CN108667718A - A kind of instantaneous communication system and its communication means - Google Patents
A kind of instantaneous communication system and its communication means Download PDFInfo
- Publication number
- CN108667718A CN108667718A CN201810384917.4A CN201810384917A CN108667718A CN 108667718 A CN108667718 A CN 108667718A CN 201810384917 A CN201810384917 A CN 201810384917A CN 108667718 A CN108667718 A CN 108667718A
- Authority
- CN
- China
- Prior art keywords
- client
- ciphertext
- sent
- instant messaging
- sender
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/04—Real-time or near real-time messaging, e.g. instant messaging [IM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/55—Push-based network services
Abstract
The present invention provides a kind of instantaneous communication system and its communication means, including:At least two clients and instant messaging server-side;Each described client, the interactive information sent for when as sender, receiving information push user, is encrypted the interactive information to form ciphertext, and the ciphertext is sent to the instant messaging server-side;When as recipient, the ciphertext that the instant messaging server-side is sent is received, the ciphertext is decrypted and obtains the interactive information, and show information to receive user the interactive information;The instant messaging server-side, for when receiving the ciphertext as the client transmission of sender, ciphertext to be sent to the client as recipient.This programme can improve the secret protection of communicating pair.
Description
Technical field
The present invention relates to field of computer technology, more particularly to a kind of instantaneous communication system and its communication means.
Background technology
As internet development is rapid, the especially development of social networks, social networks will be under line by the interest of individual
Social circle be transferred on line, be the interconnection networking of socialization behavior, also reflect to a certain extent real human society
It constitutes.
There is a large amount of social media tool and instant communication software in internet, and it is flat to also form all kinds of point-to-point communications
Platform, these platforms a large amount of physical hardware resources of site polymerization beyond the clouds, and heterogeneous network is realized using virtualization technology
Unified distribution, scheduling and the management of computing resource concentrate and build the cost that data center greatly reduces calculating and storage,
Realize the communication of magnanimity terminal room.
But along with the development of communication network and access the continuous expansion of scale, the safety of the data exchange between group
Problem increasingly obtains everybody and payes attention to, in the environment of such a opening, the data exchange secret protection between user and safety
Security problem becomes the hot issue of everybody common concern.In this case, instant messaging server-side how is efficiently used,
Ensure communicating pair message transmission safe transmission under the premise of, message privacy not by immediate communication platform obtain at
For a urgent problem needed to be solved.
Invention content
An embodiment of the present invention provides a kind of instantaneous communication system and its communication means, and message privacy can be ensured not by i.e.
When communication service end obtain.
In a first aspect, an embodiment of the present invention provides a kind of instantaneous communication systems, including:At least two clients and immediately
Communication service end;
Each described client, the interactive information sent for when as sender, receiving information push user are right
The interactive information is encrypted to form ciphertext, and the ciphertext is sent to the instant messaging server-side;When as reception
Fang Shi receives the ciphertext that the instant messaging server-side is sent, and decrypts the ciphertext and obtains the interactive information, and by institute
Stating interactive information shows information to receive user;
The instant messaging server-side, for when the ciphertext for receiving the client transmission as sender
When, ciphertext is sent to the client as recipient.
Preferably, the client, for when as sender, information to be received using preset input method Encryption Tool
The interactive information that user sends is pushed, and the interactive information of reception is encrypted to form ciphertext.
Preferably, the client is further used for when as sender, using the input method Encryption Tool by institute
It states ciphertext and is converted to Base64 coded datas, the Base64 coded datas are output in the input frame of the client and are sent
To the instant messaging server-side;When as recipient, when receiving described in the instant messaging server-side sends
When Base64 coded datas, the ciphertext is extracted from the Base64 coded datas;
The instant messaging server-side, for as the Base64 for receiving the client transmission as sender
When coded data, the Base64 coded datas are sent to the client as recipient.
Preferably, the client, be further used for using preset screen capture image zooming-out identify decoding tool into
Row deep learning is trained;When the Base64 coded datas for receiving the instant messaging server-side transmission as recipient
When, it shows the Base64 coded datas, identifies decoding tool using the screen capture image zooming-out, capture the described of displaying
Base64 coded datas generate picture, identify that decoding tool is instructed using the deep learning by the screen capture image zooming-out
Practice reasoning and identify the Base64 coded datas in the picture, and it is described close to decrypt the Base64 coded datas acquisition
Text.
Preferably, further comprise:Authentication center;
The client, the client public key for being further used for be generated in advance is sent to the authentication center, and receives
The digital certificate that the authentication center sends according to the client public key;When as sender, the client is corresponded to
Digital certificate be sent to the instant messaging server-side;It receives and determines that the certification public key that the authentication center announces whether can
Decryption, the corresponding digital certificate of the client as recipient that the instant messaging server-side is sent, if so, executing
Described that the interactive information is encrypted to form ciphertext, otherwise termination message exchanges;
When the client is as sender, receives and determine whether the certification public key verifications can decrypt, it is described to be
When communication service end send the corresponding digital certificate of the client, if so, to the instant messaging server-side send make
For sender when corresponding digital certificate, otherwise termination message exchange;
The authentication center, for announcing the certification public key being generated in advance, when receiving what the client was sent
When client public key, is signed to the client public key using certification private key corresponding with the certification public key and generate number card
Book, and the digital certificate is sent to the client;
The instant messaging server-side is further used for receiving and forwarding the number of the client transmission as sender
Word certificate is to the client as recipient;Receive and forward the digital certificate of the client transmission as recipient
To the client as sender.
