The construction of secure mobile agents via evaluating encrypted functions

We propose a security approach for mobile agents, which protects mobile agents from malicious hosts. Our new approach prevents privacy attacks and integrity attacks to mobile agents from malicious hosts. It is an extension of mobile cryptography that removes many problems found in the original ideas of mobile cryptography while preserving most of the benefits. Although the original idea of mobile cryptography allowed direct computations without decryptions on encrypted mobile agents, it did not provide any practical ways of implementation due to the fact that no homomorphic encryption schemes are found for their approach. Our approach provides a practical idea for implementing mobile cryptography by suggesting a hybrid method that mixes a function composition technique and a homomorphic encryption scheme that we have found. Like the original mobile cryptography, our approach will encrypt both code and data including state information in a way that enables direct computation on encrypted data without decryption. We believe that our approach is a viable and practical means to address security problems such as integrity and privacy attacks to mobile agents.

[1]  Munindar P. Singh,et al.  Agents on the Web: Mobile Agents , 1997, IEEE Internet Comput..

[2]  Christian F. Tschudin,et al.  Towards mobile cryptography , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[3]  E. Brickell,et al.  On privacy homomorphisms , 1987 .

[4]  Ronald L. Rivest,et al.  ON DATA BANKS AND PRIVACY HOMOMORPHISMS , 1978 .

[5]  Christian F. Tschudin,et al.  Protecting Mobile Agents Against Malicious Hosts , 1998, Mobile Agents and Security.

[6]  Alfred V. Aho,et al.  Compilers: Principles, Techniques, and Tools , 1986, Addison-Wesley series in computer science / World student series edition.

[7]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[8]  Vipin Swarup,et al.  Authentication for Mobile Agents , 1998, Mobile Agents and Security.

[9]  J. Ferrer A new privacy homomorphism and applications , 1996 .

[10]  Athanasios T. Karygiannis,et al.  SP 800-19. Mobile Agent Security , 1999 .

[11]  Niklas Borselius Mobile agent security , 2002 .

[12]  Jim Alves-Foss,et al.  Securing mobile agents through evaluation of encrypted functions , 2002 .

[13]  Christian F. Tschudin,et al.  On Software Protection via Function Hiding , 1998, Information Hiding.

[14]  Anand R. Tripathi,et al.  Security in mobile agent systems , 1998 .

[15]  Lars Rasmusson,et al.  Simulated social control for secure Internet commerce , 1996, NSPW '96.

[16]  Wayne A. Jansen,et al.  Countermeasures for mobile agent security , 2000, Comput. Commun..

[17]  Amitabha Das,et al.  A scalable and secure mobile agent based surrogate host system , 2001, Proceedings of IEEE Region 10 International Conference on Electrical and Electronic Technology. TENCON 2001 (Cat. No.01CH37239).

[18]  Bennet S. Yee A Sanctuary for Mobile Agents , 2001, Secure Internet Programming.

[19]  Bruce Schneier,et al.  Environmental Key Generation Towards Clueless Agents , 1998, Mobile Agents and Security.

[20]  Bennet S. Yee,et al.  Using Secure Coprocessors , 1994 .

[21]  Jim Alves-Foss,et al.  The use of encrypted functions for mobile agent security , 2004, 37th Annual Hawaii International Conference on System Sciences, 2004. Proceedings of the.

[22]  Richard Zippel,et al.  Rational function decomposition , 1991, ISSAC '91.