[3542] in cryptography@c2.net mail archive
Re: Security scheme for e-books
daemon@ATHENA.MIT.EDU (=?iso-8859-1?Q?Jes=FAs?= Cea =?iso)
Mon Oct 26 09:36:09 1998
Date: Mon, 26 Oct 1998 13:35:53 -0100
From: =?iso-8859-1?Q?Jes=FAs?= Cea =?iso-8859-1?Q?Avi=F3n?= <jcea@argo.es>
To: Andreas Bogk <ich@andreas.org>
CC: John R Levine <johnl@iecc.com>, cryptography@c2.net
> If you can copy it from one cartridge to the other, you can copy it
> from the cartridge to a computer as easily. Then you only need one
> rewritable cartridge, and can upload whatever pirated book you want to
> read that day.
If the cartridge has a criptoengine inside... The scheme could be:
Book = B
Cardtridge = C
Reader = R
E, D= Encryption, Decryption
So:
Buying a new book: You receive "EC(B)".
Reading the book:
a) Two way authentication: Card and reader exchange challenges
and certificates. Cards only talk to certified readers. Reader
talk to certificated cards and "anonymous cards" if the document
is marked as "public", for example.
b) If the card is cheap and the reader is certified, card could send
its private key to the reader, and then sends EC(B). So
ED(EC(B))=B, the book.
c) A better approach, with a cripto engine embedded in the card, would
be:
card: ER(ED(EC(B))) -> Reader
Of course, keys should be managed in a tamperproof microcontroller.
--
Jesus Cea Avion _/_/ _/_/_/ _/_/_/
jcea@argo.es http://www.argo.es/~jcea/ _/_/ _/_/ _/_/ _/_/ _/_/
_/_/ _/_/ _/_/_/_/_/
PGP Key Available at KeyServ _/_/ _/_/ _/_/ _/_/ _/_/
"Things are not so easy" _/_/ _/_/ _/_/ _/_/ _/_/ _/_/
"My name is Dump, Core Dump" _/_/_/ _/_/_/ _/_/ _/_/
"El amor es poner tu felicidad en la felicidad de otro" - Leibnitz
