{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,17]],"date-time":"2026-03-17T02:49:08Z","timestamp":1773715748210,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":58,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,12,2]],"date-time":"2024-12-02T00:00:00Z","timestamp":1733097600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100006374","name":"NSF (National Science Foundation)","doi-asserted-by":"publisher","award":["2149765,2149766"],"award-info":[{"award-number":["2149765,2149766"]}],"id":[{"id":"10.13039\/501100006374","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,12,2]]},"DOI":"10.1145\/3658644.3670374","type":"proceedings-article","created":{"date-parts":[[2024,12,9]],"date-time":"2024-12-09T12:19:20Z","timestamp":1733746760000},"page":"1552-1566","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["Provable Security for PKI Schemes"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1250-2257","authenticated-orcid":false,"given":"Sara","family":"Wr\u00f3tniak","sequence":"first","affiliation":[{"name":"School of Computing, University of Connecticut, Storrs, CT, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7421-1850","authenticated-orcid":false,"given":"Hemi","family":"Leibowitz","sequence":"additional","affiliation":[{"name":"Faculty of Computer Science, The College of Management Academic Studies, Rishon LeZion, Israel"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0860-0927","authenticated-orcid":false,"given":"Ewa","family":"Syta","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Trinity College, Hartford, CT, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5586-5261","authenticated-orcid":false,"given":"Amir","family":"Herzberg","sequence":"additional","affiliation":[{"name":"School of Computing, University of Connecticut, Storrs, CT, USA"}]}],"member":"320","published-online":{"date-parts":[[2024,12,9]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"crossref","unstructured":"Louise Axon and Michael Goldsmith. 2017. PB-PKI:APrivacy-aware Blockchainbased PKI. In SECRYPT.","DOI":"10.5220\/0006419203110318"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660298"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-71677-8_30"},{"key":"e_1_3_2_1_4_1","unstructured":"Johannes Braun. 2015. Maintaining Security and Trust in Large Scale Public Key Infrastructures. Ph.D. Dissertation. Technische Universit\u00e4t."},{"key":"e_1_3_2_1_5_1","volume-title":"European Public Key Infrastructure Workshop. Springer, 31--46","author":"Braun Johannes","year":"2013","unstructured":"Johannes Braun, Franziskus Kiefer, and Andreas H\u00fclsing. 2013. Revocation & Non-Repudiation: When the first destroys the latter. In European Public Key Infrastructure Workshop. Springer, 31--46."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/3402457"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-49387-8_11"},{"key":"e_1_3_2_1_8_1","unstructured":"BLUE BOOK CCITT. 1988. Recommendations X. 509 and ISO 9594--8. Information Processing Systems-OSI-The Directory Authentication Framework (Geneva: CCITT). (1988)."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978404"},{"key":"e_1_3_2_1_10_1","unstructured":"Council of European Union. 2021. Com\/2021\/281 Revision of the eIDAS Regulation - European Digital Identity (EUid). (2021)."},{"key":"e_1_3_2_1_11_1","volume-title":"Secure Logging Schemes and Certificate Transparency. In European Symposium on Research in Computer Security. Springer, 140--158","author":"Dowling Benjamin","year":"2016","unstructured":"Benjamin Dowling, Felix G\u00fcnther, Udyani Herath, and Douglas Stebila. 2016. Secure Logging Schemes and Certificate Transparency. In European Symposium on Research in Computer Security. Springer, 140--158."},{"key":"e_1_3_2_1_12_1","volume-title":"China Accused of Doling Out Counterfeit Digital Certificates in Serious Web Security Breach. VICE News. (Apr","author":"Dyer John","year":"2015","unstructured":"John Dyer. 2015. China Accused of Doling Out Counterfeit Digital Certificates in Serious Web Security Breach. VICE News. (Apr. 2015)."},{"key":"e_1_3_2_1_13_1","unstructured":"Peter Eckersley. 2012. Sovereign Key Cryptography for Internet Domains. https:\/\/git.eff.org\/?p=sovereign-keys.git;a=blob;f=sovereign-key-design.txt ;hb=HEAD. (2012)."},{"key":"e_1_3_2_1_14_1","volume-title":"d.] The EFF SSL Observatory. Retrieved","author":"Electronic Frontier","year":"2019","unstructured":"Electronic Frontier Foundation (EFF). [n. d.] The EFF SSL Observatory. Retrieved May 30, 2019 from https:\/\/www.eff.org\/observatory."