Preferably, when the client is as sender, for when the corresponding number of the client as recipient
Word certification authentication by when, symmetric session keys are generated according to preset encryption rule, and using as the visitor of sender
The symmetric session keys being signed are sent to described instant by the client public key signature in the corresponding digital certificate in family end
Communication service end, and generation ciphertext is encrypted to the interactive information using the symmetric session keys;
When the client is as recipient, it is signed described in the immediate communication platform transmission for working as to receive
Symmetric session keys when, using opposite with the client public key in digital certificate corresponding as the client of recipient
The private key decryption answered, obtains and caches the symmetric session keys;When receiving the ciphertext, the described symmetrical of caching is utilized
Session key decrypts the ciphertext and obtains the interactive information;
The instant messaging server-side, for receiving and forwarding as the institute after the signature of client transmission described in sender
Symmetric session keys are stated, to the client as recipient.
Preferably, when the client is as sender, it is further used for working as and the client as recipient
When sign off, the symmetric session keys are deleted;
When the client is as recipient, it is further used for terminating with the client communication as sender
Afterwards, the symmetric session keys are deleted.
Second aspect, an embodiment of the present invention provides any instant messagings in a kind of embodiment based on first aspect
The communication means of system, including:
For each client at least two clients, pushed away using information is received as the client of sender
Send user's interactive information sent, the interactive information be encrypted to form ciphertext, and by the ciphertext be sent to it is described i.e.
When communication service end;
The ciphertext that the instant messaging server-side is sent is received using as the client of recipient, decryption is described close
Text obtains the interactive information, and shows information to receive user the interactive information;
Using the instant messaging server-side when receive as sender the client transmission the ciphertext when,
Ciphertext is sent to the client as recipient.
It is preferably, described to receive the interactive information that information push user sends using as the client of sender,
The interactive information is encrypted to form ciphertext, including:
Using as the client of sender, information is received by preset input method Encryption Tool and pushes user's hair
The interactive information sent, and the interactive information of reception is encrypted to form ciphertext.
Preferably, the interactive information that information pushes user's transmission is received by preset input method Encryption Tool described,
And after being encrypted to the interactive information of reception and forming ciphertext, the ciphertext is sent to the instant messaging described
Before server-side, further comprise:
Using as the client of sender, the ciphertext is converted to by Base64 by the input method Encryption Tool and is compiled
Code data, the Base64 coded datas are output in the input frame of the client and are sent to the instant messaging service
End;
It is described to be received as the described close of the client of sender transmission using the instant messaging server-side
Ciphertext is sent to the client as recipient by Wen Shi, including:
Worked as using the instant messaging server-side and is received as the Base64 of the client of sender transmission
When coded data, the Base64 coded datas are sent to the client as recipient;
It is described to receive the ciphertext that the instant messaging server-side is sent using as the client of recipient, including:
Using as the client of recipient, as the Base64 for receiving the instant messaging server-side and sending
When coded data, the ciphertext is extracted from the Base64 coded datas.
In embodiments of the present invention, it is not that will hand over when client receives the interactive information that information push user sends
Mutual information directly transmits instant messaging server-side, but first is encrypted to form ciphertext to interactive information, then ciphertext is sent to
Instant messaging server-side, when so that the client as recipient receiving ciphertext, ciphertext, which is decrypted, can obtain interaction
Information.To sum up, interactive information is transmitted in transmittance process with ciphertext form, is effectively utilizing instant messaging service
It holds while transmitted into row information, ensure that the privacy of communicating pair, its information privacy is made not obtained by instant messaging server-side.
Description of the drawings
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technology description to be briefly described, it should be apparent that, the accompanying drawings in the following description is the present invention
Some embodiments for those of ordinary skill in the art without creative efforts, can also basis
These attached drawings obtain other attached drawings.
Fig. 1 is a kind of structural schematic diagram for instantaneous communication system that one embodiment of the invention provides;
Fig. 2 is the structural schematic diagram for another instantaneous communication system that one embodiment of the invention provides;
Fig. 3 is a kind of flow chart for communication means that one embodiment of the invention provides;
Fig. 4 is the structural schematic diagram for another instantaneous communication system that one embodiment of the invention provides.
Specific implementation mode
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention
In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is
A part of the embodiment of the present invention, instead of all the embodiments, based on the embodiments of the present invention, those of ordinary skill in the art
The every other embodiment obtained without making creative work, shall fall within the protection scope of the present invention.
As shown in Figure 1, an embodiment of the present invention provides a kind of instantaneous communication systems, including:At least two clients, 101 He
Instant messaging server-side 102;
Each described client 101, the interaction letter sent for when as sender, receiving information push user
Breath, is encrypted the interactive information to form ciphertext, and the ciphertext is sent to the instant messaging server-side 102;When
When as recipient, the ciphertext that the instant messaging server-side 102 is sent is received, the ciphertext is decrypted and obtains the interaction
Information, and show information to receive user the interactive information;
The instant messaging server-side 102, for working as described in the transmission of the client 101 received as sender
When ciphertext, ciphertext is sent to the client 101 as recipient.
In embodiments of the present invention, it is not that will hand over when client receives the interactive information that information push user sends
Mutual information directly transmits instant messaging server-side, but first is encrypted to form ciphertext to interactive information, then ciphertext is sent to
Instant messaging server-side, when so that the client as recipient receiving ciphertext, ciphertext, which is decrypted, can obtain interaction
Information.To sum up, interactive information is transmitted in transmittance process with ciphertext form, is effectively utilizing instant messaging service
It holds while transmitted into row information, ensure that the privacy of communicating pair, its information privacy is made not obtained by instant messaging server-side.
In an embodiment of the present invention, the client, for when as sender, being encrypted using preset input method
Tool receives the interactive information that information push user sends, and is encrypted to form ciphertext to the interactive information of reception.
