KR102024062B1 - Device of transmitting key data to subscriber in multicast group - Google Patents

Abstract

Provided is a device for transmitting key data to a subscriber in a multicast group, including a processor performing the following processes: (a) acquiring first to n^th serial numbers of first to n^th message data (where n is a natural number greater than or equal to 2); (b) generating first to n^th data corresponding to the first to n^th serial numbers by generating i^th key data in accordance with a key designation policy as increasing i from 1 to n (where the i^th key data includes at least an encryption key for encrypting an i^th message data selected from one or more keys); (C) generating first to n^th key packets by generating an i^th key packet including the i^th serial number and i^th encryption key data as increasing i from to n (where the i^th encryption key data is generated by encrypting the i^th key data with a group key); and (d) transmitting the first to n^th key packets to the subscriber through the multicast group.

Description

Device that transmits key data to subscribers in a multicast group {DEVICE OF TRANSMITTING KEY DATA TO SUBSCRIBER IN MULTICAST GROUP}

This disclosure relates to a device for transmitting key data to subscribers in a multicast group.

The publisher-subscriber pattern is one of the asynchronous messaging patterns. The publish-subscribe pattern is used by senders (generally referred to as "issuers") within a multicast group to send message data to one or more receivers (generally referred to as "subscribers") using multicast. do. The multicast group includes a plurality of devices, one of which is designated as a publisher and the other devices as subscribers. That is, generally there is one publisher and one or more subscribers within a particular multicast group. According to the publish-subscribe pattern, the publisher generally does not know which subscribers will receive the message data, and the subscriber may receive the desired message data even without accurate knowledge of the publisher. The publish-subscribe pattern can be used for a publisher to send message data to a subscriber, for example, in a multicast group that includes multiple devices used for wireless communication. The publish-subscribe pattern may also be used by publishers to send message data to subscribers within a multicast group, including, for example, various devices used for Internet of Things (IoT) communication.

As mentioned above, the publisher does not know which subscribers will receive the message data, so that an unauthorized device can receive the message data. Thus, in order to prevent devices other than devices in the multicast group, i.e., unauthorized devices, from receiving message data, an encryption key (hereinafter referred to as a "group key") for devices in the multicast group may be used. have. The issuer encrypts the message data using the group key and sends it to the subscriber, and the subscriber decrypts the received encrypted message data using the group key. As a group key, generally a symmetric key can be used. For example, Korean Patent Publication No. 10-2014-0006996, entitled "Traffic Encryption Key Management for Machine-to-Machine Multicast Groups," filed on February 28, 2012 by LG Electronics, and published January 16, 2014. (Patent Document 1) discloses a method of updating a group traffic key (i.e., "group key" herein) used to encrypt and decrypt multicast data (i.e., message data) by way of example.

On the other hand, to prevent unauthenticated devices from sending message data and receiving subscribers from misunderstanding that the message data was sent by an authenticated publisher, it is also referred to as a message authentication code (commonly referred to as "MAC"). Can be used. For example, Korean Patent Publication No. 10-2017-0089747 (Patent Document 2) entitled "thing authentication system and method" filed on October 17, 2016 and published on August 4, 2017 by LG Electronics, An example method of using a message authentication code for authentication within the Internet is disclosed. For example, the message authentication code can be generated using a hash function. The issuer adds a message authentication code to the message data and then sends the message data appended with the message authentication code to the subscriber. The subscriber compares the result of the operation using the hash function with the received message data and the message authentication code included in the received message data. If the result of the operation and the message authentication code is the same, the message data may be considered to be sent by the authorized issuer.

However, even when using a group key or a message authentication code as described above, security problems may occur. For example, if the malicious device knows the group key and the message authentication code, the malicious device can also receive and use the message data.

1. Korean Patent Publication No. 10-2014-0006996. 2. Korean Patent Publication No. 10-2017-0089747.

An object of the technology disclosed herein is to multicast first key data to nth key data used for encrypting first to nth message data (where n is a natural number of two or more) using a group key and then multicast The present invention provides a device for transmitting key data to subscribers in a multicast group that can enhance the security of a multicast group by transmitting to subscribers in a group.

Another object of the techniques disclosed herein is to include return address extraction information in key data and send it so that subscribers of the multicast group can use the return address extraction information to return the corresponding return address from the first to nth message data. And a device for acquiring an authentication key and transmitting key data to a subscriber in a multicast group that can connect to the computing device using the obtained return address and authentication key.

In order to achieve the above technical problem, according to one aspect of the technology disclosed herein, a device for transmitting key data to subscribers in a multicast group, (a) the first to n-th message data (where n is two or more); A process of obtaining a first to nth serial number of a natural number); (b) generating i-th key data, wherein the i-th key data includes at least an encryption key for encrypting the i-th message data selected from one or more keys, increasing i from 1 to n; Processing to generate first key data to n-th key data corresponding to the first serial number to the n-th serial number; (c) increasing the i th serial number and the i th encryption key data while increasing i from 1 to n, wherein the i th encryption key data is generated by encrypting the i th key data using a group key; Generating a first to n-th key packet by generating an i-th key packet; And (d) an arithmetic processing unit that performs a process of transmitting the first to n-th key packets to the subscriber via the multicast group.

According to the technology disclosed herein, multicast after first key data to n-th key data used for encrypting the first to n-th message data (where n is a natural number of two or more) using a group key. By sending to subscribers in the group, the security of the multicast group can be enhanced. Also, by including the return address extraction information in the key data and transmitting the same, the subscriber of the multicast group acquires and obtains a corresponding return address and authentication key from the first message data to the n-th message data using the return address extraction information. One return address and authentication key may be used to connect with the computing device.

