EL PASSO: Privacy-preserving, Asynchronous Single Sign-On

TL;DR

EL PASSO is a privacy-preserving, asynchronous SSO system that protects user privacy, supports selective attribute disclosure, and is efficient enough for practical deployment with low latency and high scalability.

Contribution

It introduces EL PASSO, a novel asynchronous SSO system that preserves privacy, supports accountability, and does not require special hardware or third parties.

Findings

Faster sign-on operations than OIDC on a laptop

One-second latency on low-power devices

Over 50 sign-ons per second on a 4-core server

Abstract

We introduce EL PASSO, a privacy-preserving, asynchronous Single Sign-On (SSO) system. It enables personal authentication while protecting users' privacy against both identity providers and relying parties, and allows selective attribute disclosure. EL PASSO is based on anonymous credentials, yet it supports users' accountability. Selected authorities may recover the identity of allegedly misbehaving users, and users can prove properties about their identity without revealing it in the clear. EL PASSO does not require specific secure hardware or a third party (other than existing participants in SSO). The generation and use of authentication credentials are asynchronous, allowing users to sign on when identity providers are temporarily unavailable. We evaluate EL PASSO in a distributed environment and prove its low computational cost, yielding faster sign-on operations than OIDC from a regular laptop, one-second user-perceived latency from a low-power device, and scaling to more than 50 sign-on operations per second at a relying party using a single 4-core server in the cloud.