In embodiments of the present invention, information pushes user if you need to send interactive information, is not the interaction first by plaintext version
In information input to the input frame of client, then interactive information is encrypted, but interaction letter is inputted in information push user
During breath, information is pushed by interactive information input by user by input method Encryption Tool and is directly encrypted, is being encrypted
Afterwards in the input frame for being input to client, so that instant messaging server-side can not obtain the interactive information of plaintext version,
And then the secret protection of communicating pair.
It is understood that interactive information, can be written form, symbol, voice messaging, video information, pictorial information.
In an embodiment of the present invention, the client is further used for when as sender, utilizes the input method
The ciphertext is converted to Base64 coded datas by Encryption Tool, and the Base64 coded datas are output to the client
The instant messaging server-side is sent in input frame;When as recipient, sent out when receiving the instant messaging server-side
When the Base64 coded datas sent, the ciphertext is extracted from the Base64 coded datas;
The instant messaging server-side, for as the Base64 for receiving the client transmission as sender
When coded data, the Base64 coded datas are sent to the client as recipient.
In embodiments of the present invention, since the data of computer are stored by ASCII ASCII character,
And the value between the 128~255 of ASCII character is invisible character, can pass through multiple set in transmission process without character visible
When standby transmission, and repeatedly different processing can be passed through, this ciphertext that can increase invisible character style is handled wrong probability, because
This, in order to reduce ciphertext in transmission by the wrong probability of processing, client needs to encrypt work using input method when as sender
Tool first converts ciphertext into Base64 coded datas, is transferred to by instant messaging server-side so as to which ciphertext is become character visible
As the client of recipient, so that the client as recipient when receiving Base64 coded datas, is compiled from Base64
Code extracting data ciphertext, then be decrypted and can obtain interactive information.
In an embodiment of the present invention, the client is further used for knowing using preset screen capture image zooming-out
Other decoding tool carries out deep learning training;It is received described in the instant messaging server-side transmission when as recipient
When Base64 coded datas, the Base64 coded datas are shown, decoding tool is identified using the screen capture image zooming-out,
The Base64 coded datas for capturing displaying generate picture, identify that decoding tool utilizes by the screen capture image zooming-out
The deep learning training reasoning identifies the Base64 coded datas in the picture, and decrypts the Base64 codings
Ciphertext described in data acquisition.
In embodiments of the present invention, by the deep learning data of magnanimity, it can make the screen capture image of client
Extraction identification decoding tool obtains deep learning training, so that screen capture image zooming-out identification decoding tool has analytic learning
Ability can identify the data such as word, image and sound, to realize that the more efficient reasoning from the picture captured identifies
Base64 coded datas, and extract ciphertext from Base64 coded datas.To sum up, screen capture image zooming-out is utilized
It identifies decoding tool, shows ciphertext data in friendly way and receive user to information, can not only give the good use of user
Experience, it can also be ensured that the operational efficiency of proofreading.
Based on a kind of instantaneous communication system shown in FIG. 1, as shown in Fig. 2, in embodiments of the present invention, the instant messaging
System further comprises:Authentication center 201;
The client 101, the client public key for being further used for be generated in advance are sent to the authentication center 201,
And receive the digital certificate that the authentication center 201 sends according to the client public key;When as sender, by the visitor
The corresponding digital certificate in family end is sent to the instant messaging server-side 102;It receives and determines what the authentication center 201 announced
Whether certification public key can be decrypted, the corresponding number card of the client as recipient that the instant messaging server-side is sent
Book is encrypted the interactive information to form ciphertext if so, execution is described, and otherwise termination message exchanges;
When the client is as sender, receives and determine whether the certification public key verifications can decrypt, it is described to be
When communication service end 102 send the corresponding digital certificate of the client, if so, to the instant messaging server-side 102
Corresponding digital certificate when sending as sender, otherwise termination message exchange;
The authentication center 201, for announcing the certification public key being generated in advance, when receiving the client 101
When the client public key of transmission, 101 public key signature of the client is given birth to using certification private key corresponding with the certification public key
It is sent to the client 101 at digital certificate, and by the digital certificate;
The instant messaging server-side 102 is further used for receiving and forwards the hair of the client 101 as sender
The digital certificate sent is to the client 101 as recipient;It receives and forwards the client transmission as recipient
Digital certificate to the client as sender.
In embodiments of the present invention, when the client as sender is interacting it with the client as recipient
Before, need communicating pair to generate client public key respectively (i.e. as the client of sender and as the client of recipient),
And using client public key to digital certificate of authentication center's application with client public key and identity information, so that communicating pair
According to the legitimacy of digital certificate authentication other side's identity of other side, could be carried out when the identity of communicating pair is legal
Data interaction, and verify whether both sides' identity is legal, safety when interactive information is transmitted can be improved.
In an embodiment of the present invention, when the client is as sender, for as the visitor as recipient
The corresponding digital certificate authentication in family end by when, according to preset encryption rule generate symmetric session keys, and using as send out
Client public key signature in the corresponding digital certificate of the client for the side of sending, the symmetric session keys being signed are sent out
The instant messaging server-side is given, and generation ciphertext is encrypted to the interactive information using the symmetric session keys;
When the client is as recipient, it is signed described in the immediate communication platform transmission for working as to receive
Symmetric session keys when, using opposite with the client public key in digital certificate corresponding as the client of recipient
The private key decryption answered, obtains and caches the symmetric session keys;When receiving the ciphertext, the described symmetrical of caching is utilized
Session key decrypts the ciphertext and obtains the interactive information;
The instant messaging server-side, for receiving and forwarding as the institute after the signature of client transmission described in sender
Symmetric session keys are stated, to the client as recipient.
In embodiments of the present invention, when the digital certificate of communicating pair is verified, communicating pair is needed to carry out close
Key is negotiated, and symmetric session keys are obtained, so that when communicating pair carries out data interaction, is encrypted using symmetric session keys
Or decryption, and interactive information is encrypted or is decrypted by symmetric session keys, authentication intensity can be not only improved, also
Speed of the interactive information in encryption or decryption can be improved.
For example, preset encryption rule is using Salsa20 streaming symmetric encipherment algorithms, therefore Salsa20 streamings
Symmetric encipherment algorithm is symmetric session keys, and the client a as sender is symmetrical to Salsa20 streamings using SM2-DH algorithms
Encryption Algorithm is encrypted, and encrypted Salsa20 streamings symmetric encipherment algorithm is sent to by instant messaging server-side
Given client end, given client end utilize SM2-DH algorithms when receiving encrypted Salsa20 streamings symmetric encipherment algorithm
Decryption, you can learn that symmetric session keys are Salsa20 streaming symmetric encipherment algorithms.
It should be noted that preset encryption rule can also be the client as sender to the visitor as recipient
Family end sends authentication and passes through, and generates symmetric session keys by the client as recipient, by symmetric session keys
It is transferred to the client as sender.
In an embodiment of the present invention, when the client is as sender, be further used for when with as recipient
The client communication at the end of, delete the symmetric session keys;
When the client is as recipient, it is further used for terminating with the client communication as sender
Afterwards, the symmetric session keys are deleted.
In embodiments of the present invention, after communicating pair sign off, communicating pair be required to delete cached it is symmetrical
Session key can re-start key agreement when communicating pair interacts again, to ensure the symmetrical meeting communicated every time
It is different to talk about key, to improve the safety of communicating pair interaction data.
To sum up, added based on input method when a kind of instantaneous communication system and its communication means provided in an embodiment of the present invention
The security instant communication system and its communication means of close tool and screen capture image zooming-out identification decoding tool.It is double by communicating
Fang Fafang digital certificates realize the strong identity authentication of communicating pair, and instant messaging server-side is effectively utilized to realize that key is handed over
It changes;Increase input method Encryption Tool at instant communication service end communication both ends and screen capture image zooming-out identify decoding tool,
Word is encrypted using input method, ciphertext is formed and is sent to other side, recipient obtains transmission ciphertext picture by screenshot capture, then
It is identified using deep learning pictograph to obtain, and is decrypted, realize encryption input and the safe transmission of data, and
In friendly way show ciphertext data to communication receiver, give the good usage experience of client, and have higher operation
Efficiency;Encryption data, more efficiently and accurately are identified using depth learning technology, while efficiently using immediate communication platform,
Also assure that the privacy of communicating pair, message privacy are not obtained by platform.In addition, the secure storage of key and third party's number
Provide the safety that certificate also increases instant messaging both sides in certificate verification center.
As shown in figure 3, an embodiment of the present invention provides a kind of the logical of instantaneous communication system based on described in claim Fig. 1
Letter method, including:
Step 301:For each client at least two clients, using as the client of sender termination
The interactive information that the breath push user that collects mail sends, is encrypted the interactive information to form ciphertext, and the ciphertext is sent
To the instant messaging server-side;
Step 302:The ciphertext that the instant messaging server-side is sent, solution are received using as the client of recipient
The close ciphertext obtains the interactive information, and shows information to receive user the interactive information;
Step 303:Worked as using the instant messaging server-side and is received as the institute of the client of sender transmission
When stating ciphertext, ciphertext is sent to the client as recipient.
In embodiments of the present invention, it is not that will hand over when client receives the interactive information that information push user sends
Mutual information directly transmits instant messaging server-side, but first is encrypted to form ciphertext to interactive information, then ciphertext is sent to
Instant messaging server-side, when the corresponding given client termination of interactive information receives ciphertext, ciphertext, which is decrypted, to be obtained
Interactive information.To sum up, interactive information is transmitted in transmittance process with ciphertext form, is effectively utilizing instant messaging
While server-side is transmitted into row information, the privacy of communicating pair ensure that, make its information privacy not by instant messaging server-side
It obtains.
In an embodiment of the present invention, described to receive information push user's transmission using as the client of sender
Interactive information, the interactive information is encrypted to form ciphertext, including:
Using as the client of sender, information is received by preset input method Encryption Tool and pushes user's hair
The interactive information sent, and the interactive information of reception is encrypted to form ciphertext.
In an embodiment of the present invention, information push user's transmission is received by preset input method Encryption Tool described
Interactive information, and after being encrypted to the interactive information of reception and forming ciphertext, the ciphertext is sent to described
Before the instant messaging server-side, further comprise:
Using as the client of sender, the ciphertext is converted to by Base64 by the input method Encryption Tool and is compiled
Code data, the Base64 coded datas are output in the input frame of the client and are sent to the instant messaging service
End;
It is described to be received as the described close of the client of sender transmission using the instant messaging server-side
Ciphertext is sent to the client as recipient by Wen Shi, including:
Worked as using the instant messaging server-side and is received as the Base64 of the client of sender transmission
When coded data, the Base64 coded datas are sent to the client as recipient;
It is described to receive the ciphertext that the instant messaging server-side is sent using as the client of recipient, including:
Using as the client of recipient, as the Base64 for receiving the instant messaging server-side and sending
When coded data, the ciphertext is extracted from the Base64 coded datas.
It is below visitor using the client as sender in order to which what is be more clear illustrates technical scheme of the present invention and advantage
For family end f, given client end are client j, as shown in figure 3, to a kind of instantaneous communication system provided in an embodiment of the present invention
It is described in detail, including:
Client public key is generated in advance in client f401 and client j402.
