Secure Mobile Agent Using Strong Non-designated Proxy Signature

It is expected that mobile agent will be widely used for electronic commerce as an important key technology. If a mobile agent can sign a message in a remote server on behalf of a customer without exposingh is/her private key, it can be used not only to search for special products or services, but also to make a contract with a remote server. To construct mobile agents, [KBC00] used an RSA-based undetachable signature scheme, but it does not provide server's non-repudiation because the undetachable signature does not contain server's signature.Mobile agent is a very good application example of proxy signature, and the undetachable signature can be considered as an example of proxy signature. In this paper we show that secure mobile agent can be constructed using strong non-designated proxy signature [LKK01] which represents both the original signer's (customer) and the proxy signer's (remote server) signatures. We provide RSA-based and Schnorr-based constructions of secure mobile agent, and moreover we show that the Schnorr-based scheme can be used very efficiently in multi-proxy mobile agent situation.

[1]  Jacobus E. van der Merwe,et al.  Electronic commerce with secure intelligent trade agent , 1997, ICICS.

[2]  P. KOTZANIKOLAOU Mobile Agents for Secure Electronic Transactions , .

[3]  Sebastiaan H. von Solms,et al.  Refereed paper: Electronic commerce with secure intelligent trade agents , 1998 .

[4]  Patrick Horster,et al.  Self-certified keys — Concepts and Applications , 1997 .

[5]  Sergio Loureiro,et al.  Privacy for mobile code , 1999 .

[6]  Guoqiang Bai,et al.  Proxy multi-signature scheme: a new type of proxy signature scheme , 2000 .

[7]  M. Mambo,et al.  Proxy Signatures: Delegation of the Power to Sign Messages (Special Section on Information Theory and Its Applications) , 1996 .

[8]  Panayiotis Kotzanikolaou,et al.  Secure Transactions with Mobile Agents in Hostile Environments , 2000, ACISP.

[9]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[10]  Dongho Won,et al.  Proxy signatures, Revisited , 1997, ICICS.

[11]  Byoungcheon Lee,et al.  Strong Proxy Signature and its Applications , 2000 .

[12]  Jacques Stern,et al.  Security Proofs for Signature Schemes , 1996, EUROCRYPT.

[13]  Christian F. Tschudin,et al.  Protecting Mobile Agents Against Malicious Hosts , 1998, Mobile Agents and Security.

[14]  Joonsang Baek,et al.  Secret Computation with Secrets for Mobile Agent using One-time Proxy Signature , 2001 .

[15]  William M. Farmer,et al.  Security for Mobile Agents: Authentication and State Appraisal , 1996, ESORICS.

[16]  Wayne A. Jansen,et al.  Mobile Agent Security , 1999 .