CN103634276A - Privacy protection method for instant communication messages - Google Patents
Privacy protection method for instant communication messages Download PDFInfo
- Publication number
- CN103634276A CN103634276A CN201210300724.9A CN201210300724A CN103634276A CN 103634276 A CN103634276 A CN 103634276A CN 201210300724 A CN201210300724 A CN 201210300724A CN 103634276 A CN103634276 A CN 103634276A
- Authority
- CN
- China
- Prior art keywords
- message
- algorithm
- key
- server
- content key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses a privacy protection method for instant communication messages. The method comprises the following steps: when a user registers through a credible module, user information and a configuration key which is obtained according to the user information and hardware information through the encryption of a C algorithm are uploaded to a user server in secure environments; when the messages is forwarded by a message object server, the message object server request the user server so as to acquire the configuration key of a corresponding user and request a content key server so as to acquire a content key, and then a media object is encrypted through an A algorithm by using the content key, and the content key is encrypted through a B algorithm by using the configuration key; and a message protection document established and sent to a terminal. The privacy protection method of the invention has the following advantages that a, the encrypted document reading in the off-network condition can be supported; b, and the method can be used to help to detect whether the instant communication messages are tampered.
Description
Technical field
The present invention relates to instant communication message field of encryption, particularly instant communication message encryption method.
Background technology
Instant communication message is carried out to encipherment protection end to end, have very important value.Under the framework of main flow, although can protect instant communication message equally, but exist serious defect, or must the in the situation that of networking, could be decrypted instant communication message, this can increase user's Financial cost and make troubles to user in the situation that cannot guaranteeing networking; Or instant communication message do not have dependence to terminal, once instant communication message document is illegally stolen, can optionally check; Or cannot effectively detect instant communication message is tampered.
By retrieval, find, the patent No. is 200710076053.1, and name is called transmision method for encrypting information of mobile terminal.This patent is a kind of transmision method for encrypting information of mobile terminal, it is characterized in that, described method comprises following treatment step: 1) transmitting terminal mobile terminal is encrypted to sent information and Crypted password word, and obtains the information after encryption; 2) transmitting terminal mobile terminal sends to receiving terminal mobile terminal by the information after encryption in step 1); 3) receiving terminal mobile terminal receives this enciphered message, and to judge this information be enciphered message; 4), when reading this information on receiving terminal mobile terminal, when the clear crytpographic key of input is identical with Crypted password word in enciphered message, terminal shows after this information is decrypted to processing in terminal.
Although this patent is encrypted protection for information, is intended to protect Content of Communication, be only that the individual decruption key that produces user based on subscriber identity information is encrypted.
Summary of the invention
For the deficiencies in the prior art, the invention provides a kind of method for secret protection for instant communication message.In the present invention; by utilize user's log-on message and hardware information structure configuring cipher key in the trusted module of terminal, protect the content key of encrypting for instant communication message; after instant communication message incoming terminal; deciphering module comes decrypted content keys and then deciphering instant communication message by obtain configuring cipher key from trusted module, and the encryption instant communication message that can effectively solve in suspension situation is browsed problem.Due to the dependence of configuring cipher key to hardware device and user's registration information, can effectively guarantee the fail safe of copy message afterwards; Based on encrypting end to end effectively detect-message, whether be tampered simultaneously.Support the reading of off-line encrypting messages, the deciphering of message protection document and hardware device are bound, the two-way interests of protection information receiving and transmitting.
To achieve these goals, the technical solution used in the present invention is:
For a method for secret protection for instant communication message,
A trusted module that utilizes the digital certificate protection of trusted third party, for producing configuring cipher key according to the log-on message of message recipient and hardware information by C algorithm;
A client server, is used for depositing user profile and configuring cipher key;
A content key server, for depositing sender of the message's key or producing at random content key;
A message object server, for transfer object, generates corresponding message protection document, can use A algorithm and B algorithm;
A deciphering module, message recipient receives after message protection document, by adopting the deciphering module of same digital certificate protection with trusted module, when reading to trusted module request configuring cipher key, carry out the deciphering of content key, and then decrypt media object, can use A algorithm and B algorithm;
Its step is as follows: when user registers by trusted module, can by C algorithm for encryption, obtain under security context, uploading to client server with configuring cipher key by user profile with according to user profile and hardware information;
When message object server forwards message, its request client server obtains the configuring cipher key of relative users, request content key server obtains content key, then by A algorithm content key encryption media object, by B algorithm configuring cipher key encrypted content key; Build message protection document, send to terminal;
When user browses message, the deciphering module message protection document that first decompresses, then obtains configuring cipher key with trusted module communication dynamics, by configuring cipher key, utilizes B algorithm decrypted content keys, is then utilizing A algorithm to decrypt message object.
Beneficial effect of the present invention: a, supports the reading of encrypting messages in suspension situation; Whether b, help to detect instant communication message and be tampered.
Accompanying drawing explanation
Fig. 1, functional-block diagram of the present invention.
Embodiment
Functional-block diagram as of the present invention in Fig. 1; Message protection of the present invention is protected at twice; message content itself is by sender or produce at random content key and be encrypted; content key is encrypted in conjunction with the configuring cipher key producing according to user profile and hardware information by the trusted module of terminal, and the ciphertext of content key passes to the terminal of reception when user asks with digital content ciphertext.
When user browses in this locality, deciphering module dynamically obtains configuring cipher key from trusted module, and the deciphering of carrying out content key communicates the deciphering of content.
The title of several keys wherein, configuring cipher key: the ciphertext forming by special algorithm according to user's log-on message and hardware information.Content key: send message user provides or the random key generating of server.Configuration file: the XML file that comprises the ciphertext that is configured the content key after key is encrypted according to special algorithm.Message object: original message file etc.
Message protection document: comprise through the message of content key encryption and the compressed package of configuration file.
Trusted module: the module of protecting with the digital certificate of trusted third party.Deciphering module: the module of the execution message protection object deciphering of protecting with the digital certificate of trusted third party.
A algorithm: the symmetry algorithm of Encrypt and Decrypt message object.B algorithm: the symmetry algorithm of Encrypt and Decrypt content key.C algorithm: the MD5 algorithm that generates configuring cipher key.
Key modules of the present invention is as follows:
A trusted module that utilizes the digital certificate protection of trusted third party.For producing configuring cipher key according to the log-on message of message recipient and hardware information by C algorithm.
A client server, is used for depositing user profile and configuring cipher key.
A content key server, for depositing sender of the message's key or producing at random content key.
A message object server, for transfer object, generates corresponding message protection document, can use A algorithm and B algorithm.
A deciphering module, message recipient receives after message protection document, the deciphering module by adopting same digital certificate protection with trusted module to trusted module request configuring cipher key, carries out the deciphering of content key when reading, and then decrypt media object.Can use A algorithm and B algorithm.
Workflow:
When user is registered and is logined by trusted module, can by user profile and according to user profile and hardware information by C algorithm for encryption obtain with configuring cipher key under security context upload configuration key to client server.
When message object server forwards message, its request client server obtains the configuring cipher key of relative users, request content key server obtains content key, by message key, message object is encrypted, and builds the configuration file of storage ciphertext part content key.Both are packaged into message protection document, then by A algorithm content key encryption media object, by B algorithm configuring cipher key encrypted content key.Build message protection document, send to terminal;
When user browses message; deciphering module is decompress(ion) message protection document first; by the message key server key that gives information; message object server forwarding messages protection document; then obtain configuring cipher key (simultaneously being protected by the digital certificate of trusted third party) with trusted module communication dynamics; by configuring cipher key, utilize B algorithm decrypted content keys, then utilizing A algorithm to decrypt message object.
