NYU Tandon-led research team wins distinguished paper award for gittuf security system

A research team led by NYU Tandon School of Engineering Professor Justin Cappos has won a Distinguished Paper Award at the Network and Distributed System Security Symposium 2025 for developing a security system that prevents unauthorized code changes in Git repositories.

The paper, "Rethinking Trust in Forge-Based Git Security," addresses critical vulnerabilities in an era of surging software supply chain attacks. It presents a new system, called gittuf, that decentralizes security responsibilities typically handled by centralized platforms like GitHub, GitLab, and Bitbucket. These Git forges have become the backbone of modern software development but represent a single point of trust in the security landscape.

"For most security properties, users can't verify independently that a forge is enforcing policy correctly," said Cappos, who holds an appointment in NYU Tandon's Computer Science and Engineering Department and is on the faculty of the NYU Center for Cybersecurity. "One of the main challenges was providing strong security guarantees while being backwards compatible with forges."

Recent years have seen high-profile attacks targeting centralized code repositories. For example, in 2021, attackers compromised the PHP programming language's Git server to insert malicious code. Similar incidents that used trusted developers’ compromised forge credentials have affected the Gentoo Linux distribution and various open-source projects.

The gittuf system decentralizes three critical aspects of Git security: policy declaration, activity tracking, and policy enforcement. This means that even if attackers compromise a central Git forge, they would need to compromise multiple developers' cryptographic keys to make unauthorized changes without detection.

"The beauty of our approach is that a single honest developer with gittuf can detect and correct policy violations," said Aditya Sirish A Yelgundhalli, a Ph.D. candidate in Cappos' Secure Systems Lab and the paper's lead author. "This dramatically raises the bar for attackers."

The system works through an authenticated, append-only log called the Reference State Log that records all repository activity with cryptographically signed entries. If someone detects a policy violation, they can mark the invalid entry and restore the repository to its last valid state. The system also supports requiring multiple developers to approve changes to critical code and works with existing Git servers.

The gittuf project is currently an OpenSSF sandbox project hosted by the Linux Foundation. Projects hosted by the OpenSSF and the Cloud Native Computing Foundation are already using it, and Bloomberg is piloting the system.

gittuf builds on security principles from The Update Framework (TUF), also developed in Cappos’ lab. While TUF secures software update systems, gittuf adapts concepts like delegations and threshold approvals specifically for Git repositories.

In addition to Cappos and Yelgundhalli, Patrick Zielinski, another Ph.D. student in Cappos’s lab and Reza Curtmola, a professor in the Department of Computer Science at New Jersey Institute of Technology, are authors on the paper. The research was supported by three National Science Foundation grants: CNS 2247829, CNS 2054692, and DGE 2043104.

A. Yelgundhalli, P. Zielinski, R. Curtmola, J. Cappos. 2025. Rethinking Trust in Forge-Based Git Security. The Network and Distributed System Security (NDSS) Symposium. San Diego, CA, USA