CN109951291B - Content sharing method and device based on trusted execution environment and multimedia equipment - Google Patents
Content sharing method and device based on trusted execution environment and multimedia equipment Download PDFInfo
- Publication number
- CN109951291B CN109951291B CN201910123491.1A CN201910123491A CN109951291B CN 109951291 B CN109951291 B CN 109951291B CN 201910123491 A CN201910123491 A CN 201910123491A CN 109951291 B CN109951291 B CN 109951291B
- Authority
- CN
- China
- Prior art keywords
- shared
- sharing
- content
- hash value
- sender
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The embodiment of the invention relates to the technical field of computers, and discloses a content sharing method and device based on a trusted execution environment and a multimedia device. The method comprises the following steps: in a trusted execution environment, obtaining shared data, wherein the shared data comprises shared content, sender identification and a first digital signature, and the first digital signature is generated by the sender by using a private key of the sender; sending a sender identification to the appointed server so that the appointed server returns a public key corresponding to the sender identification; verifying the validity of the first digital signature by using the public key; if the content is legal, the shared content is used; if not, the shared content is discarded. Therefore, on the one hand, the content sharing method completes processing under the trusted execution environment, and therefore the safety of the processing process is improved. On the other hand, the method also provides the security of the shared content by verifying the validity of the shared content and using the shared content after the verification.
Description
Technical Field
The embodiment of the invention relates to the technical field of computers, in particular to a content sharing method and device based on a trusted execution environment and a multimedia device.
Background
With the development of multimedia technology, more and more multimedia contents are shared to different multimedia devices for playing, thereby accelerating the development of the multimedia industry.
However, the multimedia network may have a malicious multimedia device tampering with the multimedia content, so that another multimedia device plays the multimedia content that is not the shared multimedia content.
Disclosure of Invention
An object of the embodiments of the present invention is to provide a content sharing method and apparatus based on a trusted execution environment, and a multimedia device, which can improve the security of shared content.
In order to solve the above technical problems, embodiments of the present invention provide the following technical solutions:
in a first aspect, an embodiment of the present invention provides a content sharing method based on a trusted execution environment, including:
in a trusted execution environment, obtaining shared data, wherein the shared data comprises shared content, sender identification and a first digital signature, and the first digital signature is generated by the sender by using a private key of the sender;
sending the sender identification to a designated server so that the designated server returns a public key corresponding to the sender identification;
verifying the validity of the first digital signature using the public key;
if the sharing content is legal, using the sharing content;
and if the content is illegal, discarding the shared content.
Optionally, the shared data further includes a shared list, where the shared list records a sharing order, a sender identifier, a receiver identifier, and a current reference hash value of the shared content when the shared content is shared each time, and the current reference hash value is obtained by performing hash operation on a last reference hash value of the sharing order closest to the current time, the sender identifier, the receiver identifier, and the obtained shared content.
Optionally, the method further comprises:
and if the first digital signature is legal, sending the sharing sequence, the sender identification and the receiver identification of the shared content to the specified server so that the specified server performs hash operation on the last reference hash value of the sharing sequence closest to the current time, the sender identification and the receiver identification of the shared content at the current time and the shared content prestored in the specified server to obtain the current reference hash value, and recording the current reference hash value on the sharing list and saving the recorded sharing list.
Optionally, before the designated server saves the recorded sharing list, the method further includes:
and sending a second digital signature to the appointed server so as to enable the appointed server to store the recorded sharing list when verifying that the second digital signature is legal, wherein the second digital signature is generated by the current receiver by using a private key of the receiver.
Optionally, the using the shared content includes:
receiving the recorded sharing list sent by the appointed server;
traversing the current reference hash value corresponding to the current sharing sequence from the recorded sharing list;
performing hash operation on the last reference hash value of the sharing sequence closest to the current time, the sender identifier and the receiver identifier of the current shared content and the shared content obtained at the current time to obtain a verification hash value at the current time;
judging whether the verification hash value is matched with the verification hash value or not;
if yes, using the shared content;
and if not, discarding the shared content.
Optionally, the method further comprises:
and if the first digital signature is illegal, notifying the sender to resend the shared data.
In a second aspect, an embodiment of the present invention provides a content sharing apparatus based on a trusted execution environment, including:
the system comprises an acquisition module, a storage module and a processing module, wherein the acquisition module is used for acquiring shared data in a trusted execution environment, the shared data comprises shared content, sender identification and a first digital signature, and the first digital signature is generated by a sender by using a private key of the sender;
the first sending module is used for sending the sender identification to a specified server so that the specified server returns a public key corresponding to the sender identification;
the verification module is used for verifying the validity of the first digital signature by using the public key, and if the first digital signature is legal, the shared content is used; and if the content is illegal, discarding the shared content.
