{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,22]],"date-time":"2025-12-22T22:27:23Z","timestamp":1766442443995,"version":"3.48.0"},"publisher-location":"New York, NY, USA","reference-count":31,"publisher":"ACM","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,11,19]]},"DOI":"10.1145\/3719027.3765172","type":"proceedings-article","created":{"date-parts":[[2025,11,22]],"date-time":"2025-11-22T23:37:25Z","timestamp":1763854645000},"page":"2922-2936","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Security Analysis of Privately Verifiable Privacy Pass"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0001-3635-4658","authenticated-orcid":false,"given":"Konrad","family":"Hanff","sequence":"first","affiliation":[{"name":"Hasso Plattner Institute, University of Potsdam, Potsdam, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2872-7899","authenticated-orcid":false,"given":"Anja","family":"Lehmann","sequence":"additional","affiliation":[{"name":"Hasso Plattner Institute, University of Potsdam, Potsdam, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5000-7655","authenticated-orcid":false,"given":"Cavit","family":"\u00d6zbay","sequence":"additional","affiliation":[{"name":"Hasso Plattner Institute, University of Potsdam, Potsdam, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2025,11,22]]},"reference":[{"key":"e_1_3_2_1_1_1","first-page":"04","volume":"1","author":"A","unstructured":"2020. A privacy-enhancing protocol and browser extension. https:\/\/privacypass.github.io\/. [Accessed 15-04--2025].","journal-title":"Accessed"},{"key":"e_1_3_2_1_2_1","first-page":"04","volume":"1","author":"WhatsApp DIT","unstructured":"2021. DIT - enabling de-identified data collection on WhatsApp. https:\/\/engineering.fb.com\/2021\/04\/16\/security\/dit\/. [Accessed 15-04--2025].","journal-title":"Accessed"},{"key":"e_1_3_2_1_3_1","first-page":"04","volume":"1","author":"Tokens Private State","unstructured":"2025. Private State Tokens. https:\/\/developers.google.com\/privacy-sandbox\/protections\/private-state-tokens\/. [Accessed 15-04--2025].","journal-title":"Accessed"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.56553\/popets-2025-0004"},{"key":"e_1_3_2_1_5_1","volume-title":"Publicly verifiable anonymous tokens with private metadata bit. Cryptology ePrint Archive","author":"Benhamouda Fabrice","year":"2022","unstructured":"Fabrice Benhamouda, Tancrede Lepoint, Michele Orru, and Mariana Raykova. 2022. Publicly verifiable anonymous tokens with private metadata bit. Cryptology ePrint Archive (2022)."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-91101-9_12"},{"key":"e_1_3_2_1_7_1","volume-title":"SoK: Oblivious Pseudorandom Functions. In 2022 IEEE 7th European Symposium on Security and Privacy (EuroS&P). 625--646","author":"Casacuberta S\u00edlvia","year":"2022","unstructured":"S\u00edlvia Casacuberta, Julia Hesse, and Anja Lehmann. 2022. SoK: Oblivious Pseudorandom Functions. In 2022 IEEE 7th European Symposium on Security and Privacy (EuroS&P). 625--646."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC9578"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-38545-2_14"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3616619"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC9497"},{"key":"e_1_3_2_1_12_1","volume-title":"Wood","author":"Davidson Alex","year":"2023","unstructured":"Alex Davidson, Matthew Finkel, Martin Thomson, and Christopher A. Wood. 2023. Key Consistency and Discovery. Internet-Draft draft-ietf-privacypass-keyconsistency-01. Internet Engineering Task Force. Work in Progress."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1515\/popets-2018-0026"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC9576"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/3658644.3670338"},{"key":"e_1_3_2_1_16_1","unstructured":"Muhammed F. Esgin Ron Steinfeld Erkan Tairi and Jie Xu. 2024. LeOPaRd: Towards Practical Post-Quantum Oblivious PRFs via Interactive Lattice Problems. https:\/\/eprint.iacr.org\/2024\/1615 Publication info: Preprint.."