Manifest Problems: Analyzing Code Transparency for Android Application Bundles

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem KonferenzbandBegutachtung

Abstract

In 2018, Google introduced a new app distribution format called AAB (Android Application Bundle), which replaced APK (Android Package) as the required format for all new app submissions to Google Play in 2021. Apps are still delivered to end users as APK files, but they are now generated and signed on the app store operator's infrastructure. Most crucially, this change requires developers to hand over their APK signing key to the app store operator, enabling them to arbitrarily manipulate apps prior to delivery to end users. To address this, Google has introduced the Code Transparency scheme to verify the integrity of APKs generated from AAB files. However, due to the lack of independent studies, the exact security properties of Code Transparency remain unclear.

In this paper, we present the first comprehensive analysis of the security of Code Transparency and the AAB format. We thoroughly investigate the design and implementation of the Code Transparency scheme, discussing in detail the technical possibilities attackers have for manipulating apps that use it. Additionally, we conduct a large-scale study on AAB and Code Transparency in practice. To this end, we evaluate the prevalence of both technologies among 3.5 million real-world apps, analyze their susceptibility to our attacks, and carry out a case study that demonstrates the practical security implications of attacks on Code Transparency.

Our analyses indicate that Code Transparency suffers from severe design and implementation flaws that allow app store operators to execute code in the context of any app without disturbing its Code Transparency signature.
Originalspracheenglisch
TitelAnnual Computer Security Applications Conference
Herausgeber (Verlag)Association of Computing Machinery
PublikationsstatusAngenommen/In Druck - 20 Aug. 2024
VeranstaltungAnnual Computer Security Applications Conference: ACSAC 2024 - Waikiki, USA / Vereinigte Staaten
Dauer: 9 Dez. 202413 Dez. 2024
Konferenznummer: 40

Konferenz

KonferenzAnnual Computer Security Applications Conference
KurztitelACSAC
Land/GebietUSA / Vereinigte Staaten
OrtWaikiki
Zeitraum9/12/2413/12/24

Fingerprint

Untersuchen Sie die Forschungsthemen von „Manifest Problems: Analyzing Code Transparency for Android Application Bundles“. Zusammen bilden sie einen einzigartigen Fingerprint.
  • A-SIT - Zentrum für sichere Informationstechnologie Austria

    Stranacher, K. (Teilnehmer (Co-Investigator)), Dominikus, S. (Teilnehmer (Co-Investigator)), Leitold, H. (Teilnehmer (Co-Investigator)), Marsalek, A. (Teilnehmer (Co-Investigator)), Teufl, P. (Teilnehmer (Co-Investigator)), Bauer, W. (Teilnehmer (Co-Investigator)), Aigner, M. J. (Teilnehmer (Co-Investigator)), Rössler, T. (Teilnehmer (Co-Investigator)), Neuherz, E. (Teilnehmer (Co-Investigator)), Dietrich, K. (Teilnehmer (Co-Investigator)), Zefferer, T. (Teilnehmer (Co-Investigator)), Mangard, S. (Teilnehmer (Co-Investigator)), Payer, U. (Teilnehmer (Co-Investigator)), Orthacker, C. (Teilnehmer (Co-Investigator)), Lipp, P. (Teilnehmer (Co-Investigator)), Reiter, A. (Teilnehmer (Co-Investigator)), Knall, T. (Teilnehmer (Co-Investigator)), Bratko, H. (Teilnehmer (Co-Investigator)), Bonato, M. (Teilnehmer (Co-Investigator)), Suzic, B. (Teilnehmer (Co-Investigator)), Zwattendorfer, B. (Teilnehmer (Co-Investigator)), Kreuzhuber, S. (Teilnehmer (Co-Investigator)), Oswald, M. E. (Teilnehmer (Co-Investigator)), Tauber, A. (Teilnehmer (Co-Investigator)), Posch, R. (Projektleiter (Principal Investigator)), Bratko, D. (Teilnehmer (Co-Investigator)), Feichtner, J. (Teilnehmer (Co-Investigator)), Ivkovic, M. (Teilnehmer (Co-Investigator)), Reimair, F. (Teilnehmer (Co-Investigator)), Wolkerstorfer, J. (Teilnehmer (Co-Investigator)) & Scheibelhofer, K. (Teilnehmer (Co-Investigator))

    21/05/9931/12/24

    Projekt: Arbeitsgebiet

Dieses zitieren