KR102024058B1 - Device in multicast group - Google Patents

Abstract

The present invention relates to a device in a multicast group, comprising an operation processing unit which performs: (a) a process of extracting one or more keys and obtaining a correspondence relation between a first serial number to an n serial number and the one or more keys, by performing, while increasing i from one to n (where n is a natural number greater than or equal to two), (a-1) a process of obtaining an i^th key packet including an i^th serial number and i^th encryption key data, (a-2) a process of obtaining i^th key data obtained by decrypting the i^th encryption key data using a group key of the multicast group, and (a-3) a process of decoding the i^th key data according to a key data interpretation standard; and (b) a process of obtaining first message data to n^th message data by performing, while increasing i from one to n, (b-1) a process of obtaining an i^th data packet including an i^th serial number and i^th encryption message data, (b-2) assigning a decryption key used to decrypt the i^th encryption message data among the one or more keys based on the correspondence relation, and (b-3) a process of obtaining i^th message data obtained by decrypting the i^th encryption message data using the decryption key.

Description

Devices in Multicast Groups {DEVICE IN MULTICAST GROUP}

The present disclosure relates to a device in a multicast group, and more particularly, to a device in a multicast group that receives and signal-processes encrypted message data and encryption key data for decrypting the encrypted message data. It is about.

The publisher-subscriber pattern is one of the asynchronous messaging patterns. The publish-subscribe pattern is used by senders (generally referred to as "issuers") within a multicast group to send message data to one or more receivers (generally referred to as "subscribers") using multicast. do. The multicast group includes a plurality of devices, one of which is designated as a publisher and the other devices as subscribers. That is, generally there is one publisher and one or more subscribers within a particular multicast group. According to the publish-subscribe pattern, the publisher generally does not know which subscribers will receive the message data, and the subscriber may receive the desired message data even without accurate knowledge of the publisher. The publish-subscribe pattern can be used for a publisher to send message data to a subscriber, for example, in a multicast group that includes multiple devices used for wireless communication. The publish-subscribe pattern may also be used by publishers to send message data to subscribers within a multicast group, including, for example, various devices used for Internet of Things (IoT) communication.

As mentioned above, the publisher does not know which subscribers will receive the message data, so that an unauthorized device can receive the message data. Thus, in order to prevent devices other than devices in the multicast group, i.e., unauthorized devices, from receiving message data, an encryption key (hereinafter referred to as a "group key") for devices in the multicast group may be used. have. The issuer encrypts the message data using the group key and sends it to the subscriber, and the subscriber decrypts the received encrypted message data using the group key. As a group key, generally a symmetric key can be used. For example, Korean Patent Publication No. 10-2014-0006996, entitled "Traffic Encryption Key Management for Machine-to-Machine Multicast Groups," filed on February 28, 2012 by LG Electronics, and published January 16, 2014. (Patent Document 1) discloses a method of updating a group traffic key (i.e., "group key" herein) used to encrypt and decrypt multicast data (i.e., message data) by way of example.

On the other hand, to prevent unauthenticated devices from sending message data and receiving subscribers from misunderstanding that the message data was sent by an authenticated publisher, it is also referred to as a message authentication code (commonly referred to as "MAC"). Can be used. For example, Korean Patent Publication No. 10-2017-0089747 (Patent Document 2) entitled "thing authentication system and method" filed on October 17, 2016 and published on August 4, 2017 by LG Electronics, An example method of using a message authentication code for authentication within the Internet is disclosed. For example, the message authentication code can be generated using a hash function. The issuer adds a message authentication code to the message data and then sends the message data appended with the message authentication code to the subscriber. The subscriber compares the result of the operation using the hash function with the received message data and the message authentication code included in the received message data. If the result of the operation and the message authentication code is the same, the message data may be considered to be sent by the authorized issuer.

However, even when using a group key or a message authentication code as described above, security problems may occur. For example, if the malicious device knows the group key and the message authentication code, the malicious device can also receive and use the message data.

1. Korean Patent Publication No. 10-2014-0006996. 2. Korean Patent Publication No. 10-2017-0089747.

An object of the technique disclosed herein is to multicast a multicast group that can enhance the security of a multicast group by obtaining key data for decrypting encrypted message data based on a serial number and decrypting the encrypted message data using the obtained key data. It is to provide a device in a group.

Another object of the technology disclosed herein is to obtain a return address and an authentication key corresponding to the message data using return address extraction information included in the key data, and to connect with the computing device using the obtained return address and authentication key. It is to provide a device in a multicast group.

In order to achieve the above technical problem, according to one aspect of the technology disclosed herein, as a device in a multicast group, (a) increasing i from 1 to n (where n is a natural number of two or more), and (a-1) A process of obtaining an i-th key packet including an i-th serial number and i-th encryption key data; (a-2) an i-th key obtained by decrypting the i-th encryption key data using a group key of the multicast group; Performing a process of acquiring data and (a-3) a process of decoding the i-th key data according to a key data interpretation standard, thereby extracting one or more keys, Obtaining a corresponding relationship of one or more keys; And (b) increasing i from 1 to n, while (b-1) obtaining an i th data packet comprising an i th serial number and an i th encrypted message data; A process of designating a decryption key used to decrypt the i-th encrypted message data among the one or more keys based on (b-3) an i-th message that decrypts the i-th encrypted message data using the decryption key; By performing a process of acquiring data, a device including an arithmetic processing unit that performs a process of acquiring first to nth message data is provided.

