You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
For the Federation analysis, we found a scenario that seems to be in line with the specifications and would lead to attacks.
To put it briefly, Federation uses PAR for automatic registration, so we consider OIDC together with PAR, on top of Federation for registration.
However, the PAR specification allows for (1) redirection endpoints that are not pre-registered and (2) using the token endpoint as the audience value of the private key JWT when authenticating at the PAR endpoint.
However, a malicious OP could specify token endpoints of other OPs, thus, obtaining private key JWTs created by an RP that it could use at those OPs.
As the Federation specification uses PAR, we think that it should also provide enough restrictions to ensure that the resulting protocol is secure; For example, Federation already introduces restrictions on the set of authentication mechanisms that should be used for PAR.
The attached PDF contains a detailed description, including diagrams and our assumptions.
From: Pedram Hosseyni <[email protected]>
Sent: Friday, September 20, 2024 2:48 AM
To: [email protected]
Cc: Marcus Almgren <[email protected]>; Ralf Kuesters <[email protected]>; Tim Würtele <[email protected]>
Subject: Federation Analysis: Private Key JWT Replay
Hi Mike,
For the Federation analysis, we found a scenario that seems to be in line with the specifications and would lead to attacks.
To put it briefly, Federation uses PAR for automatic registration, so we consider OIDC together with PAR, on top of Federation for registration.
However, the PAR specification allows for (1) redirection endpoints that are not pre-registered and (2) using the token endpoint as the audience value of the private key JWT when authenticating at the PAR endpoint.
However, a malicious OP could specify token endpoints of other OPs, thus, obtaining private key JWTs created by an RP that it could use at those OPs.
As the Federation specification uses PAR, we think that it should also provide enough restrictions to ensure that the resulting protocol is secure; For example, Federation already introduces restrictions on the set of authentication mechanisms that should be used for PAR.
The attached PDF contains a detailed description, including diagrams and our assumptions.
Best
Tim and Pedram
Cc: @PedramHD @SECtim
The text was updated successfully, but these errors were encountered: