English

Contour: A Practical System for Binary Transparency

Cryptography and Security 2018-08-08 v2

Abstract

Transparency is crucial in security-critical applications that rely on authoritative information, as it provides a robust mechanism for holding these authorities accountable for their actions. A number of solutions have emerged in recent years that provide transparency in the setting of certificate issuance, and Bitcoin provides an example of how to enforce transparency in a financial setting. In this work we shift to a new setting, the distribution of software package binaries, and present a system for so-called "binary transparency." Our solution, Contour, uses proactive methods for providing transparency, privacy, and availability, even in the face of persistent man-in-the-middle attacks. We also demonstrate, via benchmarks and a test deployment for the Debian software repository, that Contour is the only system for binary transparency that satisfies the efficiency and coordination requirements that would make it possible to deploy today.

Keywords

Cite

@article{arxiv.1712.08427,
  title  = {Contour: A Practical System for Binary Transparency},
  author = {Mustafa Al-Bassam and Sarah Meiklejohn},
  journal= {arXiv preprint arXiv:1712.08427},
  year   = {2018}
}

Comments

International Workshop on Cryptocurrencies and Blockchain Technology (CBT), 2018

R2 v1 2026-06-22T23:27:16.321Z