},{"key":"e_1_3_2_1_17_1","volume-title":"24th USENIX Security Symposium (USENIX Security 15)","author":"Everspaugh Adam","year":"2015","unstructured":"Adam Everspaugh, Rahul Chaterjee, Samuel Scott, Ari Juels, and Thomas Ristenpart. 2015. The pythia {PRF} service. In 24th USENIX Security Symposium (USENIX Security 15). 547--562."},{"key":"e_1_3_2_1_18_1","volume-title":"Wood","author":"Hendrickson Scott","year":"2024","unstructured":"Scott Hendrickson, Jana Iyengar, Tommy Pauly, Steven Valdez, and Christopher A. Wood. 2024. Rate-Limited Token Issuance Protocol. Internet-Draft draft-ietfprivacypass-rate-limit-tokens-06. Internet Engineering Task Force. Work in Progress."},{"key":"e_1_3_2_1_19_1","unstructured":"Scott Hendrickson and Thibault Meunier. 2024. Attester Issuer Protocol. Internet-Draft draft-hendrickson-pp-attesterissuer-00. Internet Engineering Task Force. Work in Progress."},{"key":"e_1_3_2_1_20_1","volume-title":"Wood","author":"Hendrickson Scott","year":"2024","unstructured":"Scott Hendrickson and Christopher A.Wood. 2024. Privacy Pass Issuance Protocols with Public Metadata. Internet-Draft draft-ietf-privacypass-public-metadataissuance-01. Internet Engineering Task Force. Work in Progress."},{"key":"e_1_3_2_1_21_1","volume-title":"Wood","author":"Hendrickson Scott","year":"2024","unstructured":"Scott Hendrickson and Christopher A. Wood. 2024. The PrivateToken HTTP Authentication Scheme Extensions Parameter. Internet-Draft draft-ietf-privacypassauth- scheme-extensions-01. Internet Engineering Task Force. Work in Progress."},{"key":"e_1_3_2_1_22_1","volume-title":"Wood","author":"Hendrickson Scott","year":"2025","unstructured":"Scott Hendrickson and Christopher A.Wood. 2025. Privacy Pass Token Expiration Extension. Internet-Draft draft-hendrickson-privacypass-expiration-extension-03. Internet Engineering Task Force. Work in Progress."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-45608-8_13"},{"key":"e_1_3_2_1_24_1","volume-title":"CRYPTO 2020, Santa Barbara, CA, USA, August 17--21, 2020, Proceedings, Part I 40","author":"Kreuter Ben","year":"2020","unstructured":"Ben Kreuter, Tancr\u00e8de Lepoint, Michele Orr\u00f9, and Mariana Raykova. 2020. Anonymous tokens with private metadata bit. In Advances in Cryptology--CRYPTO 2020: 40th Annual International Cryptology Conference, CRYPTO 2020, Santa Barbara, CA, USA, August 17--21, 2020, Proceedings, Part I 40. Springer, 308--336."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.2478\/popets-2019-0048"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC9577"},{"key":"e_1_3_2_1_27_1","unstructured":"Raphael Robert Christopher A. Wood and Thibault Meunier. 2025. Batched Token Issuance Protocol. Internet-Draft draft-ietf-privacypass-batched-tokens-04. Internet Engineering Task Force. Work in Progress."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-18283-9_9"},{"key":"e_1_3_2_1_29_1","unstructured":"Reid Tatoris and Maxime Guerreiro. 2022. Private Access Tokens: eliminating CAPTCHAs on iPhones and Macs with open standards. https:\/\/blog.cloudflare. com\/eliminating-captchas-on-iphones-and-macs-using-new-standard\/. [Accessed 15-04--2025]."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-07085-3_23"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/3606464.3606481"}],"event":{"name":"CCS '25: ACM SIGSAC Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Taipei Taiwan","acronym":"CCS '25"},"container-title":["Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3719027.3765172","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,22]],"date-time":"2025-12-22T22:24:37Z","timestamp":1766442277000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3719027.3765172"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,11,19]]},"references-count":31,"alternative-id":["10.1145\/3719027.3765172","10.1145\/3719027"],"URL":"https:\/\/doi.org\/10.1145\/3719027.3765172","relation":{},"subject":[],"published":{"date-parts":[[2025,11,19]]},"assertion":[{"value":"2025-11-22","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}