A Fast Data Protection Technique for Mobile Agents to Avoid Attacks in Malicious Hosts
-
Upload
emmanuel-ramos -
Category
Documents
-
view
21 -
download
1
description
Transcript of A Fast Data Protection Technique for Mobile Agents to Avoid Attacks in Malicious Hosts
A Fast Data Protection Technique for
Mobile Agents to Avoid Attacks in Malicious Hosts
Jesús Arturo Pérez DíazDarío Álvarez Gutiérrez
Department of Informatics University of Oviedo
Oviedo, Asturias, Spain
Presenter: Chin-chi Lo
Outline
A Secure Mobile Agent SystemTraditional TechniquesEncryption Algorithm using Bitmaps & XORLimitations & Conclusion
A Secure Mobile Agent System
Protection of the agent system against attacks from mobile agents.Protection of the agent against agents.Protection of information transmission between agent servers against unauthorized third parties.Protection of the agent against malicious agent systems.
Traditional Techniques
Public key cryptographyDigital SignaturesImplementing Secure Channel Ex: SSL, TLS
All of the above are too complex and almost unfeasible in terms of performance.
Data Encryption using Bitmaps & the XOR Operation
BitmapsA random number expressed as a
bitmap in a row of a matrix carried by an agent and known only to the source server.
XORApplying XOR operation between data
and a random number.
Data Area of the Mobile Agent
Fields
HostID: identifier of a server.
CW: “codeword”, used to rotate the data before applying the encryption function.
CRC: verifying if the data is altered. The initial value is binary 0’s.
Encryption Algorithm
1. The remote server creates a record with the same fields.
2. The host ID, data to be encrypted in 128-bit blocks form and a generated random CW are put into the record.
3. is rotated to the left ,where
ri
ri
ri lff
FhCWl ri 07&
rif
Encryption Algorithm (Cont.)
4. Before applying the (3.), the CW is rotated to the right.(7 most-significant bits of CW)
Thus, each is not always the same.
FhCWmmCWCW ri
ri 07&7,
ril
Encryption Algorithm (Cont.)
5. The original CW is restored into the corresponding field of the register in order to retrieve the original information using the inverse algorithm in the source server.
6. Computing CRC.7. The corresponding original bitmap is
XOR’ed with generated data.8. The counter indicating the number of
lines used in the matrix is incremented.
Limitations of the Method
Does not prevent the possible alternation of data from malicious hostsThe current server could see and copy the still available rows .The two cooperating malicious servers.There is a fixed maximum number of data that can be protected.
Conclusion
That is a trade-off between performance and security.