Understanding the Identity-Transformation Approach in OIDC-Compatible Privacy-Preserving SSO Services

TL;DR

This paper investigates the identity-transformation approach in OIDC-compatible privacy-preserving SSO, analyzing its relation to oblivious pseudo-random functions (OPRFs) and proposing new transformations satisfying security and privacy requirements.

Contribution

It uncovers the relationship between identity transformations in SSO and OPRFs, and constructs new transformations based on OPRFs that meet various security and privacy criteria.

Findings

Established the link between identity transformations and OPRFs.

Proved SSO-related properties of OPRF protocols.

Designed new identity transformations satisfying security and privacy requirements.

Abstract

OpenID Connect (OIDC) enables a user with commercial-off-the-shelf browsers to log into multiple websites, called relying parties (RPs), by her username and credential set up in another trusted web system, called the identity provider (IdP). Identity transformations are proposed in UppreSSO to provide OIDC-compatible SSO services, preventing both IdP-based login tracing and RP-based identity linkage. While security and privacy of SSO services in UppreSSO have been proved, several essential issues of this identity-transformation approach are not well studied. In this paper, we comprehensively investigate the approach as below. Firstly, several suggestions for the efficient integration of identity transformations in OIDC-compatible SSO are explained. Then, we uncover the relationship between identity-transformations in SSO and oblivious pseudo-random functions (OPRFs), and present two variations of the properties required for SSO security as well as the privacy requirements, to analyze existing OPRF protocols. Finally, new identity transformations different from those designed in UppreSSO, are constructed based on OPRFs, satisfying different variations of SSO security requirements. To the best of our knowledge, this is the first time to uncover the relationship between identity transformations in OIDC-compatible privacy-preserving SSO services and OPRFs, and prove the SSO-related properties (i.e., key-identifier freeness, RP designation and user identification) of OPRF protocols, in addition to the basic properties of correctness, obliviousness and pseudo-randomness.