This specification describes the Merkle Proof Signature Suite created in 2017 for the Linked Data Signatures specification.
This is an experimental specification and is undergoing regular revisions. It is not fit for production deployment.
This specification describes the Merkle Proof Signature Suite created in 2017 for the Linked Data Signatures [[LD-SIGNATURES]] specification. It uses the RDF Dataset CANONICALIZATION Algorithm [[RDF-DATASET-CANONICALIZATION]] to transform the input document into its canonical form. It uses SHA-256 [[RFC6234]] as the message digest algorithm and the RS256 algorithm defined in JSON Web Signatures [[RFC7515]] as the signature algorithm.
The following terms are used to describe concepts involved in the generation and verification of the Linked Data Signature 2017 signature suite.
The 2017 Merkle Proof signature suite MUST be used in conjunction with the signing and verification algorithms in the Linked Data Signatures [[LD-SIGNATURES]] specification. The suite consists of the following algorithms:
Parameter | Value | Specification |
---|---|---|
canonicalizationAlgorithm | https://w3id.org/security#GCA2015 | [[RDF-DATASET-CANONICALIZATION]] |
digestAlgorithm | https://registry.ietf.org/ietf-digest-algorithms#SHA256 | [[RFC6234]] |
signatureAlgorithm | https://w3c-dvcg.github.io/lds-koblitz2016/ | [[LDS-KOBLITZ2016]] |
This signature suite uses the [[LDS-KOBLITZ2016]]. The signature algorithm uses the Koblitz Elliptic Curve, also known as secp256k1, used by Bitcoin and Ethereum.
The digital signature algorithm defined in Section 7.1: Signature Algorithm takes an array of tbs, a privateKey, and options as inputs and produces a signatureValue as output.
The digital signature algorithm defined in Section 7.2: Signature Verification Algorithm takes the value to be verified, a tbv, the public key to the signature algorithm and returns a boolean value.
true
, otherwise return false
.
The following section describes security considerations that developers implementing this specification should be aware of in order to create secure software.
A simple example of an RSA 2017 signature:
"signature": { "@context": ["http://schema.org/", "https://w3id.org/security/v1"], "type": "MerkleProof2017", "targetHash": "637ec732fa4b7b56f4c15a6a12680519a17a9e9eade09f5b424a48eb0e6f5ad0", "merkleRoot": "f029b45bb1a7b1f0b970f6de35344b73cccd16177b4c037acbc2541c7fc27078", "anchors": [ { "sourceId": "d75b7a5bdb3d5244b753e6b84e987267cfa4ffa7a532a2ed49ad3848be1d82f8", "type": "BTCOpReturn" } ], "proof": [ { "right": "11174e220fe74de907d1107e2a357e41434123f2948fc6b946fbfd7e3e3eecd1" } ] }