{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2016:2IDHKZ2HDY7YO4DAXCAQHODJ3B","short_pith_number":"pith:2IDHKZ2H","canonical_record":{"source":{"id":"1603.04085","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-03-13T22:39:02Z","cross_cats_sorted":[],"title_canon_sha256":"4c792b502a2af061976e7d6634e5496d5466070fdd863f9f045a2856d7aac439","abstract_canon_sha256":"d3f238c369b3fbec74df5b02421d65cdb7b97978625fc14dd8da92cb7b4e1c63"},"schema_version":"1.0"},"canonical_sha256":"d2067567471e3f877060b88103b869d862383913e8041b1e876fcfc468df869f","source":{"kind":"arxiv","id":"1603.04085","version":1},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1603.04085","created_at":"2026-05-18T01:19:09Z"},{"alias_kind":"arxiv_version","alias_value":"1603.04085v1","created_at":"2026-05-18T01:19:09Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1603.04085","created_at":"2026-05-18T01:19:09Z"},{"alias_kind":"pith_short_12","alias_value":"2IDHKZ2HDY7Y","created_at":"2026-05-18T12:29:55Z"},{"alias_kind":"pith_short_16","alias_value":"2IDHKZ2HDY7YO4DA","created_at":"2026-05-18T12:29:55Z"},{"alias_kind":"pith_short_8","alias_value":"2IDHKZ2H","created_at":"2026-05-18T12:29:55Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2016:2IDHKZ2HDY7YO4DAXCAQHODJ3B","target":"record","payload":{"canonical_record":{"source":{"id":"1603.04085","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-03-13T22:39:02Z","cross_cats_sorted":[],"title_canon_sha256":"4c792b502a2af061976e7d6634e5496d5466070fdd863f9f045a2856d7aac439","abstract_canon_sha256":"d3f238c369b3fbec74df5b02421d65cdb7b97978625fc14dd8da92cb7b4e1c63"},"schema_version":"1.0"},"canonical_sha256":"d2067567471e3f877060b88103b869d862383913e8041b1e876fcfc468df869f","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T01:19:09.477519Z","signature_b64":"+IKtYaVygcH0SyjrP+7rkeNSK1ZoqY5hfaSIOTgncc5f3QKfO1c+sH/poNgYh+Sa9lsGDS/SZD/WYPKf2XckCg==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"d2067567471e3f877060b88103b869d862383913e8041b1e876fcfc468df869f","last_reissued_at":"2026-05-18T01:19:09.476751Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T01:19:09.476751Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1603.04085","source_version":1,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T01:19:09Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"zgYBC0nrz/F/Z0RY/DxWehfkNEQZzlUB8EoCuyaGOh9AzzAMAfhW0a21yzGFD071bNMAnb/uUocusiU7rOQcAw==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-22T20:58:06.162905Z"},"content_sha256":"24f7a2773c08e21c604091c59752df63dd1087f3ce33e6138a56de1da7ae4c0d","schema_version":"1.0","event_id":"sha256:24f7a2773c08e21c604091c59752df63dd1087f3ce33e6138a56de1da7ae4c0d"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2016:2IDHKZ2HDY7YO4DAXCAQHODJ3B","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"Server-side verification of client behavior in cryptographic protocols","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Andrew Chi, Cynthia Sturton, Marie Nesfield, Michael K. Reiter, Robert Cochran","submitted_at":"2016-03-13T22:39:02Z","abstract_excerpt":"Numerous exploits of client-server protocols and applications involve modifying clients to behave in ways that untampered clients would not, such as crafting malicious packets. In this paper, we demonstrate practical verification of a cryptographic protocol client's messaging behavior as being consistent with the client program it is believed to be running. Moreover, we accomplish this without modifying the client in any way, and without knowing all of the client-side inputs driving its behavior. Our toolchain for verifying a client's messages explores multiple candidate execution paths in the"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1603.04085","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T01:19:09Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"tyy8kA+Pr3zuAWcV4HlSRGyZR/VGmthAdBD/41hM6CRxFNNjyTbg9fZCpWlRr9KTliOihjsIMv02TSOvHsewCA==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-22T20:58:06.163248Z"},"content_sha256":"736a22e83b72cb90b22fd099ff2cd2a0289ffdf697f4f302a5c979be0eda5d52","schema_version":"1.0","event_id":"sha256:736a22e83b72cb90b22fd099ff2cd2a0289ffdf697f4f302a5c979be0eda5d52"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/2IDHKZ2HDY7YO4DAXCAQHODJ3B/bundle.json","state_url":"https://pith.science/pith/2IDHKZ2HDY7YO4DAXCAQHODJ3B/