CN116547943A - Method and apparatus for managing security keys - Google Patents

Method and apparatus for managing security keys Download PDF

Info

Publication number
CN116547943A
CN116547943A CN202180081617.9A CN202180081617A CN116547943A CN 116547943 A CN116547943 A CN 116547943A CN 202180081617 A CN202180081617 A CN 202180081617A CN 116547943 A CN116547943 A CN 116547943A
Authority
CN
China
Prior art keywords
electronic device
security
security key
key
security level
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202180081617.9A
Other languages
Chinese (zh)
Inventor
权相完
T·克吉尔
金辰洙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Samsung Electronics Co Ltd
Original Assignee
Samsung Electronics Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from KR1020200168720A external-priority patent/KR20220079192A/en
Application filed by Samsung Electronics Co Ltd filed Critical Samsung Electronics Co Ltd
Publication of CN116547943A publication Critical patent/CN116547943A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • H04L63/064Hierarchical key distribution, e.g. by multi-tier trusted parties
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/088Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Lock And Its Accessories (AREA)

Abstract

A technique for managing security keys performed by an electronic device is provided. The electronic device may receive security information from each of at least one other electronic device, determine a master electronic device based on the security level of the electronic device and the security level of the at least one other electronic device, the security level of the at least one other electronic device being included in the received security information, generate a security key when the electronic device is determined to be the master electronic device, and determine a portion to be removed from the security key for each of the security levels of a plurality of electronic devices including the electronic device and the at least one other electronic device, and provide each portion of the security key from which the determined portion is omitted to the at least one other electronic device.

Description

Method and apparatus for managing security keys
Technical Field
The present disclosure relates to a method and apparatus for managing security keys.
Background
In the fifth generation (5G) or super 5G environments, as technology for supporting connection advances, and electronic devices providing various functions are developed, the number of electronic devices coexisting in a coverage area will also increase. In addition, consistent with this, the number of electronic devices owned by one user or the number of electronic devices shared by the user with other users may also increase. In the environment as described above, increasing the security of data stored in an electronic device is a critical issue.
As a method for increasing the security of data stored in an electronic device, a technique of storing data in an encrypted state by using an encryption key can be considered. However, the above-described technique may involve a problem that when a security key for decrypting encrypted data is exposed, the data may be leaked to an unintended destination. Therefore, there is a need to develop a technique for securely managing security keys.
The above information is presented merely as background information to aid in the understanding of the present disclosure. No determination is made, nor is an assertion made, as to whether any of the above may be applied as prior art with respect to the present disclosure.
Disclosure of Invention
Technical problem
Aspects of the present disclosure address at least the problems and/or disadvantages described above and provide at least the advantages described below. Accordingly, it is an aspect of the present disclosure to provide a secure key management technique for securely managing a secure key for decrypting encrypted data that may be provided in an environment where a plurality of electronic devices are present.
Additional aspects will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the presented embodiments.
Technical solution
According to one aspect of the present disclosure, an electronic device for managing security keys is provided. The electronic device includes a communication unit, a memory storing one or more instructions, and a processor configured to execute the one or more instructions stored in the memory, receive security information from each of at least one other electronic device through the communication unit, determine a master electronic device based on a security level of the electronic device and the security level of the at least one other electronic device, the security level of the at least one other electronic device being included in the received security information, generate a security key based on a result of the determination, and determine a portion to be removed from the security key for each of a plurality of electronic devices including the electronic device and the at least one other electronic device, and provide each partial security key from which the determined portion is omitted to the at least one other electronic device through the communication unit.
Drawings
The foregoing and other aspects, features, and advantages of certain embodiments of the present disclosure will become more apparent from the following description taken in conjunction with the accompanying drawings in which:
Fig. 1 is a conceptual diagram for describing a method of managing security keys in an environment where a plurality of electronic devices exist according to an embodiment of the present disclosure;
FIG. 2 is a flow chart for describing a method of managing security keys performed by an electronic device according to an embodiment of the present disclosure;
fig. 3 is a diagram for describing a method performed by an electronic device to provide a partial security key from which a portion corresponding to a security level is omitted, according to an embodiment of the present disclosure;
FIG. 4 is a diagram for describing a method performed by an electronic device for determining portions to remove from a security key based on a security level, according to an embodiment of the present disclosure;
FIG. 5 is a diagram for describing a method performed by an electronic device for determining portions to remove from a security key based on a security level, according to an embodiment of the present disclosure;
FIG. 6 is a flow chart of a method performed by an electronic device to receive a portion removed from a secure key from another electronic device and generate the secure key, according to an embodiment of the present disclosure;
FIG. 7 is a diagram for describing a method performed by an electronic device to receive a portion removed from a secure key from another electronic device and generate the secure key, according to an embodiment of the present disclosure;
FIG. 8 is a diagram for describing a method performed by an electronic device to receive a portion removed from a secure key from another electronic device and generate the secure key, according to an embodiment of the present disclosure;
FIG. 9 is a diagram for describing a method of updating a security key when communication sessions of a plurality of electronic devices managing the security key are interrupted, in accordance with an embodiment of the present disclosure;
FIG. 10 is a diagram for describing a method of updating a security key when a connection with another electronic device is added to a plurality of electronic devices that manage the security key, according to an embodiment of the present disclosure;
FIG. 11 is a diagram for describing a method of updating a security key when a security level of at least one of a plurality of electronic devices managing the security key is changed, according to an embodiment of the present disclosure;
fig. 12 is a diagram for describing a method of generating and storing a security key by using a security key management method, which is performed by a plurality of base stations, according to an embodiment of the present disclosure; and
fig. 13 is a block diagram of an electronic device according to an embodiment of the present disclosure.
Like reference numerals will be understood to refer to like parts, assemblies and structures throughout the drawings.
Detailed Description
According to one aspect of the present disclosure, an electronic device for managing security keys is provided. The electronic device includes a communication unit, a memory storing one or more instructions, and a processor configured to execute the one or more instructions stored in the memory, receive security information from each of at least one other electronic device through the communication unit, determine a master electronic device based on a security level of the electronic device and the security level of the at least one other electronic device, the security level of the at least one other electronic device being included in the received security information, generate a security key based on a result of the determination, and determine a portion to be removed from the security key for each of a plurality of electronic devices including the electronic device and the at least one other electronic device, and provide each portion of the security keys from which the determined portion is omitted to the at least one other electronic device through the communication unit.
The at least one processor may be further configured to remove a portion of the security key, the portion corresponding to the security level of the electronic device, and store a portion of the security key obtained by removing the portion corresponding to the security level of the electronic device.
The at least one processor may be further configured to: upon receiving a request to decrypt the encrypted data of the electronic device, requesting the removed portion from the at least one other electronic device via the communication unit,
based on the request, the removed portion is received from the at least one other electronic device by the communication unit and the encrypted data is decrypted based on a security key generated using the removed portion and the stored portion security key.
The at least one processor may be further configured to identify another one of the at least one other electronic devices that is closest to the electronic device and request the removed portion from the identified another electronic device through the communication unit.
The at least one processor may be further configured to receive a request for a removed portion of the security key from one of the at least one other electronic device via the communication unit, identify the removed portion of the security key, the removed portion corresponding to the at least one other electronic device that has sent the request, and provide the identified portion to the at least one other electronic device via the communication unit.
The at least one processor may be further configured to receive new security information from another electronic device other than the at least one other electronic device through the communication unit, update the master electronic device based on the security levels included in the new security information, and update the security key and the portion to be removed from the security key for each security level when the new security information is received.
The at least one processor may be further configured to identify another one of the at least one other electronic devices whose communication session is interrupted and update the portion to be removed from the security key for each security level based on the security level of the electronic device and the security level of the other one of the at least one other electronic device whose communication session is interrupted.
The at least one processor may be further configured to update the portion to be removed from the security key for each security level based on the changed security level when the security level of one of the electronic device and the at least one other electronic device is changed.
The at least one processor may be further configured to receive, from the determined other electronic device, a partial security key obtained by removing a portion corresponding to a security level of the electronic device from the security key, when one of the at least one other electronic device is determined to be a master electronic device.
The security level of the electronic device may be determined based on at least one of key storage on hardware, key storage on software, an operating system, a communication network, or a location of the electronic device.
At least one partial security key provided to each electronic device may be discarded after a preset period of time after the security key is generated.
According to another aspect of the present disclosure, a method of managing security keys performed by an electronic device is provided. The method includes receiving security information from each of at least one other electronic device, determining a master electronic device based on a security level of the electronic device and a security level of the at least one other electronic device, the security level of the at least one other electronic device being included in the received security information, generating a security key based on a result of the determining, determining a portion to be removed from the security key for each of a plurality of electronic devices including the electronic device and the at least one other electronic device; and providing each partial security key from which the determined portion was omitted to the at least one other electronic device.
Other aspects, advantages, and salient features of the disclosure will become apparent to those skilled in the art from the following detailed description, which, taken in conjunction with the annexed drawings, discloses various embodiments of the disclosure.
Mode of disclosure
The following description with reference to the accompanying drawings is provided to assist in a comprehensive understanding of the various embodiments of the disclosure defined by the claims and their equivalents. It includes various specific details to aid in understanding, but these are merely to be considered exemplary. Accordingly, one of ordinary skill in the art will recognize that various changes and modifications of the various embodiments described herein can be made without departing from the scope and spirit of the present disclosure. In addition, descriptions of well-known functions and constructions may be omitted for clarity and conciseness.
The terms and words used in the following description and claims are not limited to literature meanings, but are only used by the inventors to enable a clear and consistent understanding of the present disclosure. Accordingly, it will be apparent to those skilled in the art that the following descriptions of the various embodiments of the present disclosure are provided for illustration only and not for the purpose of limiting the disclosure as defined by the appended claims and their equivalents.
It should be understood that the singular forms "a", "an" and "the" include plural referents unless the context clearly dictates otherwise. Thus, for example, reference to "a component surface" includes reference to one or more such surfaces.
Throughout this disclosure, the expression "at least one of a, b or c" means a only, b only, c only, both a and b, both a and c, both b and c, all or variants thereof.
Hereinafter, embodiments of the present disclosure will be described more fully with reference to the accompanying drawings. In the description of the embodiments, description of technical contents that are well known in the art to which the present disclosure pertains and are not directly related to the present disclosure will be omitted. The gist of the present disclosure is clearly conveyed by omitting unnecessary descriptions without obscuring the gist of the present disclosure.
For the same reason, in the drawings, each constituent element is exaggerated, omitted, or schematically illustrated. Furthermore, the size of each constituent element does not fully reflect the actual size. Those elements that are identical or corresponding are indicated by identical reference numerals.
The advantages and features of the present disclosure and methods of accomplishing the same may become apparent with reference to the embodiments described in detail below in conjunction with the accompanying drawings. This disclosure may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of the disclosure to those skilled in the art. The scope of the present disclosure is defined only in the claims. Like numbers refer to like elements throughout.
Here, it will be understood that each block of the flowchart, and combinations of flowcharts, can be implemented by computer program instructions. These computer program instructions may be embodied in a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the instructions, which execute by the processor in the form of the computer or other programmable data processing apparatus, are not elements for performing the functions described in the flowchart block(s). These computer program instructions may also be stored in a computer-usable or computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-usable or computer-readable memory produce an article of manufacture including instruction means that implement the function specified in the flowchart block(s). Because computer program instructions may also be embedded on a computer or other programmable data processing apparatus, a series of operations may be performed on the computer or other programmable data processing apparatus to create a computer implemented process such that the instructions for implementing the computer or other programmable data processing apparatus provide operations for implementing the functions described in the flowchart block(s).