1 illustrates an exemplary configuration of a device for transmitting key data to subscribers in a multicast group according to the first embodiment disclosed herein.
2A-2B illustrate an exemplary configuration of a multicast group in the device according to the first embodiment disclosed herein.
3 exemplarily shows a process performed by the arithmetic processing unit of the device according to the first embodiment;
4A to 4E show an exemplary configuration of the i-th key data in the device according to the first embodiment;
FIG. 5 exemplarily shows a process of arithmetic processing unit obtaining one or more keys in the device according to the first embodiment; FIG.
FIG. 6 exemplarily shows a process of arithmetic processing unit obtaining one or more keys in the device according to the first embodiment; FIG.
FIG. 7 exemplarily shows a key designation policy and the i-th key data generated according to the device according to the first embodiment; FIG.
8 exemplarily shows a process of encrypting i-th key data using a group key in the device according to the first embodiment;
9 is a diagram illustrating an example of a process in which a message data transmission apparatus encrypts first message data and n-th message data and transmits the same to a subscriber in a device according to the first embodiment;
FIG. 10 exemplarily illustrates a process of encrypting first message data and n-th message data and transmitting the same to a subscriber in the device according to the first embodiment; FIG.
FIG. 11 exemplarily shows a process of encrypting i-th message data using an encryption key in the device according to the first embodiment; FIG.
12 illustrates an exemplary configuration of a device for transmitting key data to subscribers in a multicast group according to the second embodiment disclosed herein.
13 illustrates an exemplary configuration of a multicast group in a device according to a second embodiment disclosed herein.
FIG. 14 exemplarily shows a process performed by the arithmetic processing unit of the device according to the second embodiment; FIG.
FIG. 15 exemplarily shows a process of an arithmetic processing unit obtaining one or more keys in the device according to the second embodiment; FIG.
FIG. 16 exemplarily shows a process of an arithmetic processing unit obtaining one or more keys in the device according to the second embodiment; FIG.
FIG. 17 shows an exemplary configuration of an i-th integrated data packet according to the second embodiment; FIG.
18 exemplarily shows a process of encrypting i-th key data using a group key in the device according to the second embodiment;
FIG. 19 exemplarily shows a process of encrypting i-th message data using an encryption key in the device according to the second embodiment; FIG.

Hereinafter, an embodiment of a device for transmitting key data to a subscriber in a multicast group according to the present disclosure will be described in more detail with reference to the accompanying drawings. Meanwhile, in the drawings for describing the exemplary embodiments of the present disclosure, only a part of the actual configuration may be illustrated, a part may be omitted, a modified view, or a scale may be differently illustrated for convenience of description.

<First Embodiment>

1 is a diagram illustrating an exemplary configuration of a device for transmitting key data to subscribers in a multicast group according to the first embodiment disclosed herein.

Referring to FIG. 1, the device 100 according to the first embodiment includes an arithmetic processing unit 110. The detailed configuration of the calculation processing unit 110 will be described later.

In addition, the device 100 may further include at least one of a key generation unit 130, a key storage unit 150, and an encryption unit 170. The key generation unit 130, the key storage unit 150, and the encryption unit 170 are highly secure security modules, such as security according to any one of the EMV (Europay MasterCard Visa) standard and the Trusted Execution Environment (TEE) standard. It can be implemented using modules.

The key generator 130 generates at least one of one or more keys and group keys. One or more keys are keys used for encrypting the first to nth message data described below. The group key is a key used for encrypting the first to n-th key data described later, and is a group key of a multicast group.

The key storage unit 150 stores at least one of one or more keys and a group key. For example, the key generation unit 130 may store at least one of one or more keys and group keys previously generated. Meanwhile, when the device 100 does not include the key generation unit 130, the key storage unit 150 may receive and store one or more keys and group keys from an external key providing device (not shown).

The encryption unit 170 encrypts the first to n-th key data using the group key. Also, the encryption unit 170 may encrypt the first message data to the nth message data by using one or more keys.

2A is a diagram illustrating an exemplary configuration of a multicast group in the device according to the first embodiment disclosed herein.

Referring to FIG. 2A, the multicast group according to the first embodiment includes a first multicast group 200 and a second multicast group 300.

The first multicast group 200 includes a device 100 and one or more subscribers 210. The first multicast group 200 is a multicast group for the device 100 to deliver, for example, the first to n th key packets described later. N is a natural number of two or more. The device 100 operates, for example, as the issuer of the first multicast group 200 and transmits the first key packet to the nth key packet to the subscriber 210.

The second multicast group 300 includes a message data transmission device 310 and one or more subscribers 210. That is, the subscriber 210 belongs to the first multicast group 200 and also to the second multicast group 300. The second multicast group 300 is, for example, a multicast group for delivering first to n th data packets described later. The message data transmitting apparatus 310 operates as an issuer of the second multicast group 300, for example, and transmits the first data packet to the nth data packet described later to one or more subscribers 210.

The device 100 and the message data transmission device 310 may share a key designation policy, which will be described later. Alternatively, the message data transmitting apparatus 310 may receive first key data to n-th key data to be described later from the device 100, and encrypt the first message data to n-th message data to be described later using the same. The device 100 and the message data transmitting apparatus 310 may transmit and receive data such as first key data to n-th key data by using unicast, for example.

Meanwhile, referring to FIG. 2A, although the device 100 and the message data transmission device 310 are shown as separate devices, the same device may operate as the device 100 and the message data transmission device 310.

When the same device operates as the device 100 and the message data transmitting apparatus 310, the portion operating as the device 100 and the portion operating as the message data transmitting apparatus 310 may share a memory. As will be described later, data such as the first key data to n-th key data and the first message data to n-th message data operate as a part that operates as the device 100 and the message data transmission device 310 through the shared memory. It can be used in each of the parts.

Referring to FIG. 2A, one or more subscribers 210 may be connected to the computing device 400 using a return address and an authentication key, which will be described later. The computing device 400 will be described later.

