A kind of method and system of pocket transmission news safety communicationTechnical field
The application relates to instant communicating system, particularly relates to a kind of method and system of pocket transmission news safety communication.
Background technology
Current instant communicating system, as QQ, micro-letter etc., generally all supports mass-sending function, and namely input a piece of news can send to multiple recipient simultaneously, this message can carrying multiple recipient is called pocket transmission news.Originally message identical for many contents can be become a piece of news by pocket transmission news, saves Internet resources.
The technological development in current pocket transmission news field mainly concentrates on the research of send mode.Such as, Chinese patent CN101378538B discloses a kind of group sending message processing method, comprising: message center receives pocket transmission news and processes, and the information of the recipient that makes mistakes is described and adds in acknowledgement messaging; Described acknowledgement messaging is sent to information gateway by message center; Information gateway according to described in the make mistakes information of recipient describe, parse misconnection debit mark and concrete reason of makeing mistakes; If made mistakes, reason is that mass-sending number exceedes preset value, then again send former message to the recipient that mark is corresponding after amendment mass-sending number; If made mistakes, reason is that recipient address is rejected, then delete former message; If made mistakes, reason is that message central server is hurried, then again send former message to the recipient that mark is corresponding after waiting for.
Generally do not carry out safe handling to pocket transmission news in existing MSN, such message belongs to full disclosure substantially, cannot ensure the privacy of pocket transmission news.Even if carry out safe handling to pocket transmission news, be also set encrypted ones for group usually, under this mode, group's password very easily leaks, and cannot meet the requirement higher to fail safe.Meanwhile, when having group member off-line when sending pocket transmission news, off-line member cannot obtain the encrypting messages in encrypted ones solution cryptogroup after again reaching the standard grade afterwards.
Summary of the invention
Target of the present invention is to realize point-to-point encryption to pocket transmission news, not only improves the fail safe of pocket transmission news, and group off-line member still can be received after again reaching the standard grade and the encrypting messages previously sent in analytic group.
The target of the application is realized by the method for a kind of pocket transmission news transmitting terminal safety communication, and the method comprises:
Produce a random key;
Send out to sender the message sent with random key to be encrypted to produce encrypting messages;
The public key certificate of all users in group is obtained from instant communicating system LIST SERVER;
Random key is encrypted, to obtain the encryption key of respective amount with each public key certificate obtained respectively;
Calculate the summary of encrypting messages and all encryption keys;
The private key of sender oneself is used to sign to described summary;
Encrypting messages, encryption key, summary and signature group are combined into pocket transmission news;
Send described pocket transmission news.
Target of the present invention is also realized by the method for a kind of pocket transmission news receiving terminal safety communication, and the method comprises:
The pocket transmission news that receiving end/sending end sends;
The public key certificate of sender is obtained from instant communicating system LIST SERVER;
Use the public key certificate of sender to decipher signature in described pocket transmission news, decipher by time obtain summary, encryption key and encrypting messages;
The private key of recipient oneself is used to decipher project corresponding with recipient in described encryption key to obtain random key;
Described random key is used to be decrypted to obtain to encrypting messages the message that sender sends.
Target of the present invention is also realized by a kind of pocket transmission news transmitting terminal safety communication system, and this system comprises:
Encryption key generation unit, for generation of a random key;
Message encryption unit, sends out to sender the message sent for using random key and is encrypted to produce encrypting messages;
Certificate acquisition unit, for obtaining the public key certificate of all users in group from instant communicating system LIST SERVER;
Secret key encryption unit, for using each obtained public key certificate to be encrypted random key respectively, to obtain the encryption key of respective amount;
Digest calculations unit, for calculating the summary of encrypting messages and all encryption keys;
Signature unit, signs to described summary for using the private key of sender oneself;
Pocket transmission news generation unit, for being combined into pocket transmission news by encrypting messages, encryption key, summary and signature group;
Transmitting element, for sending described pocket transmission news.
Target of the present invention is also realized by a kind of pocket transmission news receiving terminal safety communication system, and this system comprises:
Receiving element, for the pocket transmission news that receiving end/sending end sends;
Certificate acquisition unit, for obtaining the public key certificate of sender from instant communicating system LIST SERVER;
Pocket transmission news decryption unit, for using the public key certificate of sender to decipher signature in described pocket transmission news, decipher by time obtain summary, encryption key and encrypting messages;
Cipher key decryption unit, deciphers project corresponding with recipient in described encryption key to obtain random key for using the private key of recipient oneself;
Message obtains unit, is decrypted to obtain the message that sender sends for using described random key to encrypting messages.