Furthermore, each block may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that in some alternative implementations, the functions noted in the block may occur out of the order. For example, two blocks shown in succession may in fact be executed substantially concurrently or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved.
The term "… unit" as used in the description refers to a software or hardware component, such as a Field Programmable Gate Array (FPGA) or an Application Specific Integrated Circuit (ASIC), and "… unit" performs certain functions. However, the "… unit" is not limited to software or hardware. The term "… unit" may be configured to be included in an addressable storage medium or to replicate one or more processors. Thus, by way of example, the term "… unit" may include, for example, object-oriented software components, class components and task components, as well as processes, functions, attributes, procedures, subroutines, segments of program code, drivers, firmware, microcode, circuitry, data, databases, data structures, tables, arrays, and variables. The functionality provided for in the components and "… units" may be combined into a fewer number of components and "… units" or further separated into additional components and "… units". In addition, components and "… units" may be implemented to replicate one or more CPUs in a device or secure multimedia card. Further, in embodiments of the present disclosure, a "unit" may include one or more processors.
In the present disclosure, an electronic device may include a User Equipment (UE), a Mobile Station (MS), a cellular phone, a smart phone, a computer, a wearable device, a tablet computer, a laptop computer, a notebook computer, or a multimedia system capable of performing a communication function.
Fig. 1 is a conceptual diagram for describing a method of managing security keys in an environment where a plurality of electronic devices exist according to an embodiment of the present disclosure.
Referring to fig. 1, in a fifth generation (5G) or super 5G environment, as technology for supporting connection advances and electronic devices providing various functions are developed, the number of electronic devices coexisting in a coverage area will also increase. In addition, consistent with this, the number of electronic devices owned by one user or the number of electronic devices shared by the user with other users may also increase. In the environment as described above, increasing the security of data stored in an electronic device is a critical issue. The present disclosure provides a method by which, when encrypted data requiring security is stored in an electronic device, a security key for decrypting the encrypted data is managed by a plurality of coexisting electronic devices.
Referring to fig. 1, a plurality of electronic devices such as a tablet computer 110, a smart phone 120, and a smart watch 130 may be connectable to one another. The encrypted data may be stored in at least one of the plurality of electronic devices 110, 120, or 130. The encrypted data may be decrypted using a secure key corresponding to the encryption key used to encrypt the data, and the encryption key and the secure key may be symmetric or asymmetric depending on the encryption technique used. The security key management method proposed in the present disclosure is applicable to symmetric or asymmetric encryption keys and security keys, but for convenience of description, the present disclosure will take the symmetric encryption keys and security keys as examples.
When all the security keys for decrypting the encrypted data are stored in all of the plurality of electronic devices 110, 120, and 130, and the security key stored in any one of the electronic devices (e.g., 130) is hacked, security of the data may be broken because the encrypted data is easily exposed. According to the security key management method according to the present disclosure, in order to improve security, a portion of the security key may be stored in each of the plurality of electronic devices 110, 120, and 130. The plurality of electronic devices 110, 120, and 130 according to embodiments of the present disclosure may store partial security keys obtained by removing different portions from the security keys. For example, when the plurality of electronic devices 110, 120, and 130 initially recognize each other and establish a communication session, they may share information about each other's security level and initial setup information, and may determine which portion of each security key is to be excluded and which portion of each security key is to be retained in the security key based on the information about each other's security level. The electronic device determined to be the master electronic device among the plurality of electronic devices 110, 120, and 130 may determine whether to generate the security key and which portion of the security key to exclude from each electronic device. This will be described in more detail later with reference to fig. 2.
When a need arises to decrypt encrypted data in any of the plurality of electronic devices 110, 120, and 130, the one electronic device may request a secure key portion in other nearby electronic devices that is not stored. For example, when a user requests decryption of encrypted data stored in the tablet computer 110, the tablet computer 110 may request a secure key portion not stored in the tablet computer 110 from the smartphone 120 in a nearby other electronic device. The tablet computer 110 may receive the requested security key portion from the smartphone 120 in response to the request and generate a security key by combining the requested security key portion with a portion of the security key stored in the tablet computer 110. Tablet computer 110 may decrypt the encrypted data based on the generated security key to provide the decrypted data to the user.
An electronic device according to an embodiment of the present disclosure may receive a security key portion not stored in the electronic device from other nearby electronic devices and generate a security key based on the received security key portion, so that data of a certain application or data of a certain web browser may be accessed by using the security key.
Fig. 2 is a flowchart for describing a method of managing security keys performed by an electronic device according to an embodiment of the present disclosure.
Referring to fig. 2, in operation S210, the electronic device may receive security information from each of at least one other electronic device. The security information may include information for determining a security level of the electronic device, or may include the security level itself. The security level is an index indicating the security strength of the security key. For example, the higher the security level of an electronic device, the longer and more complex the generated security key may be. The information used to determine the security level of the electronic device may include information about key storage on hardware, key storage on software, and information about the type and version of the operating system. For example, when there is a trust zone in a hardware storage that is not accessible by a normal application, or there is a hardware accelerator that encrypts and manages information used as a basis for generating a security key, a higher security level may be set for an electronic device having the above hardware storage than an electronic device without the trust zone or accelerator. Further, when the version of the software or operating system of the electronic device is the latest version, a higher security level can be set for the electronic device than for an electronic device in which the software or operating system of the previous version is installed. As another example, the information for determining the security level may include information about the type and location of the communication network. For example, an electronic device connected to a 5G network may be set to a higher security level than an electronic device connected to a Wi-Fi network, and an electronic device located in a private facility such as a home may be set to a higher security level than an electronic device located in a public facility such as a cafe or library.
The security information may be received together with identification information of the electronic device to which the identification information corresponds. For example, during an initial connection where electronic devices distinguish one from another to establish a communication session, security information may be exchanged between the electronic devices along with information required to establish the communication session. At least one of a unicast method, a multicast method, or a broadcast method may be used as a method of exchanging security information or the like between electronic devices, and other communication methods may also be used to exchange security information between electronic devices.
In operation S220, the electronic device may determine a master electronic device based on a security level of at least one other electronic device included in the received security information and a security level of the electronic device.
The electronic device according to the embodiments of the present disclosure may determine a security level of each of the at least one other electronic device according to the received security information. The operation of determining the security level may be performed in each of the electronic device and the at least one other electronic device. Hereinafter, for convenience of description, the electronic device and at least one other electronic device are collectively referred to as a plurality of electronic devices.
Each of the plurality of electronic devices may determine the electronic device having the highest security level as the master electronic device based on the exchanged security information. For example, as described above with reference to fig. 1, when exchanging security information between tablet computer 110, smart phone 120, and smart watch 130, tablet computer 110, smart phone 120, and smart watch 130 may each determine the master electronic device by comparing security levels of each other. For example, when security levels of tablet computer 110, smart phone 120, and smart watch 130 are level 2, level 1, and level 3, respectively, smart phone 120 may be determined to be the master electronic device.
In operation S230, when the electronic device is determined to be a master electronic device, the electronic device may generate a security key.
The electronic device determined to be the master electronic device may generate the security key through a preset security key generation algorithm. A symmetric cryptographic algorithm or an asymmetric encryption algorithm may be used to generate the security key, and in the present disclosure, the algorithm for generating the security key is not limited to a certain algorithm.
In operation S240, the electronic device may determine a portion to be removed from the security key for each security level of a plurality of electronic devices including the electronic device and at least one other electronic device.
The electronic device may determine, for each security level, the portion to remove from the generated security key. For example, when the length of the generated security key is L bits and the number of the plurality of electronic devices including the electronic device is N, the length of the portion to be removed for each electronic device may be determined as L/N bits. Each portion obtained by dividing L bits of the security key by the number N of the plurality of electronic devices will be described as a chunk (chunk). In this case, the length of the chunk is L/N bits. When the number of the plurality of electronic devices is three, the length of each chunk may be L/3 bits, and the security key may be composed of a total of three chunks.
In the above-described embodiment of fig. 1, when the security levels of the tablet computer 110, the smart phone 120, and the smart watch 130 are level 2, level 3, and level 1, respectively, the smart phone 120 is the master electronic device, the smart phone 120 may determine to provide the tablet computer 110 with a partial security key obtained by removing the second chunk portion from the security key. Further, the smart phone 120 may determine to store in the smart phone 120 a partial security key obtained by removing the third chunk portion from the security key. Further, smart phone 120 may determine to provide smart watch 130 with a partial security key obtained by removing the first chunk portion from the security key.
In operation S250, the electronic device may provide each of the partial security keys from which the determined portion is omitted to at least one other electronic device. The electronic device may provide a partial security key to at least one other electronic device from which a portion corresponding to each security level is omitted. Further, the electronic device may store a partial security key from which a portion corresponding to the security level of the electronic device itself is omitted.
When a decryption request for encrypted data of an electronic device is received, the electronic device according to an embodiment of the present disclosure may request the removed portion from at least one other electronic device. Further, when the removed portion is received from at least one other electronic device based on the request, the electronic device may generate a security key by using the removed portion and a portion of the security key stored in the electronic device. The generated security key may be used to decrypt the encrypted data.
An electronic device according to another embodiment of the present disclosure may receive a request for a removed portion of a security key from another electronic device. The electronic device may provide the removed portion of the security key corresponding to the request to the other electronic device. The other electronic device may generate a security key by using the security key portion provided by the electronic device and decrypt the encrypted data by using the generated security key.
At least one partial security key provided to each electronic device may be discarded after a preset period of time after the security key is generated.
Fig. 3 is a diagram for describing a method of providing a partial security key, from which a portion corresponding to a security level is omitted, performed by an electronic device according to an embodiment of the present disclosure.
Referring to fig. 3, a communication session may be established between a plurality of electronic devices including a first smart phone 310, a tablet computer 320, a smart watch 330, and a second smart phone 340. The type of communication session may be the same for all electronic devices, or different types of communication sessions may be established according to the communication methods supported by the respective electronic devices. For example, a communication session may be established between the first smartphone 310 and the tablet computer 320 over Wi-Fi, a communication session may be established between the tablet computer 320 and the smartwatch 330 over bluetooth, and a communication session may be established between the first smartphone 310 and the second smartphone 340 over a 5G network.
