Share on Facebook Tweet on Twitter Share on LinkedIn Share by email


The Internet is increasingly being used for serious transactions involving money and goods. However, there hardly exists any means for users of Internet transactions to obtain third-party verifiable evidence of the transactions in which they participate. As a solution to this problem, we propose the use of a semi-trusted third party, called a digital witness, that can provide unforgeable transaction evidence without ever seeing the transaction contents. The witness is attached to secure communication sessions in an unintrusive manner: it requires no changes to existing servers or protocols. The key idea in enabling such a witness service is a novel algorithm that splits the computation of a message authentication code (MAC) between the client and the witness. We have implemented a prototype witness, tested it with real web sites and measured its performance. The experimental results show that the overhead of a witness is comparable to that of a web proxy. Therefore, the witness design can be implemented reasonably efficiently in practice.


Publication typeManual
InstitutionHewlett-Packard Laboratories
AddressPalo Alto, CA
PublisherHewlett-Packard Laboratories
> Publications > Generating unforgeable evidence for secure communications