Paper 2023/1377
Janus: Fast Privacy-Preserving Data Provenance For TLS 1.3
Abstract
Web users can gather data from secure endpoints and demonstrate the provenance of sensitive data to any third party by using privacy-preserving TLS oracles. In practice, privacy-preserving TLS oracles are practical in verifying private data up to 1 kB in size selectively, which limits their applicability to larger sensitive data sets. In this work, we introduce a new oracle protocol for TLS, which reaches new scales in selectively verifying the provenance of confidential web data. The novelty of our work is a construction which combines an honest verifier zero-knowledge proof system with a new secure validation phase tailored to an asymmetric privacy setting between collaborative TLS clients. Compared to previous works, our construction proves non-algebraic TLS algorithms faster while retaining equivalent security properties. Concerning TLS 1.3, we optimize end-to-end performances and show how the garble-then-prove paradigm can benefit from previously established authenticity to employ semi-honest secure computations without authentic garbling. Our performance improvements show that 8 kB of sensitive TLS data can be verified in 6.7 seconds, outperforming related works significantly. With that, we enable new boundaries to verify the provenance of confidential documents of the web.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Preprint.
- Keywords
- TLS OracleData ProvenanceZero-knowledge ProofsSecure Two-party ComputationTransport Layer Security
- Contact author(s)
-
jan lauinger @ tum de
jens ernstberger @ tum de
andreas finkenzeller @ tum de
sebastian steinhorst @ tum de - History
- 2024-03-01: last of 4 revisions
- 2023-09-14: received
- See all versions
- Short URL
- https://ia.cr/2023/1377
- License
-
CC BY-NC-ND
BibTeX
@misc{cryptoeprint:2023/1377, author = {Jan Lauinger and Jens Ernstberger and Andreas Finkenzeller and Sebastian Steinhorst}, title = {Janus: Fast Privacy-Preserving Data Provenance For {TLS} 1.3}, howpublished = {Cryptology {ePrint} Archive, Paper 2023/1377}, year = {2023}, url = {https://eprint.iacr.org/2023/1377} }