Multiple electronic devices may send or receive security information over each established communication session. Further, the plurality of electronic devices may compare their security levels with each other, so that the master electronic device having the highest security level may be determined. As described above with reference to fig. 2, the security level may be determined based on at least one of key storage on hardware, key storage on software, an operating system, a communication network, or a location of the electronic device, and in this embodiment, it is assumed that the first smart phone 310 has the highest security level.
When the first smart phone 310 is determined to be the master electronic device, the first smart phone 310 may generate a security key according to a preset algorithm. The generated security key may be 4M bits. The first smart phone 310 may generate four chunks, four being the number of the plurality of electronic devices, by dividing the security key of 4 mbit length into four. In this embodiment, in order to identify four chunks constituting the secure key, these chunks will be named key chunk 1, key chunk 2, key chunk 3, and key chunk 4, respectively.
The first smart phone 310 may determine the portion to remove from the security key for each security level of the electronic device. For example, the first smart phone 310 may determine the portion to be removed from the tablet computer 320 as key chunk 3. Thus, the first smart phone 310 may provide the tablet computer 320 with a portion of the secure key 325 that omits the key chunk 3. The first smart phone 310 may determine the portion to be removed from the smart watch 330 as key chunk 4. Thus, the first smart phone 310 may provide the smart watch 330 with a portion of the security key 335 that omits the key block 4. The first smart phone 310 may determine the portion to be removed from the second smart phone 340 as key chunk 2. Thus, the first smart phone 310 may provide the second smart phone 340 with a portion of the secure key 345 omitting the key block 2. The first smart phone 310 may store a partial security key 315 omitting the key chunk 1 corresponding to its own security level.
When the encrypted data needs to be decrypted in any one of the plurality of electronic devices 310, 320, 330, and 340, the one electronic device (e.g., 320) may request the omitted security key portion from at least one of the other electronic devices (e.g., 310) and receive the omitted security key portion. For example, the tablet computer 320 may request the key chunk 3 from the first smart phone 310 and receive the key chunk 3 from the first smart phone 310. The tablet computer 320 may generate a security key by combining the received key chunk 3 and the stored partial security key 325 and decrypt the encrypted data by using the generated security key.
Fig. 4 is a diagram for describing a method performed by an electronic device to determine a portion to be removed from a security key based on a security level according to an embodiment of the present disclosure.
Referring to fig. 4, in the first electronic device 410, the second electronic device 420, the third electronic device 430, and the fourth electronic device 440, information about an electronic device Identifier (ID) and a security level may be exchanged. Each electronic device may transmit information about their own electronic device ID and security level to other nearby electronic devices by using a multicast or broadcast method. However, this is merely an embodiment of the present disclosure, and the electronic devices may also transmit information about their electronic device IDs and security levels to each of nearby electronic devices by using a unicast method.
Each of the plurality of electronic devices 410, 420, 430, and 440 may determine a master electronic device by comparing their security levels to those of other electronic devices. In the embodiment illustrated in fig. 4, since the security levels of the first electronic device 410, the second electronic device 420, the third electronic device 430, and the fourth electronic device 440 are level 3, level 1, level 4, and level 2, respectively, the second electronic device 420 may be determined to be a master electronic device.
When the second electronic device 420 is determined to be the master electronic device, the second electronic device 420 may generate the security key 450 according to a preset algorithm. It is assumed here that the generated security key 450 has a length of 256 bits. The second electronic device 420 may determine a security weight based on the security level of each electronic device. The security weight is information of a portion through which it is to be removed from the security key, and may be determined as a value obtained by dividing the security level of each electronic device by the sum of the security levels of the plurality of electronic devices 410, 420, 430, and 440. For example, the security weights of the first electronic device 410, the second electronic device 420, the third electronic device 430, and the fourth electronic device 440 may be determined to be 3/10, 1/10, 4/10, and 2/10, respectively.
The second electronic device 420 may provide each electronic device with a remaining portion after removing a portion of the security weight corresponding to each electronic device. In the specification, a security key from which a portion corresponding to a security weight is removed will be described as a partial security key. For example, the second electronic device 420 may provide the first electronic device 410 with a partial security key 460 corresponding to the security key 450 with the 3/10 portion removed. The second electronic device 420 may provide the third electronic device 430 and the fourth electronic device 440 with a partial security key 480 corresponding to the security key 450 from which the 4/10 portion was removed, and a partial security key 490 corresponding to the security key 450 from which the 2/10 portion was removed, respectively. The second electronic device 420 may store a partial security key 470 with 1/10 of the portion corresponding to its security weight removed.
As described above, according to the security key management method according to an embodiment of the present disclosure, by storing a partial security key instead of an entire security key in an electronic device, it is possible to prevent a problem of exposing the entire security key when the electronic device is hacked, thereby improving security. When the security key is to be generated, the electronic device may request the removed portion from the security key from other electronic devices in the vicinity, receive the removed portion, and generate the entire security key by combining the removed portion and the partial security key.
Fig. 5 is a diagram for describing a method performed by an electronic device to determine a portion to be removed from a security key based on a security level according to an embodiment of the present disclosure.
Referring to fig. 5, among the first electronic device 510, the second electronic device 520, and the third electronic device 530, information about the electronic device ID and the security level may be exchanged. Each electronic device may transmit information about their own electronic device ID and security level to other nearby electronic devices by using a multicast or broadcast method. However, this is merely an embodiment of the present disclosure, and the electronic devices may also transmit information about their electronic device IDs and security levels to each of the near electronic devices by using a unicast method.
Each of the plurality of electronic devices 510, 520, and 530 may determine a master electronic device by comparing their security levels with those of other electronic devices. In the embodiment illustrated in fig. 5, since the security levels of the first electronic device 510, the second electronic device 520, and the third electronic device 530 are level 2, level 4, and level 1, respectively, the third electronic device 530 may be determined to be a master electronic device.
When the third electronic device 530 is determined to be the master electronic device, the third electronic device 530 may generate the security key 540 according to a preset algorithm. It is assumed here that the generated security key 540 has a length of 256 bits. The third electronic device 530 may determine, for each electronic device, a portion to be removed from the security key based on the security level.
In this specification, it is assumed that the security keys are divided according to a preset number, and two parts are removed from the security keys of the electronic devices having a security level lower than a preset level (e.g., 2). For example, the third electronic device 530 may divide the security key 540 into four parts and provide the first electronic device 510 with a partial security key 550 with 1/4 of the parts omitted. The third electronic device 530 may provide the second electronic device 520 with a portion of the security key 560,2/4 that corresponds to the security key 540, removed from the security key 540. The third electronic device 530 may store a portion of the secure key 570,1/4 portion corresponding to the secure key 540, removed from the secure key 540.
According to the security key management method according to the embodiment of the present disclosure, an electronic device having a low security level is configured to request a removed portion of a security key from a plurality of other electronic devices in the vicinity, thereby preventing a risk that a weak electronic device exposes the security key.
Fig. 6 is a flowchart of a method performed by an electronic device to receive a portion removed from a secure key from another electronic device and generate the secure key, according to an embodiment of the present disclosure.
Referring to fig. 6, in operation S610, the electronic device may receive a decryption request for encrypted data. To protect the user's information, data that is restricted in access according to the user's request or the settings of the electronic device may be stored in the electronic device. To limit access, the data may be stored in encrypted form and to read the data, a security key corresponding to the encryption key is provided.
An electronic device according to an embodiment of the present disclosure may receive a user input requesting display of locked data in the electronic device, or according to another embodiment of the present disclosure, the electronic device may receive a request to view personal information of the user. However, this is merely an example, and the decryption request is not limited to the above-described form.
In operation S620, the electronic device may request the removed portion of the security key from at least one other electronic device. It is assumed that the electronic device according to an embodiment of the present disclosure is an electronic device that stores a partial security key generated according to the method described above in fig. 2.
When receiving a decryption request for encrypted data, the electronic device may request the removed portion from another electronic device to generate an entire security key based on the partial security key stored therein. For example, the electronic device may designate the removed portion and send a request message including information about the designated portion to other nearby electronic devices. According to another example, the electronic device may send a request message to other nearby electronic devices requesting to provide the security key without specifying the removed portion.
Further, the electronic device may send the request message in a multicast or broadcast form so that other nearby electronic devices may receive the request message. However, this is merely an example, and the electronic device may designate the closest electronic device among other nearby electronic devices, and send a request message to the designated electronic device.
In operation S630, the electronic device may receive the removed portion from the at least one other electronic device based on the request. When a request is made by designating the removed portion in operation S620 described above, the electronic device according to the embodiment of the present disclosure may receive the removed portion from another electronic device. According to another embodiment of the present disclosure, when the removed portion is not designated in operation S620, the electronic device may receive a portion of the security key stored in another electronic device.
In operation S640, the electronic device may generate a security key by using the removed portion and the stored partial security key.
In operation S650, the electronic device may decrypt the encrypted data based on the generated security key. For example, when a user input is received requesting that locked data in the electronic device be displayed, the electronic device may unlock the locked data based on the security key. According to another example, upon receiving a request to view personal information of a user, the electronic device may decrypt the encrypted personal information of the user based on the security key. However, this is merely an example, and the decrypted data is not limited to the above example.
Fig. 7 is a diagram for describing a method performed by an electronic device to receive a portion removed from a security key from another electronic device and generate the security key, according to an embodiment of the present disclosure.
Referring to fig. 7, in the first electronic device 710, the second electronic device 720, the third electronic device 730, and the fourth electronic device 740, information about the electronic device ID and the security level may be exchanged. Each of the plurality of electronic devices 710, 720, 730, and 740 may determine a master electronic device by comparing their own security level with the security levels of other electronic devices. The master electronic device may generate a security key and may provide each electronic device with a partial security key generated by removing a portion of the security key based on each security level of each electronic device. Accordingly, as described above with reference to fig. 1 to 5, partial security keys, each omitting a portion different from each other, may be stored in the plurality of electronic devices 710, 720, 730, and 740. For example, the portion 715 corresponding to the 3/10 removed security key and the portion 725 corresponding to the 4/10 removed security key may be stored in the first electronic device 710 and the second electronic device 720, respectively. Further, a portion 735 corresponding to the security key removed 2/10 and a portion 745 corresponding to the security key removed 1/10 may be stored in the third electronic device 730 and the fourth electronic device 740, respectively.
The second electronic device 720 may receive a decryption request for the encrypted data. For example, the second electronic device 720 may receive user input requesting access to an application. To access an application, the second electronic device 720 needs to decrypt the encrypted data, for which purpose the second electronic device 720 may request the removed part of the security key from the other electronic device. To request the removed portion of the security key, the second electronic device 720 may select the closest electronic device among the other electronic devices 710, 730, and 740 that store the portion of the security key. For example, the second electronic device 720 may determine that the first electronic device 710 having the greatest signal strength among the signals received from the other electronic devices 710, 730, and 740 is closest to the second electronic device 710, and thus select the first electronic device 710.
