{"id":"https://openalex.org/W4416549318","doi":"https://doi.org/10.1145/3719027.3765172","title":"Security Analysis of Privately Verifiable Privacy Pass","display_name":"Security Analysis of Privately Verifiable Privacy Pass","publication_year":2025,"publication_date":"2025-11-19","ids":{"openalex":"https://openalex.org/W4416549318","doi":"https://doi.org/10.1145/3719027.3765172"},"language":null,"primary_location":{"id":"doi:10.1145/3719027.3765172","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3765172","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3719027.3765172","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3719027.3765172","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5080415881","display_name":"Konrad Hanff","orcid":"https://orcid.org/0009-0001-3635-4658"},"institutions":[{"id":"https://openalex.org/I143288331","display_name":"Hasso Plattner Institute","ror":"https://ror.org/058rn5r42","country_code":"DE","type":"facility","lineage":["https://openalex.org/I143288331","https://openalex.org/I176453806"]},{"id":"https://openalex.org/I176453806","display_name":"University of Potsdam","ror":"https://ror.org/03bnmw459","country_code":"DE","type":"education","lineage":["https://openalex.org/I176453806"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Konrad Hanff","raw_affiliation_strings":["Hasso Plattner Institute, University of Potsdam, Potsdam, Germany"],"raw_orcid":"https://orcid.org/0009-0001-3635-4658","affiliations":[{"raw_affiliation_string":"Hasso Plattner Institute, University of Potsdam, Potsdam, Germany","institution_ids":["https://openalex.org/I143288331","https://openalex.org/I176453806"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5044041318","display_name":"Anja Lehmann","orcid":"https://orcid.org/0000-0002-2872-7899"},"institutions":[{"id":"https://openalex.org/I143288331","display_name":"Hasso Plattner Institute","ror":"https://ror.org/058rn5r42","country_code":"DE","type":"facility","lineage":["https://openalex.org/I143288331","https://openalex.org/I176453806"]},{"id":"https://openalex.org/I176453806","display_name":"University of Potsdam","ror":"https://ror.org/03bnmw459","country_code":"DE","type":"education","lineage":["https://openalex.org/I176453806"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Anja Lehmann","raw_affiliation_strings":["Hasso Plattner Institute, University of Potsdam, Potsdam, Germany"],"raw_orcid":"https://orcid.org/0000-0002-2872-7899","affiliations":[{"raw_affiliation_string":"Hasso Plattner Institute, University of Potsdam, Potsdam, Germany","institution_ids":["https://openalex.org/I143288331","https://openalex.org/I176453806"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5063684195","display_name":"Cavit \u00d6zbay","orcid":"https://orcid.org/0000-0001-5000-7655"},"institutions":[{"id":"https://openalex.org/I143288331","display_name":"Hasso Plattner Institute","ror":"https://ror.org/058rn5r42","country_code":"DE","type":"facility","lineage":["https://openalex.org/I143288331","https://openalex.org/I176453806"]},{"id":"https://openalex.org/I176453806","display_name":"University of Potsdam","ror":"https://ror.org/03bnmw459","country_code":"DE","type":"education","lineage":["https://openalex.org/I176453806"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Cavit \u00d6zbay","raw_affiliation_strings":["Hasso Plattner Institute, University of Potsdam, Potsdam, Germany"],"raw_orcid":"https://orcid.org/0000-0001-5000-7655","affiliations":[{"raw_affiliation_string":"Hasso Plattner Institute, University of Potsdam, Potsdam, Germany","institution_ids":["https://openalex.org/I143288331","https://openalex.org/I176453806"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.36484323,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"2922","last_page":"2936"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.6629999876022339,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.6629999876022339,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.20149999856948853,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.033399999141693115,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/verifiable-secret-sharing","display_name":"Verifiable secret sharing","score":0.8027999997138977},{"id":"https://openalex.org/keywords/issuer","display_name":"Issuer","score":0.626800000667572},{"id":"https://openalex.org/keywords/security-analysis","display_name":"Security analysis","score":0.6207000017166138},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.5748000144958496},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.5600000023841858},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.48510000109672546},{"id":"https://openalex.org/keywords/anonymity","display_name":"Anonymity","score":0.436599999666214},{"id":"https://openalex.org/keywords/cryptographic-protocol","display_name":"Cryptographic protocol","score":0.40860000252723694},{"id":"https://openalex.org/keywords/task","display_name":"Task (project management)","score":0.349700003862381}],"concepts":[{"id":"https://openalex.org/C85847156","wikidata":"https://www.wikidata.org/wiki/Q59015987","display_name":"Verifiable secret sharing","level":3,"score":0.8027999997138977},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7698000073432922},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7304999828338623},{"id":"https://openalex.org/C138170105","wikidata":"https://www.wikidata.org/wiki/Q1337949","display_name":"Issuer","level":2,"score":0.626800000667572},{"id":"https://openalex.org/C38369872","wikidata":"https://www.wikidata.org/wiki/Q7445009","display_name":"Security