Abstract:
Mobile agents are useful in collaborative business systems due to their mobility and autonomy, which can roam over the Internet to purchase goods and services on behalf o...Show MoreMetadata
Abstract:
Mobile agents are useful in collaborative business systems due to their mobility and autonomy, which can roam over the Internet to purchase goods and services on behalf of their owners. However, given attacks from a malicious host, it is a challenge to securely sign a contract on behalf of the owner (the original signer). In this paper, we propose an intrusion-resilient undetachable digital signature (IR-UDS) approach to mitigate the security risk of signing key leakage on the signer's host, base device, and potentially malicious remote hosts, as well as the risk of misusing the signing algorithm on remote hosts. An attacker will be unable to forge the past and future signatures as long as the base device is secure, even if the current signing key of the original signer has been gained. When the base device is compromised, although the future signatures could be forged, all past signatures remain secure. Furthermore, the encrypted signing function has been combined with the original signer's requirement to prevent the misuse of signing algorithm and the exposure of original signing key on malicious hosts. Security analysis has indicated that our scheme can defeat a variety of attacks, and experimental evaluations have demonstrated the good performance of the scheme.
Published in: 2018 IEEE 22nd International Conference on Computer Supported Cooperative Work in Design ((CSCWD))
Date of Conference: 09-11 May 2018
Date Added to IEEE Xplore: 16 September 2018
ISBN Information: