CN113300999A - Information processing method, electronic device, and readable storage medium - Google Patents
Information processing method, electronic device, and readable storage medium Download PDFInfo
- Publication number
- CN113300999A CN113300999A CN202010110320.8A CN202010110320A CN113300999A CN 113300999 A CN113300999 A CN 113300999A CN 202010110320 A CN202010110320 A CN 202010110320A CN 113300999 A CN113300999 A CN 113300999A
- Authority
- CN
- China
- Prior art keywords
- key
- message
- encryption
- server
- present disclosure
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000010365 information processing Effects 0.000 title claims abstract description 31
- 238000003672 processing method Methods 0.000 title claims abstract description 26
- 230000002452 interceptive effect Effects 0.000 claims abstract description 45
- 238000000034 method Methods 0.000 claims abstract description 45
- 230000004044 response Effects 0.000 claims abstract description 33
- 230000005540 biological transmission Effects 0.000 claims abstract description 10
- 238000004891 communication Methods 0.000 claims description 19
- 230000001419 dependent effect Effects 0.000 claims description 11
- 230000003993 interaction Effects 0.000 claims description 8
- 238000010586 diagram Methods 0.000 description 11
- 238000004590 computer program Methods 0.000 description 9
- 230000015654 memory Effects 0.000 description 9
- 230000006870 function Effects 0.000 description 5
- 238000012545 processing Methods 0.000 description 3
- 238000010276 construction Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000013473 artificial intelligence Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/16—Arrangements for providing special services to substations
- H04L12/18—Arrangements for providing special services to substations for broadcast or conference, e.g. multicast
- H04L12/185—Arrangements for providing special services to substations for broadcast or conference, e.g. multicast with management of multicast group membership
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The present disclosure provides an information processing method, including: the method includes obtaining a first key and a plurality of second keys, wherein each of the plurality of second keys is generated from a public key for one of the plurality of recipients, encrypting the first key based on the second key to generate an encryption key, transmitting the encryption key to a server, encrypting a message based on the first key in response to receiving a transmission request for transmitting the message to the plurality of recipients to generate a message ciphertext, generating an interactive message based on the message ciphertext, and broadcasting the interactive message to the plurality of recipients, such that the recipient obtains the encryption key from the server in response to the interactive message to decrypt the message ciphertext based on the encryption key. Another aspect of the present disclosure also provides another electronic device and a readable storage medium.
Description
Technical Field
The present disclosure relates to the field of internet technologies, and in particular, to an information processing method, an electronic device, and a readable storage medium.
Background
With the rapid development of artificial intelligence, automatic control, communication, and computer technologies, more and more interactions between electronic devices are occurring. Messages exchanged between electronic devices often need to be encrypted to ensure the security of the exchange. For example, if a user a in the chat group needs to publish a message in the chat group, the message needs to be encrypted multiple times at a client of the user a, where each encryption of the multiple times is performed for clients of different users in the chat group, so as to send the message to the clients of the different users respectively.
In implementing the disclosed concept, the inventors found that there are at least the following problems in the related art: the client spends too much time encrypting the message.
Disclosure of Invention
In view of the above, the present disclosure provides an information processing method, an electronic device, and a readable storage medium.
One aspect of the present disclosure provides an information processing method, including: obtaining a first key and a plurality of second keys, wherein each of the plurality of second keys is generated from a public key for one of a plurality of recipients; encrypting the first key based on the second key to generate an encryption key; sending the encryption key to a server; in response to receiving a transmission request for transmitting a message to a plurality of recipients, encrypting the message based on the first key to generate a message ciphertext; generating an interactive message based on the message ciphertext; and broadcasting the interactive message to the plurality of receivers, so that the receivers obtain the encryption key from the server in response to the interactive message to decrypt the message ciphertext based on the encryption key.
According to an embodiment of the present disclosure, encrypting the message to generate a message ciphertext based on the first key comprises: taking the first secret key as an initial string code of a ratchet algorithm; generating a message key by utilizing the ratchet algorithm based on the initial string code; and encrypting the message based on the message key to generate a message ciphertext.
According to an embodiment of the present disclosure, obtaining the plurality of second keys includes: obtaining respective public keys of a plurality of receivers from a server; and encrypting the public key and a private key of the local device using a communication-dependent algorithm to obtain a second key for each of the plurality of recipients.
According to an embodiment of the present disclosure, the method is applied to a plurality of electronic devices, including a master device and a slave device, and further includes: in the case of a local device as a master device, in response to receiving a synchronization request from a slave device, encrypting a private key of the local device to obtain an encryption result; and sending the encryption result to the slave device, so that the slave device determines the private key of the slave device according to the encryption result.
According to an embodiment of the present disclosure, the method further includes, in a case where the local device is a slave device, sending a synchronization request to the master device, where the synchronization request is used to obtain a private key of the master device; and receiving an encryption result from the master device, and determining a private key of the slave device according to the encryption result.
According to an embodiment of the disclosure, the method further comprises: in response to the instruction that the master device is switched from the first device to the second device is obtained, switching information is sent to a server, so that the server informs the slave device to resynchronize the private key of the second device as the private key of the slave device.
According to an embodiment of the present disclosure, the sending a synchronization request to the master device includes: in response to receiving the switching information from the server, a synchronization request is sent to a master device specified in the switching information.
