CN111541603B

Movatterモバイル変換

Info

Publication number: CN111541603B
Application number: CN202010312733.4A
Authority: CN
Inventors: 顾峻
Original assignee: Jiangsu Dazhou Jiye Intelligent Technology Co ltd
Current assignee: Jiangsu Dazhou Jiye Intelligent Technology Co ltd
Priority date: 2020-04-20
Filing date: 2020-04-20
Publication date: 2022-04-12
Anticipated expiration: 2040-04-20
Also published as: CN111541603A

Abstract

The invention relates to an independent intelligent safe mail terminal and an encryption method, wherein the terminal comprises an address book management module for classified management of users, including a trusted user with an encryptor and a common user without the encryptor; the encryptor management module is used for managing the encryptors hosted by the users; the mail receiving and sending module is used for sending and receiving mails; the mail receiving and sending module executes mail receiving and sending, and if the encrypted mail is sent, different processing modes are adopted based on whether the mail receiving and sending party holds the encryptor. The terminal and the method of the invention provide mail communication modes with different encryption security levels, can realize the transmission of confidential mails without independently erecting a mail service system and supporting an application service system such as a key management center, realize decentralization, have simple and convenient application, and realize the confidential transmission of mail data on the premise of not changing the format of the existing MIME mail protocol.

Description

Independent intelligent safety mail terminal and encryption method

Technical Field

The invention belongs to the technical field of information security, and particularly relates to an independent intelligent security mail terminal and an encryption method.

Background

With the development of internet technology and network office, e-mail has become one of the main communication modes of people, and with the continuous increase of mail service providers on the market, the advantages of mail clients are more and more obvious, so that a plurality of mail accounts of people can be effectively managed, and the people can use the e-mail and communicate information with each other greatly and conveniently.

The application of the mail client enables a user to manage the sending and receiving storage of a plurality of mail account of the user only through one software, and mails are respectively stored in a mail service provider and a computer of the user, but the mail information content of the user is easy to be intercepted by an unauthorized user. In addition, the existing mail client mode is a system architecture which can not provide services without leaving the central system software in the using process.

Disclosure of Invention

The invention aims to provide an independent intelligent safe mail terminal and an encryption method, which can realize independent, centerless, encrypted mail proxy services with different security levels.

In order to achieve the technical purpose, the invention adopts the following scheme:

a standalone intelligent secure mail terminal, comprising:

the address book management module is used for carrying out classified management on users, and comprises a trusted user with an encryptor and a common user without the encryptor;

the encryptor management module is used for managing the encryptors hosted by the users;

the mail receiving and sending module is used for sending and receiving mails; the mail receiving and sending module executes mail receiving and sending, if the encrypted mail is sent, based on whether the mail receiving and sending party holds the encryptor, different processing modes are adopted, including:

a. the sender is a common user, encrypts the mail in a symmetric encryption mode and sends the mail, and sends the encryption key of the mail to the receiver through other communication channels.

b. The sender is a trusted user, the receiver is a common user, the mail is encrypted in a symmetric encryption mode, the local public key is obtained and added to the mail data to send the mail, and the secret key is sent to the receiver through other communication channels;

c. the mail receiving and sending parties are all trusted users, and send out the mails after encrypting the mails in an asymmetric encryption mode and a symmetric encryption mode.

Further, in the step a, a random number generator is adopted to generate a random number, the random number is judged to be a prime number, and the mail is sent out after the mail is encrypted by using a key with the prime number being symmetric encryption.

And b, starting a true random number generator of the encryptor to generate a prime number as a symmetric encrypted key encryption mail, adding a sender public key to a mail protocol, and sending out the mail.

In the step c, starting a true random number generator of the encryptor to generate a prime number which is used as a symmetric encryption key encryption mail; and encrypting the secret key by using the public key of the receiver, signing the ciphertext by using the private key of the sender, and then sending the mail.

And if the receiver is a user which does not exist in the address list management module, sending the mail in a mode b, acquiring the public key of the receiver in an automatic reply mode, and storing the public key to a trusted user column of the address list management module.

The mail sender adds the received public key and the mail address, uses Hash calculation, encrypts the Hash value by the private key of the mail sender, and stores the encrypted value to the credible user column of the address list management module.

