Cinderella - Turning Shabby X.509 Certificates into Elegant Anonymous Credentials with the Magic of Verifiable Computation
Offered By: IEEE via YouTube
Course Description
Overview
Explore the innovative approach to transforming X.509 certificates into anonymous credentials using verifiable computation in this 20-minute IEEE conference talk. Delve into the challenges of the existing X.509 public key infrastructure and discover how recent advancements in verifiable computation can address these issues. Learn about a novel method that allows applications to receive and verify proofs of certificate knowledge, validity, and policy compliance, resulting in improved privacy, integrity, and smaller message sizes. Examine the proposed format for writing application policies using X.509 templates and the process of generating C code for certificate validation. Gain insights into the optimization techniques employed, including new C libraries for RSA-PKCS#1 signatures and ASN.1 parsing. Explore real-world applications of this approach in TLS and the Helios voting protocol, demonstrating enhanced privacy and verifiability features. Understand how this innovative method effectively transforms X.509 certificates into anonymous credentials, offering a promising solution to longstanding authentication challenges in email and web security.
Syllabus
Intro
The X.509 Public Key Infrastructure (1988)
X.509 Authentication
X.509 Problem: Privacy
Cinderella: Main Idea
Computation Outsourcing with Pinocchio
Cinderella: Soundness
Compiling Certificate Templates
Application: TLS Client (with Offline Signing)
Conclusions
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
Microsoft Azure IoT Developer: Implement Device Security Using DPSPluralsight Securing Data with Asymmetric Cryptography
Pluralsight Deep Dive into AWS IoT Authentication and Authorization (Japanese)
Amazon Web Services via AWS Skill Builder Deep Dive into AWS IoT Authentication and Authorization (Indonesian)
Amazon Web Services via AWS Skill Builder Deep Dive into AWS IoT Authentication and Authorization (Traditional Chinese)
Amazon Web Services via AWS Skill Builder