Optionally, the shared data further includes a shared list, where the shared list records a sharing order, a sender identifier, a receiver identifier, and a current reference hash value of the shared content when the shared content is shared each time, and the current reference hash value is obtained by performing hash operation on a last reference hash value of the sharing order closest to the current time, the sender identifier, the receiver identifier, and the obtained shared content.
Optionally, the apparatus further comprises:
and the second sending module is used for sending the sharing sequence, the sender identification and the receiver identification of the shared content to the appointed server if the first digital signature is legal, so that the appointed server carries out hash operation on the last reference hash value of the sharing sequence closest to the shared content, the sender identification and the receiver identification of the shared content at the time and the shared content prestored in the appointed server to obtain the current reference hash value, records the current reference hash value on the sharing list and stores the recorded sharing list.
Optionally, the apparatus further comprises: and the third sending module is used for sending a second digital signature to the specified server so as to enable the specified server to store the recorded sharing list when verifying that the second digital signature is legal, wherein the second digital signature is generated by the current receiver by using a private key of the receiver.
Optionally, the verification module is specifically configured to:
receiving the recorded sharing list sent by the appointed server;
traversing the current reference hash value corresponding to the current sharing sequence from the recorded sharing list;
performing hash operation on the last reference hash value of the sharing sequence closest to the current time, the sender identifier and the receiver identifier of the current shared content and the shared content obtained at the current time to obtain a verification hash value at the current time;
judging whether the verification hash value is matched with the verification hash value or not;
if yes, using the shared content;
and if not, discarding the shared content.
Optionally, the apparatus further comprises: and the notification module is used for notifying the sender to resend the shared data if the first digital signature is illegal.
In a third aspect, an embodiment of the present invention provides a multimedia device, including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform any of the trusted execution environment based content sharing methods.
In a fourth aspect, embodiments of the present invention provide a non-transitory computer-readable storage medium having stored thereon computer-executable instructions for causing a multimedia device to perform any one of the trusted execution environment based content sharing methods described herein.
In a fifth aspect, embodiments of the present invention provide a computer program product comprising a computer program stored on a non-volatile computer-readable storage medium, the computer program comprising program instructions that, when executed by a multimedia device, cause the multimedia device to perform any one of the trusted execution environment based content sharing methods.
In the content sharing method based on the trusted execution environment provided by the embodiments of the present invention, shared data is obtained in the trusted execution environment, the shared data includes shared content, sender identification and a first digital signature, and the first digital signature is generated by the sender using its own private key; sending a sender identification to the appointed server so that the appointed server returns a public key corresponding to the sender identification; verifying the validity of the first digital signature by using the public key; if the content is legal, the shared content is used; if not, the shared content is discarded. Therefore, on the one hand, the content sharing method completes processing under the trusted execution environment, and therefore the safety of the processing process is improved. On the other hand, the method also provides the security of the shared content by verifying the validity of the shared content and using the shared content after the verification.
Drawings
One or more embodiments are illustrated by way of example in the accompanying drawings, which correspond to the figures in which like reference numerals refer to similar elements and which are not to scale unless otherwise specified.
Fig. 1 is a schematic structural diagram of a content sharing system according to an embodiment of the present invention;
FIG. 2 is a system environment diagram of a multimedia device according to an embodiment of the present invention;
FIG. 3 is a flowchart illustrating a content sharing method based on a trusted execution environment according to an embodiment of the present invention;
FIG. 4a is a schematic structural diagram of a content sharing device based on a trusted execution environment according to an embodiment of the present invention;
FIG. 4b is a schematic structural diagram of a content sharing device based on a trusted execution environment according to another embodiment of the present invention;
fig. 5 is a schematic structural diagram of a multimedia device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The content sharing method based on the trusted execution environment can be executed in any suitable type of multimedia equipment with computing capability, such as a set-top box, a television and the like.
The content sharing device based on the trusted execution environment in the embodiment of the present invention may be independently disposed in the multimedia device as a software system, or may be integrated in a processor as one of the functional modules to execute the content sharing method based on the trusted execution environment in the embodiment of the present invention.
The embodiment of the invention provides a content sharing system. Referring to fig. 1, the content sharing system 100 includes a first multimedia device 11, a second multimedia device 12, a third multimedia device 13, and a designated server 14, wherein the designated server 14 is respectively in communication with the first multimedia device 11, the second multimedia device 12, and the third multimedia device 13, and any two of the multimedia devices can be in communication with each other.
When sharing content, the first multimedia device 11 may actively send the shared content to the second multimedia device 12, or may passively send the shared content to the second multimedia device 12, that is, the second multimedia device 12 sends a sharing request to the first multimedia device 11, and the first multimedia device 11 sends the shared content to the second multimedia device 12 according to the sharing request.
After the second multimedia device 12 receives the shared content, it can also share the shared content to the third multimedia device 13. By analogy, the third multimedia device 13 can also share the shared content to other multimedia devices.