According to the technology disclosed herein, it is possible to enhance the security of the multicast group by obtaining key data for decrypting the encrypted message data based on the serial number and decrypting the encrypted message data using the obtained key data. In addition, the return address and the authentication key corresponding to the message data may be obtained using the return address extraction information included in the key data, and the connection device may be connected to the computing device using the obtained return address and the authentication key.

1 illustrates an exemplary configuration of a device in a multicast group according to the first embodiment disclosed herein.
2 shows an exemplary configuration of a multicast group including a device according to the first embodiment.
3 exemplarily illustrates a first process performed by the arithmetic processing unit of the device according to the first embodiment;
4 shows an exemplary configuration of an i-th key packet according to the first embodiment;
5A to 5D show an exemplary configuration of the i-th key data.
FIG. 6 illustratively shows the correspondence of the first through n th serial numbers with one or more keys according to the first embodiment; FIG.
FIG. 7 exemplarily shows a process of decrypting i-th encryption key data in the device according to the first embodiment; FIG.
FIG. 8 exemplarily shows a second process performed by the arithmetic processing unit of the device according to the first embodiment; FIG.
9 shows an exemplary configuration of an i-th data packet according to the first embodiment.
FIG. 10 exemplarily shows a process of decrypting i-th encrypted message data in the device according to the first embodiment; FIG.
FIG. 11 exemplarily illustrates a third process performed by the arithmetic processing unit of the device according to the first embodiment; FIG.
FIG. 12 is a diagram illustrating a relationship between message data and return address extraction information in the device according to the first embodiment; FIG.
FIG. 13 exemplarily shows processing using a return address and an authentication key in the device according to the first embodiment; FIG.
14 illustrates an exemplary configuration of a device in a multicast group according to the second embodiment disclosed herein.
Fig. 15 shows an exemplary configuration of a multicast group including a device according to the second embodiment.
Fig. 16 shows an exemplary configuration of an i-th integrated data packet according to the second embodiment.
FIG. 17 exemplarily illustrates a first process performed by the arithmetic processing unit of the device according to the second embodiment; FIG.
FIG. 18 exemplarily shows a process of decrypting i-th encryption key data in the device according to the second embodiment; FIG.
FIG. 19 exemplarily shows a process of decrypting i-th encrypted message data in a device according to the second embodiment; FIG.
20 is a diagram illustrating a second process performed by the arithmetic processing unit of the device according to the second embodiment.

Hereinafter, embodiments of a device in a multicast group according to the present disclosure will be described in more detail with reference to the accompanying drawings. Meanwhile, in the drawings for describing the exemplary embodiments of the present disclosure, only a part of the actual configuration may be illustrated, a part may be omitted, a modified view, or a scale may be differently illustrated for convenience of description.

<First Embodiment>

1 is a diagram illustrating an exemplary configuration of a device in a multicast group according to the first embodiment disclosed herein.

Referring to FIG. 1, the device 100 according to the first embodiment includes an arithmetic processing unit 110. The detailed configuration of the calculation processing unit 110 will be described later.

In addition, the device 100 may further include a group key decryption unit 140 and a key decryption unit 150. The group key decryption unit 140 and the key decryption unit 150 are also collectively referred to as a decryption unit 130.

The decryption unit 130 may be implemented using a highly secure security module, for example, a security module according to any one of the EMV (Europay MasterCard Visa) standard and the Trusted Execution Environment (TEE) standard.

The group key decryption unit 140 stores the group key and decrypts the data using the group key. The group key may be, for example, either a group key of the first multicast group 200 or a group key of the second multicast group 300. Hereinafter, the group key is assumed to be a group key of the first multicast group 200.

The key decryption unit 150 stores one or more keys and decrypts data using any one or more keys. At least one key is a key for decrypting the first to n th data packets described later. However, n is a natural number of 2 or more.

2 is a diagram illustrating an exemplary configuration of a multicast group including a device according to the first embodiment disclosed herein.

Referring to FIG. 2, the multicast group according to the first embodiment includes a first multicast group 200 and a second multicast group 300.

The first multicast group 200 includes a publisher 210 and one or more devices. More specifically, one or more devices include, for example, devices 100-1 through 100-x. Where x is a natural number of 1 or more. The first multicast group 200 is, for example, a multicast group for delivering the first to n th key packets described later, and the issuer 210 transmits one or more devices to the first to n th key packets described later. For example, the data is transmitted to the device 100-1 to the device 100-x. One or more devices, such as devices 100-1 through 100-x, are preferably substantially the same as the device 100 described above. That is, one or more devices, such as the device 100-1 to the device 100-x, includes an operation processing unit 110, and the decryption unit 130, that is, the group key decryption unit 140 and the key decryption unit 150. ) May be further included.

The second multicast group 300 includes a publisher 310 and one or more devices. More specifically, one or more devices include, for example, devices 100-1 through 100-x. The second multicast group 300 is, for example, a multicast group for delivering the first data packet to the n-th data packet, which will be described later, and the issuer 310 transmits the first data packet to the n-th data packet which will be described later. For example, the data is transmitted to the device 100-1 to the device 100-x.

Referring to FIG. 2, one or more devices, such as devices 100-1 through 100-x, belong to the first multicast group 200 and also belong to the second multicast group 300.

Meanwhile, referring to FIG. 2, although the issuer 210 and the issuer 310 are shown as separate devices, the same device may operate as the issuer 210 and the issuer 310. That is, the same one device may operate as the issuer 210 of the first multicast group 200 and the issuer 310 of the second multicast group 300.

