CN1941696A - Encryption device and method for e-mail data - Google Patents
Encryption device and method for e-mail data Download PDFInfo
- Publication number
- CN1941696A CN1941696A CN 200610159959 CN200610159959A CN1941696A CN 1941696 A CN1941696 A CN 1941696A CN 200610159959 CN200610159959 CN 200610159959 CN 200610159959 A CN200610159959 A CN 200610159959A CN 1941696 A CN1941696 A CN 1941696A
- Authority
- CN
- China
- Prior art keywords
- smtp
- mail data
- encryption
- message
- encryption key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Computer And Data Communications (AREA)
- Information Transfer Between Computers (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present invention relates to an encryption device and method for e-mail data. The device encrypts the e-mail data by using the existed user's anthentication information when transmitting information by SMTP protocol, thereby can strengthen the security of the transmitted data. The present invention can be actualized by follow constitution: an encryption key module for generating the encryption key needed for encrypting the information of the SMTP that needed for transmitting the e-mail; an information encrypation module for encrypting the transmitted e-mail informatin by using the encryption key. Furthermore, the present invention can also be actualized by follow steps: a step for generating the encryption key needed for the SMTP using to transmitting the e-mail information; and a step for encrypting the transmitted e-mail information by using the generated encryption key.
Description
Technical field
The present invention relates to the encryption device and the method for e-mail data, particularly relate to and utilize Simple Mail Transfer protocol (SMTP:Simple mail transfer protocol, RFC2821) during message transfer, utilize original user authentication information that mail data is encrypted, thereby can strengthen encryption device and method about the e-mail data of transmission safety of data.
Background technology
Generally speaking, smtp protocol is the agreement that is used for transmission of e-mail (E-mail), and most of authentification of user function (only making designated user can transmit the function of mail) is provided, but the safety function about message (transmission data) is not provided.
Therefore, as shown in Figure 1, utilized the method for message transmission of smtp protocol to be in the past, in order to strengthen safety about message, need to use outside SSL (SSL:Secure Sockets Layer) or Transport Layer Security safe correlation modules such as (TLS:Transport Layer Security), message transfer between SMTP client and smtp server, or the message structure body encrypted such as multiduty internet mail extension agreement safe in utilization (S/MIME:Secure Multi Purpose Internet Mail Extensions).
As a reference, above-mentioned SSL be Netscape exploitation be used to protect ecommerce the time personal information security agreement, can't keep the problem of confidentiality to develop in order to overcome Internet protocol at secure context.TLS formulates for information protection that the individual is provided between two communication application programs and the integrality of data, is based on transport layer (Transport Layer) exploitation, so have and application protocol advantage independently.In addition, S/MIME is to use the method for RSA encryption system safe transmission Email.
But, there are the following problems to utilize above-mentioned SSL, TLS, S/MIME to improve the method for mail data safety function, that is, and and the using method complexity, need to use outside generally acknowledged authentication system, so there is the mobile communication terminal that is difficult to be applied to aspect performance and memory, exist restriction.
Summary of the invention
The object of the present invention is to provide a kind ofly when utilizing the smtp protocol message transfer, can utilize the encryption device and the method for the e-mail data that original user authentication information encrypts mail data.
In addition, the object of the present invention is to provide a kind of encryption device and method of e-mail data, it has added encryption function in the SMTP of no message encryption function, even do not utilize original other encryption device, SMTP self also can encrypt mail data.Thereby strengthened fail safe, also can be applied to aspect performance and memory, exist the mobile communication terminal of restriction easily.
In addition, the object of the present invention is to provide a kind of encryption device and method of e-mail data, it does not use complicated message structure such as S/MIME, so the simple email message in the form making terminal is easily analyzed (Parsing).
In addition, the object of the present invention is to provide a kind of encryption device and method of e-mail data, when using the smtp protocol message transfer, use the authentication information of between the server and client side, having shared to generate encryption key, use this encryption key message data is encrypted and to transmit.Thereby can not be subordinated to external security module such as SSL, TLS and use independently.
For realizing this purpose, e-mail data encryption device of the present invention comprises following a few part: the encryption key generation module, and it generates Email and sends required SMTP self encryption key required to message encryption; The message encryption module, it utilizes described encryption key that the email message that will send is encrypted.