FIG. 2B is a diagram illustrating another exemplary configuration of a multicast group in the device according to the first embodiment disclosed herein. Unlike the configuration shown in FIG. 2A, the second multicast group 300 is part of the first multicast group 200. That is, the message data transmission device 310 also belongs to the first multicast group 200.

1 and 2A to 2B, a first embodiment will be described in more detail.

As described above, the device 100 includes a calculation processing unit 110.

The arithmetic processing unit 110 performs the processing described below.

FIG. 3 is a diagram exemplarily illustrating a process performed by the arithmetic processing unit of the device according to the first embodiment.

Referring to FIG. 3, first, the operation processor 110 obtains first to n th serial numbers of first message data to n th message data (where n is a natural number of two or more) (S110).

The first serial number to the nth serial number are numbers assigned sequentially. For example, if the first serial number is "101", the second serial number is assigned sequentially in the form of "102".

As described above, the message data transmission device 310 transmits the first message data to the n-th message data to the subscriber 210. In more detail, the message data transmission device 310 encrypts the first message data to the n-th message data by using the encryption key included in the first key data to the encryption key included in the n-th key data, respectively. Transmit to 210. The first message data to the nth message data are generated by the issuer of the second multicast group 300. For example, when the message data transmitting apparatus 310 operates as the issuer of the second multicast group 300, the issuer of the second multicast group 300, that is, the message data transmitting apparatus 310 may perform the first message data to the first message. Each of the first serial number to the nth serial number may be assigned to the n message data. When the message data transmission device 310 assigns the first serial number to the nth serial number, the process S110 may include, for example, a process of obtaining the first serial number to the nth serial number from the message data transmission device 310. Can be. If the issuer of the second multicast group 300 is a different device than the message data transmission apparatus 310, the issuer of the second multicast group 300 may have a first serial number or a first serial number in the first message data to n-th message data. The nth serial number can be assigned respectively. When the issuer of the second multicast group 300 assigns the first serial number to the nth serial number, the process S110 obtains, for example, the first serial number to the nth serial number from the issuer of the second multicast group 300. Processing to obtain. Preferably, the message data transmission device 310 operates as the issuer of the second multicast group 300.

As described above, the same device may operate as the device 100 and the message data transmission apparatus 310. In that case, the process S110 includes processing of receiving the message data, dividing it into the first message data to the nth message data, and assigning the first serial number to the nth serial number to the first message data to the nth message data, respectively. You may.

In this way, the process S110 receives the first serial number to the nth serial number from the issuer of the message data transmission device 310 or the second multicast group 300 or converts the message data into the first message data to the nth message data. By dividing and assigning the first serial number to the nth serial number, respectively, the first serial number to the nth serial number can be obtained.

Referring back to FIG. 3, next, the arithmetic processing unit 110 generates i-th key data according to a key designation policy while sequentially increasing i from 1 to 1 by 1, whereby the first serial number to n th First key data to n-th key data corresponding to the serial number are generated (S120). However, the i-th key data includes at least an encryption key for encrypting the i-th message data selected from one or more keys. In addition, since the multicast group generally uses a symmetric key structure, the encryption key included in the i-th key data may be used by the subscriber 210 to decrypt the encrypted i-th message data.

4A to 4E are diagrams showing an exemplary configuration of the i-th key data.

For example, referring to FIG. 4A, the i-th key data includes key identification information, a start serial number, and a key. The key identification information is identification information of the key. The key identification information may be given, for example, "key # 1". The starting serial number indicates the serial number to which the key corresponding to "key # 1" is applied. For example, if the starting serial number is "101" and the serial number of the first message data is "101", it indicates that the key corresponding to "key # 1" is applied from the first message data. The encryption key is a key value corresponding to the key identification information. For example, if the key corresponding to "key # 1" is "0x12 0x23 0xfa ... 0xa0", the encryption key has a value of "0x12 0x23 0xfa ... 0xa0".

As such, the i-th key data includes an encryption key for encrypting the i-th message data corresponding to the i-th serial number. In the above example, an encryption key having key identification information "key # 1" and a key value "0x12 0x23 0xfa ... 0xa0" is used to encrypt the i-th message data.

For example, referring to FIG. 4B, the i-th key data includes key identification information, a start serial number, an encryption key, and an initial vector. The key identification information, starting serial number and encryption key are the same as in FIG. 4A described above. The initial vector is an initial value for encrypting data.

For example, referring to FIG. 4C, the i-th key data includes key identification information, a start serial number, an encryption key, a key change time serial number, and an additional key. The key identification information, starting serial number and encryption key are the same as in FIG. 4A described above. The key change time serial number indicates the serial number of the key change time when the additional key starts to be applied. For example, the i-th serial number is "102", the key identification information is "key # 1", the start serial number is "101", the encryption key is "0x12 0x23 0xfa ... 0xa0", and the key change time serial number is "104", and the additional key is "0x42 0xa3 0xab ... 0x35", the key identification information is "key # 1" and the key value is "0x12 0x23" in order to encrypt the i-th message data corresponding to the i-th serial number. 0xfa ... 0xa0 "indicates that an encryption key is used, and from serial number" 104 "an additional key, i.e., a key whose value is" 0x42 0xa3 0xab ... 0x35 ", is used. Although not shown in FIG. 4C, the i-th key data may further include identification information of the additional key. For example, it may further include "key # 2" which is identification information of the additional key.

As such, the i-th key data may include an encryption key corresponding to the i-th serial number, key change information for obtaining the k-th serial number (where k is a natural number greater than i) and a key corresponding to the k-th serial number. have. The key change information for obtaining the k-th serial number is, for example, the above-described key change time serial number. The key corresponding to the kth serial number is, for example, the additional key described above. Meanwhile, the key change information for acquiring the k-th serial number may include, for example, a difference value from the i-th serial number. For example, in the example with reference to FIG. 4C described above, the i-th key data may include key identification information, start serial number, encryption key, serial number difference value, and additional key. For example, in the example with reference to FIG. 4C described above, since the i-th serial number is illustrated as "102" and the key change time serial number is "104", the serial number difference value may be designated as "2".

