Developers: APK Signature Scheme v3 is coming with support for Key Rotation
If you’re a developer or you’re in any way familiar with decompiling, modifying, and/or installing modified APK files, you’re probably familiar with application signatures. To put it simply, Android mandates that an app must be signed with the same key in order for the system to allow updating the app in question. Android verifies this by checking the APK signature.
APK signatures are a very basic security measure in Android, which we’ve talked about previously. Basically, all signatures are unique to a certain developer or group of developers, so if the signature/certificate in an APK is not valid or doesn’t match that of the original app, the installation will fail, thus preventing the installation of tampered or fake APK files on your Android device. Signature keys must also be kept safely by the developer since they’re vital to verify and, eventually, push out an app update. Luckily the signature scheme for signing APKs is getting another revision—v3—which appears to be adding a convenient feature while maintaining high security standards.
APK Signature Scheme v1 and v2
It hasn’t been too long since the current APK Signature Scheme version, v2, was released for developers. After all, it was barely introduced to us with the launch of Android 7.0 Nougat, at the end of 2016. Using the v2 signature scheme in Android 7.0+ apps was highly encouraged since it brought a series of essential patches and security improvements: while v1 only signed the JAR, v2 takes additional steps towards protecting the integrity of the whole file. Signature schemes are not backwards compatible, though, and Android Marshmallow and lower requires v1 signatures for apps.
Unless you’re catering to users on Nougat or higher specifically, the ideal scenario would be using both signature schemes side by side, by signing with v1 first and then resigning with v2. This way, Nougat and higher will recognize the v2 signature, while Marshmallow and lower will recognize the v1 signature.
Using v1 only, however, is heavily discouraged due to a series of vulnerabilities and other security issues, the most notable of which being the Janus vulnerability, which allows attackers to directly attack and modify APKs without affecting signatures. Popular apps with infrequent updates like Instagram or Snapchat are only signed with v1 signatures, meaning that they’re vulnerable to these issues.
APK Signature Scheme v3
The biggest headlining feature of v3, meant to be a revision of v2, will be key rotation support. The v3 signature scheme introduces the APK Signer Lineage, which, according to one of the commits, “contains a history of signing certificates with each ancestor attesting to the validity of its descendant. Each additional descendant represents a new identity that can be used to sign an APK. In this way, the lineage contains a proof of rotation by which the APK containing it can demonstrate, to other parties, its ability to be trusted with its current signing certificate, as though it were signed by one of its older ones.”
Key rotation is a great feature for developers in several ways. For starters, this can be useful for developers on teams working towards a single app, so developers don’t have to share their signing keys with the team. Since the app needs the same exact signature for updating, all apps currently need to be compiled by the same developer or a group of developers working with the same key, decreasing safety (there are more chances of the key being stolen) and slowing down development.
Furthermore, it can also be useful in the case of a developer having their signing key stolen/lost, which would normally mean that the app would have to be reuploaded to the Play Store under a different package name. This isn’t an uncommon case at all, as long ago even Google apparently lost the signing key for the Google Authenticator app which led to them republish it under a different package name. Google has, since then, provided means to safely store your signing keys in the cloud with Google Play App Signing, but key rotation would allow you to continue updating your app in the case of a hypothetical mess up.
When is it rolling out?
While you might be eager to try it out for the added convenience, the v3 signature scheme was spotted floating around the AOSP Gerrit Code Review site, and the commits themselves have not been merged into the main branch right now, so it isn’t ready just yet. We should expect the v3 signature scheme to come to developer’s hands with the upcoming release of Android P if the previous v2 release with Android Nougat tells us anything.
We should also note that key rotation is, quite likely, not the only difference over v2. APK Signature Scheme v3 is still a work in progress, so we shall see the actual improvements of the v3 signature scheme when the full documentation for it comes out in the future.