It is understood that the operation modes of the first multimedia device 11, the second multimedia device 12, and the third multimedia device 13 listed in the above embodiments are only one of the multiple operation modes, and are not limited to the selection of the operation modes of the first multimedia device 11, the second multimedia device 12, and the third multimedia device 13, that is, the first multimedia device 11 can share the shared content with the third multimedia device 12, and the third multimedia device 12 can share the shared content with the second multimedia device 12.
The designated server 14 is used for performing corresponding processing logic with each multimedia device, wherein the designated server 14 may be a physical server or a logical server formed by virtualizing a plurality of physical servers. The server may also be a server cluster formed by a plurality of servers capable of communicating with each other, and each functional module may be respectively distributed on each server in the server cluster.
In this embodiment, each multimedia device runs a Rich Execution Environment (REE) and a Trusted Execution Environment (TEE), wherein the Rich Execution Environment can support an Android operating system and the like.
The Trusted execution environment is isolated from the rich execution environment, and provides a secure execution environment for Trusted Applications (TAs), while providing confidentiality and integrity, and control of access rights to resources and data of the Trusted applications.
In the present embodiment, please refer to fig. 2, each multimedia device runs with a rich execution environment 21 and a trusted execution environment 22.
The rich execution environment 21 runs with a normal client application 211 and a trusted client application 212, wherein the number of the normal client application 211 or the trusted client application 212 may be plural.
The normal client application 211 is used to complete the processing of the application service under the rich execution environment 21.
The trusted client application 212 may be authenticated and installed in a rich execution environment, and different types of trusted client applications 212 may perform different types of application functions, for example, the trusted client application 212 for mobile payment field is used to receive payment information, the trusted client application 212 for enterprise data management is used to implement secure login, data management, and the like of an enterprise user.
The rich execution environment 21 further runs with a normal kernel layer 213, and the normal kernel layer 213 is configured to complete application function processing and logic call related to the rich execution environment 21, where the normal kernel layer 213 is provided with a trusted secure zone (TrustZone Software) that provides a micro secure kernel running in the secure execution environment to run simultaneously with the general-purpose operating system running in the rich execution environment, and provides a corresponding driver for communication between the general-purpose operating system and the secure kernel.
The rich execution environment 21 also runs a trusted client interface (TEE API)214, where the trusted client interface 214 is an underlying programming interface, and the trusted client application 212 running in the rich execution environment can access and exchange data of the trusted application running in the trusted execution environment by calling the trusted client interface 214.
The trusted execution environment 22 runs a communication agent module 221, a trusted application internal interface 222 and a trusted application 223.
The communication agent module 221 is configured to provide messaging support between the trusted client application 212 and the trusted application 223.
The trusted application internal interface 222 provides various types of interface support for various types of trusted application programs 223.
The trusted application 223 runs in a trusted execution environment, specifically providing certain security services. The trusted application 223 obtains the interface function provided by the corresponding operating system in the executable environment by calling the corresponding trusted application internal interface 222, so as to complete the corresponding security service.
In this embodiment, each trusted application 223 corresponds to a Unique Universal Unique Identifier (UUID), and the trusted client application 212 opens the corresponding trusted application 223 through the UUID, so as to provide the security service.
As another aspect of the embodiments of the present invention, an embodiment of the present invention provides a content sharing method based on a trusted execution environment. Referring to fig. 3, a content sharing method S300 based on a trusted execution environment includes:
s31, in the trusted execution environment, obtaining shared data, wherein the shared data comprises shared content, sender identification and a first digital signature, and the first digital signature is generated by the sender by using a private key of the sender;
in this embodiment, the shared data is data shared by one party to another party, and the data includes related security data and shared content for security service processing.
The data types of the shared content are various, and for example, the shared content includes text data, audio data, video data, and the like.
In this embodiment, the sender id is used to identify the sender, and the sender id may be a numeric string composed of a plurality of arabic numerals, or a character string, etc. Each sender corresponds to a unique sender identifier, which can be a product serial number or a device identifier, etc.
The embodiment of the invention also relates to a receiver identifier, wherein the receiver identifier is used for identifying the receiver, and the principle can refer to the content.
In this embodiment, the sender is the party sending the shared data, and the receiver is the party receiving the shared data. It is understood that the terms "sender" and "receiver" have relativity, and the two terms are not fixed, for example, when a first multimedia device sends shared data to a second multimedia device, the first multimedia device is the sender, and the second multimedia device is the receiving method. When the second multimedia device sends the shared data to the third multimedia device, the second multimedia device is a sender, and the third multimedia device is a receiver. When the second multimedia device sends the shared data to the first multimedia device, the second multimedia device is a sender, and the first multimedia device is a receiver.
In this embodiment, the first digital signature is generated by the sender using its own private key, wherein the sender's public key is pre-stored on a respective trust center, e.g. a designated server referred to below.
