Re: Signing and Verifying RDF Datasets for Dummies (like Me!) from Peter Patel-Schneider on 2021-06-09 (semantic-web@w3.org from June 2021)

From: Peter Patel-Schneider <pfpschneider@gmail.com>
Date: Wed, 09 Jun 2021 13:45:10 -0400
To: Eric Prud'hommeaux <eric@w3.org>
Cc: semantic-web@w3.org
Message-ID: <0c5fd1e2b526b7535ea7641d3b6025687e777b93.camel@gmail.com>

On Wed, 2021-06-09 at 13:10 +0200, Eric Prud'hommeaux wrote:
> On Tue, Jun 08, 2021 at 08:21:31PM -0400, Peter Patel-Schneider
> wrote:
> > On Tue, 2021-06-08 at 23:13 +0200, Eric Prud'hommeaux wrote:
> > > On Mon, Jun 07, 2021 at 08:31:17PM -0400, Peter F. Patel-
> > > Schneider
> > wrote:
> > > > On Mon, 2021-06-07 at 22:49 +0200, Eric Prud'hommeaux wrote:
> > > > > On Mon, Jun 07, 2021 at 03:37:44PM -0400, Peter Patel-
> > > > > Schneider
> > > > > wrote:
> > > > 
> > > > [..]
> > > [...]
> > > Do you agree that in order to do so, they'd have to expand the
> > > document more than once, and carry the conclusion of a valid
> > signature
> > > over from the first expansion?
> > 
> > For the receiver seeing a different graph than what the sender
> > signed
> > this double expansion is needed.  However, double expansion is
> > required
> > given the algorithms in https://w3c-ccg.github.io/ld-proofs/
> 
> I see only one expansion in signing and one in verification.
> Together,
> they total two, but any change to the context that affects the signed
> triples with result in a failed verification. The only place to
> inject
> a well-timed context change would be if either signing or
> verification
> demanded multiple expansions.

But the receiver needs to perform two expansions.  The first happens
when the receiver runs the verify algorithm.  The second happens when
the receiver uses the transmitted document to construct the RDF
dataset.  These two operations can be separated by an arbitrary amount
of time and can be done in different environnments with the result that
the recceiver constructs a different dataset from what the verify
algorithm verified.

And remote contexts and other environmental concerns can be constructed
and manipulated so that the verify algorithm sees what the originator
signed and thus returns true but the receiver constructs something
different.  This can happen by accident, such as when a remote context
is updated, or by an opponent, for example by modifying a transmitted
document to inject a remote context that is modified between
verification and construction.

[...]

peter

Received on Wednesday, 9 June 2021 17:46:04 UTC