The use of encrypted functions for mobile agent security

Mobile agent technology is a new paradigm of distributed computing that can replace the conventional client-server model. However, it has not become popular due to some problems such as security. The fact that computers have complete control over all the programs makes it very hard to protect mobile agents from untrusted hosts. In this paper we propose a security approach for mobile agents, which protect mobile agents from malicious hosts. Our new approach prevents privacy attacks and integrity attacks to mobile agents from malicious hosts. This approach is an extension of mobile cryptography, as proposed by Sander and Tschudin, and it removes many problems found in the original idea of mobile cryptography while preserving most of the benefits. Although the original idea of mobile cryptography allowed direct computations without decryptions on encrypted mobile agents, it did not provide any practical ways of implementation due to the fact that no homomorphic encryption schemes are found for their approach. Our approach provides a practical idea for implementing mobile cryptography by suggesting a hybrid method that mixes a function composition technique and a homomorphic encryption scheme that we have found. Like the original mobile cryptography, our approach will encrypt both code and data including state information in a way that enables direct computation on encrypted data without decryption.