TW200901721A - Secure videoconferencing system and method thereof - Google Patents

Abstract

A secure videoconferencing system and method thereof are disclosed to provide the related security mechanism and module and to enhance the security of the videoconferencing system, so as to achieve the goal of tremendous security, that is, to provide higher security and better affinity. The present invention is for the system administrator to provide the user for opening, canceling and issuing Java-based Card, thus the system administrator can create a certificate authority (CA). For the users, the system is for the primary user to open or close the session, create the session list and cancel the illicit user. The system provides the self-designed public-key mechanism to assure the session confidentiality and uses the self-designed two-party password identity-based authentication mechanism to confirm a user's legitimacy.

Description

200901721 IX. Description of the Invention: [Technical Field] The present invention provides a video conferencing system and method, and a security video conferencing system with more security and affinity, and a key agreement mechanism designed to ensure conference communication. 4. Confidentiality. [Prior Art] The information network has become an indispensable life in modern society. Near the car date mother! Di α α % % The technology of the Internet has been continuously broken, and the quality has been greatly improved. Π& The message that can't be done because of the bandwidth limitation can now be achieved, and the instant messaging software MSN Messenger ^ Yahoo Messenger ^ Skype # » Users can interact with others instantly & 1 listen to chat, voice conversation, and diversification. The videoconferencing system integrates computers, network communications, and software and hardware. "There is also a new communication tool. & Instant, video, and text-oriented. ^__. ^ ^ ,, Bellow'匕Users who break the traditional communication network can be free from time and space constraints and face the Internet. The application of such systems is widely used in enterprise video conferencing, distance learning, system design, virtual community protection and other applications. However, with the embarrassment of cybercrime, the security issue of the videoconferencing system has been paid attention to. Insufficient security of the system may face the following problems: 1. Fake w. • People who are willing to impersonate others to falsify information, and provide a fine-grained multimedia network with personal network, for example: Let the network Various types of transmissions, such as communication chat, etc., allow the network to enter, for example: , the home photo will be faced with the system, will make the system, re-deliver 5 200901721 or tamper with the transmitted message, so that the correctness. The user of the law can't distinguish the source of the data. 2 *Eavesdropping: The person who steals the heart on the Internet, so that the content is exposed, the video, the text is engraved with the process: 2 Some are personal privacy data, transmitted on the network Cheng Zhong 4 to the people who are interested in stealing the spread. ...there will be the following shortcomings in the system: • The private can be known by the server. Private key. 1 In the brain, there is a private key on the right, which may be stolen by the Trojan horse. 3. Use point-to-point paint # |& , "Golden loser" is not a multi-person to jointly establish a key, & ID, p4. Server (Serve〇 knows that all users' secret information (such as data. rd) is stolen by someone who is interested in it, and can impersonate others to transmit. 5. Additional encryption software is required. 1. For the above-mentioned conventional knowledge, structure The problem lies in how to develop 3 innovative structures that are more ideal and practical. The consumers are eagerly awaiting, and the relevant industry players must work hard to develop breakthrough goals and directions. In view of this, the invention has been based on many years. Engaged in the manufacturing development and design experience of related products, focusing on the results of +, + α μ, detailed design and prudent evaluation, and finally obtained the practical invention. [Disclosed] Technical problem to be solved Point: With the cybercrime hunting, video conferencing 6 200901721 The security system faced by the system, 14 蟮 0 self, A e Wen Wang 嘁 嘁, more and more attention. System security is insufficient to make users may I will face the following problems: counterfeiting, eavesdropping, and privacy. I am for the purpose of impersonating someone to falsify information, copy, resend, or peek at the transmission [from the value of your value, making it impossible for legitimate users to distinguish the source of the data. Eavesdropping In the process of transmission on the Internet, audio and video, texts have been hacked by U people and 'allow content exposure. Privacy is some personal privacy information'. Technical Features for Solving the Problem · The present invention provides a security video conferencing system and method, which mainly proposes related security mechanisms and modules, and enhances the security of the video conferencing system to achieve a relatively good security (PGS, pretty Good Security). The goal is to have high security (G〇〇d Security) and Good Friendliness. This system provides system administrators with functions such as registering, deregistering, and issuing Java Carci for system administrators. The function of the authority (CA, Certificati〇n Authority). For the user, the system will be directed to the chairman The user 'provides basic functions such as opening and closing conferences, establishing conference lists, and dismissing misconduct participants. 'The system provides a self-designed key mechanism to ensure the confidentiality of conference messages and utilizes a self-designed passcode base. The two-way identification mechanism to confirm the legitimacy of the user's identity. In contrast to the effects of the prior art: a user at the stage of logging in to the system, simply fill in the personal passcode and insert the Java Card to verify the identity of the server After logging in to the system, each user can only know the conferences they have permission to participate in, and 7 200901721 = the encryption and decryption keys used by the conference will be different, even if a conference key 4 I is cracked, The previous meeting key will be revealed to ensure the confidentiality of each meeting. The conference keys used by different groups are also different, which ensures the confidentiality of > material and video. — When the user logs in to the system, he or she simply enters a custom pass. This system uses web·

Based on the interface, the computer has the function of connecting to the Internet and the basic environment. The system is connected to the system on the monthly b' to make instant audio and video transmission with other users. With regard to the technology, the means and the functions of the present invention, it is to be understood that the above-mentioned objects, structures and features of the present invention will be described in detail with reference to the drawings. . [Embodiment] The identification (HLC-Scheme) technique is a report published by the inventor in International Mathematical Journal 2006 (Accepted), which is a key. "Remote Mutual Authentication Scheme with Key Agreement using Smart Cards." Author: Chien-Lung Hsu, Hsiao-Chen Liu, Ming Mingci (Ming) -Tzu Chou). The Conference Key Agreement (HML-Scheme) technology is derived from one of the inventors and is referred to as the Working Paper, which is the Self-Certified Exchange and Conference Key Distribution System. Self-Certified Key Exchange 8 200901721 and Conference Key Distribution System, authored by: Chien-Lung Hsu, Lin Yanqing (Y.C_ Lin), Wu Zongcheng (tC Wu). The present invention provides a secure video conferencing system. Including: Identity identification method: The development of this network technology has enabled more and more users to use the Internet to transmit information, and even to complete the need for their own personal affairs: self-services such as payment, shopping, etc. Wait. Therefore, in order to protect the rights of each person and the privacy of information, it has become critical to identify the user's identity. Through the process of identity identification, it is possible to effectively distinguish between legitimate and illegal users' to prevent illegal intruders from jeopardizing the normal operation of the business. In an unsafe network, it is also an important issue to prevent others from intercepting and stealing communication materials to fake I users or obtain personal secret information and how to break the security of communication content. The method of identification dates back to 1981, when Lamport proposed using smart cards and passcodes in the channel of the Unstable, allowing users to log in remotely and confirm the legitimacy of their identity. Subsequently, many different remote authentication systems have been proposed [1, 3, 8], all aimed at improving system efficiency and safety. The methods proposed by many previous scholars often face parallel session attacks, replay attacks, reflection attacks, insider attacks, and offline dictionary attacks. , password guessing attack and forgery attack. In order to solve these problems, in addition to the following functions: 1. Improve performance: reduce the amount of transmission of messages transmitted on the network during the authentication process, and reduce the user and server operations in terms of calculations. cost. 2. Two-way authentication: Both the user and the server can verify the legitimacy. 3. Key Agreement: The secret communication that the user can use to establish a secure channel after each login and the shared key. 4. User intimacy: Users are free to choose to register with the server themselves. 5 · Simple passcode change mechanism: Users can change arbitrarily. 6. Multi-server authentication: Users can register with the server with a single passcode and log in to multiple hosts. 7. The gold record agreement between users: the server separately identifies the user after the identity is not separately and establishes a shared gold input for the user to make a secret. Therefore, we propose a smart card based The remote login system with two-way authentication enables the server to establish a shared key between the user and the server without requiring a code comparison table and achieving user intimacy and two-way clock. This stage. (a) System setting phase The system authority (SA) establishes system parameters, which are defined as follows: q A large prime number of each other's servos are established to perform future passcodes and more passcodes. Users recognize each other as a communication. The key agreement and the maintenance of the pass, can be divided into four public and secret 10 200901721 ° elliptic curve generation number, its rank is the private key of the prime number y sa, where the public key of reZg q β SA, which meets the household Μ·,·) After the one-way hash function χ(ρ) X the X-axis value, SA publishes {G, %A埘, and saves r as a private input. 0>) Registration phase: Suppose a new user π wants to register with the authentication server (see the first figure), then C/,. can transmit his identification code ZD through the way of Ansan~ywang. , and the selected passcode w, to the id (AS) (1 〇). When the server receives a {/D (., corpse] authentication server (AS) from the user, it will be calculated as (1 1 ) as follows: ’ !

Ai = h{IDi\\ x)®h(PWi) \ ) where X is the key owned by the authentication server AS. Then, As will store the information (cut, to the smart card (1 2), As will issue _ Zhang contains information {still, _, 4, ¥.), 1 still smart card to the user ^ / (13). (C) Login phase: When the registered user R wants to log in to the system (see the second figure) to get access rights, he will insert his smart card into the card reader and enter him. The identity code is still the same as the pass (2 0). ¢/, the smart card will use the stored winter and the passcode entered by the user to calculate the sum and c:: = (for ten Α (corpse <)). G (2) ο) where T is read The date and time of the card machine at the time. The smart card then sends the login message {/£>,, <:,,:: to the server AS ( 2 1 ). When registering and logging in to the server, members use the HLC-Scheme method to authenticate the identity and the Golden Wheel Agreement in both directions. 11 200901721 (d) Identification phase: After receiving the login message {/£>, C, r} from ί/, the authentication server AS will perform the following steps to check [/, login] Message, and establish a conversation key with the user t/. Step 1. Check the validity of the still. If it is invalid, A S will • reject the login request for t/.

• Step 2. Confirm the validity of the time interval between Γ and ,, where Γ' is the time at which the AS received the login message. If (Γ-Γ) 2ΔΓ , where ΔΓ is the effective time interval for the m delay, then the AS will reject the login request for ί/. Step 3. Calculate: B-= hilDiWx)^ (4) C-= wise) (5) and compare < is the same as the received c丨. If the two are equal, the server AS will accept the login request; otherwise, the AS will reject the login request. In order for % to believe the legitimacy of the AS identity, the AS will calculate: Dt = ||rlie;) (6) ( 2 2 ) where r' is the time stamp of the time. Then the AS sends back {Α,Γ"} to the user. After the user receives {Α,Π, the following steps are performed to check the legality of the AS: Step 1. Γ" is the timestamp of the received message, check A ^ (Tm-T")>AT » If If it is delayed, it will stop talking. Step 2. Calculate D*. = ^;lir||Q) (7) Then check if the same is received (2 3 ). If this condition is true, % will believe that AS is a legitimate authentication server, and 12 200901721 and continue the next communication. From the above, the AS and the user can prove the legality of the other party's identity, so that the purpose of the two-way authentication can be achieved. Next, μ and the user can calculate the communication key using the parameters r5, and c, I, which are known to both parties: (8) K = h{r\\Bi\\ci)