The second electronic device 720 may request the removed portion of the security key from the first electronic device 710. For example, the second electronic device 720 may designate the removed portion and send a request message to the first electronic device 710 that includes information about the designated portion. According to another example, the second electronic device 720 may send a request message to the first electronic device 710 requesting to provide the security key without specifying the removed portion.
The second electronic device 720 may receive the removed portion from the first electronic device 710 based on the request message. When a request is made by specifying the removed portion, the second electronic device 720 according to embodiments of the present disclosure may receive the removed portion 728 from the first electronic device 710. According to another embodiment of the present disclosure, when the second electronic device 720 does not designate the removed portion, the second electronic device 720 may receive the partial security key stored in the first electronic device 710.
The second electronic device 720 may generate a security key by using the removed portion and the stored portion security key. Further, the second electronic device 720 may decrypt the encrypted data based on the generated security key.
Fig. 8 is a diagram for describing a method performed by an electronic device to receive a portion removed from a security key from another electronic device and generate the security key, according to an embodiment of the present disclosure.
Referring to fig. 8, information about an electronic device ID and a security level may be exchanged between the first electronic device 810, the second electronic device 820, and the third electronic device 830. Each of the plurality of electronic devices 810, 820, and 830 may determine the master electronic device by comparing their own security level with the security levels of the other electronic devices. The master electronic device may generate a security key and may provide each electronic device with a partial security key generated by removing a portion of the security key based on each security level of each electronic device. In the embodiment shown in fig. 8, as described above with reference to fig. 5, a partial security key omitting portions of the security key may be provided to the electronic device having the weakest security level among the plurality of electronic devices. For example, a first electronic device 810 of the plurality of electronic devices 810, 820, and 830 may be an IoT refrigerator, which is an electronic device shared by multiple users. In general, an electronic device shared by multiple users may have a lower security level than the second electronic device 820 and the third electronic device 830. Accordingly, the first electronic device 810 may be provided with a partial security key from which a plurality of portions constituting the security key are omitted. When the third electronic device 830 is the master electronic device having the highest security level among the plurality of electronic devices 810, 820, and 830, the third electronic device 830 may provide the first electronic device 810 with a partial security key corresponding to the security key from which the plurality of portions are removed. In addition, the third electronic device 830 may provide the second electronic device 820 with the partial security key corresponding to the security key from which one portion is removed, and the third electronic device 830 may also store the partial security key corresponding to the security key from which one portion is removed.
When the first electronic device 810 receives an input from a user requesting execution of the shopping application, it may be necessary to decrypt the encrypted data to execute the shopping application. Thus, the first electronic device 810 may request portions removed from the security key from other nearby electronic devices 820 and 830. In the case of the first electronic device 810, a plurality of parts are removed from its security key and the plurality of removed parts are stored in the second electronic device 820 and the third electronic device 830, respectively, and thus, the first electronic device 810 may request the removed parts of the security key from both the second electronic device 820 and the third electronic device 830.
The first electronic device 810 may receive the removed portions from the second electronic device 820 and the third electronic device 830, respectively, based on the request. When the first electronic device 810 has made a request by specifying the removed portion, the first electronic device 810 may receive the removed portion from each of the second electronic device 820 and the third electronic device 830. According to another embodiment of the present disclosure, when the first electronic device 810 does not designate the removed portion, the first electronic device 810 may receive the partial security keys 715 stored in each of the second electronic device 820 and the third electronic device 830.
The first electronic device 810 may generate a security key by using the removed portion and the stored portion security key. Further, the first electronic device 810 can execute the shopping application by decrypting the encrypted data based on the generated security key.
Fig. 9 is a diagram for describing a method of updating a security key when a communication session of some of a plurality of electronic devices managing the security key is interrupted, according to an embodiment of the present disclosure.
Referring to fig. 9, in the first electronic device 910, the second electronic device 920, the third electronic device 930, and the fourth electronic device 940, information about the electronic device ID and the security level may be exchanged. Each electronic device may transmit information about their own electronic device ID and security level to other nearby electronic devices by using a multicast or broadcast method. However, this is merely an embodiment, and the electronic devices may also transmit information about their own electronic device IDs and security levels to each of nearby electronic devices by using a unicast method.
Each of the plurality of electronic devices 910, 920, 930, and 940 may determine the master electronic device by comparing their own security level with the security levels of the other electronic devices. In the embodiment of fig. 9 of the present disclosure, since the security levels of the first electronic device 910, the second electronic device 920, the third electronic device 930, and the fourth electronic device 940 are level 2, level 4, level 1, and level 3, respectively, the third electronic device 930 may be determined as a master electronic device.
When the third electronic device 930 is determined to be the master electronic device, the third electronic device 930 may generate a security key according to a preset algorithm. The third electronic device 930 may determine a portion to be removed from the security key for each electronic device based on the security level of each electronic device. The third electronic device 930 may provide the first, second, and fourth electronic devices 910, 920, 940 with partial security keys 915, 925, 935, and 945, respectively, generated as a result of removing the determined portions.
When a communication session with at least one of the plurality of electronic devices 910, 920, 930, and 940 is interrupted, a partial security key cannot be provided from the electronic device whose communication session is interrupted, and thus, the security key needs to be updated. For example, when an electronic device moves to a remote location where a signal cannot reach or power is turned off, a communication session between the electronic device and another electronic device may be interrupted. Thus, the process of updating the security key may be performed among the plurality of electronic devices 910, 920, 930, and 940 among other electronic devices except for the electronic device in which the communication session is interrupted. The process of updating the security key in the case where the communication session with the third electronic device 930, which is the master electronic device, is interrupted is described below.
The first electronic device 910, the second electronic device 920, and the fourth electronic device 940 may determine a new master electronic device based on information about their electronic device IDs and security levels. The electronic devices 910, 920, and 940 may determine a new master electronic device based on the information about the electronic device ID and the security level exchanged in the initial connection operation. According to another embodiment of the present disclosure, the electronic devices 910, 920, and 940 may again exchange information regarding the electronic device ID and security level to determine a new master electronic device.
Each of the first electronic device 910, the second electronic device 920, and the fourth electronic device 940 may determine a new master electronic device by comparing their own security levels with those of other electronic devices. For example, the first electronic device 910 with the highest security level may be determined to be the new master electronic device. Thus, the first electronic device 910 may generate a new security key and may provide each electronic device with new partial security keys 955, 965, and 975 generated by removing portions of the security key based on the security level of each electronic device. Accordingly, as described above with reference to fig. 1 to 5, in the first electronic device 910, the second electronic device 920, and the fourth electronic device 940, partial security keys omitting portions different from each other may be stored.
Fig. 10 is a diagram for describing a method of updating a security key when a connection with another electronic device is added to a plurality of electronic devices managing the security key according to an embodiment of the present disclosure.
Referring to fig. 10, information regarding an electronic device ID and a security level may be exchanged among a first electronic device 1010, a second electronic device 1020, and a third electronic device 1030. Each electronic device may transmit information about their own electronic device ID and security level to other nearby electronic devices by using a multicast or broadcast method. However, this is merely an embodiment, and the electronic devices may also transmit information about their own electronic device IDs and security levels to each of nearby electronic devices by using a unicast method.
Each of the plurality of electronic devices 1010, 1020, and 1030 may determine a master electronic device by comparing their own security level with the security levels of other electronic devices. In the embodiment illustrated in fig. 10, since the security levels of the first electronic device 1010, the second electronic device 1020, and the third electronic device 1030 are level 2, level 4, and level 3, respectively, the first electronic device 1010 may be determined to be a master electronic device.
When the first electronic device 1010 is determined to be the master electronic device, the first electronic device 1010 may generate a security key according to a preset algorithm. The first electronic device 1010 may determine, for each electronic device, a portion to remove from the security key based on the security level of each electronic device. The first electronic device 1010 may provide the second electronic device 1020 and the third electronic device 1030 with partial security keys 1025 and 1035, respectively, obtained by removing the determined portion from the security keys. The first electronic device 1010 may store a partial security key 1015 obtained by removing a portion corresponding to its own security level from the security key.
When a new fourth electronic device 1040 is detected that can connect to the communication session with the plurality of electronic devices 1010, 1020, and 1030, the plurality of electronic devices 1010, 1020, and 1030 may have to update the security keys for security key management, taking into account the security level of the new electronic device 1040. Accordingly, the process of updating the security key may be performed among the first electronic device 1010, the second electronic device 1020, the third electronic device 1030, and the fourth electronic device 1040.
The first electronic device 1010, the second electronic device 1020, the third electronic device 1030, and the fourth electronic device 1040 may determine new master electronic devices based on information about their electronic device IDs and security levels. For example, the fourth electronic device 1040 with the highest security level may be determined to be the new master electronic device. Thus, the fourth electronic device 1040 may generate a security key, and each electronic device may be provided with a new partial security key 1045, 1055, 1065, and 1075 generated by removing portions of the security key based on the security level of each electronic device. Accordingly, as described above with reference to fig. 1 to 5, in the first electronic device 1010, the second electronic device 1020, the third electronic device 1030, and the fourth electronic device 1040, partial security keys omitting portions different from each other may be stored.
Fig. 11 is a diagram for describing a method of updating a security key when a security level of at least one of a plurality of electronic devices managing the security key is changed according to an embodiment of the present disclosure.
Referring to fig. 11, information regarding an electronic device ID and a security level may be exchanged between a first electronic device 1110, a second electronic device 1120, a third electronic device 1130, and a fourth electronic device 1140. Each electronic device may transmit information about their own electronic device ID and security level to other nearby electronic devices by using a multicast or broadcast method. However, this is merely an embodiment, and the electronic devices may also transmit information about their own electronic device IDs and security levels to each of nearby electronic devices by using a unicast method.
Each of the plurality of electronic devices 1110, 1120, 1130, and 1140 can determine a master electronic device by comparing their own security level to the security levels of other electronic devices. In the embodiment illustrated in fig. 11, since the security levels of the first electronic device 1110, the second electronic device 1120, the third electronic device 1130, and the fourth electronic device 1140 are level 2, level 4, level 1, and level 3, respectively, the third electronic device 1130 may be determined to be a master electronic device.
When the third electronic device 1130 is determined to be the master electronic device, the third electronic device 1130 may generate the security key 1135 according to a preset algorithm. The third electronic device 1130 may determine the portion to remove from the security key for each electronic device based on the security level of each electronic device. The third electronic device 1130 may provide the first electronic device 1110, the second electronic device 1120, and the fourth electronic device 1140 with partial security keys 1115, 1125, and 1145, respectively, obtained by removing the determined portions. The first electronic device 1110 may store a partial security key 1115 obtained by removing a portion corresponding to its own security level from the security key.
When the security level of at least one of the plurality of electronic devices 1110, 1120, 1130, or 1140 is changed, the security key needs to be updated in consideration of the changed security level. Accordingly, the process of updating the security key may be performed among the first electronic device 1110, the second electronic device 1120, the third electronic device 1130, and the fourth electronic device 1140.
The first electronic device 1110, the second electronic device 1120, the third electronic device 1130, and the fourth electronic device 1140 may exchange information about their electronic device IDs and the changed security level. As described above, the first electronic device 1110, the second electronic device 1120, the third electronic device 1130, and the fourth electronic device 1140 may determine the electronic device having the highest security level as a new master electronic device based on the information about the changed security level. In this embodiment, assume that the security level of fourth electronic device 1140 increases from level 3 to level 1. Since the security level of the fourth electronic device 1140 among the plurality of electronic devices 1110, 1120, 1130, and 1140 is determined to be optimal according to the change in the security level, the fourth electronic device 1140 may be determined to be a new master electronic device. Thus, the fourth electronic device 1140 may generate a new security key and may provide the electronic devices with new partial security keys 1155, 1165, 1175, 1185 generated by removing portions of the security key based on the security level of each electronic device. Accordingly, as described above with reference to fig. 1 to 5, in the first electronic device 1110, the second electronic device 1120, the third electronic device 1130, and the fourth electronic device 1140, partial security keys omitting portions different from each other may be stored.
Fig. 12 is a diagram for describing a method of generating and storing a security key by using a security key management method, which is performed by a plurality of base stations, according to an embodiment of the present disclosure.
Referring to fig. 12, a communication session may be established between a plurality of base stations 1210, 1220, 1230, and 1240. The plurality of base stations 1210, 1220, 1230, and 1240 may include at least one of an eNB as a 4G base station or a gNB as a 5G base station. For example, the plurality of base stations may be all enbs or all gnbs, and according to another example, an eNB and a gNB may be included in the plurality of base stations.
As an example, a security key management method for a case where an eNB and a gNB coexist is described, but this is merely an example, and a security key management method to be described below may also be applied to a plurality of base stations composed of enbs or a plurality of base stations composed of gnbs.
The plurality of base stations 1210, 1220, 1230, and 1240 may each transmit or receive security information through a communication session established therewith. In addition, each of the plurality of base stations 1210, 1220, 1230, and 1240 may compare their own security levels with those of other base stations and determine the master electronic device having the highest security level. As described above with reference to fig. 2, the security level may be determined based on at least one of key storage on hardware, key storage on software, an operating system, a communication network, or a location of an electronic device, and in this embodiment, it is assumed that the fourth base station 1240 has the highest security level.
When the fourth base station 1240 is determined to be the primary electronic device, the fourth base station 1240 may generate a security key according to a preset algorithm. The fourth base station 1240 may determine a portion to be removed from the security key for each security level of each base station. For example, the fourth base station 1240 may determine a value obtained by dividing the security level of the base station by the sum of the security levels as a weight, and determine a portion to be removed from the security key of each base station based on the determined weight. Accordingly, the first base station 1210 may receive the first partial security key 1215 obtained by removing the 5/18 portion from the security key from the fourth base station 1240. Further, the second base station 1220 may receive a second partial security key 1225 obtained by removing the 6/18 portion from the security key from the fourth base station 1240. The third base station 1240 may receive a third partial security key 1235 obtained by removing the 4/18 portion from the security key from the fourth base station 1240. The fourth base station 1240 may store a fourth partial security key 1245 obtained by removing the 3/18 portion from the security key.
When encrypted data needs to be decrypted in any one of the plurality of base stations 1210, 1220, 1230, and 1240, one base station (e.g., base station 1220) may request a corresponding removed security key portion from at least one other base station (e.g., base station 1210) and receive the requested removed security key portion. The base station (e.g., base station 1220) may generate a security key by combining the received security key portion with a portion of the security key stored therein (e.g., security key portion 1225) and decrypt the encrypted data by using the generated security key.
Fig. 13 is a block diagram of an electronic device according to an embodiment of the present disclosure.
Referring to fig. 13, an electronic device 1300 according to an embodiment of the present disclosure may include a communication unit 1310, a memory 1320, and a processor 1330. However, not all illustrated components are necessary components. The electronic device 1300 may be implemented by more components than those illustrated, or the electronic device 1300 may be implemented by fewer components than those illustrated.
The communication unit 1310 may include one or more components capable of communicating with other electronic devices and other external devices. For example, communication unit 1310 may include a short range communication unit, a mobile communication unit, and the like.
The short-range communication unit may include, but is not limited to, a bluetooth communication unit, a Bluetooth Low Energy (BLE) communication unit, a near field communication unit, a Wireless Local Area Network (WLAN) (Wi-Fi) communication unit, a Zigbee communication unit, an infrared data association (IrDA) communication unit, a Wi-Fi direct (WFD) communication unit, an Ultra Wideband (UWB) communication unit, an ant+ communication unit, and the like.
The mobile communication unit transmits or receives radio signals to or from at least one of the base station, another electronic device, or an external server. Here, the radio signal may include various types of data according to transmission/reception of an ID of the electronic device, information on a security level, or a partial security key.
The memory 1320 may store a program that causes the electronic device 1300 to perform the security key management method described above with reference to fig. 1 to 12. Memory 1320 may store data required for secure key management. For example, the memory 1320 may store information regarding the IDs and security levels of the electronic device 1300 and other electronic devices, as well as portions of the security keys.
The memory 1320 may include at least one type of storage medium of a flash memory type, a hard disk type, a multimedia card micro type, a card type memory (e.g., a Secure Digital (SD) or extreme digital (XD) memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a Read Only Memory (ROM), an Electrically Erasable Programmable Read Only Memory (EEPROM), a Programmable Read Only Memory (PROM), a magnetic memory, a magnetic disk, or an optical disk.
Processor 1330 may receive security information from each of at least one other electronic device through communication unit 1310. Processor 1330 may determine a master electronic device based on the security level of electronic device 1300 and the security level of at least one other electronic device included in the received security information. When electronic device 1300 is determined to be the master electronic device, processor 1330 may generate a security key and determine the portion to remove from the security key based on each security level of a plurality of electronic devices including electronic device 1300 and at least one other electronic device. Processor 1330 may provide each of the partial security keys from which the determined portion was omitted to at least one other electronic device through communication unit 1310.
The processor 1330 may remove a portion corresponding to the security level of the electronic device 1300 from the security key, and store a portion of the security key obtained by removing the portion corresponding to the security level of the electronic device 1300. When a request to decrypt encrypted data of the electronic device 1300 is received, the processor 1330 may request the removed portion from at least one other electronic device through the communication unit 1310. Processor 1330 may receive the removed portion from at least one other electronic device via communication unit 1310 based on the request. Processor 1330 may decrypt the encrypted data based on a security key generated using the removed portion and the stored portion security key.
Processor 1330 according to embodiments of the present disclosure may identify, among at least one other electronic device, the other electronic device that is closest to electronic device 1300. Further, the processor 1330 may request the removed portion from the identified other electronic device through the communication unit 1310.
Processor 1330 may receive a request from one of the at least one other electronic device via communication unit 1310 for a portion removed from the security key. Processor 1330 may identify a removed portion of the security key corresponding to the other electronic device that has sent the request and provide the identified portion to the other electronic device through communication unit 1310.
When another electronic device different from at least one other electronic device is detected, the processor 1330 may receive new security information from the detected electronic device through the communication unit 1310. Processor 1330 may update the master electronic device based on the security level included in the new security information. Here, when new security information is received, the security key and the portion removed from the security key with respect to each security level may be updated.
Processor 1330 according to embodiments of the present disclosure may identify, among at least one other electronic device, the other electronic device for which the communication session was interrupted. Further, processor 1330 may generate a new security key based on the security level of the electronic device and the security level of the electronic device other than the other electronic device in which the communication session was interrupted, and update the portion removed from the security key according to the security level.
When the security level of one of the electronic device and at least one other electronic device is changed, the processor 1330 according to embodiments of the present disclosure may update the portion removed from the security key for each security level based on the changed security level.
When one of the at least one other electronic device is determined to be the master electronic device, the processor 1330 according to an embodiment of the present disclosure may receive a partial security key obtained by removing a portion corresponding to the security level of the electronic device from the determined other electronic device through the communication unit 1310.
Processor 1330 may discard a portion of the security keys stored in memory 1320 after a preset period of time after generating the security keys.
Each component of the block diagram may be integrated, added, or omitted, depending on the specifications of the actual implementation of the device. That is, two or more components may be combined into a single component, or a single component may be divided into two or more components, as needed. Furthermore, the functions performed by each block are used to explain embodiments of the present disclosure, and their specific operations or devices do not limit the scope of the present disclosure.
The methods according to the embodiments described in the claims or specification of the present disclosure may be implemented as hardware or software or a combination of hardware and software.
When implemented as software, a computer-readable storage medium storing one or more programs (software modules) may be provided. One or more programs stored in the computer-readable storage medium are configured to be executed by one or more processors in an electronic device (device). The one or more programs include instructions for causing the electronic device to perform the methods according to the embodiments described in the claims or specification of the present disclosure.
The above-described programs (software modules, software) may be stored on a non-volatile memory including random access memory, flash memory, read Only Memory (ROM), electrically erasable programmable ROM (electrically erasable programmable read only memory (EEPROM)), magnetic disk storage devices, compact disk-ROM (CD-ROM), digital Versatile Disk (DVD), or any other form of optical storage device or cartridge. Alternatively, the program may be stored in a memory configured with a combination of some or all of them. Further, a plurality of each of the constituent memories may be included.
Further, the program may be stored in an attachable storage device accessible by a communication network such as the internet, an intranet, a Local Area Network (LAN), a Wireless LAN (WLAN), or a Storage Area Network (SAN), or a combination thereof. The above-described storage device may be connected to a device implementing an embodiment of the present disclosure through an external port. Further, a separate storage device on a communication network may be connected to a device implementing embodiments of the present disclosure.
In the specific embodiments of the present disclosure described above, elements included in the present disclosure are represented in the singular or the plural, depending on the specific embodiment presented. However, for convenience of description, singular or plural expressions are appropriately selected for the presented context, and the present disclosure is not limited to the singular or plural elements, and even when an element is expressed in plural, the element may be composed of a single element, or an element expressed in singular may be composed of a plurality of elements.
While the present disclosure has been shown and described with reference to various embodiments thereof, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the present disclosure as defined by the appended claims and their equivalents.