According to an embodiment of the present disclosure, the method further includes updating the first key in a case where device information of the plurality of receivers changes.
Another aspect of the present disclosure provides an information processing method, including: in response to receiving an interactive message, obtaining an encryption key from a server, wherein the encryption key is generated by encrypting a first key based on a second key by a sender, and the interactive message comprises a message ciphertext; determining a second key of the receiver, the second key being generated from a public key for the receiver; decrypting the encrypted key based on a second key to obtain a first key; and decrypting the message ciphertext based on the first key.
According to an embodiment of the present disclosure, decrypting the message ciphertext based on the first key comprises: obtaining the iteration times of the first key by using a ratchet algorithm when the sending end encrypts the message; iterating the first key according to the iteration times to obtain a message key; and decrypting the message ciphertext based on the message key.
According to an embodiment of the present disclosure, the method further comprises storing the first key to a storage unit for decrypting further message ciphertext from the sender using the first key.
According to the embodiment of the present disclosure, the interactive message includes a first key identifier, and the method further includes: determining whether the first key exists in the storage unit based on the first key identification; in the case where the first key exists in the storage unit, the first key is acquired from the storage unit.
Another aspect of the present disclosure provides an information processing apparatus including an obtaining module configured to obtain a first key and a plurality of second keys, wherein each of the plurality of second keys is generated from a public key for one of a plurality of recipients; a first generation module to encrypt the first key based on the second key to generate an encryption key; a sending module, configured to send the encryption key to a server; a second generation module, configured to generate a message ciphertext by encrypting a message based on the first key in response to receiving a transmission request for transmitting the message to a plurality of recipients; a third generating module, configured to generate an interactive message based on the message ciphertext; and a broadcasting module for broadcasting the interactive message to the plurality of receivers so that the receivers obtain the encryption key from the server in response to the interactive message to decrypt the message ciphertext based on the encryption key.
Another aspect of the present disclosure provides an electronic device including: one or more processors; a storage device to store one or more programs, wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the method of any of the above.
Another aspect of the present disclosure provides a computer-readable storage medium storing computer-executable instructions for implementing the method as described above when executed.
Another aspect of the disclosure provides a computer program comprising computer executable instructions for implementing the method as described above when executed.
According to the embodiments of the present disclosure, the problem that the client consumes excessive time when encrypting a message can be at least partially solved, and thus the technical effect of reducing the time consumed when the client encrypts a message can be achieved.
Drawings
The above and other objects, features and advantages of the present disclosure will become more apparent from the following description of embodiments of the present disclosure with reference to the accompanying drawings, in which:
fig. 1 schematically shows an exemplary system architecture of an information processing method according to an embodiment of the present disclosure;
FIG. 2 schematically shows a flow chart of an information processing method according to an embodiment of the present disclosure;
fig. 3 schematically illustrates a flowchart of a method of generating a message ciphertext in operation S204, in accordance with an embodiment of the present disclosure;
fig. 4 schematically shows a schematic diagram of an information processing method according to another embodiment of the present disclosure;
FIG. 5 schematically shows a flow chart of an information processing method according to another embodiment of the present disclosure;
fig. 6 schematically shows a block diagram of an information processing apparatus according to an embodiment of the present disclosure; and
fig. 7 schematically shows a block diagram of an electronic device according to an embodiment of the disclosure.
Detailed Description
Hereinafter, embodiments of the present disclosure will be described with reference to the accompanying drawings. It should be understood that the description is illustrative only and is not intended to limit the scope of the present disclosure. In the following detailed description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the embodiments of the disclosure. It may be evident, however, that one or more embodiments may be practiced without these specific details. Moreover, in the following description, descriptions of well-known structures and techniques are omitted so as to not unnecessarily obscure the concepts of the present disclosure.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. The terms "comprises," "comprising," and the like, as used herein, specify the presence of stated features, steps, operations, and/or components, but do not preclude the presence or addition of one or more other features, steps, operations, or components.
All terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art unless otherwise defined. It is noted that the terms used herein should be interpreted as having a meaning that is consistent with the context of this specification and should not be interpreted in an idealized or overly formal sense.
Where a convention analogous to "at least one of A, B and C, etc." is used, in general such a construction is intended in the sense one having skill in the art would understand the convention (e.g., "a system having at least one of A, B and C" would include but not be limited to systems that have a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.). Where a convention analogous to "A, B or at least one of C, etc." is used, in general such a construction is intended in the sense one having skill in the art would understand the convention (e.g., "a system having at least one of A, B or C" would include but not be limited to systems that have a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.).
An embodiment of the present disclosure provides an information processing method, including: the method includes obtaining a first key and a plurality of second keys, wherein each of the plurality of second keys is generated from a public key for one of the plurality of recipients, encrypting the first key based on the second key to generate an encryption key, transmitting the encryption key to a server, encrypting a message based on the first key in response to receiving a transmission request for transmitting the message to the plurality of recipients to generate a message ciphertext, generating an interactive message based on the message ciphertext, and broadcasting the interactive message to the plurality of recipients, such that the recipient obtains the encryption key from the server in response to the interactive message to decrypt the message ciphertext based on the encryption key.
