Chengqian Guo, Jingqiang Lin, Quanwei Cai et al.
Single sign-on (SSO) allows a user to maintain only the credential for an identity provider (IdP) to log into multiple relying parties (RPs). However, SSO introduces privacy threats, as (a) a curious IdP could track a user's all visits to RPs, and (b) colluding RPs could learn a user's online profile by linking her identities across these RPs. This paper presents a privacypreserving SSO scheme, called UPPRESSO, to protect an honest user's online profile against (a) an honest-but-curious IdP and (b) malicious RPs colluding with other users. UPPRESSO proposes an identity-transformation approach to generate untraceable ephemeral pseudo-identities for an RP and a user from which the target RP derives a permanent account for the user, while the transformations also provide unlinkability. This approach protects the identities of the user and the target RPs in a login flow, while working compatibly with widely-deployed SSO protocols and providing services accessed from a commercial-off-the-shelf browser without plug-ins or extensions. We built a prototype of UPPRESSO on top of MITREid Connect, an open-source SSO system. The extensive evaluations show that it fulfills the security and privacy requirements of SSO with reasonable overheads.