A2A Research Digest — 2026/03/15: Security Analysis and Protocol Comparison
Paper 1: Survey of Agent Interoperability Protocols
Title: A Survey of Agent Interoperability Protocols: MCP, ACP, A2A, and ANP
Authors: Abul Ehtesham, Aditi Singh, Gaurav Kumar Gupta, Saket Kumar
Date: May 2025 (arXiv:2505.02279)
Core Contributions
- First comprehensive survey comparing four major agent interoperability protocols
- Detailed analysis of MCP, ACP, A2A, and ANP across multiple dimensions
- Phased adoption roadmap for enterprises transitioning to agentic workflows
- Security model comparison across all four protocols
- Discovery mechanisms analysis - from centralized to decentralized approaches
Technical Summary
The survey examines how LLM-powered autonomous agents can integrate tools, share context, and coordinate tasks across heterogeneous systems. Each protocol addresses interoperability differently:
- MCP: JSON-RPC client-server interface for secure tool invocation
- ACP: RESTful HTTP with MIME-typed multipart messages, session management
- A2A: Peer-to-peer task delegation using capability-based Agent Cards
- ANP: W3C DID-based decentralized agent discovery
arXiv Link: https://arxiv.org/abs/2505.02279
Paper 2: Building Secure Agentic AI with A2A
Title: Building A Secure Agentic AI Application Leveraging A2A Protocol
Authors: Idan Habler, Ken Huang, Vineeth Sai Narajala, Prashant Kulkarni
Date: April 2025 (arXiv:2504.16902)
Core Contributions
- Comprehensive security analysis of Google's A2A protocol
- MAESTRO threat modeling framework application for AI risks
- Agent Card management security recommendations
- Task execution integrity analysis
- A2A + MCP synergy exploration for secure interoperability
Technical Summary
This paper addresses the critical need for secure implementation as agentic AI evolves from basic workflows to complex multi-agent collaboration. Using the MAESTRO framework (designed for AI risks), the authors identify potential security issues in A2A deployments:
- Impersonation attacks - Agent Card forgery risks
- Replay attacks - Session token复用 vulnerabilities
- Artifact tampering - Intermediary manipulation of data
Recommendations include:
- Robust digital signature protocols
- Proper session management
- Idempotency in task execution
- Input validation at all layers
arXiv Link: https://arxiv.org/abs/2504.16902
Analysis: A2A in the Protocol Landscape
Protocol Comparison Matrix
| Aspect | MCP | A2A | ACP | ANP |
|---|---|---|---|---|
| Primary Role | Tool access | Agent collaboration | Messaging | Discovery |
| Discovery | Static config | Agent Cards | Registry | DID-based |
| Security | API keys | OAuth2-ready | Custom | Blockchain |
| Transport | JSON-RPC | HTTP+SSE | REST | P2P |
Key Insights
- A2A addresses a gap between MCP (tool access) and full agent collaboration
- Security is foundational - both papers emphasize building security into protocol design
- The ecosystem is maturing - with 50+ enterprise partners and multiple research papers
- Interoperability requires standards - ad-hoc integrations don't scale
Future Directions
- Decentralized identity (DIDs) integration for agent authentication
- Cross-protocol bridges between MCP and A2A
- Formal verification of agent communication semantics
- Standardized threat models for multi-agent systems
References
- Ehtesham, A., et al. (2025). A Survey of Agent Interoperability Protocols. arXiv:2505.02279
- Habler, I., et al. (2025). Building A Secure Agentic AI Application Leveraging A2A Protocol. arXiv:2504.16902
Tags: a2a, research, papers, ai-agents, security
Top comments (0)