{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,22]],"date-time":"2025-11-22T11:40:00Z","timestamp":1763811600256,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":135,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,11,4]],"date-time":"2024-11-04T00:00:00Z","timestamp":1730678400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"DARPA","award":["HR00112020022"],"award-info":[{"award-number":["HR00112020022"]}]},{"DOI":"10.13039\/100000001","name":"NSF (National Science Foundation)","doi-asserted-by":"publisher","award":["CNS-223997"],"award-info":[{"award-number":["CNS-223997"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,11,4]]},"DOI":"10.1145\/3694715.3695962","type":"proceedings-article","created":{"date-parts":[[2024,11,15]],"date-time":"2024-11-15T19:28:18Z","timestamp":1731698898000},"page":"673-692","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["NOPE: Strengthening domain authentication with succinct proofs"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-9364-9033","authenticated-orcid":false,"given":"Zachary","family":"DeStefano","sequence":"first","affiliation":[{"name":"Computer Science Department, Courant Institute, NYU, New York City, New York, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-9520-5218","authenticated-orcid":false,"given":"Jeff J.","family":"Ma","sequence":"additional","affiliation":[{"name":"Computer Science Department, Courant Institute, NYU, New York City, New York, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6349-0145","authenticated-orcid":false,"given":"Joseph","family":"Bonneau","sequence":"additional","affiliation":[{"name":"Computer Science Department, Courant Institute, NYU, New York City, New York, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-1776-6418","authenticated-orcid":false,"given":"Michael","family":"Walfish","sequence":"additional","affiliation":[{"name":"Computer Science Department, Courant Institute, NYU, New York City, New York, United States"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,11,15]]},"reference":[{"key":"e_1_3_2_2_1_1","volume-title":"circom-ecdsa. https:\/\/github.com\/0xPARC\/circom-ecdsa","author":"PARC.","year":"2022","unstructured":"0xPARC. circom-ecdsa. https:\/\/github.com\/0xPARC\/circom-ecdsa, 2022."},{"key":"e_1_3_2_2_2_1","volume-title":"ACM CCS","author":"Aas Josh","year":"2019","unstructured":"Josh Aas, Richard Barnes, Benton Case, Zakir Durumeric, Peter Eckersley, Alan Flores-L\u00f3pez, J Alex Halderman, Jacob Hoffman-Andrews, James Kasten, Eric Rescorla, Seth Schoen, and Brad Warren. Let's Encrypt: an automated certificate authority to encrypt the entire web. In ACM CCS, 2019."},{"key":"e_1_3_2_2_3_1","volume-title":"Feb","author":"Aas Josh","year":"2020","unstructured":"Josh Aas, Daniel McCarney, and Roland Shoemaker. Multi-Perspective Validation Improves Domain Validation Security. Let's Encrypt Blog, Feb 2020. https:\/\/letsencrypt.org\/2020\/02\/19\/multi-perspective-validation.html."},{"key":"e_1_3_2_2_4_1","volume-title":"The Economics of Information Security. Science, 314(5799)","author":"Anderson Ross","year":"2006","unstructured":"Ross Anderson and Tyler Moore. The Economics of Information Security. Science, 314(5799), 2006."},{"key":"e_1_3_2_2_5_1","first-page":"307","volume-title":"Selected Areas in Cryptography","author":"Antipa Adrian","year":"2005","unstructured":"Adrian Antipa, Daniel Brown, Robert Gallant, Rob Lambert, Ren\u00e9 Struik, and Scott Vanstone. Accelerated verification of ECDSA signatures. In Selected Areas in Cryptography, pages 307--318, 02 2005."},{"key":"e_1_3_2_2_6_1","unstructured":"Aptos Keyless. Aptos Labs 2024. https:\/\/aptos.dev\/guides\/keyless-accounts\/."},{"key":"e_1_3_2_2_7_1","doi-asserted-by":"publisher","DOI":"10.2139\/ssrn.2277806"},{"key":"e_1_3_2_2_8_1","volume-title":"December","author":"Ayer Andrew","year":"2015","unstructured":"Andrew Ayer. Duplicate Signature Key Selection Attack in Let's Encrypt. https:\/\/www.agwa.name\/blog\/post\/duplicate_signature_key_selection_attack_in_lets_encrypt, December 2015."