In addition, for achieving the above object, e-mail data encryption method of the present invention comprises the steps: to generate SMTP self encrypts required encryption key to the email message that will send step; Utilize the encryption key of described generation, the step that the email message that send is encrypted.
Described SMTP is in the set order of input, promptly during SMTP function explosion command, carries out data encryption feature.
The encryption device of e-mail data of the present invention and method have been added encryption function in the SMTP of no message encryption function, even do not utilize original other encryption device, SMTP self also can encrypt mail data.Strengthen fail safe thereby have, also can be applied to aspect performance and memory, exist the effect of the mobile communication terminal of restriction easily.
Utilize described encryption key to from the other side, i.e. the message of the encryption that receives of client or server is decrypted.
In addition, the present invention does not use complicated message structures such as S/MIME, so have the simply email message of form making terminal, easily analyzes the effect of (Parsing).
In addition, the present invention uses the authentication information of having shared between the server and client side to generate encryption key when using the smtp protocol message transfer, uses this encryption key message data is encrypted and to transmit.Thereby the effect that has external security modules such as not to be subordinated to SSL, TLS and use independently.
Description of drawings
Fig. 1 is used to illustrate utilize the exemplary plot of the SMTP movement structure of security module such as SSL or TLS in the past.
Fig. 2 is the formation block diagram of e-mail data encryption device of the present invention.
Fig. 3 shows of the present inventionly to generate the message of encrypting at SMTP self, receives the exemplary plot of the step of transmission with server.
Fig. 4 is used to illustrate that encryption key of the present invention generates and utilize the exemplary plot of the message encryption method of this encryption key.
Fig. 5 is used to illustrate the exemplary plot that generates the SMTP movement structure of encryption key and encrypting messages at SMTP self of the present invention.
The symbol description of accompanying drawing major part:
101: command analysis portion 102: the timestamp generating unit
103: user profile preservation portion 104: encryption key generating unit
105: message preservation portion 106: message encryption portion
107: data sending part 108: data reception portion
109: decrypt messages portion
Embodiment
Fig. 2 is the formation block diagram of e-mail data encryption device of the present invention.As shown in the figure, 101 pairs of orders that send from client of command analysis portion are resolved, and judge whether to have transmitted SMTP function explosion command (Encrypt Mode).Described SMTP function explosion command is the order that SMTP self carries out the encryption function of message.
User profile preservation portion 103 keeping is about the user's that sends message information, the user's who inputs in order to use SMTP ID and password correspondingly, this user profile is shared mutually in SMTP client and server.
Encryption key generating unit 104 utilizes described timestamp information and user profile to generate encryption key k, and server and client side's timestamp information and the user profile of sharing are mutually made up, and utilizes set algorithm (example: MD5) generate encryption key.
The encryption key k that message encryption portion 106 utilizes described encryption key generating unit to generate encrypts the message of keeping in the message preservation portion 105.On the contrary, decrypt messages portion 109 utilizes the encryption key that self has, and the message of the encryption that receives from client (or server) is decrypted.
In addition, the message of the timestamp information of 108 pairs of described servers of data sending part 107 and data reception portion (or client) and encryption sends/receives.
Below the encryption method of utilizing the encryption device of the present invention that as above constitutes is described.
The present invention must expand the smtp protocol function by set explosion command in order to add data encryption feature in SMTP.For convenience, in an embodiment of the present invention, described SMTP function explosion command uses ' Encrypt Mode '.
By described SMTP function explosion command (Encrypt Mode), smtp server and client generate the encryption key of only temporarily sharing by the mutual parameter of exchange between the two, can carry out the reception transmission of the message of encrypting by this key.
For example, as shown in Figure 3, if from user end to server transmission SMTP function explosion command (Encrypt Mode) and set parameter (client time stamp) (seeing step S101), then server by utilizing is transferred to client (seeing step S102) to set response message (250 OK) and the parameter of self (server time stamp) about its reply.
Then, client is utilized user profile that self has had and the parameter that receives from described server, generates set encryption key, utilizes this encryption key to message encryption, and is transferred to server (seeing step S103).
And described server also utilizes user profile that self has had and the parameter that receives from described client, generates set encryption key.When being received in the message of described client encrypt and transmission, utilize the encryption key of described generation that message is decrypted (seeing step S104).