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/2IDHKZ2HDY7YO4DAXCAQHODJ3B/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-06-22T20:58:06Z","links":{"resolver":"https://pith.science/pith/2IDHKZ2HDY7YO4DAXCAQHODJ3B","bundle":"https://pith.science/pith/2IDHKZ2HDY7YO4DAXCAQHODJ3B/bundle.json","state":"https://pith.science/pith/2IDHKZ2HDY7YO4DAXCAQHODJ3B/state.json","well_known_bundle":"https://pith.science/.well-known/pith/2IDHKZ2HDY7YO4DAXCAQHODJ3B/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2016:2IDHKZ2HDY7YO4DAXCAQHODJ3B","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"d3f238c369b3fbec74df5b02421d65cdb7b97978625fc14dd8da92cb7b4e1c63","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-03-13T22:39:02Z","title_canon_sha256":"4c792b502a2af061976e7d6634e5496d5466070fdd863f9f045a2856d7aac439"},"schema_version":"1.0","source":{"id":"1603.04085","kind":"arxiv","version":1}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1603.04085","created_at":"2026-05-18T01:19:09Z"},{"alias_kind":"arxiv_version","alias_value":"1603.04085v1","created_at":"2026-05-18T01:19:09Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1603.04085","created_at":"2026-05-18T01:19:09Z"},{"alias_kind":"pith_short_12","alias_value":"2IDHKZ2HDY7Y","created_at":"2026-05-18T12:29:55Z"},{"alias_kind":"pith_short_16","alias_value":"2IDHKZ2HDY7YO4DA","created_at":"2026-05-18T12:29:55Z"},{"alias_kind":"pith_short_8","alias_value":"2IDHKZ2H","created_at":"2026-05-18T12:29:55Z"}],"graph_snapshots":[{"event_id":"sha256:736a22e83b72cb90b22fd099ff2cd2a0289ffdf697f4f302a5c979be0eda5d52","target":"graph","created_at":"2026-05-18T01:19:09Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"Numerous exploits of client-server protocols and applications involve modifying clients to behave in ways that untampered clients would not, such as crafting malicious packets. In this paper, we demonstrate practical verification of a cryptographic protocol client's messaging behavior as being consistent with the client program it is believed to be running. Moreover, we accomplish this without modifying the client in any way, and without knowing all of the client-side inputs driving its behavior. Our toolchain for verifying a client's messages explores multiple candidate execution paths in the","authors_text":"Andrew Chi, Cynthia Sturton, Marie Nesfield, Michael K. Reiter, Robert Cochran","cross_cats":[],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-03-13T22:39:02Z","title":"Server-side verification of client behavior in cryptographic protocols"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1603.04085","kind":"arxiv","version":1},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:24f7a2773c08e21c604091c59752df63dd1087f3ce33e6138a56de1da7ae4c0d","target":"record","created_at":"2026-05-18T01:19:09Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"d3f238c369b3fbec74df5b02421d65cdb7b97978625fc14dd8da92cb7b4e1c63","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2016-03-13T22:39:02Z","title_canon_sha256":"4c792b502a2af061976e7d6634e5496d5466070fdd863f9f045a2856d7aac439"},"schema_version":"1.0","source":{"id":"1603.04085","kind":"arxiv","version":1}},"canonical_sha256":"d2067567471e3f877060b88103b869d862383913e8041b1e876fcfc468df869f","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"d2067567471e3f877060b88103b869d862383913e8041b1e876fcfc468df869f","first_computed_at":"2026-05-18T01:19:09.476751Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T01:19:09.476751Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"+IKtYaVygcH0SyjrP+7rkeNSK1ZoqY5hfaSIOTgncc5f3QKfO1c+sH/poNgYh+Sa9lsGDS/SZD/WYPKf2XckCg==","signature_status":"signed_v1","signed_at":"2026-05-18T01:19:09.477519Z","signed_message":"canonical_sha256_bytes"},"source_id":"1603.04085","source_kind":"arxiv","source_version":1}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:24f7a2773c08e21c604091c59752df63dd1087f3ce33e6138a56de1da7ae4c0d","sha256:736a22e83b72cb90b22fd099ff2cd2a0289ffdf697f4f302a5c979be0eda5d52"],"state_sha256":"1ea2b3fa194248e56b6d6259ef10181807f9ec3b29ded57812a69fe98a5997bb"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"BODpoWTT10xALZk3JaOfVxercjSQd8OQp+vCbkaJTl5ICKE58uLyBHZkEkhBEwo6e1n90so5mBY5/D+yDfimBw==","signed_message":"bundle_sha256_bytes","signed_at":"2026-06-22T20:58:06.165200Z","bundle_sha256":"496e094cc5deb83f6f1720414e947bdfe97114109a133e9e3ee8860043264971"}}