When mobile agents do comparison shopping for their owners, they are subject to attacks of malicious hosts executing them. We present two kinds of protocols that protect the computation results established by free-roaming mobile agents. They enable the owner of the agent to detect after return whether a visited host has maliciously altered the state of the agent. In an environment without public-key infrastructure, a protocol based only on a secret hash chain achieves strong forward integrity and data confidentiality. Adding a chain of user-generated certificates for verification functions, forward integrity becomes publicly verifiable. With public key-based digital signatures, the strongest protocol additionally guarantees non-repudiability.
By: G. Karjoth, N. Asokan, C. Gülcü
Published in: Mobile Agents, ed. by K. Rothermel and F. Hohl. , Heidelberg, Springer-Verlag, vol.1477, p.195-206 in 1998
Please obtain a copy of this paper from your local library. IBM cannot distribute this paper externally.
Questions about this service can be mailed to reports@us.ibm.com .