- From: Peter F. Patel-Schneider <pfpschneider@gmail.com>
- Date: Mon, 24 May 2021 06:09:26 -0400
- To: semantic-web@w3.org
On 5/24/21 2:05 AM, Aidan Hogan wrote: > On 2021-05-23 7:06, Peter F. Patel-Schneider wrote: >> So it appears that you agree with me that signing a document serializing an >> RDF dataset according using the algorithms in Linked Data Proofs 1.0 do not >> meet the usual computer security requirements. > > Hmm, I'm not sure. I guess it depends on the specific security requirements > (and I'm not an expert on such topics). > > However, I think most of the issues you mention might lead to a verify > returning *false* "unexpectedly" because while verifying, you extract a > dataset (or signature parameters) different from the original graph (or > signature parameters) passed to the sign function. This type of false > negative seems to affect something more akin to "usability" rather than > security: it seems to me to err on the side of caution. > > If verify were returning *true* unexpectedly, I would have to imagine that > that would be more worrying in terms of security requirements, but I don't > think such issues are likely as they would seemingly break some of the > guarantees of the underlying cryptography (used in sign). It appears to me that changing the data associated with the signature could result in an unexpected true, as this data is not part of the graph that is verified. This does require that there be data in the signature that can be changed without affecting the verification function. Alternatively, it might be possible to add an extra signature block, and still have the verification succeed. These are both methods of subverting computer security that do not attack the core cryptographic functions but instead attack the association of the signature with the payload. But it is just as important to prevent these attacks as other attacks. > >> You also appear to be saying that it might be possible to come up with >> qualifications that could fix this problem. > > Yes, I suspect that technically it should not be difficult. I think the > harder part will be to reach a consensus on what qualifications to apply in > order to ensure G1 and G2 mentioned previously. I would say that it is more important to ensure that the qualifications actually do ensure correct signing and verification. > > Best, > Aidan > peter
Received on Monday, 24 May 2021 10:10:41 UTC