A Comprehensive Formal Security Analysis of OAuth 2.0

@article{Fett2016ACF,
  title={A Comprehensive Formal Security Analysis of OAuth 2.0},
  author={Daniel Fett and Ralf K{\"u}sters and Guido Schmitz},
  journal={Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security},
  year={2016}
}
  • D. Fett, Ralf Küsters, G. Schmitz
  • Published 6 January 2016
  • Computer Science
  • Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security
The OAuth 2.0 protocol is one of the most widely deployed authorization/single sign-on (SSO) protocols and also serves as the foundation for the new SSO standard OpenID Connect. Despite the popularity of OAuth, so far analysis efforts were mostly targeted at finding bugs in specific implementations and were based on formal models which abstract from many web features or did not provide a formal treatment at all. In this paper, we carry out the first extensive formal analysis of the OAuth 2.0… 
Modular Security Analysis of OAuth 2.0 in the Three-Party Setting
TLDR
This paper introduces a new primitive, the three-party authenticated secret distribution (3P-ASD for short) protocol, which plays the role of issuing the secret and captures the token issue process of OAuth 2.0, and presents a sufficiently rich three- party security model for OAuth protocols.
Verification of OAuth 2.0 Using UPPAAL
TLDR
This paper focuses on verifying three important classes of properties of OAuth 2.0, namely safety, liveness, and absence of deadlock, and a model of the OAuth protocol was developed using UPPAAL, a tool used for modeling and verification.
The Web SSO Standard OpenID Connect: In-depth Formal Security Analysis and Security Guidelines
TLDR
This paper uses a comprehensive generic model of the web to develop a detailed formal model of OpenID Connect and precisely formalize and prove central security properties for OpenID connect, including authentication, authorization, and session integrity properties.
OAuthShield: Efficient Security Checking for OAuth Service Provider Implementations
TLDR
The OAuth specifications and security best practices are formalized, and OAuthShield, an automated static analyzer, is designed to find logical flaws and identify vulnerabilities in the implementation of OAuth authorization server libraries.
An In-Depth Symbolic Security Analysis of the ACME Standard
TLDR
The first in-depth formal security analysis of ACME is presented, accounting for all prior attacks on ACME in the literature, including both cryptographic attacks and low-level attacks on stateful protocol execution.
Privacy-preserving Web single sign-on: Formal security analysis and design
TLDR
A new systematic approach is developed to rigorously and formally analyze and verify that a new SSO system, SPRESSO, enjoys strong security and privacy properties with the Web Infrastructure Model (WIM), the most comprehensive model of the Web infrastructure to date.
Web OAuth-based SSO Systems Security
TLDR
This paper provides an in-depth review analysis of OAuth-based SSO systems security issues and describes in detail the OAuth 2.0 authorization flows and summarizes the differences between the flows of each scenario that affect the security of the O Auth 2.
OAuth-SSO: A Framework to Secure the OAuth-Based SSO Service for Packaged Web Applications
TLDR
A modified method to execute OAuth flow from such applications with the help of Single sign-on (SSO) manages the life cycle of these applications.
Cerberus: Query-driven Scalable Security Checking for OAuth Service Provider Implementations
TLDR
Cerberus, an automated static analyzer, is designed to find logical flaws and identify vulnerabilities in the implementation of OAuth service provider libraries, and employs a query-driven algorithm for answering queries about OAuth specifications.
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 68 REFERENCES
Universally Composable Security Analysis of OAuth v2.0
TLDR
A universally-composable (UC) realization of this ideal functionality assuming the availability of an SSL-like ideal functionality, which allows it to realize the ideal functionality without any wrapper code, and thus exactly matching the desired protocol in the OAuth standard.
Security Issues in OAuth 2.0 SSO Implementations
TLDR
This study reveals two critical vulnerabilities present in many implementations of OAuth 2.0, both allowing an attacker to control a victim user's accounts at a relying party without knowing the user’s account name or password.
The devil is in the (implementation) details: an empirical analysis of OAuth SSO systems
TLDR
This work examines the implementations of three major OAuth identity providers (IdP) (Facebook, Microsoft, and Google) and 96 popular RP websites that support the use of Facebook accounts for login and uncover several critical vulnerabilities that allow an attacker to gain unauthorized access to the victim user's profile and social graph, and impersonate the victim on the RP website.
Formal Verification of OAuth 2.0 Using Alloy Framework
TLDR
This paper formalizes OAuth, an authentication standard which has found wide acceptance in the Internet community, using a method called knowledge flow analysis, using the Alloy modeling language for specification and the Alloy Analyzer for verification.
More Guidelines Than Rules: CSRF Vulnerabilities from Noncompliant OAuth 2.0 Implementations
TLDR
The extent to which one particularly dangerous vulnerability, Cross Site Request Forgery, exists in real-world deployments is analyzed and it is argued that protection against known and sometimes subtle security vulnerabilities can not simply be thrust upon developers as an option, but instead must be strongly enforced by Identity Providers before allowing web applications to connect.
On the security of modern Single Sign-On Protocols: Second-Order Vulnerabilities in OpenID Connect
TLDR
The OpenID connect protocol is described and the first in-depth analysis of one of the key features of OpenID Connect: the Discovery and the Dynamic Registration extensions is provided, including a new class of attacks that belong to the category of second-order vulnerabilities.
On the security of modern Single Sign-On Protocols: OpenID Connect 1.0
TLDR
The OpenID connect protocol is described and the first in-depth analysis of one of the key features of OpenID Connect, the discovery and the dynamic registration extensions are provided, it is shown that the usage of these extensions can compromise the security of the entire protocol.
Model-based Security Testing: An Empirical Study on OAuth 2.0 Implementations
TLDR
OAuthTester not only manages to rediscover various existing vulnerabilities but also identifies several previously unknown security flaws and new exploits for a large number of eal-world applications implementing OAuth 2.0 deployments at scale.
Towards a Formal Foundation of Web Security
TLDR
A formal model of web security based on an abstraction of the web platform is proposed and this model is used to analyze the security of several sample web mechanisms and applications and identifies three distinct threat models.
...
1
2
3
4
5
...