SoK: Single Sign-On Security — An Evaluation of OpenID Connect

Abstract

OpenID Connect is the OAuth 2.0-based replacement for OpenID 2.0 (OpenID) andone of the most important Single Sign-On (SSO) protocols used for delegatedauthentication. It is used by companies like Amazon, Google, Microsoft, andPayPal. In this paper, we systematically analyze well-known attacks on SSOprotocols and adapt these on OpenID Connect. Additionally, we introduce twonovel attacks on OpenID Connect, Identity Provider Confusion and MaliciousEndpoints Attack, abusing flaws in the current specification and breaking thesecurity goals of the protocol. In 2014 we communicated with the authors of theOpenID Connect specification about these attacks and helped to repair the issue(currently an RFC Draft). We categorize the described attacks into two classes: Single-Phase Attacksabusing a lack of a single security check and Cross-Phase Attacks requiring acomplex attack setup and manipulating multiple messages distributed across thewhole protocol workflow. We provide an evaluation of officially referencedOpenID Connect libraries and find 75% of them vulnerable to at least oneSingle-Phase Attack. All libraries are susceptible to Cross-Phase Attacks, which is not surprising since the attacks abuse a logic flaw in the protocoland not an implementation error. We reported the found vulnerabilities to thedevelopers and helped them to fix the issues. We address the existing problemsin a Practical Offensive Evaluation of Single Sign-On Services (PrOfESSOS). PrOfESSOS is our open source implementation for a fully automatedEvaluation-as-a-Service for SSO. PrOfESSOS introduces a generic approach toimprove the security of OpenID Connect implementations by system-aticallydetecting vulnerabilities. In collaboration with the IETF OAuth and OpenIDConnect working group, we integrate PrOfESSOS into the OpenID Connect certification process. PrOfESSOS is available at https://openid.sso-security.de.