Research Article
Formal Security Analysis of OpenID with GBA Protocol
447 downloads
@INPROCEEDINGS{10.1007/978-3-642-30244-2_10, author={Abu Ahmed and Peeter Laud}, title={Formal Security Analysis of OpenID with GBA Protocol}, proceedings={Security and Privacy in Mobile Information and Communication Systems. Third International ICST Conference, MobiSec 2011, Aalborg, Denmark, May 17-19, 2011, Revised Selected Papers}, proceedings_a={MOBISEC}, year={2012}, month={10}, keywords={}, doi={10.1007/978-3-642-30244-2_10} }
- Abu Ahmed
Peeter Laud
Year: 2012
Formal Security Analysis of OpenID with GBA Protocol
MOBISEC
Springer
DOI: 10.1007/978-3-642-30244-2_10
Abstract
The paper presents the formal security analysis of 3GPP standardized OpenID with Generic Bootstrapping Architecture protocol which allows phone users to use OpenID services based on SIM credentials. We have used an automatic protocol analyzer to prove key security properties of the protocol. Additionally, we have analyzed robustness of the protocol under several network attacks and different threat models (e.g., compromised OP, user entity). The result shows the protocol is secure against key security properties under specific security settings and trust assumptions.
Copyright © 2011–2024 ICST