Skip to content
This repository has been archived by the owner on Dec 14, 2021. It is now read-only.
/ paper_chainiac Public archive

Implementation and simulations for "CHAINIAC: Proactive Software-Update Transparency via Collectively Signed Skipchains and Verified Builds" paper appearing at Usenix Security'17.

23 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

dedis/paper_chainiac

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
bftcosi
bftcosi
 
 
manage
manage
 
 
repositories
repositories
 
 
simulation
simulation
 
 
skipchain
skipchain
 
 
swupdate
swupdate
 
 
timestamp
timestamp
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
api.go
api.go
 
 
api_test.go
api_test.go
 
 
debianupdate.go
debianupdate.go
 
 
debianupdate_test.go
debianupdate_test.go
 
 
migrate.sh
migrate.sh
 
 
package.go
package.go
 
 
package_test.go
package_test.go
 
 
repository.go
repository.go
 
 
repository_test.go
repository_test.go
 
 
struct.go
struct.go
 
 

Repository files navigation

CHAINIAC

Chainiac is an update framework that provides decentralized enforcement of development and release processes, independent verification of source-to-binary correspondence, transparency via a collectively-signed update timeline, and efficient release validation by arbitrarily out-of-date clients. This repository contains the bare-bone source code of the system and the code necessary to reproduce the experiments in the corresponding paper.

Installation

If you do not have Golang installed, start with

  • Install Golang
  • Set $GOPATH to point to your workspace directory
  • Add $GOPATH/bin to $PATH

Dependencies

To get Go dependencies of the project, execute

go get -u ./...

We use Python to extract metadata of Debian packages and snapshots of the Debian repository. You need to install

  1. Python 3.5 or later
  2. BeautifulSoup4 and lxml libraries for processing HTML and XML files

Retrieving test data

Go to repositories/ and run ./get_files.sh to retrieve the list of the most downloaded Debian packages from http://popcon.debian.org/. Then run

python3 get_repo_3.5.py

or

python get_repo.py

to retrieve the snapshots of the Debian testing repository used in the experiments. This might take a while.

Simulation

Go to simulation/ and execute

go build .

This will build a simulation binary. You can reproduce the experiments from the paper by running the binary with a toml configuraiton file as an argument.

About

Implementation and simulations for "CHAINIAC: Proactive Software-Update Transparency via Collectively Signed Skipchains and Verified Builds" paper appearing at Usenix Security'17.

Resources

Readme
Activity
Custom properties

Stars

23 stars

Watchers

18 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors 2

  •  
  •  

Languages