A Novel Secure and Privacy-Preserving Model for OpenID Connect Based on Blockchain

Belfaik Yousra, Sadqi Yassine, Maleh Yassine, Safi Said, Tawalbeh Lo'ai, Khaled Salah

    Research output: Contribution to journalArticlepeer-review

    8 Scopus citations

    Abstract

    OpenID Connect (OIDC) is one of the most widely used delegated authentication protocols in web and mobile applications providing a single sign-on experience. It allows third-party applications, called Relying Parties (RP), to securely request and receive information about authenticated sessions and end-users from an identity provider. The OIDC specification defines several parameters, including the client_id, client_secret, authorization code, access token, id token, state, and redirect_uri, as keys to the protocol operation, with significant security and privacy implications. Therefore, securing these parameters is critical to prevent attackers from impersonating legitimate entities, gaining unauthorized access, having complete control over users' accounts, and/or violating their privacy. To enhance OIDC security and preserve its users' privacy, we propose a novel model for OIDC based on the Ethereum Blockchain and the non-fungible token (ERC721) standard. To prove the robustness and safety of the proposed system, we perform a detailed security analysis formally using the most widely accepted protocols security verification tools, AVISPA and Scyther, and informally by discussing various attacks. The analysis results show that the proposed system is resilient against well-known attacks. Furthermore, we evaluate the cost and performance of the proposed solution, confirming its affordability and assuring that our approach does not impact the user experience and performance of existing OIDC-based systems. Finally, we conduct a security and privacy comparative analysis with similar existing systems, proving the superiority and efficiency of our proposed Blockchain-based OIDC system.

    Original languageBritish English
    Pages (from-to)67660-67678
    Number of pages19
    JournalIEEE Access
    Volume11
    DOIs
    StatePublished - 2023

    Keywords

    • Authentication
    • blockchain
    • OpenID connect
    • privacy-preserving
    • security

    Fingerprint

    Dive into the research topics of 'A Novel Secure and Privacy-Preserving Model for OpenID Connect Based on Blockchain'. Together they form a unique fingerprint.

    Cite this