KR101760376B1 - Terminal and method for providing secure messenger service - Google Patents
Terminal and method for providing secure messenger service Download PDFInfo
- Publication number
- KR101760376B1 KR101760376B1 KR1020150166351A KR20150166351A KR101760376B1 KR 101760376 B1 KR101760376 B1 KR 101760376B1 KR 1020150166351 A KR1020150166351 A KR 1020150166351A KR 20150166351 A KR20150166351 A KR 20150166351A KR 101760376 B1 KR101760376 B1 KR 101760376B1
- Authority
- KR
- South Korea
- Prior art keywords
- key
- terminal
- server
- master
- encrypted
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
- G06Q50/30—Transportation; Communications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/30—Arrangements for executing machine instructions, e.g. instruction decode
- G06F9/30145—Instruction analysis, e.g. decoding, instruction word fields
Abstract
A terminal providing a messenger service is disclosed. The terminal includes a key generation unit for generating a private key using a counter value and a generated master key synchronized with the first server, a key exchange unit for exchanging a session key with the second terminal through a predetermined key exchange scheme, And an encryption / decryption unit for transmitting an encrypted message using the session key to the first server, wherein the key generation unit distributes the master key to each of the plurality of second servers using a secret sharing scheme .
Description
An embodiment according to the concept of the present invention relates to a terminal and a method for providing a messenger service, and more particularly, to a messenger service capable of receiving a messenger service from a plurality of terminals and protecting conversation contents in a state where the device is lost To a terminal and a method thereof.
Recently, IM applications can be used simultaneously in electronic devices such as smart phones and PCs. As a result, users are using messenger applications in many areas of their daily lives. However, security risks of messenger applications are causing the problem of exposing users' personal privacy. Accordingly, in recent years, the messenger application service provider has proposed various solutions for protecting user's personal information in order to solve the above-mentioned problems. However, since the approach to the security problem and the characteristic of the service to be provided are different for each application, Is confusing which application is a more secure application. In particular, the end-to-end encryption of messenger applications, which have been a major issue in the world, including the domestic market, is not available for all devices that are available for messenger applications, making it unsafe for using messenger applications. Therefore, studies on safe messenger system architecture and user privacy protection are in progress in academia and industry.
A technical object of the present invention is to provide a messenger service providing terminal and method capable of secure encrypted communication in a plurality of terminals and protecting conversation contents in a situation in which it is necessary to protect personal information such as loss of a device will be.
A messenger service providing terminal according to an embodiment of the present invention includes a key generating unit for generating a private key using a counter value synchronized with a first server and a generated master key, And an encryption / decryption unit for transmitting a message encrypted using the session key to the first server, wherein the key generation unit generates the secret key using the secret sharing scheme, Is distributed to each of the plurality of second servers and transmitted.
The messenger service providing terminal according to another embodiment of the present invention generates a master key from the shared values received from each of the plurality of second servers using the secret distribution method, A key generation unit for generating a private key and a public key by using the incremented count value and the master key, and an update request message for requesting update of the cipher text stored in the first server to the first server Wherein the encryption / decryption unit decrypts the encrypted session key received from the first server using the private key, decrypts the encrypted message received from the first server using the decrypted session key, .
A method of providing a messenger service according to an embodiment of the present invention includes generating a private key using a counter value and a generated master key synchronized with a first server, Distributing the master key to each of a plurality of second servers, exchanging a session key with a second terminal through a predetermined key exchange scheme, 1 < / RTI > server.
According to the instant messenger service providing terminal and method according to the embodiment of the present invention, a user can synchronize a message in each device by applying an end-to-end encryption technique to all devices using an instant messenger application .
In addition, according to the present invention, it is possible to provide a secure messenger service by protecting existing messages in a situation where personal information needs to be protected, such as device loss.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS In order to more fully understand the drawings recited in the detailed description of the present invention, a detailed description of each drawing is provided.
1 shows a messenger service system according to an embodiment of the present invention.
2 is a functional block diagram of the
It is to be understood that the specific structural or functional description of embodiments of the present invention disclosed herein is for illustrative purposes only and is not intended to limit the scope of the inventive concept But may be embodied in many different forms and is not limited to the embodiments set forth herein.
The embodiments according to the concept of the present invention can make various changes and can take various forms, so that the embodiments are illustrated in the drawings and described in detail herein. It should be understood, however, that it is not intended to limit the embodiments according to the concepts of the present invention to the particular forms disclosed, but includes all modifications, equivalents, or alternatives falling within the spirit and scope of the invention.
The terms first, second, etc. may be used to describe various elements, but the elements should not be limited by the terms. The terms may be named for the purpose of distinguishing one element from another, for example, without departing from the scope of the right according to the concept of the present invention, the first element may be referred to as a second element, The component may also be referred to as a first component.