Specifically, communicating pair, i.e. client f and client j need first to generate client public key before a communication, communication
Both sides carry out authentication by client public key, so as to determine whether the identity of communicating pair is legal.
Client public key is sent to authentication center 403 by client f401 and client j402 respectively.
Authentication center 403 announces the certification public key being generated in advance, and is being respectively received client f401 and client j402
When the client public key of transmission, using certification private key corresponding with certification public key to the corresponding client public keys of client f401 and
The corresponding client public keys of client j402 are signed respectively, generate the corresponding digital certificates of client f401 and client
The corresponding digital certificates of j402, and digital certificate is sent respectively to client f401 and client j402.
Specifically, communicating pair needs to apply for number to third party's comb certificate verification center after generating client public key
Word certificate, so that whether the identity of verification communicating pair is credible.
Client f401 using input method Encryption Tool when receiving the interactive information that information push user sends, to i.e.
When communication service end 404 send the corresponding digital certificate of client f.
Instant messaging server-side receives and the digital certificate for forwarding client f to send gives client j.
Client j402 is determined when the corresponding digital certificates of the client f for receiving the transmission of instant messaging server-side 404
Whether certification public key can decrypt the corresponding digital certificates of client f, if so, the corresponding digital certificates of client j are sent to
Otherwise instant messaging server-side 404 terminates this information exchange.
Specifically, client j needs to utilize certification public key verifications visitor when receiving the corresponding digital certificates of client f
F corresponding digital certificates in family end, if legal, continue information friendship so as to determine whether the identity of client f is legal
It changes, otherwise needs to terminate this information exchange.
Instant messaging server-side 404 receives and forwards the corresponding digital certificates of client f that client f401 is sent to visitor
Family end j402.
Client f401 is determined when the corresponding digital certificates of the client j for receiving the transmission of instant messaging server-side 404
Whether certification public key can decrypt the corresponding digital certificates of client j, if so, generating symmetrical session according to preset encryption rule
Key, and signed using the client public key in the corresponding digital certificates of client f, the symmetric session keys being signed are sent
To instant messaging server-side 404.
Instant messaging server-side 404 receives and forwards the corresponding digital certificates of client j that client j402 is sent to visitor
Family end f401;When receiving that client f401 sends when being signed symmetric session keys, the symmetric session keys that will be signed
It is sent to client j402.
Specifically, client f also needs to test using certification public key when receiving the corresponding digital certificates of client j
Whether demonstrate,prove the corresponding digital certificates of client j, so as to determine whether the identity of client j is legal, is handed over if it is, continuing information
It changes, otherwise needs to terminate this information exchange.
Client j402 is utilized when receiving the symmetric session keys of the transmission of instant messaging server-side 404 being signed
The corresponding private key decryption of client public key in digital certificate corresponding with client j, obtains and caches symmetric session keys.
Specifically, communicating pair needs to carry out key agreement, obtains symmetrical session after the identity for confirming both sides is legal
Key so as to improve speed when interactive information being encrypted or decrypted using symmetric session keys, and improves identity and recognizes
Demonstrate,prove intensity.
Client f401 encrypts interactive information to form ciphertext using input method Encryption Tool to symmetric session keys, and will
Ciphertext is converted to Base64 coded datas, and Base64 coded datas are sent to instant messaging server-side 404.
Specifically, after completing key agreement, client f can push away information using input method Encryption Tool communicating pair
The interactive information that user sends is sent to be encrypted, and since the data of computer are by ASCII ASCII
Code storage, and the value between the 128~255 of ASCII character is invisible character, can be passed through in transmission process without character visible
When multiple equipment is transmitted, and repeatedly different processing can be passed through, this can increase the ciphertext of invisible character style by processing mistake
Therefore probability in order to reduce ciphertext in transmission by the wrong probability of processing, needs to convert ciphertext into Base64 coded datas, with
Make ciphertext becoming character visible.
Instant messaging server-side 404 receives the Base64 coded datas that client f401 is sent, and by Base64 coded numbers
According to being sent to client j402.
Client j402 is when receiving the Base64 coded datas of the transmission of instant messaging server-side 404, by showing window
Mouth displaying Base64 coded datas capture the window generation picture of displaying using screen capture image zooming-out identification decoding tool,
And identify that decoding tool trains the reasoning from picture to identify according to the deep learning learnt in advance by screen capture image zooming-out
Go out Base64 coded datas, and extract ciphertext, and interactive information is obtained using the symmetric session keys decryption ciphertext of caching, and
Information is showed to receive user interactive information.
Speed when specifically, in order to improve encryption or decryption, by allowing the screen capture tool image of each client
Learn deep learning model, screen capture tool image can be made to obtain deep learning training, so that screen capture figure
Picture tool has analytic learning ability, can identify the data such as word, image and sound, therefore when client j is received
When Base64 coded datas, the impression window for capturing client j is generated picture by screen capture tool image, recycles depth
It practises reasoning and identifies Base64 coded datas from picture, ciphertext is extracted from Base64 coded datas, and utilize symmetrical meeting
Words key decrypts ciphertext to obtain interaction data.
For client f40 with after client j40 sign offs, client f40 and client j40 delete pair cached respectively
Claim session key.
Specifically, client f and client j deletes the symmetric session keys of caching in sign off, when carrying out again
Key agreement can be re-started when interaction, obtains new symmetric session keys, to ensure that the symmetrical session communicated every time is close
Key is different, realizes the purpose for improving communicating pair interaction data safety.
