---
_id: '8301'
abstract:
- lang: eng
  text: Software-update mechanisms are critical to the security of modern systems,
    but their typically centralized design presents a lucrative and frequently attacked
    target. In this work, we propose CHAINIAC, a decentralized software-update framework
    that eliminates single points of failure, enforces transparency, and provides
    efficient verifiability of integrity and authenticity for software-release processes.
    Independent witness servers collectively verify conformance of software updates
    to release policies, build verifiers validate the source-to-binary correspondence,
    and a tamper-proof release log stores collectively signed updates, thus ensuring
    that no release is accepted by clients before being widely disclosed and validated.
    The release log embodies a skipchain, a novel data structure, enabling arbitrarily
    out-of-date clients to efficiently validate updates and signing keys. Evaluation
    of our CHAINIAC prototype on reproducible Debian packages shows that the automated
    update process takes the average of 5 minutes per release for individual packages,
    and only 20 seconds for the aggregate timeline. We further evaluate the framework
    using real-world data from the PyPI package repository and show that it offers
    clients security comparable to verifying every single update themselves while
    consuming only one-fifth of the bandwidth and having a minimal computational overhead.
article_processing_charge: No
author:
- first_name: Kirill
  full_name: Nikitin, Kirill
  last_name: Nikitin
- first_name: Eleftherios
  full_name: Kokoris Kogias, Eleftherios
  id: f5983044-d7ef-11ea-ac6d-fd1430a26d30
  last_name: Kokoris Kogias
- first_name: Philipp
  full_name: Jovanovic, Philipp
  last_name: Jovanovic
- first_name: Linus
  full_name: Gasser, Linus
  last_name: Gasser
- first_name: Nicolas
  full_name: Gailly, Nicolas
  last_name: Gailly
- first_name: Ismail
  full_name: Khoffi, Ismail
  last_name: Khoffi
- first_name: Justin
  full_name: Cappos, Justin
  last_name: Cappos
- first_name: Bryan
  full_name: Ford, Bryan
  last_name: Ford
citation:
  ama: 'Nikitin K, Kokoris Kogias E, Jovanovic P, et al. CHAINIAC: Proactive software-update
    transparency via collectively signed skipchains and verified builds. In: <i>Proceedings
    of the 26th USENIX Conference on Security Symposium</i>. USENIX Association; 2017:1271–1287.'
  apa: 'Nikitin, K., Kokoris Kogias, E., Jovanovic, P., Gasser, L., Gailly, N., Khoffi,
    I., … Ford, B. (2017). CHAINIAC: Proactive software-update transparency via collectively
    signed skipchains and verified builds. In <i>Proceedings of the 26th USENIX Conference
    on Security Symposium</i> (pp. 1271–1287). Vancouver, Canada: USENIX Association.'
  chicago: 'Nikitin, Kirill, Eleftherios Kokoris Kogias, Philipp Jovanovic, Linus
    Gasser, Nicolas Gailly, Ismail Khoffi, Justin Cappos, and Bryan Ford. “CHAINIAC:
    Proactive Software-Update Transparency via Collectively Signed Skipchains and
    Verified Builds.” In <i>Proceedings of the 26th USENIX Conference on Security
    Symposium</i>, 1271–1287. USENIX Association, 2017.'
  ieee: 'K. Nikitin <i>et al.</i>, “CHAINIAC: Proactive software-update transparency
    via collectively signed skipchains and verified builds,” in <i>Proceedings of
    the 26th USENIX Conference on Security Symposium</i>, Vancouver, Canada, 2017,
    pp. 1271–1287.'
  ista: 'Nikitin K, Kokoris Kogias E, Jovanovic P, Gasser L, Gailly N, Khoffi I, Cappos
    J, Ford B. 2017. CHAINIAC: Proactive software-update transparency via collectively
    signed skipchains and verified builds. Proceedings of the 26th USENIX Conference
    on Security Symposium. SEC: Security Symposium, 1271–1287.'
  mla: 'Nikitin, Kirill, et al. “CHAINIAC: Proactive Software-Update Transparency
    via Collectively Signed Skipchains and Verified Builds.” <i>Proceedings of the
    26th USENIX Conference on Security Symposium</i>, USENIX Association, 2017, pp.
    1271–1287.'
  short: K. Nikitin, E. Kokoris Kogias, P. Jovanovic, L. Gasser, N. Gailly, I. Khoffi,
    J. Cappos, B. Ford, in:, Proceedings of the 26th USENIX Conference on Security
    Symposium, USENIX Association, 2017, pp. 1271–1287.
conference:
  end_date: 2017-08-18
  location: Vancouver, Canada
  name: 'SEC: Security Symposium'
  start_date: 2017-08-16
date_created: 2020-08-26T12:04:44Z
date_published: 2017-09-01T00:00:00Z
date_updated: 2021-01-12T08:18:00Z
day: '01'
extern: '1'
language:
- iso: eng
main_file_link:
- open_access: '1'
  url: https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-nikitin.pdf
month: '09'
oa: 1
oa_version: Published Version
page: 1271–1287
publication: Proceedings of the 26th USENIX Conference on Security Symposium
publication_identifier:
  isbn:
  - '9781931971409'
publication_status: published
publisher: USENIX Association
quality_controlled: '1'
status: public
title: 'CHAINIAC: Proactive software-update transparency via collectively signed skipchains
  and verified builds'
type: conference
user_id: 2DF688A6-F248-11E8-B48F-1D18A9856A87
year: '2017'
...