In this embodiment, the trusted client application receives shared data sent by other multimedia devices, and the trusted client application calls the trusted client interface, so that the trusted client interface jumps to a trusted security area of the ordinary kernel layer, and the trusted client application executes a monitoring instruction to trigger the communication proxy module. The communication agent module saves the operation state of the rich execution environment and starts the trusted execution environment.
In a trusted execution environment, because the trusted client application can carry the universal identification code of the trusted application program, the communication agent module calls the corresponding trusted application internal interface through the universal identification code of the trusted application program, so as to start the corresponding trusted application program, and enable the corresponding trusted application program to execute the security service, wherein the security service comprises shared verification of shared content.
S32, sending the sender identification to the appointed server so that the appointed server returns the public key corresponding to the sender identification;
in this embodiment, in order to uniformly and safely manage the shared content of each multimedia device, the embodiment provides a designated server, which is a central server and has a fully centralized processing capability, each multimedia device needs to complete registration authentication at the designated server, and only if the authentication passes, the corresponding multimedia device can share the content with the authenticated multimedia device. And after the authentication is passed, the appointed server configures a private key and a public key for the authenticated multimedia equipment, wherein the private key and the public key both correspond to the equipment identification of the authenticated multimedia equipment.
In some embodiments, the designated server maintains an administrative list that records the public key of each multimedia device along with the device identification of that multimedia device.
In this embodiment, the trusted application sends the sender identifier to the specified server, and then the specified server traverses the public key corresponding to the sender identifier and sends the public key to the receiver, where the receiver may be understood as the trusted application.
S33, verifying the validity of the first digital signature by using the public key;
s34, if legal, using the shared content;
and S35, if not, discarding the shared content.
In this embodiment, the trusted application uses the public key to verify the validity of the first digital signature, and if the first digital signature is valid, the shared content is used, where the types of the shared content are relatively various, for example, when the shared content is text data, the trusted application calls the peripheral display to display the text data. And when the shared content is audio data or video data, the trusted application program calls the relevant peripheral equipment to play the audio data or the video data.
When the trusted application verifies that the first digital signature is illegitimate, the trusted application discards the shared content.
In some embodiments, the trusted application encapsulates notification information that is sent to the trusted client application by the communication agent module, such that the trusted client application notifies the sender to resend the shared data.
In summary, in one aspect, with the content sharing method provided in the embodiments of the present invention, since the content sharing method completes processing in the trusted execution environment, the security of the processing procedure is improved. On the other hand, the method also provides the security of the shared content by verifying the validity of the shared content and using the shared content after the verification.
In some embodiments, the shared data further includes a shared list, where the shared list records a sharing order, a sender identifier, a receiver identifier, and a current reference hash value when the shared content is shared each time, and the current reference hash value is obtained by performing hash operation on a last reference hash value that is closest to the sharing order this time, the sender identifier, the receiver identifier, and the obtained shared content.
Referring to table 1, table 1 is a schematic diagram of a sharing list according to an embodiment of the present invention. As shown in table 1:
TABLE 1
| Sharing order | Sender identification | Receiver identification | Sharing content | Reference hash value |
| 1 | A | B | M1 | H1 |
| 2 | B | C | M1 | H2 |
| 3 | C | D | M1 | H3 |
| 4 | D | E | M1 | H4 |
As can be seen from table 1, the sharing order is the order in which the shared content is shared, for example, the sharing order of the shared content M1 is 1 when it is shared for the first time, wherein the multimedia device identified as a by the sender shares the shared content M1 to the multimedia device identified as B by the receiver.
The reference hash value is obtained by performing hash operation on a last reference hash value, a sender identifier, a receiver identifier and shared content, wherein when the shared content is shared for the first time, the last reference hash value is 0. For example, for the first time the shared content M1 is shared, the last reference hash value is 0, and the trusted application hashes 0, the sender id a, the receiver id B, and the shared content M1 to obtain the reference hash value H1. For the shared content M1 shared for the second time, the last reference hash value is H1, so the trusted application performs hash operation on H1, the sender id B, the receiver id C, and the shared content M1, thereby obtaining a reference hash value H2. Similarly, for the third sharing of the shared content M1, the previous reference hash value is H2, and then the trusted application performs a hash operation on H2, the sender id C, the receiver id D, and the shared content M1, so as to obtain the reference hash value H3. For the fourth sharing of the shared content M1, the previous reference hash value is H3, so the trusted application performs a hash operation on H3, the sender id D, the receiver id E, and the shared content M1, thereby obtaining a reference hash value H4.
The reference hash value is the corresponding reference hash value when the content sharing is performed this time, for example, when the multimedia device identified as the sender B shares the shared content M1 with the multimedia device identified as the receiver C, the reference hash value H2 calculated this time is the reference hash value of this time. Similarly, when the multimedia device identified as the sender C shares the shared content M1 with the multimedia device identified as the receiver D, the reference hash value H3 calculated this time is the reference hash value of this time.