To sum up, increase input method Encryption Tool at the both ends at instant communication service end and screen capture image zooming-out is known
Other decoding tool, and increase cipher key agreement process before instant communication process, authentication intensity is improved, sender is realized and connects
The real-time encrypted communication of debit.Wherein,
Instant messaging server-side is a kind of business platform of instant exchange message Internet-based, provides the word on basis
Data exchange, and data exchange record can be preserved, while the ability of massive concurrent and mass memory being provided, realize two sides' of communication
Instant messaging;Input method Encryption Tool is responsible for carrying out stream encryption transmission data using arranging key;Screen capture image carries
It takes identification decoding tool to realize the Image Acquisition of instant communication software client display window, and reasoning is trained using deep learning
Data are extracted, arranging key is reused and is decrypted, display is in plain text;In addition, communicating pair needs to recognize using third party's CA certificate
It demonstrate,proves to ensure its identity, while to ensure that communicating pair holds the safety of key.
The each embodiment of the present invention at least has the advantages that:
1, in an embodiment of the present invention, when client receives the interactive information that information push user sends, it is not
Interactive information is directly transmitted into instant messaging server-side, but first interactive information is encrypted to form ciphertext, then ciphertext is sent out
Instant messaging server-side is given, when so that the client as recipient receiving ciphertext, ciphertext, which is decrypted, to be obtained
Interactive information.To sum up, interactive information is transmitted in transmittance process with ciphertext form, is effectively utilizing instant messaging
While server-side is transmitted into row information, the privacy of communicating pair ensure that, make its information privacy not by instant messaging server-side
It obtains.
2, in an embodiment of the present invention, information pushes user if you need to send interactive information, is not first by plaintext version
Interactive information is input in the input frame of client, then interactive information is encrypted, but is inputted and handed in information push user
During mutual information, information is pushed by interactive information input by user by input method Encryption Tool and is directly encrypted,
After encryption in the input frame for being input to client, so that instant messaging server-side can not obtain the interaction letter of plaintext version
Breath, and then the secret protection of communicating pair.
3, in an embodiment of the present invention, since the data of computer are by ASCII ASCII character
Storage, and the value between the 128~255 of ASCII character is invisible character, it can be through excessive in transmission process without character visible
When a equipment transmission, and repeatedly different processing can be passed through, this can increase the ciphertext of invisible character style by the general of processing mistake
Rate, therefore, in order to reduce ciphertext in transmission by the wrong probability of processing, client needs to utilize input method when as sender
Encryption Tool first converts ciphertext into Base64 coded datas, so that ciphertext, which is become character visible, passes through instant messaging server-side
It is transferred to the client as recipient, so that the client as recipient is when receiving Base64 coded datas, from
Ciphertext is extracted in Base64 coded datas, then is decrypted and can be obtained interactive information.
4, in an embodiment of the present invention, by the deep learning data of magnanimity, it can make the screen capture of client
Image zooming-out identification decoding tool obtains deep learning training, so that screen capture image zooming-out identification decoding tool has analysis
Learning ability can identify the data such as word, image and sound, to realize that the more efficient reasoning from the picture captured is known
Do not go out Base64 coded datas, and ciphertext is extracted from Base64 coded datas.To sum up, screen capture image is utilized
Extraction identification decoding tool, shows ciphertext data and receives user to information in friendly way, can not only give user good
Usage experience, it can also be ensured that the operational efficiency of proofreading.
5, in an embodiment of the present invention, when the client as sender is handed over the client as recipient
Before mutually, communicating pair (i.e. as the client of sender and as the client of recipient) is needed to generate client public affairs respectively
Key, and using client public key to digital certificate of authentication center's application with client public key and identity information, so that communication
Both sides, could when the identity of communicating pair is legal according to the legitimacy of digital certificate authentication other side's identity of other side
Data interaction is carried out, and verifies whether both sides' identity is legal, safety when interactive information is transmitted can be improved.
6, in an embodiment of the present invention, when the digital certificate of communicating pair is verified, need communicating pair into
Row key agreement, obtains symmetric session keys, so that when communicating pair carries out data interaction, is carried out using symmetric session keys
Encryption or decryption, and interactive information is encrypted or is decrypted by symmetric session keys, it is strong not only to improve authentication
Degree, can also improve speed of the interactive information in encryption or decryption.
7, in an embodiment of the present invention, after communicating pair sign off, communicating pair is required to what deletion was cached
Symmetric session keys can re-start key agreement when communicating pair interacts again, to ensure pair communicated every time
Claim session key different, to improve the safety of communicating pair interaction data.
It should be noted that herein, such as first and second etc relational terms are used merely to an entity
Or operation is distinguished with another entity or operation, is existed without necessarily requiring or implying between these entities or operation
Any actual relationship or order.Moreover, the terms "include", "comprise" or its any other variant be intended to it is non-
It is exclusive to include, so that the process, method, article or equipment including a series of elements includes not only those elements,
But also include other elements that are not explicitly listed, or further include solid by this process, method, article or equipment
Some elements.In the absence of more restrictions, the element limited by sentence " including one ", is not arranged
Except there is also other identical factors in the process, method, article or apparatus that includes the element.
Finally, it should be noted that:The foregoing is merely presently preferred embodiments of the present invention, is merely to illustrate the skill of the present invention
Art scheme, is not intended to limit the scope of the present invention.Any modification for being made all within the spirits and principles of the present invention,
Equivalent replacement, improvement etc., are included within the scope of protection of the present invention.