Referring to FIG. 2, one or more devices, such as devices 100-1 to 100-x, may be connected to the computing device 400 using a return address and an authentication key, which will be described later. The computing device 400 will be described later.

1 and 2, the first embodiment will be described in more detail.

As described above, the device 100 includes a calculation processing unit 110.

The arithmetic processing unit 110 performs the processing described below.

<First treatment>

The first process is a process of acquiring a correspondence relationship between the first serial number and the n-th serial number and one or more keys.

FIG. 3 is a diagram exemplarily illustrating a first process performed by the arithmetic processing unit of the device according to the first embodiment.

The operation processing unit 110 performs the next processing while increasing i sequentially from 1 to 1 by 1.

First, the operation processor 110 obtains an i-th key packet including an i-th serial number and i-th encryption key data (S110). More specifically, the operation processor 110 may receive, for example, the data stream including the first to n-th key packets from the issuer 210.

4 is a diagram illustrating an exemplary configuration of an i-th key packet according to the first embodiment. Referring to FIG. 4, the i th key packet includes an i th serial number and an i th encryption key data. The i-th serial number is assigned sequentially corresponding to a 1st key packet thru an nth key packet. For example, if the serial number of the first key packet is " 101 ", the serial number of the second key packet is designated sequentially in the form of " 102 ".

Next, the operation processor 110 obtains the i-th key data obtained by decrypting the i-th encryption key data using the group key (S120).

5A to 5D are diagrams illustrating an exemplary configuration of the i-th key data.

For example, referring to FIG. 5A, the i-th key data includes key identification information, start serial number, and key. The key identification information is identification information of the key. For example, key identification information is designated as "key # 1". The starting serial number indicates the serial number to which the key corresponding to "key # 1" is applied. For example, if the starting serial number is "101" and the serial number of the first key packet is "101", it indicates that the key corresponding to "key # 1" is applied from the first key packet. The key is a key value corresponding to the key identification information. For example, if the key corresponding to "key # 1" is "0x12 0x23 0xfa ... 0xa0", the key has a value of "0x12 0x23 0xfa ... 0xa0". If the i th serial number is less than the start serial number, the operation processor 110 determines that the i th key data is abnormal.

In this manner, the i-th key data includes a key corresponding to the i-th serial number. That is, it includes a key used for decrypting the i-th data packet corresponding to the i-th serial number. In the above example, a key whose key identification information is "key # 1" and whose key value is "0x12 0x23 0xfa ... 0xa0" is used to decrypt the i-th data packet.

For example, referring to FIG. 5B, the i-th key data includes key identification information, start serial number, key, and initial vector. The key identification information, the starting serial number and the key are the same as in FIG. 5A described above. The initial vector is an initial value for encrypting / decrypting data.

For example, referring to FIG. 5C, the i-th key data includes key identification information, a start serial number, a key, a key change time serial number, and an additional key. The key identification information, the starting serial number and the key are the same as in FIG. 5A described above. The key change time serial number indicates the serial number of the key change time when the additional key starts to be applied. For example, the i th serial number is "102", the key identification information is "key # 1", the start serial number is "101", the key is "0x12 0x23 0xfa ... 0xa0", and the key change time serial number is " 104 "and the additional key is" 0x42 0xa3 0xab ... 0x35 ", in order to decrypt the i-th data packet corresponding to the i-th serial number, the key identification information is" key # 1 "and the key value is" 0x12 0x23 0xfa ". ... 0xa0 "key is used, and the serial number" 104 "indicates that an additional key, i.e., a key value of" 0x42 0xa3 0xab ... 0x35 ", is used. Although not shown in FIG. 5C, the i-th key data may further include identification information of the additional key. For example, it may further include "key # 2" which is identification information of the additional key.

As such, the i th key data may include a key corresponding to the i th serial number, key change information for acquiring a k th serial number (where k is a natural number greater than i) and a key corresponding to the k th serial number. . The key change information for obtaining the k-th serial number is, for example, the above-described key change time serial number. The key corresponding to the kth serial number is, for example, the additional key described above. Meanwhile, the key change information for acquiring the k-th serial number may include, for example, a difference value from the i-th serial number. For example, in the example with reference to FIG. 5C described above, the i-th key data may include key identification information, start serial number, key, serial number difference value, and additional key. For example, in the example with reference to FIG. 5C described above, since the i-th serial number is illustrated as "102" and the key change time serial number as "104", the serial number difference value may be designated as "2".

The reason why the i-th key data further includes the additional key is for smooth operation of the operation processing unit 110. That is, the calculation processing unit 110 may acquire a key corresponding to the k th serial number in advance, for example, before processing the k th data packet.

For example, referring to FIG. 5D, the i th key data includes key identification information, a start serial number, a key, and an i th return address extraction information. The key identification information, the starting serial number and the key are the same as in FIG. 5A described above. The i th return address extraction information is information for extracting a return address and an authentication key included in the i th message data. The i-th return address extraction information may include, for example, information such as a start position and length of the return address and a start position and length of the authentication key in the i-th message data.

The authentication key is, for example, a key used for authentication and encryption between the computing device 400 and the device 100. For example, the issuer 310 may receive the return address and the authentication key from the computing device 400 and insert the return address and the authentication key into the i-th message data. For example, the issuer 210 receives information from the issuer 310 such as the location and length of inserting the return address and the authentication key into the i-th message data to generate the i-th return address extraction information, and then the i-th return address extraction information. Can be inserted into the i-th key data.

