Paper 2023/1063

DiStefano: Decentralized Infrastructure for Sharing Trusted Encrypted Facts and Nothing More

Sofía Celi, Brave Software
Alex Davidson, NOVA LINCS & DI, FCT, Universidade NOVA de Lisboa,
Hamed Haddadi, Brave Software, Imperial College London
Gonçalo Pestana, Hashmatter
Joe Rowell, Information Security Group, Royal Holloway, University of London
Abstract

We design DiStefano: an efficient, maliciously-secure framework for generating private commitments over TLS-encrypted web traffic, for a designated third-party. DiStefano provides many improvements over previous TLS commitment systems, including: a modular protocol specific to TLS 1.3, support for arbitrary verifiable claims over encrypted data, inherent ring privacy for client browsing history, and various optimisations to ensure fast online performance of the TLS 1.3 session. We build a permissive open-source implementation of DiStefano integrated into the BoringSSL cryptographic library (used by Chromium-based Internet browsers). We show that DiStefano is practical for committing to facts in arbitrary TLS traffic, requiring \(< 1s\) and \(\leq 5KB\) to execute the online phase in a LAN setting.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Preprint.
Keywords
TLSMPSprivacy
Contact author(s)
cherenkov @ riseup net
a davidson @ fct unl pt
hamed @ brave com
gpestana @ hashmatter com
joe rowell @ rhul ac uk
History
2024-03-21: last of 3 revisions
2023-07-07: received
See all versions
Short URL
https://ia.cr/2023/1063
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/1063,
      author = {Sofía Celi and Alex Davidson and Hamed Haddadi and Gonçalo Pestana and Joe Rowell},
      title = {{DiStefano}: Decentralized Infrastructure for Sharing Trusted Encrypted Facts and Nothing More},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1063},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1063}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.