Therefore, the current reference hash value is obtained by performing hash operation on the last reference hash value with the closest sharing sequence to the current time, the sender identifier and the receiver identifier of the current shared content, and the obtained shared content. In this embodiment, for example, this time is the 3 rd sharing order, the last time of the sharing order from this time is the 2 nd sharing order, and the last reference hash value of the sharing order from this time is the reference hash value H2 corresponding to the 2 nd sharing order.
In the present embodiment, "acquired shared content" is understood as shared content that the multimedia device as the receiving side receives from the multimedia device as the transmitting side. In some embodiments, shared content M1 may be saved by a designated server when shared content M1 is first shared.
A shared list is employed that can facilitate secure authentication of a later trusted application.
In some embodiments, after determining that the first digital signature is valid, the trusted application program sends the sharing order, the sender identifier, and the receiver identifier of the shared content of this time to the designated server, so that the designated server performs hash operation on the last reference hash value of the sharing order closest to this time, the sender identifier, the receiver identifier of the shared content of this time, and the shared content prestored in the designated server to obtain the current reference hash value.
For example, assume that a multimedia device with a sender id C sends shared content M1 to a multimedia device with a receiver id D, the sharing order of this time is 3 rd, and the sharing order is 2 nd from the closest sharing order of this time, so that the last reference hash value of the sharing order from this time is the reference hash value H2 corresponding to the 2 nd time, the sender id of this shared content is C, and the receiver id is D, and then the specified server performs hash operation on H2, C, D, and M1 to obtain the reference hash value H3 corresponding to the 3 rd time, that is, the current reference hash value is H3.
Then, the designated server records the current reference hash value on the shared list and saves the recorded shared list. For example, the designated server records the sharing order of 3, the sender identifier C, the receiver identifier D, and the reference hash value H3 in the previous sharing class table, and stores the recorded sharing list, that is, the designated server separately maintains the sharing list, and each multimedia device trusts the sharing list maintained by the designated server because the designated server has high trust.
In some embodiments, in order to enable the designated server to trust the data sent by each multimedia device, so as to run and maintain the shared list more reliably and safely, before the designated server stores the recorded shared list, the trusted application program may send a second digital signature to the designated server, so that the designated server stores the recorded shared list when verifying that the second digital signature is legal, where the second digital signature is generated by the receiving party using its own private key.
As described above, the designated server stores the public keys of the multimedia devices, and the trusted application program sends the receiver identifier to the designated server, so that the designated server can traverse the public key corresponding to the receiver identifier, and use the public key to verify the validity of the second digital signature. The designated server may then save the recorded share list. And if the second digital signature is illegal, discarding the shared content.
Generally, some multimedia devices act as sharing nodes that may maliciously tamper with the shared content such that the recipient is unable to use the original shared content. For example, in the 3 rd sharing order, the multimedia device with the receiver id C maliciously tampers with the shared content M1, so, in the 4 th sharing order, the multimedia device with the sender id C sends the maliciously tampered shared content M1 to the multimedia device with the receiver id D, and if not verified, the multimedia device with the receiver id D shares the non-original shared content.
Therefore, in some embodiments, during the process of using the shared content by the trusted application, the trusted application receives the recorded sharing list sent by the specified server, and traverses the current reference hash value corresponding to the current sharing order from the recorded sharing list. For example, in the 3 rd sharing order, the multimedia device with the receiver id D receives the recorded sharing list sent by the designated server, and obtains the current reference hash value H3 corresponding to the 3 rd sharing order from the recorded sharing list.
And then, the multimedia device with the receiver identifier D performs hash operation on the last reference hash value with the sharing sequence closest to the current time, the sender identifier and the receiver identifier of the current shared content and the obtained shared content to obtain the verification hash value of the current time. For example, the sharing order closest to the current time is the 2 nd sharing order, and the reference hash value corresponding to the 2 nd sharing order is the last reference hash value closest to the current time in the sharing order, that is, H2.
Then, the multimedia device with the receiver id D performs hash operation on H2, C, D and the shared content acquired this time, so as to obtain a verification hash value this time.
Thirdly, the multimedia device with the receiver ID D judges whether the verification hash value is matched with the verification hash value, if so, the shared content is used; if not, the shared content is discarded. For example, assume that the shared content acquired this time has been tampered by the multimedia device whose receiver is identified as C in the 2 nd sharing order, and then the verification hash value is different from the reference hash value this time. The multimedia device with the receiver ID D judges that the verification hash value does not match the verification hash value, and then the multimedia device with the receiver ID D discards the shared content.
Therefore, in such a way, it can effectively prevent other multimedia devices from maliciously tampering with the shared content.
