Re: Signing and Verifying RDF Datasets for Dummies (like Me!)

On Mon, 2021-06-07 at 22:49 +0200, Eric Prud'hommeaux wrote:
> On Mon, Jun 07, 2021 at 03:37:44PM -0400, Peter Patel-Schneider
> wrote:

[..]

> 
> Since then, you have claimed with full confidence that you have found
> 10s of critical flaws with what I resolutely call "RDF Signatures".
> None turned out to be critical flaws.

I would say a few, not 10s.  I pointed out what I think are flaws in
the algorithms in https://w3c-ccg.github.io/ld-proofs/, particularly
when using JSON-LD.

[...]

> A third related to changing the meaning of JSON-LD documents by
> changing the @context. This isn't related to signatures, and if
> anything, signatures give you a tool to prevent that because you've
> signed a the resulting document and if someone changes the the
> @context under you, you can't verify the signature.
>
> Those were, afaict, the only substantial critiques. Most were of the
> form "if you change X, the hash changes and the signature breaks" to
> which the reply is "by design".

Remote contexts are indeed problematic for JSON-LD documents.  They can
cause failures in both directions.  If the remote context is changed
the deserialization of the document may change, invalidating signatures
of documents that use the remote context. But I believe that attackers
can also use remote contexts to change signed JSON-LD documents in a
way that validation by recipients will succeed but when the recipient
deserializes the document they end up with an RDF dataset that is not
isomorphic to the dataset signed by the originator.  I believe that
this is the case even if the orignal signed JSON-LD document does not
use remote contexts.

> If you approached this with a bit more humility, it would be less
> galling, but as it is, you keep making strident claims, fighting them
> for a while, and when the couter-evidence is overwhelming, quietly
> dropping them in favor of some new strident claim. It doesn't really
> give the impression that you're arguing in good faith.

I'm still waiting for an implementation of the algorithms that I can
use to demonstrate my claimed attacks.  Once I have this implementation
I'll try out my attacks using it and report back my experiences.  With
the partial implementation I have been given I've noticed and reported
that remote contexts in JSON-LD cannot be signed so I can't try the
initial remote contexts attack I came up with.

The Web GUI you put up at
https://janeirodigital.github.io/rdf-sig-playground/index was useful
but it doesn't take JSON-LD and appears to produce quite different
output.

Received on Monday, 7 June 2021 23:08:53 UTC