Fig. 1 schematically illustrates an exemplary system architecture 100 of an information processing method according to an embodiment of the present disclosure. It should be noted that fig. 1 is only an example of a system architecture to which the embodiments of the present disclosure may be applied to help those skilled in the art understand the technical content of the present disclosure, and does not mean that the embodiments of the present disclosure may not be applied to other devices, systems, environments or scenarios.
As shown in fig. 1, the system architecture 100 according to this embodiment may include terminal devices 101, 102, 103, a network 104 and a server 105. The network 104 serves as a medium for providing communication links between the terminal devices 101, 102, 103 and the server 105. Network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
The terminal devices 101, 102, 103 may for example belong to user a, user B and user C, respectively. User a, user B, and user C may, for example, use an instant messaging application to instant-communicate in a chat group. The server 105 provides services for the instant messaging application.
In the related art, for example, if the user a needs to publish a message in a chat group by using the terminal device 101, the terminal device 101 needs to encrypt the message input by the user a 2 times, one encryption is for the terminal device 102, and the encryption result is sent to the server 105 first, and the server 105 forwards the encryption result to the terminal device 102. The other encryption is for the terminal device 103, and the encryption result is first sent to the server 105, which forwards the encryption result to the terminal device 103 by the server 105. Therefore, encryption is performed separately for each terminal device, resulting in an excessively long encryption time and consuming a large amount of network resources.
However, according to the information processing method of the embodiment of the present disclosure, if the user a needs to use the terminal device 101 to issue a message in a chat group, the terminal device 101 only needs to perform encryption once, and the encryption result is transmitted to the server 105 once. Therefore, according to the information processing method disclosed by the embodiment of the disclosure, the encryption time is at least partially reduced, and the consumption of network resources is reduced.
It should be understood that the number of terminal devices, networks, and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
Fig. 2 schematically shows a flow chart of an information processing method according to an embodiment of the present disclosure.
As shown in fig. 2, the method includes operations S201 to S206.
In operation S201, a first key and a plurality of second keys, each of which is generated from a public key for one of a plurality of recipients, are acquired.
According to the embodiment of the disclosure, the method can be applied to the terminal device of the sender. The sender may for example obtain the public keys of a plurality of receivers from a server and determine the second key from the public key of each receiver.
According to an embodiment of the present disclosure, the public key of the receiver may be directly used as the second key of the receiver.
For example, in the scenario shown in fig. 1, the sender may be terminal device 101, and the receivers may be terminal device 102 and terminal device 103. Terminal device 101 may obtain the public key of terminal device 102 and the public key of terminal device 103 from server 105, respectively, and use the public key of terminal device 102 as the second key for terminal device 102 and the public key of terminal device 103 as the second key for terminal device 103.
According to another embodiment of the present disclosure, a public key of each of the plurality of receiving parties may be obtained from the server, and the public key and a private key of the local device are encrypted using a communication-dependent algorithm to obtain a second key for each of the plurality of receiving parties.
The second key for the terminal device 102 may be generated by encrypting the public key of the terminal device 102 and the private key of the terminal device 101 using, for example, a communication-dependent algorithm. Similarly, the public key of the terminal device 103 and the private key of the terminal device 101 are encrypted with a communication-dependent algorithm, and a second key for the terminal device 103 is generated.
According to an embodiment of the present disclosure, the first key may be, for example, a randomly generated random string.
In operation S202, the first key is encrypted based on the second key to generate an encryption key.
According to an embodiment of the present disclosure, the first key may be encrypted using, for example, an AES encryption method, and the second key may be used as a key of the AES encryption method.
In operation S203, an encryption key is transmitted to the server.
For example, the sender may send the respective encryption keys of the plurality of receivers to the server.
In operation S204, in response to receiving a transmission request for transmitting a message to a plurality of recipients, the message is encrypted based on a first key to generate a message ciphertext.
For example, when the terminal apparatus 101 receives a transmission request for transmitting a message to a plurality of recipients (i.e., the terminal apparatus 102 and the terminal apparatus 103) in a chat group, the message may be encrypted using the first key. For example, the message may be encrypted using the first key as a key of an encryption algorithm for encrypting the message to generate a message ciphertext.
In operation S205, an interactive message is generated based on the message cipher text.
According to the embodiment of the disclosure, the interactive message may include plaintext information and message ciphertext. The plaintext information may include, for example, device information of the terminal device of the sender, and the like. The plaintext message may include, for example, identification information of the sender, a device type of the sender, a first key identification, a number of iterations, and so on.
In operation S206, the interactive message is broadcast to the plurality of recipients, so that the recipients acquire the encryption key from the server in response to the interactive message to decrypt the message cipher text based on the encryption key.
According to the embodiment of the disclosure, the sending end may send the interactive message to the server, and the server broadcasts the interactive message to the plurality of receiving parties, so that the plurality of receiving parties receive the interactive message.
For example, in response to receiving the interactive message, the receiving party obtains the encryption key from the server, so as to decrypt the encryption key with the second key to obtain the first key, and further decrypt the message ciphertext with the first key.
According to the embodiments of the present disclosure, the information processing method may generate an encryption key generated by encrypting a first key before transmitting an interactive message or when transmitting the interactive message for the first time, and store the encryption key by a server, so that when a transmitter transmits the interactive message to a plurality of receivers, the message may be encrypted using the same first key without performing encryption once for each terminal device, thereby reducing encryption time and reducing consumption of network resources.
