Skip to content

Commit

Permalink
reword mpc_tls
Browse files Browse the repository at this point in the history
  • Loading branch information
@themighty1
themighty1 committed Nov 2, 2023
1 parent 6134ba0 commit 9e67ec8
Showing 1 changed file with 8 additions and 9 deletions.
17 changes: 8 additions & 9 deletions src/protocol/mpc-tls/README.md
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,14 @@
# MPC-TLS

During the MPC-TLS phase the `Prover` and the `Verifier` work together to generate an authenticated `Transcript`[^transcript] of a TLS session with a `Server`.
During the MPC-TLS phase the `Prover` and the `Verifier` run an MPC protocol enabling the `Prover` to connect to and exchange data with a TLS-enabled `Server`.

Listed below are some key points regarding this process:

- The `Verifier` only ever sees the *encrypted* application data of the TLS session.
- The protocol guarantees that the `Prover` is not solely capable of constructing requests, nor can they forge responses from the `Server`.
- When the `Verifier` is a `Notary` (see section on [Notarization](../notarization.md)), the identity of the `Server` is hidden and can be proven to another application-specific verifier later.
Listed below are some key points regarding this protocol:


- The `Verifier` only learns the *encrypted* application data of the TLS session.
- The `Prover` is not solely capable of constructing requests, nor can they forge responses from the `Server`.
- The protocol enables the `Prover` to prove the authenticity of the exchanged data to the `Verifier`.


<!-- The MPC-TLS protocol consists of the following steps:
Expand All @@ -15,7 +17,4 @@ Listed below are some key points regarding this process:
A TLS handshake is the first step in establishing a TLS connection between the `Prover`/`Verifier` and the `Server`. The result of this handshake is a *Pre Master Secret (PMS)*, a symmetrical key that will be used for further encrypted communication. The server has the full key; the `Prover` and the `Verifier` only have their share of this key.
2. **Encryption, Decryption, and MAC Computation**
Next, the `Prover` and `Verifier` use MPC to encrypt, and decrypt, data sent to, and received from, the `Server`. They also compute a *Message Authentication Code (MAC)*
for the data that ensures untampered communication. -->


[^transcript]: A transcript is the application level data that is send to and received from the `Server`
for the data that ensures untampered communication. -->

0 comments on commit 9e67ec8

Please sign in to comment.