近來，由於行動程式碼計算環境已經成為一個越來越受歡迎的系統開發技術，所以一些相關的安全性議題也開始逐漸的受到一些注意，尤其是在保護行動程式碼的部份。在這個範疇之下，如何確保我們行動程式碼中的每一道指令都能夠確實的被執行，而不會受到遠端的主機的欺騙是我們所要關心的問題。因此，在相關的研究中，Sender[29-32]提出一種加密函式運算的基本想法，Chen [5]再利用了此一概念開發了一個含有加密函式運算功能的行動代理人系統，而這個系統叫做JOBS。在JOBS中，行動代理人在每一次被派遣出去工作以前，可以動態的將其所攜帶的敏感函式加密，更進一步，遠端相對應的主機更可以針對此一加密過的函式加以運算，執行的動作就好像這個行動代理人沒有被修改過一樣。因此，在這樣的機制之下，行動程式碼等於是本身擁有了自防護的功能一樣，可以防止敏感性的執行邏輯被非法的窺探。
在本研究中，我們著眼在由Loureiro [17-20]所提出的一個建構在錯誤更正碼理論之上的函式加密方法。由於這個新函式加密方法的想法結合了McEliece公開金鑰加密系統[23]的想法，所以一些由這個系統所延伸出來的優點，例如擁有快速的加密和解密的流程，也自然的成為這個函式加密方法的好處。爲了去驗證這樣的加密機制是可行的，本研究整理了一些資訊編碼和錯誤更正碼的理論，進而實作了一個叫EEF-ECC的加密模組，並將之和JOBS的混亂器整合。最後，我們也針對這樣的加密機制和實作模組做了一些簡單的測試，並在本文中加以說明和介紹。

Recently, the mobile code computing becomes a more and more welcome system developing mechanism. Thus, the security issues attract much more concentration especially in the protection of mobile codes. One important concern is that how can we ensure all statements of the mobile codes are executed fairly without being cheated by the remote agent platform. In [29-32], Sender proposes a basic concept of evaluation of encrypted function, and the following Chen [5] implemented an EEF-drived mobile agent system called JOBS. In JOBS, mobile agent could be encrypted before dispatching out for its task. Further, the remote agent platform could evaluate this encrypted agent as well as it is not modified. Under this protecting technique, mobile codes have self protection abilities to prevent unauthorized access of the mobile codes.
In this thesis, we focus on the EEF mechanism based on the error correcting codes proposed by Loureiro [17-20]. Because this new thinking of EEF combines the encrypting concepts of McEliece public-key cryptosystem [23], some advantages such as efficiency encoding and decoding process are involving naturally. To verify such a protection scheme is practical, we studied the coding theory and error correcting codes to realize an EEF-ECC module embedded in the obfuscation engine of the JOBS. Finally, some simple module tests were adopted and detailed in the thesis.

1. Baldi, M., Gai, S., and Picco, G.P., (1997) “Exploiting Code Mobility in Decentralized and Flexible Network Management,” In Proceedings of the First International Workshop on Mobile Agents (MA97), Berlin, Germany.
2. Berlekamp, E.R., McEliece, R.J., and van Tilborg H.C., (1978) “On the in-herent intractability of certain coding problems,” IEEE Transactions on Information Theory, 24(3).
3. Carzaniga, A., Picco, G.P., and Vigna, G., (1997) “Designing Distributed Applications with Mobile Code Paradigms,” In Proceedings of 19th International Conference on Software Engineering, pp.3-6.
4. Canteaut, A., and Chabaud, F., (1998) “A new algorithm for finding minimum-weight words in a linear code: Application to McEliece''s cryptosystem and to narrow-sense BCH codes of length 511,” IEEE Transac-tions on Information Theory, 44(1):367-378.
5. Chen, Z.W.(2002): A Study of Protecting Mobile Code. Master Thesis, Department of Information Management of National Central University.
6. Chess, D., Harrison, C., and Kershenbaum, A., (1997) “Mobile agents: Are they a good idea? – update,” In Mobile Object Systems: Towards the Programmable Internet, pp.46–48.
7. Fonseca, S., Griss, M. (2001) and Letsinger, R., ”An Agent-Mediated E-Commerce Environment for the Mobile Shopper,” HP Laboratories Palo Alto, pp.1-4.
8. Gabidulin, E.M., Paramonov, A.V., and Tretjakov, O.V., (1991) “Ideals over a non-commutative ring and their application in cryptography,” In Advances in Cryptology—EUROCRYPT 91, volume 547 of Lecture Notes in Computer Science.
9. Gray, R.S., (1996) "Agent Tcl: A Flexible and Secure Mobile-Agent System," Proceedings of the Fourth Annual Tcl/Tk Workshop (TCL 96), pp.9-23.
