Security Analysis in an OpenID Connect Lab Environment

In this post, Christian Fries shows an approach to unveil security flaws in OpenID Connect Certified implementations with well-known attack methods. One goal of the master's thesis Security Analysis of Real-Life OpenID Connect Implementations was to provide a platform for developers and security researchers to test implementations in a reproducible and maintainable OIDC lab environment.

We included six OpenID Provider (OP) and eight Relying Party (RP) services in the lab environment. For the comprehensive security analysis, we tested the implementations against eleven Relying Party attacks and seven OpenID Provider attacks in different variations with our tool PrOfESSOS. In addition, we carried out manual tests as well. We have disclosed twelve implementation flaws and reported them to the developers in a responsible disclosure process.

Two developer teams fixed (✔) the vulnerabilities before the deadline of the master's thesis. One Redirect URI Manipulation vulnerability was rejected (✖). This particular case can be permissible for only one registered URI for reasons of interoperability and fault tolerance. We informed three further development teams (✦).

Name	Vulnerability	Fixed	CVE
MITREid Connect	PKCE Downgrade Attack	✦
mod auth openidc	ID Spoofing, JWKS Spoofing	✔
node oidc-provider	Redirect URI Manipulation	✖
OidcRP	Replay Attack	✦
phpOIDC	Message Flow Confusion, ID Spoofing, Key Confusion	✦
pyoidc	Replay Attack, Signature Manipulation, Token Recipient Confusion	✔	CVE-2020-26244

We explain the method of how we have archived this result in the following sections.

Attacks on PDF Certification

In recent years, we have presented How to Spoof PDF Signatures and Shadow Attacks: Hiding and Replacing Content in Signed PDFs, which describe attacks on PDF signatures under various attack scenarios. The attacks focused on so-called approval signatures. However, in addition to signing PDFs, the PDF specification also specifies the certification of documents, also known as certification signatures.

To close this research gap, we performed an extensive analysis of the security of PDF certification. In doing so, we developed the Evil Annotation Attack (EAA), as well as the Sneaky Signature Attack (SSA). The attack idea exploits the flexibility of PDF certification, which allows signing or adding annotations to certified documents under different permission levels. Our practical evaluation shows that an attacker could change the visible content in 15 of 26 viewer applications by using EAA and in 8 applications using SSA by using PDF specification compliant exploits. We improved both attacks’ stealthiness with applications’ implementation issues and found only two applications secure to all attacks.

We responsibly disclosed all affected vendors. Together with the CERT-Bund (BSI), we supported the vendors in developing suitable countermeasures. The attacks are documented in CVE-2020-35931, CVE-2021-28545 and CVE-2021-28546.

Full results are available in our paper, vulnerability report and on our website.