Abstract
Mobile agent technology has emerged as a promising paradigm for a number of applications. However, an autonomous agent running on hosts may suffer attacks if the hosts are malicious. Possible targets of attacks include the collected messages and agents' route message. In this paper, by using a novel cryptographic technique signcryption, a new protocol for protecting a mobile agent from malicious hosts is proposed. Due to the use of SL multi-signcryption scheme, our proposed protocol can efficiently provide message confidentiality, message integrity, user authentication and non-repudiation; at the same time, owing to using the domain-verifiable signcryption scheme, our protocol hides the route messages of the mobile agent in such a way that only the agent owner knows all hosts to be visited. Specifically, our protocol can detect tampering situations, and possibly identify the responsible hosts. This is very suitable for protecting a mobile agent from malicious hosts in the electronic commerce web site that searches the best price of the products.