Fig. 3 schematically shows a flowchart of a method of generating a message ciphertext in operation S204, according to an embodiment of the present disclosure.
As shown in fig. 3, the method may include operations S214 to S234.
In operation S214, the first key is used as an initial string of the ratchet algorithm.
In operation S224, a message key is generated using a ratchet algorithm based on the initial string code.
In operation S234, a message is encrypted based on a message key to generate a message cipher text.
According to an embodiment of the present disclosure, for example, the first key may be used as an initial chain key of a ratchet algorithm, and the ratchet algorithm iterates the initial chain key to obtain a message key. The number of iterations of the ratchet algorithm can be set by one skilled in the art according to practical needs.
The message key generated by the ratchet algorithm is used to encrypt the message. The message cipher text may be generated by encrypting a message using the message key as a key of the AES algorithm, for example.
Fig. 4 schematically shows a schematic diagram of an information processing method according to another embodiment of the present disclosure.
As shown in fig. 4, a sending terminal a, a receiving terminal B, a receiving terminal C and a server may be included in the diagram.
The sending terminal a, the receiving terminal B, and the receiving terminal C may report the respective public keys to the server, so that other terminals may obtain the public keys of the respective terminals from the server.
In operation S401, the transmitting terminal a may generate a first key. The first key may be, for example, a random string generated by the transmitting terminal.
In operation S402, the transmitting terminal a may acquire public keys of the receiving terminal B and the receiving terminal C from the server. The public key of the receiving terminal B and the private key of the transmitting terminal a are encrypted by a communication-dependent algorithm to generate a second key for the receiving terminal B. Similarly, the public key of the receiving terminal C and the private key of the transmitting terminal a are encrypted with a communication-dependent algorithm, and a second key for the receiving terminal C is generated.
Operation S201 described above with reference to fig. 2, for example, may be performed in operation S401 and operation S402.
In operation S403, the second key is used as a key for encrypting the first key, which may be encrypted by using, for example, an AES algorithm to generate an encryption key. For example, operation S202 described above with reference to fig. 2 may be performed.
In operation S404, for example, the encryption key may be sent to the server. For example, operation S203 described above with reference to fig. 2 may be performed.
In operation S405, the first key may be iterated using a ratchet algorithm, for example, and the iterated result serves as a key for encrypting a chat message, which is encrypted to generate a message cipher text. For example, operation S204 described above with reference to fig. 2 may be performed.
In operation S406, an interactive message is transmitted to the server to broadcast the interactive message to the receiving terminals B and C by the server.
The server broadcasts an interactive message to the receiving terminal B and the receiving terminal C in operation S407.
In operation S408, the receiving terminal B may send a request for obtaining an encryption key to the server in response to the interactive message to obtain the encryption key from the server. Similarly, the receiving terminal C may transmit a request for obtaining an encryption key to the server in response to the interactive message to obtain the encryption key from the server in operation S409.
In operations S410 and S411, the receiving terminal B and the receiving terminal C may determine a second key according to their own public keys, so as to decrypt the encrypted key with the second key to obtain a first key.
According to an embodiment of the present disclosure, the first key may be an initial chain key of a ratchet algorithm, and iteration is performed according to the number of iterations of the ratchet algorithm to determine an iteration result, and the iteration result is a key for encrypting the chat message.
In operations S412 and S413, the receiving terminal B and the receiving terminal C may decrypt the message cipher text using the iteration result, respectively, to obtain the chat message.
According to an embodiment of the present disclosure, the method may be applied to a plurality of electronic devices including a master device and a slave device. For example, the user a has a plurality of electronic devices, each including a first terminal device and a second terminal device. User a may log in to the instant messaging application on the first terminal device and the second terminal device. For example, the first terminal device may be a master device and the second terminal device may be a slave device.
In this embodiment, the information processing method may further include, in a case where the local device is a master device, in response to receiving a synchronization request from the slave device, encrypting a private key of the local device to obtain an encryption result, and transmitting the encryption result to the slave device so that the slave device determines the private key of the slave device from the encryption result. Under the condition that the local equipment is used as slave equipment, sending a synchronization request to the master equipment, wherein the synchronization request is used for acquiring a private key of the master equipment; and receiving the encryption result from the master device, and determining the private key of the slave device according to the encryption result.
For example, in the above scenario, when the user a switches from using the first terminal device for chatting to using the second terminal device for chatting, the second terminal device sends a synchronization request to the first terminal device. The first terminal device encrypts a private key of the first terminal device to obtain an encryption result in response to receiving a synchronization request from the second terminal device. The first terminal device transmits the encryption result to the second terminal device so that the second terminal device can decrypt the encryption result, thereby obtaining the private key of the first terminal device, and using the private key as its own private key, so as to perform operation S202 described above.
According to the embodiment of the disclosure, the information processing method may further include, in response to acquiring an instruction that the master device is switched from the first device to the second device, sending switching information to the server, so that the server notifies the slave device to resynchronize the private key of the second device as the private key of the slave device.
For example, in the above scenario, when the master device of the user a is switched from the first terminal device to the third terminal device, a switching message may be sent to the server, so that the server notifies the slave device to resynchronize the private key of the second device as the private key of the slave device.
