KR102055380B1 - A security-enhanced messages transmission and reception techniques - Google Patents

Abstract

According to an embodiment of the present invention, disclosed is a computer program stored in a computer-readable storage medium. The computer program includes instructions for allowing a control unit of a sender terminal to perform the following steps. The steps comprise the following steps of: receiving recipient information and a message from a user; recognizing the size of the message; and selecting a channel to transmit the message between a normal channel and a secure channel based on the size of the message.

Description

A SECURITY-ENHANCED MESSAGES TRANSMISSION AND RECEPTION TECHNIQUES}

The present disclosure relates to a security-enhanced message transmission / reception scheme.

As network communication technology is rapidly developed and multimedia technology is diversified, various programs capable of transmitting and receiving information through a network are provided. One such program is a messenger program using a chat system.

The messenger program is not only able to provide a basic messenger function for communicating with a partner in a general chat window, but also variously used as a messenger equipped with multimedia functions and additional functions such as file transfer and sharing.

In most enterprises, the messenger program enables the company to handle internal tasks. In addition to simple text transmission, it is also possible to send group chats, documents, photos, and other files. Recently, with the spread of smart phones, it is possible to install a private messenger program on a mobile phone, chat, send files, etc., in addition to a phone or text service installed in a mobile phone.

However, recently, a problem about the security of the private messenger program has emerged. Therefore, there is a need in the art for a messenger program that transmits or receives a message in a security enhanced manner.

Republic of Korea Patent Publication No. 10-2017-0035031

The present disclosure has been made in response to the above-described background, and provides a method for transmitting and receiving a message with enhanced security.

The technical problems of the present disclosure are not limited to the technical problems mentioned above, and other technical problems not mentioned will be clearly understood by those skilled in the art from the following description.

A computer program stored in a computer readable storage medium according to some embodiments of the present disclosure to solve the above problems includes instructions for the control unit of the sender terminal to perform the following steps, the steps: Receiving recipient information and a message from a user; Recognizing the size of the message; And selecting a channel for transmitting the message from a general channel and a secure channel based on the size of the message.

The selecting of the general channel and the secure channel on the basis of the message size may include selecting the general channel as a channel for transmitting the message when the size of the message exceeds a preset size. Making; Or when the size of the message is less than or equal to a preset size, selecting the secure channel as a channel for transmitting the message.

The method may further include: when the general channel is selected as a channel for transmitting the message, generating first signature data encrypting the message using a private key of a public key infrastructure (PKI) associated with the sender terminal; Calculating a first value associated with a message destination address based on the recipient information; Generating a first signal comprising the first value, a second value representing the order of the message, the message and the first signature data; And transmitting the first signal to at least one first node associated with the general channel such that the first signal is transmitted to a receiver terminal corresponding to the receiver information. It may further include.

In addition, when the secure channel is selected as a channel for transmitting the message, recognizing whether the size of the message is less than the predetermined size; If it is recognized that the size of the message is less than the preset size, padding the message to generate the first data such that the size of the message is a preset size; Generating second signature data by encrypting the first data using a private key of a PKI associated with the sender terminal; Recognizing a public key of a PKI associated with a receiver terminal corresponding to the receiver information; Generating first encrypted data by encrypting the first data using the public key; Recognizing a message discard time previously stored in a memory of the sender terminal; Calculating a first value associated with a message destination address based on the recipient information; Generating a second signal comprising the message discard time, the first value, a second value indicating the order of the message, the second signature data and the first encrypted data; And transmitting the second signal to at least one second node associated with the secure channel through a communication unit of the transmitter terminal such that the second signal is transmitted to a receiver terminal corresponding to the receiver information. have.

The method may further include: transmitting a discard signal to the at least one second node when receiving a command from the user to discard the message at the at least one second node before the message discard time; It may further include, and the discard signal may include the first value and the second value to enable the retrieval of the message.

In addition, the discard signal may have the same magnitude as the second signal.

In addition, when it is recognized that the size of the message is less than the preset size, the step of padding the message to generate the first data so that the size of the message is a predetermined size, the size of the message is And generating the first data by performing padding on the message using zero bits to have a set size.

