Abstract
To enable mobile agents signing securely on potentially malicious hosts in electronic commerce and other applications, we proposed the definition and security notion of identity-based undetachable digital signature schemes. More importantly, we proposed a concrete identity-based undetachable digital signature scheme with provable security. In the scheme, mobile agents need not carry the private key when they generate digital signatures on behalf of the original signer, so the private key will not be compromised. The encrypted function is combined with the original signer’s requirement, so misuse of the signing algorithm can be prevented. Moreover, because the scheme is identity-based, verification of the signatures generated by mobile agents does not require either verification of the entire certificate path or communication with the certification authority. Therefore, compared with existing undetachable signature schemes, the cost of verification is reduced and even the dependence on a stable network connection is weakened.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Aloui A, Zerdoumi O, Kazar O (2012) Architecture for mobile business based on mobile agent. In: 2012 International conference on paper presented at the multimedia computing and systems (ICMCS), 10–12 May 2012
Arène C, Lange T, Naehrig M, Ritzenthaler C (2011) Faster computation of the Tate pairing. J Number Theory 131:842–857. https://doi.org/10.1016/j.jnt.2010.05.013
Boneh D, Franklin M (2003) Identity-based encryption from the Weil pairing. SIAM J Comput 32:586–615. https://doi.org/10.1137/S0097539701398521
Busch C, Roth V, Meister R (1998) Perspectives on electronic commerce with mobile agents. In: Paper presented at the proceedings of XI amaldi conference on problems of global security, Moscow, Russia
Chung YF, Chen YT, Chen TL, Chen TS (2011) An agent-based English auction protocol using Elliptic Curve Cryptosystem for mobile commerce. Exp Syst Appl 38:9900–9907 https://doi.org/10.1016/j.eswa.2011.02.039
De Caro A, Iovino V (2011) jPBC: Java pairing based cryptography. In: 2011 IEEE symposium on paper presented at the computers and communications (ISCC), June 28 2011–July 1 2011
De Mulder Y, Roelse P, Preneel B (2013) Cryptanalysis of the Xiao—Lai White-Box AES Implementation. In: Paper presented at the selected areas in cryptography, 1 Jan 2013
Dodis Y, Katz J, Xu S, Yung M (2003) Strong key-insulated signature schemes. In: Paper presented at the public key cryptography—PKC 2003
Du TC, Li EY, Wei E (2005) Mobile agents for a brokering service in the electronic marketplace. Decis Support Syst 39:371–383. https://doi.org/10.1016/j.dss.2004.01.003
Esparza O, Munoz JL, Tomas-Buliart J, Soriano M (2011) An infrastructure for detecting and punishing malicious hosts using mobile agent watermarking. Wirel Commun Mob Com 11:1446–1462. https://doi.org/10.1002/Wcm.941
Farashahi RR, Fouque P-A, Shparlinski I, Tibouchi M, Voloch J (2013) Indifferentiable deterministic hashing to elliptic and hyperelliptic curves. Math Comput 82:491–512
Freeman DM, Satoh T (2011) Constructing pairing-friendly hyperelliptic curves using Weil restriction. J Number Theory 131:959–983. https://doi.org/10.1016/j.jnt.2010.06.003
Gopal PVSSN, Vasudeva Reddy P, Gowri T (2013) New identity based signature scheme using bilinear pairings over elliptic curves. In: 2013 IEEE 3rd International paper presented at the advance computing conference (IACC), 22–23 Feb 2013
Han S, Chang E, Dillon T (2005) Secure e-transactions using mobile agents with agent broker. In: Proceedings of paper presented at the 2005 international conference on services systems and services management, vol 1–2
Icart T (2009) How to hash into elliptic curves. In: Paper presented at the advances in cryptology-CRYPTO 2009
Jansen WA (2000) Countermeasures for mobile agent security. Comput Commun 23:1667–1676. https://doi.org/10.1016/S0140-3664(00)00253-X
Kawahara Y, Kobayashi T, Takahashi G, Takagi T (2011) Faster maptopoint on supersingular elliptic curves in characteristic 3. IEICE Trans Fundam Electron Commun Comput Sci 94:150–155
Kotzanikolaou P, Burmester M, Chrissikopoulos V (2000) Secure Transactions with Mobile Agents in Hostile Environments. In: Paper presented at the information security and privacy, 1 Jan 2000
Lauter K, Shang N (2013) Generating pairing-friendly parameters for the CM construction of genus 2 curves over prime fields. Des Codes Cryptogr 67:341–355. https://doi.org/10.1007/s10623-012-9611-8
Lee B, Kim H, Kim K (2001) Secure mobile agent using strong non-designated proxy signature. In: Proceedings of paper presented at the information security and privacy
Object Management Group (OMG) (1997) Mobile agent system interoperability facilities specification. http://www.omg.org
Pointcheval D, Stern J (1996) Security proofs for signature schemes. Adv Cryptol Eurocrypt ’96 1070:387–398
Pointcheval D, Stern J (2000) Security arguments for digital signatures and blind signatures. J Cryptol 13:361–396. https://doi.org/10.1007/s001450010003
Sander T, Tschudin C (1998) Protecting mobile agents against malicious hosts. In: Paper presented at the mobile agents and security, 1 Jan 1998
Shamir A (1985) Identity-based cryptosystems and signature schemes. In: Paper presented at the advances in cryptology
Shi Y, Cao L, Wang X (2004a) A security scheme of electronic commerce for mobile agents uses undetachable digital signatures. In: Paper presented at the Proceedings of the 3rd international conference on information security, 2004
Shi Y, Lin J, Zhang C (2011) A white-box encryption algorithm for computing with mobile agents. J Internet Technol 12:981–993
Shi Y, Wang XP, Cao LM, Ren JX (2004b) Secure mobile agents in electronic commerce by using undetachable signatures from pairings. In: Proceedings of 2004 paper presented at the shaping business strategy in a networked world, vol 1–2
Shi Y, Xiong GY (2013) An undetachable threshold digital signature scheme based on conic curves. Appl Math Inform Sci 7:823–828
Shi Y, Zhao Q, Liu Q (2015) Secure mobile agents in ecommerce with forward-secure undetachable digital signatures. ETRI J 37:573–583. https://doi.org/10.4218/etrij.15.0114.0657
Singh R, Dave M (2013) Antecedence graph approach to checkpointing for fault tolerance in mobile agent systems. IEEE Trans Comput 62:247–258. https://doi.org/10.1109/Tc.2011.235
Steinwandt R, Corona AS (2012) Identity-based non-interactive key distribution with forward security. Des Code Cryptogr 64:195–208. https://doi.org/10.1007/s10623-011-9486-0
TaeChan K, Sungwook K, Jung Hee C (2013) On the final exponentiation in tate pairing computations information theory. IEEE Trans Inform Theory 59:4033–4041. https://doi.org/10.1109/TIT.2013.2240763
Tariq MA, Koldehofe B, Rothermel K (2014) Securing broker-less publish/subscribe systems using identity-based encryption. IEEE Trans Parall Distrib 25:518–528. https://doi.org/10.1109/Tpds.2013.256
Trappey AJC, Trappey CV, Lin FTL (2006) Automated silicon intellectual property trade using mobile agent technology. Robot Comput Integr Manuf 22:189–202. https://doi.org/10.1016/j.rcim.2005.03.003
Wang G, Wong TN, Wang XH (2014) A hybrid multi-agent negotiation protocol supporting agent mobility in virtual enterprises. Inform Sci 282:1–14. https://doi.org/10.1016/j.ins.2014.06.021
Wong TN, Fang F (2010) A multi-agent protocol for multilateral negotiations in supply chain management. Int J Prod Res 48:271–299. https://doi.org/10.1080/00207540802425393
Wyseur B (2009) White-box cryptography. PhD Dissertation, Katholieke Universiteit Leuven, B. Preneel (promotor)
Acknowledgements
This work was supported by the National Natural Science Foundation of China (Nos. 61772371, 61702372, 61202382, 61503286) and the Fundamental Research Funds for the Central Universities.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Additional information
Communicated by V. Loia.
Rights and permissions
About this article
Cite this article
Shi, Y., Han, J., Li, J. et al. Identity-based undetachable digital signature for mobile agents in electronic commerce. Soft Comput 22, 6921–6935 (2018). https://doi.org/10.1007/s00500-018-3159-0
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00500-018-3159-0