1231681 玫、發明說明: 【發明所屬之技術領域】 本發明係關於一種認證及訊息加密方法,尤指一種適 用於服務交付技術之認證及訊息加密方法。 【先前技術】 按,所謂之服務交付技術(PUSH techn〇1〇gy,亦稱推 播技術),係為針對無線網路與行動手持式裴置特性所開發 10 15 出的-套3G無線應用標準,用以在服務交付啟動者、服 務交付代理閘道器、及服務交付用戶端間進行訊息傳輸及 存取’目前已為 OMA(〇pen mobiie alHance)與 3Gpp(the third generation partnership project)等國際組織所採用。 服務交付技術之目的係希望能夠將最新、或具有時赛 性的資訊,由健端主動傳送到手持式裝置上,以即時地 通知使用者採取必要的行動。其與_般簡訊技術最大的^ 同之處在於,服務交付技術不單只將訊息傳送到用戶端寻 持式裝置,更可以指定將訊息傳達給用戶端上的某一特定 程式使用。例如可將服務交付技術應用於多㈣簡訊服箱 (multimecha message service,MMS)、媒體物件㈣此 objects)下載服務、重要訊息即時通知服務⑼如股票郭 management,DRM)月艮矛务等 〇 儘管服務交付技術在發展之初 叉到許多環境限制的 因 20 1231681 素’以致於並未受到大豕廣泛應用’但隨著無線通訊網路 的不斷發展進步,由全球通訊系統(global SyStem for mobile communication,GSM)、整合封包無線電服務技術 (general packet radio service,GPRS)、到未來的第三代行動 5 電話(third generation,3G),使用者也開始期待更多樣化、 個人化的無線應用技術能夠出現。而服務交付技術*的成 熟,以及其能夠即時地將符合需求之資訊主動交付給使用 者的特性,將可為新一代無線應用服務帶來新契機:。 然而’目前不論是GSM或GPRS,其微細胞系統 10 (cellular systems)並沒有一個確保伺服端與使用者之間能 安全傳送訊息的機制。這是因為當訊息由無線裝置傳至基 地台時、可以經過加密來保證其安全性,但在透過無線與 有線的連結設備,例如服務交付代理閘道器時,訊息必須 先行解密後再執行編碼(encoding),此時的訊息對網路業者 15 來說通常是明文資訊。因此’在無線網路中傳遞私密性訊 息時,網路業者將有可能截聽到使用者私密性的資料,這 無疑是對使用者之安全性與隱私權的一大威脅,在這種應 用環境下,使用者可能遭受到的安全性威脅包括未授權之 連線請求(unauthorized session initiation)、傳送具有傷害性 20 的内容(harmful content delivery)、阻絕服務攻擊(deniai 〇f service,DoS)、及未授權之服務交付訊息(unauthorized PUSH)等,如此將大幅降低使用意願。此夕卜,目前僅能由 系統業者單向對用戶端進行認證,反之,用戶端卻無法向 系統業者進行認證,缺乏一套雙向認證機制。由此可知, 1231681 予以改進之必要。 習知之服務交付技術仍有諸多缺失而有 【發明内容】 H: 的係在提供-種服務交付技術之認 密方法,係允許服務交付技術應㈣境中之各 7G件此兩兩進行雙向認證,俾提高資訊安全性。 本^之另—目的係在提供—種服毅付技術之認 祖及訊息加密方法,僅需針對服務交付訊息的内容進行加 ^而毋須將整個訊息(包含服務交付技術之格式)進行加 ^俾減輕服務父付啟動者執行加密工作之負擔。 10 151231681 Description of the invention: [Technical field to which the invention belongs] The present invention relates to an authentication and message encryption method, especially an authentication and message encryption method suitable for service delivery technology. [Previous technology] According to the so-called service delivery technology (PUSH technology, also known as push broadcast technology), it is a set of 3G wireless applications developed for wireless networks and mobile handheld devices. Standards for message transmission and access between service delivery initiators, service delivery agent gateways, and service delivery clients' are currently OMA (〇pen mobiie alHance) and 3Gpp (the third generation partnership project), etc. Used by international organizations. The purpose of service delivery technology is to be able to actively transmit the latest or time-sensitive information to handheld devices to promptly notify users to take necessary actions. The biggest difference between it and general newsletter technology is that service delivery technology not only sends messages to client-side seeker devices, but also specifies that messages are delivered to a specific program on the client side for use. For example, service delivery technology can be applied to multiple multimecha message service (MMS), media objects (these objects) download services, and important message instant notification services (such as stock management, DRM), etc. At the beginning of the development of service delivery technology, many environmental restrictions were caused by the 201231681 'so that it has not been widely used', but with the continuous development of wireless communication networks, the global communication system (global SyStem for mobile communication, GSM), integrated packet radio service technology (GPRS), and to the third generation of mobile phones (3G) in the future, users have begun to expect more diverse and personalized wireless application technology appear. The maturity of service delivery technology * and its ability to proactively deliver information that meets the needs to users in real time will bring new opportunities for next-generation wireless application services :. However, at