Skip to main content

Write your Master’s Thesis at Advenica

Root of Trust for Signed Commits in Version Control Systems

Brief description

Git - an example of a Version Control System (VCS) - provides its users with the possibility of Signed Commits (SC) using GPG signatures. SC are useful for establishing strong guarantees of integrity, authorship, non-repudiation and auditability of source code. These properties are highly desirable when developing high assurance products. Additionally the following features are also desirable in a SC enabled VCS system: Write Access Control, Write Access Management and GPG Identity Revocation.

Available fall 2020

The purpose of this thesis is to theoretically investigate and practically develop a system which makes use of SC based on GPG signature. The aim is to answer the following research questions:

  1. How can SC be used to guarantee that only explicitly permitted GPG identities are allowed to push commits in a specific VCS repository?
  2. What is a good Root of Trust (ROT) for organization global GPG identities to be strongly tied to a specific individual?
  3. How can organization global GPG identities be securely managed with a low amount of overhead and with as little need as possible for administrators or other VIPs to get involved?
  4. How can the permissions of (question 1) be flexibly and securely managed with low overhead, on a per repository basis?
  5. How can organization global GPG identities be securely revoked without the need for local administration of all VCS repositories.
  6. How can the validity of past signatures be maintained after revocation?
  7. What are good procedures for repository audits of GPG signature correctness?
  8. How should VSC-hooks be designed to prevent user mistakes from propagating into VCS repositories.


Preferred areas of knowledge/interest

  • Security Protocols
  • GPG/PGP
  • Ring/web of trust
  • Git and other VCSs
  • DevOps