The reason why the i-th key data further includes additional keys is for smooth operation of the subscriber 210. That is, the subscriber 210 may obtain a key corresponding to the k th serial number, that is, an additional key, before the encrypted k th message data is processed, for example.

For example, referring to FIG. 4D, the i th key data includes key identification information, a start serial number, an encryption key, and an i th return address extraction information. The key identification information, starting serial number and encryption key are the same as in FIG. 4A described above. The i th return address extraction information is information for extracting a return address and an authentication key included in the i th message data. The i-th return address extraction information may include, for example, information such as a start position and length of the return address and a start position and length of the authentication key in the i-th message data.

4E exemplarily illustrates a relationship between i-th return address extraction information and i-th message data included in i-th key data. Referring to FIG. 4E, as the i th return address extraction information, a start position of a return address, a length of a return address, a start position of an authentication key, and a length of an authentication key are illustrated. However, particularly if the return address and the authentication key are continuously recorded in the i-th message data, the i-th return address extraction information may include only the start position of the return address, the length of the return address, and the length of the authentication key.

The return address may be the network address of the computing device 400 shown in FIG. 2A or 2B. The computing device 400 stores the authentication key in advance.

The authentication key is, for example, a key used for authentication and encryption between the computing device 400 and the subscriber 210. For example, the message transmission device 310 may receive the return address and the authentication key from the computing device 400, and then insert the return address and the authentication key into the i-th message data. For example, the device 100 receives information such as a location and a length of inserting a return address and an authentication key into the i-th message data from the message transmission device 310 to generate the i-th return address extraction information, and then the i-th return address. Extraction information may be inserted into the i-th key data.

Upon receiving the return address and the authentication key, the subscriber 210 accesses the computing device 400 using the return address and authenticates with the computing device 400 using the authentication key. Once the authentication of the computing device 400 and the subscriber 210 is successful, the computing device 400 and the subscriber 210 transmit and receive encrypted data encrypted using, for example, an authentication key, and the encrypted data using the authentication key. Can be decrypted

Although the i th key data has been exemplarily described with reference to FIGS. 4A to 4E, the i th key data is not limited thereto. For example, the i-th key data may be constructed by combining the examples disclosed in FIGS. 4A to 4E, and may further include other information. For example, the i-th key data may include key identification information, a start serial number, an encryption key, an initial vector, a key change time serial number, an additional key, and an i-th return address extraction information. In addition, the i th return address extraction information may be configured in another form.

In addition, the key data may be set differently according to the serial number. For example, the first key data included in the first key packet includes key identification information, a starting serial number and an encryption key, and the second key data included in the second key packet includes key identification information, a starting serial number, an encryption key, The key change time point serial number and the additional key may be included, and the third key data included in the third key packet may include key identification information, a start serial number, an encryption key, and third return address extraction information.

The operation processor 110 may obtain one or more keys by the following process.

FIG. 5 is a diagram exemplarily illustrating a process of an operation processor obtaining one or more keys in the device according to the first embodiment.

As described above, the device 100 may further include a key generator 130. The operation processor 110 may obtain one or more keys through the key generator 130.

First, the operation processing unit 110 transmits a key generation request to the key generation unit 130 (S210). The key generation unit 130 generates one or more keys according to the key generation request (S220), and transmits the generated one or more keys to the operation processing unit 110 (S230). Accordingly, the calculation processing unit 110 may obtain one or more keys through the processing S210 to the processing S230.

FIG. 6 is a diagram exemplarily illustrating a process of an operation processor obtaining one or more keys in the device according to the first embodiment.

As described above, the device 100 may further include a key storage unit 150. The operation processor 110 may obtain one or more keys through the key storage 150.

First, the key storage unit 150 stores one or more keys in advance (S260). The operation processing unit 110 transmits a key read request to the key storage unit 150 (S270). The key storage unit 150 transmits one or more keys to the operation processing unit 110 according to the key read request (S280). Accordingly, the calculation processing unit 110 may obtain one or more keys through the processing S260 through the processing S280.

5 to 6 have described the processing of the operation processing unit 110 to obtain one or more keys, but the processing of the operation processing unit 110 to acquire the group key is the same.

That is, the operation processing unit 110 transmits a group key generation request to the key generation unit 130. The key generation unit 130 generates a group key according to the group key generation request and transmits the generated group key to the operation processing unit 110. Accordingly, the operation processor 110 may obtain a group key. The group key is shared with the subscriber 210. Accordingly, the subscriber 210 may decrypt the first to n-th key data encrypted using the group key using the group key.

Alternatively, the key storage unit 150 stores the group key in advance. The operation processing unit 110 transmits a group key reading request to the key storage unit 150. The key storage unit 150 transmits the group key to the operation processing unit 110 in response to the group key reading request. Accordingly, the operation processor 110 may obtain a group key. The group key is shared with the subscriber 210. Accordingly, the subscriber 210 may decrypt the first to n-th key data encrypted using the group key using the group key.

As described above, the i-th key data is generated according to the key designation policy. The key designation policy may be set based on schedule information including at least one of a key change cycle, a key change notice, and a schedule maximum repetition number.

The key change period represents the maximum value that can use the same key consecutively. That is, for example, if the key change period is 3, "key # 1" can be used only up to three times in succession. The key change notice indicates when to change the key in advance. If the key change notice is "1", for example, to change the key from "key # 1" to "key # 2", it should be informed that the key is changed one time before the change. The schedule maximum repetition number indicates a maximum number of times that schedule information can be repeatedly used. For example, if the schedule maximum repetition number is 2 for the schedule information "# 1", the schedule information "# 1" may be repeatedly used up to 2 times.

FIG. 7 is a diagram exemplarily illustrating a key designation policy and i-th key data generated according to the device according to the first embodiment.

