Explore the intricacies of Single Sign-On (SSO) security in this comprehensive conference talk from BSidesLV 2019. Delve into the world of delegated authentication, focusing on JWT and SAML tokens. Examine potential attack vectors, including signature verification vulnerabilities in .NET frameworks. Analyze key resolution methods and their impact on security. Investigate specific scenarios involving Windows Communication Foundation (WCF) and SharePoint authentication flows. Gain valuable insights into dupe key confusion attacks and their limitations. Equip yourself with essential knowledge to fortify SSO implementations against token-based threats.
Overview
Syllabus
Intro
Agenda
Delegated Authentication
JWT token
Similar code for SAML
Potential Attack Vectors (2/2)
Simplified SAML Token
SAML Signature Verification in .NET
A tale of two resolvers
Possible scenarios for different key resolution
Examples of affected frameworks
Windows Communication Foundation (WCF)
Key & Token Resolution
Token resolution - Breadth First
Dupe Key Confusion
Key and Token resolutions
Attack limitations
SharePoint Authentication Flow
SharePoint Attack Flow
Conclusions
Taught by
BSidesLV