As shown in Figure 4, user profile that described encryption key utilization is shared by client and server and described SMTP function explosion command (Encrypt Mode) transmit the parameter that receives mutually and generate (seeing step S201) between client and server, utilize this encryption key that message is encrypted and transmit (seeing step S202).
Generate the required user profile of described encryption key and be in order to utilize SMTP by the mutual Sharing Information of client and server, utilized user's ID and password (Password),, utilized client time to stab and the server timestamp as parameter information.
As mentioned above, combination user profile and parameter information utilize set cryptographic algorithm (example: from MD5-Digest-input data creating 128 bit message summary, be used for the algorithm of verification of data integrity) to generate encryption key.
The encryption key of Sheng Chenging has only the server and client side to know like this.
Therefore, as shown in Figure 5, method for message transmission of the present invention has utilized the smtp protocol of function expansion, it does not use security modules such as outside SSL or TLS, generates encryption key by SMTP self, can utilize this encryption key message is encrypted and to transmit or decipher, therefore can guarantee safety about message, using method is simple simultaneously, need not many loads, so also can easily be applied to mobile communication terminal.
Above with reference to accompanying drawing, useful embodiment of the present invention is illustrated.Wherein, term that uses in this specification and claims book or word can not be defined in ordinary meaning or dictionary meanings is explained, must be by meaning that meets the technology of the present invention thought and concept explanation.
As the above-mentioned explanation of doing, the encryption device of e-mail data of the present invention and method have been added encryption function in the SMTP of no message encryption function, even do not utilize original other encryption device, SMTP self also can encrypt mail data.Strengthen fail safe thereby have, also can be applied to aspect performance and memory, exist the effect of the mobile communication terminal of restriction easily.
In addition, the present invention does not use complicated message structures such as S/MIME, so have the simply email message of form making terminal, easily analyzes the effect of (Parsing).
In addition, the present invention uses the authentication information of having shared between the server and client side to generate encryption key when using the smtp protocol message transfer, uses this encryption key message data is encrypted and to transmit.Thereby the effect that has external security modules such as not to be subordinated to SSL, TLS and use independently.
Above-mentioned embodiment is only in order to explanation the present invention, and non-limiting the present invention.
Claims (17)
1. an e-mail data encryption device is characterized in that, comprises following a few part:
The encryption key generation module generates Email and sends required SMTP self encryption key required to message encryption;
The message encryption module utilizes described encryption key that the email message that will send is encrypted.
2. e-mail data encryption device according to claim 1 is characterized in that, described SMTP carries out data encryption feature when importing set order.
3. e-mail data encryption device according to claim 1 is characterized in that, also comprises a timestamp generation module, and this timestamp generation module generates the set parameter that need use when described SMTP self generates encryption key, i.e. timestamp information.
4. e-mail data encryption device according to claim 3, it is characterized in that, for described timestamp information, when client sends SMTP function explosion command, the timestamp of self is transferred to server, the server that receives described SMTP function explosion command is transferred to client to the timestamp of self, only shares this timestamp information by relative client and server.
5. e-mail data encryption device according to claim 1 is characterized in that, also comprises one in order to use described SMTP, preserves module for the user profile of SMTP client and server keeping same subscriber information.
6. e-mail data encryption device according to claim 5 is characterized in that, described user profile is user's ID and password.
7. according to claim 1 or 3 described e-mail data encryption devices, it is characterized in that described encryption key generation module utilizes described timestamp information and user profile, generate encryption key.
8. e-mail data encryption device according to claim 1 is characterized in that, also comprises a message that receives described encryption, utilizes the encryption key that self has that message is decrypted required decrypt messages module.
9. an e-mail data encryption method is characterized in that, comprises following several steps:
Generate SMTP self encrypts required encryption key to the email message that will send step;
Utilize the encryption key of described generation, the step that the email message that send is encrypted.
10. e-mail data encryption method according to claim 9 is characterized in that, also comprises the steps: described SMTP in order to carry out encryption function, and the encryption that exchange can be shared between smtp server and client generates parameter.
11. e-mail data encryption method according to claim 10 is characterized in that, described parameter is the timestamp information by smtp server and each self-generating of client.
12. e-mail data encryption method according to claim 9 is characterized in that, the message encryption of described SMTP moves and is, the SMTP client transmissions is the SMTP function explosion command of agreement in advance, and server is carried out by differentiating this order.
