| |
Click here for full text:
Generating Unforgeable Evidence for Secure Communications
Ji, Minwen; Rodeheffer, Tom; Aguilera, Marcos; Lillibridge, Mark
HPL-2005-71
Keyword(s): non-repudiation; evidence; secure socket layer; security protocol; digital witness
Abstract: The Internet is increasingly being used for serious transactions involving money and goods. However, there hardly exists any means for users of Internet transactions to obtain third-party verifiable evidence of the transactions in which they participate. As a solution to this problem, we propose the use of a semi-trusted third party, called a digital witness, that can provide unforgeable transaction evidence without ever seeing the transaction contents. The witness is attached to secure communication sessions in an unintrusive manner: it requires no changes to existing servers or protocols. The key idea in enabling such a witness service is a novel algorithm that splits the computation of a message authentication code (MAC) between the client and the witness. We have implemented a prototype witness, tested it with real web sites and measured its performance. The experimental results show that the overhead of a witness is comparable to that of a web proxy. Therefore, the witness design can be implemented reasonably efficiently in practice.
16 Pages
Back to Index
|
Printable version
