Re: Signing and Verifying RDF Datasets for Dummies (like Me!)

On Mon, 2021-06-07 at 22:49 +0200, Eric Prud'hommeaux wrote:
 > On Mon, Jun 07, 2021 at 03:37:44PM -0400, Peter Patel-Schneider
 > wrote:

[..]

 >
 > Since then, you have claimed with full confidence that you have found
 > 10s of critical flaws with what I resolutely call "RDF Signatures".
 > None turned out to be critical flaws.

I would say a few, not 10s.  I pointed out what I think are flaws in

[...]

 > A third related to changing the meaning of JSON-LD documents by
 > changing the @context. This isn't related to signatures, and if
 > anything, signatures give you a tool to prevent that because you've
 > signed a the resulting document and if someone changes the the
 > @context under you, you can't verify the signature.
 >
 > Those were, afaict, the only substantial critiques. Most were of the
 > form "if you change X, the hash changes and the signature breaks" to
 > which the reply is "by design".

Remote contexts are indeed problematic for JSON-LD documents.  They can cause 
failures in both directions.  If the remote context is changed the 
deserialization of the document may change, invalidating signatures of 
documents that use the remote context.  But I believe that attackers can also 
use remote contexts to change signed JSON-LD documents in a way that 
validation by recipients will succeed but when the recipient deserializes the 
document they end up with an RDF dataset that is not isomorphic to the dataset 
signed by the originator.  I believe that this is the case even if the orignal 
signed JSON-LD document did not use remote contexts.

 > If you approached this with a bit more humility, it would be less
 > galling, but as it is, you keep making strident claims, fighting them
 > for a while, and when the couter-evidence is overwhelming, quietly
 > dropping them in favor of some new strident claim. It doesn't really
 > give the impression that you're arguing in good faith.

I'm still waiting for an implementation of the algorithms that I can use to 
demonstrate my claimed attacks.  Once I have this implementation I'll try out 
my attacks using it and report back my experiences.  With the partial 
implementation I have been given I've noticed and reported that remote 
contexts in JSON-LD cannot be signed so I can't try the initial remote 
contexts attack I came up with.  I've also tried two of the simple problems 
with JSON (large integers and repeated keys).  The partial implementation 
silently modifies large integers and accepts repeated keys.

The Web GUI you put up at 
https://janeirodigital.github.io/rdf-sig-playground/index was useful but it 
doesn't take JSON-LD and appears to produce quite different output.

peter

Received on Tuesday, 8 June 2021 00:31:51 UTC