DECO: Liberating Web Data Using Decentralized Oracles for TLS
Fan Zhang, Sai Krishna Deepak Maram, Harjasleen Malvai, Steven, Goldfeder, Ari Juels
TL;DR
DECO enables users to cryptographically prove the origin and certain properties of data accessed via TLS without trusting third parties or modifying servers, thus unlocking private web data for diverse applications.
Contribution
DECO introduces a decentralized oracle system that verifies data provenance and supports zero-knowledge proofs without hardware trust or server modifications.
Findings
First system to verify data provenance from TLS without trusted hardware.
Enables privacy-preserving applications like anonymous credentials and verifiable claims.
Demonstrated three practical applications leveraging DECO's capabilities.
Abstract
Thanks to the widespread deployment of TLS, users can access private data over channels with end-to-end confidentiality and integrity. What they cannot do, however, is prove to third parties the {\em provenance} of such data, i.e., that it genuinely came from a particular website. Existing approaches either introduce undesirable trust assumptions or require server-side modifications. As a result, the value of users' private data is locked up in its point of origin. Users cannot export their data with preserved integrity to other applications without help and permission from the current data holder. We propose DECO (short for \underline{dec}entralized \underline{o}racle) to address the above problems. DECO allows users to prove that a piece of data accessed via TLS came from a particular website and optionally prove statements about such data in zero-knowledge, keeping the data…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.