The New Old: Supply Chain Security

(with Sigstore and Kubernetes this time)

delet0r

2023-08-06

Intro

Intro

  • My name is delet0r
  • Working in IT-Security by day
  • Working on the Prototype Fund Project
    SiC (Signed Containers) by night

Agenda

  1. Packaging as Complexity Reduction
  2. An Approach to Trust
  3. Sigstore
  4. Conclusion

1. Packaging as Complexity Reduction

A short and very simplified history tale
of tackling complexity by packaging and
distributing software (aka Supply Chains)

The Software Crisis

Figure: This is fine [1]

The Software Crisis

Tackling Complexity

  • Packaging programs is one way to reduce complexity
  • Hiding intricacies of a piece of software
    • Build system
    • Transitive dependencies
  • Put burden on the developer/distributor

The Escalation Evolution of Packaging

  1. Distribution: Package Management
  2. Deployment: Containerization
  3. Operation: Cloud/Container Orchestration

The Evolution of Packaging

  1. Distribution: Package Management
  2. Deployment: Containerization
  3. OperationCloud/Container: Orchestration

The Evolution of Packaging

  1. Distribution: Package Management
  2. Deployment: Containerization
  3. Operation: Cloud/Container Orchestration

The Evolution of Packaging

  1. Distribution: Package Management
  2. Deployment: Containerization
  3. Operation: Cloud/Container Orchestration

Shortcomings

  • Modern iterations of packaging miss important features of good
    package management:
    1. Integrity
    2. Authenticity

Where are we?

  • Lower complexity bought with increased complexity somewhere else
  • Any package has potential hidden tail of dependencies
  • No practical way of ensuring their authenticity or integrity
    (most of the time)
  • No conscious entity (like a team maintaining a Distro)we can
    trust that does this for us

Agenda

  1. Packaging as Complexity Reduction
  2. An approach to Trust
  3. Sigstore
  4. Conclusion

2. An Approach to Trust

What is Trust?

  • Defining trust, especially in context of IT, is challenging
  • Becomes mushy when mixing technology with human interaction
  • Trust is the belief in the integrity of a person or a group

Proof is Not Trust

  • When setting up a system there are different things can be
    done to ensure its security:
    • Cryptography
    • Formal proofs
  • This is not trust but rather logical proofs

Suspension of Disbelief

  • In every system there is a point were we can’t technically
    prove properties anymore
  • For that we need Suspension of Disbelief … or Trust

Different ways of balancing Trust and Proofs

  • a. Content Moderation (Trust first)
  • b. Signatures (Proof first)

a. Content Moderation

  • Trust first approach
  • System were a set of people or an institution is trusted
    with moderation
  • Trust in the decisions of the people/institution necessary

a. Docker Hub Trusted Content

  • Docker Hub Trusted Content
  • Released on May 27th 2021
  • Uses different flags on images
  • Flags indicate different reasons why docker deems
    them trustworthy

a. Docker Hub Trusted Content in Real Life

Figure: Docker Hub Flag Screenshot

a. Docker Hub Trusted Content in Real Life

Docker Hub Flag Screenshot

b. Signatures

  • Proof first approach
  • Signing packages to proof the integrity and authenticity
    of an package
  • Trust has to be put in the handling of keys and implementation
    of processes

b. Signature

  • Wasn’t initially possible with Docker Images
  • Changed with Docker Image Format 1.10
  • Current examples:
    • Docker Trust System
    • Sigstore

Agenda

  1. Packaging as Complexity Reduction
  2. An Approach to Trust
  3. Sigstore
  4. Conclusion

3. Sigstore

Sigstore

  • Collection of tools, standards and processes
  • Ensures integrity and authenticity of artifacts independent of registry
  • Purpose build for use with Containers and Container Orchestration
  • Uses short lived certificates and certificate transparency

How Sigstore Handles Trust?

  • Uses different technologies to reduce necessary trust
    through it’s components
  • Infrastructure consists of:
    • Trust Root
    • Fulcio (+ additional certificate transparency log)
    • Rekor
    • (Cosign, CLI for signing and verifying)

Sigstores Infrastructure Overview

Developers
Developers
Request
Certificate
Request...
Authenticate With OpenID Connect
Authenticate Wi...
Fulcio Signing CA
Fulcio Signing...
Provide Signing Certificate
Provide Signing...
Publish Signature
Publish Signatu...
Fulcio Transparency Log
Fulcio Transpar...
Publish Signing Certificate
Publish Signing...
Rekor Transparency Log
Rekor Transpare...
Publish
Artifact
Publish...
Registry
Registry
Check Signature
Check Signature
End Users
End Users
Download
Artifact/
Signature
Download...
Check Rekor PK and Fulcio
Cert
Check Rekor PK...
TUF Trust Root
TUF Trust Root
Text is not SVG - cannot display

