Why Software Signing (Still) Matters: Trust Boundaries in the Software Supply Chain

• URL: http://arxiv.org/abs/2510.04964v1
• Date: Mon, 06 Oct 2025 15:58:08 GMT
• Title: Why Software Signing (Still) Matters: Trust Boundaries in the Software Supply Chain
• Authors: Kelechi G. Kalu, James C. Davis,
• Abstract summary: We argue that core guarantees of signing, provenance, integrity, and accountability are not automatically carried across different software distribution boundaries.<n>Treating signing as a baseline layer of defense strengthens supply chain assurance even when registries are secure.
• Score: 7.338679524518469
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Software signing provides a formal mechanism for provenance by ensuring artifact integrity and verifying producer identity. It also imposes tooling and operational costs to implement in practice. In an era of centralized registries such as PyPI, npm, Maven Central, and Hugging Face, it is reasonable to ask whether hardening registry security controls obviates the need for end-to-end artifact signing. In this work, we posit that the core guarantees of signing, provenance, integrity, and accountability are not automatically carried across different software distribution boundaries. These boundaries include mirrors, corporate proxies, re-hosting, and air-gapped transfers, where registry security controls alone cannot provide sufficient assurance. We synthesize historical practice and present a trust model for modern distribution modes to identify when signing is necessary to extend trust beyond registry control. Treating signing as a baseline layer of defense strengthens software supply chain assurance even when registries are secure.

Related papers

• Secure Tool Manifest and Digital Signing Solution for Verifiable MCP and LLM Pipelines [5.979408039210097]
  Large Language Models (LLMs) are increasingly adopted in sensitive domains such as healthcare and financial institutions' data analytics.<n>Existing control mechanisms, such as the Model Context Protocol (MCP), define compliance policies for tool invocation but lack verifiable enforcement and transparent validation of model actions.<n>We propose a novel Secure Tool Manifest and Digital Signing Framework, a structured and security-aware extension of Model Context Protocols.
  arXiv  Detail & Related papers  (2026-01-30T16:22:21Z)
• Towards Verifiably Safe Tool Use for LLM Agents [53.55621104327779]
  Large language model (LLM)-based AI agents extend capabilities by enabling access to tools such as data sources, APIs, search engines, code sandboxes, and even other agents.<n>LLMs may invoke unintended tool interactions and introduce risks, such as leaking sensitive data or overwriting critical records.<n>Current approaches to mitigate these risks, such as model-based safeguards, enhance agents' reliability but cannot guarantee system safety.
  arXiv  Detail & Related papers  (2026-01-12T21:31:38Z)
• Binding Agent ID: Unleashing the Power of AI Agents with accountability and credibility [46.323590135279126]
  BAID (Binding Agent ID) is a comprehensive identity infrastructure establishing verifiable user-code binding.<n>We implement and evaluate a complete prototype system, demonstrating the practical feasibility of blockchain-based identity management and zkVM-based authentication protocol.
  arXiv  Detail & Related papers  (2025-12-19T13:01:54Z)
• Verification of Lightning Network Channel Balances with Trusted Execution Environments (TEE) [0.05330327625867509]
  This paper introduces a methodology for the verification of LN channel balances.<n>The core contribution is a framework that combines Trusted Execution Environments (TEEs) with Zero-Knowledge Transport Layer Security (zkTLS) to provide strong, hardware-backed guarantees.
  arXiv  Detail & Related papers  (2025-12-12T23:55:12Z)
• It's a Feature, Not a Bug: Secure and Auditable State Rollback for Confidential Cloud Applications [3.903754621026016]
  Rebound is a general-purpose security framework that preserves rollback protection while enabling policy-authorized legitimate rollbacks of application binaries, configuration, and data.<n>Key to Rebound is a reference monitor that mediates state transitions, enforces authorization policy, guarantees atomicity of state updates and rollbacks, and emits a tamper-evident log that provides transparency to applications and auditors.
  arXiv  Detail & Related papers  (2025-11-17T17:53:47Z)
• Reinforcing Secure Live Migration through Verifiable State Management [1.6204399921642334]
  We present TALOS, a lightweight framework for verifiable state management and trustworthy application migration.<n> TALOS integrates memory introspection and control-flow graph extraction, enabling robust verification of state continuity and execution flow.<n>Thereby achieving strong security guarantees while maintaining efficiency, making it suitable for decentralized settings.
  arXiv  Detail & Related papers  (2025-09-05T14:41:48Z)
• Bridging the Mobile Trust Gap: A Zero Trust Framework for Consumer-Facing Applications [51.56484100374058]
  This paper proposes an extended Zero Trust model designed for mobile applications operating in untrusted, user-controlled environments.<n>Using a design science methodology, the study introduced a six-pillar framework that supports runtime enforcement of trust.<n>The proposed model offers a practical and standards-aligned approach to securing mobile applications beyond pre-deployment controls.
  arXiv  Detail & Related papers  (2025-08-20T18:42:36Z)
• EILID: Execution Integrity for Low-end IoT Devices [12.193184827858326]
  EILID is a hybrid architecture that ensures software execution integrity on low-end devices.<n>It is built atop CASU, a prevention-based (i.e., active) hybrid Root-of-Trust (RoT) that guarantees software immutability.
  arXiv  Detail & Related papers  (2025-01-16T00:31:39Z)
• ACRIC: Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
  Recent security incidents in safety-critical industries exposed how the lack of proper message authentication enables attackers to inject malicious commands or alter system behavior.<n>These shortcomings have prompted new regulations that emphasize the pressing need to strengthen cybersecurity.<n>We introduce ACRIC, a message authentication solution to secure legacy industrial communications.
  arXiv  Detail & Related papers  (2024-11-21T18:26:05Z)
• DiVerify: Hardening Identity-Based Software Signing with Programmable Diverse-Context Scopes [11.521573335215239]
  State-of-the-art identity-based code signing schemes have a major shortcoming.<n>They fail to provide verifiable information about the context in which a signature is generated.<n>We propose a diverse identity verification approach that reduces reliance on a single source of verification.
  arXiv  Detail & Related papers  (2024-06-21T18:53:52Z)
• An Industry Interview Study of Software Signing for Supply Chain Security [5.433194344896805]
  We study the challenges that affect the effective implementation of software signing in practice.<n>We highlight the different challenges-technical, organizational, and human-that hamper software signing implementation.
  arXiv  Detail & Related papers  (2024-06-12T13:30:53Z)
• A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
  The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus. We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
  arXiv  Detail & Related papers  (2024-01-19T14:52:04Z)
• HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
  Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs) TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks. We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
  arXiv  Detail & Related papers  (2024-01-17T00:56:23Z)
• Analyzing Maintenance Activities of Software Libraries [55.2480439325792]
  Industrial applications heavily integrate open-source software libraries nowadays.<n>I want to introduce an automatic monitoring approach for industrial applications to identify open-source dependencies that show negative signs regarding their current or future maintenance activities.
  arXiv  Detail & Related papers  (2023-06-09T16:51:25Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.