TLS-N
| Abstract | An internet user wanting to share observed content is typically restricted to primitive techniques such as screenshots, web caches or share button-like solutions. These acclaimed proofs, however, are either trivial to falsify or require trust in centralized entities (e.g., search engine caches). This motivates the need for a seamless and standardized internet-wide non-repudiation mechanism, allowing users to share data from news sources, social websites or financial data feeds in a provably secure manner. Additionally, blockchain oracles that enable data-rich smart contracts typically rely on a trusted third party (e.g., TLSNotary or Intel SGX). A decentralized method to transfer webbased content into a permissionless blockchain without additional trusted third party would allow for smart contract applications to flourish. In this work, we present TLS-N, the first TLS extension that provides secure non-repudiation and solves both of the mentioned challenges. TLS-N generates non-interactive proofs about the content of a TLS session that can be efficiently verified by third parties and blockchain based smart contracts. As such, TLS-N increases the accountability for content provided on the web and enables a practical and decentralized blockchain oracle for web content. TLS-N is compatible with TLS 1.3 and adds a minor overhead to a typical TLS session. When a proof is generated, parts of the TLS session (e.g., passwords, cookies) can be hidden for privacy reasons, while the remaining content can be verified. |
|---|---|
| Year | 2018 |
| Link to the paper | https://www.ndss-symposium.org/wp-content/uploads/2018/02/ndss2018_09-4_Ritzdorf_paper.pdf |
| Relevance score | Relevant |
| Quality score | 3 |
| Labels | Legacy compatibleLinkage of Web2 IdsWeb2 credentialsWeb2 to Web3 data transfer |
Relevancy assessment
We checked the TLS-N paper which proposes an extension for TLS 1.3 which transfers web2 data into web3 without any trusted party. TLS-N protocol outputs a proof of authenticity of the transferred data. This proof can be verified by any verifier (including smart contracts) at any time needed. On the other hand, it requires a modification on the server side of client-server communication.
We didn’t grade this paper highly because a wide implementation of server-side modifications does not seem realistic.