KIT | KIT-Bibliothek | Impressum | Datenschutz

Practical Trade-Offs in Integrity Protection for Binaries via Ethereum

Stengele, Oliver; Droll, Jan; Hartenstein, Hannes

Abstract (englisch):
Ensuring the integrity of executable binaries is of vital importance to systems that run and depend on them.
Additionally, supply-chain attacks and security related bugs demonstrate that binaries, once deployed, may need to be revoked and replaced with updated versions.

Recently, blockchain ecosystems have garnered broad attention as middlewares for decentralised solutions to existing problems.
Stengele et al. presented a concept how the Ethereum blockchain and peer-to-peer network can be used to ensure the integrity of binaries with timely, accurate, and machine-readable revocations.
In this work, we show this concept in practice with a user client implementation in Go and demonstrate how revocations and updates can reliably reach a user client within minutes.
We show the client's ability to ensure the integrity of multiple binaries and continuously monitor the Ethereum blockchain for updates and revocations via an unmodified Ethereum client.
We also examine the trust relations and trade-offs through our use case.
Since the user client fully relies on an Ethereum client as a gateway, the latter's resilience against malicious actors is crucial to consider in a practical deployment.

Open Access Logo

Verlagsausgabe §
DOI: 10.5445/IR/1000128600
Veröffentlicht am 21.01.2021
Cover der Publikation
Zugehörige Institution(en) am KIT Institut für Telematik (TM)
Kompetenzzentrum für angewandte Sicherheitstechnologie (KASTEL)
Publikationstyp Proceedingsbeitrag
Publikationsmonat/-jahr 12.2020
Sprache Englisch
Identifikator ISBN: 978-1-4503-8202-1
KITopen-ID: 1000128600
Erschienen in Middleware '20 Demos and Posters: Proceedings of the 21st International Middleware Conference Demos and Posters
Veranstaltung 21st International Middleware Conference Demos and Posters (2020), Delft, Niederlande, 07.12.2020 – 11.12.2020
Verlag Association for Computing Machinery (ACM)
Seiten 9–10
Projektinformation KASTEL_ISE (BMBF, 16KIS0754)
Vorab online veröffentlicht am 07.12.2020
Schlagwörter Blockchain, integrity protection, revocation
Nachgewiesen in Scopus
Relationen in KITopen
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
KITopen Landing Page