In various implementations, a network device receives a packet from a content producer. The packet includes data and further includes a signature generated by the content producer, based on the data, using a private key of the content producer. The network device modifies the packet without affecting the signature and forwards the modified packet toward a user device. The network device also sends the user device a manifest specifying how the packet was modified. The user device receives the packet and manifest, restores the packet's original data based on the manifest, and verifies the original data using the signature and a public key corresponding to the private key of the content producer. In response to verification of the original data, an application on the user device is allowed to use the data.