{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,24]],"date-time":"2026-01-24T06:46:53Z","timestamp":1769237213307,"version":"3.49.0"},"publisher-location":"Cham","reference-count":45,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031229688","type":"print"},{"value":"9783031229695","type":"electronic"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-22969-5_19","type":"book-chapter","created":{"date-parts":[[2023,1,24]],"date-time":"2023-01-24T11:48:42Z","timestamp":1674560922000},"page":"547-580","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":5,"title":["Rotatable Zero Knowledge Sets"],"prefix":"10.1007","author":[{"given":"Brian","family":"Chen","sequence":"first","affiliation":[]},{"given":"Yevgeniy","family":"Dodis","sequence":"additional","affiliation":[]},{"given":"Esha","family":"Ghosh","sequence":"additional","affiliation":[]},{"given":"Eli","family":"Goldin","sequence":"additional","affiliation":[]},{"given":"Balachandar","family":"Kesavan","sequence":"additional","affiliation":[]},{"given":"Antonio","family":"Marcedone","sequence":"additional","affiliation":[]},{"given":"Merry Ember","family":"Mou","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,1,25]]},"reference":[{"key":"19_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"649","DOI":"10.1007\/978-3-642-22792-9_37","volume-title":"Advances in Cryptology \u2013 CRYPTO 2011","author":"M Abe","year":"2011","unstructured":"Abe, M., Groth, J., Haralambiev, K., Ohkubo, M.: Optimal structure-preserving signatures in asymmetric bilinear groups. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 649\u2013666. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-22792-9_37"},{"key":"19_CR2","unstructured":"apple.com. Apple privacy. https:\/\/www.apple.com\/privacy\/features. Accessed 03 Aug 2022"},{"key":"19_CR3","doi-asserted-by":"crossref","unstructured":"Assal, H., Hurtado, S., Imran, A., Chiasson, S.: What\u2019s the deal with privacy apps? A comprehensive exploration of user perception and usability. In: Proceedings of the 14th International Conference on Mobile and Ubiquitous Multimedia, MUM 2015, pp. 25\u201336. Association for Computing Machinery, New York (2015)","DOI":"10.1145\/2836041.2836044"},{"key":"19_CR4","doi-asserted-by":"crossref","unstructured":"Black, J., Rogaway, P., Shrimpton, T.: Black-box analysis of the block-cipher-based hash-function constructions from PGV. Cryptology ePrint Archive, Report 2002\/066 (2002). https:\/\/eprint.iacr.org\/2002\/066","DOI":"10.1007\/3-540-45708-9_21"},{"key":"19_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1007\/3-540-36492-7_6","volume-title":"Selected Areas in Cryptography","author":"J Black","year":"2003","unstructured":"Black, J., Rogaway, P., Shrimpton, T.: Encryption-scheme security in the presence of key-dependent messages. In: Nyberg, K., Heys, H. (eds.) SAC 2002. LNCS, vol. 2595, pp. 62\u201375. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/3-540-36492-7_6"},{"key":"19_CR6","unstructured":"Blum, J., et al.: E2e encryption for zoom meetings. In: White paper (2021). https:\/\/github.com\/zoom\/zoom-e2e-whitepaper\/blob\/master\/zoom_e2e.pdf"},{"key":"19_CR7","doi-asserted-by":"crossref","unstructured":"Chase, M., Deshpande, A., Ghosh, E., Malvai, H.: H.: SEEMless: secure end-to-end encrypted messaging with less trust. In: Cavallaro, L., Kinder, J., Wang, X.F., Katz, J. (eds.) ACM CCS 2019, pp. 1639\u20131656. ACM Press, November 2019","DOI":"10.1145\/3319535.3363202"},{"key":"19_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"422","DOI":"10.1007\/11426639_25","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2005","author":"M Chase","year":"2005","unstructured":"Chase, M., Healy, A., Lysyanskaya, A., Malkin, T., Reyzin, L.: Mercurial commitments with applications to zero-knowledge sets. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 422\u2013439. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11426639_25"},{"key":"19_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"303","DOI":"10.1007\/978-3-540-74143-5_17","volume-title":"Advances in Cryptology - CRYPTO 2007","author":"M Chase","year":"2007","unstructured":"Chase, M., Lysyanskaya, A.: Simulatable VRFs with applications to multi-theorem NIZK. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 303\u2013322. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-74143-5_17"},{"key":"19_CR10","doi-asserted-by":"crossref","unstructured":"Chase, M., Meiklejohn, S.: Transparency overlays and applications. In: Weippl, E.R., Katzenbeisser, S., Kruegel, C., Myers, A.C., Halevi, S. (eds.) ACM CCS 2016, pp. 168\u2013179. ACM Press, October 2016","DOI":"10.1145\/2976749.2978404"},{"key":"19_CR11","doi-asserted-by":"crossref","unstructured":"Chase, M., Perrin, T., Zaverucha, G.: The signal private group system and anonymous credentials supporting efficient verifiable encryption. In: ACM CCS 2020, pp. 1445\u20131459. ACM Press (2020)","DOI":"10.1145\/3372297.3417887"},{"key":"19_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"89","DOI":"10.1007\/3-540-48071-4_7","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 92","author":"D Chaum","year":"1993","unstructured":"Chaum, D., Pedersen, T.P.: Wallet databases with observers. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 89\u2013105. Springer, Heidelberg (1993). https:\/\/doi.org\/10.1007\/3-540-48071-4_7"},{"key":"19_CR13","unstructured":"Novi Financial. Auditable key directory (2021). https:\/\/github.com\/novifinancial\/akd\/. Accessed 26 May 2022"},{"key":"19_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"173","DOI":"10.1007\/978-3-319-76481-8_13","volume-title":"Passive and Active Measurement","author":"O Gasser","year":"2018","unstructured":"Gasser, O., Hof, B., Helm, M., Korczynski, M., Holz, R., Carle, G.: In log we trust: revealing poor security practices with certificate transparency logs and internet measurements. In: Beverly, R., Smaragdakis, G., Feldmann, A. (eds.) PAM 2018. LNCS, vol. 10771, pp. 173\u2013185. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-76481-8_13"},{"key":"19_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"64","DOI":"10.1007\/978-3-030-84252-9_3","volume-title":"Advances in Cryptology \u2013 CRYPTO 2021","author":"A Ghoshal","year":"2021","unstructured":"Ghoshal, A., Tessaro, S.: Tight state-restoration soundness in the algebraic group model. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021. LNCS, vol. 12827, pp. 64\u201393. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-84252-9_3"},{"key":"19_CR16","doi-asserted-by":"crossref","unstructured":"Goldberg, S., Reyzin, L., Papadopoulos, D., V\u010del\u00e1k, J.: Verifiable random functions (VRFs). Internet-Draft draft-irtf-cfrg-vrf-12, Internet Engineering Task Force, May 2022. Work in Progress","DOI":"10.17487\/RFC9381"},{"key":"19_CR17","unstructured":"Google: Key transparency overview. https:\/\/github.com\/google\/keytransparency\/blob\/master\/docs\/overview.md. Accessed 31 Aug 2022"},{"key":"19_CR18","doi-asserted-by":"crossref","unstructured":"Herzberg, A., Leibowitz, H.: Can Johnny finally encrypt? Evaluating E2E-encryption in popular IM applications. In: Proceedings of the 6th Workshop on Socio-technical Aspects in Security and Trust, STAST 2016, pp. 17\u201328. Association for Computing Machinery, New York (2016)","DOI":"10.1145\/3046055.3046059"},{"issue":"2","key":"19_CR19","doi-asserted-by":"publisher","first-page":"29","DOI":"10.1109\/MSEC.2020.3039727","volume":"19","author":"A Herzberg","year":"2021","unstructured":"Herzberg, A., Leibowitz, H., Seamons, K., Vaziripour, E., Justin, W., Zappala, D.: Secure messaging authentication ceremonies are broken. IEEE Secur. Privacy 19(2), 29\u201337 (2021)","journal-title":"IEEE