LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

What cryptographic mechanisms protect software updates (e.g. an iPhone update, Windows Update)?

A SHA-256 hash for integrity, an RSA or ECDSA signature for authenticity, an X.509 certificate for vendor identity, TLS for download, and optionally HMAC binding the update to a specific device.

Purpose Algorithm What it does
Hashing (integrity) SHA-256 / SHA-384 Checksum of the firmware/update bundle
Digital signature RSA-2048 / ECDSA-P256 Vendor signs the hash with their private key
Public-key certificate X.509 Authenticates the vendor's public key via a CA chain
Transport encryption TLS 1.2 / 1.3 (AES-GCM, ECDHE) Protects the download channel
Device binding (optional) HMAC-SHA-256 Update can be installed only on devices with a matching device-ID hash

The two-step verification on the device:

  1. Receive the update bundle over TLS.
  2. Compute SHA-256 of the bundle.
  3. Verify the vendor's signature on that hash using the embedded vendor public key (often pinned in the bootloader).
  4. (Optionally) verify the HMAC tying the update to this device's serial number.
  5. Only then write the update to firmware.

Why signatures matter so much:

  • A compromised CDN can serve any bytes — TLS only protects the transport, not the content.
  • A signature lets the device verify the bundle came from the real vendor, not from a network-level attacker.
  • That's why a compromised mirror or CDN cannot push malware to a device that enforces signature checks: it can serve any bytes, but it can't produce a valid vendor signature over them.

Real-world failures:

  • SolarWinds (2020) — attackers compromised the build server and injected malware before the legitimate signing took place. The signed update was real, but its content was malicious.
  • ASUS Live Update (2019) — attackers stole the signing key, signed their own malware as ASUS, distributed to ~1M users.
  • These are why reproducible builds + transparency logs (sigsum, Sigstore) are increasingly used: anyone can verify what was actually built and signed.

Tip: "Just check the SHA-256" is insufficient without a signed hash. A man-in-the-middle who controls your network can replace both the download and the published hash. Always verify a signature, not just a hash.

From Quiz: ISF / Cryptographic Protocols & Requirements | Updated: Jul 14, 2026