Abstract
Mobile agents are believed to be playing an important role in future e-commerce systems, offering great flexibility and improved per- formance. Yet, their adoption is largely hampered by the new security issues they raise. Among them, the most difficult to solve is the issue of protecting mobile agents against malicious hosts. While no known general solution to this problem exists, solutions providing effective protection against specific threats from malicious hosts are possible. In this paper, we propose a secure payment protocol using mobile agents that protects the confidentiality of sensitive payment information from spying by mali- cious agents. The protocol makes use of Shamir's secret sharing scheme. The security properties of the protocol are proven, and an analysis of its message complexity is provided.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
D. Chaum. Blind signature for untraceable payments. In Proceedings of Crypto'82, Plenum,NY, 1982.
D. M. Chess. Security issues in mobile code. G. Vigna(Ed), Mobile agent and security, Lecture notes in Computer Science 1419, springer,Berlin, 1998.
E. Dawson and D. Donovan. Shamir’s scheme say it all. Computer & Security(A-37) E.G. Dougall(Editor) Elsevier Science Publishers B.V.(North-Holland), 1993.
Y. Tsiounis G. Davida, Y. Frankel and M. Yung. Anonymity control in e-cash systems. In Proc. Financial Cryptography Workshop, pages 1–16, February 1997.
Fritz Hohl. Time limited blackbox security: Protecting mobile agents from malicious hosts. Mobile agent and security, Lecture notes in Computer Science 1419, springer, Berlin, 1998.
T. Sander and C. Tschudin. Towards mobile cryptography. Technical Report TR-97-049, International Computer Science Institute, Berkeley, November 1997.
A. Shamir. How to share a secret. Communications of the ACM, 22, November 1979.
V. Swarup W. Farmer, J. Guttmann. Security for mobile agents: Issues and require-ments. In Proceedings of the National Information Systems Security Conference,1996.
Digicash website. http://www.digicash.com.
J. Zhou and D. Gollmann. A fair non-repudiation protocol. In Proceedings of 1996 IEEE Symposium on Security and privacy, Oakland, CA, May 1996.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Das, A., Gongxuan, Y. (2001). A Secure Payment Protocol Using Mobile Agents in an Untrusted Host Environment. In: Kou, W., Yesha, Y., Tan, C.J. (eds) Electronic Commerce Technologies. ISEC 2001. Lecture Notes in Computer Science, vol 2040. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45415-2_3
Download citation
DOI: https://doi.org/10.1007/3-540-45415-2_3
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-41963-1
Online ISBN: 978-3-540-45415-1
eBook Packages: Springer Book Archive