The Internet is increasingly being used for serious transactions involving money and goods. However, there hardly exists any means for users of Internet transactions to obtain third-party verifiable evidence of the transactions in which they participate. As a solution to this problem, we propose the use of a semi-trusted third party, called a digital witness, that can provide unforgeable transaction evidence without ever seeing the transaction contents. The witness is attached to secure communication sessions in an unintrusive manner: it requires no changes to existing servers or protocols. The key idea in enabling such a witness service is a novel algorithm that splits the computation of a message authentication code (MAC) between the client and the witness. We have implemented a prototype witness, tested it with real web sites and measured its performance. The experimental results show that the overhead of a witness is comparable to that of a web proxy. Therefore, the witness design can be implemented reasonably efficiently in practice.

Publisher  Hewlett-Packard Laboratories

Details

TypeManual
URLhttp://www.hpl.hp.com/techreports/2005/HPL-2005-71.html
NumberHPL-2005-71
InstitutionHewlett-Packard Laboratories
AddressPalo Alto, CA
> Publications > Generating unforgeable evidence for secure communications