Publication Type

Conference Proceeding Article

Version

acceptedVersion

Publication Date

8-2025

Abstract

A computing device typically identifies itself by exhibiting unique measurable behavior or by proving its knowledge of a secret. In both cases, the identifying device must reveal information to a verifier. Considerable research has focused on protecting identifying entities (provers) and reducing the amount of leaked data. However, little has been done to conceal the fact that the verification occurred.We show how this problem naturally arises in the context of digital emblems, which were recently proposed by the International Committee of the Red Cross to protect digital resources during cyber-conflicts. To address this new and important open problem, we define a new primitive, called an Oblivious Digital Token (ODT) that can be verified obliviously. Verifiers can use this procedure to check whether a device has an ODT without revealing to any other parties (including the device itself) that this check occurred. We demonstrate the feasibility of ODTs and present a concrete construction that provably meets the ODT security requirements, even if the prover device's software is fully compromised. We also implement a prototype of the proposed construction and evaluate its performance, thereby confirming its practicality.

Discipline

Information Security

Areas of Excellence

Digital transformation

Publication

SEC '25: Proceedings of the 34th USENIX Conference on Security Symposium, Seattle, USA, August 13-15

First Page

7897

Last Page

7915

Identifier

10.5555/3766078.3766483

Publisher

ACM

City or Country

New York

Additional URL

https://doi.org/10.5555/3766078.3766483

Download

Share

COinS