[Cryptography] Cryptographic signing of software is security theater

[Theodore Ts'o]

On Sat, Dec 03, 2022 at 02:17:40PM -0700, Sam Hartman wrote:
> 
> I don't know much about Android.
> I'm guessing rotating such a key must be harder than usual.
> I'd be interested in details on what it would take to rotate a
> compromised Android app signing key.

Each Android package is signed by a particular key, and when a
particular package is updated, it must be signed by the same key used
by the original package.  If you install, for example, the LastPass
application, it will be signed by a particular key, and the Android
system will require that an update to the LastPass application must be
signed by the same key.

Fortunately, the APK Signature Scheme v3 supports key rotation[1] and
it's not even the latest APK Signature Scheme out there.

[1] https://source.android.com/docs/security/features/apksigning/v3

The scary thing about Samsung letting the private component of their
key leak out is that high security packages, are signed by this key.
There's a description of this in more detail here[2].

[2] https://arstechnica.com/gadgets/2022/12/samsungs-android-app-signing-key-has-leaked-is-being-used-to-sign-malware/

I would imagine that a more straightforward way of fixing this will
simply to update the entire system, including the bundled apps, using
an Android System Update.  Google's Pixel phones tend to do this kind
of system update once a month, to address various security
vulernabilities.  I don't have a Samsung phone, but I do have a
Samsung tabet, and it seems to get system updates every 2 months or
so.  I think there have been time when it has stretched to a bit
longer than that, but to be hoenst, given that it's just a means of
watching YouTube videos when I'm on my elliptical trainer, I don't pay
close attention to how often it gets updates.

As far as whether or not the key is a "placebo" or not, perhaps a way
of mapping this is to imagine a distribution like Debian where there
are no package mirrors, but if you want to download package updates
you have to go to www.debian.org.  Now let's imagine what might happen
if the Debian package key gets compromised.  Make no mistake about it,
it's bad, and no doubt sophisticated attacker could use that get
malware installed on the system --- but it does require that you trick
the system into downloading the Evil Package from some web server that
looks like www.debian.org, but for which DNS poisoning attacks has
caused the target system to use instead of the "real" www.debian.org.

Obviously, That's Not Hard, but it is harder to do at scale, at least
if you want to avoid getting noticed.  So Chinese MSS or Russian KGB
might use that to target an individual journalist's or dissident's
phone/system, but it's not necessarily something that could easily be
used to compromise every single Debian system out there in the world.
So the signing key is certainly not a placebo; it does provide real
security protections and when it became compromised, It Was Bad.  But
at the same time, it's unlikely that every single Samsung phone out
there has been compromsied as a result, since most phones are set up
to only download package updates from the relevant application
store(s) configured for that particular phone.   

Cheers,

						- Ted

P.S.  I happent to work for Google, but not for the part of Google
that works on Android devices; so I may have screwed up of the
technical details.  Please look at the primary source material,
including the open source code, to verify anything you want to be sure
is correct.  And obviously my opinions are my own, and do not
represent the opinions of my employer.