Although the i th key data has been exemplarily described with reference to FIGS. 5A to 5D, the i th key data is not limited thereto. For example, the i-th key data may be configured by combining the examples disclosed in FIGS. 5A to 5D, and may further include other information. For example, the i th key data may include key identification information, a start serial number, a key, an initial vector, a key change time serial number, an additional key, and an i th return address extraction information. In addition, the i th return address extraction information may be configured in another form.

In addition, the key data may be set differently according to the serial number. For example, the first key data included in the first key packet includes key identification information, a starting serial number and a key, and the second key data included in the second key packet includes key identification information, a starting serial number, a key, and a key change. It may also include a viewpoint serial number and an additional key.

Next, the calculation processing unit 110 decodes the i-th key data according to the key data analysis standard (S130).

The i-th key data obtained through the process S120 is interpreted according to the key data analysis standard. The key data interpretation standard indicates a rule for decoding the information contained in the i-th key data, and includes, for example, the starting position and length of the key identification information, the starting position and length of the starting serial number, the starting position and length of the key, and the initial vector. Information about whether or not it is included, the starting position and length of the initial vector, whether additional keys are included, the starting position and length of the key change point serial number, the starting position and length of the additional keys, and the i-th return address extraction information. Information such as whether there is one, the start position and the length of the i-th return address extraction information.

The operation processing unit 110 extracts one or more keys and performs correspondence between the first serial number and the n th serial number and the one or more keys by performing the processes S110 to S130 while sequentially increasing i from 1 to 1 by 1. Acquire a relationship (S140).

FIG. 6 is a diagram exemplarily illustrating a correspondence relationship between a first serial number through an nth serial number and one or more keys according to the first embodiment; FIG.

6 shows, for example, when n is 5, the first serial number to the nth serial number are "101" to "105", the key identification information is "key # 1", and the key value is "0x12 0x23 0xfa ... 0xa0". The correspondence relationship is shown with reference to the above-mentioned example in which the key and key identification information are "key # 2 " and the key value is " 0x42 0xa3 0xab ... 0x35 ".

Referring to FIG. 6, the first data packet corresponding to the first serial number to the third data packet corresponding to the third ellen number have key identification information "key # 1" and a key value "0x12 0x23 0xfa ... The fifth data packet (n-th data packet) corresponding to the fourth data number corresponding to the fourth serial number to the fifth serial number (n-th serial number) corresponding to the key of "xaxa0" and the key identification information is " key # 2 "and the key corresponds to the key" 0x42 0xa3 0xab ... 0x35 ".

 That is, referring to the correspondence relationship, the first data packet corresponding to the first serial number to the third data packet corresponding to the third ellen number have key identification information "key # 1" and a key value "0x12 0x23 0xfa." The fifth data packet (n-th data packet) that is decrypted using a key having a value of 0xa0 "and that corresponds to the fourth to fifth serial number (n-th serial number) corresponding to the fourth serial number is identified. The information is decrypted using a key of "key # 2" and a key value of "0x42 0xa3 0xab ... 0x35".

The calculation processing unit 110 obtains the i-th key data through the processing S120. For example, the operation processor 110 may directly decrypt the i-th encryption key data using the group key to obtain the i-th key data. However, as described above, the group key decryption unit 140 is implemented using a security module having a very high security, for example, a security module according to any one of the EMV standard and the TEE standard. Therefore, the operation processor 110 may obtain the i-th key data by using the group key decoder 140.

7 is a diagram exemplarily illustrating a process of decrypting i-th encryption key data in the device according to the first embodiment.

Referring to FIG. 7, first, the operation processor 110 obtains a group key (S210). For example, if the group key is the group key of the aforementioned first multicast group 200, the operation processing unit 110 obtains the group key from the issuer 210 or a device providing the group key of the first multicast group 200. do. For example, if the group key is the group key of the aforementioned second multicast group 300, the operation processing unit 110 obtains the group key from the device providing the group key of the issuer 310 or the second multicast group 300. do.

Next, the operation processor 110 transmits the group key to the group key decryption unit 140 (S220). The group key decryption unit 140 stores the group key (S230).

Processes S210 to S230 are performed before performing the first process described with reference to FIG. 3, for example.

Through processing S210 to S230, the operation processing unit 110 may obtain a group key and store the group key in the group key decryption unit 140.

After obtaining the i-th key packet through the process S110, the operation processor 110 transmits the i-th encryption key data to the group key decryption unit 140 (S240). The group key decryption unit 140 decrypts the i-th encryption key data using the group key to generate the i-th key data (S250). Next, the group key decryption unit 140 transmits the i-th key data to the operation processing unit 110 (S260).

As such, the operation processor 110 may obtain the i-th key data through the processes S210 to S260. Thereafter, the calculation processing unit 110 performs the above-described processing S130.

<Second treatment>

The second process is a process of acquiring the first message data to the nth message data.

8 is a diagram illustrating a second process performed by the arithmetic processing unit of the device according to the first embodiment.

The operation processing unit 110 performs the next processing while increasing i sequentially from 1 to 1 by 1.

First, an i th data packet including an i th serial number and an i th encrypted message data is obtained (S310). More specifically, the operation processor 110 may receive, for example, a data stream including the first data packet to the n-th data packet from the issuer 310.

9 is a diagram illustrating an exemplary configuration of an i-th data packet according to the first embodiment.

