A new approach for computation result protection in the mobile agent paradigm

One of the primary security challenges of the mobile agent paradigm is that of protecting the result of computation carried out by a mobile agent against an attack by a malicious host. There are various proposals that appeared in the literature. Beside their benefits, a well-known vulnerability of their technique is the collusion attack. The collusion attack mainly considered in this paper is the two colluders truncation attack, which could be engendered by the leakage of a one time private key. This paper demonstrates the prevention of the two colluders truncation attack, the detection of other forms of collusion attacks, and the identification of the malicious host. The proposed protocol incorporates and extends the notion of publicly verified chained signature (G. Karjoth, et al., 1998) by using a list of route information and a trusted third party to generate a one time public/private key pair.