It is to be understood that when an element is referred to as being "connected" or "connected" to another element, it may be directly connected or connected to the other element, . On the other hand, when an element is referred to as being "directly connected" or "directly connected" to another element, it should be understood that there are no other elements in between. Other expressions that describe the relationship between components, such as "between" and "between" or "neighboring to" and "directly adjacent to" should be interpreted as well.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. The singular expressions include plural expressions unless the context clearly dictates otherwise. In this specification, the terms "comprises" or "having" and the like are used to specify that there are features, numbers, steps, operations, elements, parts or combinations thereof described herein, But do not preclude the presence or addition of one or more other features, integers, steps, operations, components, parts, or combinations thereof.
Unless defined otherwise, all terms used herein, including technical or scientific terms, have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. Terms such as those defined in commonly used dictionaries are to be interpreted as having a meaning consistent with the meaning of the context in the relevant art and, unless explicitly defined herein, are to be interpreted as ideal or overly formal Do not.
Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings attached hereto.
1 shows a messenger service system according to an embodiment of the present invention.
Referring to FIG. 1, a
The
The
The
2 is a functional block diagram of the
1 and 2, the
The
The
The
The
The
The encryption /
Accordingly, when the user of the first terminal 100 changes its terminal or adds a new terminal later, the user receives the values distributed from the
Also, the encryption /
When a user of the
The
The
The encryption /
A description will be made of a key update and a cipher text update process for hiding existing conversation contents to a person who has learned a lost terminal, such as a case where a user of the
The
The
Also, the
The
After the key update process or the key generation process is completed, the encryption /
The
After the update process of the ciphertext is completed, the existing private key (
) Can not be decrypted in the lost terminal, so that the message (conversation contents) can be synchronized in an encrypted state.
The encryption /
Each of the configurations of the
Also, in this specification, "part" may mean a functional and structural combination of hardware for carrying out the technical idea of the present invention and software for driving the hardware. For example, the module may mean a logical unit of a predetermined code and a hardware resource for executing the predetermined code, and does not necessarily mean a physically connected code or a kind of hardware.
The functions and configurations of the
While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is evident that many alternatives, modifications and variations will be apparent to those skilled in the art. Accordingly, the true scope of the present invention should be determined by the technical idea of the appended claims.
10: Messenger system
100: First terminal
110:
130: key exchange unit
150: encryption / decryption unit
170: Setting section
300: second terminal
500: first server
700: second servers
Claims (8)
A key generating unit for generating a master key, generating a counter using a counter value synchronized with a counter value of the first server, and a private key using the master key;
A key exchange unit for exchanging a session key with a second terminal through a predetermined key exchange scheme; And
And an encryption / decryption unit for transmitting the encrypted message to the first server using the session key,
Wherein the key generation unit distributes the master key to each of the plurality of second servers using a secret sharing scheme and transmits the distributed master key to the second server,
terminal.
Wherein the encrypted message is transmitted to the second terminal via the first server,
terminal.
Wherein the key generation unit regenerates the master key from shared values received from each of the plurality of second servers using a secret distribution method, increases the synchronized count value, and transmits the incremented count value and the master key To generate a second private key and a second public key,
Wherein the encryption / decryption unit transmits an update request message for requesting update of a cipher text stored in the first server to the first server,
Wherein the encryption / decryption unit decrypts the encrypted session key received from the first server using the second private key, and decrypts the encrypted message received from the first server using the decrypted session key,
terminal.
Wherein the encrypted session key received from the first server is encrypted using the second public key.
terminal.
Wherein the encrypted message received from the first server is encrypted using the session key.
terminal.
Generating a master key, generating a private key using the counter value synchronized with the counter value of the first server, and the master key;
Distributing and transmitting the master key to each of the plurality of second servers using a secret distribution method;
Deleting the master key in the terminal;
Exchanging a session key with a second terminal through a predetermined key exchange scheme; And
And transmitting the encrypted message to the first server using the session key.