As a further improvement of the present invention, in the step c, after the receiving party receives and decrypts the email, the terminal encrypts the received email and the symmetric key by using its private key and stores them locally, thereby implementing encryption protection of the email data in the local email client and the public key in the address book.

As a further improvement of the invention, the text and the attachment of the mail are encrypted, and the sender and the transcriber are not processed.

As a further improvement of the invention, the mail cipher text and the key are transmitted over different communication channels.

As a further improvement of the invention, the mail encrypted by the encryptor is decrypted by a private key which is separately generated by the encryptor before shipment and stored in a storage area capable of protecting the private key.

The mail transmission of the invention follows MIME protocol or proprietary protocol, and can transmit encrypted and non-encrypted mails under the condition of not changing the existing structure of MIME protocol or proprietary protocol, thereby improving the universality.

The invention also provides an independent intelligent safe mail encryption method, which comprises the following steps:

s100, judging whether the sender holds an encryptor, if not, sending the encrypted mail in a symmetric encryption mode, and sending the encryption key of the mail to the receiver through other communication channels; otherwise go to S200;

s200, judging whether the public key of the receiver is held or not, if so, encrypting the mail in an asymmetric encryption and symmetric encryption mode and then sending the mail; otherwise go to S300;

s300, the mail is encrypted in a symmetric encryption mode, the local public key is obtained and added to the mail data, then the mail is sent out, and the encryption key of the mail is sent to the receiver through other communication channels.

In the method of the present invention, in S100, a pseudo random number generator is used to generate a random number, the random number is determined to be a prime number, and the mail is sent out after the mail is encrypted by using a key in which the prime number is symmetric encryption.

In the step S200, the true random number generator of the encryptor is started to generate a prime number as a symmetric encrypted key encryption mail, and the public key of the sender is added to the mail protocol to send out the mail.

In S300, starting a true random number generator of the encryptor to generate a prime number as a symmetric encrypted key encrypted mail; and encrypting the secret key by using the public key of the receiver, signing the ciphertext by using the private key of the sender, and then sending the mail.

In the step S300, if the receiver holds the encryptor, the public key is sent to the sender by the way of automatic reply of the mail, so as to complete the public key exchange. The sender stores the public key in the address list.

Furthermore, the mail transceiver adds the received public key and the mail address of the sender, uses hash calculation, encrypts a hash value by using a private key of the mail transceiver, and stores the encrypted value to a trusted user column of the address list management module.

After the receiver receives and decrypts the mail, the private key of the receiver is used for encrypting the received mail and the symmetric key, and the mail and the symmetric key are stored locally.

Further, in the method, the text and the attachment of the mail are encrypted, and the sender and the transcriber are not processed.

Further, the mail encrypted by the encryptor is decrypted by a private key which is independently generated by the encryptor before delivery and stored in a storage area capable of protecting the private key.

The independent intelligent safe mail terminal and the encryption method have the following beneficial effects:

(1) decentralization, wherein different key generating, transmitting and receiving methods are designed according to different security levels, so that the independent intelligent security mail terminal adopts a technical architecture and a mode of decentralization secret mail communication in the use process, namely the terminal does not depend on any application auxiliary or supporting system before, during and after use (communication or verification is not required by any auxiliary system such as a password management center), the user can master the core secret in the internet communication process, and the privacy and the convenience are improved.

(2) The method reduces professional work such as certificate application, issuing and maintenance and the like of a user caused by a digital certificate mode according to a digital certificate process, does not change the original use habit of the user on the premise of strictly complying with the use standard of the national password, and improves the use convenience of the user.

(3) The application is simple and convenient, the independent establishment of the mail service system is not needed, and the user still continues to use the mail service system (such as the existing commercial mail system) and the private mail service system (such as the own mail system established by the enterprise) provided by each mail service provider in daily use.

(4) And designing an autonomous public key exchange mode, and naturally finishing the exchange of the public keys by a sender and a receiver user in the communication process of the common mails. The public key can be automatically extracted by client software when a receiver user receives the mail sent by the user with the encryptor without the encryptor. When the receiver returns the mail to the sender, the user of the receiver selects whether to use the public key of the other party to protect the encryption key, namely, a digital envelope is used, and the automatic extraction and protection of the public key are realized on the premise of following the mail protocol.

