Table of Contents Author Guidelines Submit a Manuscript
Mobile Information Systems
Volume 2015 (2015), Article ID 901418, 12 pages
Research Article

Secure Mobile Agent from Leakage-Resilient Proxy Signatures

Fei Tang,1,2 Hongda Li,1,2 Qihua Niu,1,2 and Bei Liang1,2

1The Data Assurance and Communication Security Research Center, Chinese Academy of Sciences, No. 89 Minzhuang Road, Haidian District, Beijing 100093, China
2State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, No. 89 Minzhuang Road, Haidian District, Beijing 100093, China

Received 27 February 2014; Accepted 3 March 2014

Academic Editor: David Taniar

Copyright © 2015 Fei Tang et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.


A mobile agent can sign a message in a remote server on behalf of a customer without exposing its secret key; it can be used not only to search for special products or services, but also to make a contract with a remote server. Hence a mobile agent system can be used for electronic commerce as an important key technology. In order to realize such a system, Lee et al. showed that a secure mobile agent can be constructed using proxy signatures. Intuitively, a proxy signature permits an entity (delegator) to delegate its signing right to another entity (proxy) to sign some specified messages on behalf of the delegator. However, the proxy signatures are often used in scenarios where the signing is done in an insecure environment, for example, the remote server of a mobile agent system. In such setting, an adversary could launch side-channel attacks to exploit some leakage information about the proxy key or even other secret states. The proxy signatures which are secure in the traditional security models obviously cannot provide such security. Based on this consideration, in this paper, we design a leakage-resilient proxy signature scheme for the secure mobile agent systems.