近來,由於行動程式碼計算環境已經成為一個越來越受歡迎的系統開發技術,所以一些相關的安全性議題也開始逐漸的受到一些注意,尤其是在保護行動程式碼的部份。在這個範疇之下,如何確保我們行動程式碼中的每一道指令都能夠確實的被執行,而不會受到遠端的主機的欺騙是我們所要關心的問題。因此,在相關的研究中,Sender[29-32]提出一種加密函式運算的基本想法,Chen [5]再利用了此一概念開發了一個含有加密函式運算功能的行動代理人系統,而這個系統叫做JOBS。在JOBS中,行動代理人在每一次被派遣出去工作以前,可以動態的將其所攜帶的敏感函式加密,更進一步,遠端相對應的主機更可以針對此一加密過的函式加以運算,執行的動作就好像這個行動代理人沒有被修改過一樣。因此,在這樣的機制之下,行動程式碼等於是本身擁有了自防護的功能一樣,可以防止敏感性的執行邏輯被非法的窺探。 在本研究中,我們著眼在由Loureiro [17-20]所提出的一個建構在錯誤更正碼理論之上的函式加密方法。由於這個新函式加密方法的想法結合了McEliece公開金鑰加密系統[23]的想法,所以一些由這個系統所延伸出來的優點,例如擁有快速的加密和解密的流程,也自然的成為這個函式加密方法的好處。爲了去驗證這樣的加密機制是可行的,本研究整理了一些資訊編碼和錯誤更正碼的理論,進而實作了一個叫EEF-ECC的加密模組,並將之和JOBS的混亂器整合。最後,我們也針對這樣的加密機制和實作模組做了一些簡單的測試,並在本文中加以說明和介紹。 Recently, the mobile code computing becomes a more and more welcome system developing mechanism. Thus, the security issues attract much more concentration especially in the protection of mobile codes. One important concern is that how can we ensure all statements of the mobile codes are executed fairly without being cheated by the remote agent platform. In [29-32], Sender proposes a basic concept of evaluation of encrypted function, and the following Chen [5] implemented an EEF-drived mobile agent system called JOBS. In JOBS, mobile agent could be encrypted before dispatching out for its task. Further, the remote agent platform could evaluate this encrypted agent as well as it is not modified. Under this protecting technique, mobile codes have self protection abilities to prevent unauthorized access of the mobile codes. In this thesis, we focus on the EEF mechanism based on the error correcting codes proposed by Loureiro [17-20]. Because this new thinking of EEF combines the encrypting concepts of McEliece public-key cryptosystem [23], some advantages such as efficiency encoding and decoding process are involving naturally. To verify such a protection scheme is practical, we studied the coding theory and error correcting codes to realize an EEF-ECC module embedded in the obfuscation engine of the JOBS. Finally, some simple module tests were adopted and detailed in the thesis.
