Recently D-Links was in the News – because private keys for code signing were accidentally publicized. It shows how important it is to ensure that security measures to protect private keys are taken.
The Taiwanese networking company known as a manufacturer of wireless routers, network switches, and security cameras, inadvertently released one of its private keys for code signing in a firmware download. This was discovered by a user of a Dutch news agency.
Fox IT, a security company, said “The mistake was probably made by someone who wrapped the source code for release. The code signing certificate was only present in one of the paged code packages in a specific version. “The version above and below the specific package did not contain the folder where the code signing certificates were located. it was a simple mistake excluding folders. ”
Security Risk Of Unprotected Keys
It’s not the first time someone accidentally leaked their private keys or badly protected their keys, which were then stolen. If the private key of a Code Signing certificate is not properly protected, an attacker could use it to sign an application containing malicious code and viruses. It looks like it came from a trusted source because it is signed with a legitimate (but stolen) certificate.
Many software developers are not adequately protecting the environments in which they store their code signing certificates and private keys. In the simplest case, these are located locally on a developer’s computer and they have not taken adequate precautions to protect the keys on the local computer.
An especially severe case would be losing your private keys of cryptocurrencies. In the new world of Bitcoin & co everybody is his own bank and the private keys of coins are the access to the money. Getting them is like stealing cash. But unfortunately in this case you can’t get it back. There is now way to make Bitcoin transfers undone. Which has upsides and downsides. But it is essential to protect your crypto private keys the best way possible, which is a hardware wallet like Trezor.
Measures To Protect Your Private Keys
The safest way to keep private keys safe is to secure them to a secure cryptographic hardware device, such as a security device.
- Smart Card
- USB tokens
- HSM (Hardware Security Module)
These device types are less prone to compromise and include multi-factor authentication, which requires additional authentication (e.g., a PIN code) if the device is lost or stolen.
Transfer Certificates To A Secure Hardware Device
Most certification authorities provide the ability to install standard code signing certificates on different hardware types. In addition, software developers Extended Validation (EV) can buy code signing certificates that are by default issued directly by the CA on secure cryptographic USB tokens, and thus the danger.
When a code signing certificate is stored on a cryptographic token, it makes it difficult for malicious third parties to copy or steal the private signature key. It becomes more difficult to distribute malware under the identity of the actual certificate holder.
Security Benefits of EV Code Signing Certificates
- Certificate is stored on a cryptographic USB token (FIPS 140-2 Level 2 compliant)
- Token requires multi-factor authentication by password. In addition, you can set the number of failed login attempts before automatically locking the token and deleting the content
- Key is generated on the token and can not be exported
EV Code Signing Certificates are a great option for any software developer who wants to improve the security of their code and who may not want to use a dedicated Hardware Security Module (HSM). EV Code Signing Certificates have many other advantages, e.g. Immediate reliability in Microsoft Smartscreen and advanced validation requirements.