Also, when the secure channel is selected as a channel for transmitting the message, recognizing whether the size of the message matches the preset size; Generating a third signature data of encrypting the message by using a private key of a PKI associated with the sender terminal when it is recognized that the size of the message matches the preset size; Recognizing a public key of a PKI associated with a receiver terminal corresponding to the receiver information; Generating second encrypted data encrypting the message using the public key; Recognizing a message discard time previously stored in a memory of the sender terminal; Calculating a first value associated with a message destination address based on the recipient information; Generating a third signal comprising the message discard time, the first value, a second value representing the order of the message, the third signature data and the second encrypted data; And transmitting the third signal to at least one second node associated with the secure channel through a communication unit of the transmitter terminal such that the third signal is transmitted to a receiver terminal corresponding to the receiver information. have.

The method may further include: transmitting a discard signal to the at least one second node when receiving a command from the user to discard the message at the at least one second node before the message discard time; Further, wherein the discard signal may include the first value and the second value to enable the retrieval of the message.

In addition, the discard signal may have the same magnitude as the third signal.

A computer program stored in a computer readable storage medium according to some embodiments of the present disclosure includes instructions for causing a control unit of a receiver terminal to perform the following steps, which are related to a message receiving address of the receiver terminal. Calculating a first value; Sending a query comprising the first value to at least one first node associated with a normal channel and at least one second node associated with a secure channel; Receiving a signal corresponding to the query from the at least one first node or the at least one second node after transmitting the query; Extracting a message included in the signal from the signal; And displaying the message on an execution screen of a messenger program.

The signal may include the message and the first signature data when the signal is received from the at least one first node, and extracting a message included in the signal from the signal may include extracting the first signature data. Extracting first data by decrypting using a public key of a public key infrastructure (PKI) associated with a transmitter terminal of the signal; And determining whether to extract the message from the signal based on whether the message matches the first data.

Further, determining whether to extract the message from the signal based on whether the message and the first data match, if the message and the first data does not match, the message in the signal Determining not to extract; Or if the message and the first data match, determining to extract the message from the signal; It may include.

The signal may include second signature data and first encrypted data when received from the at least one second node, and extracting a message included in the signal from the signal comprises: a sender of the signal. Recognizing the public key of the PKI associated with the terminal; Extracting first data by decrypting the second signature data using the public key; Extracting second data by decrypting the first encrypted data using a private key of a PKI associated with the receiver terminal; And determining whether to extract the message from the second data based on whether the first data and the second data match. It may include.

In addition, determining whether to extract a message from the second data based on whether the first data and the second data match, when recognizing that the first data and the second data match, Determining to extract the message from the second data; Or if it is recognized that the first data and the second data do not match, determining that the message is not extracted from the second data.

The technical solutions obtained in the present disclosure are not limited to the above-mentioned solutions, and other solutions not mentioned above are clearly described to those skilled in the art from the following description. It can be understood.

The present disclosure can provide a method for transmitting and receiving a message with enhanced security.

Effects obtained in the present disclosure are not limited to the above-mentioned effects, and other effects not mentioned above may be clearly understood by those skilled in the art from the following description. .

Various aspects are now described with reference to the drawings, wherein like reference numerals are used to refer to like components throughout. In the following examples, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of one or more aspects. However, it will be apparent that such aspect (s) may be practiced without these specific details.
1 is a schematic diagram of a message transmission and reception system according to some embodiments of the present disclosure.
2 is a block diagram illustrating a sender terminal according to some embodiments of the present disclosure.
3 is a block diagram illustrating a receiver terminal according to some embodiments of the present disclosure.
4 is a flowchart illustrating an example of a method of selecting a channel for transmitting a message by a sender terminal according to some embodiments of the present disclosure.
5 is a flowchart illustrating an example of a method of selecting a channel for transmitting a message according to a size of a message by a sender terminal according to some embodiments of the present disclosure.
6 is a flowchart illustrating an example of a method of transmitting a message through a general channel in a sender terminal according to some embodiments of the present disclosure.
7 is a flowchart illustrating an example of a method of transmitting a message through a secure channel in a sender terminal according to some embodiments of the present disclosure.
8 is a flowchart illustrating an example of a method of receiving a message by a receiver terminal according to some embodiments of the present disclosure.
9 is a flowchart illustrating an example of a method of determining whether to extract a message from a signal when a receiver terminal receives a signal through a general channel according to some embodiments of the present disclosure.
10 is a flowchart illustrating an example of a method of determining whether to extract a message from a signal when a receiver terminal receives a signal through a secure channel according to some embodiments of the present disclosure.
11 shows a brief general schematic diagram of an example computing environment in which embodiments of the present disclosure may be implemented.

