Analysing Applications Layered on Unilaterally Authenticating Protocols
There are many approaches to proving the correctness of application-layer protocols that are layered on secure transport protocols, such as TLS. One popular approach is verification by abstraction, in which the correctness of the application-layer protocol is proven under the assumption that the transport layer satisfies certain properties. Following this approach, we adapt the strand spaces model in order to analyse application-layer protocols that depend on unilaterally authenticating secure transport protocols, such as unilateral TLS. We develop proof rules that enable us to prove the correctness of application-layer protocols that use either unilateral or bilateral secure transport protocols, and illustrate them by proving the correctness of WebAuth, a single-sign-on protocol that makes extensive use of unilateral TLS.