Strong Federated Authentication With Password-based Credential Against Identity Server Corruption

Changsong Jiang; Chunxiang Xu; Guomin Yang; Li Duan; Jing Wang

Paper 2025/555

Strong Federated Authentication With Password-based Credential Against Identity Server Corruption

Changsong Jiang

, School of Computer Science and Engineering, University of Electronic Science and Technology of China, School of Computing and Information Systems, Singapore Management University

Chunxiang Xu

, School of Computer Science and Engineering, University of Electronic Science and Technology of China, Yangtze Delta Region Institute (Huzhou), University of Electronic Science and Technology of China

Guomin Yang

, School of Computing and Information Systems, Singapore Management University

Li Duan

, Paderborn University

Jing Wang

, School of Cyber Science and Engineering, Huazhong University of Science and Technology

Abstract

We initiate the study of strong federated authentication with password-based credential against identity server corruption (SaPBC). We provide a refined formal security model, which captures all the necessary security properties in registration, authentication, and session key establishment between a user and an application server. The new model with fine-grained information leakage separates the leakage of password-related files and long-term secrets (including passwords and credentials). Moreover, we present two SaPBC protocols constructed from efficient cryptographic primitives for these corruption scenarios. In addition to rigorous security proofs, we also conduct comprehensive performance evaluation of the two protocols.

Note: This is the full version of our paper published in ACISP 2025.

Metadata

Available format(s): PDF
Category: Cryptographic protocols
Publication info: Published elsewhere. 30th Australasian Conference on Information Security and Privacy (ACISP 2025)
Keywords: Federated identities Strong authentication Password-based credential Server corruption
Contact author(s): jiangchso @ std uestc edu cn
chxxu @ uestc edu cn
gmyang @ smu edu sg
liduan @ mail upb de
cswjing @ hust edu cn
History: 2025-03-28: approved; 2025-03-26: received; See all versions
Short URL: https://ia.cr/2025/555
License: CC BY

BibTeX

@misc{cryptoeprint:2025/555,
      author = {Changsong Jiang and Chunxiang Xu and Guomin Yang and Li Duan and Jing Wang},
      title = {Strong Federated Authentication With Password-based Credential Against Identity Server Corruption},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/555},
      year = {2025},
      url = {https://eprint.iacr.org/2025/555}
}