Claims (15)

1. An electronic device for managing security keys, the electronic device comprising:
a communication unit;
a memory storing one or more instructions; and
at least one processor configured to execute the one or more instructions stored in the memory,
wherein the at least one processor is further configured to:
receiving security information from each of the at least one other electronic device via the communication unit,
determining a master electronic device based on a security level of the electronic device and a security level of the at least one other electronic device, the security level of the at least one other electronic device being included in the received security information,
a security key is generated based on the result of the determination,
determining, for each security level of a plurality of electronic devices including the electronic device and the at least one other electronic device, a portion to be removed from the security key, and
the at least one other electronic device is provided with a partial security key by the communication unit from which the determined portion is omitted.
2. The electronic device of claim 1, wherein the at least one processor is further configured to:
Removing a portion of the security key, the portion corresponding to the security level of the electronic device; and
a partial security key obtained by removing a portion corresponding to the security level of the electronic device is stored.
3. The electronic device of claim 2, wherein the at least one processor is further configured to:
requesting, by the communication unit, the removed portion from the at least one other electronic device in accordance with receiving a request to decrypt the encrypted data of the electronic device;
receiving, by the communication unit, the removed portion from the at least one other electronic device based on the request; and
decrypting the encrypted data based on a security key generated using the removed portion and the stored portion security key.
4. The electronic device of claim 1, wherein the at least one processor is further configured to:
receiving, by the communication unit, a request for the removed portion of the secure key from one of the at least one other electronic device;
identifying the removed portion of the secure key, the removed portion corresponding to the at least one other electronic device that has sent the request; and
The identified portion is provided to the at least one other electronic device via the communication unit.
5. The electronic device of claim 1, wherein the at least one processor is further configured to:
receiving new security information from a second electronic device different from the at least one other electronic device through the communication unit;
updating the master electronic device based on a security level included in the new security information; and
when the new security information is received, the security key and the portion to be removed from the security key are updated for each security level.
6. The electronic device of claim 1, wherein the at least one processor is further configured to:
identifying a second electronic device of the at least one other electronic device whose communication session is interrupted; and
updating a portion to be removed from the security key for each security level based on the security level of the electronic device and the security levels of the other electronic devices other than the second electronic device, the second electronic device being one of the at least one other electronic device for which the communication session is interrupted.
7. The electronic device of claim 1, wherein the at least one processor is further configured to update, for each security level, a portion to be removed from the security key based on the changed security level when the security level of one of the electronic device and the at least one other electronic device changes.
8. The electronic device of claim 1, wherein the at least one processor is further configured to receive, by the communication unit, from the determined other electronic devices, a partial security key obtained by removing a portion corresponding to the security level of the electronic device from the security key when one of the at least one other electronic devices is determined to be a master electronic device.
9. The electronic device of claim 1, wherein the security level of the electronic device is determined based on at least one of key storage on hardware, key storage on software, an operating system, a communication network, or a location of the electronic device.
10. The electronic device of claim 1, wherein the portion of the security key provided to each electronic device is discarded after a preset period of time after the security key is generated.
11. A method performed by an electronic device of managing security keys, the method comprising:
receiving security information from each of the at least one other electronic device;
determining a master electronic device based on a security level of the electronic device and a security level of the at least one other electronic device, the security level of the at least one other electronic device being included in the received security information;
generating a security key based on a result of the determining;
determining, for each security level of a plurality of electronic devices including the electronic device and the at least one other electronic device, a portion to be removed from the security key; and
each portion security key from which the determined portion is omitted is provided to the at least one other electronic device.
12. The method of claim 11, further comprising:
removing a portion of the security key, the portion corresponding to the security level of the electronic device; and
a partial security key obtained by removing a portion corresponding to the security level of the electronic device is stored.
13. The method of claim 12, further comprising:
Requesting the removed portion from the at least one other electronic device in accordance with receiving a request to decrypt the encrypted data of the electronic device;
receiving the removed portion from the at least one other electronic device based on the request; and
decrypting the encrypted data based on a security key generated using the removed portion and the stored portion security key.
14. The method of claim 11, further comprising:
receiving a request for the removed portion of the secure key from one of the at least one other electronic device;
identifying the removed portion of the secure key, the removed portion corresponding to the at least one other electronic device that has sent the request, and
the identified portion is provided to the at least one other electronic device.
15. A computer program product comprising a computer-readable recording medium having a program stored therein for causing an electronic device to execute a method of managing security keys, the method comprising:
receiving security information from each of the at least one other electronic device;
Determining a master electronic device based on a security level of the electronic device and a security level of the at least one other electronic device, the security level being included in the received security information;
generating a security key based on a result of the determining;
determining, for each security level of a plurality of electronic devices including the electronic device and the at least one other electronic device, a portion to be removed from the security key; and
each portion security key from which the determined portion is omitted is provided to the at least one other electronic device.
CN202180081617.9A 2020-12-04 2021-12-03 Method and apparatus for managing security keys Pending CN116547943A (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
KR10-2020-0168720 2020-12-04
KR1020200168720A KR20220079192A (en) 2020-12-04 2020-12-04 Method and apparatus for managing security key
PCT/KR2021/018232 WO2022119382A1 (en) 2020-12-04 2021-12-03 Method and device for managing security key