},{"key":"e_1_3_2_2_9_1","volume-title":"July","author":"Ayer Andrew","year":"2021","unstructured":"Andrew Ayer. How Certificate Transparency Logs Fail and Why It's OK. https:\/\/www.agwa.name\/blog\/post\/how_ct_logs_fail, July 2021."},{"key":"e_1_3_2_2_10_1","volume-title":"Timeline of Certificate Authority Failures. https:\/\/sslmate.com\/resources\/certificate_authority_failures","author":"Ayer Andrew","year":"2024","unstructured":"Andrew Ayer. Timeline of Certificate Authority Failures. https:\/\/sslmate.com\/resources\/certificate_authority_failures, 2024."},{"key":"e_1_3_2_2_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/103418.103428"},{"key":"e_1_3_2_2_12_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-64322-8_22"},{"key":"e_1_3_2_2_13_1","doi-asserted-by":"crossref","unstructured":"Foteini Baldimtsi Konstantinos Kryptos Chalkias Yan Ji Jonas Lindstr\u00f8m Deepak Maram Ben Riva Arnab Roy Mahdi Sedaghat and Joy Wang. zkLogin: Privacy-Preserving Blockchain Authentication with Existing Credentials. arXiv preprint arXiv:2401.11735 2024.","DOI":"10.1145\/3658644.3690356"},{"key":"e_1_3_2_2_14_1","volume-title":"Use Cases and Requirements for DNS-Based Authentication of Named Entities (DANE). RFC","author":"Barnes Richard","year":"2011","unstructured":"Richard Barnes. Use Cases and Requirements for DNS-Based Authentication of Named Entities (DANE). RFC 6394, October 2011."},{"key":"e_1_3_2_2_15_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC8555"},{"key":"e_1_3_2_2_16_1","volume-title":"Annual International Cryptology Conference","author":"Barrett Paul","year":"1986","unstructured":"Paul Barrett. Implementing the Rivest Shamir and Adleman Public Key Encryption Algorithm on a Standard Digital Signal Processor. In Annual International Cryptology Conference, 1986."},{"key":"e_1_3_2_2_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660298"},{"key":"e_1_3_2_2_18_1","volume-title":"IMC","author":"Bates Adam","year":"2014","unstructured":"Adam Bates, Joe Pletcher, Tyler Nichols, Braden Hollembaek, and Kevin RB Butler. Forced perspectives: Evaluating an SSL trust enhancement at scale. In IMC, 2014."},{"key":"e_1_3_2_2_19_1","volume-title":"USENIX Security","author":"Ben-Sasson Eli","year":"2014","unstructured":"Eli Ben-Sasson, Alessandro Chiesa, Eran Tromer, and Madars Virza. Succinct non-interactive zero knowledge for a von Neumann architecture. In USENIX Security, 2014."},{"key":"e_1_3_2_2_20_1","volume-title":"Pippenger's exponentiation algorithm","author":"Bernstein Daniel J.","year":"2002","unstructured":"Daniel J. Bernstein. Pippenger's exponentiation algorithm. 2002."},{"key":"e_1_3_2_2_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/2090236.2090263"},{"key":"e_1_3_2_2_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/62212.62222"},{"key":"e_1_3_2_2_23_1","unstructured":"Sharon Boeyen Stefan Santesson Tim Polk Russ Housley Stephen Farrell and David Cooper. Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 5280 May 2008."},{"key":"e_1_3_2_2_24_1","volume-title":"Ivo Kubjas, and Arya Tabaie. Consensys\/gnark: v0.11.0","author":"Botrel Gautam","year":"2024","unstructured":"Gautam Botrel, Thomas Piellard, Youssef El Housni, Ivo Kubjas, and Arya Tabaie. Consensys\/gnark: v0.11.0, September 2024."},{"key":"e_1_3_2_2_25_1","volume-title":"December","author":"Braun Benjamin","year":"2012","unstructured":"Benjamin Braun. Compiling computations to constraints for verified computation. UT Austin Honors thesis HR-12-10, December 2012."},{"key":"e_1_3_2_2_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/2517349.2522733"},{"key":"e_1_3_2_2_27_1","volume-title":"July","author":"Bryant Matthew","year":"2016","unstructured":"Matthew Bryant. Keeping Positive - Obtaining Arbitrary Wildcard SSL Certificates from Comodo via Dangling Markup Injection. The Hacker Blog, July 2016. https:\/\/thehackerblog.com\/keeping-positive-obtaining-arbitrary-wildcard-ssl-certificates-from-comodo-via-dangling-markup-injection\/."},{"key":"e_1_3_2_2_28_1","volume-title":"Paper 2023\/1063","author":"Celi Sof\u00eda","year":"2023","unstructured":"Sof\u00eda Celi, Alex Davidson, Hamed Haddadi, Gon\u00e7alo Pestana, and Joe Rowell. Distefano: Decentralized infrastructure for sharing trusted encrypted facts and nothing more. Cryptology ePrint Archive, Paper 2023\/1063, 2023. https:\/\/eprint.iacr.org\/2023\/1063."