present, no matter whether it is GSM or GPRS, its cellular systems 10 (cellular systems) do not have a mechanism to ensure that messages can be transmitted securely between the server and the user. This is because when the message is transmitted from the wireless device to the base station, it can be encrypted to ensure its security. However, when the wireless and wired connection devices, such as the service delivery agent gateway, must be decrypted before the message is encoded. (Encoding), the message at this time is usually clear text for Internet operators15. Therefore, when transmitting private information in a wireless network, the network operator will be able to intercept the user's private data. This is undoubtedly a major threat to the user's security and privacy. In this application environment, Security threats that users may experience include unauthorized session initiation, transmission of harmful content (harmful content delivery), denial of service attacks (DoS), and Unauthorized service delivery information (unauthorized PUSH), etc. This will greatly reduce the willingness to use. At the same time, at present, users can only be authenticated by the system operator in one direction. On the other hand, the user cannot authenticate with the system operator and lacks a two-way authentication mechanism. This shows that 1231681 is necessary for improvement. There are still many shortcomings in the conventional service delivery technology and [inventive content] H: is a secret method of providing-a kind of service delivery technology, which allows two-way authentication of each 7G piece in the service delivery technology environment. , To improve information security. The other purpose of this book is to provide a kind of service recognition technology and message encryption method. It only needs to add the content of the service delivery message instead of adding the entire message (including the format of the service delivery technology).俾 Reduce the burden of the service father paying the initiator to perform the encryption work. 10 15
W本發明之再-目的係、在提供—種服務交付技術之認 €及汛息加密方法,係由服務交付啟動者、服務交付代理 閘道器、&服務交付用戶端三者均共同參與產生會議金输 之過私,俾能減輕服務交付用戶端之指數運算作業,此外, 服矛力父付代理閘道裔僅參與產生會議金餘之相關參數的過 程、而無法取得服務交付訊息之内容,如此將可確保使用 者之安全性與隱私權。 依據本發明之特色,係提出一種服務交付技術之認證 及訊息加密方法,服務交付技術(PUSH technology)之應用 環i兄係包括一服務交付啟動者(push initiat〇r,PI)、一服務 父付用戶端(push client)、及一服務交付代理閘道器(push Pmxy gateway,PPG)。其中,服務交付啟動者係應用於一 、、’罔卩示網路環境中、以使用一服務交付存取協定(push access Protocol,pap)來與服務交付代理閘道器溝通;服務交付用 1231681 戶端係應用於-無線網路環境中、以接收來自服務交付代 理閘道器之服務交付訊息;服務交付代理閑道器係為網際 網路及無線網路間之進入點(entrypoint)、以透過一服務交 付傳輸協定(push over-the-air protocol,Push 〇TA)來完成 5自服矛务交付代理閘道器到服務交付用戶端間之傳輸任務。 本發明首先由服務交付啟動者發送一服務交付要求 (PushReq)訊息、及服務交付啟動者之身份憑證至服務交付 代理閘道器;接著,服務交付代理閘道器將可根據身份憑 證(Cert(PI))以確認服務交付啟動者,進而與服務交付用戶 10鈿建立一連線、並進行相互認證,以在完成認證後,由服 務交付用戶端傳送根據一亂數y所計算出之參數值gy至服 矛力乂付代理閘道裔;再來,服務交付代理閘道器將產生一 亂數X以計算出二參數值gX及gXy,並於加上服務交付代理 閘迢為之簽章後、使用服務交付啟動者之公開金鑰加密, 15再併同服務父付代理閘道器之身份憑證(cert(ppG)),“併 傳达至服務交付啟動者;而當服務交付根據身份憑證以確 認服務交付代理閘道器後,將可產生一亂數z以計算出一參 數值g 、及一會議金鑰gXyz,以使用會議金鑰yyz加密一服 務父付訊息(PushMsg),並於加上服務交付啟動者之簽章 20後、使用服務交付代理閘道器之公開金输加密,以將加密 j服務父付訊息併同參數值gXZ、及服務交付啟動者之簽 早,一併傳送至服務交付代理閘道器;之後,服務交付代 理閘逼為可解出加密之服務交付訊息、及參數值gXZ,並傳 迗至服務父付用戶端;據此,服務交付用戶端將能根據亂 1231681 數y及參數值gxz以解出服務交付訊息之内容。其中,本發 明之加密方法係可視軟硬體之環境而彈性使用對稱式加密 金鑰演算法、或非對稱式加密金鑰演算法。 5【實施方式】 為能讓貴審查委員能更瞭解本發明之技術内容,特 舉二較佳具體實施例說明如下。 請先參閱圖1之服務交付技術(PUSH techn〇l〇gy)的網 路架構圖,其係包括三個主要的網路元件,分別為服務交 10付啟動者(push initiator)l、服務交付代理閘道器(push proxy gateway,PPG)2 ' 及服務交付用戶端(push dient)3。 其中,位於網際網路8環境中之服務交付啟動者丨係使用服 務交付存取協定(push access protoc〇1,PAP)以與服務交付 代理閘道益2相互溝通;而位於無線網路9環境中之服務交 15付用戶端3則透過服務交付傳輸協定(push 〇ver_theWr push OTA)以與服務交付代理閘道器2進行資料傳輪。舉例 來說,服務交付啟動者丨例如為圖鈴下載内容提供業者 (content provider),服務交付代理閘道器2可為一般電信業 者’而服務交付用戶端3則為行動電話。 