10. Hill, R.(1986): A first Course in Coding Theory, Oxford, Clarendon Press New York : Oxford University Press.
11. Jansen, W.A., (2001) "Countermeasures for Mobile Agent Security," National Institute of Standards and Technology.
12. Karjoth, G., et al., (1997) “A Security Model For Aglets,” IEEE Internet Computing, July-Aug 1997.
13. Karnik, N.M., and Tripathi, A.R., (2000) “A Security Architecture for Mobile Agents in Ajanta,” Distributed Computing Systems, 2000.
14. Karnik, N. (1998): Security in Mobile Agent Systems. Ph.D. Dissertation, Department of Computer Science, University of Minnesota.
15. Lange, D., and Oshima, M. (1998): Programming and Deploying Java Mobile Agents with Aglets, Addison-Wesley.
16. Lange, D., and Oshima, M., (1999) “Seven good reasons for mobile agents,” Communications of the ACM, 42(3):88–89.
17. Loureiro, S., and Molva, R., (1999) “Privacy for Mobile Code,” In Proceedings of the Distributed Object Security Workshop - OOPSLA''99.
18. Loureiro, S., and Molva, R., (1999) “Function Hiding based on Error Correcting Codes,” In Manuel Blum and C. H. Lee, editors, Proceedings of Cryptec''99 - International Workshop on Cryptographic Techniques and Electronic Commerce.
19. Loureiro, S., Molva, R., and Roudier, Y., (2000) “Mobile Code Security,” In proceedings of ISYPAR 2000, Code Mobile, France.
20. Loureiro, S.( 2001): Mobile Code Protection. PhD thesis.
21. Lindholm, T., and Yellin, F. (2001): The JavaTM Virtual Machine Specification, Second Edition, Addison-Wesley.
22. McEliece, R., Berlekamp, E., and van Tilborg, H, (1978) “On the inherent intractability of certain coding problems,” IEEE Trans. Information Theory, IT-24(3):384–386.
23. McEliece. R., (1978) “A public-key cryptosystem based on algebraic coding theory,” In Jet Propulsion Lab. DSN Progress Report.
24. Meyer, J., and Downing, T., (2000): Java Virtual Machine. O’Reilly.
25. MacWilliams F.J., (1978): The Theory of Error Correcting Codes, North-Holland.
26. Necula, G., and Lee, P., (1996) "Safe Kernel Extensions Without Run-Time Checking," In Proceedings of the 2nd Symposium on Operating System Design and Implementation (OSDI ''96), pp.229-243..
27. Niederreiter, H., (2001) “Knapsack-type cryptosystems and algebraic coding theory,” In Probl. Contr. and Information Theory, vol. 15, pp.159-166, 1986.
28. Oaks, S. (2001): Java Security. 2nd edition, Addison-Wesley.
29. Sander, T., Young, A. and Yung, M., (1999) “Non-Interactive CryptoComputing for NC1,” In 40th IEEE Annual Symposium on Foundations of Computer Science, New York, NY, p.554-566.
30. Sander, T., and Tschudin, C.F., (1998) “Towards Mobile Cryptography,” In Proceedings of IEEE Symposium on Security and Privacy, Oakland and, California, pp.111-123.
31. Sander, T. and Tschudin, C.F., (1998) “On Software Protection Via Function Hiding,” In Proc. Of Information Hiding 98 Springer-Verlag. LNCS Vol.1525. pp.111-123.
32. Sander, T. and Tschudin, C.F., (1998) “Protecting Mobile Agents Against Malicious Hosts,” Mobile Agent Security, LNCS Vol.1419, Springer-Verlag, pp.44-60.
33. Sendrier, N., (1998) “On the concatenated structure of a linear code,” AAECC, 9(3):221-242.
34. Sendrier, N., (2000) “Finding the permutation between equivalent codes: the support splitting algorithm,” IEEE Transactions on Information Theory, 46(4):1193-1203.
35. Sidel''nikov, V.M., and. Shestakov. S.O., (1992) “On cryptosystem based on generalized Reed-Solomon codes”, Discrete mathematics in Russian, 4(3):57-63.
36. Tardo, J., and Valente, L., (1996) "Mobile Agent Security and Telescript," Proceedings of IEEE ( COMPCON ''96), Santa Clara, California, pp.58-63.
37. Wayne, J. and Karygiannis, T., (1999) “NIST Special Publication 800-819 – Mobile Agent Security,” National Institute of Standards and Technology.
38. Zachary, J., (2003) “Protecting Mobile Code in the Wild,” IEEE Computer Society.
39. MathWorld. http://mathworld.wolfram.com/
40. Ajanta, http://www.cs.umn.edu/Ajanta/
41. JADE, http://sharon.cselt.it/projects/jade/
42. JODE, http://jode.sourceforge.net/
43. Aglets Official Site. IBM Research Lab. in Tokyo.
<http://www.trl.ibm.com/aglets/index_e.htm>.
44. Jasmin Home Page. <http://cat.nyu.edu/~meyer/jasmin/>