Protecting Mobile Agents Against Malicious Hosts

Sander, Tomas; Tschudin, Christian F.

doi:10.1007/3-540-68671-1_4

Tomas Sander² &
Christian F. Tschudin²

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1419))

693 Accesses
252 Citations

Abstract

A key element of any mobile code based distributed system are the security mechanisms available to protect (a) the host against potentially hostile actions of a code fragment under execution and (b) the mobile code against tampering attempts by the executing host. Many techniques for the first problem (a) have been developed. The second problem (b) seems to be much harder: It is the general belief that computation privacy for mobile code cannot be provided without tamper resistant hardware. Furthermore it is doubted that an agent can keep a secret (e.g., a secret key to generate digital signatures). There is an error in reasoning in the arguments supporting these beliefs which we are going to point out.

In this paper we describe software-only approaches for providing computation privacy for mobile code in the important case that the mobile code fragment computes an algebraic circuit (a polynomial). We further describe an approach how a mobile agent can digitally sign his output securely.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

eBook: USD 16.99; Price excludes VAT (USA)

Softcover Book: USD 16.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

M. Abadi and J. Feigenbaum. Secure circuit evaluation. Journal of Cryptology, 2(1):1–12, 1990.
Article MathSciNet Google Scholar
J. Benaloh. Dense probabilistic encryption. In Proceedings of the Workshop on Selected Areas of Cryptography, pages 120–128, 1994.
Google Scholar
D. Chess, B. Grosof, C. Harrison, D. Levine, and C. Parris. Itinerant agents for mobile computing. Technical Report RC 20010, IBM, March 1995.
Google Scholar
Don Coppersmith, Jacques Stern, and Serge Vaudenay. Attacks on the birational permutation signature schemes. In Douglas R. Stinson, editor, Proceedings of CRYPTO’93, number 773 in LNCS, pages 435–443, 1993.
Google Scholar
Dave Dyer. Java decompilers compared. http://www.javaworld.com/javaworld/jw-07-1997/jw-07-decompilers.html, June 1997.
J. Feigenbaum and M. Merritt. Open questions, talk abstracts, and summary of discussions. DIMACS Series in Discrete Mathematics and Theoretical Computer Science, 2:1–45, 1991.
Google Scholar
Don Libes. Obfuscated C and other mysteries. Wiley, 1993.
Google Scholar
Richard Lipton and Tomas Sander. An additively homomorphic encryption scheme or how to introduce a partial trapdoor in the discrete log, November 1997. Submitted for publication.
Google Scholar
Catherine Meadows. Detecting attacks on mobile agents. In Proceedings of the DARPA workshop on foundations for secure mobile code, Monterey CA, USA, March 1997.
Google Scholar
David Naccache and Jacques Stern. A new public-key cryptosystem. In Advances in Cryptology-EUROCRYPT’97, LNCS, pages 27–36, 1997.
Google Scholar
Franco P. Preparata. Generation of near-optimal universal boolean functions. Journal of Computer and System Sciences, 4:93–102, 1970.
Article MathSciNet Google Scholar
Ronald L. Rivest, Len Adleman, and Michael L. Dertouzos. On data banks and privacy homomorphisms. In R. A. DeMillo, D. P. Dobkin, A. K. Jones, and R. J. Lipton, editors, Foundations of Secure Computation, pages 169–179. Academic Press, 1978.
Google Scholar
Adi Shamir. Efficient signature schemes based on birational permutations. In Douglas R. Stinson, editor, Proceedings of CRYPTO’93, number 773 in LNCS, pages 1–12, 1993.
Google Scholar
K. B. Sriram. Hashjava-a java applet obfuscator. http://www.sbktech.org/hashjava.html, July 1997.
Giovanni Vigna. Protecting mobile agents through tracing. In Proceedings of the Third ECOOP Workshop on Mobile Object Systems, Jyväskylä Finnland, June 1997.
Google Scholar
Joachim von zur Gathen and Gadiel Seroussi. Boolean circuits versus arithmetic circuits. Information and Computation, 91:142–154, 1991.
Article MathSciNet Google Scholar
Ingo Wegener. The Complexity of Boolean Functions. Eiley-Teubner, 1987.
Google Scholar
Bennet S. Yee. A sanctuary for mobile agents. In Proceedings of the DARPA workshop on foundations for secure mobile code, Monterey CA, USA, March 1997.
Google Scholar
Richard E. Zippel. Rational function decomposition. In Proceedings of the International Symposium on Symbolic and Algebraic Computation, pages 1–6. ACM Press, July 1991.
Google Scholar

Download references

Author information

Authors and Affiliations

International Computer Science Institute, 1947 Center Street, Berkeley, CA, 94704, USA
Tomas Sander & Christian F. Tschudin

Authors

Tomas Sander
View author publications
You can also search for this author in PubMed Google Scholar
Christian F. Tschudin
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Computer Science Department, University of California, Santa Barbara, CA, 93106-5110, USA
Giovanni Vigna

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Sander, T., Tschudin, C.F. (1998). Protecting Mobile Agents Against Malicious Hosts. In: Vigna, G. (eds) Mobile Agents and Security. Lecture Notes in Computer Science, vol 1419. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-68671-1_4

Download citation

DOI: https://doi.org/10.1007/3-540-68671-1_4
Published: 18 June 1998
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-64792-8
Online ISBN: 978-3-540-68671-2
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics