Browse > Article

Mobile Code Authentication Schemes that Permit Overlapping of Execution and Downloading  

Park Yongsu (한양대학교 정보통신대학)
Cho Yookun (서울대학교 전기컴퓨터공학부)
Publication Information
Journal of KIISE:Computer Systems and Theory / v.32, no.3, 2005 , pp. 115-124 More about this Journal
Abstract
When the application code is downloaded into the mobile device, it is important to provide authentication. Usually, mobile code execution is overlapped with downloading to reduce transfer delay. To the best of our knowledge, there has not been any algorithm to authenticate the mobile code in this environment. In this paper, we present two efficient code authentication schemes that permit overlapping of execution and downloading under the two cases: the first is when the order of transmission of code chunks is determined before the transmission and the second is when this order is determined during the transmission. The proposed methods are based on hash chaining and authentication trees, respectively. Especially, the latter scheme utilizes previously received authentication informations to verify the currently received chunk, which reduces both communication overhead and verification delay. When the application code consists of n chunks, communication overheads of the both schemes are 0(n) and verification delays of these two schemes are O(1) and O(log n), respectively.
Keywords
security; authentication protocol; mobile code;
Citations & Related Records
연도 인용수 순위
  • Reference
1 R. C. Merkle, 'A Certified Digital Signature,' In CRYPTO'89, pp. 218-238, 1989
2 R. Gennaro and P. Rohatgi, 'How to Sign Digital Streams,' In CRYPTO'97, pp. 180-197, 1997
3 C. Krintz, B. Calder, and U. Holzle, 'Reducing Transfer Delay Using Java Class File Splitting and Prefetching,' In Proceedings of the 1999 ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languates, and Applications, pp. 276-291, 1999   DOI
4 C. Krintz, B. Calder, H. B. Lee, and B. G. Zorn, 'Overlapping Execution with Transfer Using Non-Strict Execution for Mobile Programs,' In Proceedings of the 8th International Conference on Architectural Support for Programming Languages and Operating Systems, pp. 159-169, 1998   DOI
5 S. Bergel, 'US Wireless Carriers Bullish on BREW,' Asia BizTech, May 2, 2003
6 KTF, '위피 상용 서비스 계획', available at http://www.etnews.co.kr/news/detail.html?id=200310150022, 2003
7 T. Gamou, 'A Working-Set Approach to Reduce the Download-Execution Time of Mobile Programs,' In Proceedings of the 22nd International Conference on Distributed Computing Systems, 2002, pp. 239-248, 2002   DOI
8 G. McGraw and E. Felten, Securing Java: Getting Down to Business with Mobile Code, John Wiley & Sons, Inc., 1999
9 D. Lee, J. -L. Baer, B. Bershad, and T. Anderson, 'Reducing Startup Latency in Web and Desktop Applications,' In Proceedings of the 3rd USENIX Windows NT Symposium, pp. 165-174, 1999
10 E. G. Sirer, A. J. Gregory, and B. N. Bershad, 'A Practical Approach for Improving Startup Latency in Java Applications,' In Workshop on Compiler Support for System Software, pp. 47-55, 1999
11 K. Fu, M. Frans Kaashoek, and D. Mazieres, 'Fast and secure distributed Read-only file system,' in USENIX OSDI'00, pp. 1-24, 2000   DOI   ScienceOn
12 M. Roe, 'Performance of Protocols,' In Security Protocols Workshop, LNCS vol. 1796, pp. 140-146, 1999
13 W. Dai, 'Cypto++ 5.1 Benchmarks,' available at http://www.eskimo.com/-weidai/benchmarks.html, 2003
14 S. Goldwasser, S. Micali, and R. L. Rivest, 'A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks,' SIAM Journal of Computing, Vol. 17, Issue 2, pp. 281-308, 1998   DOI   ScienceOn
15 Y. Park, T. Jung, and Y. Cho., 'An Efficient Stream Authentication Scheme using Tree Chaining,' Information Processing Letters, Vol. 86, No. 1, pp. 1-8, 2003   DOI   ScienceOn
16 A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone, Handbook of Applied Cryptography, CRC Press, 1997
17 N. Barie and B. Pfitzmann, 'Collision-Free Accumulators and Fail-Stop Signature Schemes Without Trees,' in CRYPTO'97, pp. 480-494, 1997   DOI
18 P. Devanbu, M. Gertz, A. Kwong, C. Martel, G. Nuckolls, and S. B. Stubblebine, 'Flexible Authentication Of XML documents,' in ACM CCS'00, pp. 136-145, 2000   DOI