Claims (10)
1. a kind of instantaneous communication system, which is characterized in that including:At least two clients and instant messaging server-side;
Each described client, the interactive information sent for when as sender, receiving information push user, to described
Interactive information is encrypted to form ciphertext, and the ciphertext is sent to the instant messaging server-side;When as recipient,
The ciphertext that the instant messaging server-side is sent is received, the ciphertext is decrypted and obtains the interactive information, and by the friendship
Mutual information shows information to receive user;
The instant messaging server-side, for when receiving the ciphertext as the client transmission of sender, inciting somebody to action
Ciphertext is sent to the client as recipient.
2. instantaneous communication system according to claim 1, which is characterized in that
The client, for when as sender, receiving information push user using preset input method Encryption Tool and sending out
The interactive information sent, and the interactive information of reception is encrypted to form ciphertext.
3. instantaneous communication system according to claim 2, which is characterized in that
The client is further used for when as sender, is converted the ciphertext using the input method Encryption Tool
For Base64 coded datas, the Base64 coded datas are output in the input frame of the client be sent to it is described immediately
Communication service end;When as recipient, when the Base64 coded datas for receiving the instant messaging server-side transmission
When, extract the ciphertext from the Base64 coded datas;
The instant messaging server-side, for when the Base64 codings for receiving the client transmission as sender
When data, the Base64 coded datas are sent to the client as recipient.
4. instantaneous communication system according to claim 3, which is characterized in that
The client is further used for carrying out deep learning instruction using preset screen capture image zooming-out identification decoding tool
Practice;When receiving the Base64 coded datas that the instant messaging server-side is sent as recipient, described in displaying
Base64 coded datas identify decoding tool using the screen capture image zooming-out, capture the Base64 codings of displaying
Data generate picture, identify that decoding tool trains reasoning to identify using the deep learning by the screen capture image zooming-out
Go out the Base64 coded datas in the picture, and decrypts the Base64 coded datas and obtain the ciphertext.
5. according to any instantaneous communication system in Claims 1-4, which is characterized in that further comprise:In certification
The heart;
The client, the client public key for being further used for be generated in advance are sent to the authentication center, and described in reception
The digital certificate that authentication center sends according to the client public key;When as sender, by the corresponding number of the client
Word certificate is sent to the instant messaging server-side;It receives and determines whether the certification public key that the authentication center announces can solve
The corresponding digital certificate of the client as recipient close, that the instant messaging server-side is sent, if so, executing institute
It states and the interactive information is encrypted to form ciphertext, otherwise termination message exchanges;
When the client is as sender, receives and determine whether the certification public key verifications can decrypt, the Instant Messenger
The corresponding digital certificate of the client that telecommunications services end is sent, if so, being sent to the instant messaging server-side as hair
Corresponding digital certificate when the side of sending, otherwise termination message exchange;
The authentication center, for announcing the certification public key being generated in advance, as the client for receiving the client transmission
When holding public key, is signed to the client public key using certification private key corresponding with the certification public key and generate digital certificate, and
The digital certificate is sent to the client;
The instant messaging server-side is further used for receiving and forwarding the number card of the client transmission as sender
Book is to the client as recipient;It receives and forwards the digital certificate of the client transmission as recipient to work
For the client of sender.
6. instantaneous communication system according to claim 5, which is characterized in that
When the client is as sender, for leading to when the corresponding digital certificate authentication of the client as recipient
It is out-of-date, symmetric session keys are generated according to preset encryption rule, and using as the corresponding number of the client of sender
The symmetric session keys being signed are sent to the instant messaging server-side by the client public key signature in word certificate,
And generation ciphertext is encrypted to the interactive information using the symmetric session keys;
When the client is as recipient, for working as pair for receiving and being signed described in the immediate communication platform transmission
When claiming session key, using corresponding with the client public key in digital certificate corresponding as the client of recipient
Private key is decrypted, and is obtained and is cached the symmetric session keys;When receiving the ciphertext, the symmetrical session of caching is utilized
Ciphertext described in secret key decryption obtains the interactive information;
The instant messaging server-side, for described right after receiving and forward as the signature of client transmission described in sender
Claim session key, to the client as recipient.
7. instantaneous communication system according to claim 6, which is characterized in that
When the client is as sender, it is further used at the end of with the client communication as recipient,
Delete the symmetric session keys;
When the client is as recipient, after being further used for the client communication as sender, delete
Except the symmetric session keys.
8. a kind of communication means based on any instantaneous communication system in claim 1 to 7, which is characterized in that including:
For each client at least two clients, used using information push is received as the client of sender
The interactive information that family is sent, is encrypted the interactive information to form ciphertext, and the ciphertext is sent to the Instant Messenger
Telecommunications services end;
The ciphertext that the instant messaging server-side is sent is received using as the client of recipient, the ciphertext is decrypted and obtains
The interactive information is taken, and shows information to receive user the interactive information;
Using the instant messaging server-side when receive as sender the client transmission the ciphertext when, will be close
Text is sent to the client as recipient.
9. communication means according to claim 8, which is characterized in that
It is described to receive the interactive information that information push user sends using as the client of sender, the interaction is believed
Breath is encrypted to form ciphertext, including:
Using as the client of sender, information is received by preset input method Encryption Tool and pushes what user sent
Interactive information, and the interactive information of reception is encrypted to form ciphertext.
