Paper 2023/1377
Janus: Fast Privacy-Preserving Data Provenance For TLS 1.3
Abstract
TLS oracles guard the transition of web data from an authenticated session between a client and a server to a data representation that any third party can verify. Current TLS oracles resolve weak security assumptions with cryptographic algorithms that provide strong security guarantees (e.g., maliciously secure two-party computation). However, we notice that the conditions and characteristics of TLS 1.3 allow for reconsidering security assumptions. Our work shows that the deployment of semi-honest two-party computation is feasible with a single exception, while retaining equivalent security properties. Further, we introduce a new parity checksum construction to decouple the integrity verification over AEAD stream ciphers into dedicated proof systems and improve end-to-end performance benchmarks. We achieve a selective and privacy-preserving data opening on 16 kB of TLS 1.3 data in 2.11 seconds and open 10x more data compared to related approaches. Thus, our work sets new boundaries for privacy-preserving TLS 1.3 data proofs.
Metadata
- Available format(s)
-
PDF
- Category
- Cryptographic protocols
- Publication info
- Preprint.
- Keywords
- TLS OraclesData ProvenanceZero-knowledge ProofsSecure Two-party ComputationTLS 1.3
- Contact author(s)
-
jan lauinger @ tum de
jens ernstberger @ tum de
andreas finkenzeller @ tum de
sebastian steinhorst @ tum de - History
- 2023-09-15: approved
- 2023-09-14: received
- See all versions
- Short URL
- https://ia.cr/2023/1377
- License
-
CC BY-NC-ND
BibTeX
@misc{cryptoeprint:2023/1377, author = {Jan Lauinger and Jens Ernstberger and Andreas Finkenzeller and Sebastian Steinhorst}, title = {Janus: Fast Privacy-Preserving Data Provenance For TLS 1.3}, howpublished = {Cryptology ePrint Archive, Paper 2023/1377}, year = {2023}, note = {\url{https://eprint.iacr.org/2023/1377}}, url = {https://eprint.iacr.org/2023/1377} }