[sword-devel] Open book unlocking system (was Re: Module
verification, was Re: [sword-devel] DoctrinalStatement)
Sat, 05 Aug 2000 16:54:31 -0700
Sorry this reply has taken so long. It looks like this is the kind of thing
that X.509 is for. I think it would be a great way to start working out
security. I didn't see anyone jumping on the idea to get it done though.
Perhaps if a rough draft of a Sword implementation was created others may
take it up.
At 12:53 PM 7/30/2000 +1000, Paul Gear wrote:
>Glad you asked, Jerry. :-) I've been thinking about this issue for
>some time. I started to prepare a long and involved message about how i
>envisaged it working, but i realised that it would probably prove
>incomprehensible to just about everyone but me. So let me give a brief
>overview, and we can go into more detail later.
>It seems to me that there are several problems we could solve with one
>piece of technology:
> 1. Encrypted modules.
> 2. Verification of modules.
> 3. Point-of-sale type unlocking with which commercial publishers
>would be happy.
>The technology i'm thinking of here is OpenSSL, the free software
>library for implementing X.509 PKI functionality.
>Here is an overview of the components of my proposed solution:
>1. Modules are encrypted using a single key, by a symmetric cipher (as
>they are now), preferably with a fairly small key length, for
>performance reasons. (What length do we use at the moment?)
>2. Modules are signed with the distributor's digital signature. This
>allows module verification with cryptographic checksums. A root
>certificate authority key would need to be embedded in the software
>distributions (like Netscape and IE do). More detailed verification
>parameters (as suggested above by Jerry) could be added to the
>certificate to verify the text if the checksum verification fails.
>3. Unlocking a book involves creating an SSL connection to an unlock
>server, generating a one-time asymmetric key at the client, and the
>server encrypting the module's symmetric key to that asymmetric key.
>The application stores this asymmetrically encrypted version of the
>4. Reading a locked book involves decrypting the module key and using
>it to decrypt the book.
>What this would require of application software:
>1. Embedded keys for the root certificate authorities. We could use
>existing ones on the Internet, or create our own, which would be cheaper
>(i.e. free :-).
>2. Linking with OpenSSL to do module checksumming and decryption.
>3. Code to generate, save, and restore unlock keys.
>4. User interface hooks for: viewing certificates, verifying modules,
>and unlocking books.
>5. Client-server code for talking to the server during module
>unlocking. There would need to be a way of allowing manual web or phone
>unlocks as well.
>There are some problems with this proposal, one being that there is no
>obscurity, so anybody with the know-how would be able to write a program
>to decrypt the modules using OpenSSL. I have a few ideas for overcoming
>this, but it needs to be something which does not compromise our
>commitment to GPL-ed code.
>The other problem is who is going to do it? This would be a rather
>large undertaking. I would love to do it, but i don't have the time. I
>would jump at the chance to quit my job to work on this sort of stuff,
>but who would pay for it? Know anyone who'd like to invest a bit of
>venture capital? 8^)
>I've copied this to Bob@Logos (although hopefully your mail filters
>would have flagged this message anyway, Bob :-) and Bible-Linux, hoping
>that others might be interested in working on a standard that we could
>all use. Are there others who we could get together with on this?
>Maybe the guys at Theophilos?
>I know Logos already has a system to do all of this, Bob, but it is a
>possible solution for working together with us (as we discussed some
>time ago on the Bible-Linux list), and it would allow you to upgrade to
>a system using real encryption. (Of course, you could do that anyway,
>but it would be nice if we could do something together. ;-)
>Well, what think ye?
>"He must become greater; i must become less." - John 3:30