、 2〇 &上述三網路元件除了透過服務交付存取協定或服務 交付傳輸協定相互溝通之外,服務交付啟動者丨還負主進> 服務交付代理閘道器2的身份認證,以及對服務交付^/内丁 容加密的:Μ乍’用以保證只有正確的服務交付用戶端 以解得服務交付訊息的内容;而#服務交付啟動者i產生最 1231681 新資訊或事件時,將根據欲傳送資料的内容來產生服務交 · 付訊息,並利用服務交付存取協定以將欲交付的訊息傳送 給服務交付代理問道器2’經由其對訊息進行例如資料編. 碼、或安全認證等處理後,再利用服務交付傳輪協定將訊 5息轉傳至服務交付啟動者!所指定的服務交付用戶端3、同 時交付給服務交付用戶端3中被指定的應用程式,最後應用 程式即可根據訊息類型和内容作適當的處理;服務交付用 戶端3為了能夠隨時接收來自服務交付代理閘道器2的服務 父付訊息,因此必須在幕後執行一個接收服務交付訊息的 籲 10 $駐程式。 接下來請一併參閱圖2,係詳述本實施例服務交付技 術之a忍4及汛息加密方法的運作流程,以說明服務交付啟 動者1、服務交付代理閘道器2、及服務交付用戶端3三者之 間毋須確認(unconfirmed)之服務交付模式的運作程序。需 15注思的是,本實施例係具有一被所有網路元件(即服務交付 啟動者1、服務交付代理閘道器2、及服務交付用戶端3)所 仏任的認證中心(certificati〇n auth〇]:ity,CA),且每個網路 鲁 元件在執行服務交付流程之前都擁有經由認證中心認證通 過的公開/私人金錄(public/private key),亦即所有網路元 20 件皆可透過認證中心來驗證其他網路元件的身份、或是公 開金输的正確性。 當有服務交付訊息要從服務交付啟動者1以毋須確認 之服務交付模式傳送給服務交付用戶端3時,首先,服務交 付啟動者1將發送一個服務交付要求(pushReq)訊息給服務 10 1231681 交付=理問道器2(步驟讓),表示有服務交付訊息要傳給 服務父付用戶端3,並傳送_用以防止重現㈣&力攻擊的 時間戳記tP丨、以及服務交付啟動者丨的身份憑證cert(pi)w 利服務交付代理閘道器2進行身份認證。 5 #服務交付代理閘道器2收到服務交付啟動者i傳送 Λ心的要求後,將根據身份憑證Cen(pi)以驗證服務交付啟 動者1,並與服務交付用戶端3建立連線(步驟S2〇2),且在 連線過程中、服務交付代理閘道器2將與服務交付用戶端3 執行相互認證的動作,以在完成認證後,服務交付用戶端3 1〇 ,根據本身產生的亂數y以計算出一參數值gy,並傳回服務 又付代理閘道器2,以作為服務交付用戶端3與服務交付啟 動者1產生會議金鑰(session key,SK)的其中一個參數。 其中,請參閱圖3,係詳述上述步驟32〇2服務交付代 理閘道器2與服務交付用戶端3間建立連線並進行雙向認證 15之流程。服務交付代理閘道器2先提出建立連線的要求 (request)(步驟S301);當服務交付用戶端3準備好時、即回 覆一連線許可(步驟S302)。此時,服務交付代理閘道器2將 送出一亂數r給服務交付用戶端3(步驟S3〇3);待服務交付 用戶端3接收到之後,將使用當初購買行動電話時、其用戶 20 識別卡(subscriber identify module,SIM)中所内建的私密金 鑰值CK來對亂數r加密,以形成一封包CK[r]後傳回給服務 父付代理閘道器2(步驟S304)。由於本實施例之服務交付代 理閘迢器2係由電信系統業者所提供,因此服務交付代理閘 這器2將同時擁有服務交付用戶端3之SIM卡内建的私密金 1231681 鑰值CK’且其他第三者將無從得知此私密錢值,故服務 交付代理閘道器2即可使用私密金錄值CK對封包CK[鱗 密以取得相同的此數:,藉此驗證服務交付用戶端3的身份 成功(步驟S305);之後續使用私密金鑰值⑶對封包c则 5再次加密後形成封包CK[CK[r]],並傳送至服務交付用戶端 3(步驟S306);同理’服務交付用戶端3可使用私密金錄值 ck將封包CK[CK[r]]解開以取得CK[r],顯示其與先前於步 驟S304中傳送給服務交付代理閘道器2的封包值相同,故 成功驗證服務交付代理閘道器2的身份合法性(步驟 10 S307)/至此完成雙向相互認證的動作,以改善習知gsm 僅由系統業者對服務交付用戶端2進行單向認證的缺點;最 ,,服務交付用戶端3將傳送根據—自冑產生之亂數㈣計 算出的參數值gy至服務交付代理閘道器2(步驟S3〇8)。 "月再參考圖2之流程圖,當服務交付代理閘道器2接收 15到服務交付啟動者1的服務交付要求(PushReq)後,本身也 將會產生一亂數X,以根據服務交付用戶端3傳來的參數值 計算出gx及gxy(=(;gy)x),同樣作為服務交付用戶端3與 服務交付啟動者1間生會議金鑰SK的參數,之後服務交付 代理閘道器2將把時間戳記tPi、gX、及gXy加上本身的簽章 2〇 KPPG後,再使用服務交付啟動者}的公開金餘KM加密後形 成 kpi[kppgh <tpl,gx,gxy >] ’ 併同自己的身份憑證Cert(PPG), 一併傳送給服務交付啟動者丨(步驟S2〇3)。 此時,服務交付啟動者1將先根據身份憑證Cert(ppG) 來驗證服務交付代理閘道器2,並使用金鑰解開所接收到之 12 1231681 封包内容,之後使用自身產生的亂數z以與接收到之參數值 gx、及gxy運算取得另一參數值gu(=(gX)z)、及_作為加密服 務交付訊息内容的會議金鑰SK gXyz,同時產生當時的時間 戳記tPI’,並將服務交付訊息(PushMsg)内容使用sk加密, 5最後加上服務交付啟動者1的簽章加密後形成如下的訊息 傳送給服務交付代理閘道器2(步驟S204) ·· KPPG [Kp丨 < tPI ’,gxz,SK[PushMsg] >]。 而服務交付代理閘道器2在接收到上述訊息後,將先 驗證訊息的完整性及來源認證。並在使用金鑰解開訊息後 ίο 取得 tPI,、gxz、&SK[PushMsg],將 gXiSK[PushMsg]傳送 、’’石服矛力父付用戶端3(步驟S205)。服務交付用戶端3收到服 務交付代理閘道器2送過來的訊息後,可以根據本身之 月ίΐ所產生的亂數y以計算取得會議金鑰3尺為gXyz(=(gXZ)y), 士此末將可使用SK以解開服務交付訊息pushMsg的内 15谷(步驟S2〇6)。由此可知,由於只有服務交付啟動者丨與服 務父付用戶端3才可以算出SK,因此用3]^對服務交付訊息 的内容作加密,將可確實達成保護使用者隱私權的目的。 上述貝^例係以毋須確認(unc〇nfirmed)之服務交付模 式的運作流程為例加以說明,以下請參閱圖4,係為需要確 20認(confirmed)之服務交付模式的運作流程圖。其中,本實 轭例圖4之步驟S401至S406係與圖2之步驟S201至S206完 全相同,惟本實施例在服務交付用戶端3解開服務交付訊息 後(步驟S406),將由服務交付用戶端3回傳一確認訊息用以 確涊已接收到服務交付訊息(步驟S4〇乃;且服務交付啟動 13 1231681 者1係傳送_結果通知訊息(result n〇tificati〇n message)至 。力父付代理閘道器2(步驟S4〇8);以通知服務交付代理閘 道益2回傳—結果通知回覆㈣也細出p〇nse)至 5 10 15 20 2務交付啟動者丨(步驟S4〇9)。此外,若服務交付用戶端3 :接收需要經過認證(⑽firmed)的服務交付訊I,則服務 交付用戶端3和服務交付代理閘道器2之間必須存在一個網 路連線,因此服務交付用戶端也需要一個連線啟動程式, =接收來自服務交付代理閘道器2的建立連線請求,和服務 父付代理閘道器2建立起網路連線。 由以上說明可知,本發明所提出之認證及訊息加密方 $ ’係將服務交付訊息的内容進行加密,以確保使用者的 女全性與隱私權。此外,本發明可根據行動終端裝置之運 算能力、與所處網路環境的特性,以選擇一適合的對稱式 或非對稱式金錄加密技術,並讓服務交付用戶端、服務交 里閉道器、與服務交付啟動者三者共同參與會議金鑰 =產生’但最後只有服務交付用戶端與服務交付啟動者兩 各自產生同-把共享的加解密金錄gxyz,而服 料器僅能取得x,gy,gz等參數,本身將無法產生此加解密 至鑰。如此-來’將大幅提升金鍮協議方法的安全性,且 :擊者二須:時求得三者的私密值(即各自所產生的亂數 玄計算出金餘;且可使服務交付用戶端的私 被值減小,俾減輕服務交付用戶端進行指數運算的負擔。 ^卜,服務交付代理閉道器還負責對服務交付啟動者輕 矛力乂付用戶端進行身份認證,以確保在無線網路或是有線 14 1231681 網路環境中、皆可避免遭受到攔截式(man in the_midd⑷ 攻擊的危險。又,本發明係達成讓服務交付用戶端與系統 業者的服務交付代理閘道器間進行雙向認證的功能;且本 發明僅針對服務交付訊息加密,而非對整個服務交付訊息 5的袼式加密,故可控制服務交付代理閘道器在執行編碼壓 縮後的訊息量不會增加,且能減輕服務交付啟動者執行加 也、工作的負荷,實為一大進步。 