(2 4 ), ( 2 5 ) The subsequent communication messages can be encrypted with this key to achieve the purpose of secret communication. The communication includes video, message, voice text transmission or file transmission. When participating in the conference, the participants in the conference room will form a group, and use the HLM-scheme conference golden mechanism to carry out the gold transmission agreement and use it for data transmission encryption. When the participants in the group want to make a secret conversation between two people, the HLM-W Golden Bullet Switch system will be used to make the key agreement as data transmission encryption. Using Java Card can increase the security of login authentication, CM has the computing power, security, portability and convenience. The nature of the affinity is that the present invention allows the user to freely determine and change his pass code' so that the user's intimacy can be achieved. If a legitimate user wants to change his passcode—he can insert the smart card into the reader, 廿Βχ^θ and enter his sales passcode and the new passcode W. The Smart Card will perform the login and authentication phase to identify the old passcode-,. If the iron is proved to be correct, then the smart card will replace 4 (where (10) W) (10) ((4). After that, use 13 200901721% can use the new pass {every household registration system. See section As shown in the three figures, there is a web server (3) for registration/login/conference management, a member 1 (31), a member 2 (32), a member 3 (33), and a member. 4 (34), one member 5 (35), a new member (36), among which the new member (36) registers with the web server (3 0) via the Internet (3 6) (3 6 1) 'And member 1 (3 1 ) login authentication is authenticated by the server to the user's conference key (U2SKAS) (3 1 1 ), the member 3 (33), member 4 (34), member 5 (35) ) is a group (37), the member 3 (33) establishes a conference room (33), and the group (37) authenticates the user to authenticate the group to the user's conference key (U2GKAS), and Member 4 ( 3 4 ) and member 5 ( 3 5 ) whisper (3 8 ), and then use the user to authenticate the user's conference key (U2UKAS). The group key agreement, the present invention first proposes Using ecc and self-verification and other related mechanisms to propose a remote identity authentication and group key exchange mechanism for low-resource mobile devices, this mechanism will be applied to dynamic group systems, allowing users to dynamically join or leave. Therefore, it can be easily implemented in an "electronic video conferencing system." The method proposed by the present invention has the following features: (a) The functions of identity authentication, key exchange, and key confirmation can be simultaneously achieved; (b) use Self-verification mechanism, the purpose of identity authentication can be completed at the same time as the key exchange is performed. 'The procedure of public key verification is no longer needed; (c) Multiple body conversation keys with identification can be established; (d) The exchange agreement can be reached. Security objectives: implicit key authentication (14 200901721 implicit key authentication.) and explicit explicit key authentication, that is, the communicating individuals participating in the agreement can identify each other and confirm the conversation key. Known known key security and perfect forward security (peffeet forward secrecy) and can resist the loss of counterfeit attacks (key- Compromise impersonation and other security requirements. The proposed method is mainly based on Elliptive Curve discrete logarithm modulo a large composite (ECDLP) and one-way miscellaneous On the assumption of the OI1e-way hash function (OWHF), if the above assumption is true, the method of the present invention is safe. This issue: The use of the key agreement management (Trusted is responsible for establishing the identity of the identity-related information generated by the user, so that the use of the key agreement for communication, the group key exchange agreement can be divided into the registration phase, the group key agreement Phase and dynamic group gold phase. In this method, there is a trusted third party, Thud Party, TTP) 'We call system center (sa), sa and management system basic parameters, and assist users to calculate Key. During the user registration phase, the user presents his or her own information to the SA for registration. The SA sends a self-verified public ship and proof to the user's identity to calculate the belongs to the user. My own private key, and 2 private records to verify the validity of the public yoga; in the group chat P white & 'communication parties use the other party's public and their private record exchange to establish a shared conversation gold Key; in the group gold 15 200901721 key agreement management phase, when a member joins or leaves 'can easily change the group key to reach the conference key before the security (forward secrecy) and push security (baCkward secrecy). (a) User registration phase: User y. Perform the following steps to register with the SA: and obtain identity identification information (see the fourth figure): Step ^ A Select the identity ID ///), and select /, select In a random number, calculate the identity identification information R: ^ (9) (4 1 ) Subsequently, {/Aj} is transmitted to the SA to apply for registration (4 2 ). Step 2: When sA receives the registration application, select the random number A 4 4, calculate the identity identification information % of R and the self-verification public key h: . yt =Vi+(zj-h(IDi)-G (10) wi = Zi{yt) + K^i)) mod q (11) (4 3 ), then, transfer ., W,.} to t/,. ( 4 4 ). Step 3: After receiving {乃,·^.}, perform the following steps: Step 3 - 1 : Calculate the private; ^· X. = w. -h{kt || ID^moAq (12) Step 3 2: Verify that the public key is correct (4 5 ): Xi -G =yt + /?(/!),.)· G + (Χ(^.) + hilD^· β) (13) (b) Group Key agreement phase: In the method proposed by the present invention, each group key agreement agreement will be responsible for the generation and update of 16 200901721 and Yan Jinyu by a conference host. When multiple legitimate users of the system want to talk to the group, the host t/G will start the meeting, and then the individual who can participate in the meeting will be sent to the meeting (5 1 ) to other Individual (see the fifth figure). The detailed steps are as follows: Step 1 • After receiving the meeting notification from other individuals, if you want to join the meeting, perform the following steps to calculate the key agreement information T i to Uq. Step 1 -1 . t / , • Use a random number generator to generate a random random number ( 5 2 ) and calculate

Ti=ti, G (14) Step 2-2: Transfer (10), know 7;·} to % ( 5 3 ) Step 2 · When {;/);, brother, 7;.} is received, 'can be calculated Some of the groups talked to him about the information. To verify the identity of the individual ^, Step 2-1: Use a random number generator to generate a random random number ~ and calculate TQ=t0'° (15) Step 2-2. Calculate yourself and other communication entities " Some group chat key information 5 feet 〇,: SK〇i=T0 • yi+Ti-y〇=(^+i〇)-G + (i;.+x〇).(7 (16) Step 2 -3 : Verify the legality of f/,. by identity and *5 feet :: SKQilt0 -{(X(y0) + h(ID0)) + {X{yi) + h{IDi))-p) + xQ-Ti (17) (5 4 ) 'If the above formula is true', it means that the validity of the % 17 200901721 step can be correctly verified. After receiving all the key protocols (Udj., η} of 5) Group gold steps: : The group key GiC of the meeting is generated by partial group key information: Ten Di. 2 十煎 (4) v 3-2. Calculated group key information ^ d[10 53⁄4 Step 3' 3: Calculate the key verification value h for other communication individuals to verify the group key (5 6 ): a=/z(g/:||/z)〇) (2〇)v 3 3 .Transfer { /£). , outside, 7^, _^+, 2} to other communication individuals% (5 7). (18) (19) Step 4: When R receives {/A), the following steps are performed to generate the group key G ruler and verify the correctness of the G ruler. Step 4-1: Calculate the partial group chat key information $ especially. ^/0 = Ti+y〇+Ti+ y, =(xo+ti)-G + (t0 +xi)-G (21) Step 4-2: Validated by UD〇, _y〇, r〇} and 5Ά〇 Legitimacy of identity····························································· Properly verify the legality of ί/,·. Step 4-3: Calculate the group key: GK^K^SK^ (23) 200901721 Step 4-4: Verify the correctness of GK;.: XIKGK.WID,) (24) (5 9 ), if the above formula is established , which means the same conversation with the holder. (c) Dynamic Group Key Agreement Management: If there is a new legitimate user t/;. To join the meeting host (60), join the meeting to complete the group meeting. Key update (see Figure 6), and forward security (step secrecy): Step 1: User % uses random number generator to generate a random random number eZg ( 6 1 ), and calculate

Tj=tj-G (25) Step 2: % transfers {/^., heart:?}} to (6 2 ). Step 3: When t/〇 receives {//^, Qiao, 7}}, perform the following steps to verify the identity and calculate the new group key GiT: _ Step 3 -1 : Calculate the partial group with % Conversation key information ^〇j ~^〇' yj+^j = (Xy + ) · G + (tj + Xq ) · G (26) Step 3_2: by {/Z)y,;;y·,:^. } and 51 feet 〇 y verify t /; legality of identity: SK0J?t0-{(X(y0) + h(ID0)) + (X(yj) + h(IDJ))^) + x0-TJ ( 27) (6 3 ), if the above formula is true, it means that the legality of % can be correctly verified. Step 3-3: Use a random number generator to generate a random random number 并, and 19 (28) 200901721 Calculate the new group key Gjr: GK' = GK ® SKQj ® nk' Step 3 -4: Calculate the new one separately Group Key Information κ : (29) K\ =GKr@SK0i Step 3-5: Calculate the verification value i of the new group key for other communication individuals to verify the group key (6 4 ): r = h (GK'\\ID0) (30) Step 3-4: Transfer (6 5 1 ) to other communicating individuals (/, ( 6 5 ). Step 4: Steps for the newly added user to perform the group key agreement phase 4 ( 6 6 ) to calculate the group key and verify the correctness of the group key (6 5 2 ). Existing users can calculate the new group key by performing the following steps (6 7 ): (31 )

GK>K\®SKiQ (d) Dynamic Groups Agreement Management - Member Leave: If a user participating in the meeting ί// ( 7 0 ) leaves the meeting, perform the following steps to complete the group meeting key update (see Figure 7), and can achieve backward secrecy: Step 1. Conference host t/〇 (7 1 ) uses a chaotic generator to generate a random chaotic number e Z〆 and calculate a new group金录沈": GKn = GKf®SKQl®nk2 Step 2 · Calculate the new group key information K for ¢/, respectively;;=GK”®SKQi (33) 20 200901721 Step 3: Calculate the new group gold The key verification value A〃, for other communication individuals to verify the group key (72): λη = h(GK" IIID0) (3 4) Step 4: Transfer {/DQ, (〃,;r} to other Communication individual r ( 7 3 ). 'Step 5: Calculate the new group key by following the steps below (7 4 ) • ♦ GK [=K:®SKiQ (3 5) The invention can achieve a high degree of security ( Good Security), because the system combines two sets of key agreement mechanisms, it can achieve multiple information protection. The following lists the security that can be achieved in this system. (a) This system combines Java Card Security and Password dual login authentication mechanism. Users must register with CA (Certificate Authority) before using this system. After the user decides the password, CA will calculate the future login. The system needs to use the secret information, write it into the Java Card, and send the Java Card to the user. When the user logs in to the system, the Java Card obtained at the time of registration must be inserted into the card reader, and Enter the ID and password to achieve double authentication. The system uses the secret information read by the Java Card and the data obtained in the previous operation, and exchanges the operation result with the Server to identify the legal identity of the user. Server jointly calculates a Session Key for future exchange of secret messages. 21 200901721 (b) For the key exchange system, the system can achieve three different levels of the gold balance protocol mechanism. Three different participating roles in the system: Server (U2S: User t〇Server), User Group (U2G · User to Group), and individual The user (U2U: User to User) is the key agreement. When the user logs in, he uses the HLM-scheme conference key mechanism to calculate a conference key (U2s) together with the server for future secret broadcast. . When the conference is held, all the users participating in the conference are initiated by the conference chairperson to establish a group key (U2G) to achieve the purpose of the security video conference; in addition, the users participating in the conference will each other To secretly transmit messages (whispering), you can also use the group key exchange mechanism (2_user) to create a chat key (U2U). The keys calculated by the three key agreement mechanisms are different, so the user can exchange secret information with different levels of roles without the secret information content obtained by other level users. U) From the user's point of view, since the system can achieve the three different hierarchical key agreement mechanisms described above, the secret information can be exchanged for users of three different levels without being affected by different levels. When the user knows, the confidentiality of the data and audio and video of S, U2G and U2U is achieved. (d) This system allows the user to verify the authenticity of the meeting and chat. When the user uses the key for secret information exchange, the user can mutually verify the authenticity of the conference key without using the encryption transmitted by the attacker as a key to the information transmitted by the attacker. After the interception, the fake key is used to unlock the secret information. (e) The encryption mechanism of the system can ensure that even if one of the conference keys is cracked, the key cannot be used to calculate the conference key content used by the previously held conference. The confidentiality of the secret information of the meeting. (f) Although the user enters the conference to make the key agreement, the user will only be able to know the communication content of the conference that he or she has permission to participate in, and cannot obtain the conference information of different conferences. In contrast, the exchange of information conducted during this meeting will not be known to anyone outside the meeting participants. This system provides a high degree of user affinity (G〇〇d