},{"key":"e_1_3_2_1_15_1","first-page":"803","article-title":"A Decentralized Public Key Infrastructure with Identity Retention","volume":"2014","author":"Fromknecht Conner","year":"2014","unstructured":"Conner Fromknecht, Dragos Velicanu, and Sophia Yakoubov. 2014. A Decentralized Public Key Infrastructure with Identity Retention. IACR Cryptology ePrint Archive, 2014, 803.","journal-title":"IACR Cryptology ePrint Archive"},{"key":"e_1_3_2_1_16_1","volume-title":"Universally Composable Security Analysis of TLS. In International Conference on Provable Security. Springer, 313--327","author":"Gajek Sebastian","year":"2008","unstructured":"Sebastian Gajek, Mark Manulis, Olivier Pereira, Ahmad-Reza Sadeghi, and J\u00f6rg Schwenk. 2008. Universally Composable Security Analysis of TLS. In International Conference on Provable Security. Springer, 313--327."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-84252-9_2"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.2000.848442"},{"key":"e_1_3_2_1_19_1","unstructured":"P. Hoffman M. Blanchet E. Lafon Y. Galand C. Elphick and M. Moeller. 2002. International organization for standardization information technology - asn.1 - basic encoding rules (ber). In ITU-T Recommendation X.690 | ISO\/IEC 8825--1:2002. Also covers DER 1--105."},{"key":"e_1_3_2_1_20_1","volume-title":"Article 45 Will Roll Back Web Security by 12 Years. ACLU. https:\/\/www.eff.org\/deeplinks\/2023\/11\/article-45-will-roll-backweb-security-12-years. (Nov","author":"Hoffman-Andrews Jacob","year":"2023","unstructured":"Jacob Hoffman-Andrews. 2023. Article 45 Will Roll Back Web Security by 12 Years. ACLU. https:\/\/www.eff.org\/deeplinks\/2023\/11\/article-45-will-roll-backweb-security-12-years. (Nov. 2023)."},{"key":"e_1_3_2_1_21_1","volume-title":"Microsoft buck trend, refuse to block unauthorized Chinese root certificates. ExtremeTech. (Apr","author":"Hruska Joel","year":"2015","unstructured":"Joel Hruska. 2015. Apple, Microsoft buck trend, refuse to block unauthorized Chinese root certificates. ExtremeTech. (Apr. 2015)."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1504\/IJCIS.2017.088234"},{"key":"e_1_3_2_1_23_1","volume-title":"information technology - open systems interconnection - the directory: authentication framework. (June","author":"Union International Telecommunication","year":"1997","unstructured":"International Telecommunication Union. 1997. ITU-T X.509 recommendation version 3: information technology - open systems interconnection - the directory: authentication framework. (June 1997). https:\/\/www.itu.int\/rec\/T-RECX. 509--199708-S."},{"key":"e_1_3_2_1_24_1","unstructured":"Google LLC Joe DeBlasio. [n. d.] Opt-out SCT Auditing in Chrome. Other. https:\/\/docs.google.com\/document\/d\/16G-Q7iN3kB46GSW5b-sfH5MO3n KSYyEb77YsM7TMZGE\/. ()."},{"key":"e_1_3_2_1_25_1","volume-title":"Proceedings of the 22nd international conference on World Wide Web. ACM, 679--690","author":"Hyun-Jin Kim Tiffany","year":"2013","unstructured":"Tiffany Hyun-Jin Kim, Lin-Shung Huang, Adrian Perrig, Collin Jackson, and Virgil Gligor. 2013. Accountable Key Infrastructure (AKI): A Proposal for a Public-Key Validation Infrastructure. In Proceedings of the 22nd international conference on World Wide Web. ACM, 679--690."},{"key":"e_1_3_2_1_26_1","unstructured":"Loren M Kohnfelder. 1978. Towards a practical public-key cryptosystem. Ph.D. Dissertation. Massachusetts Institute of Technology."},{"key":"e_1_3_2_1_27_1","volume-title":"Mehmet Sabir Kiraz, and Haci Ali Mantar","author":"Kubilay Murat Yasin","year":"2018","unstructured":"Murat Yasin Kubilay, Mehmet Sabir Kiraz, and Haci Ali Mantar. 2018. CertLedger: A new PKI model with Certificate Transparency based on blockchain. arXiv preprint arXiv:1806.03914."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/2659897"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"crossref","unstructured":"Ben Laurie and Emilia Kasper. 2012. Revocation Transparency. Google Research September.","DOI":"10.17487\/rfc6962"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0140-3664(03)00077-X"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3345653"},{"key":"e_1_3_2_1_32_1","volume-title":"Modeling Public Key Infrastructure in the Real World. In European Public Key Infrastructure Workshop. Springer, 118--134","author":"Marchesini John","year":"2005","unstructured":"John Marchesini and Sean Smith. 2005. Modeling Public Key Infrastructure in the Real World. In European Public Key Infrastructure Workshop. Springer, 118--134."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.57"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-61770-1_45"},{"key":"e_1_3_2_1_35_1","volume-title":"USENIX Security Symposium, 383--398","author":"Melara Marcela S","year":"2015","unstructured":"Marcela S Melara, Aaron Blankstein, Joseph Bonneau, Edward W Felten, and Michael J Freedman. 