Claims (1)
1. for a method for secret protection for instant communication message, it is characterized in that:
A trusted module that utilizes the digital certificate protection of trusted third party, for producing configuring cipher key according to the log-on message of message recipient and hardware information by C algorithm;
A client server, is used for depositing user profile and configuring cipher key;
A content key server, for depositing sender of the message's key or producing at random content key;
A message object server, for transfer object, generates corresponding message protection document, can use A algorithm and B algorithm;
A deciphering module, message recipient receives after message protection document, and the deciphering module by adopting same digital certificate protection with trusted module to trusted module request configuring cipher key, carries out the deciphering of content key when reading, and then decrypt media object, can use A algorithm and B algorithm;
Its step is as follows: when user registers by trusted module, can by C algorithm for encryption, obtain under security context, uploading to client server with configuring cipher key by user profile with according to user profile and hardware information;
When message object server forwards message, its request client server obtains the configuring cipher key of relative users, request content key server obtains content key, then by A algorithm content key encryption media object, by B algorithm configuring cipher key encrypted content key; Build message protection document, send to terminal;
When user browses message, the deciphering module message protection document that first decompresses, then obtains configuring cipher key with trusted module communication dynamics, by configuring cipher key, utilizes B algorithm decrypted content keys, is then utilizing A algorithm to decrypt message object.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210300724.9A CN103634276A (en) | 2012-08-23 | 2012-08-23 | Privacy protection method for instant communication messages |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210300724.9A CN103634276A (en) | 2012-08-23 | 2012-08-23 | Privacy protection method for instant communication messages |
Publications (1)
Publication Number | Publication Date |
---|---|
CN103634276A true CN103634276A (en) | 2014-03-12 |
Family
ID=50214908
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201210300724.9A Pending CN103634276A (en) | 2012-08-23 | 2012-08-23 | Privacy protection method for instant communication messages |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103634276A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112839132A (en) * | 2020-12-31 | 2021-05-25 | 中孚信息股份有限公司 | Method and system for realizing mobile phone input method with information encryption function |
CN113037611A (en) * | 2021-03-04 | 2021-06-25 | 长沙学院 | Mobile safety instant communication method based on multiple public IM channels |
CN115001865A (en) * | 2022-07-28 | 2022-09-02 | 杭州安司源科技有限公司 | Communication processing method and system, client, communication server and supervision server |
-
2012
- 2012-08-23 CN CN201210300724.9A patent/CN103634276A/en active Pending
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112839132A (en) * | 2020-12-31 | 2021-05-25 | 中孚信息股份有限公司 | Method and system for realizing mobile phone input method with information encryption function |
CN112839132B (en) * | 2020-12-31 | 2022-03-11 | 中孚信息股份有限公司 | Method and system for realizing mobile phone input method with information encryption function |
CN113037611A (en) * | 2021-03-04 | 2021-06-25 | 长沙学院 | Mobile safety instant communication method based on multiple public IM channels |
CN113037611B (en) * | 2021-03-04 | 2022-04-19 | 长沙学院 | Mobile safety instant communication method based on multiple public IM channels |
CN115001865A (en) * | 2022-07-28 | 2022-09-02 | 杭州安司源科技有限公司 | Communication processing method and system, client, communication server and supervision server |
CN115001865B (en) * | 2022-07-28 | 2022-12-02 | 杭州安司源科技有限公司 | Communication processing method and system, client, communication server and supervision server |
WO2024021958A1 (en) * | 2022-07-28 | 2024-02-01 | 杭州安司源科技有限公司 | Communication processing method and system, client, communication server and supervision server |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10693848B2 (en) | Installation of a terminal in a secure system | |
US8499156B2 (en) | Method for implementing encryption and transmission of information and system thereof | |
CN103428221B (en) | Safe login method, system and device to Mobile solution | |
US10348498B2 (en) | Generating a symmetric encryption key | |
CN103248479A (en) | Cloud storage safety system, data protection method and data sharing method | |
US10356090B2 (en) | Method and system for establishing a secure communication channel | |
CN101466079A (en) | Method, system and WAPI terminal for transmitting e-mail | |
CN102333093A (en) | Data encryption transmission method and system | |
CN101720071A (en) | Short message two-stage encryption transmission and secure storage method based on safety SIM card | |
CN102638459A (en) | Authentication information transmission system, authentication information transmission service platform and authentication information transmission method | |
Nyamtiga et al. | Enhanced security model for mobile banking systems in Tanzania | |
US10511596B2 (en) | Mutual authentication | |
TW201417546A (en) | Instant messaging method and system | |
US10733309B2 (en) | Security through authentication tokens | |
CN105704690A (en) | Short message confidential communication method and system based on cell phone digital fingerprint verification | |
CN102740239B (en) | The method and system of secure transmission of media information | |
CN104009842A (en) | Communication data encryption and decryption method based on DES encryption algorithm, RSA encryption algorithm and fragile digital watermarking | |
CN105610847A (en) | Method for supporting security transmission and exchange of electronic official documents of multiple exchange nodes | |
CN202818612U (en) | System capable of blocking unauthorized SMS text messages or bulk SMS text messages | |
CN101854594A (en) | Method and device for transmitting information and method and device for receiving information | |
CN103916834A (en) | Short message encryption method and system allowing user to have exclusive secret key | |
CN103945348A (en) | Asymmetrical secret key short message encryption method and system | |
CN103634276A (en) | Privacy protection method for instant communication messages | |
Hussien et al. | Scheme for ensuring data security on cloud data storage in a semi-trusted third party auditor | |
CN103986640A (en) | Instant messaging method and system capable of guaranteeing safety of user communication content |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20140312 |