Blind Certificate Authorities

@article{Wang2019BlindCA,
  title={Blind Certificate Authorities},
  author={Liang Wang and Gilad Asharov and Rafael Pass and Thomas Ristenpart and Abhi Shelat},
  journal={2019 IEEE Symposium on Security and Privacy (SP)},
  year={2019},
  pages={1015-1032}
}
We explore how to build a blind certificate authority (CA. [] Key Method To do so, we first introduce secure channel injection (SCI) protocols. These allow one party (in our setting, the blind CA) to insert a private message into another party's encrypted communications. We construct an efficient SCI protocol for communications delivered over TLS, and use it to realize anonymous proofs of account ownership for SMTP servers.

Figures and Tables from this paper

Zero-Knowledge Middleboxes
TLDR
It is shown how to make ZKMBs work with unmodified encrypted-communication protocols (speci fically TLS 1.3), making ZK MBs invisible to servers, and designed optimized zero-knowledge proofs for TLS1.3 session keys are designed.
N-for-1 Auth: N-wise Decentralized Authentication via One Authentication
TLDR
N-for-1-Auth is presented, a system that preserves dis- tributed trust by enabling a user to authenticate to servers independently, with the work of only one authenti- cation, thereby offering the same user experience as in a typical centralized system.
Finding Safety in Numbers with Secure Allegation Escrows
TLDR
This paper describes how SAEs can be constructed using a novel authentication protocol and a novel allegation matching and bucketing algorithm, provides formal proofs of the security of the constructions, and evaluates a prototype implementation, demonstrating feasibility in practice.
QuickSilver: Efficient and Affordable Zero-Knowledge Proofs for Circuits and Polynomials over Any Field
TLDR
This paper proposes several new constant-round ZK protocols in this setting, which improve the concrete efficiency and, at the same time, enable sublinear amortized communication for circuits with some notion of relaxed uniformity.
Wolverine: Fast, Scalable, and Communication-Efficient Zero-Knowledge Proofs for Boolean and Arithmetic Circuits
TLDR
A new protocol for constant-round interactive ZK proofs that simultaneously allows for a highly efficient prover and low communication and an improved subfield Vector Oblivious Linear Evaluation (sVOLE) protocol with malicious security that is of independent interest is presented.
PriParkRec: Privacy-Preserving Decentralized Parking Recommendation Service
TLDR
An efficient and privacy-preserving parking-space recommendation service platform named as PriParkRec, along with the proof-of-concept solution to protect the requester's privacy in inline-formula, to revolutionize the existing car-parking service system coming with the private blockchain and industrial internet of things (IIoTs) technologies.
DECO: Liberating Web Data Using Decentralized Oracles for TLS
TLDR
DECO allows users to prove that a piece of data accessed via TLS came from a particular website and optionally prove statements about such data in zero-knowledge, keeping the data itself secret.
C R ] 3 S ep 2 01 9 DECO : Liberating Web Data Using Dec entralized O racles for TLS
TLDR
DECO allows users to prove that a piece of data accessed via TLS came from a particular website and optionally prove statements about such data in zero-knowledge, keeping the data itself secret.
SATE: Robust and Private Allegation Escrows
TLDR
This paper describes how SATEs can be constructed using a novel anonymous authentication protocol and an allegation thresholding and matching algorithm, and gives formal proofs of the security, and evaluates a prototype implementation, demonstrating feasibility in practice.

References

SHOWING 1-10 OF 51 REFERENCES
How to Leak a Secret
TLDR
A new construction of ring signatures is proposed, which is unconditionally signer-ambiguous, provably secure in the random oracle model, and exceptionally efficient: adding each ring member increases the cost of signing or verifying by a single modular multiplication and a single symmetric encryption.
Randomizable Proofs and Delegatable Anonymous Credentials
TLDR
The notion of randomizable non-interactive zero-knowledge proofs is formally defined, and the first instance of controlled rerandomization of non-interspecies zero- knowledge proofs by a third-party is given.
A First Approach to Provide Anonymity in Attribute Certificates
TLDR
This work proposes a solution to enhance the X.509 attribute certifi- cate in such a way that it becomes a conditionally anonymous attribute certificate and presents a protocol to obtain such certificates in a manner that respects users' anonymity by using a fair blind signature scheme.
Signature Schemes and Anonymous Credentials from Bilinear Maps
TLDR
This work proposes a new and efficient signature scheme that is provably secure in the plain model and provides efficient protocols that allow one to prove in zero-knowledge the knowledge of a signature on a committed (or encrypted) message and to obtain a signatureon a committed message.
An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation
TLDR
This paper proposes a practical anonymous credential system that is based on the strong RSA assumption and the decisional Diffie-Hellman assumption modulo a safe prime product and is considerably superior to existing ones.
Message Franking via Committing Authenticated Encryption
TLDR
It is proved that many in-use AEAD schemes can be used for message franking by using secret keys as openings, one of the first proofs that several in- use symmetric encryption schemes are committing in the traditional sense.
TASTY: tool for automating secure two-party computations
TLDR
TASTY is a new compiler that can generate protocols based on homomorphic encryption and efficient garbled circuits as well as combinations of both, which often yields the most efficient protocols available today.
A fully homomorphic encryption scheme
TLDR
This work designs a somewhat homomorphic "boostrappable" encryption scheme that works when the function f is the scheme's own decryption function, and shows how, through recursive self-embedding, bootstrappable encryption gives fully homomorphic encryption.
Authenticated Garbling and Efficient Maliciously Secure Two-Party Computation
TLDR
The work shows that the performance penalty for maliciously secure two-party computation (as compared to semi-honest security) is much smaller than previously believed.
Oblivious Polynomial Evaluation and Secure Set-Intersection from Algebraic PRFs
  • Carmit Hazay
  • Computer Science, Mathematics
    Journal of Cryptology
  • 2017
TLDR
This paper studies the two fundamental functionalities oblivious polynomial evaluation in the exponent and set-intersection and introduces a new technique for designing efficient secure protocols for these problems (and others) and demonstrates the usefulness of algebraic PRFs for various search functionalities.
...
...