Sigstore Infrastructure Components

Developers
Developers
Request
Certificate
Request...
Authenticate With OpenID Connect
Authenticate Wi...
Fulcio Signing CA
Fulcio Signing...
Provide Signing Certificate
Provide Signing...
Publish Signature
Publish Signatu...
Fulcio Transparency Log
Fulcio Transpar...
Publish Signing Certificate
Publish Signing...
Rekor Transparency Log
Rekor Transpare...
Publish
Artifact
Publish...
Registry
Registry
Check Signature
Check Signature
End Users
End Users
Download
Artifact/
Signature
Download...
Check Rekor PK and Fulcio
Cert
Check Rekor PK...
TUF Trust Root
TUF Trust Root
Text is not SVG - cannot display

Sigstore TUF

Developers
Developers
Request
Certificate
Request...
Authenticate With OpenID Connect
Authenticate Wi...
Fulcio Signing CA
Fulcio Signing...
Provide Signing Certificate
Provide Signing...
Publish Signature
Publish Signatu...
Fulcio Transparency Log
Fulcio Transpar...
Publish Signing Certificate
Publish Signing...
Rekor Transparency Log
Rekor Transpare...
Publish
Artifact
Publish...
Registry
Registry
Check Signature
Check Signature
End Users
End Users
Download
Artifact/
Signature
Download...
Check Rekor PK and Fulcio
Cert
Check Rekor PK...
TUF Trust Root
TUF Trust Root
Text is not SVG - cannot display

Sigstore Fulcio

Developers
Developers
Request
Certificate
Request...
Authenticate With OpenID Connect
Authenticate Wi...
Fulcio Signing CA
Fulcio Signing...
Provide Signing Certificate
Provide Signing...
Publish Signature
Publish Signatu...
Fulcio Transparency Log
Fulcio Transpar...
Publish Signing Certificate
Publish Signing...
Rekor Transparency Log
Rekor Transpare...
Publish
Artifact
Publish...
Registry
Registry
Check Signature
Check Signature
End Users
End Users
Download
Artifact/
Signature
Download...
Check Rekor PK and Fulcio
Cert
Check Rekor PK...
TUF Trust Root
TUF Trust Root
Text is not SVG - cannot display

Sigstore Rekor

Developers
Developers
Request
Certificate
Request...
Authenticate With OpenID Connect
Authenticate Wi...
Fulcio Signing CA
Fulcio Signing...
Provide Signing Certificate
Provide Signing...
Publish Signature
Publish Signatu...
Fulcio Transparency Log
Fulcio Transpar...
Publish Signing Certificate
Publish Signing...
Rekor Transparency Log
Rekor Transpare...
Publish
Artifact
Publish...
Registry
Registry
Check Signature
Check Signature
End Users
End Users
Download
Artifact/
Signature
Download...
Check Rekor PK and Fulcio
Cert
Check Rekor PK...
TUF Trust Root
TUF Trust Root
Text is not SVG - cannot display

Sigstore Signing Process

Developers
Developers
Request
Certificate
Request...
Authenticate With OpenID Connect
Authenticate Wi...
Fulcio Signing CA
Fulcio Signing...
Provide Signing Certificate
Provide Signing...
Fulcio Transparency Log
Fulcio Transpar...
Publish Signing Certificate
Publish Signing...
Text is not SVG - cannot display

Sigstore Publishing Process

Developers
Developers
Request
Certificate
Request...
Authenticate With OpenID Connect
Authenticate Wi...
Fulcio Signing CA
Fulcio Signing...
Provide Signing Certificate
Provide Signing...
Publish Signature
Publish Signatu...
Fulcio Transparency Log
Fulcio Transpar...
Publish Signing Certificate
Publish Signing...
Rekor Transparency Log
Rekor Transpare...
Publish
Artifact
Publish...
Registry
Registry
Text is not SVG - cannot display

Sigstore Verification Process

Developers
Developers
Request
Certificate
Request...
Authenticate With OpenID Connect
Authenticate Wi...
Fulcio Signing CA
Fulcio Signing...
Provide Signing Certificate
Provide Signing...
Publish Signature
Publish Signatu...
Fulcio Transparency Log
Fulcio Transpar...
Publish Signing Certificate
Publish Signing...
Rekor Transparency Log
Rekor Transpare...
Publish
Artifact
Publish...
Registry
Registry
Check Signature
Check Signature
End Users
End Users
Download
Artifact/
Signature
Download...
Check Rekor PK and Fulcio
Cert
Check Rekor PK...
TUF Trust Root
TUF Trust Root
Text is not SVG - cannot display

Integrating Sigstore into Kubernetes

  • Two ways of integrating Sigstore:
    • a. Via the Container Runtime Cri-O
    • b. Via an Admission Controller

a. Cri-O Integration

  • Integration via Cri-O container runtime
  • Alternative OCI (Open Container Initiative)-compatible runtime
  • Uses containers/image libraries

a. Policies

  • containers/image allows to define requirements for downloading images
  • Configured via policy.json file on orchestrator node
  • Can require:
    • Scope
    • Signatures and their formats

a. Cri-O Configuration

  • Example configuration for requiring Sigstore signing [3]: