Save the implicit flow? enabling privacy-preserving RP authentication in openid connect
M Kroschewski, A Lehmann - Proceedings on Privacy Enhancing …, 2023 - petsymposium.org
OpenID Connect (OIDC) is a Single Sign-On (SSO) protocol that allows users to authenticate
to various Relying Parties (RPs) via an Identity Provider (IdP). The main drawback of SSO is …
to various Relying Parties (RPs) via an Identity Provider (IdP). The main drawback of SSO is …
Hidden issuer anonymous credential
Identity Management Systems (IMS) allow users to prove characteristics about themselves to
multiple service providers. IMS evolved from impractical, site-by-site authentication, to …
multiple service providers. IMS evolved from impractical, site-by-site authentication, to …
[HTML][HTML] Implementation and evaluation of a privacy-preserving distributed ABC scheme based on multi-signatures
J Garcia-Rodriguez, RT Moreno, JB Bernabe… - Journal of Information …, 2021 - Elsevier
Despite the latest efforts to foster the adoption of privacy-enhancing Attribute-Based
Credential (p-ABC) systems in electronic services, those systems are not yet broadly …
Credential (p-ABC) systems in electronic services, those systems are not yet broadly …
MISO: legacy-compatible privacy-preserving single sign-on using trusted execution environments
Single sign-on (SSO) allows users to authenticate to third-party applications through a
central identity provider. Despite their wide adoption, deployed SSO systems suffer from …
central identity provider. Despite their wide adoption, deployed SSO systems suffer from …
SSO-monitor: fully-automatic large-scale landscape, security, and privacy analyses of single sign-on in the wild
M Westers, T Wich, L Jannett, V Mladenov… - arXiv preprint arXiv …, 2023 - arxiv.org
Single Sign-On (SSO) shifts the crucial authentication process on a website to to the
underlying SSO protocols and their correct implementation. To strengthen SSO security …
underlying SSO protocols and their correct implementation. To strengthen SSO security …
Distributed and Federated Authentication Schemes Based on Updatable Smart Contracts
Federated authentication, such as Google ID, enables users to conveniently access multiple
websites using a single login credential. Despite this convenience, securing federated …
websites using a single login credential. Despite this convenience, securing federated …
Uppresso: Untraceable and unlinkable privacy-preserving single sign-on services
Single sign-on (SSO) allows a user to maintain only the credential at the identity provider
(IdP), to login to numerous RPs. However, SSO introduces extra privacy threats, compared …
(IdP), to login to numerous RPs. However, SSO introduces extra privacy threats, compared …
SoK: Web Authentication in the Age of End-to-End Encryption
J Blessing, D Hugenroth, RJ Anderson… - arXiv preprint arXiv …, 2024 - arxiv.org
The advent of end-to-end encrypted (E2EE) messaging and backup services has brought
new challenges for usable authentication. Compared to regular web services, the nature of …
new challenges for usable authentication. Compared to regular web services, the nature of …
Accountable authentication with privacy protection: The Larch system for universal login
E Dauterman, D Lin, H Corrigan-Gibbs… - … USENIX Symposium on …, 2023 - usenix.org
Credential compromise is hard to detect and hard to mitigate. To address this problem, we
present larch, an accountable authentication framework with strong security and privacy …
present larch, an accountable authentication framework with strong security and privacy …
Actions Speak Louder Than Passwords: Dynamic Identity for Machine-to-Machine Communication
WL Teng, K Rasmussen - … of the 18th International Conference on …, 2023 - dl.acm.org
Machine-to-Machine (M2M) communication is communication between computers without a
human user involved. This is a very common paradigm whenever automated tasks are …
human user involved. This is a very common paradigm whenever automated tasks are …