For example, when the user uses the third terminal device for the first time, the third terminal device sends the public key of the third terminal device to the server. According to the embodiment of the disclosure, the user can use the third terminal device to notify the server-side main device that the main device is switched to the third terminal device. The server sends a notification message to the slave device (i.e., the second terminal device), so that the slave device resynchronizes the private key of the third terminal device as its own private key.
In the case where the local device is a slave device, in response to receiving the switching information from the server, a synchronization request is sent to the master device specified in the switching information. For example, in the above scenario, the second terminal device sends a synchronization request to the third terminal device.
According to an embodiment of the present disclosure, the information processing method may further include: the first key is updated in the event that device information of multiple recipients changes. For example, in the scenario shown in fig. 1, when the user B exits the group chat, the device information of the receiving party changes, and at this time, the first key may be regenerated to ensure the security of the communication and prevent the user B from decrypting the chat message by using the previously decrypted first key.
Fig. 5 schematically shows a flow chart of an information processing method according to another embodiment of the present disclosure.
As shown in fig. 5, the information processing method may include operations S501 to S504.
In operation S501, an encryption key is obtained from a server in response to receiving an interactive message, the encryption key being generated by a sender encrypting a first key based on a second key, wherein the interactive message includes a message ciphertext.
For example, in the scenario described above with reference to fig. 4, the interaction message may be from the sending terminal a. The receiving terminal B may perform operation S408 described above with reference to fig. 4 in response to receiving the interactive message.
In operation S502, a second key of the receiving party is determined, the second key being generated from a public key for the receiving party.
The second key may be, for example, the public key of the receiver, or the second key may be generated by encrypting the public key of the receiver and the private key of the sender using a communication-dependent algorithm.
According to an embodiment of the present disclosure, if the second key is generated by encrypting the public key of the receiving party and the private key of the sending party with the communication-dependent algorithm, the second key may be obtained by the receiving party by decrypting with the communication-dependent algorithm. Specifically, the receiver may obtain the public key of the sender from the server, so that the public key of the sender and the public key of the receiver are used as decryption keys, and the second key is obtained by performing decryption using a communication dependent algorithm.
In operation S503, the encryption key is decrypted based on the second key to obtain the first key. For example, operation S410 described above with reference to fig. 4 may be performed.
According to an embodiment of the present disclosure, the first key may be, for example, an initial chain key of a ratcheting algorithm.
In operation S504, the message ciphertext is decrypted based on the first key. For example, operation S412 described above with reference to fig. 4 may be performed.
According to an embodiment of the present disclosure, decrypting the message ciphertext based on the first key comprises: the method comprises the steps of obtaining the iteration times of a first key by using a ratchet algorithm when a sending terminal encrypts a message, obtaining the message key by iterating the first key according to the iteration times, and decrypting a message ciphertext based on the message key.
According to an embodiment of the present disclosure, the number of iterations of the first key using the ratcheting algorithm when the sending end encrypts the message may be, for example, in the form of plaintext in the interactive message. The receiver iterates the first key (i.e., the initial chain key) according to the iteration number to obtain an iteration result, which is the message key, so that the message cipher text is decrypted by using the message key.
According to an embodiment of the present disclosure, the information processing method may further include storing the first key in a storage unit so as to decrypt other message ciphertexts from the sender using the first key. When the receiver decrypts the encryption key for the first time to obtain the first key, the first key may be stored in the storage unit of the receiver, so that the first key may be directly read from the storage unit when the interactive message is received again later, thereby reducing the number of interactions and decryption times with the server.
According to the embodiment of the disclosure, the interactive message includes a first key identifier, and the method further includes: determining whether a first key exists in the storage unit based on the first key identification; in the case where the first key exists in the storage unit, the first key is acquired from the storage unit.
According to an embodiment of the present disclosure, the first key identification may include, for example, an ID of the first key and signature information of the first key. For example, the ID of the first key and the signature information of the first key are checked to determine whether the first key exists in the storage unit.
Specifically, for example, the interaction message may include a plaintext message, and the plaintext message may include, for example, identification information of the sender, a device type of the sender, a first key identification, and an iteration number. The receiving end may, for example, query a corresponding relationship table stored in the receiving end, determine the first key identifier according to the identifier information of the sending end and the device type of the sending end, and compare the obtained first key identifier with the first key identifier in the plaintext message, thereby determining whether the first key of the sending end exists in the storage unit. And determining that the first key does not exist in the storage unit under the condition that the first key identification determined according to the corresponding relation table is inconsistent with the first key identification in the plaintext message. And determining that the first key exists in the storage unit under the condition that the first key identification determined according to the corresponding relation table is consistent with the first key identification in the plaintext message.
According to the embodiment of the present disclosure, the signature information of the first key may be obtained by, for example, performing a hash operation on the chat message by using a private key of the sending end. The receiver may decrypt the signature information in the plaintext message using, for example, the public key of the sender, and if the decryption is successful, may determine that the signature information passes verification.
Fig. 6 schematically shows a block diagram of an information processing apparatus 600 according to an embodiment of the present disclosure.
As shown in fig. 6, the information processing apparatus 600 may include an acquisition module 610, a first generation module 620, a transmission module 630, a second generation module 640, a third generation module 650, and a broadcast module 660.