Friendliness) allows users to feel the system is easy to operate and the interface is friendly when using the system. The characteristics of the system in terms of high user Friendliness are exemplified by the following points. (a) The authentication mechanism of this system is different from the general password authentication mechanism, and the algorithm is used to calculate the lengthy password to achieve security. In this system, the user can customize the password that is easy to remember, but also has the same level of security as the general password mechanism. (b) The authentication mechanism used by the system allows the user to directly connect to the server (Server) to make changes to the MME without changing the password on the card at the registered CA to increase the user's password change. Convenience C (C) The system uses the Web-Based as the operating platform of the system. When users use this system, they do not need to download any installation program of 2009 200901721. Just connect to the website and click on the meeting that they can participate in. After downloading the system automatically, the system does not need to be installed. The convenience of using this system. (d) The videoconferencing system can be used for the transfer and transmission of messages between users via the central server, while the video images are transmitted peer-to-peer between users: both of these functions enable the video system to have immediate messaging. ability. 〇) The system has the function of dynamically managing conferences. When the chairman of the conference enters the conference, the conference is opened. At the same time, the status of the users participating in the conference will be displayed as accessible, and the chairman may decide to end the conference. Timing 'When the chairman ends this meeting, the meeting is closed forever' to achieve the chairman's authority to control the opening and closing of the meeting. (f) The system can provide users with the freedom to choose whether to save the content of the meeting. When the user chooses to save the meeting content, the system will save the dialogue record in the user-defined folder and file as a save. And the minutes of the meeting. Referring to the first figure and the second figure, using the user to the service center to apply for the 8 main book members, input, password and other related information, the manager can let them register the new member and issue the secret information J αν a

Card; if the registered member has misconduct, the manager can also cancel the member's Java Card. After the user inserts the java card and enters the ID and password, the server can perform two-way identity authentication and generate the secret golden wheel of the conference. 24 200901721 After logging in, the user can be divided into opened and not opened & Meeting rooms that can be opened by η μ ^ ^ must wait for the chairman to open the meeting function. Opened Pei Pei | Room, you can click directly to enter the meeting (see the second picture of the participation will call to find permanent composition). Referring to the third figure, the participants in the private meeting (members 5 H can talk privately. The participants who can enter the meeting with another participant (member 4) can also choose the target, click (execute· Select to transfer the file. Select whether you want to transfer the file. The recipient chooses whether or not to agree to receive the case. 〃 Execute-transfer video: The participant in the conference can also. The sender selects the material object and chooses whether to agree to the video transmission. Subscriber-Transfer Video"; Receiver Change-Font Type: Participants can change the font type at any time during the conference. File-storage: When the conference is finished or finished, save 4^, and the participant can choose to save 4 records or not. Select the storage purpose, and select the slot to be in the specified location. "The record will be in plain text - leave: Participants can click "Fast fortunate; very + do not leave" to leave the meeting. The right chairman chooses to leave, then this The meeting is also forcibly closed. The special functions of the chairman are: , ~6th house = 3⁄4, point chairman - kicked out" 'The participant will be forced to leave the 4th meeting, and no longer choose "President · Kick: Chairman Choose special Participants in misconduct, point 'birth-kick-off., today's life-receiving%% soil I red-- enter the chairman-close the meeting room chairman-close the meeting room: the chairman can click Γ 25 200901721, forcibly close this At the second meeting, all participants will end the connection with this meeting and may not re-enter. Chairman-Starting Key Agreement: The chairman of the meeting can click on “Chairman_Start Key Agreement” to start the agreement meeting key of this meeting. Subsequent communication content, including video and text, will be encrypted with this conference key. New conferences. Users of this system can apply for new conference room to enter the conference name, conference deadline and chairman ID. Add a meeting, then fill in the participant's member number in the next page against the user name list, and after the member is determined, jump to the upper right hyperlink text to jump back to the meeting list screen. The foregoing is a better example of the present invention. 4 && 4 ι 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳 佳In principle, the invention is not limited to the changes and modifications, and the changes and modifications should be included in the scope of the following application τ f search target [simplified description] Schematic diagram of the user applying for registration to the authentication server. The second figure, the third figure, the fourth figure, the fifth figure, the sixth figure, the seventh picture, the login and authentication stage, the schematic diagram of the security video conferencing system, and the group key agreement system. Schematic diagram of user registration. The establishment of the group key system is a schematic diagram of the members of the group key agreement system. The diagram of the members leaving the group key agreement system. The main component symbol description 26 200901721 (1 0 ) The new user registers with the authentication server AS, transmits his identification code and the selected pass code (1 1 ). When the authentication server AS receives the {code from the user, the authentication feeder AS will Calculated as Ai = h{IDi II x)0h{PWt) (1 2 ) The authentication server AS stores {take, for, to the smart card (1 3) to issue a piece of information {still,, for, from cut, sentence Smart card to the user C/, 2 0) When the registered user π wants to log in to the system to gain access, he inserts his smart card into the card reader and enters his identity code along with the pass code ( 21) The smart card will use the stored 4 and the pass code entered by the user; to calculate β; and c, : β; = (4 ten; 罄) its towel τ is the date and time of the card reader at that time. . Then wise ' ': will send the login message wc, Γ} to the authentication server as (2 2) authentication server AS check 屯 confirmation (r ^ ^ KlDjWx) ^ calculation | | Γ " | | ς *) indeed (T - T) kAT calculation riiς) 2 4) 别 词 as as 计 交谈 交谈 交谈 交谈 〇 〇 〇 〇 〇 〇 〇 〇 〇 〇 〇 〇 〇 〇 〇 〇 〇 〇 〇 〇 〇 〇 〇 〇 〇 〇 〇 〇 网路 网路 网路 网路 成员 成员 成员U2SKAS) (33) member 3 (34) member 4 (36) new member (361) registration 25) user K - hour I 丨 3 3 2 3 5 member member 27 200901721 (3 7 ) group (3 8 ) Whisper

