[foaf-protocols] WebID for signing RDF graphs

Reto Bachmann-Gmür me at farewellutopia.com
Thu Sep 23 17:37:34 CEST 2010


Added Jeremy Carroll to the CC as he might tell us more.

On Wed, Sep 22, 2010 at 12:59 AM, Toby Inkster <tai at g5n.co.uk> wrote:

>
> For those interested, my signature algorithm is essentially this:
>
> 1. Convert the RDF to a canonical N-triples representation
> <http://www.hpl.hp.com/techreports/2003/HPL-2003-142.pdf> using single
> spaces between S, P, O and the full stop, and CRLF line breaks.
>
> 2. Simply drop any "problematic triples" - i.e. those that cannot be
> canonicalised. This is a slight security hole, in that it allows for
> certain triples to be inserted into the graph without breaking the
> signature, but an attacker is very limited in scope as to what sort of
> triples those are. I do have a solution that improves this somewhat,
> but still doesn't make things perfect - I've not immplemented it yet
> though.
>
I think the n-step version of Jeremy's algorithm can canonicalize any triple
except where bnodes are in completely symmetric positions as with

_:a :knows _:b
_:b :knows _:a

In this case it is however it doesn't matter which of the two bnodes gets
which label, so the algorithm could be adapted to deterministically compute
the set of labels for the symmetric bnodes and assign them randomly to the
bnodes. The same goes for non-lean graphs, where you cannot compute
different labels as replacement for the original labels, but it just makes
no difference which one from the set of original lables gets which one from
the set of canonical labels.

A problematic case I think are circles of bnodes of different size, e.g.

_:a :knows _:b
_:b :knows _:c
_:c :knows _:a
_:d :knows _:f
_:f :knows _:d

a,b and c can arbitrarily be matched to deterministic labels out of a set of
three and s and f can arbitrarily be matched to deterministic label out of a
set of two, the two sets of deterministic labels must be kept separate.

Cheers,
reto





>
> 3. Generate an MD5 hash of the result and then sign it using RSA. This
> is equivalent to "cat input | openssl dgst -md5 /path/to/privkey.pem".
>
> 4. Encode the signature using base64.
>
> --
> Toby A Inkster
> <mailto:mail at tobyinkster.co.uk>
> <http://tobyinkster.co.uk>
>
> _______________________________________________
> foaf-protocols mailing list
> foaf-protocols at lists.foaf-project.org
> http://lists.foaf-project.org/mailman/listinfo/foaf-protocols
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.foaf-project.org/pipermail/foaf-protocols/attachments/20100923/3fe33778/attachment.htm 


More information about the foaf-protocols mailing list