000000274 001__ 274
000000274 005__ 20130522141940.0
000000274 037__ $$aLERSSE-RefJnlPaper-2012-001
000000274 100__ $$aSan-Tsai Sun
000000274 245__ $$aSystematically breaking and fixing OpenID security: Formal analysis, semi-automated empirical evaluation, and practical countermeasures
000000274 260__ $$c2012-03-10
000000274 300__ $$a19
000000274 520__ $$aOpenID 2.0 is a user-centric Web single sign-on protocol with over one billion OpenID-enabled user accounts, and tens of thousands of supporting websites. While the security of the protocol is clearly critical, so far its security analysis has only been done in a partial and ad-hoc manner. This paper presents the results of a systematic analysis of the protocol using both formal model checking and an empirical evaluation of 132 popular websites that support OpenID. Our formal analysis reveals that the protocol does not guarantee the authenticity and integrity of the authentication request, and it lacks contextual bindings among the protocol messages and the browser. The results of our empirical evaluation suggest that many OpenID-enabled websites are vulnerable to a series of cross-site request forgery attacks (CSRF) that either allow an attacker to stealthily force a victim user to sign into the OpenID supporting website and launch subsequent CSRF attacks (81%), or force a victim to sign in as the attacker in order to spoof the victim's personal information (77%). With additional capabilities (e.g., controlling a wireless access point), the adversary can impersonate the victim on 80% of the evaluated websites, and manipulate the victim's profile attributes by forging the extension parameters on 45% of those sites. Based on the insights from this analysis, we propose and evaluate a simple and scalable mitigation technique for OpenID-enabled websites, and an alternative man-in-the-middle defense mechanism for deployments of OpenID without SSL.
000000274 6531_ $$aissnet
000000274 6531_ $$aOpenID
000000274 6531_ $$aWeb single sign-on
000000274 6531_ $$aAuthentication
000000274 6531_ $$aSecurity protocol analysis
000000274 6531_ $$aWeb application security
000000274 700__ $$aKirstie Hawkey
000000274 700__ $$aKonstantin Beznosov
000000274 8560_ $$fsantsais@ece.ubc.ca
000000274 8564_ $$uhttp://lersse-dl.ece.ubc.ca/record/274/files/274.pdf$$yTransfer from CDS 0.99.7
000000274 909C4 $$pSan-Tsai Sun, Kirstie Hawkey, and Konstantin Beznosov. Systematically breaking and fixing OpenID security: Formal analysis, semi-automated empirical evaluation, and practical countermeasures. Computers & Security, Accepted 7 February 2012.
000000274 980__ $$aRefJnlPaper