},{"key":"e_1_3_2_2_29_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-981-99-7032-2_10"},{"key":"e_1_3_2_2_30_1","doi-asserted-by":"publisher","DOI":"10.1007\/11818175_5"},{"key":"e_1_3_2_2_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.41"},{"key":"e_1_3_2_2_32_1","unstructured":"Cloudflare. ECDSA: The missing piece of DNSSEC. https:\/\/www.cloudflare.com\/dns\/dnssec\/ecdsa-and-dnssec\/."},{"key":"e_1_3_2_2_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3484815"},{"key":"e_1_3_2_2_34_1","volume-title":"Cinderella: Turning shabby X. 509 certificates into elegant anonymous credentials with the magic of verifiable computation","author":"Delignat-Lavaud Antoine","year":"2016","unstructured":"Antoine Delignat-Lavaud, C\u00e9dric Fournet, Markulf Kohlweiss, and Bryan Parno. Cinderella: Turning shabby X. 509 certificates into elegant anonymous credentials with the magic of verifiable computation. In IEEE Security and Privacy, 2016."},{"key":"e_1_3_2_2_35_1","volume-title":"Paper 2023\/1784","author":"Benjamin","year":"2023","unstructured":"Benjamin E. Diamond and Jim Posen. Succinct arguments over towers of binary fields. Cryptology ePrint Archive, Paper 2023\/1784, 2023."},{"key":"e_1_3_2_2_36_1","volume-title":"Paper 2024\/504","author":"Benjamin","year":"2024","unstructured":"Benjamin E. Diamond and Jim Posen. Polylogarithmic proofs for multilinears over binary towers. Cryptology ePrint Archive, Paper 2024\/504, 2024."},{"key":"e_1_3_2_2_37_1","volume-title":"https:\/\/stats.dnssectools.org\/","author":"Deployment Statistics DNSSEC","year":"2024","unstructured":"DNSSEC and DANE Deployment Statistics. https:\/\/stats.dnssectools.org\/, 2024."},{"key":"e_1_3_2_2_38_1","volume-title":"https:\/\/domainnamestat.com\/statistics\/tldtype\/generic","author":"Ds Domain","year":"2024","unstructured":"Domain name registrations in Generic TLDs. https:\/\/domainnamestat.com\/statistics\/tldtype\/generic, 2024."},{"key":"e_1_3_2_2_39_1","volume-title":"NSDI","author":"Duan Huayi","year":"2023","unstructured":"Huayi Duan, Rub\u00e9n Fischer, Jie Lou, Si Liu, David Basin, and Adrian Perrig. RHINE: Robust and High-performance Internet Naming with E2E Authenticity. In NSDI, 2023."},{"key":"e_1_3_2_2_40_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC9102"},{"key":"e_1_3_2_2_41_1","volume-title":"IMC","author":"Durumeric Zakir","year":"2013","unstructured":"Zakir Durumeric, James Kasten, Michael Bailey, and J Alex Halderman. Analysis of the HTTPS certificate ecosystem. In IMC, 2013."},{"key":"e_1_3_2_2_42_1","doi-asserted-by":"crossref","unstructured":"Donald E. Eastlake. RSA\/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS). RFC 3110 May 2001.","DOI":"10.17487\/rfc3110"},{"key":"e_1_3_2_2_43_1","volume-title":"Sovereign Keys: A proposal to make HTTPS and email more secure. www.eff.org\/sovereign-keys","author":"Eckersley Peter","year":"2011","unstructured":"Peter Eckersley. Sovereign Keys: A proposal to make HTTPS and email more secure. www.eff.org\/sovereign-keys, 2011."},{"key":"e_1_3_2_2_44_1","volume-title":"DEFCON","author":"Eckersley Peter","year":"2010","unstructured":"Peter Eckersley and Jesse Burns. An Observatory for the SSLiverse. DEFCON, 2010."},{"key":"e_1_3_2_2_45_1","volume-title":"https:\/\/github.com\/certbot\/certbot","author":"Foundation Electronic Frontier","year":"2024","unstructured":"Electronic Frontier Foundation. Certbot. https:\/\/github.com\/certbot\/certbot, 2024."},{"volume-title":"CRYPTO","year":"1985","key":"e_1_3_2_2_46_1","unstructured":"ElGamal, Taher. A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms. In CRYPTO, 1985."