Hasso-Plattner-InstitutSDG am HPI
Hasso-Plattner-InstitutDSG am HPI
Login
 

Privacy-Preserving Identity Management

Cybersecurity – Identity Management
Hasso Plattner Institute

Office: G-3.1.15
Tel.: +49-(0)331 5509-4898
E-Mail: maximilian.kroschewski(at)hpi.de
Links: Research Group Team Page

Supervisor: Prof. Dr. Anja Lehmann

Research Area

In my research, I'm interested in privacy-preserving solutions that meet the desired functional requirements in a secure and privacy-friendly way. This includes the definition of the security model, the design of the cryptographic protocol, proving its security under precise assumptions, and demonstrating its applicability with a prototype.

Current Work: Privacy-Preserving Single Sign-On

  • Continuation of my Master Thesis: Privacy Enhancement In the OpenID Connect Protocol Flow

Single Sign-On (SSO) is a method allowing users to log in to an application through a third-party account, such as their Google account. Today, the most widely used SSO protocol is OpenID Connect (OIDC), which poses a significant privacy problem: The SSO provider can track users by learning which applications are being accessed. My work addresses this problem and makes three contributions. First, it provides a critical discussion of proposed approaches for privacy- and security-enhancing SSO protocols. We find that the dominant approaches are incompatible with the common OIDC standard. Such compatibility is essential to enable the application in practice. Our second contribution is to propose two protocol extensions, which are (1) compatible with OIDC and (2) enhance user privacy. Lastly, we evaluate if the proposed protocols cause disruption with other functions in OIDC and assess the necessary adaptations to the protocol flow. The goal is to establish usable protocol extensions which function in practice and improve privacy in SSO protocols.

In continuation of this work, we prove the security of the proposed protocol extensions, consider additional privacy aspects, provide a functional prototype, and assess its implications.