13., it is characterized in that described client is transferred to server to the set parameter that self generates and can shares according to claim 11 or 12 described e-mail data encryption methods when the described SMTP function explosion command of transmission.
14. e-mail data encryption method according to claim 13 is characterized in that, described server is together being transferred to client about the set response message of described SMTP function explosion command and the parameter of self and can sharing.
15. e-mail data encryption method according to claim 9 is characterized in that, described encryption key is to utilize the user profile that self had and generate from the parameter that server or client receive.
16. e-mail data encryption method according to claim 15 is characterized in that, utilizes described encryption key that the message of the encryption that receives from the other side is decrypted.
17. e-mail data encryption method according to claim 15 is characterized in that, described user profile is user's ID and password.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| KR20050092596 | 2005-09-30 | ||
| KR1020050092596 | 2005-09-30 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1941696A true CN1941696A (en) | 2007-04-04 |
Family
ID=37959510
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200610159959 Pending CN1941696A (en) | 2005-09-30 | 2006-09-28 | Encryption device and method for e-mail data |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1941696A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100555937C (en) * | 2007-11-20 | 2009-10-28 | 重庆大学 | A kind of E-mail encryption transmitting-receiving system |
| CN101714957B (en) * | 2009-10-30 | 2011-12-07 | 北京航空航天大学 | System for managing nonrepudiative evidence of mass mails by third party |
| CN103528619A (en) * | 2012-07-04 | 2014-01-22 | 腾讯科技(深圳)有限公司 | Overseas service testing method and system, testing platform, and overseas testing machine |
-
2006
- 2006-09-28 CN CN 200610159959 patent/CN1941696A/en active Pending
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100555937C (en) * | 2007-11-20 | 2009-10-28 | 重庆大学 | A kind of E-mail encryption transmitting-receiving system |
| CN101714957B (en) * | 2009-10-30 | 2011-12-07 | 北京航空航天大学 | System for managing nonrepudiative evidence of mass mails by third party |
| CN103528619A (en) * | 2012-07-04 | 2014-01-22 | 腾讯科技(深圳)有限公司 | Overseas service testing method and system, testing platform, and overseas testing machine |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Rahim | Man-in-the-middle-attack prevention using interlock protocol method | |
| US9209969B2 (en) | System and method of per-packet keying | |
| CN109743171B (en) | Key series method for solving multi-party digital signature, timestamp and encryption | |
| US7350069B2 (en) | System and method which employs a multi user secure scheme utilizing shared keys | |
| CN1234662A (en) | Enciphered ignition treatment method and apparatus thereof | |
| CN102196375A (en) | Securing out-of-band messages | |
| CN105610847B (en) | A method of support more switching node electronic government documents safe transmissions to exchange | |
| JP2009253650A (en) | Transmission and reception system, transmission device, reception device, authentication device, user device, method executed by those, and program | |
| CN114499857B (en) | Method for realizing data correctness and consistency in encryption and decryption of large data quanta | |
| CN1917424A (en) | Method for upgrading function of creditable calculation modules | |
| CN102271330A (en) | Terminal, network server and method for communication between terminal and network server | |
| CN101854594A (en) | Method and device for transmitting information and method and device for receiving information | |
| US20240154944A1 (en) | Encrypted data communication and gateway device for encrypted data communication | |
| KR101707602B1 (en) | Method for authenticating secure message based on hash tree and apparatus therefor | |
| CN1941696A (en) | Encryption device and method for e-mail data | |
| CN111800784A (en) | Block chain cloud service system based on cloud computing | |
| CN1949196A (en) | Method, device and system for storage data in portable device safely | |
| Mishra | Network security protocol for constrained resource devices in Internet of things | |
| CN111865908B (en) | Resource-constrained system secure communication method based on random encryption strategy | |
| US10686592B1 (en) | System and method to provide a secure communication of information | |
| Suo et al. | Encryption technology in information system security | |
| Ratshinanga et al. | A security mechanism for secure sms communication | |
| JP2005167635A (en) | Apparatus, and data transmission reception method | |
| Gohel | Introduction to Network & Cybersecurity | |
| CN111641494A (en) | Method and device for realizing global block chain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20070404 |