},{"issue":"1","key":"e_1_3_2_2_47_1","article-title":"Ten risks of PKI: What you're not being told about public key infrastructure","volume":"16","author":"Ellison Carl","year":"2000","unstructured":"Carl Ellison and Bruce Schneier. Ten risks of PKI: What you're not being told about public key infrastructure. Computer Security Journal, 16(1), 2000.","journal-title":"Computer Security Journal"},{"key":"e_1_3_2_2_48_1","volume-title":"Paper 2023\/1503","author":"Ernstberger Jens","year":"2023","unstructured":"Jens Ernstberger, Stefanos Chaliasos, George Kadianakis, Sebastian Steinhorst, Philipp Jovanovic, Arthur Gervais, Benjamin Livshits, and Michele Orr\u00f9. zk-Bench: A Toolset for Comparative Evaluation and Performance Benchmarking of SNARKs. Cryptology ePrint Archive, Paper 2023\/1503, 2023. https:\/\/eprint.iacr.org\/2023\/1503."},{"key":"e_1_3_2_2_49_1","volume-title":"Public Key Pinning Extension for HTTP. RFC","author":"Evans Chris","year":"2015","unstructured":"Chris Evans, Chris Palmer, and Ryan Sleevi. Public Key Pinning Extension for HTTP. RFC 7469, April 2015."},{"key":"e_1_3_2_2_50_1","volume-title":"CRYPTO","author":"Fiat Amos","year":"1986","unstructured":"Amos Fiat and Adi Shamir. How to prove yourself: Practical solutions to identification and signature problems. In CRYPTO, 1986."},{"key":"e_1_3_2_2_51_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-44647-8_11"},{"key":"e_1_3_2_2_52_1","volume-title":"EFF DeepLinks Blog, 2011","author":"Galperin Eva","year":"2011","unstructured":"Eva Galperin, Seth Schoen, and Peter Eckersley. A Post Mortem on the Iranian DigiNotar Attack. EFF DeepLinks Blog, 2011. https:\/\/www.eff.org\/deeplinks\/2011\/09\/post-mortem-iranian-diginotar-attack."},{"key":"e_1_3_2_2_53_1","volume-title":"509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP. RFC","author":"Galperin Slava","year":"1999","unstructured":"Slava Galperin, Dr. Carlisle Adams, Michael Myers, Rich Ankney, and Ambarish N. Malpani. X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP. RFC 2560, June 1999."},{"key":"e_1_3_2_2_54_1","doi-asserted-by":"publisher","DOI":"10.5555\/1881412.1881445"},{"key":"e_1_3_2_2_55_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-38348-9_37"},{"key":"e_1_3_2_2_56_1","volume-title":"Probabilistic proof systems - a primer. Foundations and Trends in Theoretical Computer Science, 3(1)","author":"Goldreich Oded","year":"2008","unstructured":"Oded Goldreich. Probabilistic proof systems - a primer. Foundations and Trends in Theoretical Computer Science, 3(1), 2008."},{"key":"e_1_3_2_2_57_1","doi-asserted-by":"publisher","DOI":"10.1145\/2699436"},{"key":"e_1_3_2_2_58_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-38545-2_7"},{"volume-title":"Google cloud. https:\/\/cloud.google.com\/compute\/docs\/general-purpose-machines","year":"2024","key":"e_1_3_2_2_59_1","unstructured":"Google. Google cloud. https:\/\/cloud.google.com\/compute\/docs\/general-purpose-machines, 2024."},{"key":"e_1_3_2_2_60_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-49896-5_11"},{"key":"e_1_3_2_2_61_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-63715-0_20"},{"key":"e_1_3_2_2_62_1","volume-title":"USENIX Security","author":"Grubbs Paul","year":"2022","unstructured":"Paul Grubbs, Arasu Arun, Ye Zhang, Joseph Bonneau, and Michael Walfish. Zero-Knowledge Middleboxes. In USENIX Security, 2022."},{"key":"e_1_3_2_2_63_1","unstructured":"Aayush Gupta. ZK Email 2024. https:\/\/blog.aayushg.com\/zkemail\/."},{"key":"e_1_3_2_2_64_1","volume-title":"I'm giving up on HPKP. https:\/\/scotthelme.co.uk\/im-giving-up-on-hpkp\/","author":"Helme Scott","year":"2017","unstructured":"Scott Helme. I'm giving up on HPKP. https:\/\/scotthelme.co.uk\/im-giving-up-on-hpkp\/, 2017."},{"key":"e_1_3_2_2_65_1","volume-title":"November","author":"Hetzner Encrypted","year":"2023","unstructured":"Encrypted traffic interception on Hetzner and Linode targeting the largest Russian XMPP (Jabber) messaging service. https:\/\/notes.valdikss.org.ru\/jabber.ru-mitm\/, November 2023."},{"key":"e_1_3_2_2_66_1","volume-title":"USENIX Security","author":"Hoang Nguyen Phong","year":"2021","unstructured":"Nguyen Phong Hoang, Arian Akhavan Niaki, Jakub Dalek, Jeffrey Knockel, Pellaeon Lin, Bill Marczak, Masashi Crete-Nishihata, Phillipa Gill, and Michalis Polychronakis. How Great is the Great Firewall? Measuring China's DNS Censorship. In USENIX Security, 2021."