5.5 Protecting Mobile Agents 179
agents that are able to compute functions securely even in an untrusted
environment. The general idea is to let an agency execute the mobile
agent carrying an encrypted function without knowing the original function.
Unfortunately, it can be shown that, so far, only basic mathematical func-
tions can be protected with this approach. The technique is not sophisticated
enough to be used in mobile agents in general. However, with the develop-
ment of enhancements to their approach, in the future, this technique might
work with mobile agents in a generalized setting.
The general scheme can be described as follows:
1. Alice has a mathematical function, f , and encrypts this function,
resulting in E(f ).
2. Alice sends the program P(E(f )) that executes E(f )toBob.
3. Bob executes P(E(f )) using input x.
4. Bob sends P(E(f ))(x) back to Alice.
5. Alice decrypts P(E(f ))(x) and obtains x.
This idea seems simple at a glance; however, it is difﬁcult to ﬁnd a suit-
able encryption function E, and until now, no such encryption function has
been developed. Sander and Tschudin [1998b] present a protocol that works
for polynomials over rings
Z/MZ with smooth integers M, where smooth
integers are those that consist only of small prime factors.
However, even if function f is encrypted and an agency has access only to
P(E(f )), this does not prevent the agency from undertaking so-called black-
box attacks. Here, the agency simply executes P(E(f )) several times to obtain
pairs of input and (encrypted) output of the underlying function f . Thus,
any algorithm that can be easily detected from such a table could be recon-
structed. As the authors point out, the only difﬁculty might be the size of the
table necessary for reconstructing f .
For a complete understanding of this approach, some basic knowledge in
algebra is necessar y, which is outside the scope of this book. The interested
reader is pointed to the available literature.
Time-Limited Black Boxes
The last approach results in an encrypted program that will be completely
protected against spying out code and data for the lifetime of an agent.