It should be noted that, in the foregoing embodiments, a certain order does not necessarily exist between the foregoing steps, and it can be understood by those skilled in the art from the description of the embodiments of the present invention that, in different embodiments, the foregoing steps may have different execution orders, that is, may be executed in parallel, may also be executed in an exchange manner, and the like.
As another aspect of the embodiments of the present invention, an embodiment of the present invention provides a content sharing apparatus based on a trusted execution environment. The content sharing device based on the trusted execution environment in the embodiment of the invention can be used as one of the software functional units, and comprises a plurality of instructions, wherein the instructions are stored in the memory, and the processor can access the memory and call the instructions to execute so as to complete the content sharing method based on the trusted execution environment.
Referring to fig. 4a, the content sharing apparatus 400 includes: an obtaining module 41, a first sending module 42 and a verifying module 43.
The obtaining module 41 is configured to obtain, in the trusted execution environment, shared data, where the shared data includes shared content, a sender identifier, and a first digital signature, and the first digital signature is generated by the sender using a private key of the sender;
the first sending module 42 is configured to send the sender identifier to a specified server, so that the specified server returns a public key corresponding to the sender identifier;
the verification module 43 is configured to verify the validity of the first digital signature by using the public key, and if the first digital signature is valid, use the shared content; and if the content is illegal, discarding the shared content.
Therefore, on the one hand, the content sharing method completes processing under the trusted execution environment, and therefore the safety of the processing process is improved. On the other hand, the method also provides the security of the shared content by verifying the validity of the shared content and using the shared content after the verification.
In some embodiments, the shared data further includes a shared list, where the shared list records a sharing order, a sender identifier, a receiver identifier, and a current reference hash value when the shared content is shared each time, and the current reference hash value is obtained by performing hash operation on a last reference hash value that is closest to the sharing order this time, the sender identifier, the receiver identifier, and the obtained shared content of the current shared content.
In some embodiments, referring to fig. 4b, the content sharing apparatus 400 further includes: a second sending module 44.
The second sending module 44 is configured to send the shared sequence, the sender identifier, and the receiver identifier of the shared content of this time to the specified server if the first digital signature is valid, so that the specified server performs hash operation on the last reference hash value of the shared sequence closest to this time, the sender identifier, the receiver identifier of the shared content of this time, and the shared content prestored in the specified server to obtain the current reference hash value, and records the current reference hash value on the shared list and stores the recorded shared list.
Optionally, referring to fig. 4b, the content sharing apparatus 400 further includes: and a third sending module 45, where the third sending module 45 is configured to send a second digital signature to the specified server, so that the specified server stores the recorded sharing list when verifying that the second digital signature is legal, where the second digital signature is generated by the current receiver using its own private key.
Optionally, the verification module 43 is specifically configured to: receiving the recorded sharing list sent by the appointed server; traversing the current reference hash value corresponding to the current sharing sequence from the recorded sharing list; performing hash operation on the last reference hash value of the sharing sequence closest to the current time, the sender identifier and the receiver identifier of the current shared content and the shared content obtained at the current time to obtain a verification hash value at the current time; judging whether the verification hash value is matched with the verification hash value or not; if yes, using the shared content; and if not, discarding the shared content.
Optionally, referring to fig. 4b, the content sharing apparatus 400 further includes: and a notification module 46, where the notification module 46 is configured to notify the sender to resend the shared data if the first digital signature is illegal.
It should be noted that, the content sharing apparatus based on the trusted execution environment can execute the content sharing method based on the trusted execution environment provided by the embodiment of the present invention, and has corresponding functional modules and beneficial effects of the execution method. Technical details that are not elaborated in the trusted execution environment based content sharing apparatus embodiment may be referred to a trusted execution environment based content sharing method provided by the present invention embodiment.
As yet another aspect of the embodiments of the present invention, an embodiment of the present invention provides a multimedia device. As shown in fig. 5, the multimedia device 500 includes: one or more processors 51 and memory 52. In fig. 5, one processor 51 is taken as an example.
The processor 51 and the memory 52 may be connected by a bus or other means, such as the bus connection in fig. 5.
The memory 52, which is a non-volatile computer-readable storage medium, may be used for storing non-volatile software programs, non-volatile computer-executable programs, and modules, such as program instructions/modules corresponding to the trusted execution environment-based content sharing method in the embodiments of the present invention. The processor 51 executes various functional applications and data processing of the content sharing device based on the trusted execution environment by executing the nonvolatile software program, instructions and modules stored in the memory 52, that is, the functions of the content sharing method based on the trusted execution environment and the various modules of the device embodiment provided by the method embodiment are realized.
The memory 52 may include high speed random access memory and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device. In some embodiments, the memory 52 may optionally include memory located remotely from the processor 51, and these remote memories may be connected to the processor 51 via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The program instructions/modules are stored in the memory 52 and, when executed by the one or more processors 51, perform the trusted execution environment based content sharing method of any of the method embodiments described above.
