Janus: Fast Privacy-Preserving Data Provenance For TLS 1.3
A new oracle protocol for TLS 1.3 is introduced, which reaches new scales in selectively verifying the provenance of confidential data and enables new boundaries to verify the web provenanceof confidential documents.
Abstract
Web users can gather data from secure endpoints and demonstrate the provenance of sensitive data to any third party by using privacy-preserving TLS oracles. In practice, privacy-preserving TLS oracles remain limited and cannot verify larger, sensitive data sets. In this work, we introduce new optimizations for TLS oracles, which enhance the efficiency of selectively verifying the provenance of confidential web data. The novelty of our work is a construction which secures an honest verifier zero-knowledge proof system in the asymmetric privacy setting while retaining security against malicious adversaries. Concerning TLS 1.3 in the one round-trip time (1-RTT) mode, we propose a new, optimized garble-then-prove paradigm in a security setting with malicious adversaries. Our improvements reach new performance benchmarks and facilitate a practical deployment of privacy-preserving TLS oracles in web browsers.