- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Tue, 8 Jun 2021 14:15:27 -0400
- To: semantic-web@w3.org
> I'm just keeping one of the attacks here - the one I feel is most > important. I presume you're dropping the others because it was shown why they are not successful attacks. >> Invalid. If the RDF Dataset is not what the producer signed, the >> signature fails verification. >> > Not so. The validation succeeds because it sees the RDF dataset the > producer signed. The consumer sees a different dataset because the third > party changes the remote context between the time the verification is done > and the time that the consumer extracts the dataset from the document. Invalid. There are two protections in place that prevent the above from happening: 1. Any "remote context" that could suffer such an attack must always be loaded from a vetted local storage location. 2. The RDF Dataset is only ever extracted from a verified result, which is static and cannot change. > One reason I want an implementation of the algorithms as commands is to > show exactly how this attack works against the algorithms. What you want is an implementation that has neither of the two protections listed above. I don't think anyone wants to provide that implementation to you because it would be knowingly implementing a piece of software with two security flaws in it. Writing cryptographic software with known flaws crosses certain ethical boundaries that at least I am unwilling to cross. Now, if you can find an attack that actually works against the existing software I'm sure the implementers will fall over themselves to fix the flaw. To date, no such flaw has been surfaced by you; but I urge you to keep trying. -- manu -- Manu Sporny - https://www.linkedin.com/in/manusporny/ Founder/CEO - Digital Bazaar, Inc. blog: Veres One Decentralized Identifier Blockchain Launches https://tinyurl.com/veres-one-launches
Received on Tuesday, 8 June 2021 18:17:30 UTC