Tag: Code Signing benefits

Code signing is the process of applying a digital signature to any software program that is intended for release and distribution to another party or user, with two key objectives. One is to prove the authenticity and ownership of the software. The second is to prove the integrity of the software i.e. prove that the software has not been tampered with, for example by the insertion of any malicious code. Code signing applies to any type of software: executables, archives, drivers, firmware, libraries, packages, patches, and updates. An introduction to code signing has been provided in earlier articles on this blog. In this article, we look at some of the business benefits of signing code.

Reduction in financial risk

As per recent research, the average cost of a malware attack is around $2.6 million¹ and this poses a big financial risk to any organization. One of the root causes for malware is when software is installed without verifying whether the software is authentic and without confirming who is the owner of the software. Another source of malware attacks could be when attackers tamper with software from a source that the customer trusts and insert malicious code inside that software. Code signing addresses both these problems.
One point to note is that while code signing is necessary, it is not sufficient to prevent malware – for example, if the keys used for code signing certificates are themselves compromised. Management of keys therefore is an equally important area of focus and will be covered in a separate article.

Improved brand and reputation

Apart from the financial impact, a malware attack also results in a reputation impact, rapidly damaging organization credibility and raising questions about the security practices of any company. Code signing provides a “digital shrink wrap” seal to your software – it confirms software authenticity to your customer and warns the customer if the seal has been tampered with. For example, even if a single bit in the software is modified, the hash used to sign the software will not match with the hash for the downloaded software – warning the customer not to install the software and thereby preventing a breach. The net effect is to improve your company’s brand and reputation in the eyes of your customers.

Increase in customer trust

Without code signing, security warnings and alerts are shown to the user by the browser and operating system – introducing an element of doubt into the user’s mind and a subsequent loss of customer trust in the software. Customer trust can be further eroded by a malware attack, especially if the root cause analysis points to the lack of code signing being one of the reasons for the attack. Signing code is a great way of building customer confidence and trust by conveying to customers that the organization is doing whatever is possible to ensure the security and integrity of the software it is distributing.

Increasing the distribution reach and install base for your software

Online distribution of the software is becoming de-facto today considering the speed to market, reduced costs, scale, and efficiency advantages over traditional software distribution channels such as retail stores or software CDs shipped to customers. Code signing is a must for online distribution. For example, third party software publishing platforms increasingly require applications (both desktop as well as mobile) to be signed before agreeing to publish them.
Even if you are able to reach a large number of users, without code signing, the warnings shown during download and install of unsigned software are often enough to discourage the user from proceeding with the download and install. In fact, the overall trend is for operating systems to make it increasingly difficult for users to install unsigned software by asking users to go through multiple manual steps and override default security settings. In enterprises, unsigned software can often make it to the “blacklist” or list of software prohibited by the IT team from being downloaded and installed. Code signing can address these issues, help software publishers reach a larger audience, and increase the overall download rates and install base for software.
¹As per a study from Accenture and Ponemon institute https://www.helpnetsecurity.com/2019/03/07/cyberattack-cost-2018/

What is Code Signing?

Code signing solution is a process to confirm the authenticity and originality of digital information especially a software code and assuring that this digital information is valid and additionally establishes the legitimacy of the author. It also provides assurance that this piece of digital information has not changed or revoked after it has been signed by the validity of signature.

Whenever we download a program or software, and we see a pop saying “Are you sure you want to run this?”  or when we install a software and try to run then you get asked “Do you want to allow the following program to make changes to this computer” then that means code signing in action. And if the program downloaded or installed has not been code signed then we can see a small warning sign stating the same that it has not been code signed.

Why Code Sign Solution?

Code Signing Solution plays an important role as it can enable identification of a legitimate software v/s a malware or a rogue code. In technical terms, code signing creates a hash of the code and encrypts it with a private key adding its signature. During executing this signature is validated and if the hash match it gives assurance that the code has not been modified.  It also establishes assurance that the code is issued from a legitimate author that it is claiming to be once it has been digitally signed.

Risks associated with Code Signing Solution:

Few challenges come along with code signing like any other development process. Code signing is only effective if the associated software is secured.
Below are the few risks associated,

• Stolen, corrupted or misused keys.
• When access is granted to an unauthorized user in the system using malicious signature certificates, then that is going to hamper the code signing process.
• Unsecured CA private keys would also lead to comprising the code signing system.
• Establishing trust in the unauthorized certificates issued by would lead to the malfunction of the system.
• The signing of unauthorized code.
• Code signing can get hampered in an insecure cryptography system.

Best Practices for Code Signing Solution:

These include:

• Establishing a high state of security on Private Keys – using HSMs or in a purpose-built environment.
• Keeping track of Private Keys and Code Signing events – Maintaining and providing visibility access about who signed what and when.
• Managing the assignment and revocation of publishers – Ensuring the access of Private Keys to only the authorized users.
• Auditing Capability – Gives accountability and forensic insights on code signing activities.
• It is of great importance if policies and procedures are reviewed before the signing of code as it would lead the development process to be more trustworthy and healthy.
• Developing a strongly secured cryptography system will have no risk impact on the code signing process.