Using Sigsum Logs to Detect Malicious and Unintended Key-Usage
How do you know that your signing key is not being used for malicious purposes?
For example, a compromised key can be used to distribute firmware that contains
malware or to forge TPM quotes. The short answer is that it is difficult to
detect this type of compromise. Unless your key-usage is transparent enough,
you have no consize view of the signatures that an end-user may encounter.
Meet Sigsum, a free and open source software project that brings transparency to
signed checksums. The goal is to detect every signature that an end-user
accepts as valid. This goal is achieved using a minimal transparency log
design that can be used as a building block to secure the supply chain and more.
For security, we rely on standard cryptographic assumptions and an attacker that
cannot control more than m-of-n independent parties. Throughout the talk you
will learn more about Sigsum's approach towards transparency logs.