(5) The mail data is transmitted in a secret way on the premise of not changing the format of the existing MIME mail protocol.

Drawings

FIG. 1 is a client application framework.

Fig. 2 is a client functional architecture diagram.

Fig. 3 is a client-side mailing execution flow.

Fig. 4 is a high security level mail packet format.

Fig. 5 is a low security level mail packet format.

Fig. 6 is a flow chart of high and low security level encryption and decryption.

Fig. 7 is a schematic flow chart of the encryption and decryption application of the whole mail.

FIG. 8 is a schematic view of an integrated process.

Detailed Description

The terminal application framework of the invention is shown in fig. 1, and the high security level described in the invention is defined as that the user has a private encryptor thereof and can realize mutually trusted transmission of encrypted mails; the low security level is defined as the user has no private encryptor, and the encrypted mail can be temporarily transmitted by using the encryption mode provided by the invention. In addition, the users with high security level and low security level can realize the transmission, the reception and the reading of the conventional plaintext mail under any state. Through the application of the terminal, the encrypted mail can also be transmitted to a common user without an encryptor, or the mail can be transmitted in a conventional plaintext mode. Therefore, the mode of the digital certificate is avoided, the user can learn the related knowledge and the corresponding technology of the digital certificate and the like, and the state of' being ready to use when being taken is finally realized.

The encrypted mail is realized by using a cryptographic algorithm, but the core of the design is independent and intelligent, and an identification cryptographic technology is adopted. I.e., communication between users (terminals), without a center (key management center), without digital certificate services participating in the process, and without a mail service system of a specific requirement. So that the encrypted mail is independent operation and data exchange between the user (end) and the user (end). The basic condition of the encrypted mail terminal is that the mail service agent software is installed, both the mail sending and receiving party can hold an encryptor, one user can hold the encryptor, or both users do not have the encryptor, so that data encryption transmission and plaintext transmission are realized.

On the security level, the invention provides a pure software mode and two security level modes calculated by a hardware encryptor with a cryptographic algorithm, the security level of the mail sent or received by a user with the encryptor is high, the security level of the mail sent or received by a user without the encryptor is low, and the security level of the mail sent or received by the user without the encryptor is still higher than that of the normal clear text sent mail.

In the aspect of convenient application, the independent intelligent safe mail terminal is combined and automatically identified according to application scenes of users with encryptors and users without encryptors, so that intelligent application is realized. The mutual communication can be realized by selecting mail communication in three modes of high, low and no security level, so that the use is convenient, the operation is simple, the learning cost of the user is low, the security level is selected by the user and the centralized independent intelligent security mail terminal is removed, and finally the encryption and decryption intercommunication of the mail sent and received among the users is realized.

As shown in fig. 2, the independent intelligent security mail terminal has multi-account mailbox management, address book management, and mail content management in addition to the conventional mail proxy server. Secondly, the security management function of the user on the own encryptor is added, so that the user can completely control the own password equipment. And the mail with high security level is still in an encrypted state in the storage state of mail servers and local computers of users, and the mail can be decrypted only after the encryptor is opened every time, so that the real security of the mail content is ensured.

When a user selects a mail transmission or receiving mode with low security level, the terminal calls a pseudo-random number generator to generate an encryption key when encryption is needed, encrypts the mail by adopting a symmetric algorithm, and sends the key to a receiver through an arbitrary channel selected by the user. The receiver decrypts the received mail using the key. And the terminal stores the decrypted plaintext in the terminal.

As shown in fig. 3, when the user chooses to transmit or receive the mail with high security level, the encryption and decryption method is adopted, the key is stored in the encryptor for protection, the asymmetric method is used for key negotiation and key transmission, and the symmetric key is used for encryption and decryption. Thereby achieving the maximum protection of information at a high security level.

In the case of a high security level, each user has an encrypter. In the first communication and subsequent communication processes, public key interaction with other users is obtained through mails, and a friend public key list of the users is not stored by a server, so that the mode of public key exchange through a central system is removed, direct end-to-end contact and identification are realized, and the public key interaction is added into a trusted list after verification. The data packet format of the high security level is schematically shown in fig. 4.

The format of the mail data packet with low security level is schematically shown in fig. 5.