The obtaining module 610, for example, may perform operation S201 described above with reference to fig. 2, for obtaining a first key and a plurality of second keys, wherein each of the plurality of second keys is generated according to a public key for one of a plurality of recipients.
The first generating module 620 may, for example, perform operation S202 described above with reference to fig. 2, for encrypting the first key based on the second key to generate an encryption key.
The sending module 630, for example, may perform operation S203 described above with reference to fig. 2, for sending the encryption key to the server.
The second generating module 640, for example, may perform operation S204 described above with reference to fig. 2, for generating a message ciphertext by encrypting a message to a plurality of recipients based on the first key in response to receiving a transmission request for transmitting the message to the plurality of recipients.
The third generating module 650 may, for example, perform operation S205 described above with reference to fig. 2 for generating an interaction message based on the message cipher text.
The broadcasting module 660, for example, may perform operation S206 described above with reference to fig. 2, for broadcasting the interaction message to the plurality of receivers, so that the receivers obtain the encryption key from the server in response to the interaction message to decrypt the message ciphertext based on the encryption key.
Fig. 7 schematically shows a block diagram of an electronic device according to an embodiment of the disclosure. The electronic device shown in fig. 7 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present disclosure.
As shown in fig. 7, an electronic device 700 according to an embodiment of the present disclosure includes a processor 701, which can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM)702 or a program loaded from a storage section 708 into a Random Access Memory (RAM) 703. The processor 701 may include, for example, a general purpose microprocessor (e.g., a CPU), an instruction set processor and/or associated chipset, and/or a special purpose microprocessor (e.g., an Application Specific Integrated Circuit (ASIC)), among others. The processor 701 may also include on-board memory for caching purposes. The processor 701 may comprise a single processing unit or a plurality of processing units for performing the different actions of the method flows according to embodiments of the present disclosure.
In the RAM 703, various programs and data necessary for the operation of the electronic apparatus 700 are stored. The processor 701, the ROM 702, and the RAM 703 are connected to each other by a bus 704. The processor 701 performs various operations of the method flows according to the embodiments of the present disclosure by executing programs in the ROM 702 and/or the RAM 703. It is noted that the programs may also be stored in one or more memories other than the ROM 702 and RAM 703. The processor 701 may also perform various operations of method flows according to embodiments of the present disclosure by executing programs stored in the one or more memories.
According to embodiments of the present disclosure, method flows according to embodiments of the present disclosure may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable storage medium, the computer program containing program code for performing the method illustrated by the flow chart. In such an embodiment, the computer program can be downloaded and installed from a network through the communication section 709, and/or installed from the removable medium 711. The computer program, when executed by the processor 701, performs the above-described functions defined in the system of the embodiment of the present disclosure. The systems, devices, apparatuses, modules, units, etc. described above may be implemented by computer program modules according to embodiments of the present disclosure.
The present disclosure also provides a computer-readable storage medium, which may be contained in the apparatus/device/system described in the above embodiments; or may exist separately and not be assembled into the device/apparatus/system. The computer-readable storage medium carries one or more programs which, when executed, implement the method according to an embodiment of the disclosure.
According to embodiments of the present disclosure, the computer-readable storage medium may be a non-volatile computer-readable storage medium, which may include, for example but is not limited to: a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. For example, according to embodiments of the present disclosure, a computer-readable storage medium may include the ROM 702 and/or the RAM 703 and/or one or more memories other than the ROM 702 and the RAM 703 described above.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
Those skilled in the art will appreciate that various combinations and/or combinations of features recited in the various embodiments and/or claims of the present disclosure can be made, even if such combinations or combinations are not expressly recited in the present disclosure. In particular, various combinations and/or combinations of the features recited in the various embodiments and/or claims of the present disclosure may be made without departing from the spirit or teaching of the present disclosure. All such combinations and/or associations are within the scope of the present disclosure.
The embodiments of the present disclosure have been described above. However, these examples are for illustrative purposes only and are not intended to limit the scope of the present disclosure. Although the embodiments are described separately above, this does not mean that the measures in the embodiments cannot be used in advantageous combination. The scope of the disclosure is defined by the appended claims and equivalents thereof. Various alternatives and modifications can be devised by those skilled in the art without departing from the scope of the present disclosure, and such alternatives and modifications are intended to be within the scope of the present disclosure.
Claims (15)
1. An information processing method comprising:
obtaining a first key and a plurality of second keys, wherein each of the plurality of second keys is generated from a public key for one of a plurality of recipients;
encrypting the first key based on the second key to generate an encryption key;
sending the encryption key to a server;
in response to receiving a transmission request for transmitting a message to a plurality of recipients, encrypting the message based on the first key to generate a message ciphertext;
generating an interactive message based on the message ciphertext; and
broadcasting the interactive message to the plurality of recipients such that the recipients obtain the encryption key from the server in response to the interactive message to decrypt the message ciphertext based on the encryption key.
2. The method of claim 1, wherein the encrypting the message to generate a message cipher text based on the first key comprises:
taking the first secret key as an initial string code of a ratchet algorithm;
generating a message key by utilizing the ratchet algorithm based on the initial string code; and
the message is encrypted based on the message key to generate a message cipher text.
