Research And Analysis On Defect Of Windows Code Signing Mechanism

Code signing is the process of signing executables and scriptsdigitally to confirm the source of the software and make sure that the codehas not been altered or corrupted since it was signed by signer’s private key.The mechanism of code signing on Windows platform can verify thelegality of the digital signature of executable files and tell system if theprogram is signed or legal. The operation system can decide whether loadthe executable file or not depending on the mechanism, which preventmalware from executing and damaging operation system.Firstly, the paper introduces the analysis technology of code security,which consists of digital signature technology, PE files, MicrosoftAuthenticode technology, driver software and software disassemblingtechnology. Then the paper introduces and analyses the principle of themechanism and describe the defects of the code signing mechanismthrough two aspects. One is the inner aspect of the security defect of codesigning mechanism and the other is the outer ways of defeat code signingmechanism.In the inner aspect of the security defect, the paper will discuss twoproblems. First one is the vulnerability of PE files, which attackers canmanipulate PE files using tools to change the content without break thedigital signature in two ways. Second problem is there are ways ofshutdown code signing mechanism under offline state both in Windows7and Windows8. In outer ways of defeat the mechanism, the paper willdescribe two aspects of defeating the mechanism. First, using thevulnerability of system drivers with Windows7and Windows8, attackerscan enter kernel mode to inject ShellCode or build ROP chain to shutdown code signing mechanism. Second, attackers can forge the digitalsignature or certificate through the hash collision of MD5using "chosenprefix collision" method, which can also bypass the check of the codesigning mechanism.At last, the paper will summarize all the defects of the code signingmechanism and represent some solutions and suggestions to improve codesigning mechanism focusing on current defects. First is to build a verifymechanism of all the driver softwares. Second is to enhance theverification of the code signing mechanism.