{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2015:526S6WQT4JYNL6FSWRT7N2NANA","short_pith_number":"pith:526S6WQT","canonical_record":{"source":{"id":"1509.00239","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2015-09-01T11:45:56Z","cross_cats_sorted":[],"title_canon_sha256":"6b5f1297e4e6bb42d6abd7608849d9c654a480beb9eb9a6fd7c2b247fc9f63ee","abstract_canon_sha256":"e1cbfdf650b5fc9f9f6ff77a0d322d313da6ccc8e244843d68d78b3c2659338b"},"schema_version":"1.0"},"canonical_sha256":"eebd2f5a13e270d5f8b2b467f6e9a068233138866f3646f42d736f4836916620","source":{"kind":"arxiv","id":"1509.00239","version":2},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1509.00239","created_at":"2026-05-18T01:15:36Z"},{"alias_kind":"arxiv_version","alias_value":"1509.00239v2","created_at":"2026-05-18T01:15:36Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1509.00239","created_at":"2026-05-18T01:15:36Z"},{"alias_kind":"pith_short_12","alias_value":"526S6WQT4JYN","created_at":"2026-05-18T12:29:05Z"},{"alias_kind":"pith_short_16","alias_value":"526S6WQT4JYNL6FS","created_at":"2026-05-18T12:29:05Z"},{"alias_kind":"pith_short_8","alias_value":"526S6WQT","created_at":"2026-05-18T12:29:05Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2015:526S6WQT4JYNL6FSWRT7N2NANA","target":"record","payload":{"canonical_record":{"source":{"id":"1509.00239","kind":"arxiv","version":2},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2015-09-01T11:45:56Z","cross_cats_sorted":[],"title_canon_sha256":"6b5f1297e4e6bb42d6abd7608849d9c654a480beb9eb9a6fd7c2b247fc9f63ee","abstract_canon_sha256":"e1cbfdf650b5fc9f9f6ff77a0d322d313da6ccc8e244843d68d78b3c2659338b"},"schema_version":"1.0"},"canonical_sha256":"eebd2f5a13e270d5f8b2b467f6e9a068233138866f3646f42d736f4836916620","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T01:15:36.118656Z","signature_b64":"lbdnCtiGmdaoVKQSHM13e7fJl30tcHhXpkLUp1ME3ZPxD+qTyOrXF1PFT9asw4oKXfBvq3k431H6fHqkfUBPCA==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"eebd2f5a13e270d5f8b2b467f6e9a068233138866f3646f42d736f4836916620","last_reissued_at":"2026-05-18T01:15:36.117938Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T01:15:36.117938Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1509.00239","source_version":2,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T01:15:36Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"ldxUDz77XWQd0DIUu1G5nZ41WZWAsc6VudKtOrFzVCKxRqpWs3AHc9loeYCd9oC13HtaTV+bKJ/k1lt4bCZOAA==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-22T21:54:30.080307Z"},"content_sha256":"470307e231457a832def86721759938efa2421e9d649f2b47ba891e90874436a","schema_version":"1.0","event_id":"sha256:470307e231457a832def86721759938efa2421e9d649f2b47ba891e90874436a"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2015:526S6WQT4JYNL6FSWRT7N2NANA","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"CASH: A Cost Asymmetric Secure Hash Algorithm for Optimal Password Protection","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Anupam Datta, Jeremiah Blocki","submitted_at":"2015-09-01T11:45:56Z","abstract_excerpt":"An adversary who has obtained the cryptographic hash of a user's password can mount an offline attack to crack the password by comparing this hash value with the cryptographic hashes of likely password guesses. This offline attacker is limited only by the resources he is willing to invest to crack the password. Key-stretching tools can help mitigate the threat of offline attacks by making each password guess more expensive for the adversary to verify. However, key-stretching increases authentication costs for a legitimate authentication server. We introduce a novel Stackelberg game model which"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1509.00239","kind":"arxiv","version":2},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-18T01:15:36Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"4th6CSbfxvyJK2Sp/1sGSVcco0RAttFjkTfXa2SQgc00Pfki2le4aL/7yo4vBXWDt7bCvu9Xo2WA9ikjYnqRDA==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-22T21:54:30.080666Z"},"content_sha256":"7393900ca9fa899993d506afb2e8ecaaa114ea92898ea58a2dde9623e29775c3","schema_version":"1.0","event_id":"sha256:7393900ca9fa899993d506afb2e8ecaaa114ea92898ea58a2dde9623e29775c3"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/526S6WQT4JYNL6FSWRT7N2NANA/bundle.json","state_url":"https://pith.science/pith/526S6WQT4JYNL6FSWRT7N2NANA/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/526S6WQT4JYNL6FSWRT7N2NANA/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-06-22T21:54:30Z","links":{"resolver":"https://pith.science/pith/526S6WQT4JYNL6FSWRT7N2NANA","bundle":"https://pith.science/pith/526S6WQT4JYNL6FSWRT7N2NANA/bundle.json","state":"https://pith.science/pith/526S6WQT4JYNL6FSWRT7N2NANA/state.json","well_known_bundle":"https://pith.science/.well-known/pith/526S6WQT4JYNL6FSWRT7N2NANA/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2015:526S6WQT4JYNL6FSWRT7N2NANA","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"e1cbfdf650b5fc9f9f6ff77a0d322d313da6ccc8e244843d68d78b3c2659338b","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2015-09-01T11:45:56Z","title_canon_sha256":"6b5f1297e4e6bb42d6abd7608849d9c654a480beb9eb9a6fd7c2b247fc9f63ee"},"schema_version":"1.0","source":{"id":"1509.00239","kind":"arxiv","version":2}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1509.00239","created_at":"2026-05-18T01:15:36Z"},{"alias_kind":"arxiv_version","alias_value":"1509.00239v2","created_at":"2026-05-18T01:15:36Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1509.00239","created_at":"2026-05-18T01:15:36Z"},{"alias_kind":"pith_short_12","alias_value":"526S6WQT4JYN","created_at":"2026-05-18T12:29:05Z"},{"alias_kind":"pith_short_16","alias_value":"526S6WQT4JYNL6FS","created_at":"2026-05-18T12:29:05Z"},{"alias_kind":"pith_short_8","alias_value":"526S6WQT","created_at":"2026-05-18T12:29:05Z"}],"graph_snapshots":[{"event_id":"sha256:7393900ca9fa899993d506afb2e8ecaaa114ea92898ea58a2dde9623e29775c3","target":"graph","created_at":"2026-05-18T01:15:36Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"An adversary who has obtained the cryptographic hash of a user's password can mount an offline attack to crack the password by comparing this hash value with the cryptographic hashes of likely password guesses. This offline attacker is limited only by the resources he is willing to invest to crack the password. Key-stretching tools can help mitigate the threat of offline attacks by making each password guess more expensive for the adversary to verify. However, key-stretching increases authentication costs for a legitimate authentication server. We introduce a novel Stackelberg game model which","authors_text":"Anupam Datta, Jeremiah Blocki","cross_cats":[],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2015-09-01T11:45:56Z","title":"CASH: A Cost Asymmetric Secure Hash Algorithm for Optimal Password Protection"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1509.00239","kind":"arxiv","version":2},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:470307e231457a832def86721759938efa2421e9d649f2b47ba891e90874436a","target":"record","created_at":"2026-05-18T01:15:36Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"e1cbfdf650b5fc9f9f6ff77a0d322d313da6ccc8e244843d68d78b3c2659338b","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2015-09-01T11:45:56Z","title_canon_sha256":"6b5f1297e4e6bb42d6abd7608849d9c654a480beb9eb9a6fd7c2b247fc9f63ee"},"schema_version":"1.0","source":{"id":"1509.00239","kind":"arxiv","version":2}},"canonical_sha256":"eebd2f5a13e270d5f8b2b467f6e9a068233138866f3646f42d736f4836916620","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"eebd2f5a13e270d5f8b2b467f6e9a068233138866f3646f42d736f4836916620","first_computed_at":"2026-05-18T01:15:36.117938Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-18T01:15:36.117938Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"lbdnCtiGmdaoVKQSHM13e7fJl30tcHhXpkLUp1ME3ZPxD+qTyOrXF1PFT9asw4oKXfBvq3k431H6fHqkfUBPCA==","signature_status":"signed_v1","signed_at":"2026-05-18T01:15:36.118656Z","signed_message":"canonical_sha256_bytes"},"source_id":"1509.00239","source_kind":"arxiv","source_version":2}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:470307e231457a832def86721759938efa2421e9d649f2b47ba891e90874436a","sha256:7393900ca9fa899993d506afb2e8ecaaa114ea92898ea58a2dde9623e29775c3"],"state_sha256":"4cba1492f28774a653cf01ec3fba4f08a00e1ef63fe29a11a85c9ed64db85d4a"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"AVNa04k3KjH3PKpRzoeI7lBvdpGNCc7P8mel2hDWMN1XjXlaHzEs90TOQO8LaQRs4imQ+0poZHHjpUHE7epiDA==","signed_message":"bundle_sha256_bytes","signed_at":"2026-06-22T21:54:30.082677Z","bundle_sha256":"5f967a4199e82be1fa4e89553b4eb7d6614e0a3f724f26b0ce137b573b410d49"}}