Go to DBLP homepageDIDO+: Data Provenance From Restricted TLS 1.3 Websites With Selective Disclosure
Abstract: Public data can be authenticated via TLS from trustworthy websites, while private data, such as user profiles, is generally restricted. Users cannot share their username and password to access private data (e.g., addresses) from restricted sites (e.g., utility companies). DECO (CCS 2020) presents a TLS 1.2-based solution that facilitates data liberation without imposing excessive trust assumptions or requiring server-side modifications. In our previous work, DIDO (ISPEC 2023), we proposed an optimized solution for TLS 1.3 websites. We addressed several open problems, including support for X25519 key exchange, the design of round-optimal three-party key exchange, the architecture of 2 PC for TLS 1.3 key scheduling, and circuit design optimized for 2 PC. Our implementation was tested on real-world websites. In this work, DIDO+, we provide a comparison with recent concurrent efforts and offer additional details about DIDO. We also present the NIZK proofs utilized in three-party key exchange under malicious settings. Finally, we introduce a new protocol called selective disclosure, which allows for the disclosure of specific portions of plaintext to the verifier, instead of the entirety.
External IDs:dblp:journals/tdsc/ChanCYY25
Loading