},{"key":"e_1_3_2_2_67_1","volume-title":"HTTP Strict Transport Security (HSTS). RFC","author":"Hodges Jeff","year":"2012","unstructured":"Jeff Hodges, Collin Jackson, and Adam Barth. HTTP Strict Transport Security (HSTS). RFC 6797, November 2012."},{"key":"e_1_3_2_2_68_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC9364"},{"key":"e_1_3_2_2_69_1","first-page":"8484","article-title":"DNS Queries over HTTPS (DoH)","author":"Hoffman Paul E.","year":"2018","unstructured":"Paul E. Hoffman and Patrick McManus. DNS Queries over HTTPS (DoH). RFC 8484, 2018.","journal-title":"RFC"},{"key":"e_1_3_2_2_70_1","volume-title":"Hoffman and Wouter Wijngaards. Elliptic Curve Digital Signature Algorithm (DSA) for DNSSEC. RFC","author":"Paul","year":"2012","unstructured":"Paul E. Hoffman and Wouter Wijngaards. Elliptic Curve Digital Signature Algorithm (DSA) for DNSSEC. RFC 6605, April 2012."},{"key":"e_1_3_2_2_71_1","doi-asserted-by":"crossref","unstructured":"Russ Housley Tim Polk Dr. Warwick S. Ford and Dave Solo. Internet X.509 Public Key Infrastructure Certificate and CRL Profile. RFC 2459 January 1999.","DOI":"10.17487\/rfc2459"},{"key":"e_1_3_2_2_72_1","first-page":"7858","article-title":"Specification for DNS over Transport Layer Security (TLS)","author":"Hu Zi","year":"2016","unstructured":"Zi Hu, Liang Zhu, John Heidemann, Allison Mankin, Duane Wessels, and Paul E. Hoffman. Specification for DNS over Transport Layer Security (TLS). RFC 7858, 2016.","journal-title":"RFC"},{"key":"e_1_3_2_2_73_1","unstructured":"Major DNSSEC Outages and Validation Failures. IANIX March 2024. https:\/\/ianix.com\/pub\/dnssec-outages.html."},{"volume-title":"Circuit Compiler. https:\/\/github.com\/iden3\/circom","year":"2024","key":"e_1_3_2_2_74_1","unstructured":"iden3. Circom, Circuit Compiler. https:\/\/github.com\/iden3\/circom, 2024."},{"volume-title":"snarkjs. https:\/\/github.com\/iden3\/snarkjs","year":"2024","key":"e_1_3_2_2_75_1","unstructured":"iden3. snarkjs. https:\/\/github.com\/iden3\/snarkjs, 2024."},{"key":"e_1_3_2_2_76_1","doi-asserted-by":"publisher","DOI":"10.1109\/CCC.2007.10"},{"key":"e_1_3_2_2_77_1","volume-title":"Use of SHA-2 Algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC. RFC","author":"Jansen Jelte","year":"2009","unstructured":"Jelte Jansen. Use of SHA-2 Algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC. RFC 5702, October 2009."},{"key":"e_1_3_2_2_78_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-39884-1_28"},{"key":"e_1_3_2_2_79_1","doi-asserted-by":"publisher","DOI":"10.1145\/129712.129782"},{"key":"e_1_3_2_2_80_1","volume-title":"WWW","author":"Hyun-Jin Kim Tiffany","year":"2013","unstructured":"Tiffany Hyun-Jin Kim, Lin-Shung Huang, Adrian Perrig, Collin Jackson, and Virgil Gligor. Accountable key infrastructure (AKI) a proposal for a public-key validation infrastructure. In WWW, 2013."},{"key":"e_1_3_2_2_81_1","volume-title":"Internet Engineering Task Force","author":"Kinnear Eric","year":"2021","unstructured":"Eric Kinnear, Patrick McManus, Tommy Pauly, Tanya Verma, and Christopher A. Wood. Oblivious DNS Over HTTPS. Internet-Draft draft-pauly-dprive-oblivious-doh-06, Internet Engineering Task Force, 2021."},{"key":"e_1_3_2_2_82_1","volume-title":"IEEE Symposium on Security and Privacy","author":"Kosba Ahmed","year":"2018","unstructured":"Ahmed Kosba, Charalampos Papamanthou, and Elaine Shi. xJsnark: a framework for efficient verifiable computation. In IEEE Symposium on Security and Privacy, 2018."},{"key":"e_1_3_2_2_83_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23162"},{"key":"e_1_3_2_2_84_1","first-page":"85","article-title":"A new PKI model with Certificate Transparency based on blockchain","author":"Kubilay Murat Yasin","year":"2019","unstructured":"Murat Yasin Kubilay, Mehmet Sabir Kiraz, and Hac\u0131 Ali Mantar. CertLedger: A new PKI model with Certificate Transparency based on blockchain. Computers & Security, 85, 2019.","journal-title":"Computers & Security"},{"key":"e_1_3_2_2_85_1","volume-title":"Imperial Violet","author":"Langley Adam","year":"2011","unstructured":"Adam Langley. DNSSEC authenticated HTTPS in Chrome. Imperial Violet, June 2011. https:\/\/www.imperialviolet.org\/2011\/06\/16\/dnssecchrome.html."