Various embodiments and / or aspects are now disclosed with reference to the drawings. In the following description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of one or more aspects. However, it will also be appreciated by one of ordinary skill in the art that this aspect (s) may be practiced without these specific details. The following description and the annexed drawings set forth in detail certain illustrative aspects of the one or more aspects. However, these aspects are exemplary and some of the various methods in the principles of the various aspects may be used and the descriptions described are intended to include all such aspects and their equivalents. Specifically, as used herein, “an embodiment”, “an example”, “aspect”, “an example” and the like are not to be construed that any aspect or design described is better or advantageous than other aspects or designs. It may not.

Regardless of the reference numerals, the same or similar components are given the same reference numerals and redundant description thereof will be omitted. In addition, in describing the embodiments disclosed herein, when it is determined that the detailed description of the related known technology may obscure the gist of the embodiments disclosed herein, the detailed description thereof will be omitted. In addition, the accompanying drawings are intended to facilitate understanding of the embodiments disclosed herein, and the technical spirit disclosed herein is not limited by the accompanying drawings.

Although the first, second, etc. are used to describe various elements or components, these elements or components are of course not limited by these terms. These terms are only used to distinguish one element or component from another element or component. Therefore, the first device or component mentioned below may be a second device or component within the technical idea of the present invention.

Unless otherwise defined, all terms (including technical and scientific terms) used in the present specification may be used in a sense that can be commonly understood by those skilled in the art. In addition, the terms defined in the commonly used dictionaries are not ideally or excessively interpreted unless they are specifically defined clearly.

In addition, the term “or” is intended to mean an inclusive “or” rather than an exclusive “or”. In other words, unless specified otherwise or unambiguously in context, "X uses A or B" is intended to mean one of the natural implicit substitutions. That is, X uses A; X uses B; Or where X uses both A and B, "X uses A or B" may apply in either of these cases. Also, it is to be understood that the term "and / or" as used herein refers to and includes all possible combinations of one or more of the related items listed.

In addition, the terms "comprises" and / or "comprising" mean that such features and / or components are present, but exclude the presence or addition of one or more other features, components, and / or groups thereof. It should be understood that it does not. Also, unless otherwise specified or in the context of indicating a singular form, the singular in the specification and claims should generally be interpreted as meaning "one or more."

In addition, the terms "information" and "data" as used herein are often used interchangeably.

The suffixes "module" and "unit" for components used in the following description are given or mixed in consideration of ease of specification, and do not have distinct meanings or roles from each other.

The objectives and effects of the present disclosure and the technical configurations for achieving them will be apparent with reference to the embodiments described below in detail with the accompanying drawings. In describing the present disclosure, when it is determined that a detailed description of a known function or configuration may unnecessarily obscure the subject matter of the present disclosure, the detailed description will be omitted. In addition, terms to be described below are terms defined in consideration of functions in the present disclosure, and may vary according to a user's or operator's intention or custom.

However, the present disclosure is not limited to the embodiments disclosed below, but may be implemented in various forms. The present embodiments are merely provided to make the present disclosure complete and to fully convey the scope of the disclosure to those skilled in the art, and the present disclosure is only defined by the scope of the claims. . Therefore, the definition should be made based on the contents throughout the specification.

1 is a schematic diagram of a message transmission and reception system according to some embodiments of the present disclosure.

Referring to FIG. 1, a message transmission / reception system may include a sender terminal 100, a receiver terminal 200, a general channel 300, and a secure channel 400. However, the above-described components are not essential in implementing the message transmission / reception system, and thus the message transmission / reception system may have more or fewer components than those listed above.

The sender terminal 100 may refer to a terminal associated with a user who transmits a message. Here, the transmitter terminal 100 includes a mobile phone, a smart phone, a laptop computer, a digital broadcasting terminal, a personal digital assistant (PDA), a portable multimedia player (PMP), a navigation device, and a slate PC. , Tablet PCs, ultrabooks, wearable devices (eg, smartwatches, glass glasses, head mounted displays), digital TVs, Desktop computers, digital signage, and the like. However, the present invention is not limited thereto.

The receiver terminal 200 may refer to a terminal associated with a user who receives a message. Here, the receiver terminal 100 includes a mobile phone, a smart phone, a laptop computer, a digital broadcasting terminal, a personal digital assistant (PDA), a portable multimedia player (PMP), a navigation device, and a slate PC. , Tablet PCs, ultrabooks, wearable devices (eg, smartwatches, glass glasses, head mounted displays), digital TVs, Desktop computers, digital signage, and the like. However, the present invention is not limited thereto.