According to the key designation policy shown in FIG. 7 and one or more keys, i-th key data is generated.

Specifically, the first key data to the third key data are generated according to the schedule information "# 1". The encryption keys of the first key data to the third key data are designated, for example, "0x12 0x23 0xfa ... 0xa0" corresponding to the key identification information "key # 1". The starting serial number of the first key data to the third key data is "101". Since the key change cycle of the schedule information "# 1" is 3, the encryption key is changed from the fourth key data. Since the key change notice of the schedule information "# 1" is "1", the third key data further includes a key change time serial number "104" and an additional key "0x42 0xa3 0xab ... 0x35".

Since the schedule maximum number of repetitions of the schedule information "# 1" is 2, the schedule information "# 1" may be repeated once more. The fourth to sixth key data are generated according to the schedule information "# 1". The encryption keys of the fourth to sixth key data are designated, for example, "0x42 0xa3 0xab ... 0x35" corresponding to the key identification information "key # 2". The starting serial number of the fourth to sixth key data is "104". Since the key change cycle of the schedule information "# 1" is 3, the encryption key is changed from the seventh key data. Since the key change notice of the schedule information "# 1" is "1", the sixth key data further includes a key change time serial number "107" and an additional key "0x89 0x23 0xfd ... 0x8d".

Although the schedule maximum number of repetitions of the schedule information "# 1" is 2, the schedule information "# 2" may be used from the seventh key data. The seventh to eighth key data are generated according to the schedule information "# 2". The encryption key of the seventh to eighth key data is designated, for example, "0x89 0x23 0xfd ... 0x8d" corresponding to the key identification information "key # 3". The starting serial number of the seventh to eighth key data is "107". Since the key change cycle of the schedule information "# 2" is 2, the encryption key is changed from the ninth key data. Since the key change notice of the schedule information "# 2" is "1", the eighth key data further includes a key change time sequence number "109" and an additional key "0xa3 0x2d 0x36 ... 0xf3".

The i-th key data is generated according to the key designation policy according to the above-described method, and the operation processing unit 110 generates the first to n-th key data.

Referring back to FIG. 3, next, the operation processor 110 generates an i-th key packet including the i-th serial number and the i-th encryption key data while sequentially increasing i from 1 to 1 by 1. In operation S130, the first to n th key packets are generated. However, the i-th encryption key data is generated by encrypting the i-th key data using the group key.

For example, the operation processor 110 may directly generate the i-th encryption key data by encrypting the i-th key data using the group key.

However, as described above, the encryption unit 170 is implemented using a highly secure security module. Accordingly, the calculation processing unit 110 may obtain the i-th encryption key data using the encryption unit 170.

8 is a diagram exemplarily illustrating a process of encrypting i-th key data using a group key in the device according to the first embodiment.

Referring to FIG. 8, the operation processor 110 transmits the i-th key data to the encryption unit 170 (S310). The encryption unit 170 encrypts the i-th key data using the group key to generate the i-th encryption key data (S320). The encryption unit 170 may use, for example, a group key stored in the key storage unit 150. Next, the encryption unit 170 transmits the i-th encryption key data to the operation processing unit 110 (S330).

As such, the operation processor 110 may obtain the i-th encryption key data through the processes S310 to S330.

The operation processing unit 110 generates the first key packet to the n-th key packet by generating an i-th key packet including the i-th serial number and the i-th encryption key data obtained through the operations S310 to S330. .

Referring back to FIG. 3, next, the operation processor 110 transmits the first to n-th key packets to the subscriber 210 through the multicast group 200 (S140).

Meanwhile, as described above, the message data transmitting apparatus 310 encrypts the first message data to the n-th message data using the encryption key included in the first key data to the encryption key included in the n-th key data, respectively. Send to subscriber 210.

FIG. 9 is a diagram illustrating an example of a process in which a message data transmission device encrypts first message data to n-th message data and transmits the same to a subscriber in the device according to the first embodiment.

The calculation processing unit 110 transmits the first key data to the n-th key data to the message data transmission device 310 (S350). The message data transmitting device 310 encrypts the first message data to the n-th message data by using the encryption key included in the first key data or the encryption key included in the n-th key data, respectively. n Generate encrypted message data (S360). Next, the message data transmitting apparatus 310 generates the first data packet including the first serial number and the first encrypted message data to the n th data packet including the n th serial number and the n th encrypted message data ( S370). Next, the message data transmission device 310 transmits the first data packet to the n-th data packet to the subscriber 210 (S380).

The subscriber 210 receives the first key packet to the nth key packet transmitted by the operation processing unit 110 through the process S140, and decrypts it using the group key. In other words, the subscriber 210 may obtain first to n-th key data. In addition, the subscriber 210 receives the first data packet to the n th data packet transmitted by the message data transmission device 310 through the process S380. The subscriber 210 may decrypt the first encrypted message data to the nth encrypted message data included in the first data packet to the nth data packet by using the first key data to the nth key data. Thus, the subscriber can obtain the first message data to the n-th message data.

Meanwhile, as described above, the same device may operate as the device 100 and the message data transmission device 310. That is, the process S110 may further include a process of receiving the message data, dividing it into first message data to n-th message data, and assigning first serial numbers to n-th serial numbers to the first message data to n-th message data, respectively. It may be.

FIG. 10 is a diagram exemplarily illustrating a process of encrypting first message data and n-th message data and transmitting the same to a subscriber in the device according to the first embodiment.

The operation processing unit 110 generates the first to nth data packets by generating the i th data packet including the i th serial number and the i th encrypted message data while increasing i from 1 to n. (S410). However, the i th encrypted message data is generated by encrypting the i th message data using an encryption key included in the i th key data. Next, the operation processor 110 transmits the first data packet to the n-th data packet to the subscriber 210 through the second multicast group 300 different from the multicast group 200 (S420).

The subscriber 210 may acquire the first message data to the nth message data by using the aforementioned scheme.