},{"key":"e_1_3_2_2_86_1","volume-title":"Google Security Blog","author":"Langley Adam","year":"2013","unstructured":"Adam Langley. Enhancing digital certificate security. Google Security Blog, April 2013. https:\/\/security.googleblog.com\/2013\/01\/enhancing-digital-certificate-security.html."},{"key":"e_1_3_2_2_87_1","volume-title":"Google Security Blog","author":"Langley Adam","year":"2014","unstructured":"Adam Langley. Maintaining digital certificate security. Google Security Blog, July 2014. https:\/\/security.googleblog.com\/2015\/03\/maintaining-digital-certificate-security.html."},{"key":"e_1_3_2_2_88_1","volume-title":"Imperial Violet","author":"Langley Adam","year":"2015","unstructured":"Adam Langley. Why not DANE in browsers. Imperial Violet, January 2015. https:\/\/www.imperialviolet.org\/2015\/01\/17\/notdane.html."},{"key":"e_1_3_2_2_90_1","volume-title":"Paper 2023\/1377","author":"Lauinger Jan","year":"2023","unstructured":"Jan Lauinger, Jens Ernstberger, Andreas Finkenzeller, and Sebastian Steinhorst. Janus: Fast privacy-preserving data provenance for tls 1.3. Cryptology ePrint Archive, Paper 2023\/1377, 2023."},{"key":"e_1_3_2_2_91_1","volume-title":"September, 33","author":"Laurie Ben","year":"2012","unstructured":"Ben Laurie and Emilia Kasper. Revocation transparency. Google Research, September, 33, 2012."},{"key":"e_1_3_2_2_92_1","doi-asserted-by":"crossref","unstructured":"Ben Laurie Adam Langley and Emilia Kasper. Certificate Transparency. RFC 6962 June 2013.","DOI":"10.17487\/rfc6962"},{"key":"e_1_3_2_2_93_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC9162"},{"key":"e_1_3_2_2_94_1","doi-asserted-by":"publisher","DOI":"10.1145\/2815675.2815685"},{"key":"e_1_3_2_2_95_1","volume-title":"Paper 2023\/643","author":"Luo Ning","year":"2023","unstructured":"Ning Luo, Chenkai Weng, Jaspal Singh, Gefei Tan, Ruzica Piskac, and Mariana Raykova. Privacy-preserving regular expression matching using nondeterministic finite automata. Cryptology ePrint Archive, Paper 2023\/643, 2023."},{"key":"e_1_3_2_2_96_1","volume-title":"convergence.io","author":"Marlinspike Moxie","year":"2011","unstructured":"Moxie Marlinspike. Convergence. convergence.io, 2011."},{"key":"e_1_3_2_2_97_1","volume-title":"Internet Engineering Task Force","author":"Marlinspike Moxie","year":"2013","unstructured":"Moxie Marlinspike. Trust Assertions for Certificate Keys. Internet-Draft draft-perrin-tls-tack-02, Internet Engineering Task Force, January 2013. Work in Progress."},{"key":"e_1_3_2_2_98_1","volume-title":"bellman_ce. https:\/\/github.com\/matter-labs\/bellman","author":"Labs Matter","year":"2023","unstructured":"Matter Labs. bellman_ce. https:\/\/github.com\/matter-labs\/bellman, 2023."},{"key":"e_1_3_2_2_99_1","volume-title":"PETS","author":"Meiklejohn Sarah","year":"2022","unstructured":"Sarah Meiklejohn, Joe DeBlasio, Devon O'Brien, Chris Thompson, Kevin Yeo, and Emily Stark. SoK: SCT auditing in Certificate Transparency. PETS, 2022."},{"key":"e_1_3_2_2_100_1","doi-asserted-by":"publisher","DOI":"10.1137\/S0097539795284959"},{"key":"e_1_3_2_2_101_1","doi-asserted-by":"publisher","DOI":"10.1090\/S0025-5718-1985-0777282-X"},{"key":"e_1_3_2_2_102_1","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.FIPS.186-5"},{"key":"e_1_3_2_2_103_1","volume-title":"Reducing Trust in Automated Certificate Authorities via Proofs-of-Authentication. arXiv preprint arXiv:2307.08201","author":"Newman Zachary","year":"2023","unstructured":"Zachary Newman. Reducing Trust in Automated Certificate Authorities via Proofs-of-Authentication. arXiv preprint arXiv:2307.08201, 2023."},{"key":"e_1_3_2_2_104_1","volume-title":"Groth16 malleability. https:\/\/geometry.xyz\/notebook\/groth16-malleability","author":"Novakovic Andrija","year":"2022","unstructured":"Andrija Novakovic and Kobi Gurkan. Groth16 malleability. https:\/\/geometry.xyz\/notebook\/groth16-malleability, 2022."},{"key":"e_1_3_2_2_105_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC2986"},{"key":"e_1_3_2_2_106_1","volume-title":"USENIX Security","author":"Oltrogge Marten","year":"2015","unstructured":"Marten Oltrogge, Yasemin Acar, Sergej Dechand, Matthew Smith, and Sascha Fahl. To Pin or Not to Pin---Helping App Developers Bullet Proof Their TLS Connections. In USENIX Security, 2015."