Paper 2023/1056

DIDO: Data Provenance from Restricted TLS 1.3 Websites

Kwan Yin Chan, The University of Hong Kong
Handong Cui, The University of Hong Kong
Tsz Hon Yuen, The University of Hong Kong
Abstract

Public data can be authenticated by obtaining from a trustworthy website with TLS. Private data, such as user profile, are usually restricted from public access. If a user wants to authenticate his private data (e.g., address) provided by a restricted website (e.g., user profile page of a utility company website) to a verifier, he cannot simply give his username and password to the verifier. DECO (CCS 2020) provides a solution for liberating these data without introducing undesirable trust assumption, nor requiring server-side modification. Their implementation is mainly based on TLS 1.2. In this paper, we propose an optimized solution for TLS 1.3 websites. We tackle a number of open problems, including the support of X25519 key exchange in TLS 1.3, the design of round-optimal three-party key exchange, the architecture of two-party computation of TLS 1.3 key scheduling, and circuit design optimized for two-party computation. We test our implementation with real world website and show that our optimization is necessary to avoid timeout in TLS handshake.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. ISPEC 2023: The 18th International Conference on Information Security Practice and Experience
Keywords
TLS1.3two-party computationdecentralized identification oracle
Contact author(s)
kychan @ cs hku hk
hdcui @ cs hku hk
thyuen @ cs hku hk
History
2023-07-11: approved
2023-07-06: received
See all versions
Short URL
https://ia.cr/2023/1056
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/1056,
      author = {Kwan Yin Chan and Handong Cui and Tsz Hon Yuen},
      title = {{DIDO}: Data Provenance from Restricted {TLS} 1.3 Websites},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1056},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1056}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.