By method and system of the present invention, achieve the point-to-point encryption of pocket transmission news in instant communicating system, ensure that the fail safe of pocket transmission news.Both ensured the sender of message and the authenticity of recipient, and made again pocket transmission news accomplish anti-eavesdrop, anti-tamper, tamper-proof, anti-repudiation, thus make instant communicating system can be applicable to need the application scenarios of high security.
Unless explicitly stated otherwise, plural reference (namely there is the meaning of " at least one ") is included this singulative used " one ", " being somebody's turn to do ".Should understand further, the term used in specification " has ", " comprising " and/or " comprising " show to exist described in feature, step, operation, element and/or parts, but do not get rid of and there is or increase other features one or more, step, operation, element, parts and/or its combination.Term "and/or" as used in this comprises any of one or more relevant item enumerated and all combinations.Unless explicitly stated otherwise, the step of any method disclosed herein need not accurately perform according to disclosed order.
Accompanying drawing explanation
The present invention will also illustrate with reference to accompanying drawing below in conjunction with the preferred embodiments more completely.
Fig. 1 is the transmitting terminal flow chart according to the inventive method one embodiment.
Fig. 2 is the receiving terminal flow chart according to the inventive method one embodiment.
Fig. 3 is the receiving terminal flow chart according to another embodiment of the inventive method.
Fig. 4 is the sending end structure schematic diagram of system according to the invention one embodiment.
Fig. 5 is the receiving terminal structural representation of system according to the invention one embodiment.
Fig. 6 is the receiving terminal structural representation of another embodiment of system according to the invention.
For clarity, these accompanying drawings are schematically and the figure simplified, and they only give for understanding the necessary details of the present invention, and omit other details.
Embodiment
By detailed description given below, the scope of application of the present invention will be apparent.But, should be appreciated that they only provide for the purpose of illustration while detailed description and object lesson show the preferred embodiment of the present invention.
When user registers, instant communicating system is that each user issues private key and public key certificate and the LIST SERVER be published to by these public key certificate in instant communicating system.
Fig. 1 shows the embodiment according to transmitting terminal pocket transmission news safe communication method in of the present invention, instant communicating system.Transmitting terminal can be such as the equipment such as computer, smart mobile phone, Pad being connected to instant communicating system server by wired or wireless network.Transmitting terminal pocket transmission news safe communication method starts from step S10, when the user of in group (hereinafter referred to " sender ") will send message m 1, first produces a random key skey.Random key such as produces by randomizer, also produces by other algorithm.Afterwards, process proceeds to step S11.
Step S11, sends out the message m 1 thus generation encrypting messages em sent with the random key skey encryption produced.Using random key encrypting messages, while preventing message not to be ravesdropping in transport process, guaranteeing that in group, offline user also can decipher the data received when reaching the standard grade afterwards.Afterwards, process proceeds to step S12.
Step S12, from smart machine as the LIST SERVER of the instant communicating system at the place such as computer, smart mobile phone obtains the public key certificate c1 ~ cn of all users in group.In an embodiment, the public key certificate obtained also can not comprise the public key certificate cs of (eliminating) sender oneself.Afterwards, process proceeds to step S13.
Step S13, is encrypted random key skey with each public key certificate c1 ~ cn obtained, respectively to obtain the encryption key eskey1 ~ eskeyn of respective amount.Afterwards, process proceeds to step S14.
Step S14, uses digest algorithm such as HASH to calculate the summary h1 of encrypting messages em and encryption key eskey1 ~ eskeyn.Data are made an abstract, can effectively prevent message be destroyed and/or distort.Afterwards, process proceeds to step S15.
Step S15, uses the private key of sender oneself to carry out signature s1 to summary h1.Afterwards, process proceeds to step S16.
Step S16, encrypting messages em, encryption key eskey1 ~ eskeyn, summary h1 and signature s1 are combined as pocket transmission news m2 by compress mode, and this pocket transmission news m2 is the data finally will issued in group.In an embodiment, aforementioned combinatorial also can take other compound mode, as encrypting messages em, encryption key eskey1 ~ eskeyn, summary h1 and signature s1 are combined into a collection of transmission.Afterwards, process proceeds to step S17.
Step S17, instant communicating system transmitting terminal sends pocket transmission news m2.Afterwards, the process of transmitting terminal terminates.
Fig. 2 shows the embodiment according to receiving terminal pocket transmission news safe communication method in of the present invention, instant communicating system.Receiving terminal can be the equipment such as computer, smart mobile phone, Pad being connected to instant communicating system server by wired or wireless network equally.This receiving terminal pocket transmission news safe communication method starts from step S20, the pocket transmission news m2 that other users except pocket transmission news sender in group and receiving terminal (also referred to as " recipient ") receiving end/sending end send, user online at that time can receive immediately, and not online user will receive after reaching the standard grade.Afterwards, process proceeds to step S21.
