Projects per year
Abstract
In 2018, Google introduced a new app distribution format called AAB (Android Application Bundle), which replaced APK (Android Package) as the required format for all new app submissions to Google Play in 2021. Apps are still delivered to end users as APK files, but they are now generated and signed on the app store operator's infrastructure. Most crucially, this change requires developers to hand over their APK signing key to the app store operator, enabling them to arbitrarily manipulate apps prior to delivery to end users. To address this, Google has introduced the Code Transparency scheme to verify the integrity of APKs generated from AAB files. However, due to the lack of independent studies, the exact security properties of Code Transparency remain unclear.
In this paper, we present the first comprehensive analysis of the security of Code Transparency and the AAB format. We thoroughly investigate the design and implementation of the Code Transparency scheme, discussing in detail the technical possibilities attackers have for manipulating apps that use it. Additionally, we conduct a large-scale study on AAB and Code Transparency in practice. To this end, we evaluate the prevalence of both technologies among 3.5 million real-world apps, analyze their susceptibility to our attacks, and carry out a case study that demonstrates the practical security implications of attacks on Code Transparency.
Our analyses indicate that Code Transparency suffers from severe design and implementation flaws that allow app store operators to execute code in the context of any app without disturbing its Code Transparency signature. We reported our findings to Google and are in the process of discussing potential mitigations.
In this paper, we present the first comprehensive analysis of the security of Code Transparency and the AAB format. We thoroughly investigate the design and implementation of the Code Transparency scheme, discussing in detail the technical possibilities attackers have for manipulating apps that use it. Additionally, we conduct a large-scale study on AAB and Code Transparency in practice. To this end, we evaluate the prevalence of both technologies among 3.5 million real-world apps, analyze their susceptibility to our attacks, and carry out a case study that demonstrates the practical security implications of attacks on Code Transparency.
Our analyses indicate that Code Transparency suffers from severe design and implementation flaws that allow app store operators to execute code in the context of any app without disturbing its Code Transparency signature. We reported our findings to Google and are in the process of discussing potential mitigations.
Original language | English |
---|---|
Title of host publication | Annual Computer Security Applications Conference |
Publisher | Association of Computing Machinery |
Publication status | Accepted/In press - 20 Aug 2024 |
Event | Annual Computer Security Applications Conference: ACSAC 2024 - Waikiki, United States Duration: 9 Dec 2024 → 13 Dec 2024 Conference number: 40 |
Conference
Conference | Annual Computer Security Applications Conference |
---|---|
Abbreviated title | ACSAC |
Country/Territory | United States |
City | Waikiki |
Period | 9/12/24 → 13/12/24 |
Fingerprint
Dive into the research topics of 'Manifest Problems: Analyzing Code Transparency for Android Application Bundles'. Together they form a unique fingerprint.Projects
- 1 Active
-
A-SIT - Secure Information Technology Center Austria
Stranacher, K., Dominikus, S., Leitold, H., Marsalek, A., Teufl, P., Bauer, W., Aigner, M. J., Rössler, T., Neuherz, E., Dietrich, K., Zefferer, T., Mangard, S., Payer, U., Orthacker, C., Lipp, P., Reiter, A., Knall, T., Bratko, H., Bonato, M., Suzic, B., Zwattendorfer, B., Kreuzhuber, S., Oswald, M. E., Tauber, A., Posch, R., Bratko, D., Feichtner, J., Ivkovic, M., Reimair, F., Wolkerstorfer, J. & Scheibelhofer, K.
21/05/99 → 31/12/24
Project: Research area
Activities
- 1 Talk at conference or symposium
-
Manifest Problems: Analyzing Code Transparency for Android Application Bundles
Florian Draschbacher (Speaker)
2024 → …Activity: Talk or presentation › Talk at conference or symposium › Science to science