research-article

A Comprehensive Formal Security Analysis of OAuth 2.0

Authors:

Guido SchmitzAuthors Info & Claims

CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security

Pages 1204 - 1215

https://doi.org/10.1145/2976749.2978385

Published: 24 October 2016 Publication History

Abstract

The OAuth 2.0 protocol is one of the most widely deployed authorization/single sign-on (SSO) protocols and also serves as the foundation for the new SSO standard OpenID Connect. Despite the popularity of OAuth, so far analysis efforts were mostly targeted at finding bugs in specific implementations and were based on formal models which abstract from many web features or did not provide a formal treatment at all. In this paper, we carry out the first extensive formal analysis of the OAuth 2.0 standard in an expressive web model. Our analysis aims at establishing strong authorization, authentication, and session integrity guarantees, for which we provide formal definitions. In our formal analysis, all four OAuth grant types (authorization code grant, implicit grant, resource owner password credentials grant, and the client credentials grant) are covered. They may even run simultaneously in the same and different relying parties and identity providers, where malicious relying parties, identity providers, and browsers are considered as well. Our modeling and analysis of the OAuth 2.0 standard assumes that security recommendations and best practices are followed in order to avoid obvious and known attacks.

When proving the security of OAuth in our model, we discovered four attacks which break the security of OAuth. The vulnerabilities can be exploited in practice and are present also in OpenID Connect.

We propose fixes for the identified vulnerabilities, and then, for the first time, actually prove the security of OAuth in an expressive web model. In particular, we show that the fixed version of OAuth (with security recommendations and best practices in place) provides the authorization, authentication, and session integrity properties we specify.

References

[1]

M. Abadi and C. Fournet. Mobile Values, New Names, and Secure Communication. In POPL 2001, pages 104--115. ACM Press, 2001.

Digital Library

[2]

D. Akhawe, A. Barth, P. E. Lam, J. Mitchell, and D. Song. Towards a Formal Foundation of Web Security. In CSF 2010, pages 290--304. IEEE Computer Society, 2010.

Digital Library

[3]

A. Armando, R. Carbone, L. Compagna, J. Cuéllar, G. Pellegrino, and A. Sorniotti. An authentication flaw in browser-based Single Sign-On protocols: Impact and remediations. Computers & Security, 33:41--58, 2013. Elsevier, 2013.

Digital Library

[4]

A. Armando, R. Carbone, L. Compagna, J. Cuéllar, and M. L. Tobarra. Formal Analysis of SAML 2.0 Web Browser Single Sign-on: Breaking the SAML-based Single Sign-on for Google Apps. In FMSE 2008, pages 1--10. ACM, 2008.

Digital Library

[5]

C. Bansal, K. Bhargavan, A. Delignat-Lavaud, and S. Maffeis. Keys to the Cloud: Formal Analysis and Concrete Attacks on Encrypted Web Storage. In POST 2013, volume 7796 of LNCS, pages 126--146. Springer, 2013.

Digital Library

[6]

C. Bansal, K. Bhargavan, A. Delignat-Lavaud, and S. Maffeis. Discovering Concrete Attacks on Website Authorization by Formal Analysis. Journal of Computer Security, 22(4):601--657, 2014. IOS Press, 2014.

[7]

A. Barth, C. Jackson, and J. C. Mitchell. Robust defenses for cross-site request forgery. In CCS 2008, pages 75--88. ACM, 2008.

Digital Library

[8]

J. Bradley, T. Lodderstedt, and H. Zandbelt. Encoding claims in the OAuth 2 state parameter using a JWT -- draft-bradley-oauth-jwt-encoded-state-05. IETF. Dec. 2015. https://tools.ietf.org/html/draft-bradley-oauth-jwt-encoded-state-05.

[9]

S. Chari, C. S. Jutla, and A. Roy. Universally Composable Security Analysis of OAuth v2.0. IACR Cryptology ePrint Archive, 2011:526, 2011.

[10]

E. Y. Chen, Y. Pei, S. Chen, Y. Tian, R. Kotcher, and P. Tague. OAuth Demystified for Mobile Application Developers. In CCS 2014, pages 892--903, 2014.