上述實施例僅係為了方便說明而舉例而已,本發明所 主張之權利範圍自應以申請專利範圍所述為準,而非僅限 ίο 於上述貫施例。 【圖式簡單說明】 圖1係本發明一較佳實施例之服務交付技術之網路架構圖。 圖2係本發明一較佳實施例毋須確認之服務交付模式之流 15 程圖。 圖3係本發明一較佳實施例服務交付用戶端與服務交付代 理閘道器間相互認證之流程圖。 圖4係本發明另一較佳實施例需要確認之服務交付模式之 流程圖。 20 【圖號說明】 服務交付代理閘道器2 網際網路8 基地台91 服務交付啟動者1 服務交付用戶端3 無線網路9 15The re-purpose of the present invention is to provide a recognition of service delivery technology and flood encryption method, which are jointly participated by the service delivery initiator, service delivery agent gateway, and & service delivery client. The excessive privateness of the conference gold loss can not reduce the index calculation operation of the service delivery client. In addition, the service provider pays the proxy gateway to participate only in the process of generating the relevant parameters of the conference balance, and cannot obtain the service delivery information. Content, which will ensure the security and privacy of users. According to the features of the present invention, a service delivery technology authentication and message encryption method is proposed. The application ring of the service delivery technology (PUSH technology) includes a service delivery initiator (push initiator, PI), and a service parent. A push client (push client) and a service delivery agent gateway (push Pmxy gateway (PPG)). Among them, the service delivery initiator is used in a network environment to communicate with the service delivery agent gateway using a service delivery access protocol (pap); 1236681 for service delivery The client is used in a wireless network environment to receive service delivery messages from the service delivery agent gateway; the service delivery agent idler is an entry point between the Internet and wireless networks. Through a service delivery transmission protocol (Push over-the-air protocol (Push OTA)) to complete the transmission task between the 5 self-service delivery agent gateway to the service delivery client. In the present invention, the service delivery initiator sends a service delivery request (PushReq) message and the identity certificate of the service delivery initiator to the service delivery agent gateway. Then, the service delivery agent gateway can use the identity certificate (Cert ( PI)) to confirm the initiator of the service delivery, and then establish a connection with the service delivery user 10 钿 and perform mutual authentication, so that after the authentication is completed, the service delivery user terminal transmits the parameter value calculated according to a random number y gy to the service provider to pay the agent gateway; again, the service delivery agent gateway will generate a random number X to calculate the two parameter values gX and gXy, and add the service delivery agent gateway to sign After that, the public key of the service delivery initiator is used to encrypt, and then the identity certificate (cert (ppG)) of the gateway of the service payment agent (cert (ppG)) is transmitted to the service delivery initiator; and when the service delivery is based on the identity After the certificate is used to confirm the service delivery agent gateway, an random number z can be generated to calculate a parameter value g and a conference key gXyz. The conference key yyz is used to encrypt a service parent payment message (PushMsg). And after adding the signature 20 of the service delivery initiator, use the public gold loss encryption of the service delivery agent gateway to encrypt the service j payment information with the parameter value gXZ and the signature of the service delivery initiator, It is transmitted to the gateway of the service delivery agent; after that, the service delivery agent forces the encrypted service delivery message and the parameter value gXZ to be transmitted to the service parent payment client; accordingly, the service delivery client The content of the service delivery message can be solved based on the random 1231681 number y and the parameter value gxz. Among them, the encryption method of the present invention can flexibly use a symmetric encryption key algorithm or asymmetric encryption depending on the environment of software and hardware. Key algorithm. 