Paper 2023/1377

Janus: Fast Privacy-Preserving Data Provenance For TLS 1.3

Jan Lauinger, Technical University of Munich
Jens Ernstberger, Technical University of Munich
Andreas Finkenzeller, Technical University of Munich
Sebastian Steinhorst, Technical University of Munich

Web users can gather data from secure endpoints and demonstrate the provenance of sensitive data to any third party by using privacy-preserving TLS oracles. In practice, privacy-preserving TLS oracles are practical in verifying private data up to 1 kB in size selectively, which limits their applicability to larger sensitive data sets. In this work, we introduce a new oracle protocol for TLS, which reaches new scales in selectively verifying the provenance of confidential web data. The novelty of our work is a construction which combines an honest verifier zero-knowledge proof system with a new secure validation phase tailored to an asymmetric privacy setting between collaborative TLS clients. Compared to previous works, our construction proves non-algebraic TLS algorithms faster while retaining equivalent security properties. Concerning TLS 1.3, we optimize end-to-end performances and show how the garble-then-prove paradigm can benefit from previously established authenticity to employ semi-honest secure computations without authentic garbling. Our performance improvements show that 8 kB of sensitive TLS data can be verified in 6.7 seconds, outperforming related works significantly. With that, we enable new boundaries to verify the provenance of confidential documents of the web.

Available format(s)
Cryptographic protocols
Publication info
TLS OracleData ProvenanceZero-knowledge ProofsSecure Two-party ComputationTransport Layer Security
Contact author(s)
jan lauinger @ tum de
jens ernstberger @ tum de
andreas finkenzeller @ tum de
sebastian steinhorst @ tum de
2024-03-01: last of 4 revisions
2023-09-14: received
See all versions
Short URL
Creative Commons Attribution-NonCommercial-NoDerivs


      author = {Jan Lauinger and Jens Ernstberger and Andreas Finkenzeller and Sebastian Steinhorst},
      title = {Janus: Fast Privacy-Preserving Data Provenance For TLS 1.3},
      howpublished = {Cryptology ePrint Archive, Paper 2023/1377},
      year = {2023},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.