Abstract
Forward integrity is an important mobile agent security property. Forward integrity in mobile agents guarantees that results contained in a mobile agent from previously visited servers cannot be changed by a malicious server. Many mobile agent forward integrity protocols are based on a protocol family proposed by Karjoth et al.. This paper identifies a “colluding servers” attack on these protocols where two (or more) visited servers can conspire to modify the existing collected data from other servers. We propose an improved Karjoth protocol by applying split-knowledge when constructing digital signatures, which can defend against the colluding servers attack.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bellare, M., Yee, B.S.: Forward Integrity for Secure Audit Logs. Technical report. Computer Science and Engineering Department, University of California. San Diego, USA (1995)
Cheng, J.S.L., Wei, V.K.: Defenses against the Truncation of Computation Results of Free-Roaming Agents. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 1–12. Springer, Heidelberg (2002)
ElGamal, T.: A Public-Key Cryptosystem and a Signature Scheme based on Discrete Logarithms. IEEE Transactions on Information Theory 31(4), 469–472 (1985)
Karjoth, G., Asokan, N., Gülcü, C.: Protecting the Computation Results of Free- Roaming Agents. In: Rothermel, K., Hohl, F. (eds.) MA 1998. LNCS, vol. 1477, pp. 195–207. Springer, Heidelberg (1998)
Maggi, P., Sisto, R.: A Configurable Mobile Agent Data Protection Protocol. In: Proceedings of the 2nd International Conference on Autonomous Agents and Multiagent Systems (AAMAS 2003), Melbourne, Australia, pp. 851–858. ACM Press, New York (2003)
Menezes, A., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography. CRC Press Inc., Boca Raton (1996)
Roth, V.: On the Robustness of some Cryptographic Protocols for Mobile Agent Protection. In: Picco, G.P. (ed.) MA 2001. LNCS, vol. 2240, pp. 1–14. Springer, Heidelberg (2001)
Roth, V.: Programming Satan’s agents. In: Fischer, K., Hutter, D. (eds.) Proceedings of 1st International Workshop on Secure Mobile Multi-Agent Systems (SEMAS 2001). Electronic Notes in Theoretical Computer Science, vol. 63, Elsevier Science Publishers, Amsterdam (2002)
Roth, V.: Empowering Mobile Software Agents. In: Suri, N. (ed.) MA 2002. LNCS, vol. 2535, pp. 47–63. Springer, Heidelberg (2002)
Yee, B.S.: A Sanctuary for Mobile Agents. In: Vitek, J. (ed.) Secure Internet Programming. LNCS, vol. 1603, pp. 261–273. Springer, Heidelberg (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Yao, M., Foo, E., Peng, K., Dawson, E. (2004). An Improved Forward Integrity Protocol for Mobile Agents. In: Chae, KJ., Yung, M. (eds) Information Security Applications. WISA 2003. Lecture Notes in Computer Science, vol 2908. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24591-9_21
Download citation
DOI: https://doi.org/10.1007/978-3-540-24591-9_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20827-3
Online ISBN: 978-3-540-24591-9
eBook Packages: Springer Book Archive