For example, the operation processor 110 may directly generate the i th encrypted message data by encrypting the i th message data using an encryption key included in the i th key data.

However, as described above, the encryption unit 170 is implemented using a highly secure security module. Therefore, the operation processor 110 may obtain the i-th encrypted message data using the encryption unit 170.

FIG. 11 exemplarily shows a process of encrypting i-th message data using an encryption key in the device according to the first embodiment.

The operation processor 110 transmits identification information of the encryption key included in the i-th message data and the i-th key data to the encryption unit 170 (S450). The encryption unit 170 encrypts the i-th message data using the encryption key included in the i-th key data to generate the i-th encrypted message data (S460). For example, the encryption unit 170 may obtain an encryption key from one or more keys stored in the key storage unit 150 using the identification information of the encryption key and perform encryption. Alternatively, the operation processor 110 may transmit the encryption key included in the i-th message data and the i-th key data to the encryption unit 170. Next, the encryption unit 170 transmits the i-th encrypted message data to the operation processing unit 110 (S470). As such, the operation processor 110 may obtain the i-th encrypted message data through the processes S450 to S470.

According to the first embodiment described above, the security of the multicast group can be enhanced. Malicious devices that do not belong to the multicast group must know the group key and key assignment policy. However, the group key is stored using a very secure security module, and the encryption key data contained in the key packet cannot be interpreted without knowing the key designation policy. Therefore, it is practically impossible for a malicious device to decrypt the message data.

Also according to the first embodiment, the device provides return address extraction information for extracting the return address and the authentication key included in the message data. The subscriber may connect with the computing device using the return address and the authentication key and perform authentication with the computing device. Thus, security between subscribers and computing devices can be enhanced.

Second Embodiment

12 is a diagram illustrating an exemplary configuration of a device for transmitting key data to subscribers in a multicast group according to the second embodiment disclosed herein.

Referring to FIG. 12, the device 100 ′ according to the second embodiment includes an operation processor 110 ′. The detailed configuration of the calculation processing unit 110 'will be described later.

In addition, the device 100 ′ may further include at least one of a key generation unit 130, a key storage unit 150, and an encryption unit 170. The key generation unit 130, the key storage unit 150, and the encryption unit 170 according to the second exemplary embodiment may include the key generation unit 130, the key storage unit 150, and the encryption unit 170 according to the first embodiment. Are substantially the same, so detailed description is omitted.

FIG. 13 is a diagram illustrating an exemplary configuration of a multicast group in the device according to the second embodiment disclosed herein.

Referring to FIG. 13, the multicast group 200 ′ according to the second embodiment includes a device 100 ′ and one or more subscribers 210. The multicast group 200 ′ is, for example, a multicast group for delivering the first unified data packet to the n-th unified data packet, which will be described later, and the device 100 ′ is an i-th unified data packet, that is, the first unified data packet. Send the packet to n-th aggregated data packet to one or more subscribers 210. However, n is a natural number of 2 or more, and i is between 1 and n.

Referring to FIG. 13, one or more subscribers 210 may be connected to the computing device 400.

Hereinafter, the processing performed by the calculation processing unit 110 'will be described in detail.

14 is a diagram exemplarily illustrating a process performed by the arithmetic processing unit of the device according to the second embodiment.

Referring to FIG. 14, first, the operation processor 110 ′ obtains message data and divides the message data into first message data through n-th message data, and first serial number through n-th message data. Each serial number is assigned (S510). Device 100 'may act as the issuer of multicast group 200'. Thus, message data can be obtained. Alternatively, when there is a separate issuer of the multicast group 200 ', the device 100' may obtain message data from the issuer of the multicast group 200 '. The operation processing unit 110 ′ divides the message data into the first message data and the n-th message data, and assigns the first serial number to the n-th serial number, respectively. The first message data to the n-th message data and the first serial number to the n-th serial number according to the second embodiment may include the first message data to the n-th message data and the first serial number to the n-th serial number of the first embodiment. Since it is substantially the same, detailed description is abbreviate | omitted.

Referring back to FIG. 14, next, the arithmetic processing unit 110 ′ generates the i th key data according to a key designation policy while increasing i from 1 to n, thereby assigning the first to n th serial numbers. Corresponding first key data to n-th key data are generated (S520). The i-th key data includes at least an encryption key for encrypting the i-th message data selected from one or more keys.

Since the key designation policy and the i-th key data according to the second embodiment are substantially the same as the key designation policy and the i-th key data according to the first embodiment, detailed description thereof will be omitted.

FIG. 15 is a diagram exemplarily illustrating a process of an operation processor acquiring one or more keys in the device according to the second embodiment.

The operation processing unit 110 ′ transmits the key generation request to the key generation unit 130 (S210 ′). The key generation unit 130 generates one or more keys according to the key generation request (S220 '), and transmits the generated one or more keys to the operation processing unit 110' (S230 '). Accordingly, the calculation processing unit 110 ′ may acquire one or more keys through the processing S210 ′ to the processing S230 ′. The processes S210 'to S230' are substantially the same as the processes S210 to S230 of the first embodiment, and thus detailed description thereof is omitted.

FIG. 16 exemplarily illustrates a process of an operation processor acquiring one or more keys in the device according to the second embodiment.

First, the key storage unit 150 stores one or more keys in advance (S260 '). The operation processing unit 110 ′ transmits the key read request to the key storage unit 150 (S270 ′). The key storage unit 150 transmits one or more keys to the operation processing unit 110 'in response to the key reading request (S280'). Accordingly, the calculation processing unit 110 ′ may acquire one or more keys through the processing S260 ′ through the processing S280 ′. The processes S260 'to S280' are substantially the same as the processes S260 to S280 of the first embodiment, and thus detailed description thereof will be omitted.

