Save The Implicit Flow? Enabling Privacy-Preserving RP Authentication in OpenID Connect

Abstract

OpenID Connect (OIDC) is a Single Sign-On (SSO) protocol that allows users to authenticate to various Relying Parties (RPs) via an Identity Provider (IdP). The main drawback of SSO is its lack of privacy, as the IdP learns the RP’s identity at each user’s login. OIDC supports several protocol flows, of which only one, the Implicit Flow, gives hope for any privacy, as it does not require direct communication between the IdP and RP. This design was initially intended for RPs with technical limitations that prevent them from storing credentials and thus authenticating to the IdP. However, RP authentication is crucial to ensure that users only access properly registered RPs. As a result, the Implicit Flow is being discussed to be excluded from the OAuth specification on which OIDC is based. This paper demonstrates a privacy-preserving approach incorporating RP authentication into the Implicit Flow. The IdP can restrict its service to authenticated RPs and tie each authentication token to a specific user and RP without acquiring knowledge of which user is accessing which RP. We formally define the desired security and privacy properties of such an authenticated Implicit Flow, propose a provably secure construction from generic building blocks, and report on an implementation of our scheme