DECO: Liberating Web Data Using Decentralized Oracles for TLS (1909.00938v6)

Abstract: Thanks to the widespread deployment of TLS, users can access private data over channels with end-to-end confidentiality and integrity. What they cannot do, however, is prove to third parties the {\em provenance} of such data, i.e., that it genuinely came from a particular website. Existing approaches either introduce undesirable trust assumptions or require server-side modifications. As a result, the value of users' private data is locked up in its point of origin. Users cannot export their data with preserved integrity to other applications without help and permission from the current data holder. We propose DECO (short for \underline{dec}entralized \underline{o}racle) to address the above problems. DECO allows users to prove that a piece of data accessed via TLS came from a particular website and optionally prove statements about such data in zero-knowledge, keeping the data itself secret. DECO is the first such system that works without trusted hardware or server-side modifications. DECO can liberate data from centralized web-service silos, making it accessible to a rich spectrum of applications. To demonstrate the power of DECO, we implement three applications that are hard to achieve without it: a private financial instrument using smart contracts, converting legacy credentials to anonymous credentials, and verifiable claims against price discrimination.

• The paper introduces DECO, a system that uses decentralized oracles to enable cryptographic proof of TLS data provenance without requiring server modifications.
• DECO employs a novel three-party handshake and efficient selective transcript opening to ensure context integrity and strong security under the Universal Composability framework.
• The work has significant implications for privacy-preserving digital identity and confidential financial instruments, broadening secure applications in the blockchain ecosystem.

Decentralized Oracles for TLS Data Liberation

The paper presents a system named DECO that addresses the limitations of TLS in proving data provenance for users without relying on trusted hardware or server-side modifications. This research is situated at the intersection of security, privacy, and blockchain technology, providing a mechanism for users to cryptographically prove the origin of data obtained via TLS without exposing sensitive information.

Key Contributions and Mechanisms

1. Problem Identification and DECO's Approach: The paper identifies the challenge of exporting TLS-protected data with integrity while preserving privacy, due to the fact that TLS, while ensuring confidentiality and integrity, does not allow users to prove data provenance independently of the server's cooperation. DECO introduces decentralized oracles that enable users to prove statements about TLS-accessed data, using a zeroc-knowledge protocol that keeps private data confidential.
2. Technical Foundation and Innovations:
   • Three-party Handshake: DECO introduces a novel three-party handshake that secret-shares session keys between the user (prover) and the verifier, without requiring changes from the server. This ensures that the prover cannot tamper with the data without detection.
   • Efficient Selective Opening: The system allows for selective opening of session transcripts to reveal or redact specific data blocks efficiently, leveraging the CBC-HMAC structure for authenticity and privacy assurances.
   • Context Integrity through Two-stage Parsing: To prevent context-integrity attacks where data can be misrepresented, DECO uses two-stage parsing, combining local parsing by the prover and a zero-knowledge proof that ensures a substring's context is verified correctly.
3. Applications and Implications:
   • The potential applications of DECO are vast, ranging from creating confidential financial instruments on smart contracts to converting legacy credentials into anonymous credentials. For instance, in demonstrating a financial instrument application, DECO enables users to execute binary options on smart contracts without disclosing the underlying asset and target price to the oracle.
   • The paper emphasizes that DECO's ability to selectively connect users' credentials with third-party verifiers without revealing identities broadens the scope for privacy-preserving technologies in digital identity and credentials management.
4. Security Model and Performance:
   • The system is formally analyzed to be secure under the Universal Composability framework, ensuring robustness against adversarial prover or verifier. DECO's implementation performs efficiently within a WAN environment, with operations like three-party handshake and proof generation being practical, though more resource-intensive compared to TEE-based solutions like Town Crier.
5. Legal and Compliance Considerations:
   • DECO's capacity to enable data exportation with integrity proofs raises legal and compliance questions, particularly regarding website terms of service and data usage, highlighting the role of oracles in enforcing data policies.

Future Outlook

The research presented in this paper sets the stage for broad applications in privacy-preserving data sharing and secure online transactions without centralized trust dependencies. By enabling decentralized verifiability of TLS-protected data, DECO tackles essential challenges in web data utilization, bringing forward an innovative tool in the blockchain ecosystem. Future developments might explore further optimizations and extend DECO capabilities to cover newer cryptographic protocols and standards, including extensive analysis of its impact on legal frameworks and data governance.

This paper contributes to the ongoing discourse on decentralized identity solutions and privacy-enhancing technologies, suggesting pathways for both academic exploration and practical deployment in securing digital interactions across distributed platforms.