A Privacy-Preserving Information-Sharing Protocol for Federated Authentication
By: Francesco Buccafurri, Carmen Licciardi
Potential Business Impact:
Stops fake accounts without seeing your private info.
This paper presents a privacy-preserving protocol for identity registration and information sharing in federated authentication systems. The goal is to enable Identity Providers (IdPs) to detect duplicate or fraudulent identity enrollments without revealing users personal data or enabling cross-domain correlation. The protocol relies on Oblivious Pseudorandom Functions (OPRFs) combined with domain-specific transformations, ensuring that each IdP generates independent pseudonymous identifiers derived from a shared cryptographic service while maintaining full input confidentiality. A central authority maintains a blind registry that records successful and failed identity verifications using only pseudonymous identifiers, allowing global consistency checks without exposing sensitive information or linking users across domains. The proposed construction provides a general and abstract framework suitable for a wide range of federated authentication systems, achieving strong privacy guarantees while supporting effective fraud-prevention mechanisms during identity registration.
Similar Papers
Understanding the Identity-Transformation Approach in OIDC-Compatible Privacy-Preserving SSO Services
Cryptography and Security
Keeps your online accounts private and safe.
Blocklisted Oblivious Pseudorandom Functions
Cryptography and Security
Keeps secret passwords safe from hackers.
A Unified Framework for Constructing Information-Theoretic Private Information Retrieval
Cryptography and Security
Keeps your secrets safe when searching online.