By the encryption and decryption method of high and low security levels, end-to-end encryption communication between users and among all mailbox accounts is realized, data is encrypted before a mail is sent out and decrypted after the mail is received, and the security protection in the whole communication process is ensured.

The flow chart of the high and low security level encryption and decryption is shown in fig. 6.

In the program control application process of the encryptor, the asymmetric encrypted private key is hidden in the storage area of the encryptor, and all operations are in the encryptor, so that the private key is ensured not to be leaked. Without an encryptor, each file encryption uses a pseudorandom number generator algorithm to generate a temporary encrypted symmetric key.

In order to store the encrypted mail which is high in safety and encrypted by the encryptor for a long time, the terminal adopts a private key which is independently generated by the encryptor before leaving a factory and stored in a storage area capable of protecting the private key, and a method for decrypting the received encrypted mail by using the private key is adopted to realize the long-term storage of the encrypted mail and decrypt the encrypted mail into a plaintext at any time when needed.

The communication process of the mail completely follows the network mail protocol, namely MIME protocol.

The encryption and decryption application flow diagram of the whole mail is shown in FIG. 7.

The specific method comprises the following steps:

setting a user to have an encryptor; other users may or may not have encryptors (as in the application framework diagram above). There are two communication implementations in this case.

1. User a has an encryptor and user C (or multiple users) does not.

The symmetric encryption method is adopted, and the key is transmitted in a two-way mode, so that the security of the key is ensured. The method comprises the following specific steps:

1.1 selecting and judging the sending object

The user A inquires whether the mail list of the user A has a public key of a certain user C or not, if the public key is not detected, the true random number generator of the encryptor A is started to generate a prime number, and the prime number is used as a symmetric encryption key. The key is used for calculating through a symmetric algorithm, the text, the attachments and the like of the mail are encrypted, and the sender and the transcriber are not processed. After encryption is finished, network transmission is carried out according to MIME protocol (or private protocol), so that the transmitted addresses except the addressee/copyholder are plaintext, and the rest are ciphertext.

1.2 transfer Key

After the step 1.1, the symmetric key of the one-time pad and the public key of the user a (the initiator) are sent to the user C (the receiver).

Because the transmission of cipher text and key on the network is almost equivalent to plaintext transmission, two-way transmission is adopted. Namely: the mail is sent through the mail agent client software of the terminal. The key can be transmitted by adopting other communication channels to form a dual-parallel communication line which is not crossed with each other so as to increase the communication security.

1.3 processing after accepting the Key

When the user C (or the user in the email address list) receives the email, the email agent client software judges that the email belongs to the ciphertext email according to the data packet identification, and the email content displayed in the window is the ciphertext content (ASCII code) of the email. And at the moment, the user is reminded of the ciphertext mail by the bullet frame, and after the user inputs the ciphertext, the program calls a symmetric encryption algorithm to decrypt the ciphertext. And the decrypted file is recovered according to the requirement of the mail protocol and the corresponding content is displayed at the corresponding position of the mail, so that the decryption work of the one-time pad is completed.

After the decryption is completed, the public key + the mail address of the user A is stored in the recipient list for standby.

2. User a has an encryptor and user B (or multiple users) also has an encryptor.

2.1 when a user B with an encryptor B communicates with a user A for the first time, after the first mail communication is completed by adopting the method 1, further performing public key exchange, namely:

2.1.1 adopting the function of automatically replying the mail to automatically send the public key of the user B to the mailbox of the user A, namely obtaining the public key of the user B.

2.1.2 user A receives the public key notification email, adds the public key and the email address, uses hash calculation, encrypts the hash value with its own private key, and stores the value in the list of the email address book recipients.

2.2 when the mail is sent again, searching the receiver, selecting the public key of the user B (and other users), unlocking the hash value by using the private key after the public key is searched, calculating the sum of the public key and the address by using a hash algorithm, and if the hash values are consistent, indicating that the data and the address of the public key are credible, and then carrying out safe communication.

2.3 generating a prime number with the true random number generator of the encryptor, the prime number serving as a key for symmetric encryption.

And 2.4, encrypting the text/the attachment of the mail by using the key by adopting a symmetric encryption algorithm, and performing hash calculation.