The operation processor 110 ′ may perform a process of obtaining a group key. Since the processing of the operation processing unit 110 'obtaining the group key is substantially the same as the processing of the operation processing unit 110 obtaining the group key in the first embodiment, detailed description thereof will be omitted.

Referring back to FIG. 14, next, the arithmetic processing unit 110 ′ increases the i th integrated data packet including the i th serial number, the i th encryption key data, and the i th encrypted message data while increasing i from 1 to n. By generating, the first integrated data packet to the n-th integrated data packet are generated (S530). The i th encryption key data is generated by encrypting the i th key data using the group key, and the i th encrypted message data is used to encrypt the i th message data using the encryption key included in the i th key data. Is generated by

17 is a diagram illustrating an exemplary configuration of an i-th integrated data packet according to the second embodiment.

Referring to FIG. 17, an i th integrated data packet includes an i th serial number, an i th encryption key data, and an i th encrypted message data.

Since the i th serial number and the i th encryption key data according to the second embodiment are substantially the same as the i th serial number and the i th encryption key data according to the first embodiment, detailed description thereof will be omitted. Since the i-th encrypted message data according to the second embodiment is substantially the same as the configuration of the i-th encrypted data according to the first embodiment, detailed description thereof will be omitted. However, the i-th encrypted message data according to the second embodiment may further include an i-th serial number encrypted using the group key.

The operation processor 110 ′ directly generates the i-th encryption key data by encrypting the i-th key data using the group key, or directly encrypts the i-th message data by using the encryption key included in the i-th key data. i Can generate encrypted message data. However, similar to the above-described first embodiment, the operation processing unit 110 ′ may obtain the i-th encryption key data or the i-th encryption message data using the encryption unit 170.

18 is a diagram exemplarily illustrating a process of encrypting i-th key data using a group key in the device according to the second embodiment.

The operation processor 110 ′ transmits the i-th key data to the encryption unit 170 (S310 ′). The encryption unit 170 encrypts the i-th key data using the group key to generate the i-th encryption key data (S320 '). The encryption unit 170 may use, for example, a group key stored in the key storage unit 150. Next, the encryption unit 170 transmits the i-th encryption key data to the calculation processing unit 110 '(S330'). As such, the operation processor 110 ′ may obtain the i th encryption key data through the processes S310 ′ to S330 ′. The processing S310 'to the processing S330' are substantially the same as the processing S310 to the processing S330 of the first embodiment, and thus detailed description thereof will be omitted.

19 is a diagram exemplarily illustrating a process of encrypting i-th message data using an encryption key in the device according to the second embodiment.

The calculation processing unit 110 ′ transmits identification information of the encryption key included in the i-th message data and the i-th key data to the encryption unit 170 (S450 ′). Alternatively, the operation processor 110 ′ may transmit the encryption key included in the i-th message data and the i-th key data to the encryption unit 170. The encryption unit 170 encrypts the i-th message data by using an encryption key included in the i-th key data to generate the i-th encrypted message data (S460 '). Next, the encryption unit 170 transmits the i-th encrypted message data to the calculation processing unit 110 '(S470'). As such, the operation processor 110 ′ may obtain the i th encrypted message data through the processes S450 ′ to S470 ′. The processes S450 'to S470' are substantially the same as the processes S450 to S470 of the first embodiment, and thus detailed description thereof is omitted.

Referring back to FIG. 14, next, the operation processor 110 ′ transmits the first aggregated data packet to the nth aggregated data packet to the subscriber 210 through the multicast group 200 ′ (S540).

The subscriber 210 receives the i-th integrated data packet transmitted by the operation processor 110 ′ through process S540, and decrypts the i-th encryption key data using the group key to obtain i-th key data. Subscriber 210 is. The i-th message data is obtained by decrypting the i-th encrypted message data using the encryption key included in the i-th key data. Accordingly, the subscriber 210 may obtain first message data to n-th message data.

According to the second embodiment described above, the security of the multicast group can be enhanced. Malicious devices that do not belong to the multicast group must know the group key and key assignment policy. However, the group key is stored using a very secure security module, and the encryption key data contained in the key packet cannot be interpreted without knowing the key designation policy. Therefore, it is practically impossible for a malicious device to decrypt the message data.

Also according to the second embodiment, the device provides return address extraction information for extracting the return address and the authentication key included in the message data. The subscriber may connect with the computing device using the return address and the authentication key and perform authentication with the computing device. Thus, security between subscribers and computing devices can be enhanced.

Also according to the second embodiment, the key data and the message data are transmitted to the subscriber in an integrated form. Thus, the subscriber can obtain key data for decrypting the encrypted message data together with the encrypted message data.

<Other Embodiments>

Although embodiments of the technology disclosed herein have been described in detail, these are merely illustrative of the technology disclosed herein, and those skilled in the art to which the technology disclosed herein belongs will have the essential characteristics of the technology disclosed herein. Various modifications may be made without departing from the scope of the invention.

For example, in the first embodiment, the first to n-th key packets are delivered to the operation processing unit 110 through the multicast group 200. However, that is, the first key packet to the nth key packet may be transmitted through unicast. That is, the i-th key packet may be transmitted through the unicast communication between the device 100 and the subscriber 210.

Also in the first embodiment, the i th key packet and the i th data packet include an i th serial number. The i th serial number may also be encrypted using the group key.

In addition, the message data may further include a message authentication code (MAC).

Therefore, the embodiments described herein are not intended to limit the technology disclosed herein but to explain, and the spirit and scope of the technology according to the present disclosure are not limited by these embodiments. The scope of the technology disclosed herein should be construed by the claims below, and any technology within equivalent scope will be construed as being included in the scope of the technology disclosed herein.

According to the technology disclosed herein, multicast after first key data to n-th key data used for encrypting the first to n-th message data (where n is a natural number of two or more) using a group key. By sending to subscribers in the group, the security of the multicast group can be enhanced. In addition, by including the return address extraction information in the key data, the subscriber of the multicast group acquires and obtains a corresponding return address and authentication key from the first message data to the n-th message data using the return address extraction information. One return address and authentication key may be used to connect with the computing device.

