Ticket to Hide: Private, efficient proofs of provenance for TLS traffic

Presented by Ryan Little

Abstract

When using Transport Layer Security (TLS), web users can connect to a server and be convinced that the data they receive was sent by the intended web server. However, there is no immediate way for a client to convince a third party that a piece of data came from a specific server. A recent line of work into TLS oracles addresses this problem. These works employ MPC and zero-knowledge proofs to let a client prove data provenance and additional properties of TLS-encrypted traffic to a designated verifier, without revealing the data itself. This talk will present ongoing work on a new TLS oracle protocol. Our work leverages new features of TLS 1.3 to build an optimized protocol that sidesteps much of the expensive MPC and zero-knowledge operations of prior work.