},{"key":"e_1_3_2_2_107_1","volume-title":"https:\/\/github.com\/openssl\/openssl","author":"SSL.","year":"2024","unstructured":"OpenSSL. OpenSSL. https:\/\/github.com\/openssl\/openssl, 2024."},{"key":"e_1_3_2_2_108_1","volume-title":"OpenSSL asn1parse. https:\/\/docs.openssl.org\/1.1.1\/man1\/asn1parse\/","author":"SSL.","year":"2024","unstructured":"OpenSSL. OpenSSL asn1parse. https:\/\/docs.openssl.org\/1.1.1\/man1\/asn1parse\/, 2024."},{"key":"e_1_3_2_2_109_1","volume-title":"USENIX Security","author":"Ozdemir Alex","year":"2020","unstructured":"Alex Ozdemir, Riad Wahby, Barry Whitehat, and Dan Boneh. Scaling verifiable computation using efficient set accumulators. In USENIX Security, 2020."},{"key":"e_1_3_2_2_110_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.47"},{"key":"e_1_3_2_2_111_1","volume-title":"The New York Times","author":"Richmond Riva","year":"2011","unstructured":"Riva Richmond. An Attack Sheds Light on Internet Security Holes. The New York Times, April 2011."},{"key":"e_1_3_2_2_112_1","volume-title":"zkUtil. https:\/\/github.com\/poma\/zkutil","author":"Semenov Roman","year":"2021","unstructured":"Roman Semenov. zkUtil. https:\/\/github.com\/poma\/zkutil, 2021."},{"key":"e_1_3_2_2_113_1","volume-title":"Resource Records for the DNS Security Extensions. RFC","author":"Rose Scott","year":"2005","unstructured":"Scott Rose, Matt Larson, Dan Massey, Rob Austein, and Roy Arends. Resource Records for the DNS Security Extensions. RFC 4034, March 2005."},{"key":"e_1_3_2_2_114_1","volume-title":"zkcreds: Flexible Anonymous Credentials from zkSNARKs and Existing Identity Infrastructure","author":"Rosenberg Michael","year":"2023","unstructured":"Michael Rosenberg, Jacob White, Christina Garman, and Ian Miers. zkcreds: Flexible Anonymous Credentials from zkSNARKs and Existing Identity Infrastructure. In IEEE Security and Privacy, 2023."},{"key":"e_1_3_2_2_115_1","volume-title":"Domain impersonation is feasible: a study of CA domain validation vulnerabilities","author":"Schwittmann Lorenz","year":"2019","unstructured":"Lorenz Schwittmann, Matth\u00e4us Wander, and Torben Weis. Domain impersonation is feasible: a study of CA domain validation vulnerabilities. In IEEE EuroS&P, 2019."},{"key":"e_1_3_2_2_116_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-56877-1_25"},{"key":"e_1_3_2_2_117_1","doi-asserted-by":"publisher","DOI":"10.1145\/2465351.2465359"},{"key":"e_1_3_2_2_118_1","volume-title":"Paper 2023\/1216","author":"Setty Srinath","year":"2023","unstructured":"Srinath Setty, Justin Thaler, and Riad Wahby. Unlocking the lookup singularity with Lasso. Cryptology ePrint Archive, Paper 2023\/1216, 2023."},{"key":"e_1_3_2_2_119_1","volume-title":"USENIX Security","author":"Setty Srinath","year":"2012","unstructured":"Srinath Setty, Victor Vu, Nikhil Panpalia, Benjamin Braun, Andrew J. Blumberg, and Michael Walfish. Taking proof-based verified computation a few steps closer to practicality. In USENIX Security, 2012."},{"key":"e_1_3_2_2_120_1","volume-title":"NSDI","author":"Shulman Haya","year":"2017","unstructured":"Haya Shulman and Michael Waidner. One key to sign them all considered vulnerable: Evaluation of DNSSEC in the internet. In NSDI, 2017."},{"key":"e_1_3_2_2_121_1","volume-title":"Google Security Blog","author":"Sleevi Ryan","year":"2015","unstructured":"Ryan Sleevi. Sustaining Digital Certificate Security. Google Security Blog, October 2015. https:\/\/security.googleblog.com\/2015\/10\/sustaining-digital-certificate-security.html."},{"key":"e_1_3_2_2_122_1","volume-title":"NDSS","author":"Smith Trevor","year":"2020","unstructured":"Trevor Smith, Luke Dickinson, and Kent Seamons. Let's revoke: Scalable global certificate revocation. In NDSS, 2020."},{"key":"e_1_3_2_2_123_1","volume-title":"ICST","author":"Son Sooel","year":"2010","unstructured":"Sooel Son and Vitaly Shmatikov. The hitchhiker's guide to DNS cache poisoning. In ICST, 2010."