Open Collections

Abstract

In recent years, as multi-agent systems have rapidly expanded in open environments, trustworthy communication between agents has become a critical component of artificial intelligence infrastructure. Existing protocols face inherent trade-offs between security, interoperability, and decentralization: lightweight protocols rely on external trust assumptions and struggle to resist protocol-layer attacks; highly secure protocols feature complex structures that compromise practical usability. Constrained by this `agency communication trilemma', mainstream protocols generally lack native defenses against threats like registration spoofing, context tampering, and message replay under zero-trust conditions. Addressing this issue, this study uses Google's Agent-to-Agent (A2A) protocol as a case study to explore whether lightweight protocols can achieve native protocol-layer security while maintaining simplicity. The thesis first compares the security architectures of six representative protocols and identifies seven common protocol-layer threats across frameworks. Subsequently, it reverse-refines a minimal set of cryptographic primitives suitable for lightweight integration from threat analysis. These include signature verification based on decentralized identifiers (DIDs), nonce replay protection and context/historical integrity provided by chained and cumulative hashes. Although all of them are well-known and widely used in blockchain, this thesis is the first to show how they can be integrated into the A2A protocol without altering its original structure, embedding them directly into the message layer to strengthen communication security. Building on this enhanced design, the thesis develops a reproducible prototype and validates its effectiveness through simulated attack scenarios. Results demonstrate that the improved A2A effectively defends against major protocol-layer threats in zero-trust environments while preserving its original lightweight and interoperability advantages. This research provides a practical path for lightweight agent communication protocols that balance security and usability, laying the foundation for future trusted collaboration across cross-organizational, multi-domain agent ecosystems.