2.5 encrypt the key with user B's public key and then sign the ciphertext with its own private key. After the encryption is completed, the cryptographs are transmitted in a network according to MIME protocol (or proprietary protocol).

2.6 after receiving the ciphertext, user B decrypts the key with its private key first to obtain a symmetrically encrypted key. And then, the cipher text is decrypted by calling an asymmetric encryption algorithm by using the key to obtain plaintext data.

2.7 the user B calculates and compares the plaintext data and the hash value, if the plaintext data and the hash value are not changed, the data are not falsified and forged, the plaintext data is sorted, and the plaintext data is presented at a corresponding position of the mail agent client software, so that all decryption work is completed.

2.8 after the user B receives and decrypts the mail, before closing the mail client, the terminal automatically uses the private key to encrypt the received mail and the symmetric key, and stores the encrypted mail and the symmetric key in the local of the user.

3. Both parties do not have encryptors.

The steps are as follows under the condition that both sides do not have encryption equipment:

3.1 the initiator generates a random number by using a pseudo random number generator;

3.2 judging the random number as prime number, using the prime number as symmetric encryption key;

3.3 encrypting and sending the mail;

3.4 sending the encryption key to a receiver through other channels;

3.5 the receiving party inputs the encryption key to decrypt the ciphertext;

3.6 storing the decrypted plaintext in an inbox of a mail agent according to the mail format plaintext.

4. Method description for encryption and decryption in MIME protocol

Firstly, carrying out data packaging on mail text/attachments and the like in a corresponding window of mail client software to obtain a data package Soc _ S.

And encrypting the data packet Soc _ S by using a method of a security system standard for exchanging digital certificates in a Pkcs #7 public key encryption system according to the syntax of the digital certificates to obtain Soc _ SP.

And packaging Soc _ SP as mail text again. And after the packaging is finished, the encrypted mail is sent to a mail server, and the mail sending process is finished.

The unpacking process is the reverse step of the expression, and the mail unpacking process conforming to the MIME protocol can be completed.

Claims

1. An independent intelligent secure mail terminal, comprising:

a. the sender is a common user, encrypts the mail in a symmetric encryption mode and sends the mail, and sends an encryption key of the mail to the receiver through other communication channels;

b. the method comprises the steps that a sender is a trusted user, a receiver is a common user, a mail is encrypted in a symmetric encryption mode, a local public key is obtained and added to mail data, then the mail is sent, and an encryption key of the mail is sent to the receiver through other communication channels;

2. The terminal of claim 1, wherein in said a, a pseudo random number generator is used to generate a random number, the random number is determined to be a prime number, and the mail is sent out after the mail is encrypted by using a key whose prime number is symmetric encryption.

3. The terminal of claim 1, wherein in b, the true random number generator of the encryption device generates a prime number as the symmetric encryption key encryption mail, acquires the local public key, adds the local public key to the mail protocol, and sends out the mail.

4. The terminal of claim 1, wherein in c, the true random number generator that activates the encryptor generates a prime number as the key encrypted mail for symmetric encryption; and encrypting the secret key by using the public key of the receiver, signing the ciphertext by using the private key of the sender, and then sending the mail.

5. The terminal according to claim 1, wherein in the step c, if the recipient is a user who does not exist in the address book management module, the e-mail is sent in the mode b, and the public key of the recipient is obtained in an automatic reply mode and stored in a trusted user list of the address book management module.

6. The terminal of claim 1, wherein the e-mail sender adds the received public key to the e-mail address, uses a hash calculation, encrypts the hash value with its own private key, and stores the encrypted value in the trusted user list of the address book management module.

7. The terminal according to claim 1, wherein in the step c, after the receiver receives and decrypts the mail, the terminal encrypts the received mail and the symmetric key by using its private key and stores the encrypted mail and the symmetric key locally.

8. The terminal of claim 1, wherein the body and attachments of the mail are encrypted and not processed by the sender and the transcriber.

9. The terminal according to claim 1, wherein the received encrypted mail is decrypted by a private key which is separately generated by the encryptor before shipment and stored in a storage area where a key can be protected, for the mail encrypted by the encryptor.

10. An independent intelligent security mail encryption method comprises the following steps:

in the first communication and subsequent communication processes, the public keys of other users are interacted and acquired through mails;