2015. CONIKS: Bringing Key Transparency to End Users. In USENIX Security Symposium, 383--398."},{"key":"e_1_3_2_1_36_1","unstructured":"[n. d.] Namecoin. (). https:\/\/www.namecoin.org\/."},{"key":"e_1_3_2_1_37_1","volume-title":"Joint statement of scientists and NGOs on the EUs proposed eIDAS reform. Other. https:\/\/nce.m pi-sp.org\/index.php\/s\/cG88cptFdaDNyRr. (Nov","author":"Organisations Scientists","year":"2023","unstructured":"Scientists Organisations and Researchers as signed. 2023. Joint statement of scientists and NGOs on the EUs proposed eIDAS reform. Other. https:\/\/nce.m pi-sp.org\/index.php\/s\/cG88cptFdaDNyRr. (Nov. 2023)."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC2693"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC3280"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC3447"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC5280"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC6480"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC6962"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC7468"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC8446"},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC9162"},{"key":"e_1_3_2_1_47_1","unstructured":"Steven B Roosa and Stephen Schultze. 2010. The \"Certificate Authority\" Trust Model for SSL: A Defective Foundation for Encrypted Web Traffic and a Legal Quagmire. Intellectual property & technology law journal 22 11 3."},{"key":"e_1_3_2_1_48_1","unstructured":"Mark Dermot Ryan. 2014. Enhanced certificate transparency and end-to-end encrypted mail. In NDSS."},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1002\/sec.198"},{"key":"e_1_3_2_1_50_1","volume-title":"Camp","author":"Serrano Nicolas","year":"2019","unstructured":"Nicolas Serrano, Hilda Hadan, and Jean L. Camp. 2019. A complete study of P.K.I. (PKIs Known Incidents). Available at SSRN, https:\/\/ssrn.com\/abstract=3425554. (July 2019)."},{"key":"e_1_3_2_1_51_1","volume-title":"David Isaac Wolinsky, and Bryan Ford","author":"Syta Ewa","year":"2015","unstructured":"Ewa Syta, Iulia Tamas, Dylan Visher, David Isaac Wolinsky, and Bryan Ford. 2015. Certificate Cothority: Towards Trustworthy Collective CAs. Hot Topics in Privacy Enhancing Technologies (HotPETs), 7."},{"key":"e_1_3_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.38"},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660355"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.19"},{"key":"e_1_3_2_1_55_1","volume-title":"Perspectives: Improving SSH-style Host Authentication with Multi-Path Probing. In USENIX Annual Technical Conference.","volume":"8","author":"Wendlandt Dan","year":"2008","unstructured":"Dan Wendlandt, David G Andersen, and Adrian Perrig. 2008. Perspectives: Improving SSH-style Host Authentication with Multi-Path Probing. In USENIX Annual Technical Conference. Vol. 8, 321--334."},{"key":"e_1_3_2_1_56_1","volume-title":"the free encyclopedia. https:\/\/en.wikipedia.org\/w\/index.phptitle=DigiNotar&oldid=1036090956.[Online","author":"Diginotar Wikipedia Wikipedia","year":"2021","unstructured":"Wikipedia contributors. 2021. Diginotar Wikipedia, the free encyclopedia. https:\/\/en.wikipedia.org\/w\/index.phptitle=DigiNotar&oldid=1036090956.[Online; accessed 7-August-2021]. (2021)."},{"key":"e_1_3_2_1_57_1","volume-title":"Paper 2019\/807. https:\/\/eprint.iacr.org\/2019\/807.","author":"Wr\u00f3tniak Sara","year":"2019","unstructured":"Sara Wr\u00f3tniak, Hemi Leibowitz, Ewa Syta, and Amir Herzberg. 2019. Provable security for PKI schemes. Cryptology ePrint Archive, Paper 2019\/807. https:\/\/eprint.iacr.org\/2019\/807. (2019). https:\/\/eprint.iacr.org\/2019\/807."},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1093\/comjnl\/bxw039"}],"event":{"name":"CCS '24: ACM SIGSAC Conference on Computer and Communications Security","location":"Salt Lake City UT USA","acronym":"CCS '24","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3658644.3670374","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3658644.3670374","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T06:11:31Z","timestamp":1755843091000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3658644.3670374"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,2]]},"references-count":58,"alternative-id":["10.1145\/3658644.3670374","10.1145\/3658644"],"URL":"https:\/\/doi.org\/10.1145\/3658644.3670374","relation":{},"subject":[],"published":{"date-parts":[[2024,12,2]]},"assertion":[{"value":"2024-12-09","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}