Overview
Explore the innovative approach to transforming X.509 certificates into anonymous credentials using verifiable computation in this 20-minute IEEE conference talk. Delve into the challenges of the existing X.509 public key infrastructure and discover how recent advancements in verifiable computation can address these issues. Learn about a novel method that allows applications to receive and verify proofs of certificate knowledge, validity, and policy compliance, resulting in improved privacy, integrity, and smaller message sizes. Examine the proposed format for writing application policies using X.509 templates and the process of generating C code for certificate validation. Gain insights into the optimization techniques employed, including new C libraries for RSA-PKCS#1 signatures and ASN.1 parsing. Explore real-world applications of this approach in TLS and the Helios voting protocol, demonstrating enhanced privacy and verifiability features. Understand how this innovative method effectively transforms X.509 certificates into anonymous credentials, offering a promising solution to longstanding authentication challenges in email and web security.
Syllabus
Intro
The X.509 Public Key Infrastructure (1988)
X.509 Authentication
X.509 Problem: Privacy
Cinderella: Main Idea
Computation Outsourcing with Pinocchio
Cinderella: Soundness
Compiling Certificate Templates
Application: TLS Client (with Offline Signing)
Conclusions
Taught by
IEEE Symposium on Security and Privacy