Paper 2023/1377

Janus: Fast Privacy-Preserving Data Provenance For TLS

Jan Lauinger, Technical University of Munich
Jens Ernstberger, Technical University of Munich
Andreas Finkenzeller, Technical University of Munich
Sebastian Steinhorst, Technical University of Munich
Abstract

Web users can gather data from secure endpoints and demonstrate the provenance of sensitive data to any third party by using privacy-preserving TLS oracles. In practice, privacy-preserving TLS oracles remain limited and cannot selectively verify larger sensitive data sets. In this work, we introduce a new oracle protocol, which reaches new scales in selectively verifying the provenance of confidential web data. The novelty of our work is a construction which deploys an honest verifier zero-knowledge proof system in the asymmetric privacy setting while retaining security against malicious adversaries. Concerning TLS 1.3, we optimize the garble-then-prove paradigm in a security setting with malicious adversaries. Here, we show that a specific operation mode of TLS 1.3 allows to use semi-honest secure computations without authentic garbling for the majority of computations in the garble phase. Our performance improvements reach new efficiency scales in verifying private data provenance and facilitate the practical deployment of privacy-preserving TLS oracles in web browsers.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Minor revision. PETS25
DOI
10.56553/popets-2025-0028
Keywords
TLS OracleData ProvenanceZero-knowledge ProofsSecure Two-party ComputationTransport Layer Security
Contact author(s)
jan lauinger @ tum de
jens ernstberger @ tum de
andreas finkenzeller @ tum de
sebastian steinhorst @ tum de
History
2024-12-15: last of 5 revisions
2023-09-14: received
See all versions
Short URL
https://ia.cr/2023/1377
License
Creative Commons Attribution-NonCommercial-NoDerivs
CC BY-NC-ND

BibTeX 

@misc{cryptoeprint:2023/1377,
      author = {Jan Lauinger and Jens Ernstberger and Andreas Finkenzeller and Sebastian Steinhorst},
      title = {Janus: Fast Privacy-Preserving Data Provenance For {TLS}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1377},
      year = {2023},
      doi = {10.56553/popets-2025-0028},
      url = {https://eprint.iacr.org/2023/1377}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.