(4 1) User c/,.Select the ID/£),. and ί/;·Select random number e 4 Calculate 巧=丨丨 and ).G (4 2 ) Transfer {/AA} to SA, after submitting the registration application (4 3), after receiving the registration application, the system center sA selects the random number ^ 'calculated identity identification information w, and the self-verification public key is less (.: is = 0 + (Ί (/ / )(.)·α wt =zi+y-(X {yt) + h(IDi)) mod q (4 4 ) Transfer {y,.,·^.} to ¢/,. (45) user % Calculated private '.=>^-/«||/0,.)111〇£1 "Verification of the correctness: check xrG = yt + KIDi) · G + (X(^.) + / 2(/1).) · β)

(5 1) The meeting host t/issued the meeting notice (5 2) the meeting member % selects the random number ί;. eZg calculates 7;. =irG (5 3 ) transmits {/A, brother, 7;.} to t/〇

(54) Conference host t/〇 select random number eZ9 calculation = ί〇.G §t SK〇j —Tq 'yi'>rTi ·= (x;. + i0)·G + (ί(· + x0 )·G Check %3..{(义(九)+ /»(/£>.))+(义(兄.)+ /<//)<.))4) + 々.7 ;· (5 5 ) After the meeting host receives all the {/Α·,Κ,7]}, the sustainable group key agreement (5 6 ) is hosted by the host. GK = ISKq\® SfCQ2® ...® & =GX ® SHCQi A = h(GK\\ID〇) (5 7 ) Transfer to other conference members (5 8 ) Conference member α, calculate ^,.0 = 7; +3^〇+7 ; + ^· =(^ + ^)-^ + (^0+^)-^ 28 200901721 Checking Shen,.❶ + + (5 9 )Meeting members W Calculate <^=foot;.10,.〇 Check; 12 is still 〇) (6 0) Conference host " 〇 (6 1) new members choose random number iy eZg calculation 7} = iy+.G (62) will { still _ /, 7;, 7 }} Transfer to 卩〇 (6 3 ) Conference host W calculates Shen. Check S'l. · {(尤(凡)+ />(还.)) + (尤〇V) + *(/£>,))·灼+χ. .7; (6 4) Conference host V. Calculation = GiC ten tons K\ = GK' 0 SKQi λ' = h{GK' II /D〇 )

(65) Transfer {still 〇,凡,%,/^,;1/} to ^, and transmit {still(), 尺;,;1,} to other communication individuals A (6 5 1 ) to transmit {/A ), r , 乂, } (6 5 2 ) The original conference member R calculates, = 尺·, .10%. Check X'^iGKr || ID0) (66) New member h Calculate %. =5+:^+7)+1. = 0^+6.).6 + (6+5.).(5 Calculate G&.=foot;ten·S✓1,(Shen;丨丨 still ❶) (6 7 ) new member ι〇 calculation < ^ 〇 = especially; ten π; 0 check; 1 "(sink) 丨丨 still 0) (7 0) leave member U / (7 1) meeting host t/〇(7 2 ) Conference host t/〇 select random number of tons to calculate GK^GK^SK^Bn!^ fC;=GKn®SKQi /Τ = /z(G7T II /D〇) (7 3 )Transfer UA>, CU,} to other conference members仏 (7 4) Other conference members (7) Calculate ten% G checkup X'lhiGKlWIDo) 29

Claims (1)

