The article, authored by Siam Hussain with contributions from others, delves into how DECO, a cryptographic protocol, enables a prover to convincingly demonstrate to a verifier that a TLS response originated from a specific server. DECO includes three parties: the prover, verifier, and a TLS server, with the verifier acting as a proxy to verify data authenticity while maintaining the integrity of the TLS protocol. The process involves the generation of a TLS session key, protecting the session from eavesdroppers, with a focus on ensuring that the session key is accurately bound to the session via zero-knowledge proofs (ZKP). The explanation covers the generation of shared secrets and subsequent key derivations, emphasizing optimizations that reduce computational overhead, particularly in avoiding public-key operations within the ZKP protocol. The text highlights the use of hash functions for collision resistance and describes the decryption process of TLS responses through ZKP, noting the memory efficiency achieved in computing commitments. This post is part of a series discussing DECO, with further posts exploring additional aspects such as response parsing and concealing secret lengths.