Paper 2023/1377

Janus: Fast Privacy-Preserving Data Provenance For TLS 1.3

Jan Lauinger, Technical University of Munich
Jens Ernstberger, Technical University of Munich
Andreas Finkenzeller, Technical University of Munich
Sebastian Steinhorst, Technical University of Munich

TLS oracles guard the transition of web data from an authenticated session between a client and a server to a data representation that any third party can verify. Current TLS oracles resolve weak security assumptions with cryptographic algorithms that provide strong security guarantees (e.g., maliciously secure two-party computation). However, we notice that the conditions and characteristics of TLS 1.3 allow for reconsidering security assumptions. Our work shows that the deployment of semi-honest two-party computation is feasible with a single exception, while retaining equivalent security properties. Further, we introduce a new parity checksum construction to decouple the integrity verification over AEAD stream ciphers into dedicated proof systems and improve end-to-end performance benchmarks. We achieve a selective and privacy-preserving data opening on 16 kB of TLS 1.3 data in 2.11 seconds and open 10x more data compared to related approaches. Thus, our work sets new boundaries for privacy-preserving TLS 1.3 data proofs.

Available format(s)
Cryptographic protocols
Publication info
TLS OraclesData ProvenanceZero-knowledge ProofsSecure Two-party ComputationTLS 1.3
Contact author(s)
jan lauinger @ tum de
jens ernstberger @ tum de
andreas finkenzeller @ tum de
sebastian steinhorst @ tum de
2023-09-15: approved
2023-09-14: received
See all versions
Short URL
Creative Commons Attribution-NonCommercial-NoDerivs


      author = {Jan Lauinger and Jens Ernstberger and Andreas Finkenzeller and Sebastian Steinhorst},
      title = {Janus: Fast Privacy-Preserving Data Provenance For TLS 1.3},
      howpublished = {Cryptology ePrint Archive, Paper 2023/1377},
      year = {2023},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.