TLS-N is the first TLS extension that provides non-repudiation and thereby enables parties to verify each others TLS connections and its contents.
TLS-N allows to generate a proof over the contents of a TLS session. Third parties can then verify the contents given existing TLS assumptions.
TLS-N proofs can be verified by a permissionless blockchain without additional trusted third party, thereby allowing decentralized oracles.
When a proof is generated, parts of the TLS session (e.g., passwords, cookies) can be hidden for privacy reasons, while the remaining content can be verified.
Trustworthy Web Archive
Currently users have to trust third parties, such as web caches or web archives to provide correct data. TLS-N allows the these parties the addition of non-repudiable proofs about the content they have observed and thus increases their credibility.
Decentralized Blockchain Oracle
Blockchain-based smart contracts can significantly benefit from TLS-N. If a stock market price API supports TLS-N, any user could submit verifiably valid stock price information to the blockchain. Due to the proof, peers would only need to trust the data provider, not the peer that actually inserted the data to the blockchain.
Example Data Feed
We provide an example implementation for a data feed that securely inserts BTC-USD prices into the Ethereum blockchain:
tlsnutils is a solidity library, which we developed, to parse and verify TLS-N proofs on the Ethereum blockchain, thereby simplifying adaption:
TLS-N in NSS
Mozilla's NSS is a well-known cryptographic library. We integrate TLS-N into NSS and provide client and server examples:
By deploying TLS-N on your webserver, you allow your data to be authentically used in smart contracts. This does not require any changes to your application. You only need to add TLS-N to your server configuration. You become a trusted data source and smart contracts can perform specific operations based on your data.
Please contact us if your are interested to deploy TLS-N on your website.
The complete research paper, co-authored by Hubert Ritzdorf, Karl Wüst, Arthur Gervais, Guillaume Felley and Srdjan Capkun, with all the technical details and security evaluation of TLS-N is available
Generate a Test Proof
Our website lets you generate a proof and simulates TLS-N with a website chosen by you. Just enter your URL below and choose whether the cookies and authentication tokens in the proof should be protected.
Verify a Proof
You can verify existing TLS proofs by submitting them below. We also provide some examples of proofs for a financial API access and a a financial API access with a hidden authorization token. You can observe the privacy protection. Or simply select your own proof and verify it.