Digital Library

[11]

Chromium Project. HSTS Preload Submission. https://hstspreload.appspot.com/.

[12]

Cross-Origin Resource Sharing - W3C Recommendation 16 January 2014. http://www.w3.org/TR/2014/REC-cors-20140116/.

[13]

J. Eisinger and E. Stark. Referrer Policy -- Editor's Draft, 28 March 2016. W3C. Mar. 2016. https://w3c.github.io/webappsec-referrer-policy/.

[14]

D. Fett, R. Küsters, and G. Schmitz. An Expressive Model for the Web Infrastructure: Definition and Application to the BrowserID SSO System. In S&P 2014, pages 673--688. IEEE Computer Society, 2014.

Digital Library

[15]

D. Fett, R. Küsters, and G. Schmitz. Analyzing the BrowserID SSO System with Primary Identity Providers Using an Expressive Model of the Web. In ESORICS 2015, volume 9326 of LNCS, pages 43--65. Springer, 2015.

Digital Library

[16]

D. Fett, R. Küsters, and G. Schmitz. SPRESSO: A Secure, Privacy-Respecting Single Sign-On System for the Web. In CCS 2015, pages 1358--1369. ACM, 2015.

Digital Library

[17]

D. Fett, R. Küsters, and G. Schmitz. A Comprehensive Formal Security Analysis of OAuth 2.0. Technical Report arXiv:1601.01229, arXiv, 2016. Available at http://arxiv.org/abs/1601.01229.

[18]

R. Fielding (ed.) and J. Reschke (ed.). RFC7231 -- Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content. IETF. Jun. 2014. https://tools.ietf.org/html/rfc7231.

[19]

J. Franks, P. Hallam-Baker, J. Hostetler, S. Lawrence, P. Leach, A. Luotonen, and L. Stewart. RFC2617 -- HTTP Authentication: Basic and Digest Access Authentication. IETF. Jun. 1999. https://tools.ietf.org/html/rfc2617.

Digital Library

[20]

D. Hardt (ed.). RFC6749 -- The OAuth 2.0 Authorization Framework. IETF. Oct. 2012. https://tools.ietf.org/html/rfc6749.

[21]

E. Homakov. How I hacked Github again, 7 February 2014. http://homakov.blogspot.de/2014/02/how-i-hacked-github-again.html.

[22]

M. Jones, J. Bradley, and N. Sakimura. OAuth 2.0 Mix-Up Mitigation -- draft-ietf-oauth-mix-up-mitigation-01. IETF. Jul. 2016. https://tools.ietf.org/html/draft-ietf-oauth-mix-up-mitigation-01.

[23]

F. Kerschbaum. Simple Cross-Site Attack Prevention. In SecureComm 2007, pages 464--472. IEEE Computer Society, 2007.

[24]

A. Kumar. Using automated model analysis for reasoning about security of web protocols. In ACSAC 2012. ACM, 2012.

Digital Library

[25]

W. Li and C. J. Mitchell. Security issues in OAuth 2.0 SSO implementations. In ISC 2014, volume 8783 of LNCS, pages 529--541, 2014. Springer, 2014.

[26]

T. Lodderstedt (ed.), M. McGloin, and P. Hunt. RFC6819 -- OAuth 2.0 Threat Model and Security Considerations. IETF. Jan. 2013. https://tools.ietf.org/html/rfc6819.

[27]

V. Mladenov, C. Mainka, J. Krautwald, F. Feldmann, and J. Schwenk. On the security of modern Single Sign-On Protocols: Second-Order Vulnerabilities in OpenID Connect. CoRR, abs/1508.04324v2, 2016.

[28]

Open Web Application Security Project (OWASP). Session fixation. https://www.owasp.org/index.php/Session_Fixation.

[29]

S. Pai, Y. Sharma, S. Kumar, R. M. Pai, and S. Singh. Formal Verification of OAuth 2.0 Using Alloy Framework. In CSNT 2011, pages 655--659. IEEE, 2011.

