DiVerify: Hardening Identity-Based Software Signing with Diverse-Context Scopes

Identity-based code signing enables software developers to digitally sign their code using cryptographic keys. This key is then linked to an identity (e.g., through an identity provider), allowing signers to verify both the code's origin and integrity. However, this code-identity binding is only as trustworthy as the mechanisms enforcing it. State-of-the-art identity-based code signing schemes present a major shortcoming: these schemes fail to provide verifiable information about the context in which a signature is generated. This verifiability is crucial given that modern attackers have subverted long-established security assumptions, namely, that the identity provider ecosystem, as well as signing software itself, is trusted.To address these issues, this paper introduces a diverse identity verification framework, DiVerify, that distributes identity-based verification across multiple entities and enforces stronger guarantees about the signing context. DiVerify makes it possible to provide end-to-end verifiability of not only a signer's identity (via multiple such signals), but also a signer's software stack (e.g., to verify no malware is present on a system at the time of signing). DiVerify is aimed at deployability, and leverages a meta-protocol to gather various trust signals and a binding mechanism to address the aforementioned, novel software supply chain attack vectors. We evaluate DiVerify's performance and confirm it is cheap to deploy and non-intrusive to developers: it only incurs a few kilobytes of additional storage (less than 0.4 percent of the average package size in widely used ecosystems like PyPI), and signing completes in under 100ms on a server-grade deployment.