},{"key":"e_1_3_2_2_124_1","volume-title":"Certificate transparency in Google Chrome: Past, present, and future","author":"Stark Emily","year":"2021","unstructured":"Emily Stark, Joe DeBlasio, and Devon O'Brien. Certificate transparency in Google Chrome: Past, present, and future. IEEE Security & Privacy, 19(6), 2021."},{"key":"e_1_3_2_2_125_1","volume-title":"Automated Updates of DNS Security (DNSSEC) Trust Anchors. RFC","author":"StJohns Michael","year":"2007","unstructured":"Michael StJohns. Automated Updates of DNS Security (DNSSEC) Trust Anchors. RFC 5011, September 2007."},{"key":"e_1_3_2_2_126_1","first-page":"806","article-title":"Addition chains of vectors (problem 5125)","volume":"71","author":"Straus Ernst G.","year":"1964","unstructured":"Ernst G. Straus. Addition chains of vectors (problem 5125). American Mathematical Monthly, 71:806--808, 1964.","journal-title":"American Mathematical Monthly"},{"key":"e_1_3_2_2_127_1","volume-title":"Elliptic curves. https:\/\/ocw.mit.edu\/courses\/18-783-elliptic-curves-spring-2021","author":"Sutherland Andrew","year":"2021","unstructured":"Andrew Sutherland. Elliptic curves. https:\/\/ocw.mit.edu\/courses\/18-783-elliptic-curves-spring-2021, 2021."},{"key":"e_1_3_2_2_128_1","volume-title":"http:\/\/people.cs.georgetown.edu\/jthaler\/ProofsArgsAndZK.html","author":"Thaler Justin","year":"2020","unstructured":"Justin Thaler. Proofs, Arguments, and Zero-Knowledge. http:\/\/people.cs.georgetown.edu\/jthaler\/ProofsArgsAndZK.html, 2020."},{"key":"e_1_3_2_2_130_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23097"},{"key":"e_1_3_2_2_131_1","doi-asserted-by":"publisher","DOI":"10.1145\/2641562"},{"key":"e_1_3_2_2_132_1","volume-title":"Wendlandt and Adrian Perrig. Perspectives: Improving SSH-style Host Authentication with Multi-Path Probing. In USENIX Annual Technical Conference","author":"Dan","year":"2008","unstructured":"Dan Wendlandt and Adrian Perrig. Perspectives: Improving SSH-style Host Authentication with Multi-Path Probing. In USENIX Annual Technical Conference, 2008."},{"key":"e_1_3_2_2_133_1","volume-title":"Ethereum Name Service: the Good, the Bad, and the Ugly. arXiv preprint arXiv:2104.05185","author":"Xia Pengcheng","year":"2021","unstructured":"Pengcheng Xia, Haoyu Wang, Zhou Yu, Xinyu Liu, Xiapu Luo, and Guoai Xu. Ethereum Name Service: the Good, the Bad, and the Ugly. arXiv preprint arXiv:2104.05185, 2021."},{"key":"e_1_3_2_2_134_1","volume-title":"NSDI","author":"Zhang Collin","year":"2024","unstructured":"Collin Zhang, Zachary DeStefano, Arasu Arun, Joseph Bonneau, Paul Grubbs, and Michael Walfish. Zombie: Middleboxes that don't snoop. In NSDI, 2024."},{"key":"e_1_3_2_2_135_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417239"},{"key":"e_1_3_2_2_136_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.43"},{"key":"e_1_3_2_2_137_1","volume-title":"Paper 2024\/292","author":"Zheng Shuhao","year":"2024","unstructured":"Shuhao Zheng, Zonglun Li, Junliang Luo, Ziyue Xin, and Xue Liu. IDEA-DAC: Integrity-Driven Editing for Accountable Decentralized Anonymous Credentials via ZK-JSON. Cryptology ePrint Archive, Paper 2024\/292, 2024."}],"event":{"name":"SOSP '24: ACM SIGOPS 30th Symposium on Operating Systems Principles","sponsor":["SIGOPS ACM Special Interest Group on Operating Systems","USENIX"],"location":"Austin TX USA","acronym":"SOSP '24"},"container-title":["Proceedings of the ACM SIGOPS 30th Symposium on Operating Systems Principles"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3694715.3695962","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3694715.3695962","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3694715.3695962","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T00:05:48Z","timestamp":1750291548000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3694715.3695962"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,11,4]]},"references-count":135,"alternative-id":["10.1145\/3694715.3695962","10.1145\/3694715"],"URL":"https:\/\/doi.org\/10.1145\/3694715.3695962","relation":{},"subject":[],"published":{"date-parts":[[2024,11,4]]},"assertion":[{"value":"2024-11-15","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}