Digital Library

[30]

J. Richer (ed.). RFC7662 -- OAuth 2.0 Token Introspection. IETF. Oct. 2015. https://tools.ietf.org/html/rfc7662.

[31]

N. Sakimura, J. Bradley, M. Jones, B. de Medeiros, and C. Mortimore. OpenID Connect Core 1.0 incorporating errata set 1. OpenID Foundation. Nov. 8, 2014. http://openid.net/specs/openid-connect-core-1_0.html.

[32]

J. Selvi. Bypassing HTTP Strict Transport Security. In Blackhat (Europe) 2014, 2014.

[33]

M. Shehab and F. Mohsen. Towards Enhancing the Security of OAuth Implementations in Smart Phones. In IEEE MS 2014. IEEE, 2014.

Digital Library

[34]

E. Shernan, H. Carter, D. Tian, P. Traynor, and K. R. B. Butler. More Guidelines Than Rules: CSRF Vulnerabilities from Noncompliant OAuth 2.0 Implementations. In DIMVA 2015, volume 9148 of LNCS, pages 239--260. Springer, 2015.

Digital Library

[35]

SimilarTech. Facebook Connect Market Share and Web Usage Statistics. Last visited Nov. 7, 2015. https://www.similartech.com/technologies/facebook-connect.

[36]

S.-T. Sun and K. Beznosov. The Devil is in the (Implementation) Details: An Empirical Analysis of OAuth SSO Systems. In CCS 2012, pages 378--390. ACM, 2012.

Digital Library

[37]

R. Wang, Y. Zhou, S. Chen, S. Qadeer, D. Evans, and Y. Gurevich. Explicating SDKs: Uncovering Assumptions Underlying Secure Authentication and Authorization. In USENIX Security 2013, pages 399--314. USENIX Association, 2013.

Digital Library

[38]

R. Yang, G. Li, W. C. Lau, K. Zhang, and P. Hu. Model-based Security Testing: An Empirical Study on OAuth 2.0 Implementations. In AsiaCCS 2016, pages 651--662. ACM, 2016.

Digital Library

[39]

X. Zheng, J. Jiang, J. Liang, H. Duan, S. Chen, T. Wan, and N. Weaver. Cookies Lack Integrity: Real-World Implications. In USENIX Security 2015), pages 707--721, 2015. USENIX Association, 2015.

Digital Library

Cited By

Wu ZKondracki BNikiforakis NBalasubramanian A(2024)Secrets are Forever: Characterizing Sensitive File Leaks on IPFS2024 IFIP Networking Conference (IFIP Networking)10.23919/IFIPNetworking62109.2024.10619838(522-528)Online publication date: 3-Jun-2024
https://doi.org/10.23919/IFIPNetworking62109.2024.10619838
Thorn SEnglish KButler KEnck WKim YKim JKoushanfar FRasmussen K(2024)5GAC-Analyzer: Identifying Over-Privilege Between 5G Core Network FunctionsProceedings of the 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks10.1145/3643833.3656134(66-77)Online publication date: 27-May-2024
https://dl.acm.org/doi/10.1145/3643833.3656134
Gao GZhang YSong YLi S(2024)PrivSSO: Practical Single-Sign-On Authentication Against Subscription/Access Pattern LeakageIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.339253319(5075-5089)Online publication date: 2024
https://doi.org/10.1109/TIFS.2024.3392533
Show More Cited By

Index Terms

A Comprehensive Formal Security Analysis of OAuth 2.0
1. Security and privacy

Recommendations

OAuch: Exploring Security Compliance in the OAuth 2.0 Ecosystem
RAID '22: Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses

The OAuth 2.0 protocol is a popular and widely adopted authorization protocol. It has been proven secure in a comprehensive formal security analysis, yet new vulnerabilities continue to appear in popular OAuth implementations.

