The Perl 5 module Module::Signature adds cryptographic authentications to CPAN distributions, via the special SIGNATURE file. If you are a module user, all you have to do is to remember running cpansign -v (or just cpansign) before issuing perl Makefile.PL or perl Build.PL; that will ensure the distribution has not been tampered with. For module authors, you'd want to add the SIGNATURE file to your MANIFEST, then type cpansign -s before making a distribution. You may also want to consider adding a signature check as part of your test suite.