TY - GEN
T1 - Blind certificate authorities
AU - Wang, Liang
AU - Asharov, Gilad
AU - Pass, Rafael
AU - Ristenpart, Thomas
AU - Shelat, Abhi
N1 - Publisher Copyright:
© 2019 IEEE.
PY - 2019/5
Y1 - 2019/5
N2 - We explore how to build a blind certificate authority (CA). Unlike conventional CAs, which learn the exact identity of those registering a public key, a blind CA can simultaneously validate an identity and provide a certificate binding a public key to it, without ever learning the identity. Blind CAs would therefore allow bootstrapping truly anonymous systems in which no party ever learns who participates. In this work we focus on constructing blind CAs that can bind an email address to a public key. To do so, we first introduce secure channel injection (SCI) protocols. These allow one party (in our setting, the blind CA) to insert a private message into another party's encrypted communications. We construct an efficient SCI protocol for communications delivered over TLS, and use it to realize anonymous proofs of account ownership for SMTP servers. Combined with a zero-knowledge certificate signing protocol, we build the first blind CA that allows Alice to obtain a X.509 certificate binding her email address [email protected] to a public key of her choosing without ever revealing ''alice'' to the CA. We show experimentally that our system works with standard email server implementations as well as Gmail.
AB - We explore how to build a blind certificate authority (CA). Unlike conventional CAs, which learn the exact identity of those registering a public key, a blind CA can simultaneously validate an identity and provide a certificate binding a public key to it, without ever learning the identity. Blind CAs would therefore allow bootstrapping truly anonymous systems in which no party ever learns who participates. In this work we focus on constructing blind CAs that can bind an email address to a public key. To do so, we first introduce secure channel injection (SCI) protocols. These allow one party (in our setting, the blind CA) to insert a private message into another party's encrypted communications. We construct an efficient SCI protocol for communications delivered over TLS, and use it to realize anonymous proofs of account ownership for SMTP servers. Combined with a zero-knowledge certificate signing protocol, we build the first blind CA that allows Alice to obtain a X.509 certificate binding her email address [email protected] to a public key of her choosing without ever revealing ''alice'' to the CA. We show experimentally that our system works with standard email server implementations as well as Gmail.
KW - Anonymity
KW - MPC
KW - Privacy
KW - Secure-Multiparty-Computation
KW - TLS
KW - Zero-knowledge-Proof
UR - http://www.scopus.com/inward/record.url?scp=85068989167&partnerID=8YFLogxK
U2 - 10.1109/SP.2019.00007
DO - 10.1109/SP.2019.00007
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:85068989167
T3 - Proceedings - IEEE Symposium on Security and Privacy
SP - 1015
EP - 1032
BT - Proceedings - 2019 IEEE Symposium on Security and Privacy, SP 2019
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 40th IEEE Symposium on Security and Privacy, SP 2019
Y2 - 19 May 2019 through 23 May 2019
ER -