This paper sets out to ...
OAuth 2.0: Learn OAuth in a simple way
RFC 6749: The OAuth 2.0 Authorization Framework

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security

October 2016

1924 pages

ISBN:9781450341394

DOI:10.1145/2976749

General Chairs:
Edgar Weippl
SBA Research, Austria
,
Stefan Katzenbeisser
TU Darmstadt, CYSEC, Germany
,
Program Chairs:
Christopher Kruegel
University of California, Santa Barbara, USA
,
Andrew Myers
Cornell University, USA
,
Shai Halevi
IBM Research, USA

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 24 October 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article

Funding Sources

Deutsche Forschungsgemeinschaft

Conference

CCS'16

Sponsor:

SIGSAC

CCS'16: 2016 ACM SIGSAC Conference on Computer and Communications Security

October 24 - 28, 2016

Vienna, Austria

Acceptance Rates

CCS '16 Paper Acceptance Rate 137 of 831 submissions, 16%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

114
Total Citations
View Citations
2,491
Total Downloads

Downloads (Last 12 months)389
Downloads (Last 6 weeks)28

Reflects downloads up to 30 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Wu ZKondracki BNikiforakis NBalasubramanian A(2024)Secrets are Forever: Characterizing Sensitive File Leaks on IPFS2024 IFIP Networking Conference (IFIP Networking)10.23919/IFIPNetworking62109.2024.10619838(522-528)Online publication date: 3-Jun-2024
https://doi.org/10.23919/IFIPNetworking62109.2024.10619838
Thorn SEnglish KButler KEnck WKim YKim JKoushanfar FRasmussen K(2024)5GAC-Analyzer: Identifying Over-Privilege Between 5G Core Network FunctionsProceedings of the 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks10.1145/3643833.3656134(66-77)Online publication date: 27-May-2024
https://dl.acm.org/doi/10.1145/3643833.3656134
Gao GZhang YSong YLi S(2024)PrivSSO: Practical Single-Sign-On Authentication Against Subscription/Access Pattern LeakageIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.339253319(5075-5089)Online publication date: 2024
https://doi.org/10.1109/TIFS.2024.3392533
Pernpruner MCarbone RSciarretta GRanise S(2024)An Automated Multi-Layered Methodology to Assist the Secure and Risk-Aware Design of Multi-Factor Authentication ProtocolsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.329621021:4(1935-1950)Online publication date: Jul-2024
https://doi.org/10.1109/TDSC.2023.3296210
Potyok CSimon BHartveg ÁSiket MDénes-Fazakas LEigner GBalázs MKovács LSzilágyi L(2024)Mobile Application Development for Diabetes Patient2024 IEEE 18th International Symposium on Applied Computational Intelligence and Informatics (SACI)10.1109/SACI60582.2024.10619902(000559-000564)Online publication date: 23-May-2024
https://doi.org/10.1109/SACI60582.2024.10619902
Carrasco JMuñoz-Solanas LGil LParedes-García D(2024)CredSSI: Enhancing Security and Privacy with Self-Sovereign Identities Approach2024 IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events (PerCom Workshops)10.1109/PerComWorkshops59983.2024.10503044(745-750)Online publication date: 11-Mar-2024
https://doi.org/10.1109/PerComWorkshops59983.2024.10503044
Saravanan MGogineni N(2024)A New Framework for Microservices with Single Sign-On, Security Assertion Markup Language and OpenID Connect2024 3rd International Conference on Sentiment Analysis and Deep Learning (ICSADL)10.1109/ICSADL61749.2024.00094(539-543)Online publication date: 13-Mar-2024
https://doi.org/10.1109/ICSADL61749.2024.00094
Jannett LMainka CWesters MMayer AWich TMladenov V(2024)SoK: SSO-MONITOR - The Current State and Future Research Directions in Single Sign-on Security Measurements2024 IEEE 9th European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP60621.2024.00018(173-192)Online publication date: 8-Jul-2024
https://doi.org/10.1109/EuroSP60621.2024.00018
Almeida JZúquete APazos AOliveira J(2024)A Federated Authentication Schema among Multiple Identity ProvidersHeliyon10.1016/j.heliyon.2024.e28560(e28560)Online publication date: Mar-2024
https://doi.org/10.1016/j.heliyon.2024.e28560
He JLei LWang YWang PJing J(2024)ARPSSO: An OIDC-Compatible Privacy-Preserving SSO Scheme Based on RP AnonymizationComputer Security – ESORICS 202410.1007/978-3-031-70890-9_14(268-288)Online publication date: 6-Sep-2024
https://doi.org/10.1007/978-3-031-70890-9_14
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents