Publication Type : Book Chapter
Publisher : Springer
Source : Advances in Electrical and Computer Technologies
Url : https://link.springer.com/chapter/10.1007/978-981-15-9019-1_27
Campus : Coimbatore
School : School of Engineering
Center : TIFAC CORE in Cyber Security
Year : 2021
Abstract : The OpenID Connect is an open standard authentication protocol used to authenticate users across multiple domains using a single identity. The Identity Provider(IdP) provides a unique account to each user, which helps them access multiple domains called Relying Parties(RP).Since many web services and applications rely on this protocol for user authentication, it is important to verify the security properties of this protocol. The protocol was modeled and the properties of interest were verified using Tamarin Prover, a tool used for symbolic modeling and formal verification of cryptographic protocols. The results of the protocol verification demonstrate the presence of the Identity Provider (IdP) Mix-up attack and HTTP 307 Redirect attack in the protocol.
Cite this Research Publication : Naresh, S., Jevitha, K.P, Formal Analysis of OpenID Connect Protocol Using Tamarin Prover, In: Sengodan, T., Murugappan, M., Misra, S. (eds) Advances in Electrical and Computer Technologies. ICAECT 2020. Lecture Notes in Electrical Engineering, vol 711. Springer, Singapore.