[Openid-specs-ab] Attacking OpenID Connect 1.0 - Malicious Endpoints Attack

Shane B Weeden sweeden at au1.ibm.com
Mon Oct 12 23:30:17 UTC 2015

I would have thought Phase 1.1 of this attack be avoided with simple CSRF
protection on the honestClient's endpoint accepting the end-user's
identifier. In this way it's no different from any other phishing attack.
The rest of the attack is then a moot point.

From:	Mike Schwartz <mike at gluu.org>
To:	openid-specs-ab at lists.openid.net
Date:	13/10/2015 08:39
Subject:	[Openid-specs-ab] Attacking OpenID Connect 1.0 - Malicious
            Endpoints Attack
Sent by:	"Openid-specs-ab" <openid-specs-ab-bounces at lists.openid.net>

Attacking OpenID Connect 1.0 - Malicious Endpoints Attack


In this post we show a novel attack on OpenID Connect 1.0, which
compromises the security of the entire protocol - the Malicious
Endpoints attack. The idea behind the attack is to influence the
information flow in the Discovery and Dynamic Registration Phase in such
a way that the attacker gains access to sensitive information...

Openid-specs-ab mailing list
Openid-specs-ab at lists.openid.net

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20151012/7ade8f6c/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graycol.gif
Type: image/gif
Size: 105 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20151012/7ade8f6c/attachment.gif>

More information about the Openid-specs-ab mailing list