ExPrESSO: Zero-Knowledge backed Extensive Privacy Preserving Single Sign-on
Kaustabh Barman, Fabian Piper, Sanjeet Raj Pandey, Axel Kuepper
TL;DR
ExPrESSO introduces a zero-knowledge-based extension to OpenID Connect to preserve end-user privacy during SSO by hiding the RP identity from the IdP. It leverages Groth16 zk-SNARKs and an MPC-based trusted ceremony to enable membership proofs of registered RPs without disclosing their identity, delivering RP unobservability and user unlinkability alongside authentication integrity. The approach includes standardized circuit design via OIDF, a decentralized artifact pool, and mechanisms for registration and revocation, aiming for production viability with modest storage and latency overhead. Overall, ExPrESSO provides a practical, privacy-preserving SSO solution with concrete architectural processes and security analyses, paving the way for broader adoption in real-world OIDC deployments.
Abstract
User authentication is one of the most important aspects for secure communication between services and end-users over the Internet. Service providers leverage Single-Sign On (SSO) to make it easier for their users to authenticate themselves. However, standardized systems for SSO, such as OIDC, do not guarantee user privacy as identity providers can track user activities. We propose a zero-knowledge-based mechanism that integrates with OIDC to let users authenticate through SSO without revealing information about the service provider. Our system leverages Groth's zk-SNARK to prove membership of subscribed service providers without revealing their identity. We adopt a decentralized and verifiable approach to set up the prerequisites of our construction that further secures and establishes trust in the system. We set up high security targets and achieve them with minimal storage and latency cost, proving that our research can be adopted for production.