Step S21, receiving terminal obtains the public key certificate cs of pocket transmission news sender from the LIST SERVER of place instant communicating system.Afterwards, process proceeds to step S22.
Step S22, uses the signature s1 in the public key certificate cs deciphering pocket transmission news m2 of sender.If deciphering is passed through, obtain summary h1, encryption key eskey1 ~ eskeyn and encrypting messages em, then process proceeds to step S24.If deciphering not by, then illustrate be personation sender of the message, process forward step S23 to, abandon this message.The process of receiving terminal afterwards terminates.
Step S24, uses project corresponding with recipient oneself in the private key enabling decryption of encrypted key eskey1 ~ eskeyn of recipient oneself to obtain random key skey.Afterwards, process proceeds to step S25, uses to decipher the random key skey that obtains and be decrypted to obtain to encrypting messages em the message m 1 that sender sends.Afterwards, the process of receiving terminal terminates.
Fig. 3 shows another embodiment according to receiving terminal pocket transmission news safe communication method in of the present invention, instant communicating system.Except the step shown in Fig. 2, the embodiment shown in Fig. 3 also comprises step S30 between step S22 and step S24, the summary h2 of the encryption key eskey1 ~ eskeyn using digest algorithm to obtain as HASH secure processing device encrypts and the encrypting messages em of deciphering.Afterwards, process proceeds to step S31, determines to decipher the summary h1 obtained whether consistent with the summary h2 of new calculating just now.If consistent, illustrate that pocket transmission news is not damaged and/or distort in transmission and receiving course, process and proceed to step S24.If inconsistent, description messages is damaged, and process forwards step S23 to, abandons this message.Afterwards, the process of receiving terminal terminates.
Fig. 4 shows the embodiment according to pocket transmission news transmitting terminal safety communication system of the present invention, this transmitting terminal system comprises: encryption key generation unit 10, wants such as to use randomizer to produce a random key skey when sending message m 1 for the user of in group; Message encryption unit 11, sends out to sender the message m 1 sent for using random key skey and is encrypted to produce encrypting messages em; Certificate acquisition unit 12, for obtaining the public key certificate c1 ~ cn of all users in group from the LIST SERVER of transmitting terminal place instant communicating system; Secret key encryption unit 13, for using obtained each public key certificate c1 ~ cn to be encrypted random key skey respectively, to obtain the encryption key eskey1 ~ eskeyn of respective amount; Digest calculations unit 14, for calculating the summary h1 of encrypting messages em and all encryption key eskey1 ~ eskeyn; Signature unit 15, carries out signature s1 for using the private key of sender oneself to summary h1; Pocket transmission news generation unit 16, for being combined into pocket transmission news m2 by encrypting messages em, encryption key eskey1 ~ eskeyn, summary h1 and signature s1 by compressor units; Transmitting element 17, for sending pocket transmission news m2.
Fig. 5 shows the embodiment according to pocket transmission news receiving terminal safety communication system of the present invention, and this receiving terminal system comprises: receiving element 20, for the pocket transmission news m2 that receiving end/sending end sends; Certificate acquisition unit 21, for obtaining the public key certificate cs of sender from instant communicating system LIST SERVER; Pocket transmission news decryption unit 22, for using the public key certificate cs of sender to decipher signature s1 in pocket transmission news m2, decipher by time obtain summary h1, encryption key eskey1 ~ eskeyn and encrypting messages em; Cipher key decryption unit 23, for using project corresponding with recipient oneself in the private key enabling decryption of encrypted key eskey1 ~ eskeyn of recipient oneself to obtain random key skey; Message obtains unit 24, is decrypted to obtain the message m 1 that sender sends for using random key skey to encrypting messages em; Discarding unit 25, for when the deciphering of pocket transmission news decryption unit is unsuccessful, abandons pocket transmission news m2.
Fig. 6 shows another embodiment according to pocket transmission news receiving terminal safety communication system of the present invention, this receiving terminal system is except comprising the unit shown in Fig. 5, also comprise between pocket transmission news decryption unit and cipher key decryption unit: digest calculations unit 30, for the summary h2 of the encryption key eskey1 ~ eskeyn of secure processing device encrypts and the encrypting messages em of deciphering; Comparing unit 31, whether the summary h2 for the summary h1 with calculating that compare deciphering is consistent.In this embodiment, discarding unit 25 except function in the embodiment shown in fig. 5, also for the summary deciphered and the summary of calculating inconsistent time abandon pocket transmission news m2.
Some preferred embodiments are illustrated above, but it is emphasized that the present invention is not limited to these embodiments, but can realize by the alternate manner within the scope of present subject matter.