analysis","level":2,"score":0.6207000017166138},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.5748000144958496},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.5600000023841858},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.5468999743461609},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.48510000109672546},{"id":"https://openalex.org/C178005623","wikidata":"https://www.wikidata.org/wiki/Q308859","display_name":"Anonymity","level":2,"score":0.436599999666214},{"id":"https://openalex.org/C33884865","wikidata":"https://www.wikidata.org/wiki/Q1254335","display_name":"Cryptographic protocol","level":3,"score":0.40860000252723694},{"id":"https://openalex.org/C2780451532","wikidata":"https://www.wikidata.org/wiki/Q759676","display_name":"Task (project management)","level":2,"score":0.349700003862381},{"id":"https://openalex.org/C123201435","wikidata":"https://www.wikidata.org/wiki/Q456632","display_name":"Information privacy","level":2,"score":0.3465000092983246},{"id":"https://openalex.org/C133112747","wikidata":"https://www.wikidata.org/wiki/Q7251931","display_name":"Protocol analysis","level":2,"score":0.3384000062942505},{"id":"https://openalex.org/C18899389","wikidata":"https://www.wikidata.org/wiki/Q2736593","display_name":"Blind signature","level":4,"score":0.33059999346733093},{"id":"https://openalex.org/C509729295","wikidata":"https://www.wikidata.org/wiki/Q7246032","display_name":"Privacy software","level":3,"score":0.3199999928474426},{"id":"https://openalex.org/C21564112","wikidata":"https://www.wikidata.org/wiki/Q4825885","display_name":"Authentication protocol","level":3,"score":0.3050000071525574},{"id":"https://openalex.org/C145097563","wikidata":"https://www.wikidata.org/wiki/Q1148747","display_name":"Payment","level":2,"score":0.3010999858379364},{"id":"https://openalex.org/C22111027","wikidata":"https://www.wikidata.org/wiki/Q1070427","display_name":"Internet security","level":4,"score":0.29809999465942383},{"id":"https://openalex.org/C2985371682","wikidata":"https://www.wikidata.org/wiki/Q11135","display_name":"Ip address","level":2,"score":0.2759999930858612},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.27480000257492065},{"id":"https://openalex.org/C139089976","wikidata":"https://www.wikidata.org/wiki/Q2142273","display_name":"Trusted third party","level":2,"score":0.2728999853134155},{"id":"https://openalex.org/C3017597292","wikidata":"https://www.wikidata.org/wiki/Q25052250","display_name":"Privacy protection","level":2,"score":0.26820001006126404},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.2614000141620636},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.26100000739097595}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3719027.3765172","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3765172","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3719027.3765172","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3719027.3765172","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3765172","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3719027.3765172","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320321114","display_name":"Bundesministerium f\u00fcr Bildung und Forschung","ror":"https://ror.org/04pz7b180"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4416549318.pdf","grobid_xml":"https://content.openalex.org/works/W4416549318.grobid-xml"},"referenced_works_count":14,"referenced_works":["https://openalex.org/W27238938","https://openalex.org/W2800652629","https://openalex.org/W2940623000","https://openalex.org/W2963120176","https://openalex.org/W3186747044","https://openalex.org/W4385066698","https://openalex.org/W4385654286","https://openalex.org/W4388857853","https://openalex.org/W4399599140","https://openalex.org/W4399611655","https://openalex.org/W4399611673","https://openalex.org/W4404213257","https://openalex.org/W4405182942","https://openalex.org/W4409854835"],"related_works":[],"abstract_inverted_index":{"Privacy":[0,111],"Pass":[1,112],"is":[2],"an":[3,67],"anonymous":[4,33],"authentication":[5,30],"protocol":[6,44,55],"which":[7,64],"was":[8],"initially":[9],"designed":[10],"by":[11,104],"Davidson":[12,75],"et":[13,76],"al.":[14,77],"(PETS'18)":[15],"to":[16,66,89],"reduce":[17],"the":[18,43,80,83,93,106],"number":[19],"of":[20,42],"CAPTCHAs":[21],"that":[22],"TOR":[23],"users":[24],"must":[25],"solve.":[26],"It":[27],"issues":[28],"single-use":[29],"tokens":[31,50],"with":[32],"and":[34,40,49,62],"unlinkable":[35],"redemption":[36],"guarantees.":[37],"The":[38,54],"issuer":[39],"verifier":[41],"share":[45],"a":[46],"symmetric":[47],"key,":[48],"are":[51],"privately":[52,109],"verifiable.":[53],"has":[56],"sparked":[57],"interest":[58],"from":[59],"both":[60],"academia":[61],"industry,":[63],"led":[65],"Internet":[68],"Engineering":[69],"Task":[70],"Force":[71],"(IETF)":[72],"standard.":[73],"While":[74],"formally":[78],"analyzed":[79],"original":[81],"protocol,":[82],"IETF":[84,107],"standard":[85],"introduces":[86],"several":[87],"changes":[88],"their":[90],"protocol.":[91,113],"Thus,":[92],"standardized":[94],"version's":[95],"formal":[96],"security":[97],"remains":[98],"unexamined.":[99],"We":[100],"fill":[101],"this":[102],"gap":[103],"analyzing":[105],"standard's":[108],"verifiable":[110]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-11-23T00:00:00"}