Secur. Privacy"},{"key":"19_CR20","doi-asserted-by":"crossref","unstructured":"Hu, Y., Hooshmand, K., Kalidhindi, H., Yang, S.J., Popa, R.A.: Merkle2: a low-latency transparency log system. In: 2021 IEEE Symposium on Security and Privacy (SP), pp. 285\u2013303 (2021)","DOI":"10.1109\/SP40001.2021.00088"},{"key":"19_CR21","unstructured":"Keybase.io: Keybase chat. https:\/\/book.keybase.io\/docs\/chat. Accessed 03 Aug 2022"},{"key":"19_CR22","unstructured":"keybase.io: Keybase is now writing to the stellar blockchain. https:\/\/book.keybase.io\/docs\/server\/stellar. Accessed 29 July 2022"},{"key":"19_CR23","unstructured":"Keybase.io: Meet your sigchain (and everyone else\u2019s). https:\/\/book.keybase.io\/docs\/server#meet-your-sigchain-and-everyone-elses. Accessed 29 July 2022"},{"key":"19_CR24","unstructured":"keybase.io: Keybase first commitment (2014). https:\/\/keybase.io\/_\/api\/1.0\/merkle\/root.json?seqno=1. Accessed 26 May 2022"},{"key":"19_CR25","unstructured":"Keybase.io: Keybase is not softer than tofu (2019). https:\/\/keybase.io\/blog\/chat-apps-softer-than-tofu. Accessed 05 May 2019"},{"key":"19_CR26","doi-asserted-by":"crossref","unstructured":"Laurie, B., Langley, A., Kasper, E., Messeri, E., Stradling, R.: Certificate Transparency Version 2.0. RFC 9162, December 2021","DOI":"10.17487\/RFC9162"},{"key":"19_CR27","doi-asserted-by":"crossref","unstructured":"Lerner, A., Zeng, E., Roesner, F.: Confidante: usable encrypted email: a case study with lawyers and journalists. In: 2017 IEEE European Symposium on Security and Privacy, EuroS &P 2017, Paris, France, 26\u201328 April 2017, pp. 385\u2013400. IEEE (2017)","DOI":"10.1109\/EuroSP.2017.41"},{"key":"19_CR28","unstructured":"Meiklejohn, S., et al.: Think global, act local: gossip and client audits in verifiable data structures (2020)"},{"key":"19_CR29","unstructured":"Melara, M.S., Blankstein, A., Bonneau, J., Felten, E.W., Freedman, M.J.: Coniks: bringing key transparency to end users. In: Usenix Security, pp. 383\u2013398 (2015)"},{"key":"19_CR30","doi-asserted-by":"crossref","unstructured":"Micali, S., Rabin, M., Kilian, J.: Zero-knowledge sets. In: Proceedings of the 44th Annual IEEE Symposium on Foundations of Computer Science, FOCS 2003, p. 80. IEEE Computer Society, USA (2003)","DOI":"10.1109\/SFCS.2003.1238183"},{"key":"19_CR31","doi-asserted-by":"crossref","unstructured":"Micali, S., Rabin, M.O., Vadhan, S.P.: Verifiable random functions. In: 40th FOCS, pp. 120\u2013130. IEEE Computer Society Press, October 1999","DOI":"10.1109\/SFFCS.1999.814584"},{"key":"19_CR32","unstructured":"microsoft.com: Teams end-to-end encryption (2022). https:\/\/docs.microsoft.com\/en-us\/microsoftteams\/teams-end-to-end-encryption. Accessed 26 May 2022"},{"key":"19_CR33","doi-asserted-by":"crossref","unstructured":"Muthukrishnan, S., Rajaraman, R., Shaheen, A., Gehrke, J.: Online scheduling to minimize average stretch. In: 40th FOCS, pp. 433\u2013442. IEEE Computer Society Press, October 1999","DOI":"10.1109\/SFFCS.1999.814615"},{"key":"19_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"111","DOI":"10.1007\/3-540-45708-9_8","volume-title":"Advances in Cryptology \u2014 CRYPTO 2002","author":"JB Nielsen","year":"2002","unstructured":"Nielsen, J.B.: Separating random oracle proofs from complexity theoretic proofs: the non-committing encryption case. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 111\u2013126. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-45708-9_8"},{"key":"19_CR35","unstructured":"Elaine Barker (NIST): Nist sp 800-57 part 1 rev. 5 recommendation for key management: Part 1 - general (2022). https:\/\/nvlpubs.nist.gov\/nistpubs\/SpecialPublications\/NIST.SP.800-57pt1r5.pdf. Accessed 10 Aug 2022"},{"key":"19_CR36","unstructured":"LLC. PCI Security Standards Council: Payment card industry data security standard: Requirements and testing procedures, v4.0 (2022). https:\/\/listings.pcisecuritystandards.org\/documents\/PCI-DSS-v4_0.pdf. Accessed 10 Aug 2022"},{"key":"19_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"256","DOI":"10.1007\/3-540-69053-0_18","volume-title":"Advances in Cryptology \u2014 EUROCRYPT \u201997","author":"V Shoup","year":"1997","unstructured":"Shoup, V.: Lower bounds for discrete logarithms and related problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 256\u2013266. Springer, Heidelberg (1997). https:\/\/doi.org\/10.1007\/3-540-69053-0_18"},{"key":"19_CR38","unstructured":"signal.org: Technical information (2016). https:\/\/www.signal.org\/docs. Accessed 03 Aug 2022"},{"key":"19_CR39","unstructured":"signal.org: Technology preview: signal private group system (2019). https:\/\/signal.org\/blog\/signal-private-group-system\/. Accessed 22 Aug 2022"},{"key":"19_CR40","doi-asserted-by":"crossref","unstructured":"Tomescu, A., Bhupatiraju, V., Papadopoulos, D., Papamanthou, C., Triandopoulos, N., Devadas, S.: Transparency logs via append-only authenticated dictionaries. In: Cavallaro, L., Kinder, J., Wang, X.F., Katz, J. (eds.) ACM CCS 2019, pp. 1299\u20131316. ACM Press, November 2019","DOI":"10.1145\/3319535.3345652"},{"key":"19_CR41","unstructured":"Tyagi, N., Fisch, B., Bonneau, J., Tessaro, S.: Client-auditable verifiable registries. Cryptology ePrint Archive, Paper 2021\/627 (2021). https:\/\/eprint.iacr.org\/2021\/627"},{"key":"19_CR42","doi-asserted-by":"crossref","unstructured":"Tzialla, I., Kothapalli, A., Parno, B., Setty, S.: Transparency dictionaries with succinct proofs of correct operation. Cryptology ePrint Archive, Paper 2021\/1263 (2021). https:\/\/eprint.iacr.org\/2021\/1263","DOI":"10.14722\/ndss.2022.23143"},{"key":"19_CR43","unstructured":"Vaziripour, E., et al.: Is that you, Alice? A usability study of the authentication ceremony of secure messaging applications. : Thirteenth Symposium on Usable Privacy and Security (SOUPS 2017), pp. 29\u201347. USENIX Association, Santa Clara, July 2017"},{"key":"19_CR44","unstructured":"webex.com: Webex end-to-end encryption (2022). https:\/\/help.webex.com\/en-us\/article\/WBX44739\/What-Does-End-to-End-Encryption-Do?. Accessed 26 May 2022"},{"key":"19_CR45","unstructured":"whatsapp.com: Whatsapp encryption overview. In: White paper (2021). Accessed 03 Aug 2022"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 ASIACRYPT 2022"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-22969-5_19","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,24]],"date-time":"2026-01-24T01:03:07Z","timestamp":1769216587000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-22969-5_19"}},"subtitle":["Post Compromise Secure Auditable Dictionaries with\u00a0Application to\u00a0Key Transparency"],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031229688","9783031229695"],"references-count":45,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-22969-5_19","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"25 January 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ASIACRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on the Theory and Application of Cryptology and Information Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Taipei","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Taiwan","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"5 December 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"9 December 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"asiacrypt2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/asiacrypt.iacr.org\/2022\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"HotCRP","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"364","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"98","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"27% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"10","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}