Research On The Key Issues Of Active Network's Security

Active Network allows users inject customized programs into remote node and deploy customized services dynamically, thus has better scalability. However, these traits also lead to serious security problems. This thesis focus on the solutions of the following security problems: (1) How to protect the mobile code from malicious host using pure software methods? (2) How to produce an undeniable mobile digital signature? (3) How to make the management of group key more easily in secure multicast? We attempt to resolve these problems using bran-new methods which are very different from that of traditional cryptography, and thus the concept of OOC (object oriented cryptography) is proposed. Most of our methods are based on notion of OOC.Firstly, we propose a secure computation model PICC (partly iterative crypto-computing) to support autonomous mobile agents to accomplish secure computation on untrusted hosts, and protect mobile agents from the attacks of malicious hosts. The basic tool in PICC is garbled circuit. The new algorithms on construction of garbled circuit and evaluation of garbled circuit are also designed for accomplishing the PICC. The PICC resolve the key issue of "protect mobile code from malicious host using pure software method" in the layer of Boolean circuit. The PICC makes it possible that mobile agent can move autonomously and fulfill the secure computation without interact with the agents' originator. We also analyze the security of PICC under classic attacks and give proofs on its security and correctness. The PICC may be applied to the mobile electronic commerce. And the traditional resistant hardware for protecting mobile codes may be replaced by PICC.Secondly, we analyze the current state-of-the-art of the schemes of mobile digital signature (MDS) and propose concept of OOC (object oriented cryptography). Based on OOC, two different formalized models are proposed for MDS. In which, the model A is based on method of Tomas Sander's undetachable signature, and the Model B is based on garbled circuit. Inaddition, the security and correlative properties of both models are analyzed.Thirdly, a novel scheme based on token is proposed to support flexible secure multicast in active networks for overcoming the difficulty of group multicast session key management in traditional network by utilizing the computing power of capsule. The main advantages of this scheme are lake of asymmetric key pair modification requirement when members leave the group. In addition, we illustrate how to deploy customized services dynamically in active networks.Fourthly, we programmed and accomplished a virtual machine of PICC (VMP) using Java to protect mobile codes. Although the functions of VMP are very simple, its computation power is very strong. For it has been proved that the computation power of Boolean circuit equals to that of Turing. So in theory, VMP can protect mobile codes which include any instructs from malicious host. VMP also can be used to accomplish some classical mobile agent cases such as "autonomous information collect agent", "autonomous ticket order agent" and "autonomous auction agent" etc.