Embodiments of the present invention also provide a non-transitory computer storage medium storing computer-executable instructions, which are executed by one or more processors, such as one of the processors 51 in fig. 5, to enable the one or more processors to perform the content sharing method based on the trusted execution environment in any of the above-mentioned method embodiments, for example, to perform the content sharing method based on the trusted execution environment in any of the above-mentioned method embodiments.
Embodiments of the present invention also provide a computer program product comprising a computer program stored on a non-volatile computer-readable storage medium, the computer program comprising program instructions that, when executed by a multimedia device, cause the multimedia device to perform any one of the trusted execution environment based content sharing methods.
The above-described embodiments of the apparatus or device are merely illustrative, wherein the unit modules described as separate parts may or may not be physically separate, and the parts displayed as module units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network module units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a general hardware platform, and certainly can also be implemented by hardware. Based on such understanding, the technical solutions mentioned above may be embodied in the form of a software product, which may be stored in a computer-readable storage medium, such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute the method according to each embodiment or some parts of the embodiments.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; within the idea of the invention, also technical features in the above embodiments or in different embodiments may be combined, steps may be implemented in any order, and there are many other variations of the different aspects of the invention as described above, which are not provided in detail for the sake of brevity; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present application.
Claims (5)
1. A trusted execution environment based content sharing method, comprising:
in a trusted execution environment, shared data is obtained, wherein the shared data comprises shared content, a sender identifier, a first digital signature and a shared list, the first digital signature is generated by the sender by using a private key of the sender, the shared list records a sharing sequence of the shared content when the shared content is shared each time, the sender identifier, a receiver identifier and a current reference hash value, and the current reference hash value is obtained by performing hash operation on a last reference hash value which is the closest to the sharing sequence, the sender identifier, the receiver identifier of the current shared content and the obtained shared content;
sending the sender identification to a designated server so that the designated server returns a public key corresponding to the sender identification;
verifying the validity of the first digital signature using the public key;
if the sharing content is legal, the sharing sequence, the sender identification and the receiver identification of the shared content of this time are sent to the appointed server by using the sharing content, so that the appointed server carries out hash operation on the last reference hash value of the sharing sequence closest to this time, the sender identification and the receiver identification of the shared content of this time and the sharing content prestored in the appointed server to obtain the current reference hash value; sending a second digital signature to the designated server so that the designated server stores the recorded sharing list when verifying that the second digital signature is legal, wherein the second digital signature is generated by the current receiver by using a private key of the receiver; recording the current reference hash value on the sharing list and storing the recorded sharing list;
and if the content is illegal, discarding the shared content.
2. The method of claim 1, wherein the using the shared content comprises:
receiving the recorded sharing list sent by the appointed server;
traversing the current reference hash value corresponding to the current sharing sequence from the recorded sharing list;
performing hash operation on the last reference hash value of the sharing sequence closest to the current time, the sender identifier and the receiver identifier of the current shared content and the shared content obtained at the current time to obtain a verification hash value at the current time;
judging whether the verification hash value is matched with the reference hash value or not;
if yes, using the shared content;
and if not, discarding the shared content.
3. The method according to any one of claims 1 to 2, further comprising:
and if the first digital signature is illegal, notifying the sender to resend the shared data.
4. A content sharing apparatus based on a trusted execution environment, comprising:
the system comprises an acquisition module, a storage module and a processing module, wherein the acquisition module is used for acquiring shared data in a trusted execution environment, the shared data comprises shared content, a sender identifier, a first digital signature and a shared list, the first digital signature is generated by using a private key of a sender, the shared list records a shared sequence, the sender identifier, a receiver identifier and a current reference hash value when the shared content is shared each time, and the current reference hash value is obtained by carrying out hash operation on a last reference hash value, the sender identifier and the receiver identifier of the current shared content and the acquired shared content, wherein the last reference hash value is the closest to the current shared sequence;
the first sending module is used for sending the sender identification to a specified server so that the specified server returns a public key corresponding to the sender identification;
the verification module is used for verifying the validity of the first digital signature by using the public key, and if the first digital signature is legal, the shared content is used; if the shared content is illegal, discarding the shared content;
a second sending module, configured to send, if the first digital signature is legal, a sharing order, a sender identifier, and a receiver identifier that the shared content is shared to the designated server, so that the designated server performs hash operation on a last reference hash value of the sharing order closest to the current time, the sender identifier, the receiver identifier, and shared content pre-stored in the designated server to obtain a current reference hash value, and records the current reference hash value on the sharing list and stores the recorded sharing list;
and the third sending module is used for sending a second digital signature to the specified server so as to enable the specified server to store the recorded sharing list when verifying that the second digital signature is legal, wherein the second digital signature is generated by the current receiver by using a private key of the receiver.