3. The method of claim 1, wherein the obtaining a plurality of second keys comprises:
obtaining respective public keys of a plurality of receivers from a server; and
the public key and a private key of the local device are encrypted using a communication-dependent algorithm to obtain a second key for each of the plurality of recipients.
4. The method of claim 3, wherein the method is applied to a plurality of electronic devices including a master device and a slave device,
the method further comprises the following steps:
in the case of a local device as a master device, in response to receiving a synchronization request from a slave device, encrypting a private key of the local device to obtain an encryption result; and
and sending the encryption result to the slave device, so that the slave device determines a private key of the slave device according to the encryption result.
5. The method of claim 4, further comprising:
under the condition that the local equipment is used as slave equipment, sending a synchronization request to the master equipment, wherein the synchronization request is used for acquiring a private key of the master equipment; and
and receiving an encryption result from the master device, and determining a private key of the slave device according to the encryption result.
6. The method of claim 4, further comprising:
in response to the instruction that the master device is switched from the first device to the second device is obtained, switching information is sent to a server, so that the server informs the slave device to resynchronize the private key of the second device as the private key of the slave device.
7. The method of claim 5, wherein the sending a synchronization request to the master device comprises: in response to receiving the switching information from the server, a synchronization request is sent to a master device specified in the switching information.
8. The method of claim 1, further comprising:
and updating the first key when the equipment information of the plurality of receivers changes.
9. An information processing method comprising:
in response to receiving an interactive message, obtaining an encryption key from a server, wherein the encryption key is generated by encrypting a first key based on a second key by a sender, and the interactive message comprises a message ciphertext;
determining a second key of the receiver, the second key being generated from a public key for the receiver;
decrypting the encrypted key based on a second key to obtain a first key; and
decrypting the message ciphertext based on the first key.
10. The method of claim 9, wherein the decrypting the message ciphertext based on the first key comprises:
obtaining the iteration times of the first key by using a ratchet algorithm when the sending end encrypts the message;
iterating the first key according to the iteration times to obtain a message key; and
and decrypting the message ciphertext based on the message key.
11. The method of claim 9, further comprising:
storing the first key to a storage unit for decrypting other message ciphertexts from the sender using the first key.
12. The method of claim 11, wherein the interaction message includes a first key identification, the method further comprising:
determining whether the first key exists in the storage unit based on the first key identification;
in the case where the first key exists in the storage unit, the first key is acquired from the storage unit.
13. An information processing apparatus comprising:
an obtaining module configured to obtain a first key and a plurality of second keys, wherein each of the plurality of second keys is generated according to a public key for one of a plurality of recipients;
a first generation module to encrypt the first key based on the second key to generate an encryption key;
a sending module, configured to send the encryption key to a server;
a second generation module, configured to generate a message ciphertext by encrypting a message based on the first key in response to receiving a transmission request for transmitting the message to a plurality of recipients;
a third generating module, configured to generate an interactive message based on the message ciphertext; and
a broadcast module, configured to broadcast the interactive message to the multiple receivers, so that the receivers obtain the encryption key from the server in response to the interactive message, so as to decrypt the message ciphertext based on the encryption key.
14. An electronic device, comprising:
one or more processors;
a storage device for storing one or more programs,
wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the method of any of claims 1-12.
15. A computer readable storage medium having stored thereon executable instructions which, when executed by a processor, cause the processor to perform the method of any one of claims 1 to 12.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010110320.8A CN113300999B (en) | 2020-02-21 | 2020-02-21 | Information processing method, electronic device, and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010110320.8A CN113300999B (en) | 2020-02-21 | 2020-02-21 | Information processing method, electronic device, and readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113300999A true CN113300999A (en) | 2021-08-24 |
| CN113300999B CN113300999B (en) | 2023-12-05 |
Family
ID=77318529
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010110320.8A Active CN113300999B (en) | 2020-02-21 | 2020-02-21 | Information processing method, electronic device, and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113300999B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114338176A (en) * | 2021-12-29 | 2022-04-12 | 支付宝(杭州)信息技术有限公司 | Data transmission method, device and network card |
| CN114844688A (en) * | 2022-04-15 | 2022-08-02 | 浙江大华技术股份有限公司 | Data transmission method, device, equipment and computer storage medium |
