For Open ID association, Relying Party(RP) sends associate request to OP(Open ID Provider).
It takes place after the discovering URL of OP server url based on given user OpenId.
Relying Party and Open ID Provider shares mac_key i.e. shared secret key for association.
Diffie-Hellman shared secret is used for encrypting mac_key.
A.Diffie-Hellman key Exachange:
Step 1: Both RP & OP agree on two values “g” and “p” where “p” is a large prime number and “g” is a small number. These values are defined in the OpenID Authentication Specification. These values are public.
Step 2: RP selectes a secret number “a” and Compute another number “A” with this method-
A = g^a mod p
Now “A” becomes public key for RP.
RP shares “A” with OP.
Step 3: OP selectes a secret number “b” and Compute another number “B” with this method-
B = g^b mod p
Now “B” becomes public key for OP.
OP shares “B” with RP.
Step 4: RP computes Diffie-Hellman secret key with this method-
DH_Secret_Key = B^a mod p
Step 5: RP computes Diffie-Hellman secret key with this method-
DH_Secret_Key = A^b mod p
DH_Secret_Key is used for encryption of mac_key.
OpenID Authentication supports two types of consumer –
1.Smart mode-Statefull mode
For smart mode, RP must send associate request to OP for getting shared secret.
RP may cache it for later use.
2.Dumb mode-Stateless mode
It is HTTP POST request from RP to OP.
1. openid.mode : Set to value “associate”.
2. openid.assoc_type : Set to “HMAC-SHA1” or “HMAC-SHA256”.
OpenID 1.1 supported only HMAC-SHA1.
OpenID 2.0 added support for HMAC-SHA256.
Used for signing messages after association done.
3. openid.session_type : Method used to encrypt the mac_key(shared secret between RP and OP) with Diffie-Hellman.
c. DH-SHA256 [Added in 2.0]
With no-encryption method, mac_key is sent in plain-text from OP to RP.
If Transport layer encryption is not provided,it may lead to interception by eavesdropper.
b. DH-SHA1 / DH-SHA256
Diffie-Hellman Key Exchange, session types for securely transmit the shared secret mac_key.
For Session Type- DH-SHA1 / DH-SHA256, follwing parameters used.
4. openid.dh_modulus : This is the value of “p” used in Diffie-Hellman key-exchange, where the default value defined in the specification.
5. openid.dh_gen : This is the value of “g” used in Diffie-Hellman key-exchange, where the default value defined in the specication.
6. openid.dh_consumer_public : This is the public key of RP for Diffie-Hellman key-exchange [A].
Steps at OP site-
1.OP receives associate request.
2.Generate a MAC key
3.Encrypt the MAC key with the Diffie-Hellman shared secret if openid.session_type set to DH-SHA1 / DH-SHA256.
4.Share OP Diffie-Hellman public key with the RP with response so RP can derive the Diffie-Hellman shared secret from it and decrypt the MAC key.
Response for associate request from OP to RP.
1. assoc_handle : The association handle is used as a key to refer to this association in subsequent messages. assoc_handle will be used as key at both the OP and RP ends to cache the values associated with “associate” message.
2. expires_in : The lifetime, in seconds, of this association. The Relying Party MUST NOT use the association after this time has passed.
3. mac_key : The MAC key (shared secret) for this association, when “no-encryption” is used for session_type in the “associate” request.
4. dh_server_public : OP’s Diffie-Hellman public key
5. enc_mac_key : The MAC key (shared secret), encrypted with the secret Diffie-Hellman value.
Once an “association” is established RP requests authentication for a given OpenID where request contains assoc_handle.