DECO: Liberating Web Data Using Decentralized Oracles for TLS

• URL: http://arxiv.org/abs/1909.00938v6
• Date: Fri, 2 Aug 2024 21:05:15 GMT
• Title: DECO: Liberating Web Data Using Decentralized Oracles for TLS
• Authors: Fan Zhang, Sai Krishna Deepak Maram, Harjasleen Malvai, Steven Goldfeder, Ari Juels,
• Abstract summary: DECO allows users to prove that a piece of data accessed via TLS came from a particular website. We implement three applications that are hard to achieve without DECO.
• Score: 8.586202293273507
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Thanks to the widespread deployment of TLS, users can access private data over channels with end-to-end confidentiality and integrity. What they cannot do, however, is prove to third parties the {\em provenance} of such data, i.e., that it genuinely came from a particular website. Existing approaches either introduce undesirable trust assumptions or require server-side modifications. As a result, the value of users' private data is locked up in its point of origin. Users cannot export their data with preserved integrity to other applications without help and permission from the current data holder. We propose DECO (short for \underline{dec}entralized \underline{o}racle) to address the above problems. DECO allows users to prove that a piece of data accessed via TLS came from a particular website and optionally prove statements about such data in zero-knowledge, keeping the data itself secret. DECO is the first such system that works without trusted hardware or server-side modifications. DECO can liberate data from centralized web-service silos, making it accessible to a rich spectrum of applications. To demonstrate the power of DECO, we implement three applications that are hard to achieve without it: a private financial instrument using smart contracts, converting legacy credentials to anonymous credentials, and verifiable claims against price discrimination.

Related papers

• KnowledgeSG: Privacy-Preserving Synthetic Text Generation with Knowledge Distillation from Server [48.04903443425111]
  Large language models (LLMs) facilitate many parties to fine-tune LLMs on their own private data. Existing solutions, such as utilizing synthetic data for substitution, struggle to simultaneously improve performance and preserve privacy. We propose KnowledgeSG, a novel client-server framework which enhances synthetic data quality and improves model performance while ensuring privacy.
  arXiv  Detail & Related papers  (2024-10-08T06:42:28Z)
• On the Compliance of Self-Sovereign Identity with GDPR Principles: A Critical Review [0.0]
  Self-sovereign identity (SSI) was introduced as an IdM model to reduce the possibility of data breaches. SSI is a decentralised IdM, where the data owner has sovereign control of personal data stored in their digital wallet. This paper provides an evolution to IdMs and reviews state-of-the-art SSI frameworks.
  arXiv  Detail & Related papers  (2024-09-05T15:35:53Z)
• Practical Privacy-Preserving Identity Verification using Third-Party Cloud Services and FHE (Role of Data Encoding in Circuit Depth Management) [0.0]
  Governments seek to outsource national digital identity verification systems to third-party cloud services. This leads to increased concerns regarding the privacy of users' personal data. We propose a privacy-preserving digital identity (ID) verification protocol where the third-party cloud services process the identity data encrypted.
  arXiv  Detail & Related papers  (2024-08-15T08:12:07Z)
• Non-Fungible Programs: Private Full-Stack Applications for Web3 [0.3683202928838613]
  This paper introduces the Non-Fungible Program (NFP) model for developing self-contained applications. NFP applications are distributed blockchain, powered by Web technology, and backed by private databases in smart contracts. Access to code, as well as backend services, is controlled and guaranteed by smart contracts according to the NFT ownership model.
  arXiv  Detail & Related papers  (2024-04-24T03:46:18Z)
• Ungeneralizable Examples [70.76487163068109]
  Current approaches to creating unlearnable data involve incorporating small, specially designed noises. We extend the concept of unlearnable data to conditional data learnability and introduce textbfUntextbfGeneralizable textbfExamples (UGEs) UGEs exhibit learnability for authorized users while maintaining unlearnability for potential hackers.
  arXiv  Detail & Related papers  (2024-04-22T09:29:14Z)
• Perennial Semantic Data Terms of Use for Decentralized Web [14.831528850463373]
  We propose a novel formal description of Data Terms of Use (DToU) Users and applications specify their own parts of the DToU policy with local knowledge. This constitutes a perennial'' DToU language, where the policy authoring only occurs once.
  arXiv  Detail & Related papers  (2024-03-12T12:18:20Z)
• Privacy Amplification for the Gaussian Mechanism via Bounded Support [64.86780616066575]
  Data-dependent privacy accounting frameworks such as per-instance differential privacy (pDP) and Fisher information loss (FIL) confer fine-grained privacy guarantees for individuals in a fixed training dataset. We propose simple modifications of the Gaussian mechanism with bounded support, showing that they amplify privacy guarantees under data-dependent accounting.
  arXiv  Detail & Related papers  (2024-03-07T21:22:07Z)
• Blockchain-based Privacy-Preserving Public Key Searchable Encryption with Strong Traceability [8.866154405581012]
  We propose a blockchain-based privacy-preserving PKSE with strong traceability (BP3KSEST) scheme. Our scheme provides the following features: (1) authorized users can authenticate to trapdoor generation center and obtain trapdoors without releasing identities and keywords; (2) when data users misbehave in the system, the trusted third party (TTP) can trace both their identities and the keywords which they searched; (3) trapdoor query records are unforgeable; (4) trapdoor query records are immutable because records are stored in blockchain.
  arXiv  Detail & Related papers  (2023-12-28T10:58:14Z)
• Protecting User Privacy in Online Settings via Supervised Learning [69.38374877559423]
  We design an intelligent approach to online privacy protection that leverages supervised learning. By detecting and blocking data collection that might infringe on a user's privacy, we can restore a degree of digital privacy to the user.
  arXiv  Detail & Related papers  (2023-04-06T05:20:16Z)
• Trustworthy Transparency by Design [57.67333075002697]
  We propose a transparency framework for software design, incorporating research on user trust and experience. Our framework enables developing software that incorporates transparency in its design.
  arXiv  Detail & Related papers  (2021-03-19T12:34:01Z)
• BeeTrace: A Unified Platform for Secure Contact Tracing that Breaks Data Silos [73.84437456144994]
  Contact tracing is an important method to control the spread of an infectious disease such as COVID-19. Current solutions do not utilize the huge volume of data stored in business databases and individual digital devices. We propose BeeTrace, a unified platform that breaks data silos and deploys state-of-the-art cryptographic protocols to guarantee privacy goals.
  arXiv  Detail & Related papers  (2020-07-05T10:33:45Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.