 Referring to FIG. 9, an i th data packet includes an i th serial number and an i th encrypted message data. The i-th serial number is sequentially assigned, for example corresponding to a 1st data packet th nth data packet. For example, if the serial number of the first data packet is 101, the serial number of the second data packet is sequentially designated in the form of 102. The serial number of each of the first to n-th key packets is the same as the serial number of each of the first to n-th data packets. For example, if the serial number of the first key packet is "101", the serial number of the first data packet is also "101". For example, when n is 5, if the serial number of the nth key packet (fifth key packet) is "105", the serial number of the nth data packet (fifth data packet) is also "105".

Next, the operation processor 110 designates a decryption key used for decrypting the i-th encrypted message data among one or more keys based on the correspondence obtained through the first process (S320).

That is, the decryption key used for decrypting the i-th encrypted message data is specified based on the i-th serial number of the i-th data packet.

For example, in the example with reference to FIG. 6 described above, the first data packet corresponding to the first serial number to the third data packet corresponding to the third serial number have the key identification information "key # 1" and the key value " 0x12 0x23 0xfa ... 0xa0 ", and the fifth data packet (n-th data packet) corresponding to the fourth to fifth serial numbers (n-th serial number) corresponding to the fourth serial number The key identification information corresponds to a key of "key # 2" and a key value of "0x42 0xa3 0xab ... 0x35". Accordingly, the operation processing unit 110 designates a decryption key used to decrypt the i-th encrypted message data among one or more keys based on the correspondence relationship.

Next, the operation processor 110 obtains the i-th message data obtained by decrypting the i-th encrypted message data using the decryption key (S330).

The operation processing unit 110 acquires the first message data to the nth message data by performing processes S310 to S330 while sequentially increasing i from 1 to 1 by 1 (S340).

The first message data to the n-th message data are, for example, message data transmitted by the issuer 310, for example, divided into n pieces of message data. If the message data is divided into n pieces, the operation processor 110 may restore the message data by merging the first message data to the nth message data.

On the other hand, the operation processor 110 may directly decrypt the i-th encrypted message data using a decryption key to obtain the i-th message data. However, as described above, the key decryption unit 150 is implemented using a security module having a very high security, for example, a security module according to any one of the EMV standard and the TEE standard. Therefore, the operation processor 110 may obtain the i-th message data by using the key decoder 150.

10 is a diagram exemplarily illustrating a process of decrypting i-th encrypted message data in the device according to the first embodiment.

Referring to FIG. 10, first, the operation processor 110 obtains one or more keys (S410). The calculation processing unit 110 may obtain one or more keys, for example, through the above-described processing S140.

Next, the operation processing unit 110 transmits one or more keys to the key decryption unit 150 (S420). The key decryption unit 150 stores one or more keys (S430).

After receiving the i-th data packet through the process S310 and specifying the decryption key through the process S320, the operation processor 110 transmits the identification information of the decryption key and the i-th encrypted message data to the key decryptor 150 (S440). ). The key decryption unit 150 decrypts the i-th encrypted message data using the decryption key to generate the i-th message data (S450). Next, the key decryption unit 150 transmits the i-th message data to the operation processing unit 110 (S460).

As such, the operation processor 110 may obtain the i-th message data through the processes S410 to S460. Thereafter, the calculation processing unit 110 performs the above-described processing S340.

<Third treatment>

The third process is a process of obtaining a return address and an authentication key.

As described above, the i-th key data may further include i-th return address extraction information for extracting a return address and an authentication key included in the i-th message data.

FIG. 11 is a diagram illustrating a third process performed by the arithmetic processing unit of the device according to the first embodiment.

First, the operation processor 110 obtains a return address and an authentication key based on at least one of the first message data and the n-th message data (S510). For example, suppose that the n-th key data further includes n-th return address extraction information for extracting a return address and an authentication key included in the n-th message data, and the operation processor 110 is based on the n-th return address extraction information. Parse the n-th message data to extract the return address and authentication key.

12 is a diagram illustrating a relationship between message data and return address extraction information in the device according to the first embodiment.

For example, the n-th return address extracting information obtained from the n-th key data includes information such as the start position and length of the return address and the start position and length of the authentication key in the n-th message data. Therefore, the operation processing unit 110 returns from the n-th message data by using information such as the start position of the return address and the length of the return address, the start position of the authentication key, and the length of the authentication key included in the control return address extraction information. Extract the address and authentication key.

Next, the operation processing unit 110 connects to the computing device identified by the return address obtained through the process S510 and performs authentication with the computing device using the authentication key obtained through the process S510 (S520). For example, the return address may be a network address of the computing device 400 shown in FIG. 2. The computing device 400 stores the authentication key in advance.

13 is a diagram exemplarily showing processing using a return address and an authentication key in the device according to the first embodiment.

Referring to FIG. 13, the operation processor 110 accesses the computing device 400 by using a return address (S610). Next, the calculation processing unit 110 transmits the authentication request to the computing device 400 (S620). Next, upon receiving the authentication request, the computing device 400 generates authentication data (S630), and transmits the authentication data to the calculation processing unit 110 (S640). The authentication data is data for confirming whether the authentication key stored in the computing device 400 and the authentication key acquired by the operation processor 110 are the same, and the format and length thereof are not particularly limited. Next, the calculation processing unit 110 encrypts the authentication data using the authentication key to generate encrypted authentication data (S650), and transmits the encrypted authentication data to the computing device 400 (S660). Next, the computing device 400 compares the decrypted value of the encrypted authentication data with the authentication key and the authentication data, and generates an authentication result (S670). If the decrypted value and the authentication data are the same, the computing device 400 is the same as the authentication key stored by the computing device 400 and the authentication key acquired by the operation processing unit 110, that is, the authentication result is generated by the authentication success. do. If the decrypted value and the authentication data are not the same, the computing device 400 generates an authentication result due to the authentication failure. Next, the computing device 400 transmits the authentication result to the calculation processing unit 110 (S680).

