The OpenID Foundation is pleased to announce the completion of a comprehensive security analysis of OpenID for Verifiable Presentations (OpenID4VP) when used over the Digital Credentials API (DC API). This represents the first security analysis of OpenID4VP and DC API together, which allowed potential security vulnerabilities to be detected and mitigated before the spec went to final in July. 

Conducted by researchers from the Institute of Information Security at the University of Stuttgart using the proven Web Infrastructure Model (WIM) methodology, this analysis builds on a track record of rigorous, mathematical security modelling of OIDF protocols, and a two way exchange between the researchers and the OIDF work groups to ensure the protocols deliver the expected security properties.  It has also been used to analyse other OpenID Foundation standards, including OpenID Connect, FAPI 1.0 and FAPI 2.0, as well as OAuth 2.0.

This approach has previously uncovered potential attack vectors allowing for proactive mitigation of the vulnerability, such as a recent responsible disclosure that impacted several spec families. 

As part of the scope of this study, the University of Stuttgart presented a formal model of the OpenID4VP specification in conjunction with the Digital Credentials API, identified and formalized relevant security properties, and completed formal proofs for those security properties successfully. 

These proofs confirm the security of the protocol within the bounds of the mathematical assumptions and formal modelling. Importantly, no new vulnerabilities were identified during the verification process.

Analysis scope and objective

The primary goal was to demonstrate that using OpenID4VP over the DC API delivers a fundamental security guarantee, that of a ‘claims unforgeability’. Put simply, this means proving that attackers cannot trick honest verifiers into accepting false claims that appear to come from legitimate issuers for genuine users with credentials issued to honest wallets.

The analysis takes a focused approach to protocol level security, deliberately excluding attack vectors like Cross-Site Scripting or cryptographic implementation vulnerabilities. These fall outside the scope of protocol specifications and are typically addressed through other security measures.

Rigorous methodology

The WIM analysis follows a systematic three step process that ensures thorough coverage. First, researchers create a detailed mathematical model covering all possible protocol executions not explicitly prohibited by the specifications. This model accounts for arbitrary numbers of participants with varying trust relationships, running multiple protocol instances simultaneously across all possible interaction patterns.

Next, they formulate precise security properties based on goals stated in the specifications. Finally, they provide mathematical proofs showing these security properties hold true across every conceivable protocol execution scenario..

Continuing a commitment to security

This work follows the OpenID Foundation's first comprehensive security analysis of OpenID for Verifiable Credentials completed in October 2023 with the goal of increasing confidence in these critical specifications. That previous study used the same WIM methodology. 

The Digital Credentials Protocols Working Group (DCP WG) has accepted this security report on OpenID4VP+DC API, continuing the collaborative approach between academic researchers and standards development. As demonstrated with previous analyses, the DCP WG incorporates relevant feedback into current specification versions, ensuring robust security foundations for implementers.

The complete report is available here on the DCP WG homepage for review by implementers and the broader community.

Expert perspectives

The team of academic researchers from the University of Stuttgart, said: “We thank the OpenID Foundation for another fruitful collaboration and look forward to further joint efforts in analyzing high-impact standards.”

Kristina Yasuda, Co-Chair of the OpenID Foundation’s DCP WG, said: “Proactive security analysis is critical in identifying potential gaps before they impact implementers and End Users. Collaborating closely with academic researchers allows us to validate our specifications against rigorous formal models, strengthen the protocol’s security guarantees, and ensure that OpenID4VP and the DC API deliver the trust and reliability that the ecosystem depends on.”

Daniel Fett, founder of the OAuth Security Workshop, said: “It's great to see the OpenID Foundation adopting formal analysis of web protocols as a standard tool. Beyond the usual expert review, formal analysis has repeatedly proven to be an effective means of uncovering hidden vulnerabilities and challenging underlying assumptions.”

About the OpenID Foundation

The OpenID Foundation (OIDF) is a global open standards body committed to helping people assert their identity wherever they choose. Founded in 2007, we are a community of technical experts leading the creation of open identity standards that are secure, interoperable, and privacy preserving. The Foundation’s OpenID Connect standard is now used by billions of people across millions of applications. In the last five years, the Financial Grade API has become the standard of choice for Open Banking and Open Data implementations, allowing people to access and share data across entities. Today, the OpenID Foundation’s standards are the connective tissue to enable people to assert their identity and access their data at scale, the scale of the internet, enabling “networks of networks” to interoperate globally. Individuals, companies, governments and non-profits are encouraged to join or participate. Find out more at openid.net.