Secure, Private, and Personal: Advancing Digital Identity

Abstract

Internet users' digital identities consist of accounts for numerous services. These accounts can typically be accessed by providing a credential, most commonly a password. However, this primary authentication method is rarely the only way to access an account. Accounts are connected to other accounts, for example through recovery methods, password managers, or single sign-on. Accounts are also connected with the user's electronic devices and with other aspects of the physical world. For example, users frequently have open sessions or saved passwords on their devices and write down passwords physically. This complex web of connections gives rise to a wide range of potential security weaknesses in users' account setups. However, from the user perspective, these connections are often necessary to reduce the risk of being locked out of one's own accounts. In the first part of this thesis, we introduce account access graphs, the first formalism that enables a comprehensive modeling and analysis of the user's entire setup of interconnected accounts, credentials, devices, keys, and documents. Account access graphs support systematically identifying both security vulnerabilities and lockout risks in a user's accounts. We employ the methodology associated with this formalism in a qualitative user study where we obtain the account access graphs of twenty participants. In the study, we obtain detailed insights on how users' personal setup choices and behaviors affect their overall account security. In the second part, we focus on one particularly important kind of connection between users' account setups: single sign-on using OpenID Connect. This protocol allows a user to leverage her account with an identity provider (IdP) to log in to other services, called relying parties (RPs). However, OpenID Connect comes with a significant privacy trade-off: Whenever the user logs in to an RP using the protocol, the IdP learns to which RP the user logged in. This is especially problematic when using a particular RP may reveal sensitive information about the user. We present a protocol design that solves this privacy issue, called Privacy-preserving OpenID Connect (POIDC). We have formally modeled our protocol design in the symbolic protocol model, and obtained machine-checked security proofs using the protocol verification tool Tamarin. Thus, POIDC improves users' privacy while obtaining the same security guarantees as the unmodified OpenID Connect protocol.