200901721 X. Patent application scope: 1 · A security video conferencing system is a high security and high affinity security video conferencing system, including: A dual login authentication mechanism, including Java Card (Java Card) Security mechanism and password security mechanism. When the user logs in to the system, the Java Card ' and the user ID (ID) and password (Passw〇rd) obtained during registration must be inserted into the card reader. The secret information read by the Java Card and the data entered by the user are used to perform the operation and exchange the result with the server to identify the legal identity of the user. Finally, the conference key is calculated together with the server. (Session Key) 'For the exchange of secret messages for the conference, the user inserts the Java Card and enters the id and password to perform two-way identification with the server' and generates a secret record of the conference; one level key exchange Mechanism, which includes three different levels of the gold record protocol mechanism 'U2S: User to Server, user group (U2G: Us Er to Group) and individual users (U2U: User t〇User) to do the gold record agreement, when the user logs in, they work with the server to calculate a Session Key for future secret information transmission (U2S); During the conference, the user can also make another Golden Wheel Protocol (U2G) with the user group participating in the conference or use the U2U for a single user in the group; The mechanism 'user can customize the easy-to-remember secret but also has the same level of security as the general password mechanism, and the authentication mechanism used by the system allows the user to directly connect to the server. 30 200901721 changes, instead of personally accessing the password on the text card, in order to increase the convenience of the user to change the password; Q 0 a friendly basic network level a, , R port ', the use of interface to extract the basis The network (Web-Based) as the system...the next...the user does not need to download any installation program when using the system. The mouth a must be connected to the network, click on the user, after the meeting, Will Downloading the system by the eye-catching, without the need to install the action 'Additional user makes the use of this system convenient, the meeting includes video, voice, text transmission or slot transmission. Shenyue patent circumference item 1 The security video conferencing system of the above-mentioned dual login authentication mechanism is registered, and the user must register and use the CA (Certificate Authority) to register and use the system before using the system. a After the user decides the weight, the CA calculates the secret information that will be used in the future when logging in to the system, and writes it to the java card in the shell sfL and gives the user a use, 5 Tiger (ID) 'and send java card to the user. The security video conferencing system of claim 1, wherein the video conference is π γ, the system can transmit and transmit information between users via a server, and the video image is used by the user. Peer-to-peer delivery, both with immediate messaging capabilities. 4 · As claimed in the patent application scope 1 of the security video conferencing system 'where the video conferencing department pik + finds the system has the ability to dynamically manage the conference, that is, one of the users is the conference: ^. My chairman' Although the conference chairman enters the conference room, the conference will be opened, and the left I ▲ f will not be accessible on the webpage of the users participating in the conference. She 4·Tomb + Luo u, the chairman can also decide the conference. End of the time, when the meeting 31 200901721 The chairman ends the meeting, the meeting is closed forever, so that the chairman of the meeting has the authority to control the opening and closing of the meeting. 5 · The security video conferencing system described in claim 1 of the patent application, wherein the video conferencing system further provides the user with the freedom to choose whether to store the functions of the conference. When the user chooses to store the conference content, the video conference system The conversation record will be stored in the user-defined folder and slot for use as a save and meeting record. b. If the application is for the singularity system, the videoconferencing system includes a security video conferencing system that can be used for enterprise video conferencing systems, distance learning systems, collaborative design systems, virtual community systems or home care systems. 7 · As described in the first paragraph of the patent application, the method of registering and logging in to the CA to authenticate the identity and key agreement in both directions. 8 • If the security mentioned in item i of the patent application is included, the user in the conference room will form a group: and use the HLM_seheme conference golden mechanism to encrypt the data transmission of Jinyu.卫 for 9 _ as claimed in the 8th article of the patent application scope, the female full video conference preparation record, where the use of the group is going to work, the HLM-schemn will be carried out. ^^^ & Xiao ° tongue work this golden wheel exchange system to do the key agreement, as the Beko transmission encryption. '100.- A security video conferencing method, in which the group gold agreement can be divided into the following three. Change #又·-user registration stage, - group gold 32 200901721 key agreement stage and a dynamic group key agreement Management phase; in this method, 'Trusted Third Party (TTP)' is the System Center (SA), which is responsible for establishing and managing basic parameters of the system, and assisting users in calculating self-verification. Public key; * During the user registration phase, the user presents his or her identity-related information: The system is registered with the system, the system center is responsible for the user's identity information • Generate and issue a self-validated public key and proof (witness To the user's user can use the returned proof to calculate his own private key, and can use the calculated private balance to verify the validity of the public key; in the group communication session, the communication parties use The other party's eight keys exchange communication with their private key to establish a share and talk about the gold record; When a member joins or leave, you can easily change the key groups in order to achieve security before meeting Kim push key (forward secrecy) and push security (backward secrecy). 1 1. The method of security video conferencing as described in claim i of the patent scope, wherein the user registration phase is for the user to perform the step of registering with the system center and obtaining the identity authentication information: Step 1: t/, selected Identity ID 7 recognizes π. Selects the number t, %, S, and the number of identification information 0: II7Z) t).G then 'transmits {//), ., g} to the system center to propose... Heart Book A δ Month, Step 2. When the system center receives the registration application, select the random number 2 l^R 5 33 200901721 § ten nose t /, identity identification information % and self-verification public key: ypR+KlDJ.G Wi =2i+r. ) + h(<IDj)) mod q Then 'pass{hw,} to t/,.; Step 3: % After receiving U, w, ·}, perform the following steps: 3 - 1 : Calculate the private key 々χ. = w. - II ID() modq Step 3 -2 : Verify that the public key is correct: ' · G = is +/ ί(/Ζ)(.). σ + ( ι(乃)+ w//).) ·^). 1 2 · If you apply for the security conference method described in Article 1 or 11 of the patent scope, the group key agreement phase is 'each group key agreement agreement will be responsible and managed by a conference host% The generation and update of the conversation golden wheel. When multiple legitimate users of the system want to establish the -2 group conversation key, the moderator first starts the action of the meeting, and decides that the meeting can participate in the meeting and sends a meeting notice to For other individuals, the detailed steps are as follows: Step 1: When other individuals t/, 'received the meeting notice, if you want to join the meeting', perform the following steps to calculate the key agreement information 71, to t/〇 Step 1 -1 : t / ,. Generate a random random number & using the chaotic generator and calculate Ti = ti.G Step 2-2: Transfer {/Α_, π, 7;.} to % step 2: When receiving ., is., 7;.}, you can calculate part of the group conversations. 200901721 The newsletter iSATo,. He also verified the identity of the individual t// through iSATo.. Step 2-1: Use a random number generator to generate a random number & eZ9 and calculate '〇= '〇 G Step 2-2: Calculate the conversation key information of some groups with other communication individuals t/, *: = '〇.乃+(·少〇= (A. 尤〇). G Step 2-3 : Validate the legality of % identity by 7}} and 5Ά: SK0ilt0-{(X(y0) + h(ID0)) + (Χ(γί) + ΚΙΌί))·β) + χ0·Τί If the above formula is established , which means that the legality of the correctness can be correctly verified. Step 3: After receiving all 7;.}, the group gold transfer protocol step can be continued: Step 3-1: This is generated by partial group key information. The group key of the second meeting: = Shen 01 ten level 02 ten... ten level 0; „ Step 3 -2: Calculate the group key information, respectively..: K^GKmsK^ Step 3 -3: Calculate the key verification value ;I, for other communication individuals to verify the group key: λ = h (GK II IDq) Step 3-4: Transfer., A} to other communication entities ί/,.; Step 4: When t/,. When receiving {ΖΟ.,外,Κ,Α}, perform the following steps to generate 35 200901721 Group Golden Record GA: and verify the correctness of GA: Step 4-1: Calculate the partial group chat key information SKiQ = Tl+y0+Ti+ = (j:0 +ί.). Q + + . G Step 4-2: by {/ ), outside, 7^} and from, _〇 verification. Legitimacy of identity: If the above formula is true, it means that the legality of % can be correctly verified. Step 4-3: Calculate the group key GA:i : GK^ K^SK^ Step 4-4: Verify the correctness of the G rule: Insult (four) 丨丨 still. If the upper right formula is established, it means that the same conversation key as % is held. 1 3 · The secure video conference method described in the patent application scope i 0, i丄 or i 2, wherein the dynamic group key agreement management Including new and member leaving, which is added as, if there are new legitimate users% want to join this meeting, perform the following steps to complete the group meeting key update, and reach the push security (f0rwar (i seerecy): Step 1: User 1 uses a random number generator to generate a random random number f, J q and calculates Tj=tj.G Step 2: % will be {/!)/,;〇,7}} To [/〇; Step 3: When t/〇 receives {/£>y,~7}}, perform the following steps to verify the identity 36 200901721 and calculate the new group key GiT: Step 3 -1 : Calculate the partial key conversation information with .5 SK〇j =T0 yj + Tj · _y〇= (xy +t0)-G + (tj +x0)-G Step 3-2: by {/Dy, and *S You〇y verify the legality of ί/y identity: SK0J^0-{(X(y0) + h(ID0)) + (X(yJ) + h(IDj))^) + x0-Tj If the formula is true, it means the legitimacy that can be correctly verified. 9 Step 3-3: Make Use the chaotic generator to generate a random random number eZ/ and count the new group Jint GiT: GK'^GK^SK^nk' Steps 3 - 4 . Calculate the new group gold information respectively ^ . Ki= GK'®SK0i Steps 3 - 5: Calculate the verification value T of the new group key for other communicating individuals to verify the group key: ^ = h(GK'\\ID0) Step 3-4: Transfer to % And send {IDq, K;, A/} to other communication entities. Step 4: The newly added user receives {/D. , %%, '.,;!/}, perform the following steps to generate the group key G/: and verify the correctness of Gii:; Step 4-1: Calculate the partial group chat key information 5; 0 ^i〇= Ά+ y〇+ r^i+ yi =(x〇+ti)'^+(f〇+xi)'G Step 4-2: Verify new by {still 0, where, Γ〇} and SAo The legality of the user's body 37 200901721 points: ^ο^·{(^〇) + Μ^〇)) + (X{yi) + h{IDi)).p) + xiT, if the above formula holds, It means that the legality of the newly added user can be correctly verified; Step 4-3: Calculate the group key: GKfK^St^ Step 4-4: Verify (?, correctness: λΐ^οκ^ω,) If the above formula is established, it means that it has the same conversation key as w. The existing user can calculate the new group key by performing the following steps: Ruler; Ten said, 〇 where the member leaves: If there is participation % of the users of the meeting leave the meeting, perform the following steps to complete the update of the group meeting key and reach the backward secrecy: Step 1 random random number. The beta host will use the random number generator to generate <; and calculate a new group of gold 鍮 G / r : GK" GK'®SK, nk2 Step 2: Calculate the new group key information scale for % respectively · K-=GKn@SK0i Step 3: Calculate the verification value of the new group key ^, u have his communication individual group Key verification: 儿" = h(GK"l\lD0) 38 200901721 Step Step GK;:= 十一如4: Transfer {/ZUf,; l〃} to other communicating individuals. 5 : t/,· The following steps can be used to calculate a new group key: iq®sKi(r , schema: owed page 39