An Extensive Formal Security Analysis of the OpenID Financial-grade API

Fett, Daniel; Hosseyni, Pedram; Kuesters, R.

doi:10.48550/arxiv.1901.11520

Cited by 2 publications

(2 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The following lemma and its proof are based on Lemma 7 from Fett et al [22]. Lemma D.5 (MTLS Nonces do not leak to Third Parties).…”

Section: 𝑆 (As)registrations[𝑆 (𝑐)Keyrecords[dmn]iinstanceid]key and ...mentioning

confidence: 99%

The Grant Negotiation and Authorization Protocol: Attacking, Fixing, and Verifying an Emerging Standard

Helmschmidt,

Hosseyni,

Küsters

et al. 2024

Lecture Notes in Computer Science

View full text Add to dashboard Cite

The Grant Negotiation and Authorization Protocol (GNAP) is an emerging authorization and authentication protocol which aims to consolidate and unify several use-cases of OAuth 2.0 and many of its common extensions while providing a higher degree of security. OAuth 2.0 is an essential cornerstone of the security of authorization and authentication for the Web, IoT, and beyond, and is used, among others, by many global players, like Google, Facebook, and Microsoft. Because of historically grown limitations and issues of OAuth 2.0 and its various extensions, prominent members of the OAuth community decided to create GNAP, a new and completely resigned authorization and authentication protocol. Given GNAP's advantages over OAuth 2.0 and its support within the OAuth community, GNAP is expected to become at least as important as OAuth 2.0.In this paper, we present the first formal security analysis of GNAP. We build a detailed formal model of GNAP, based on the Web Infrastructure Model (WIM) of Fett, Küsters, and Schmitz. Based on this model, we provide formal statements of the key security properties of GNAP, namely, authorization, authentication, and session integrity for both authorization and authentication. In the process of trying to prove these properties, we have discovered several attacks on GNAP. We present these attacks as well as modifications to the protocol that prevent them. These modifications have been incorporated into the GNAP specification after discussion with the GNAP working group. We give the first formal security guarantees for GNAP, by proving that GNAP, with our modifications applied, satisfies the mentioned security properties.GNAP was still an early draft when we started our analysis, but is now on track to be adopted as an IETF standard. Hence, our analysis is just in time to help ensure the security of this important emerging standard. 1 start authorization request start authorization request eu-req 2 request access to request access to resource 𝑟 resource 𝑟 grantReq 3 interaction needed interaction needed grantResp 4 push notification push notification interaction-start 5 authentication + authorization of request authentication + authorization of request ro-authn-authz 6 interaction finish notification interaction finish notification interaction-finish 7 continue continue contReq 9 access token AT access token AT contResp 10 resource request using AT resource request using AT resReq 11 token introspection of AT token introspection of AT introReq 12 token is valid token is valid introResp 13 provide access to resource 𝑟 provide access to resource 𝑟 resResp Result Result 1 start grant with AS start grant with AS eu-init-grant 2 start grant with AS start grant with AS att-init-grant 3 grant request for access to 𝑟 grant request for access to 𝑟 grant-req includes redirectUri CI includes redirectUri CI 4 redirectUri AS redirectUri AS as-grant-res 5 redirect to redirectUri AS redirect to redirectUri AS att-grant-res 6 redirect to redirectUri AS redirect to redirectUri AS att-interaction-start ...

show abstract

“…The following lemma and its proof are based on Lemma 7 from Fett et al [22]. Lemma D.5 (MTLS Nonces do not leak to Third Parties).…”

Section: 𝑆 (As)registrations[𝑆 (𝑐)Keyrecords[dmn]iinstanceid]key and ...mentioning

confidence: 99%

The Grant Negotiation and Authorization Protocol: Attacking, Fixing, and Verifying an Emerging Standard

Helmschmidt,

Hosseyni,

Küsters

et al. 2024

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…We discuss attacks and exploits against incorrect implementations of OIDC [22], and the extent to which EL PASSO's design prevents similar attack vectors.…”

Section: Sensitivity To Known Attacks On Oidcmentioning

confidence: 99%

EL PASSO: Privacy-preserving, Asynchronous Single Sign-On

Zhang,

Król,

Sonnino

et al. 2020

Preprint

View full text Add to dashboard Cite

We introduce EL PASSO, a privacy-preserving, asynchronous Single Sign-On (SSO) system. It enables personal authentication while protecting users' privacy against both identity providers and relying parties, and allows selective attribute disclosure. EL PASSO is based on anonymous credentials, yet it supports users' accountability. Selected authorities may recover the identity of allegedly misbehaving users, and users can prove properties about their identity without revealing it in the clear. EL PASSO does not require specific secure hardware or a third party (other than existing participants in SSO). The generation and use of authentication credentials are asynchronous, allowing users to sign on when identity providers are temporarily unavailable. We evaluate EL PASSO in a distributed environment and prove its low computational cost, yielding faster sign-on operations than OIDC from a regular laptop, one-second user-perceived latency from a low-power device, and scaling to more than 50 sign-on operations per second at a relying party using a single 4-core server in the cloud.

show abstract

An Extensive Formal Security Analysis of the OpenID Financial-grade API

Cited by 2 publications

References 0 publications

The Grant Negotiation and Authorization Protocol: Attacking, Fixing, and Verifying an Emerging Standard

The Grant Negotiation and Authorization Protocol: Attacking, Fixing, and Verifying an Emerging Standard

EL PASSO: Privacy-preserving, Asynchronous Single Sign-On

Contact Info

Product

Resources

About