Joy Algesheimer, C. Cachin, J. Camenisch, G. Karjoth
{"title":"Cryptographic security for mobile code","authors":"Joy Algesheimer, C. Cachin, J. Camenisch, G. Karjoth","doi":"10.1109/SECPRI.2001.924283","DOIUrl":null,"url":null,"abstract":"We address the protection of mobile code against cheating and potentially malicious hosts. We point out that the recent approach based on computing with \"encrypted functions\" is limited to the case where only the code originator learns the result of the completion and the host running the code must not notice anything at all. We argue that if the host is to receive some output of the computation, then securing mobile code requires minimal trust in a third party. Tamper-proof hardware installed on each host has been proposed for this purpose. We introduce a new approach for securely executing (fragments of) mobile code that relies on a minimally trusted third party. This party is a generic independent entity, called the secure computation service, which performs some operations on behalf of the mobile application, but does not learn anything about the encrypted computation. Because it is universal, the secure computation service needs to be only minimally trusted and can serve many different applications. We present a protocol based on tools from theoretical cryptography that is quite practical for computing small functions.","PeriodicalId":20502,"journal":{"name":"Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001","volume":"6 1","pages":"2-11"},"PeriodicalIF":0.0000,"publicationDate":"2001-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"142","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SECPRI.2001.924283","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 142
Abstract
We address the protection of mobile code against cheating and potentially malicious hosts. We point out that the recent approach based on computing with "encrypted functions" is limited to the case where only the code originator learns the result of the completion and the host running the code must not notice anything at all. We argue that if the host is to receive some output of the computation, then securing mobile code requires minimal trust in a third party. Tamper-proof hardware installed on each host has been proposed for this purpose. We introduce a new approach for securely executing (fragments of) mobile code that relies on a minimally trusted third party. This party is a generic independent entity, called the secure computation service, which performs some operations on behalf of the mobile application, but does not learn anything about the encrypted computation. Because it is universal, the secure computation service needs to be only minimally trusted and can serve many different applications. We present a protocol based on tools from theoretical cryptography that is quite practical for computing small functions.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
