YouServ: a web-hosting and content sharing tool for the masses
Proceedings of the 11th international conference on World Wide Web
Undeniable Replies for Database Queries
Proceedings of the Baltic Conference, BalticDB&IS 2002 - Volume 2
Democratizing content publication with coral
NSDI'04 Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1
HTTP as the narrow waist of the future internet
Hotnets-IX Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks
Ensuring content integrity for untrusted peer-to-peer content distribution networks
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
Practical end-to-end web content integrity
Proceedings of the 21st international conference on World Wide Web
Validating web content with senser
Proceedings of the 29th Annual Computer Security Applications Conference
| Hi-index | 0.00 |
We propose extensions to existing web protocols that allow proofs of authenticity of HTTP server responses, whether or not the HTTP server is under the control of the publisher. These extensions protect users from content that may be substituted by malicious servers, and therefore have immediate applications in improving the security of web caching, mirroring, and relaying systems that rely on untrusted machines [2,4]. Our proposal relies on Merkle trees to support 200 and 404 response authentication while requiring only a single cryptographic hash of trusted data per repository. While existing web protocols such as HTTPS can provide authenticity guarantees (in addition to confidentiality), HTTPS consumes significantly more computational resources, and requires that the hosting server act without malice in generating responses and in protecting the publisher's private key.