Abstract
Mobile agent security is still a young discipline and most naturally, the focus up to the time of writing was on inventing new cryptographic protocols for securing various aspects of mobile agents. However, past experience shows that protocols can be flawed, and flaws in protocols can remain unnoticed for a long period of time. The game of breaking and fixing protocols is a necessary evolutionary process that leads to a better understanding of the underlying problems and ultimately to more robust and secure systems. Although, to the best of our knowledge, little work has been published on breaking protocols for mobile agents, it is inconceivable that the multitude of protocols proposed so far are all flawless. As it turns out, the opposite is true. We identify flaws in protocols proposed by Corradi et al., Karjoth et al., and Karnik et al., including protocols based on secure co-processors.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
R. Anderson and R. Needham, “Programming Satan’s computer,” in Computer Science Today, vol. 1000 of Lecture Notes in Computer Science, pp. 426–441, Springer Verlag, 1995.
M. Abadi and R. Needham, “Prudent engineering practice for cryptographic protocols,” SRC Research Report 125, Digital Equipment Corporation, June 1994.
N. M. Karnik and A. R. Tripathi, “Security in the Ajanta mobile agent system,” Technical Report TR-5-99, University of Minnesota, Minneapolis, MN 55455, U. S. A., May 1999.
A. Corradi, R. Montanari, and C. Stefanelli, “Mobile agents protection in the Internet environment,” in The 23rd Annual International Computer Software and Applications Conference (COMPSAC’ 99), pp. 80–85, 1999.
G. Karjoth, N. Asokan, and C. Gülcü, “Protecting the computation results of free-roaming agents,” in Proceedings of the Second InternationalWorkshop on Mobile Agents (MA’ 98) (K. Rothermel and F. Hohl, eds.), vol. 1477 of Lecture Notes in Computer Science, pp. 195–207, Berlin Heidelberg: Springer Verlag, September 1998.
G. Karjoth, “Secure mobile agent-based merchant brokering in distributed marketplaces,” in Proc. ASA/MA 2000 (D. Kotz and F. Mattern, eds.), vol. 1882 of Lecture Notes in Computer Science, pp. 44–56, Berlin Heidelberg: Springer Verlag, 2000.
A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone, Handbook of Applied Cryptography. Discrete Mathematics and its Applications, NewYork: CRC Press, 1996. ISBN 0-8493-8523-7.
V. Roth and V. Conan, “Encrypting Java Archives and its application to mobile agent security,” in Agent Mediated Electronic Commerce: A European Perspective (F. Dignum and C. Sierra, eds.), vol. 1991 of Lecture Notes in Artifical Intelligence, pp. 232–244, Berlin: Springer Verlag, 2001.
B. S. Yee, “A sanctuary for mobile agents,” in Secure Internet Programming, vol. 1603 of Lecture Notes in Computer Science, pp. 261–273, NewYork, NY, USA: Springer-Verlag Inc., 1999.
W. M. Farmer, J. D. Guttman, and V. Swarup, “Security for mobile agents: Issues and requirements,” in Proceedings of the National Information Systems Security Conference (NISSC 96), pp. 591–597, October 1996.
V. Roth, “Programming Satan’s agents,” in 1st International Workshop on Secure Mobile Multi-Agent Systems, (Montreal, Canada), 2001.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Roth, V. (2001). On the Robustness of Some Cryptographic Protocols for Mobile Agent Protection. In: Picco, G.P. (eds) Mobile Agents. MA 2001. Lecture Notes in Computer Science, vol 2240. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45647-3_1
Download citation
DOI: https://doi.org/10.1007/3-540-45647-3_1
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42952-4
Online ISBN: 978-3-540-45647-6
eBook Packages: Springer Book Archive