Once the authentication of the computing device 400 and the operation processing unit 110 is successful, the computing device 400 and the operation processing unit 110 transmit and receive encrypted data encrypted using, for example, an authentication key, and authenticate the encrypted data. It can be decrypted using a key.

According to the first embodiment described above, the security of the multicast group can be enhanced. In order for the malicious device not belonging to the multicast group to decrypt the key packet and the data packet, both the group key and the key data interpretation specification must be known. However, the group key is stored using a highly secure security module, and the encryption key data contained in the key packet cannot be interpreted unless the key data interpretation standard is known. Therefore, it is practically impossible for a malicious device to decrypt the message data.

In addition, according to the first embodiment, the device may connect with the computing device using the return address and the authentication key included in the message data, and perform authentication with the computing device. Therefore, encrypted communication with the computing device can be performed using the authentication key.

Second Embodiment

14 is a diagram illustrating an exemplary configuration of a device in a multicast group according to the second embodiment disclosed herein.

Referring to FIG. 14, the device 100 ′ according to the second embodiment includes an operation processor 110 ′. The detailed configuration of the calculation processing unit 110 'will be described later.

In addition, the device 100 ′ may further include a group key decryption unit 140 and a key decryption unit 150. The group key decryption unit 140 and the key decryption unit 150 are also collectively referred to as a decryption unit 130. Since the group key decryption unit 140 and the key decryption unit 150 according to the second embodiment are the same as the group key decryption unit 140 and the key decryption unit 150 according to the first embodiment, detailed description thereof will be omitted. .

FIG. 15 is a diagram illustrating an exemplary configuration of a multicast group including a device according to the second embodiment disclosed herein.

Referring to FIG. 15, the multicast group 200 ′ according to the second embodiment includes a publisher 210 ′ and one or more devices. More specifically, one or more devices include, for example, devices 100'-1 through 100'-x. Where x is a natural number of 1 or more. The multicast group 200 'is, for example, a multicast group for delivering the first unified data packet to the n-th unified data packet described later, and the issuer 210' is the first unified data packet to the n-th unified data packet described later. Is transmitted to one or more devices, such as device 100'-1 to device 100'-x. However, n is a natural number of 2 or more. One or more devices, such as devices 100'-1 through 100'-x, are preferably substantially the same as the device 100 'described above. That is, one or more devices, such as devices 100'-1 through 100'-x, include arithmetic processing unit 110 ', and decryption unit 130, that is, group key decryption unit 140 and key decryption. The unit 150 may further include.

Referring to FIG. 15, one or more devices, such as devices 100 ′ -1 through 100 ′ -x may be connected to the computing device 400.

16 is a diagram illustrating an exemplary configuration of an i-th integrated data packet according to the second embodiment.

Referring to FIG. 16, an i th integrated data packet includes an i th serial number, an i th encryption key data, and an i th encrypted message data.

The i-th serial number and the i-th encryption key data are substantially the same as the i-th serial number and the i-th encryption key data according to the first embodiment.

The i-th encrypted message data is substantially the same as the configuration of the i-th encrypted data according to the first embodiment. However, the i-th encrypted message data according to the second embodiment may further include an i-th serial number encrypted using the group key.

Hereinafter, the processing performed by the calculation processing unit 110 'will be described in detail.

<First treatment>

The first process is a process of obtaining first message data to n-th message data.

17 is a diagram exemplarily illustrating a first process performed by the arithmetic processing unit of the device according to the second embodiment.

The operation processing unit 110 ′ performs the next processing while increasing i sequentially from 1 to n by 1.

First, the operation processor 110 ′ obtains the i-th integrated data packet including the i-th serial number, the i-th encryption key data, and the i-th encrypted message data (S710). More specifically, the operation processor 110 ′ may receive a data stream from the issuer 210 ′ including, for example, a first integrated data packet to an nth integrated data packet.

Next, the operation processor 110 ′ obtains the i-th key data obtained by decrypting the i-th encryption key data of the i-th integrated data packet using the group key (S720).

Since the i-th key data according to the second embodiment is substantially the same as the i-th key data of the first embodiment, detailed description thereof will be omitted.

Next, the operation processor 110 ′ decodes the i-th key data according to a key data analysis standard, and extracts one or more keys including at least a decryption key for decrypting the i-th encrypted message data (S730). .

Next, the operation processor 110 ′ obtains the i-th message data obtained by decrypting the i-th encrypted message data using the decryption key (S740).

The operation processing unit 110 ′ obtains the first message data to the nth message data by performing processes S710 to S740 while sequentially increasing i from 1 to 1 by 1 (S750).

Meanwhile, similarly to the first embodiment, the calculation processing unit 110 ′ according to the second embodiment may obtain the i-th key data using the group key decryption unit 140.

18 is a diagram exemplarily showing a process of decrypting i-th encryption key data in the device according to the second embodiment.

Referring to FIG. 18, first, the operation processor 110 ′ obtains a group key (S210 ′). The processing S210 'is substantially the same as the processing S210 of the first embodiment, and thus detailed description thereof is omitted.

