Performance evaluation of data integrity mechanisms for mobile agents

A primary security challenge of the mobile agent paradigm is that of protecting the data carried by a mobile agent. With the growing popularity of e-commerce applications that use software agents, the protection of mobile agent data has become imperative. To that end, we evaluate the performance of four methods that protect the data integrity of mobile agents. While some techniques have been proposed in the literature, there has previously been no experimental study comparing the various alternatives. The set of integrity mechanisms that we investigate includes existing approaches known as the Partial Result Authentication Codes (PRACs), Hash Chaining, and Set Authentication Code methods, as well as a technique of our own design, which we refer to as the Modified Set Authentication Code method. The Modified Set Authentication Code method addresses several limitations of the Set Authentication Code method. The performance experiments were run using the DADS mobile agent system, for which we designed a Data Integrity Module. The experimental results showed that our Modified Set Authentication Code technique performed comparably to the Set Authentication Code method, showing some improvement in the key generation times and agent size. In this paper, we compare the trade-offs between security features and performance for all four methods and identify the niche that each technique could fill.