AIR GO and APK Signing
Article Summary
Seunghoon Kim from LINE's AIR GO team breaks down Android's APK signing evolution. If you're still using v1 signing, you're leaving security holes wide open.
This deep dive from LINE's security team explains how Android's APK signing schemes evolved from v1 (JAR signing) through v2 and v3, which introduced proof-of-rotation for key management. The article covers the technical architecture of each scheme and how AIR GO detects signing vulnerabilities.
Key Takeaways
- Scheme v1 only verifies individual files, vulnerable to Janus attacks
- v2 creates APK Signing Block covering entire file for integrity
- v3 adds proof-of-rotation: update apps with new keys without re-registration
- AIR GO flags apps using only v1 signing for security risks
- Digest verification uses 1MB chunks with SHA256 hashing
Critical Insight
Android's v3 signing scheme solves the critical problem of lost signing keys by allowing developers to rotate certificates while maintaining app update capability on Google Play.