Next, the operation processing unit 110 ′ transmits the group key to the group key decryption unit 140 (S220 ′). The group key decryption unit 140 stores the group key (S230 ').

Processing S210 'to S230' is performed before performing the first processing described with reference to Fig. 17, for example.

Through the processing S210 ′ to the processing S230 ′, the operation processing unit 110 ′ may acquire the group key and store the group key in the group key decryption unit 140.

After receiving the i-th integrated data packet including the i-th encryption key data through the process S710, the operation processor 110 ′ transmits the i-th encryption key data to the group key decryption unit 140 (S240 ′). The group key decryption unit 140 decrypts the i-th encryption key data using the group key to generate the i-th key data (S250 '). Next, the group key decryption unit 140 transmits the i-th key data to the operation processing unit 110 '(S260').

As such, the operation processor 110 ′ may acquire the i th key data through the processes S210 ′ to S260 ′. Thereafter, the calculation processing unit 110 'performs the above-described processing S730.

Meanwhile, similarly to the first embodiment, the operation processor 110 ′ according to the second embodiment may obtain the i-th message data by using the key decoder 150.

19 is a diagram exemplarily illustrating a process of decrypting i-th encrypted message data in the device according to the second embodiment.

Referring to FIG. 19, first, the operation processor 110 ′ obtains one or more keys (S410 ′). The calculation processing unit 110 ′ may acquire one or more keys, for example, through the above-described processing S730.

Next, the operation processor 110 ′ transmits one or more keys to the key decryption unit 150 (S420 ′). The key decryption unit 150 stores one or more keys (S430 ′).

After obtaining the i-th integrated data packet including the i-th encrypted message data through the process S710 and extracting the decryption key through the process S730, the operation processing unit 110'keys the identification information of the decryption key and the i-th encrypted message data. The data is transmitted to the decoder 150 (S440 '). The key decryption unit 150 generates the i th message data by decrypting the i th encrypted message data using the decryption key (S450 ').

Next, the key decryption unit 150 transmits the i-th message data to the operation processing unit 110 '(S460'). When the i-th encrypted message data further includes an i-th serial number encrypted using the group key, the operation processor 110 ′ receives the i-th serial number and the key decryption unit 150 obtained through the process S710. The i-th message data may be determined to be normal when the i-th serial numbers included in the i-th message data are compared and matched.

As such, the operation processing unit 110 ′ may obtain the i th message data through the processing S410 ′ to the processing S460 ′.

<Second treatment>

The second process is a process of obtaining a return address and an authentication key.

As described above, the i-th key data may further include i-th return address extraction information for extracting a return address and an authentication key included in the i-th message data.

20 is a diagram illustrating a second process performed by the arithmetic processing unit of the device according to the second embodiment.

First, the operation processor 110 ′ obtains a return address and an authentication key based on at least one of the first message data to the n-th message data (S510 ′). For example, suppose that the n-th key data further includes n-th return address extraction information for extracting a return address and an authentication key included in the n-th message data, and the operation processor 110 ′ is based on the n-th return address extraction information. Parse the control message data to extract the return address and authentication key.

Next, the operation processing unit 110 ′ connects to the computing device identified by the return address obtained through the process S510 ′, and performs authentication with the computing device using the authentication key obtained through the process S510 ′ ( S520 '). For example, the return address may be a network address of the computing device 400 shown in FIG. 2. The computing device 400 stores the authentication key in advance.

Since the processing using the return address and the authentication key is substantially the same as the processing using the return address and the authentication key according to the first embodiment, for example, with reference to Fig. 13, detailed description thereof will be omitted.

According to the second embodiment described above, the security of the multicast group can be enhanced. In order for a malicious device not belonging to a multicast group to decrypt an integrated data packet in which key data and message data are integrated, both a group key and a key data interpretation specification must be known. However, the group key is stored using a very secure security module, and the encryption key data cannot be interpreted without knowing the key data interpretation standard. Therefore, it is practically impossible for a malicious device to decrypt the message data. In addition, since the integrated data packet in which the key data and the message data are integrated can be received and signal processed, the key data and the message data can be received in synchronization at all times.

In addition, according to the second embodiment, the device may connect with the computing device using the return address and the authentication key included in the message data, and perform authentication with the computing device. Therefore, encrypted communication with the computing device can be performed using the authentication key.

<Other Embodiments>

Although embodiments of the technology disclosed herein have been described in detail, these are merely illustrative of the technology disclosed herein, and those skilled in the art to which the technology disclosed herein belongs will have the essential characteristics of the technology disclosed herein. Various modifications may be made without departing from the scope of the invention.

For example, in the first embodiment, the first to n-th key packets are delivered to the operation processing unit 110 through the first multicast group 200. However, the i-th key packet, that is, the first to n-th key packet may be transmitted through unicast. That is, the i-th key packet may be transmitted through the unicast communication between the issuer 210 and the device 100.

Further, in the first embodiment, the i th serial number included in the i th key packet or the i th serial number included in the i th data packet may also be encrypted. For example, when a symmetric key structure is used in a multicast group, the i th serial number included in the i th key packet may be encrypted using a group key, and the i th serial number included in the i th data packet is decrypted. It may be encrypted using a key.

In addition, the message data may further include a message authentication code (MAC).

