Single-sign-on (SSO) authentication enables a user to gain a token from the identity server, with which the user accesses multiple services. To address single-point-of-failure of SSO, threshold SSO, where a group of identity servers issue a user with a token in the threshold manner, is introduced. SSO including threshold schemes suffers from privacy disclosure. One can learn a user's identity and access pattern from her/his token. Recent works focus on privacy preservation of SSO. However, these works merely consider scenarios of one single identity server SSO. No works that address privacy preservation of threshold SSO have emerged. In this work, we propose TSAPP, a threshold SSO authentication scheme preserving privacy. Each identity server issues a user with a partial token which is a signature on the user's pseudonym. With a threshold number of partial tokens, the user constructs a token, blinds the token with random numbers and accesses services with blinded tokens. Such mechanism preserves the user's identity, simultaneously protects the user's access pattern since adversaries cannot link the user's accesses, even if identity servers are corrupted. Security analysis demonstrates that TSAPP satisfies properties of anonymity, unlinkability, unforgeability and password-safety. The performance evaluation demonstrates that TSAPP is efficient in practice.
Read full abstract