pypistats.org/packages/__all__

  36. RubyGems statistics. https://rubygems.org/stats

  37. Supply-chain attack hits RubyGems repository with 725 malicious packages. https://arstechnica.com/information-technology/2020/04/725-bitcoin-stealing-apps-snuck-into-ruby-repository/ (2020)

  38. Sigstore. https://www.sigstore.dev/

  39. ACME server Boulder. https://github.com/letsencrypt/boulder

  40. Zimmermann, M., Staicu, C.A., Tenny, C., Pradel, M.: Small world with high risks: A study of security threats in the npm ecosystem. In: 28th USENIX Security Symposium (USENIX Security 19). pp. 995–1010 (2019)

    Google Scholar 

Download references

Acknowledgments

This research was supported by the US National Science Foundation under Grants No. CNS 1801430, DGE 1565478, and DGE 2043104.

Author information

Authors and Affiliations

  1. New Jersey Institute of Technology, Newark, NJ, USA

    Sangat Vaidya & Reza Curtmola

  2. Purdue University, West Lafayette, IN, USA

    Santiago Torres-Arias

  3. New York University, New York, NY, USA

    Justin Cappos

Authors
  1. Sangat Vaidya
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Santiago Torres-Arias
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Justin Cappos
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Reza Curtmola
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sangat Vaidya .

Editor information

Editors and Affiliations

  1. University of Kansas, Lawrence, KS, USA

    Fengjun Li

  2. Delft University of Technology, Delft, The Netherlands

    Kaitai Liang

  3. The Ohio State University, Columbus, OH, USA

    Zhiqiang Lin

  4. Norwegian University of Science and Tech, Gjøvik, Norway

    Sokratis K. Katsikas

A Security Analysis

A Security Analysis

We now turn to analyzing the security of the proposed SCS protocol. We first show that the protocol meets the security goals stated in Sect. 4.2, and then analyze the protocol’s compromise resiliency.

SG1: Only a project’s owner should be able to complete the certification for that project. To prove ownership over a project, which is required for completing the certification protocol, an entity must successfully complete the challenges generated by the SCS server. As such, for each challenge, the entity must both:

  • Hold the private key of the SCS account key pair used to respond to the challenge. This is because the responses from the client to the SCS server must be signed with that key.

  • Control the project in question. This is because successfully provisioning the challenge response on the project’s homepage requires write-access to the project’s repository.

Since only the project owner has write-access to the project’s repository, a successful execution of the SCS protocol ensures that a specific SCS account holder is also the entity that controls a project (i.e., the project owner).

SG2: Messages generated during one execution of the certification protocol for one account (i.e., between the SCS server and one client) cannot be used towards obtaining authorizations for other accounts. This is achieved because all messages sent by an SCS client to the SCS server are signed using that client’s SCS account private key. Thus, such messages cannot be reused between instances of the certification protocol executed by different SCS account holders.

SG3: Attackers that gain control over a project’s repository for a short period of time are not be able to successfully complete the SCS certification protocol. The certification protocol is designed so that the identifier authorization step lasts over an extended period of time. An entity attempting to complete the certification protocol for a project must complete multiple challenges. For each challenge, the challenge response must be maintained persistently on the project’s homepage, because the SCS server will check multiple times randomly during the challenge validation window. If an attacker is able to briefly gain control over the project’s repository, she maybe able to provision a valid challenge response for that challenge. However, such an attacker will not be able to successfully provision valid information for subsequent challenges.

SG4: We need to show that an attacker cannot complete an SCS certification for a project in a stealthy manner. The SCS protocol achieves this by requiring that all challenge responses must be placed on the project’s repository in a publicly visible way (i.e., on the project’s homepage). This ensures that the legitimate project owner and/or other project maintainers will notice that a certification protocol is ongoing.

Compromise Resiliency. If an attacker is able to get hold of the repository key for a project, this allows the attacker unfettered access to the project repository, including making changes to the project’s homepage. The attacker can register an account with the SCS server and then request a project certificate under this SCS account. Having access to the repository key, the attacker will be able to provision challenge responses on the project homepage.

The SCS protocol has two safeguards in place to deal with a repository key compromise. First, the certification protocol is designed to to last over an extended period of time. Thus, if the repository key compromise is detected early enough, the project owner can change the repository key, preventing the attacker from successfully completing the certification protocol. In this way, a successful attacker would have to maintain control over the project repository for a longer period of time, which is arguably more difficult to achieve while going undetected. Second, the SCS protocol requires that the response to a challenge must be placed on the project’s repository in a publicly visible way (i.e., the project’s homepage). This will prevent an adversary to execute the certification protocol stealthily, as the legitimate project owner and/or other project maintainers will notice that a certification protocol is ongoing and will take steps to terminate such an active threat.

Rights and permissions

Reprints and permissions

Copyright information

© 2023 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Vaidya, S., Torres-Arias, S., Cappos, J., Curtmola, R. (2023). Bootstrapping Trust in Community Repository Projects. In: Li, F., Liang, K., Lin, Z., Katsikas, S.K. (eds) Security and Privacy in Communication Networks. SecureComm 2022. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 462. Springer, Cham. https://doi.org/10.1007/978-3-031-25538-0_24

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-25538-0_24

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-25537-3

  • Online ISBN: 978-3-031-25538-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation