Re: Ed25519 Signature 2018 from Mike Lodder on 2018-05-07 (public-digital-verification@w3.org from May 2018)

From: Mike Lodder <mike.lodder@evernym.com>
Date: Mon, 7 May 2018 17:22:00 +0000
To: Manu Sporny <msporny@digitalbazaar.com>, Vaneev Bogdan <bogdan@soramitsu.co.jp>, "public-digital-verification@w3.org" <public-digital-verification@w3.org>
CC: Mukhutdinov Bulat <bulat.m@soramitsu.co.jp>
Message-ID: <BYAPR15MB22314DD392DF0455F765D4E4A69B0@BYAPR15MB2231.namprd15.prod.outlook.com>

I would update the name on the suite to be
Ed25519Signature2018-2.

Many would see the move to SHA3 as an improved version from a security point of view. Daniel Bernstein’s original paper says the EdDSA uses SHA2-512 by default but would move to SHA3 once standardized. The paper was written over a decade ago.

I’m not sure how we denote version changes in the same year.

________________________________
From: Manu Sporny <msporny@digitalbazaar.com>
Sent: Monday, May 7, 2018 7:11:25 AM
To: Vaneev Bogdan; public-digital-verification@w3.org
Cc: Mukhutdinov Bulat
Subject: Re: Ed25519 Signature 2018

On 05/06/2018 02:10 PM, Vaneev Bogdan wrote:
> I am following https://w3c-dvcg.github.io/lds-ed25519-2018/ and I
> see that current cipher suite uses sha512, which is from sha2
> family.

Yes.

> I want to use Ed25519 implementation with SHA3-512, because it is
> used in https://github.com/hyperledger/iroha and I don’t really know
> how to modify Ed25519Signature2018

Well, you'll need to create a new Signature Suite (which is easy), and
name it something like:

IrohaSignature2018

> 1) How can I create my modification of Ed25519Signature2018 to
> support sha3-512 digestAlgorithm?

Copy the https://w3c-dvcg.github.io/lds-ed25519-2018/ spec and make the
modifications that you'd like.

Implement it in
https://github.com/digitalbazaar/forge/blob/master/lib/ed25519.js (or
your own library). Make sure the test suite covers your additions.

> 2) I am aware how digital signatures work and I can’t really
> understand what should be signed, if data is represented as json-ld.
> What algorithm is used to represent json-ld document as bytes before
> signing?

The data that is signed is usually a JSON-LD Document that has been
converted to NQuads using the RDF Dataset Normalization algorithm. That
data is then hashed and it's the bytes of the hash that is signed.

This approach enables you to express the data in any Linked Data
serialization that is representable by RDF (JSON-LD, XML, TURTLE,
NQuads, etc.), generate a signature, and ensure that the signature is
portable across serialization syntaxes.

> 3) This is used to https://w3id.org/security#Ed25519Signature2018
> Refer to parameters, used in Ed25519Signature2018, but this link is
> broken (there is no Ed25519Signature2018). It was deleted?

The addition of Ed25519Signature2018 is new and so we haven't had the
time to update it in the security vocabulary.

-- manu

--
Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
Founder/CEO - Digital Bazaar, Inc.
blog: Veres One Decentralized Identifier Blockchain Launches
https://tinyurl.com/veres-one-launches

Received on Monday, 7 May 2018 17:22:31 UTC