Therefore, the embodiments described herein are not intended to limit the technology disclosed herein but to explain, and the spirit and scope of the technology according to the present disclosure are not limited by these embodiments. The scope of the technology disclosed herein should be construed by the claims below, and any technology within equivalent scope will be construed as being included in the scope of the technology disclosed herein.

According to the technology disclosed herein, it is possible to enhance the security of the multicast group by obtaining key data for decrypting the encrypted message data based on the serial number and decrypting the encrypted message data using the obtained key data. In addition, the return address and the authentication key corresponding to the message data may be obtained using the return address extraction information included in the key data, and the connection device may be connected to the computing device using the obtained return address and the authentication key.

100: device 110: arithmetic processing unit
130: decryption unit 140: group key decryption unit
150: key decryption unit 200: first multicast group
210: Issuer 300: Second Multicast Group
310: Publisher 400: Computing Device

Claims (19)

As a device in a multicast group,
(a) increasing i from 1 to n (where n is a natural number of 2 or more), while (a-1) processing to obtain the i-th key packet including the i-th serial number and the i-th encryption key data; (a -2) processing for obtaining i-th key data obtained by decrypting the i-th encryption key data using the group key of the multicast group, and (a-3) decoding the i-th key data according to a key data analysis standard; Processing to extract one or more keys and obtain a corresponding relationship between the first to n-th serial numbers and the one or more keys; And (b) increasing i from 1 to n, while (b-1) obtaining an i th data packet comprising an i th serial number and an i th encrypted message data; A process of designating a decryption key used to decrypt the i-th encrypted message data among the one or more keys based on the (b-3) i-th message that decrypts the i-th encrypted message data using the decryption key; An arithmetic processing unit that performs a process of acquiring the first message data to the nth message data by performing a process of acquiring data
Device comprising a. The method of claim 1,
A group key decryption unit that stores the group key and decrypts data using the group key; And
A key decryption unit that stores the one or more keys and decrypts data using any one of the one or more keys
More,
(C) processing for acquiring the group key and storing the group key in the group key decryption unit; And (d) storing the one or more keys extracted by the processing (a) in the key decryption unit.
Further performing the device. The method of claim 2,
The processing (a-2) is a process of transmitting the i-th encryption key data to the group key decryption unit and receiving the i-th key data from the group key decryption unit.
Device comprising a. The method of claim 2,
The processing (b-3) is a process of transmitting identification information of the decryption key and the i-th encrypted message data to the key decryption unit and obtaining the i-th message data from the key decryption unit.
Device comprising a. The method of claim 1,
The processing (b-2) is a process of designating, as the decryption key, a key corresponding to the i-th serial number among the one or more keys.
Device comprising a. The method of claim 1,
And the i-th key data includes a key corresponding to the i-th serial number. The method of claim 6,
And the i th key data further comprises key change information for obtaining a k th serial number (where k is a natural number greater than i) and a key corresponding to the k th serial number. The method of claim 6,
And the i-th key data further includes i-th return address extraction information for extracting a return address and an authentication key included in the i-th message data. The method of claim 8,
The calculation processing unit may include: (c) processing to obtain the return address and the authentication key based on at least one of first message data and n-th message data; And (d) accessing the computing device identified by the return address and performing authentication with the computing device using the authentication key.
Further performing the device. The method of claim 1,
The multicast group includes a first multicast group and a second multicast group.
The i-th key packet is received through a first multicast group,
And the i-th data packet is received through a second multicast group different from the first multicast group. The method of claim 10,
And the group key is one of a group key of the first multicast group and a group key of the second multicast group. The method of claim 1,
The i-th key packet is received through unicast,
And the i-th data packet is received via the multicast group. As a device in a multicast group,
increasing i from 1 to n (where n is a natural number of two or more), wherein: (a) obtaining an i-th integrated data packet comprising the i-th serial number, the i-th encryption key data and the i-th encrypted message data; (b) obtaining i-th key data obtained by decrypting the i-th encryption key data using a group key of the multicast group; (c) extracting at least one key including at least a decryption key for decoding the i-th key data according to a key data interpretation standard to decrypt the i-th encrypted message data; And (d) a processing processor for acquiring the first message data to the nth message data by performing a process of acquiring i-th message data obtained by decrypting the i-th encrypted message data using the decryption key.
Device comprising a. The method of claim 13,
A group key decryption unit that stores the group key and decrypts data using the group key; And
A key decryption unit that stores the one or more keys and decrypts data using any one of the one or more keys
More,
The calculation processing unit includes: (e) processing to store the group key in the group key decryption unit; And (f) storing the one or more keys extracted by the processing (c) in the key decryption unit.
Further performing the device. The method of claim 14,
The processing (b) is a process of transmitting the i-th encryption key data to the group key decryption unit and receiving the i-th key data from the group key decryption unit.
Device comprising a. The method according to claim 14,
The processing (d) is a process of transmitting identification information of the decryption key and the i-th encrypted message data to the key decryption unit and obtaining the i-th message data from the key decryption unit.
Device comprising a. The method of claim 13,
And the i-th key data includes the decryption key, key change information for obtaining a k-th serial number (where k is a natural number greater than i) and a key corresponding to the k-th serial number. The method of claim 13,
And the i-th key data further includes i-th return address extraction information for extracting a return address and an authentication key included in the i-th message data. The method of claim 18,
The operation processing unit may include: (g) processing to obtain the return address and the authentication key based on at least one of first message data to n-th message data; And (h) a process of accessing the computing device identified by the return address and performing authentication with the computing device using the authentication key.
Further performing the device.

Images