Securing Content Repositories with the Update Framework (TUF)

The Update Framework (TUF) is a framework for secure software updates that protects the integrity, consistency, and freshness of packages while reducing the impact of a compromise and allowing for recovery. It uses cryptographic signatures to protect content and separates responsibilities to reduce the impact of key loss. TUF also allows users to recover when a compromise happens through hierarchical trust delegations.

• TUF protects content using cryptographic signatures over the content, repository, and metadata to ensure integrity, consistency, and freshness.
• TUF reduces the impact of key loss by separating responsibilities and requiring a threshold of keys to sign content.
• TUF allows users to recover from a compromise through hierarchical trust delegations.
• TUF uses a root role that delegates to other roles in the system, including a timestamp role, snapshot role, and targets roles.
• TUF balances trust and responsibility by ensuring that more vulnerable roles have less of an impact when compromised.

TUF is important because it protects against attackers who may try to compromise software updates. For example, an attacker could try to mess with what a user is installing on their machine, which could be tempting for them to do. TUF protects against this by using cryptographic signatures and separating responsibilities to reduce the impact of key loss. It also allows users to recover from a compromise through hierarchical trust delegations.

The Update Framework (TUF) is a framework for secure content delivery and updates that protects against many known attacks on software update systems. In this talk, Joshua Lock and Marina Moore will describe how TUF works, why content delivery systems need the protections offered by TUF, and share some recent developments in TUF and related projects. Following this introductory content, we will deep dive into proposed new features for TUF by reviewing a TUF Augmentation Proposal (TAP). Come to this talk to learn about how many organizations, including Docker, Amazon, and Google secure software updates and how you can get involved.