Privacy Preserving OAuth Service with TEEs

If we use Google, Facebook, or SwissID logins for third party sites, these login providers get to know when we log into which service. Moreover, the user has only little control over which data from her/his Google or Facebook accounts are shared with the service she/he’s logging into.

The goal of this thesis is to build a blind OAuth service, which can be easily integrated into third party sites just like the above mentioned services.

The software being developed in this thesis will build upon substraTEE, developed by SCS and written in Rust. substraTEE is an extension to the Blockchain Framework Parity Substrate, allowing to call a custom state transition function (STF) inside a Trusted Execution Environment (TEE), namely an Intel SGX enclave, thereby providing confidentiality and integrity for decentralized services. The enclaves operate on an encrypted state which can be read and written only by a set of provisioned and remote-attested enclaves.

Kind of Work
30% Theory, 70% Implementation



Time & Effort
Master’s Thesis, 1 Student


Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.