Formal analysis of SAML 2.0 web browser single sign-on: breaking the SAML-based single sign-on for google apps

Single-Sign-On (SSO) protocols enable companies to establish a federated environment in which clients sign in the system once and yet are able to access to services offered by different companies. The OASIS Security Assertion Markup Language (SAML) 2.0 Web Browser SSO Profile is the emerging standard in this context. In this paper we provide formal models of the protocol corresponding to one of the most applied use case scenario (the SP-Initiated SSO with Redirect/POST Bindings) and of a variant of the protocol implemented by Google and currently in use by Google's customers (the SAML-based SSO for Google Applications). We have mechanically analysed these formal models with SATMC, a state-of-the-art model checker for security protocols. SATMC has revealed a severe security flaw in the protocol used by Google that allows a dishonest service provider to impersonate a user at another service provider. We have also reproduced this attack in an actual deployment of the SAML-based SSO for Google Applications. This security flaw of the SAML-based SSO for Google Applications was previously unknown.

[1]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[2]  Gavin Lowe,et al.  A hierarchy of authentication specifications , 1997, Proceedings 10th Computer Security Foundations Workshop.

[3]  Bruno Blanchet,et al.  From Secrecy to Authenticity in Security Protocols , 2002, SAS.

[4]  Birgit Pfitzmann,et al.  Federated Identity-Management Protocols , 2003, Security Protocols Workshop.

[5]  Birgit Pfitzmann,et al.  Analysis of Liberty Single-Sign-on with Enabled Clients , 2003, IEEE Internet Comput..

[6]  Thomas Groß,et al.  Security analysis of the SAML single sign-on browser/artifact profile , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[7]  Hanne Riis Nielson,et al.  Using static analysis to validate the SAML single sign-on protocol , 2005, WITS '05.

[8]  Ahmad-Reza Sadeghi,et al.  Browser Model for Security Analysis of Browser-Based Protocols , 2005, ESORICS.

[9]  Sebastian Mödersheim,et al.  The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications , 2005, CAV.

[10]  조영섭,et al.  OASIS SAML(Security Assertion Markup Language) v2.0 고찰 및 활용 , 2006 .

[11]  Alessandro Armando,et al.  LTL Model Checking for Security Protocols , 2007, 20th IEEE Computer Security Foundations Symposium (CSF'07).

[12]  Alessandro Armando,et al.  SAT-based model-checking for security protocols analysis , 2008, International Journal of Information Security.

[13]  Cédric Tabin,et al.  Liberty Alliance Project , 2007 .

[14]  Andrew D. Gordon,et al.  Verified implementations of the information card federated identity-management protocol , 2008, ASIACCS '08.