Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
162 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
45 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

UPPRESSO: Untraceable and Unlinkable Privacy-PREserving Single Sign-On Services (2110.10396v2)

Published 20 Oct 2021 in cs.CR

Abstract: Single sign-on (SSO) allows a user to maintain only the credential at the identity provider (IdP), to login to numerous RPs. However, SSO introduces extra privacy threats, compared with traditional authentication mechanisms, as (a) the IdP could track all RPs which a user is visiting, and (b) collusive RPs could learn a user's online profile by linking his identities across these RPs. This paper proposes a privacypreserving SSO system, called UPPRESSO, to protect a user's login activities against both the curious IdP and collusive RPs. We analyze the identity dilemma between the security requirements and these privacy concerns, and convert the SSO privacy problems into an identity transformation challenge. In each login instance, an ephemeral pseudo-identity (denoted as PID_RP ) of the RP, is firstly negotiated between the user and the RP. PID_RP is sent to the IdP and designated in the identity token, so the IdP is not aware of the visited RP. Meanwhile, PID_RP is used by the IdP to transform the permanent user identity ID_U into an ephemeral user pseudo-identity (denoted as PID_U ) in the identity token. On receiving the identity token, the RP transforms PID_U into a permanent account (denoted as Acct) of the user, by an ephemeral trapdoor in the negotiation. Given a user, the account at each RP is unique and different from ID_U, so collusive RPs cannot link his identities across these RPs. We build the UPPRESSO prototype on top of MITREid Connect, an open-source implementation of OIDC. The extensive evaluation shows that UPPRESSO fulfills the requirements of both security and privacy and introduces reasonable overheads.

Citations (9)

Summary

We haven't generated a summary for this paper yet.