Paper 2023/964

Lightweight Authentication of Web Data via Garble-Then-Prove

Xiang Xie, PADO Labs
Kang Yang, State Key Laboratory of Cryptology
Xiao Wang, Northwestern University
Yu Yu, Shanghai Jiao Tong University

Transport Layer Security (TLS) establishes an authenticated and confidential channel to deliver data for almost all Internet applications. A recent work (Zhang et al., CCS'20) proposed a protocol to prove the TLS payload to a third party, without any modification of TLS servers, while ensuring the privacy and originality of the data in the presence of malicious adversaries. However, it required maliciously secure Two-Party Computation (2PC) for generic circuits, leading to significant computational and communication overhead. This paper proposes the garble-then-prove technique to achieve the same security requirement without using any heavy mechanism like generic malicious 2PC. Our end-to-end implementation shows 14$\times$ improvement in communication and an order of magnitude improvement in computation over the state-of-the-art protocol. We also show worldwide performance when using our protocol to authenticate payload data from Coinbase and Twitter APIs. Finally, we propose an efficient gadget to privately convert the above authenticated TLS payload to additively homomorphic commitments so that the properties of the payload can be proven efficiently using zkSNARKs.

Available format(s)
Cryptographic protocols
Publication info
Interactive Zero-Knowledge ProofsGarbled CircuitsTLS
Contact author(s)
xiexiangiscas @ gmail com
yangk @ sklc org
wangxiao @ northwestern edu
yuyu @ cs sjtu edu cn
2023-11-02: last of 2 revisions
2023-06-20: received
See all versions
Short URL
Creative Commons Attribution


      author = {Xiang Xie and Kang Yang and Xiao Wang and Yu Yu},
      title = {Lightweight Authentication of Web Data via Garble-Then-Prove},
      howpublished = {Cryptology ePrint Archive, Paper 2023/964},
      year = {2023},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.