SSH-DAuth: Secret Sharing based Decentralized OAuth using Decentralized Identifier
Published:
Recommended citation: Prudhvi Krishna Danda, Ramaguru Radhakrishnan, Praveen Kanakkath et al. SSH-DAuth: Secret Sharing based Decentralized OAuth using Decentralized Identifier, 10 May 2023, PREPRINT (Version 1) available at Research Square [https://doi.org/10.21203/rs.3.rs-2858541/v1] https://doi.org/10.21203/rs.3.rs-2858541/v1
OAuth2.0 is a Single Sign-On (SSO) approach that helps to authenticate and authorize users to log into multiple applications without re-entering the credentials. In this model, the data are stored in a central repository completely controlled by the OAuth service provider, which may lead to third-party fraud and identity theft. This paper proposes a decentralized authentication framework comprised of a blockchain-based decentralized identifier and private distributed storage via an interplanetary filesystem (IPFS), permitting the user to have end-to-end data control. Furthermore, we have added a secret sharing mechanism that allows secure storage of data in our proposed model. We implemented our proposed framework in Hyperledger Indy(permissioned blockchain) and Ethereum (permissionless blockchain) to compare the efficiency, scalability, and privacy of the data stored in the blockchain ledger.