5 [Embodiment] In order to allow your review committee to better understand the technical content of the present invention, the second preferred embodiment is described below. Please refer to the service delivery technology (PUSH technol) in FIG. 1 first. 〇gy) network architecture diagram, which consists of three main network components, respectively, the service pay 10 initiator (push initiator), service delivery proxy gateway (push proxy gateway, PP G) 2 ′ and service delivery client (push dient) 3. Among them, the service delivery initiator located in the Internet 8 environment 丨 uses the service access access protocol (push access protoc0 (PAP)) to service delivery The agent gateway benefits 2 communicate with each other; while the service delivery 15 in the wireless network 9 environment, the client 3 uses the service delivery transfer protocol (push 〇ver_theWr push OTA) to transfer data with the service delivery agent gateway 2. For example, the service delivery initiator 丨 is, for example, a download content provider, the service delivery agent gateway 2 may be a general telecommunication operator, and the service delivery client 3 is a mobile phone. In addition to the above three network components communicating with each other through a service delivery access agreement or a service delivery transmission agreement, the service delivery initiator 丨 also assumes the identity of the main> service delivery agent gateway 2, and Encrypted service delivery: 内 内容 Encrypted: Μ 乍 'is used to ensure that only the correct service delivery client can understand the content of the service delivery message; and # 服务 delivery initiator i will generate the most new information or events, and will Generate a service delivery and payment message according to the content of the data to be transmitted, and use the service delivery access agreement to transmit the to-be-delivered message to the service delivery agent interrogator 2 ', for example, to perform data coding, coding, or security on the message. After authentication and other processing, the service delivery transfer agreement is used to transfer the information to the service delivery initiator! The designated service delivery client 3 is simultaneously delivered to the designated application in the service delivery client 3, and finally the application can perform appropriate processing according to the type and content of the message; the service delivery client 3 can receive from the service at any time The service parent of the delivery agent gateway 2 pays for the message, so behind the scenes a call must be executed to receive the service delivery message. Next, please refer to FIG. 2 together, which details the operation process of service delivery technology 4 and flood encryption method in this embodiment to explain the service delivery initiator 1, service delivery agent gateway 2, and service delivery. The operation procedure of the service delivery mode without any confirmation between the client and the three. It should be noted that this embodiment has a certification center (certificati) that is performed by all network elements (that is, the service delivery initiator 1, the service delivery agent gateway 2, and the service delivery client 3). n auth〇]: ity, CA), and each network element has a public / private