{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2010:NSWV76PWXGZL46VMSF2UH7E3TT","short_pith_number":"pith:NSWV76PW","canonical_record":{"source":{"id":"1008.3625","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2010-08-21T11:20:33Z","cross_cats_sorted":[],"title_canon_sha256":"fd22f17736c45fd6ac755075a77a94a3c7cec95d534c934b4cc4c05a260c8ff4","abstract_canon_sha256":"51fad5b6338ab6ceeec6b475f201e0be1f240560c7be0742ef7ba72f818c78d2"},"schema_version":"1.0"},"canonical_sha256":"6cad5ff9f6b9b2be7aac917543fc9b9cc27858968e504385f74ecbfabfe1bd44","source":{"kind":"arxiv","id":"1008.3625","version":1},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1008.3625","created_at":"2026-05-18T04:41:55Z"},{"alias_kind":"arxiv_version","alias_value":"1008.3625v1","created_at":"2026-05-18T04:41:55Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1008.3625","created_at":"2026-05-18T04:41:55Z"},{"alias_kind":"pith_short_12","alias_value":"NSWV76PWXGZL","created_at":"2026-05-18T12:26:10Z"},{"alias_kind":"pith_short_16","alias_value":"NSWV76PWXGZL46VM","created_at":"2026-05-18T12:26:10Z"},{"alias_kind":"pith_short_8","alias_value":"NSWV76PW","created_at":"2026-05-18T12:26:10Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2010:NSWV76PWXGZL46VMSF2UH7E3TT","target":"record","payload":{"canonical_record":{"source":{"id":"1008.3625","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2010-08-21T11:20:33Z","cross_cats_sorted":[],"title_canon_sha256":"fd22f17736c45fd6ac755075a77a94a3c7cec95d534c934b4cc4c05a260c8ff4","abstract_canon_sha256":"51fad5b6338ab6ceeec6b475f201e0be1f240560c7be0742ef7ba72f818c78d2"},"schema_version":"1.0"},"canonical_sha256":"6cad5ff9f6b9b2be7aac917543fc9b9cc27858968e504385f74ecbfabfe1bd44","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T04:41:55.500377Z","signature_b64":"rDAdkMTJ7F1fG+g347QFVjXSnz9hxOddDUAP9CqWNwWkxHUC/0akItwprMzKZvmi+0aDY84ETZBm5MWsUwQUAg==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"6cad5ff9f6b9b2be7aac917543fc9b9cc27858968e504385f74ecbfabfe1bd44","last_reissued_at":"2026-05-18T04:41:55.499941Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T04:41:55.499941Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1008.3625","source_version":1,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T04:41:55Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"oZwbWmgdEZagGYaNanq88h7pR05ElvoO0ywHooPa/yCcoeL/Zl5ySMlDuZj4wz5X22gLQ0KybmtL6qNNszHiCg==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-05-27T10:28:30.145355Z"},"content_sha256":"a0e00967d6c818988ef57dc70f2ff86ea7a8a43dc5ecbf38774542323868ab74","schema_version":"1.0","event_id":"sha256:a0e00967d6c818988ef57dc70f2ff86ea7a8a43dc5ecbf38774542323868ab74"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2010:NSWV76PWXGZL46VMSF2UH7E3TT","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"Vulnerability Analysis of PAP for RFID Tags","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Jan van der Lubbe, Mohammd Rafie, Mu'awya Naser, Pedro Peris-Lopez","submitted_at":"2010-08-21T11:20:33Z","abstract_excerpt":"In this paper, we analyze the security of an RFID authentication protocol proposed by Liu and Bailey [1], called Privacy and Authentication Protocol (PAP), and show its vulnerabilities and faulty assumptions. PAP is a privacy and authentication protocol designed for passive tags. The authors claim that the protocol, being resistant to commonly assumed attacks, requires little computation and provides privacy protection and authentication. Nevertheless, we propose two traceability attacks and an impersonation attack, in which the revealing of secret information (i.e., secret key and static iden"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1008.3625","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T04:41:55Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"dukbOKQrn36LyIRFZsc+qoxfQ7B21FhHQeuZyKFbcIyWnUDPycDBMATgFRezN6xdYLThvEddXs98HSQqVD+dAw==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-05-27T10:28:30.145942Z"},"content_sha256":"d26088875ad33ce2282ec865a7873f1c08c9c31e6c9c6dbe95ef1b5901973611","schema_version":"1.0","event_id":"sha256:d26088875ad33ce2282ec865a7873f1c08c9c31e6c9c6dbe95ef1b5901973611"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/NSWV76PWXGZL46VMSF2UH7E3TT/bundle.json","state_url":"https://pith.science/pith/NSWV76PWXGZL46VMSF2UH7E3TT/