[Openid-specs-ab] Further rationale for ephemeral identiifer

Nat Sakimura nat at sakimura.org
Mon Jun 9 22:56:59 UTC 2025 

P.S. Examples of attribute-based unlinkable entity authentication
include Overage verification, Underage verification, Registered domicile
verification, etc.

2025年6月9日(月) 15:47 Nat Sakimura <nat at sakimura.org>:

> Dear AB/C WG
>
> I am writing to elaborate on the rationale for writing the ephemeral
> identifier spec.
>
> There are multiple reasons for this:
>
> As Ralph points out, it is already used in some ecosystems. Standardising
> it would therefore reduce existing variations.
>
> Additionally, it is a condition needed to prove OIDC/SIOP to fulfil the
> Unlinkability Level (UL) 3A+. This Unlinkability Level is defined in
> ISO/IEC 27551 Information security, cybersecurity and privacy protection —
> Requirements for attribute-based unlinkable entity authentication. It
> defines seven different kinds of "unlinkability" and it also defines
> Unlinkability Levels (UL) as satisfying some kind of unlinkability would
> automatically satisfy other types of unlinkability.
>
> According to ISO/IEC 27551, to attain unlinkability level N
> attribute-based entity authentication, the protocol: a) shall be correct;
> b) shall be unforgeable;  c) shall satisfy the assurance level on
> attributes that is required by the RP; and  d) shall satisfy the
> unlinkability properties at level N.
>
> The correctness, unforgeability and unlinkability are also defined in the
> document. I will not go into the details (as it would take pages) of the
> definition, but generically, a protocol itself is said to be unlinkable if
> its executions cannot be linked, given explicit settings for the adversary
> and target entity role, where "linked" means the adversary to make a
> correct guess, with a probability significantly better than one half.
>
> In ISO/IEC 27551 Appendix C.2, there is a mathematical proof that the
> presented implementation of OpenID Connect belongs to the class UL 3A+ and
> this "implementation" requires an ephemeral identifier.
>
> I hope this provides further clarity.
>
> Best regards,
>
> Nat Sakimura
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20250609/b37a825d/attachment.htm>

More information about the Openid-specs-ab mailing list