Trail of Bits Blog
Follow
Building cryptographic agility into Sigstore
Software signatures have a hidden expiration date, necessitating preparedness for cryptographic algorithm obsolescence. Sigstore initially prioritized security by hardcoding specific algorithms but faced limitations as its use expanded and diverse organizational needs emerged. Trail of Bits collaborated with the Sigstore community to address these limitations through controlled cryptographic flexibility. This involved a centralized algorithm registry and updates to Rekor, Fulcio, and Cosign, allowing algorithm selection. These changes introduce predefined algorithm suites to prevent in-band algorithm signaling attacks, ensuring secure combinations. The implemented solution enables controlled flexibility, supporting algorithms like ECDSA, Ed25519, and RSA. Organizations can restrict allowed algorithms for compliance or post-quantum readiness. This new architecture supports future algorithm additions, ensuring long-term signature verifiability. This approach maintains Sigstore's security model while accommodating evolving cryptographic standards.