5. A multimedia device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform a trusted execution environment based content sharing method as claimed in any one of claims 1 to 3.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910123491.1A CN109951291B (en) | 2019-02-18 | 2019-02-18 | Content sharing method and device based on trusted execution environment and multimedia equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910123491.1A CN109951291B (en) | 2019-02-18 | 2019-02-18 | Content sharing method and device based on trusted execution environment and multimedia equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109951291A CN109951291A (en) | 2019-06-28 |
| CN109951291B true CN109951291B (en) | 2022-04-15 |
Family
ID=67008028
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910123491.1A Active CN109951291B (en) | 2019-02-18 | 2019-02-18 | Content sharing method and device based on trusted execution environment and multimedia equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109951291B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111143857B (en) * | 2019-12-27 | 2022-04-22 | 达闼机器人有限公司 | Data sharing method, robot controller and storage medium |
| CN111314151B (en) * | 2020-02-27 | 2023-08-08 | 腾讯科技(深圳)有限公司 | Node management method, node management device, electronic equipment and computer readable storage medium |
| CN113782134A (en) * | 2021-09-29 | 2021-12-10 | 清华大学 | Method and system for sharing medical data |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101626294A (en) * | 2008-07-07 | 2010-01-13 | 华为技术有限公司 | Certifying method based on identity, method, equipment and system for secure communication |
| CN101667913A (en) * | 2009-09-18 | 2010-03-10 | 重庆邮电大学 | Authenticated encryption method and encryption system based on symmetric encryption |
| CN105827412A (en) * | 2016-03-14 | 2016-08-03 | 中金金融认证中心有限公司 | Authentication method, server and client |
| CN106845160A (en) * | 2015-12-03 | 2017-06-13 | 国家新闻出版广电总局广播科学研究院 | A kind of digital copyright management for intelligent operating system(DRM)Method and system |
| CN107579817A (en) * | 2017-09-12 | 2018-01-12 | 广州广电运通金融电子股份有限公司 | User ID authentication method, apparatus and system based on block chain |
-
2019
- 2019-02-18 CN CN201910123491.1A patent/CN109951291B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101626294A (en) * | 2008-07-07 | 2010-01-13 | 华为技术有限公司 | Certifying method based on identity, method, equipment and system for secure communication |
| CN101667913A (en) * | 2009-09-18 | 2010-03-10 | 重庆邮电大学 | Authenticated encryption method and encryption system based on symmetric encryption |
| CN106845160A (en) * | 2015-12-03 | 2017-06-13 | 国家新闻出版广电总局广播科学研究院 | A kind of digital copyright management for intelligent operating system(DRM)Method and system |
| CN105827412A (en) * | 2016-03-14 | 2016-08-03 | 中金金融认证中心有限公司 | Authentication method, server and client |
| CN107579817A (en) * | 2017-09-12 | 2018-01-12 | 广州广电运通金融电子股份有限公司 | User ID authentication method, apparatus and system based on block chain |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109951291A (en) | 2019-06-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110120869B (en) | Key management system and key service node | |
| US10264001B2 (en) | Method and system for network resource attack detection using a client identifier | |
| CN107612895B (en) | Internet anti-attack method and authentication server | |
| CN107124431B (en) | Authentication method, device, computer readable storage medium and authentication system | |
| EP3453136B1 (en) | Methods and apparatus for device authentication and secure data exchange between a server application and a device | |
| WO2016184216A1 (en) | Link-stealing prevention method, link-stealing prevention server, and client side | |
| CN112131021B (en) | Access request processing method and device | |
| US20090290715A1 (en) | Security architecture for peer-to-peer storage system | |
| CN109951291B (en) | Content sharing method and device based on trusted execution environment and multimedia equipment | |
| CN111490981B (en) | Access management method and device, bastion machine and readable storage medium | |
| US11658963B2 (en) | Cooperative communication validation | |
| US20180285172A1 (en) | Data exchange between applications | |
| CN111262889A (en) | Authority authentication method, device, equipment and medium for cloud service | |
| CN108289074B (en) | User account login method and device | |
| CN112311769B (en) | Method, system, electronic device and medium for security authentication | |
| US10834074B2 (en) | Phishing attack prevention for OAuth applications | |
| CN114553540A (en) | Zero-trust-based Internet of things system, data access method, device and medium | |
| US20210067634A1 (en) | Control information for public switched telephone network (pstn) using blockchain system | |
| CN112699404A (en) | Method, device and equipment for verifying authority and storage medium | |
| CN116996305A (en) | Multi-level security authentication method, system, equipment, storage medium and entry gateway | |
| CN108429732B (en) | Method and system for acquiring resources | |
| US20220353081A1 (en) | User authentication techniques across applications on a user device | |
| CN111245600B (en) | Authentication method and system based on block chain technology | |
| CN115941217A (en) | Method for secure communication and related product | |
| US11977620B2 (en) | Attestation of application identity for inter-app communications |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |