This sounds fantastic, Daniel. I was only aware of the work by the researchers from RUB.de about the CSRF attack on OIDC discovery. I'm reading the paper right now and want to take some time off to study it in more detail.
Congratulations for doing this, Vladimir On 23/02/16 12:28, Daniel Fett wrote: > Hi Valdimir, > > this is exactly what we did in our research paper. We also analyzed and > established a proof of security for one of the proposed mitigations. > > Of course, any proof always depends on some assumptions (e.g., no > untrusted third-party code on RP's web site) and aims at specific > security properties. > > As you can see from the paper, due to the web itself being complex, the > analysis is also rather lengthy. > > In the related work section we also refer to other approaches of > formally analyzing web protocols. We do not think that approaches > "unrelated to web protocols" can produce useful results, because the web > brings many very specific features and constraints. > > Cheers, > Daniel > > On 23.02.2016 10:09, Vladimir Dzhuvinov wrote: >> Hi Mike, >> >> You mention that you spent considerable time in research. I wonder if >> there is existing theory, in communications or information theory, that >> can be used to formally establish and prove (or disprove) the security >> of the proposed OAuth measures? Perhaps some work that is totally >> unrelated to identity and the web protocols, but could well apply here? >> >> My reasoning is that we have a closed system that is fairly simple, so >> formal analysis must be entirely possible. >> >> 1. We have 5 parties (client, AS, RS, user, user agent). >> >> 2. The OAuth protocol follows a simple and well-defined pattern of >> messages between the parties. >> >> 3. The points and the number of ways by which an adversary may break >> into OAuth must therefore be finite. >> >> 4. The security requirement is essentially to guarantee the precedence >> and authenticity of the messages from discovery endpoint to RS, and the >> preferred way to do that is by establishing a binding between the >> messages, which can be forward or backward binding. >> >> >> Right now the WG concern is whether all possible attacks have been >> recognised, and then taken care of. If we can have a formal model that >> can reliably reveal and prove that, this will be a huge breakthrough. >> >> Cheers, >> >> Vladimir >> >>
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