| CN115529130A (en) * | 2022-11-25 | 2022-12-27 | 无锡沐创集成电路设计有限公司 | Data processing method, terminal, server, system, device, medium and product |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1119132A2 (en) * | 2000-01-19 | 2001-07-25 | Research In Motion Limited | Broadcasting encrypted messages using session keys |
| CN104243146A (en) * | 2014-09-05 | 2014-12-24 | 宇龙计算机通信科技(深圳)有限公司 | Encryption communication method and device and terminal |
| CN104539433A (en) * | 2014-10-30 | 2015-04-22 | 马洁韵 | Voice communication encryption system and encryption method thereof |
| CN105450395A (en) * | 2015-12-30 | 2016-03-30 | 中科创达软件股份有限公司 | Information encryption and decryption processing method and system |
| US9654288B1 (en) * | 2014-12-11 | 2017-05-16 | Wickr Inc. | Securing group communications |
| CN107566324A (en) * | 2016-06-30 | 2018-01-09 | 南京中兴新软件有限责任公司 | Encryption method, decryption method and device |
| CN107635227A (en) * | 2017-10-30 | 2018-01-26 | 中国联合网络通信集团有限公司 | A kind of group message encryption method and device |
| CN107682141A (en) * | 2017-10-26 | 2018-02-09 | 广州市雷军游乐设备有限公司 | Data ciphering method and system for data transfer |
| CN109802825A (en) * | 2017-11-17 | 2019-05-24 | 深圳市金证科技股份有限公司 | A kind of data encryption, the method for decryption, system and terminal device |
| WO2019110574A1 (en) * | 2017-12-04 | 2019-06-13 | Wellness Technology and Media Group Ltd | Methods of secure communication |
-
2020
- 2020-02-21 CN CN202010110320.8A patent/CN113300999B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1119132A2 (en) * | 2000-01-19 | 2001-07-25 | Research In Motion Limited | Broadcasting encrypted messages using session keys |
| CN104243146A (en) * | 2014-09-05 | 2014-12-24 | 宇龙计算机通信科技(深圳)有限公司 | Encryption communication method and device and terminal |
| CN104539433A (en) * | 2014-10-30 | 2015-04-22 | 马洁韵 | Voice communication encryption system and encryption method thereof |
| US9654288B1 (en) * | 2014-12-11 | 2017-05-16 | Wickr Inc. | Securing group communications |
| CN105450395A (en) * | 2015-12-30 | 2016-03-30 | 中科创达软件股份有限公司 | Information encryption and decryption processing method and system |
| CN107566324A (en) * | 2016-06-30 | 2018-01-09 | 南京中兴新软件有限责任公司 | Encryption method, decryption method and device |
| CN107682141A (en) * | 2017-10-26 | 2018-02-09 | 广州市雷军游乐设备有限公司 | Data ciphering method and system for data transfer |
| CN107635227A (en) * | 2017-10-30 | 2018-01-26 | 中国联合网络通信集团有限公司 | A kind of group message encryption method and device |
| CN109802825A (en) * | 2017-11-17 | 2019-05-24 | 深圳市金证科技股份有限公司 | A kind of data encryption, the method for decryption, system and terminal device |
| WO2019110574A1 (en) * | 2017-12-04 | 2019-06-13 | Wellness Technology and Media Group Ltd | Methods of secure communication |
Non-Patent Citations (2)
| Title |
|---|
| 柯钢: "一种高效的无线网络组密钥管理方案", 《西南师范大学学报(自然科学版)》 * |
| 柯钢: "一种高效的无线网络组密钥管理方案", 《西南师范大学学报(自然科学版)》, no. 01, 20 January 2017 (2017-01-20) * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114338176A (en) * | 2021-12-29 | 2022-04-12 | 支付宝(杭州)信息技术有限公司 | Data transmission method, device and network card |
| CN114844688A (en) * | 2022-04-15 | 2022-08-02 | 浙江大华技术股份有限公司 | Data transmission method, device, equipment and computer storage medium |
| CN115529130A (en) * | 2022-11-25 | 2022-12-27 | 无锡沐创集成电路设计有限公司 | Data processing method, terminal, server, system, device, medium and product |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113300999B (en) | 2023-12-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20220006627A1 (en) | Quantum key distribution node apparatus and method for quantum key distribution thereof | |
| US5812671A (en) | Cryptographic communication system | |
| CN110335043B (en) | Transaction privacy protection method, device and system based on blockchain system | |
| US20140052989A1 (en) | Secure data exchange using messaging service | |
| CN113300999B (en) | Information processing method, electronic device, and readable storage medium | |
| KR101615137B1 (en) | Data access method based on attributed | |
| JP2016158189A (en) | Change direction with key control system and change direction with key control method | |
| WO2018016330A1 (en) | Communication terminal, server device, and program | |
| CN112889240B (en) | Server device, communication terminal, communication system, and recording medium | |
| CN109962924B (en) | Group chat construction method, group message sending method, group message receiving method and system | |
| CN114499836A (en) | Key management method, key management device, computer equipment and readable storage medium | |
| EP2892206A1 (en) | A system and method for push framework security | |
| KR101812311B1 (en) | User terminal and data sharing method of user terminal based on attributed re-encryption | |
| KR101695361B1 (en) | Terminology encryption method using paring calculation and secret key | |
| CN106487761B (en) | Message transmission method and network equipment | |
| WO2015156145A1 (en) | Re-encryption method, re-encryption system, and re-encryption device | |
| Kadam et al. | Hybrid rsa-aes encryption for web services | |
| CN111488618B (en) | Block chain-based one-time pad encryption method, device and storage medium | |
| JP2019121999A (en) | Data sharing method, data sharing system, communication terminal, data sharing server, and program | |
| CN110611674B (en) | Protocol interaction method, system and storage medium between different computer systems | |
| CN113626848A (en) | Sample data generation method and device, electronic equipment and computer readable medium | |
| JP2018042081A (en) | Data transmitting/receiving method and sensing system | |
| CN112350920A (en) | Instant communication system based on block chain | |
| JP4104315B2 (en) | Key management system, key management apparatus, information encryption apparatus, information decryption apparatus, and storage medium storing program | |
| CN117997518B (en) | Message transmission method, device, storage medium and computer equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |