SSH-DAuth: Secret Sharing based Decentralized OAuth using Decentralized Identifier
Published:
Recommended citation: Krishna, D.P., Ramaguru, R., Praveen, K. et al. SSH-DAuth: secret sharing based decentralized OAuth using decentralized identifier. Sci Rep 13, 18335 (2023). https://doi.org/10.1038/s41598-023-44586-6 https://doi.org/10.1038/s41598-023-44586-6
OAuth2.0 is a Single Sign-On approach that helps to authorize users to log into multiple applications without re-entering the credentials. Here, the OAuth service provider controls the central repository where data is stored, which may lead to third-party fraud and identity theft. To circumvent this problem, we need a distributed framework to authenticate and authorize the user without third-party involvement. This paper proposes a distributed authentication and authorization framework using a secret-sharing mechanism that comprises a blockchain-based decentralized identifier and a private distributed storage via an interplanetary file system. We implemented our proposed framework in Hyperledger Fabric (permissioned blockchain) and Ethereum TestNet (permissionless blockchain). Our performance analysis indicates that secret sharing-based authentication takes negligible time for generation and a combination of shares for verification. Moreover, security analysis shows that our model is robust, end-to-end secure, and compliant with the Universal Composability Framework.