|
This thesis proposes cryptographic implementation of
secure subscriptionsystem for electronic periodical for
resolving the security problem ofsubscribing electronic
periodicals in the Internet. Electronic periodicals arethe media
that can be transmitted in the Internet with digitalized forms,
suchas electronic magazines, electronic papers, etc.. Two
secure subscriptionmethods are proposed: one is for single-type
periodical subscription and theother is for multiple-types
periodicals subscription. Both of the two methodsprovide the
subscription of continuous multi-issues in each periodical.
In the implementation of the proposed methods, first of all, the
publisherassigns an encryption key for each issue of
periodical and a reader key foreach subscriber. The contents
of each issue of periodical are encrypted withits encryption
key and then either put in a public directory or
directlytransmitted to the subscribers. The subscriber can get
the ciphertext of eachissue of periodical from the public
directory with the use of the downloadfunctions provided by
world wide web (WWW) or file transfe r protocol (FTP).On the
other side, the publisher can directly transmitted the
ciphertext ofeach issue of periodical to the subscribers with
the use of electronic mail(E-mail) or broadcasting facility.
For reading the contents of the subscribedissues of periodical,
the subscriber first uses his own reader key to derivethe
encryption key for the published issue of periodical and then
decrypts theciphertext of periodical. The proposed
methods have the following characteristics:1. Each issue
of published periodical is encrypted with one
differentencryption key. The issuer only encrypts each issue of
periodical once.2. Regardless of the expiration date or the
duration of legal subscription,the subscriber possesses only
one reader key. That is, the subscriber canreuse his own
reader key to derive all of the encryption keys for
thesubscribed issues.3. The publisher does not necessarily keep
the record of the duration of legalsubscription for each
subscriber. After the expiration date of subscription,the
subscriber's reader key is automatically revoked. Revoked
reader keys areuseless for deriving the encryption key for
later published issue ofperiodical. The security of the
proposed methods are based on the difficulty offactorization
problem. Some potential attacks on the proposed methods
arediscussed. From the analyses of the computational complexity
and the requiredstorage of the proposed methods, the proposed
methods can be practicallyimplemented.
|