WebTrust - A Comprehensive Authenticity and Integrity Framework for HTTP

Michael Backes, Rainer W. Gerling, Sebastian Gerling, Stefan Nürnberger, Dominique Schröder, Mark Simkin

In: ACNS. International Conference on Applied Cryptography and Network Security (ACNS-2014) June 10-13 Lausanne Switzerland Seiten 401-418 Lecture Notes in Computer Science (LNCS) 8479 Springer 2014.


HTTPS is the standard for confidential and integrity-protected communication on the Web. However, it authenticates the server, not its content. We present WebTrust, the first comprehensive authenticity and integrity framework that allows on-the-fly verification of static, dynamic, and real-time streamed Web content from untrusted servers. Our framework seamlessly integrates into HTTP and allows to validate streamed content progressively at arrival. Our performance results demonstrate both the practicality and efficiency of our approach.

nuernberger2014acns_webtrust.pdf (pdf, 3 MB )

Deutsches Forschungszentrum für Künstliche Intelligenz
German Research Center for Artificial Intelligence