MISO: Legacy-compatible Privacy-preserving Single Sign-on using Trusted Execution Environments

TL;DR

MISO is a novel privacy-preserving SSO system leveraging Trusted Execution Environments, compatible with existing identity providers, enabling multi-provider authentication and enhancing user privacy without requiring changes to current infrastructure.

Contribution

MISO introduces a TEE-based SSO solution that is fully compatible with existing providers and supports multi-provider authentication, addressing privacy issues without modifying current systems.

Findings

MISO can handle high user concurrency with practical performance.

It enables multi-provider SSO workflows for enhanced security.

MISO is fully compatible with existing identity providers like Google and Facebook.

Abstract

Single sign-on (SSO) allows users to authenticate to third-party applications through a central identity provider. Despite their wide adoption, deployed SSO systems suffer from privacy problems such as user tracking by the identity provider. While numerous solutions have been proposed by academic papers, none were adopted because they require modifying identity providers, a significant adoption barrier in practice. Solutions do get deployed, however, fail to eliminate major privacy issues. Leveraging Trusted Execution Environments (TEEs), we propose MISO, the first privacy-preserving SSO system that is completely compatible with existing identity providers (such as Google and Facebook). This means MISO can be easily integrated into existing SSO ecosystem today and benefit end users. MISO also enables new functionality that standard SSO cannot offer: MISO allows users to leverage multiple identity providers in a single SSO workflow, potentially in a threshold fashion, to better protect user accounts. We fully implemented MISO based on Intel SGX. Our evaluation shows that MISO can handle high user concurrency with practical performance.