Binary Transparency
Stay organized with collections
Save and categorize content based on your preferences.
Android Binary Transparency enables users to trust and gain higher confidence
in the binaries (e.g. apps, OS, firmware) that are executing on their devices.
This is made possible when users can trace a specific binary (including the
firmware itself) that is executing on their devices back to the original source
(where available) and verify that it has not been modified or tampered with,
even by adversaries that may have access to the binary's signing keys.
Overview
Software supply chains are increasingly vulnerable to attacks, ranging from
compromised signing keys to surreptitious code injection to insider attack.
To build greater confidence and trust in the software we rely on, we can create
a transparency log with the following properties:
- Append only: content of the log cannot be deleted, modified, or
retroactively inserted undetectably
- Cryptographically assured: guarantee the append-only property by leveraging
the Merkle tree data structure
- Publicly auditable: anyone can query the contents of the log
Publishing the metadata of software as log content can increase confidence in
the binaries we trust and run by providing a verifiable record of their
provenance.
Projects
To date, we have launched two logs:
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-11-11 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2024-11-11 UTC."],[[["Android Binary Transparency aims to enhance trust in the binaries running on Android devices by enabling users to verify their origins and integrity."],["This is achieved by creating a transparent, append-only log of software metadata, cryptographically secured and publicly auditable."],["Users can trace a binary back to its source and confirm its authenticity, safeguarding against potential modifications or tampering, even with compromised signing keys."],["Increased transparency combats vulnerabilities in software supply chains stemming from compromised keys, code injections, and insider threats."]]],["Android Binary Transparency aims to enhance user trust in device binaries by enabling verification of their origin and integrity. This is achieved through a transparency log with append-only, cryptographically assured, and publicly auditable properties. The log stores software metadata, allowing users to trace binaries back to their source and confirm they are unmodified. This addresses vulnerabilities in software supply chains, such as compromised keys or code injection. Two transparency logs have been launched: Pixel Firmware Transparency and Google System APK Transparency.\n"]]