key (certified by the certification center) before performing the service delivery process, that is, all network elements 20 You can use the certification center to verify the identity of other network components or the correctness of public gold loss. When there is a service delivery message to be transmitted from the service delivery initiator 1 to the service delivery client 3 in an unconfirmed service delivery mode, first, the service delivery initiator 1 will send a service delivery request (pushReq) message to the service 10 1231681 delivery = Interrogator 2 (step let), indicates that there is a service delivery message to be transmitted to the service parent payment client 3, and _ timestamp tP 丨 to prevent recurrence ㈣ & force attack, and the service delivery initiator 丨The certificate cert (pi) is used by the service delivery agent gateway 2 for identity authentication. 5 #Service Delivery Agent Gateway 2 After receiving the request from the service delivery initiator i to transmit Λ heart, it will verify the service delivery initiator 1 according to the identity certificate Cen (pi), and establish a connection with the service delivery client 3 ( Step S202), and during the connection process, the service delivery agent gateway 2 will perform a mutual authentication action with the service delivery client 3, so that after the authentication is completed, the service delivery client 3 10 will be generated according to itself Y to calculate a parameter value gy and return the service to the proxy gateway 2 as one of the service delivery client 3 and the service delivery initiator 1 to generate a session key (SK) parameter. Among them, please refer to FIG. 3, which details the process of establishing the connection between the service delivery agent gateway 2 and the service delivery client 3 and performing the two-way authentication 15 in the above step 3202. The service delivery agent gateway 2 first makes a request to establish a connection (step S301); when the service delivery client 3 is ready, it responds with a connection permission (step S302). At this time, the service delivery agent gateway 2 will send a random number r to the service delivery client 3 (step S303); after the service delivery client 3 receives it, it will use the user 20 when it originally purchased the mobile phone. The private key value CK built in the subscriber identification module (SIM) encrypts the random number r to form a packet CK [r] and sends it back to the service parent payment agent gateway 2 (step S304) . Since the service delivery agent gate 2 of this embodiment is provided by the telecommunications system operator, the service delivery agent gate 2 will also have the private gold 12316681 key value CK 'built in the SIM card of the service delivery client 3 and Other third parties will have no way to know the value of this private money, so the service delivery agent gateway 2 can use the private gold record value CK to the packet CK [scale to obtain the same number :, thereby verifying the service delivery client The identity of 3 is successful (step S305); subsequently, the packet c is encrypted again using the private key value ⑶ to form a packet CK [CK [r]] and transmitted to the service delivery client 3 (step S306); the same applies 'The service delivery client 3 may use the private record value ck to unpack the packet CK [CK [r]] to obtain CK [r], and display it and the packet previously transmitted to the service delivery agent gateway 2 in step S304. The value is the same, so the identity legitimacy of the service delivery agent gateway 2 is successfully verified (steps S307) / This completes the two-way mutual authentication action to improve the conventional gsm. The system operator performs one-way authentication on the service delivery client 2 only. Disadvantages; most, for service delivery The terminal 3 transmits - the random number generated from the helmet (iv) calculate the parameter value to the service delivery gy proxy gateways 2 (step S3〇8). " Monthly refer to the flowchart in FIG. 2 again. When the service delivery agent gateway 2 receives the service delivery request (PushReq) from 15 to the service delivery initiator 1, it will also generate a random number X, according to the service delivery. The parameter values from the user terminal 3 are calculated as gx and gxy (= (; gy) x), which are also used as parameters for the conference key SK between the service delivery user terminal 3 and the service delivery initiator 1, and then the service delivery agent gateway The device 2 will encrypt the timestamps tPi, gX, and gXy with its own signature 20KPPG, and then use the public gold KM of the service delivery initiator} to encrypt it to form kpi [kppgh < tpl, gx, gxy > ] 'And send it to the service delivery initiator with its own identity certificate Cert (PPG) (step S203). At this time, the service delivery initiator 1 will first verify the service delivery agent gateway 2 according to the identity certificate Cert (ppG), and use the key to unlock the received 12 1231681 packet content, and then use its own random number z Use the received parameter values gx and gxy to obtain another parameter value gu (= (gX) z) and _ as the conference key SK gXyz for the content of the encrypted service delivery message, and generate the time stamp tPI ' The content of the service delivery message (PushMsg) is encrypted using sk, 5 and finally the signature of the service delivery initiator 1 is encrypted, and the following message is formed and transmitted to the service delivery agent gateway 2 (step S204). KPPG [Kp 丨< tPI ', gxz, SK [PushMsg] >]. After receiving the above message, the service delivery agent gateway 2 will first verify the integrity of the message and the source authentication. After unlocking the message using the key, ο obtain tPI, gxz, & SK [PushMsg], transmit gXiSK [PushMsg], and ‘’ stone service spear father pays the client 3 (step S205). After receiving the message sent by the service delivery agent gateway 2 from the service delivery client 3, the service delivery client 3 can calculate and obtain the conference key 3 feet gXyz (= (gXZ) y) according to the random number y generated by its own month. In the meantime, the SK can be used to unlock the inner valley of the service delivery message pushMsg (step S206). It can be seen that since only the service delivery initiator 丨 and the service father pay client 3 can calculate the SK, using 3] ^ to encrypt the content of the service delivery message will definitely achieve the purpose of protecting the user's privacy. The above examples are described by taking the operation flow of the unconfirmed service delivery mode as an example. Please refer to FIG. 4 below for a flow chart of the service delivery mode that needs to be confirmed. Among them, steps S401 to S406 in FIG. 4 of this real yoke example are exactly the same as steps S201 to S206 in FIG. 2, but after the service delivery client 3 unlocks the service delivery message (step S406), the service delivery user The terminal 3 sends back a confirmation message to confirm that the service delivery message has been received (step S4〇; and the service delivery start 13 1231681 1) is to send a _result notification message (result nominated message) to the father. Pay the agent gateway 2 (step S408); notify the service delivery agent of the gateway benefit 2 back-the result notification reply (also details poonse) to 5 10 15 20 2 service delivery initiator 