Publications (1)

Publication Number Publication Date
CN116547943A true CN116547943A (en) 2023-08-04

Family

ID=81848299

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202180081617.9A Pending CN116547943A (en) 2020-12-04 2021-12-03 Method and apparatus for managing security keys

Country Status (3)

Country Link
US (1) US11750373B2 (en)
EP (1) EP4239949A4 (en)
CN (1) CN116547943A (en)

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1383265A1 (en) * 2002-07-16 2004-01-21 Nokia Corporation Method for generating proxy signatures
GB2451505A (en) * 2007-08-01 2009-02-04 Iti Scotland Ltd Key distribution in a network using key shares in a secret sharing scheme
KR101252549B1 (en) * 2008-11-21 2013-04-08 한국전자통신연구원 Method for safely distributing encoding/decoding programs and a symmetric key and Devices for partitioning and injecting them for safe distribution in a security domain environment
WO2013080168A1 (en) 2011-12-01 2013-06-06 Koninklijke Philips Electronics N.V. Simplified management of group secrets by group members
PL2951975T3 (en) 2013-01-30 2017-01-31 Telefonaktiebolaget Lm Ericsson (Publ) Security key generation for dual connectivity
KR101687287B1 (en) 2014-08-18 2017-01-02 남기원 Individual data managing system and method of the same
KR102294118B1 (en) 2014-10-21 2021-08-26 삼성전자주식회사 Apparatus and method and for connecting security
US9916458B2 (en) * 2015-03-31 2018-03-13 EMC IP Holding Company LLC Secure cloud-based storage of data shared across file system objects and clients
KR102319661B1 (en) 2015-08-07 2021-11-03 삼성전자주식회사 Electronic device and security information storaging method
JP6663013B2 (en) 2015-12-18 2020-03-11 アマゾン・テクノロジーズ・インコーポレーテッド Provisioning shippable storage and capturing data from shippable storage
US9934389B2 (en) 2015-12-18 2018-04-03 Amazon Technologies, Inc. Provisioning of a shippable storage device and ingesting data from the shippable storage device
US10771245B2 (en) * 2018-04-20 2020-09-08 Mastercard International Incorporated Systems and methods for use in computer network security
US11240220B2 (en) * 2018-06-13 2022-02-01 Paypal, Inc. Systems and methods for user authentication based on multiple devices
US11394712B2 (en) * 2019-01-18 2022-07-19 Anchor Labs, Inc. Secure account access

Also Published As

Publication number Publication date
EP4239949A1 (en) 2023-09-06
US20220182226A1 (en) 2022-06-09
US11750373B2 (en) 2023-09-05
EP4239949A4 (en) 2024-04-24

Similar Documents

Publication Publication Date Title
US10742620B2 (en) Method for dynamic encryption and signing, terminal and server
US9485230B2 (en) Efficient key generator for distribution of sensitive material from multiple application service providers to a secure element such as a universal integrated circuit card (UICC)
US9240882B2 (en) Key generating device and key generating method
US20160352518A1 (en) Backup System with Multiple Recovery Keys
US20140149733A1 (en) System for encrypting content name
US20190349762A1 (en) Internet of things device
US10454910B2 (en) Management apparatus, computer program product, system, device, method, information processing apparatus, and server
KR20130111165A (en) Bluetooth low energy privacy
KR20160083128A (en) Method and system for encrypted communications
EP1875377A1 (en) Domain management method and apparatus
JP2019180042A (en) Communication device and computer program for communication device
RU2596597C2 (en) Management of group secrets by group members
EP3413505A1 (en) Communication apparatus, communication system, key sharing method, and computer-readable medium
CN111414628B (en) Data storage method and device and computing equipment
US10805286B2 (en) Mirrored communication devices in carrier networks
EP3511853A1 (en) Security authentication method, integrated circuit and system
EP2890083B1 (en) Key distribution system and method
WO2016035466A1 (en) Communication system, program for server device, recording medium recording this program, program for communication device, recording medium recording this program, program for terminal device, and recording medium recording this program
KR20220079192A (en) Method and apparatus for managing security key
KR101329084B1 (en) Method and apparatus of encryption/decryption for providing seamless cipher communication
US11750373B2 (en) Method and apparatus for managing security key
EP4319222A1 (en) Application layer key generation
CN115174188A (en) Message transmission method and device, electronic equipment and storage medium
US20220131687A1 (en) Device and method for updating immobilizer token in digital key sharing system
CN113169862B (en) Information processing method, terminal equipment and network system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination