Friday, December 12, 2014

Attacking SSO Part 1: ID Spoofing

In 2013 we started a security study on one of the most widespread SSO protocols: OpenID. As described in previous posts, OpenID is a decentralized protocol, which provides a way to prove that a user controls an Identifier – URL.IDC. Additionally, OpenID is designed to support the usage of arbitrary IdPs: “An end user can freely choose which OpenID Provider to use ...“.
Considering the properties of OpenID, we came up with the idea to study the relation between the IdP, generating the authentication token, and the Identifier URL.Idc contained in the token. In other words – is this relation critical regarding the security of OpenID implementations deployed on the SPs.

Wednesday, December 10, 2014

Single Sign-On: The OpenID Protocol

In one of the previous posts, we explained SSO on the example of SAML.In this post, we will introduce another popular and widely deployed SSO Protocol: OpenID (if you are not familiar with SSO, we recommend you to read SSO on the example of SAML first).

Tuesday, December 9, 2014

Save Your Cloud: XSS in OpenStack Dashboard

Maximizing the effectiveness of compute power using an Infrastructure-as-a-Service (IaaS) cloud service is a common technique nowadays. Private (IaaS) clouds are often advertised as being more secure as public ones, simply because they are "provisioned for exclusive use by a single organization" (source). However, private and public clouds share the same technology; there is no fundamental difference in the techniques employed.

Friday, November 7, 2014

How Secure is TextSecure?

Instant Messaging has attracted a lot of attention by users for both private and business communication and has especially gained popularity as low-cost short message replacement on mobile devices. However, most popular mobile messaging apps do not provide end-to-end security. Press releases about mass surveillance performed by intelligence services such as NSA and GCHQ lead many people looking for means that allow them to preserve the security and privacy of their communication on the Internet. Additionally fueled by Facebook's acquisition of the hugely popular messaging app WhatsApp, alternatives that claim to provide secure communication experienced a significant increase of new users.

Thursday, November 6, 2014

Detecting and exploiting XXE in SAML Interfaces

This post will describe some findings, problems and inisghts regarding XML External Entity Attacks (XXEA) that we gathered during a large-scale security analysis of several SAML interfaces.
XXEA has been a popular attack class in the last months, see for example
This post will explain the basics of XXEA and how to adopt them to SAML, including some special problems you have to cope with.

First, we introduce the concept of Document Type Definition (DTD) and XML External Entity (XXE), and afterwards some basics on SAML. If you are fimiliar with these concepts, you may want to skip these sections and go to the last section XXEA on SAML.

Monday, October 20, 2014

Single Sign-On

Single Sign-On

Using authentication via Single Sign-On (SSO) has many advantages over simple Username/Password mechanisms. Whereas for the latter, the user has to remember multiple different Username/Password combinations, this overhead can be significantly reduced with SSO. Also, the security of Username/Password relies solely on the strength of the password provided by the user, but SSO allows for the adoption of several technical measures to further enhance the security of the login procedure.

Wednesday, October 1, 2014

Verification of SAML Tokens - Traps and Pitfalls

Verification of SAML Tokens - Traps and Pitfalls

This post will describe some findings in Single Sign-On area and problems related to the security of SAML-based authentication interfaces.

We will describe 6 attacks: Replay Attack, Token Recipient Confusion, Signature Exclusion, XML Signature Wrapping, Certificate Faking and Certificate Injection.

All 6 attacks are related to the SAML SSO interface and are high critical regarding the security.

Wednesday, August 20, 2014

Old attacks on new TLS implementations - or how a tiny side channel can break your crypto

This week at USENIX Security my colleague Chris Meyer will present our latest research paper on TLS attacks: "Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks" (written by him, Eugen Weiss, Jörg Schwenk, Sebastian Schinzel, Erik Tews and me) [paper].
This blog post is intended for people who do not like boring long research papers and would like to get a comprehensive summary what's going on. As the title suggests we developed some attacks on TLS implementations. In the following, I will try to give you an intuition behind these attacks and explain why they worked.

Beliebte Posts