丨 (step S4 〇9). In addition, if the service delivery client 3: receives a service delivery message I that needs to be authenticated (⑽firm), there must be a network connection between the service delivery client 3 and the service delivery agent gateway 2, so the service delivery user The client also needs a connection initiation program, which receives a connection establishment request from the service delivery agent gateway 2 and establishes a network connection with the service parent payment agent gateway 2. As can be seen from the above description, the authentication and message encryption party $ ′ proposed by the present invention encrypts the content of the service delivery message to ensure the user's femininity and privacy. In addition, the present invention can select a suitable symmetric or asymmetric golden record encryption technology according to the computing capability of the mobile terminal device and the characteristics of the network environment in which it is located, and make the service delivery client and service delivery closed. The server, the service delivery initiator, and the service delivery initiator together participate in the conference key = generation ', but only the service delivery client and the service delivery initiator each generate the same-the shared encryption and decryption gold records gxyz, and the server can only obtain x, gy, gz and other parameters, will not be able to generate this encryption and decryption to the key itself. This way-come 'will greatly improve the security of the Golden Eagle protocol method, and: the attacker must obtain the private value of the three (that is, the random balance generated by each of them will calculate the balance of the money; and enable the service to be delivered to the user) The private value of the client is reduced, which reduces the burden of exponential calculation on the service delivery user. ^ Bull, the service delivery agent closer is also responsible for the service delivery initiator to pay the client for identity authentication to ensure wireless The network or wired 14 1231681 network environment can avoid the risk of interception (man in the_midd⑷) attacks. In addition, the present invention is to achieve the service delivery client and the system provider's service delivery agent gateway The function of two-way authentication; and the present invention is only for the service delivery message encryption, rather than the type encryption of the entire service delivery message 5, so the service delivery agent gateway can control the amount of information after encoding compression is not increased, and It is a great progress to reduce the workload of the service delivery initiator to perform processing and work. The above embodiments are merely examples for the convenience of description. The scope of Zhang's rights should be based on the scope of the patent application, not limited to the above-mentioned embodiments. [Simplified illustration of the figure] Figure 1 is a network architecture of a service delivery technology of a preferred embodiment of the present invention Figure 2. Figure 15 is a flow chart of a service delivery model without confirmation in a preferred embodiment of the present invention. Figure 3 is a flow of mutual authentication between a service delivery client and a service delivery agent gateway in a preferred embodiment of the present invention Figure 4. Figure 4 is a flow chart of the service delivery mode that needs to be confirmed in another preferred embodiment of the present invention. 20 [Illustration of the drawing number] Service delivery agent gateway 2 Internet 8 Base station 91 Service delivery initiator 1 Service delivery Client 3 Wireless Network 9 15