100: device 110: arithmetic processing unit
130: key generation unit 150: key storage unit
200: first multicast group 210: subscriber
300: second multicast group 310: message data transmission device
400: computing device

Claims (18)

A device for transmitting key data to subscribers in a multicast group.
(a) processing to obtain first to nth serial numbers of the first to nth message data (where n is a natural number of two or more); (b) generating i-th key data, wherein the i-th key data includes at least an encryption key for encrypting the i-th message data selected from one or more keys, increasing i from 1 to n; Processing to generate first key data to n-th key data corresponding to the first serial number to the n-th serial number; (c) increasing the i th serial number and the i th encryption key data while increasing i from 1 to n, wherein the i th encryption key data is generated by encrypting the i th key data using a group key; Generating a first to n-th key packet by generating an i-th key packet; And (d) an arithmetic processor configured to transmit the first key packet to the nth key packet to the subscriber through the multicast group.
Device comprising a. The method of claim 1,
The processing (a) encrypts the first message data to the n-th message data by using the encryption key included in the first key data to the encryption key included in the n-th key data, respectively, to generate the subscriber. Processing for obtaining the first serial number to the n th serial number from a message data transmission device for transmitting to
And said computing unit further performs (e) a process of transmitting said first key data to said nth key data to a predetermined message data transmission device. The method of claim 1,
The processing (a) receives the message data, divides it into the first message data to the nth message data, and divides the first serial number to the nth serial number into the first message data to the nth message data. It includes the process of giving each,
The operation processing unit may include (i) increasing the i th serial number and the i th encrypted message data while increasing i from 1 to n (wherein the i th encrypted message data includes the i th message data included in the i th key data). Generating the first to nth data packets by generating an i-th data packet comprising an i-th data packet comprising an encryption key); And (g) sending the first data packet to the nth data packet to the subscriber via a second multicast group different from the multicast group. The method of claim 1,
Further comprising a key generation unit for generating at least one of the one or more keys and the group key,
And the operation processing unit further performs (h) a process of obtaining at least one of the one or more keys and the group key generated by the key generation unit from the key generation unit. The method of claim 1,
Further comprising a key storage unit for storing at least one of the at least one key and the group key,
And the calculation processing unit further performs (i) a process of obtaining at least one of the one or more keys and the group key stored in the key storage unit from the key storage unit. The method of claim 1,
Further comprising an encryption unit for encrypting the first key data to the n-th key data using the group key,
And said processing (c) further comprises: transmitting said i-th key data to said encryption unit and receiving said i-th encryption key data from said encryption unit. The method of claim 3,
Further comprising an encryption unit for encrypting the first message data to the n-th message data using the one or more keys,
The processing (f) further includes a process of transmitting identification information of the encryption key included in the i-th message data and the i-th key data to the encryption unit and receiving the i-th encrypted message data from the encryption unit. Device comprising. The method of claim 1,
And the i-th key data further comprises additional information for extracting a k-th serial number (where k is a natural number greater than i) and a key corresponding to the k-th serial number among the one or more keys. The method of claim 1,
And the i-th key data further includes i-th return address extraction information for extracting a return address and an authentication key included in the i-th message data. The method of claim 1,
The key assignment policy is set based on schedule information including at least one of a key change period, a key change notice, and a schedule maximum repetition number. A device for transmitting key data to subscribers in a multicast group.
(a) processing of acquiring and dividing the message data into first message data and n-th message data, and assigning first serial numbers to n-th serial numbers to the first message data and n-th message data, respectively; (b) generating i-th key data, wherein the i-th key data includes at least an encryption key for encrypting the i-th message data selected from one or more keys, increasing i from 1 to n; Processing to generate first key data to n-th key data corresponding to the first serial number to the n-th serial number; (c) the i th serial number, the i th encryption key data (wherein the i th encryption key data is generated by encrypting the i th key data using a group key) and the i th encryption while increasing i from 1 to n; By generating an i-th integrated data packet comprising message data, wherein the i-th encrypted message data is generated by encrypting the i-th message data using the encryption key included in the i-th key data; A process of generating a first integrated data packet to an nth integrated data packet; And (d) an arithmetic processor configured to transmit the first aggregated data packet to the nth integrated data packet to the subscriber through the multicast group.
Device comprising a. The method of claim 11,
Further comprising a key generation unit for generating at least one of the one or more keys and the group key,
And the calculation processing unit further performs (e) a process of obtaining at least one of the one or more keys and the group key generated by the key generation unit from the key generation unit. The method of claim 11,
Further comprising a key storage unit for storing at least one of the at least one key and the group key,
And the calculation processing unit performs (f) a process of obtaining at least one of the one or more keys and the group key stored in the key storage unit from the key storage unit. The method of claim 11,
Further comprising an encryption unit for encrypting the first key data to the n-th key data using the group key,
And said processing (c) further comprises: transmitting said i-th key data to said encryption unit and receiving said i-th encryption key data from said encryption unit. The method of claim 11,
Further comprising an encryption unit for encrypting the first message data to the n-th message data using the one or more keys,
The processing (c) further includes a process of transmitting identification information of the i-th message data and the encryption key included in the i-th key data to the encryption unit and receiving the i-th encrypted message data from the encryption unit. Device comprising. The method of claim 11,
And the i-th key data further comprises additional information for extracting a k-th serial number (where k is a natural number greater than i) and a key corresponding to the k-th serial number among the one or more keys. The method of claim 11,
The i-th message data further includes a return address return address and an authentication key corresponding to a predetermined computing device.
And the i-th key data further includes i-th return address extraction information for extracting the return address and the authentication key. The method of claim 11,
The key assignment policy is set based on schedule information including at least one of a key change period, a key change notice, and a schedule maximum repetition number.

Images