Options for integrating eID and SAML

Several European countries currently introduce highly sophisticated eID functionality in their national identity cards. This functionality typically has no direct relation to web security standards, but will be integrated with web technologies to enable browser-based access to critical resources. The research challenge to combine eID protocols and web standards like TLS in a secure way proves extremely challenging: The security of many of the proposed systems boils down to HTTP session cookies and TLS server certificates. Therefore, the overall security is not improved and does not justify the additional costs. In this paper, we investigate this security challenge for the German national identity card and its eID functionality. We show that the solution currently standardized by the German government does not offer any additional security, by giving an in-depth analysis of the complete software system. We discuss several possible paths to an enhanced solution based on TLS channel bindings. Finally, we describe a system setup based on the SAML Holder-of-Key Web Browser Profile, which also mitigates interoperability problems.

[1]  Roy T. Fielding,et al.  Hypertext Transfer Protocol - HTTP/1.1 , 1997, RFC.

[2]  D. Box,et al.  Simple Object Access Protocol (SOAP) 1.1, W3C Note , 2000 .

[3]  D. Box,et al.  Simple object access protocol (SOAP) 1.1 , 2000 .

[4]  Leon Gommans,et al.  Generic AAA Architecture , 2000, RFC.

[5]  Jeff Hodges,et al.  Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML) V2. 0 , 2001 .

[6]  Mitja Kolšek,et al.  Session Fixation Vulnerability in Web-based Applications , 2002 .

[7]  Birgit Pfitzmann,et al.  Analysis of Liberty Single-Sign-on with Enabled Clients , 2003, IEEE Internet Comput..

[8]  Thomas Groß,et al.  Security analysis of the SAML single sign-on browser/artifact profile , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[9]  Ahmad-Reza Sadeghi,et al.  Browser Model for Security Analysis of Browser-Based Protocols , 2005, ESORICS.

[10]  Birgit Pfitzmann,et al.  SAML artifact information flow revisited , 2006 .

[11]  Nicolas Williams,et al.  On the Use of Channel Bindings to Secure Channels , 2007, RFC.

[12]  Jörg Schwenk,et al.  TLS-Federation - a Secure and Relying-Party-Friendly Approach for Federated Identity Management , 2008, BIOSIG.

[13]  Alessandro Armando,et al.  Formal analysis of SAML 2.0 web browser single sign-on: breaking the SAML-based single sign-on for google apps , 2008, FMSE '08.

[14]  Sebastian Gajek A Universally Composable Framework for the Analysis of Browser-Based Security Protocols , 2008, ProvSec.

[15]  Jörg Schwenk,et al.  Stronger TLS bindings for SAML assertions and SAML artifacts , 2008, SWS '08.

[16]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[17]  Michael B. Jones,et al.  Identity Metasystem Interoperability Version 1.0 , 2008 .

[18]  Tibor Jager,et al.  A Browser-Based Kerberos Authentication Scheme , 2008, ESORICS.

[19]  Lorrie Faith Cranor,et al.  Crying Wolf: An Empirical Study of SSL Warning Effectiveness , 2009, USENIX Security Symposium.

[20]  Marc Fischlin,et al.  Security Analysis of the PACE Key-Agreement Protocol , 2009, ISC.

[21]  Tom Scavo,et al.  SAML V2.0 Holder-of-Key Web Browser SSO Profile Version 1.0 , 2009 .

[22]  Jörg Schwenk,et al.  SAMLizing the European Citizen Card , 2009, BIOSIG.

[23]  Larry Zhu,et al.  Channel Bindings for TLS , 2010, RFC.

[24]  Eric Rescorla Keying Material Exporters for Transport Layer Security (TLS) , 2010, RFC.

[25]  Adam Barth,et al.  TLS Origin-Bound Certificates , 2011 .

[26]  Jörg Schwenk,et al.  The power of recognition: secure single sign-on using TLS channel bindings , 2011, DIM '11.

[27]  Jörg Schwenk,et al.  On Breaking SAML: Be Whoever You Want to Be , 2012, USENIX Security Symposium.

[28]  Dan S. Wallach,et al.  Origin-Bound Certificates: A Fresh Approach to Strong Client Authentication for the Web , 2012, USENIX Security Symposium.

[29]  Dirk Balfanz,et al.  Transport Layer Security (TLS) Channel IDs , 2013 .

[30]  Ray A. Perlner,et al.  Electronic Authentication Guideline , 2014 .