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/NSWV76PWXGZL46VMSF2UH7E3TT/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-05-27T10:28:30Z","links":{"resolver":"https://pith.science/pith/NSWV76PWXGZL46VMSF2UH7E3TT","bundle":"https://pith.science/pith/NSWV76PWXGZL46VMSF2UH7E3TT/bundle.json","state":"https://pith.science/pith/NSWV76PWXGZL46VMSF2UH7E3TT/state.json","well_known_bundle":"https://pith.science/.well-known/pith/NSWV76PWXGZL46VMSF2UH7E3TT/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2010:NSWV76PWXGZL46VMSF2UH7E3TT","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"51fad5b6338ab6ceeec6b475f201e0be1f240560c7be0742ef7ba72f818c78d2","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2010-08-21T11:20:33Z","title_canon_sha256":"fd22f17736c45fd6ac755075a77a94a3c7cec95d534c934b4cc4c05a260c8ff4"},"schema_version":"1.0","source":{"id":"1008.3625","kind":"arxiv","version":1}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1008.3625","created_at":"2026-05-18T04:41:55Z"},{"alias_kind":"arxiv_version","alias_value":"1008.3625v1","created_at":"2026-05-18T04:41:55Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1008.3625","created_at":"2026-05-18T04:41:55Z"},{"alias_kind":"pith_short_12","alias_value":"NSWV76PWXGZL","created_at":"2026-05-18T12:26:10Z"},{"alias_kind":"pith_short_16","alias_value":"NSWV76PWXGZL46VM","created_at":"2026-05-18T12:26:10Z"},{"alias_kind":"pith_short_8","alias_value":"NSWV76PW","created_at":"2026-05-18T12:26:10Z"}],"graph_snapshots":[{"event_id":"sha256:d26088875ad33ce2282ec865a7873f1c08c9c31e6c9c6dbe95ef1b5901973611","target":"graph","created_at":"2026-05-18T04:41:55Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"In this paper, we analyze the security of an RFID authentication protocol proposed by Liu and Bailey [1], called Privacy and Authentication Protocol (PAP), and show its vulnerabilities and faulty assumptions. PAP is a privacy and authentication protocol designed for passive tags. The authors claim that the protocol, being resistant to commonly assumed attacks, requires little computation and provides privacy protection and authentication. Nevertheless, we propose two traceability attacks and an impersonation attack, in which the revealing of secret information (i.e., secret key and static iden","authors_text":"Jan van der Lubbe, Mohammd Rafie, Mu'awya Naser, Pedro Peris-Lopez","cross_cats":[],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2010-08-21T11:20:33Z","title":"Vulnerability Analysis of PAP for RFID Tags"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1008.3625","kind":"arxiv","version":1},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:a0e00967d6c818988ef57dc70f2ff86ea7a8a43dc5ecbf38774542323868ab74","target":"record","created_at":"2026-05-18T04:41:55Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"51fad5b6338ab6ceeec6b475f201e0be1f240560c7be0742ef7ba72f818c78d2","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2010-08-21T11:20:33Z","title_canon_sha256":"fd22f17736c45fd6ac755075a77a94a3c7cec95d534c934b4cc4c05a260c8ff4"},"schema_version":"1.0","source":{"id":"1008.3625","kind":"arxiv","version":1}},"canonical_sha256":"6cad5ff9f6b9b2be7aac917543fc9b9cc27858968e504385f74ecbfabfe1bd44","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"6cad5ff9f6b9b2be7aac917543fc9b9cc27858968e504385f74ecbfabfe1bd44","first_computed_at":"2026-05-18T04:41:55.499941Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T04:41:55.499941Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"rDAdkMTJ7F1fG+g347QFVjXSnz9hxOddDUAP9CqWNwWkxHUC/0akItwprMzKZvmi+0aDY84ETZBm5MWsUwQUAg==","signature_status":"signed_v1","signed_at":"2026-05-18T04:41:55.500377Z","signed_message":"canonical_sha256_bytes"},"source_id":"1008.3625","source_kind":"arxiv","source_version":1}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:a0e00967d6c818988ef57dc70f2ff86ea7a8a43dc5ecbf38774542323868ab74","sha256:d26088875ad33ce2282ec865a7873f1c08c9c31e6c9c6dbe95ef1b5901973611"],"state_sha256":"8d683e31981d0955121cadc2d051f3c31116b9839e99cfb0320555eae606c13f"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"clGpM/rfnTmmbInlbXQwJ48QkSQ2ZO+X0UXLwwbwdN37Z42wh85tM947gFzJBkbg3bEkEB/dv+LbNDc2hHwgCQ==","signed_message":"bundle_sha256_bytes","signed_at":"2026-05-27T10:28:30.148974Z","bundle_sha256":"5c147c1ddca41405a0f4e2f0fc0279bfd5f6edeab26ee7f5a2a44ff6b9b1337e"}}