10. communication means according to claim 9, which is characterized in that
The interactive information that information pushes user's transmission is received by preset input method Encryption Tool described, and to the institute of reception
Interactive information is stated to be encrypted to be formed after ciphertext, it is described the ciphertext is sent to the instant messaging server-side before,
Further comprise:
Using as the client of sender, the ciphertext is converted to by Base64 coded numbers by the input method Encryption Tool
According to the Base64 coded datas are output in the input frame of the client and are sent to the instant messaging server-side;
It is described using the instant messaging server-side when receive as sender the client transmission the ciphertext when,
Ciphertext is sent to the client as recipient, including:
Work as to receive using the instant messaging server-side and be encoded as the Base64 of the client of sender transmission
When data, the Base64 coded datas are sent to the client as recipient;
It is described to receive the ciphertext that the instant messaging server-side is sent using as the client of recipient, including:
Using as the client of recipient, encoded when receiving the Base64 that the instant messaging server-side is sent
When data, the ciphertext is extracted from the Base64 coded datas.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810384917.4A CN108667718A (en) | 2018-04-26 | 2018-04-26 | A kind of instantaneous communication system and its communication means |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810384917.4A CN108667718A (en) | 2018-04-26 | 2018-04-26 | A kind of instantaneous communication system and its communication means |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108667718A true CN108667718A (en) | 2018-10-16 |
Family
ID=63780200
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810384917.4A Pending CN108667718A (en) | 2018-04-26 | 2018-04-26 | A kind of instantaneous communication system and its communication means |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108667718A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111371773A (en) * | 2020-02-28 | 2020-07-03 | 北京百度网讯科技有限公司 | Information sending and displaying method, device, equipment and storage medium |
| CN113112640A (en) * | 2021-03-16 | 2021-07-13 | 北京三快在线科技有限公司 | Unmanned aerial vehicle flight log uploading method and device, unmanned aerial vehicle and storage medium |
| WO2022022009A1 (en) * | 2020-07-28 | 2022-02-03 | 百果园技术(新加坡)有限公司 | Message processing method and apparatus, device, and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060248575A1 (en) * | 2005-05-02 | 2006-11-02 | Zachary Levow | Divided encryption connections to provide network traffic security |
| CN104219055A (en) * | 2014-09-10 | 2014-12-17 | 天津大学 | NFC (near field communication)-based point-to-point trusted authentication method |
| CN104299311A (en) * | 2014-10-16 | 2015-01-21 | 浪潮软件集团有限公司 | Method for self-service invoice verification through two-dimensional code |
| CN106790009A (en) * | 2016-12-13 | 2017-05-31 | 北京奇虎科技有限公司 | Information processing method, device and mobile terminal |
| CN107888379A (en) * | 2017-10-25 | 2018-04-06 | 百富计算机技术(深圳)有限公司 | A kind of method of secure connection, POS terminal and code keypad |
-
2018
- 2018-04-26 CN CN201810384917.4A patent/CN108667718A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060248575A1 (en) * | 2005-05-02 | 2006-11-02 | Zachary Levow | Divided encryption connections to provide network traffic security |
| CN104219055A (en) * | 2014-09-10 | 2014-12-17 | 天津大学 | NFC (near field communication)-based point-to-point trusted authentication method |
| CN104299311A (en) * | 2014-10-16 | 2015-01-21 | 浪潮软件集团有限公司 | Method for self-service invoice verification through two-dimensional code |
| CN106790009A (en) * | 2016-12-13 | 2017-05-31 | 北京奇虎科技有限公司 | Information processing method, device and mobile terminal |
| CN107888379A (en) * | 2017-10-25 | 2018-04-06 | 百富计算机技术(深圳)有限公司 | A kind of method of secure connection, POS terminal and code keypad |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111371773A (en) * | 2020-02-28 | 2020-07-03 | 北京百度网讯科技有限公司 | Information sending and displaying method, device, equipment and storage medium |
| WO2022022009A1 (en) * | 2020-07-28 | 2022-02-03 | 百果园技术(新加坡)有限公司 | Message processing method and apparatus, device, and storage medium |
| CN113112640A (en) * | 2021-03-16 | 2021-07-13 | 北京三快在线科技有限公司 | Unmanned aerial vehicle flight log uploading method and device, unmanned aerial vehicle and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109962784B (en) | Data encryption, decryption and recovery method based on multiple digital envelope certificates | |
| CN105553654B (en) | Key information processing method and device, key information management system | |
| CN106104562A (en) | Safety of secret data stores and recovery system and method | |
| WO2014029169A1 (en) | Communication method utilizing fingerprint information for authentication | |
| CN104468126B (en) | A kind of safe communication system and method | |
| CN107342977A (en) | Suitable for the information security method of point-to-point instant messaging | |
| CN107516196A (en) | A kind of mobile-payment system and its method of mobile payment | |
| CN107579903B (en) | Picture message secure transmission method and system based on mobile device | |
| CN109150897A (en) | A kind of communication encrypting method and device end to end | |
| CN108667718A (en) | A kind of instantaneous communication system and its communication means | |
| CN105376261A (en) | Encryption method and system for instant communication message | |
| CN102055685B (en) | Method for encrypting webmail information | |
| CN107094156A (en) | A kind of safety communicating method and system based on P2P patterns | |
| CN103973713A (en) | Transfer method, extraction method and processing system for electronic mail information | |
| CN107666395A (en) | One population file management method, user terminal, group chat system | |
| CN105592431B (en) | SMS encryption system based on iOS system mobile terminal | |
| CN111416712B (en) | Quantum secret communication identity authentication system and method based on multiple mobile devices | |
| CN102098307A (en) | Password type instant message (IM) encryption method and system in self-service bank | |
| CN108390755A (en) | The safe input method of SIM pasting cards based on built-in security chip | |
| CN110505049A (en) | A kind of text information transmission method, apparatus and system | |
| CN103595619A (en) | Method, device and system for adding friend | |
| CN108650277A (en) | A kind of data encryption and transmission method | |
| CN107104888A (en) | A kind of safe instant communicating method | |
| CN112702582A (en) | Secure transmission method and device for monitoring video based on SM2 | |
| CN103634292A (en) | Method and system for communication information transmission |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181016 |