Analysing Applications Layered on Unilaterally Authenticating Protocols

There are many approaches to proving the correctness of application-layer protocols that are layered on secure transport protocols, such as TLS. One popular approach is verification by abstraction, in which the correctness of the application-layer protocol is proven under the assumption that the transport layer satisfies certain properties. Following this approach, we adapt the strand spaces model in order to analyse application-layer protocols that depend on unilaterally authenticating secure transport protocols, such as unilateral TLS. We develop proof rules that enable us to prove the correctness of application-layer protocols that use either unilateral or bilateral secure transport protocols, and illustrate them by proving the correctness of WebAuth, a single-sign-on protocol that makes extensive use of unilateral TLS.

[1]  Rajeev Alur,et al.  A Temporal Logic of Nested Calls and Returns , 2004, TACAS.

[2]  Sebastian Mödersheim,et al.  Vertical Protocol Composition , 2011, 2011 IEEE 24th Computer Security Foundations Symposium.

[3]  Sebastian Mödersheim,et al.  Secure Pseudonymous Channels , 2009, ESORICS.

[4]  Gavin Lowe,et al.  Understanding Abstractions of Secure Channels , 2010, Formal Aspects in Security and Trust.

[5]  Roy T. Fielding,et al.  Hypertext Transfer Protocol - HTTP/1.1 , 1997, RFC.

[6]  Alessandro Armando,et al.  LTL Model Checking for Security Protocols , 2007, 20th IEEE Computer Security Foundations Symposium (CSF'07).

[7]  Theo Dimitrakos,et al.  Formal Aspects in Security and Trust, Fourth International Workshop, FAST 2006, Hamilton, Ontario, Canada, August 26-27, 2006, Revised Selected Papers , 2007, Formal Aspects in Security and Trust.

[8]  Joshua D. Guttman,et al.  Searching for Shapes in Cryptographic Protocols , 2007, TACAS.

[9]  F. Javier Thayer Fábrega,et al.  Strand spaces: proving security protocols correct , 1999 .

[10]  Lawrence C. Paulson,et al.  Verifying Second-Level Security Protocols , 2003, TPHOLs.

[11]  Christopher Allen,et al.  The TLS Protocol Version 1.0 , 1999, RFC.

[12]  Joshua D. Guttman,et al.  Authentication tests and the structure of bundles , 2002, Theor. Comput. Sci..

[13]  Gavin Lowe,et al.  Analysing TLS in the strand spaces model , 2011, J. Comput. Secur..

[14]  Eric Rescorla,et al.  HTTP Over TLS , 2000, RFC.

[15]  Alessandro Armando,et al.  Formal analysis of SAML 2.0 web browser single sign-on: breaking the SAML-based single sign-on for google apps , 2008, FMSE '08.

[16]  Peng Ning,et al.  Computer Security - ESORICS 2009, 14th European Symposium on Research in Computer Security, Saint-Malo, France, September 21-23, 2009. Proceedings , 2009, ESORICS.

[17]  Michele Bugliesi,et al.  Language Based Secure Communication , 2008, 2008 21st IEEE Computer Security Foundations Symposium.

[18]  Gavin Lowe,et al.  Specifying Secure Transport Channels , 2008, 2008 21st IEEE Computer Security Foundations Symposium.

[19]  Joshua D. Guttman,et al.  Strand Spaces: Proving Security Protocols Correct , 1999, J. Comput. Secur..

[20]  Jan Jürjens,et al.  Verifying Cryptographic Code in C: Some Experience and the Csec Challenge , 2011, Formal Aspects in Security and Trust.

[21]  Gavin Lowe,et al.  Specifying and Modelling Secure Channels in Strand Spaces , 2009, Formal Aspects in Security and Trust.