And the encrypted message is transmitted to the second terminal via the first server.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150166351A KR101760376B1 (en) | 2015-11-26 | 2015-11-26 | Terminal and method for providing secure messenger service |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR1020150166351A KR101760376B1 (en) | 2015-11-26 | 2015-11-26 | Terminal and method for providing secure messenger service |
Publications (2)
Publication Number | Publication Date |
---|---|
KR20170061759A KR20170061759A (en) | 2017-06-07 |
KR101760376B1 true KR101760376B1 (en) | 2017-07-24 |
Family
ID=59223901
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
KR1020150166351A KR101760376B1 (en) | 2015-11-26 | 2015-11-26 | Terminal and method for providing secure messenger service |
Country Status (1)
Country | Link |
---|---|
KR (1) | KR101760376B1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2021107389A1 (en) * | 2019-11-29 | 2021-06-03 | 서울대학교 산학협력단 | Network system and message security method thereof |
US11711212B2 (en) | 2021-02-17 | 2023-07-25 | Seagate Technology Llc | Post-quantum secure key-rotation for storage devices |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050044356A1 (en) * | 1999-12-22 | 2005-02-24 | Sunil Srivastava | Method and apparatus for distributing and updating private keys of multicast group managers using directory replication |
US20130227288A1 (en) | 2009-11-06 | 2013-08-29 | Roche Diagnostics International Ag | Method and system for establishing cryptographic communications between a remote device and a medical device |
US20140270166A1 (en) | 2013-03-14 | 2014-09-18 | Qualcomm Incorporated | Master key encryption functions for transmitter-receiver pairing as a countermeasure to thwart key recovery attacks |
KR101475747B1 (en) | 2014-01-22 | 2014-12-23 | 고려대학교 산학협력단 | Method for an outsourcing multi-party computation using homomorphic encryption |
KR101541165B1 (en) * | 2014-02-28 | 2015-08-03 | 고려대학교 산학협력단 | Mobile message encryption method, computer readable recording medium recording program performing the method and download server storing the method |
-
2015
- 2015-11-26 KR KR1020150166351A patent/KR101760376B1/en active IP Right Grant
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050044356A1 (en) * | 1999-12-22 | 2005-02-24 | Sunil Srivastava | Method and apparatus for distributing and updating private keys of multicast group managers using directory replication |
US20130227288A1 (en) | 2009-11-06 | 2013-08-29 | Roche Diagnostics International Ag | Method and system for establishing cryptographic communications between a remote device and a medical device |
US20140270166A1 (en) | 2013-03-14 | 2014-09-18 | Qualcomm Incorporated | Master key encryption functions for transmitter-receiver pairing as a countermeasure to thwart key recovery attacks |
KR101475747B1 (en) | 2014-01-22 | 2014-12-23 | 고려대학교 산학협력단 | Method for an outsourcing multi-party computation using homomorphic encryption |
KR101541165B1 (en) * | 2014-02-28 | 2015-08-03 | 고려대학교 산학협력단 | Mobile message encryption method, computer readable recording medium recording program performing the method and download server storing the method |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2021107389A1 (en) * | 2019-11-29 | 2021-06-03 | 서울대학교 산학협력단 | Network system and message security method thereof |
KR20210067208A (en) * | 2019-11-29 | 2021-06-08 | 서울대학교산학협력단 | Network system and method for performing message security thereof |
KR102265611B1 (en) | 2019-11-29 | 2021-06-15 | 서울대학교산학협력단 | Network system and method for performing message security thereof |
US11711212B2 (en) | 2021-02-17 | 2023-07-25 | Seagate Technology Llc | Post-quantum secure key-rotation for storage devices |
Also Published As
Publication number | Publication date |
---|---|
KR20170061759A (en) | 2017-06-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11880831B2 (en) | Encryption system, encryption key wallet and method | |
CN101340443B (en) | Session key negotiating method, system and server in communication network | |
US9485096B2 (en) | Encryption / decryption of data with non-persistent, non-shared passkey | |
CN105553951A (en) | Data transmission method and data transmission device | |
CN104821944A (en) | Hybrid encrypted network data security method and system | |
CN101720071A (en) | Short message two-stage encryption transmission and secure storage method based on safety SIM card | |
CN102916869A (en) | Instant messaging method and system | |
CN104901803A (en) | Data interaction safety protection method based on CPK identity authentication technology | |
CN103167494B (en) | Method for sending information and system | |
CN102088352B (en) | Data encryption transmission method and system for message-oriented middleware | |
CN106549858B (en) | Instant messaging encryption method based on identification password | |
CN102404337A (en) | Data encryption method and device | |
CN113111386A (en) | Privacy protection method for block chain transaction data | |
CN104618397B (en) | A kind of encryption method and encryption system for instant message applications | |
CN105553979A (en) | Encryption publishing method for privacy information in smart power grid | |
CN102281303A (en) | Data exchange method | |
KR101760376B1 (en) | Terminal and method for providing secure messenger service | |
CN107659405B (en) | The encrypting and decrypting method of data communication between a kind of substation boss station | |
CN103384233B (en) | A kind of methods, devices and systems for acting on behalf of conversion | |
CN102036194B (en) | Method and system for encrypting MMS | |
JP4924943B2 (en) | Authenticated key exchange system, authenticated key exchange method and program | |
CN112054905B (en) | Secure communication method and system of mobile terminal | |
CN109274690A (en) | Group's data ciphering method | |
CN104243291A (en) | Instant messaging method and system thereof capable of guaranteeing safety of user communication content | |
CN111698263B (en) | Beidou satellite navigation data transmission method and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A201 | Request for examination | ||
E902 | Notification of reason for refusal | ||
GRNT | Written decision to grant |