DOI QR코드

DOI QR Code

Secure Mobile Agents in eCommerce with Forward-Secure Undetachable Digital Signatures

  • Shi, Yang (School of Software Engineering, Tongji University) ;
  • Zhao, Qinpei (School of Software Engineering, Tongji University) ;
  • Liu, Qin (School of Software Engineering, Tongji University)
  • Received : 2014.06.03
  • Accepted : 2015.03.19
  • Published : 2015.05.01

Abstract

We introduce the idea of a forward-secure undetachable digital signature (FS-UDS) in this paper, which enables mobile agents to generate undetachable digital signatures with forward security of the original signer's signing key. The definition and security notion of an FS-UDS scheme are given. Then, the construction of a concrete FS-UDS scheme is proposed; and the proof of security for the proposed scheme is also provided. In the proposed scheme, mobile agents need not carry the signing key when they generate digital signatures on behalf of the original signer, so the signing key will not be compromised. At the same time, the encrypted function is combined with the original signer's requirement; therefore, misuse of the signing algorithm can be prevented. Furthermore, in the case where a hacker has accessed the signing key of the original signer, he/she is not able to forge a signature for any time period prior to when the key was obtained.

Keywords

References

  1. D. Milojicic et al., "MASIF: The OMG Mobile Agent System Interoperability Facility," Personal Technol., vol. 2, no. 2, Feb. 1998, pp. 117-129. https://doi.org/10.1007/BF01324942
  2. S.H. von Solms, "Electronic Commerce with Secure Intelligent Trade Agents," Comput. Security, vol. 17, no. 5, May 1998, pp. 435-446. https://doi.org/10.1016/S0167-4048(98)00012-1
  3. Y.-F. Chung et al., "An Agent-Based English Auction Protocol Using Elliptic Curve Cryptosystem for Mobile Commerce," Expert Syst. Appl., vol. 38, no. 8, Aug. 2011, pp. 9900-9907. https://doi.org/10.1016/j.eswa.2011.02.039
  4. A.J.C. Trappey, C.V. Trappey, and F.T.L. Lin, "Automated Silicon Intellectual Property Trade Using Mobile Agent Technology," Robot. Comput.-Integr. Manuf., vol. 22, no. 3, July 2006, pp. 189-202. https://doi.org/10.1016/j.rcim.2005.03.003
  5. G. Wang, T.N. Wong, and X.H. Wang, "A Hybrid Multi-agent Negotiation Protocol Supporting Agent Mobility in Virtual Enterprises," Inf. Sci., vol. 282, no. 20, Oct. 2014, pp. 1-14. https://doi.org/10.1016/j.ins.2014.06.021
  6. T.C. Du, E.Y. Li, and E. Wei, "Mobile Agents for a Brokering Service in the Electronic Marketplace," Decision Support Syst., vol. 39, no. 3, May 2005, pp. 371-383. https://doi.org/10.1016/j.dss.2004.01.003
  7. A. Aloui, O. Zerdoumi, and O. Kazar, "Architecture for Mobile Business Based on Mobile Agent," Multimedia Comput. Syst., Tangier, Morocco, May 10-12, 2012, pp. 954-958.
  8. T.N. Wong and F. Fang, "A Multi-agent Protocol for Multilateral Negotiations in Supply Chain Management," Int. J. Production Res., vol. 48, no. 1, Jan. 2010, pp. 271-299. https://doi.org/10.1080/00207540802425393
  9. S. Knight, S. Buffett, and P.C.K. Hung, "The International Journal of Information Security Special Issue on Privacy, Security and Trust Technologies and E-Business Services - Guest Editors' Introduction," Int. J. Inf. Security, vol. 6, no. 5, Sept. 2007, pp. 285-286. https://doi.org/10.1007/s10207-007-0036-8
  10. Y. Jung et al., "A Survey of Security Issue in Multi-agent Systems," Artif. Intell. Rev., vol. 37, no. 3, Mar. 2012, pp. 239-260. https://doi.org/10.1007/s10462-011-9228-8
  11. F. Hohl, "Time Limited Blackbox Security: Protecting Mobile Agents from Malicious Hosts," in Mobile Agents Security, Berlin, Germany: Springer, 1998, pp. 92-113.
  12. T. Sander and C. Tschudin, "Protecting Mobile Agents against Malicious Hosts," in Mobile Agents Security, Berlin, Germany: Springer, 1998, pp. 44-60.
  13. P. Kotzanikolaou, M. Burmester, and V. Chrissikopoulos, "Secure Transactions with Mobile Agents in Hostile Environments," in Information Security Privacy, Berlin, Germany: Springer, 2000, pp. 289-297.
  14. S. Han, E. Chang, and T. Dillon, "Secure E-Transactions Using Mobile Agents with Agent Broker," Int. Conf. Services Syst. Services Manag., Chongqing, China, June 13-15, 2005, pp. 849-855.
  15. Y. Shi, L. Cao, and X. Wang, "A Security Scheme of Electronic Commerce for Mobile Agents Uses Undetachable Digital Signatures," Int. Conf. Inf. Security, Shanghai, China, Nov. 14-15, 2004, pp. 242-243.
  16. Y. Shi et al., "Secure Mobile Agents in Electronic Commerce by Using Undetachable Signatures from Pairings," Int. Conf. Electron. Business,Beijing, China, Dec. 5-9, 2004, pp. 1038-1043.
  17. B. Lee, H. Kim, and K. Kim, "Secure Mobile Agent Using Strong Non-designated Proxy Signature," in Information Security Privacy, Berlin, Germany: Springer, 2001, pp. 474-486.
  18. Y. Shi and G.Y. Xiong, "An Undetachable Threshold Digital Signature Scheme Based on Conic Curves," Appl. Math. Inf. Sci., vol. 7, no. 2, Mar. 2013, pp. 823-828. https://doi.org/10.12785/amis/070254
  19. J. Yu et al., "Forward-Secure Identity-Based Signature: Security Notions and Construction," Inf. Sci., vol. 181, no. 3, Feb. 2011, pp. 648-660. https://doi.org/10.1016/j.ins.2010.09.034
  20. Y.-C. Yu, T.-Y. Huang, and T.-W. Hou, "Forward Secure Digital Signature for Electronic Medical Records," J. Med. Syst., vol. 36, no. 2, Apr. 2012, pp. 399-406. https://doi.org/10.1007/s10916-010-9484-1
  21. C.-I. Fan, Y.-H. Lin, and R.-H. Hsu, "Complete EAP Method: User Efficient and Forward Secure Authentication Protocol for IEEE 802.11 Wireless LANs," IEEE Trans. Parallel Distrib. Syst., vol. 24, no. 4, Apr. 2013, pp. 672-680. https://doi.org/10.1109/TPDS.2012.164
  22. D. Boneh, B. Lynn, and H. Shacham, "Short Signatures from the Weil Pairing," J. Cryptology, vol. 17, no. 4, Sept. 2004, pp. 297-319. https://doi.org/10.1007/s00145-004-0314-9
  23. H. Krawczyk, "Simple Forward-Secure Signatures from Any Signature Scheme," ACM Conf. Comput. Commun. Security, Athens, Greece, Nov. 1-4, 2000, pp. 108-115.
  24. A. De Caro and V. Iovino, "JPBC: Java Pairing Based Cryptography," IEEE Symp. Comput. Commun., Kerkyra, Greece, June 28-July 1, 2011, pp. 850-855.

Cited by

  1. Secure user authentication based on the trusted platform for mobile devices vol.2016, pp.None, 2016, https://doi.org/10.1186/s13638-016-0729-7
  2. Key-Insulated Undetachable Digital Signature Scheme and Solution for Secure Mobile Agents in Electronic Commerce vol.2016, pp.None, 2015, https://doi.org/10.1155/2016/4375072
  3. Identity-based undetachable digital signature for mobile agents in electronic commerce vol.22, pp.20, 2015, https://doi.org/10.1007/s00500-018-3159-0