Back close

Formal Analysis of OpenID Connect Protocol Using Tamarin Prover

Publication Type : Book Chapter

Publisher : Springer

Source : Advances in Electrical and Computer Technologies

Url : https://link.springer.com/chapter/10.1007/978-981-15-9019-1_27

Campus : Coimbatore

School : School of Engineering

Center : TIFAC CORE in Cyber Security

Year : 2021

Abstract : The OpenID Connect is an open standard authentication protocol used to authenticate users across multiple domains using a single identity. The Identity Provider(IdP) provides a unique account to each user, which helps them access multiple domains called Relying Parties(RP).Since many web services and applications rely on this protocol for user authentication, it is important to verify the security properties of this protocol. The protocol was modeled and the properties of interest were verified using Tamarin Prover, a tool used for symbolic modeling and formal verification of cryptographic protocols. The results of the protocol verification demonstrate the presence of the Identity Provider (IdP) Mix-up attack and HTTP 307 Redirect attack in the protocol.

Cite this Research Publication : Naresh, S., Jevitha, K.P, Formal Analysis of OpenID Connect Protocol Using Tamarin Prover, In: Sengodan, T., Murugappan, M., Misra, S. (eds) Advances in Electrical and Computer Technologies. ICAECT 2020. Lecture Notes in Electrical Engineering, vol 711. Springer, Singapore.

Admissions Apply Now