According to some embodiments of the present disclosure, a user who wants to transmit a message may input message and receiver information into the sender terminal 100. When the sender terminal 100 receives the receiver information and the message input from the user, the sender terminal 100 transmits a signal including the message through the general channel 300 or transmits the message through the secure channel 400 based on the size of the message. It may be determined whether to transmit a signal including. Here, the receiver information may be information related to the receiver terminal 200, that is, information related to the receiver to receive the message. For example, the receiver information may be information for identifying the receiver terminal 200, such as an IP (Internet Protocol) address of the receiver terminal 200, or may be information for identifying the receiver itself. However, the present invention is not limited thereto, and various types of information required to transmit a message to the receiver terminal 200 may be included in the receiver information. The size of the message may mean a data size occupied by the message itself.

The general channel 300 may refer to a transmission path for delivering a message faster than the secure channel 400. For example, the general channel 300 may mean a transmission path for transmitting a message having a large data size. However, the present invention is not limited thereto. Here, the general channel 300 may include at least one first node 301, 302, 303, 304.

Each of the at least one first node 301, 302, 303, 304 may include a processor and a storage. In addition, a routing table may be stored in each storage unit of at least one first node 301, 302, 303, and 304. Here, the routing table may be a table in which information on which path is used when a signal containing a value is received is recorded. Meanwhile, when the processor of the at least one first node 301, 302, 303, 304 receives a signal from the sender terminal 100, the processor of the at least one first node 301, 302, 303, 304 may include a first value related to the message reception address included in the received signal and a routing table. Based on the routing path can be determined. Here, the first value may mean a value calculated based on the message reception address. A method of calculating the first value will be described later in more detail with reference to FIG. 6.

In detail, any one first node 301 included in the general channel 300 may receive a signal. In this case, the processor of the first node 301 may recognize the signal transmission path corresponding to the first value included in the received signal using the routing table. Here, the routing table may record information on how to set the signal transmission path according to the size of the first value included in the received signal. Thus, the processor of the first node 301 may determine the next node to receive the signal using the routing table. In this manner, an unencrypted message may be delivered to the receiver terminal 200.

Meanwhile, according to some embodiments of the present disclosure, at least one first node included in the general channel 300 may route the signal in a probabilistic manner.

The secure channel 400 may mean a transmission path for transmitting a message in a security-enhanced manner. For example, the secure channel 400 may refer to a transmission path through which a signal including an encrypted message is transmitted. However, the present invention is not limited thereto. Here, the secure channel 300 may include at least one second node 401, 402, 403, 404. Each of the at least one second node 401, 402, 403, 404 may include a processor and a storage. In addition, a routing table may be stored in each storage unit of at least one second node 401, 402, 403, and 404. Accordingly, when the processor of the at least one second node 401, 402, 403, 404 receives a signal from the sender terminal 100, the processor determines a first value related to the message receiving address included in the received signal and a routing table. Based on the routing path can be determined.

In detail, any one second node 401 included in the secure channel 400 may receive a signal. In this case, the processor of the second node 401 may recognize the signal transmission path corresponding to the first value included in the received signal using the routing table. Here, the routing table may record information on how to set the signal transmission path according to the size of the first value included in the received signal. Accordingly, the processor of the second node 401 may use the routing table to determine the next node to receive the signal. In this manner, an encrypted message may be delivered to the receiver terminal 200.

Meanwhile, according to some embodiments of the present disclosure, at least one second node included in the secure channel 400 may route the signal in a probabilistic manner.

Meanwhile, each of the at least one second node 401, 402, 403, 404 included in the secure channel 400 may further include a volatile memory that stores a signal including an encrypted message only for a preset time. . The volatile memory may include random access memory (RAM), static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), thyristor RAM (T-RAM), zero capacitor RAM (Z-RAM), or TTRAM ( Twin Transistor RAM).

In detail, when the sender terminal 100 generates a signal including an encrypted message, the transmitter terminal 100 may recognize a message discard time previously stored in a memory. The sender terminal 100 may include a message discard time in a signal including an encrypted message and transmit the message discard time to at least one second node 401, 402, 403, 404 included in the secure channel 400. In this case, the processors of all the second nodes 401, 402, 403, and 404 included in the secure channel 400 may recognize periodically or aperiodically whether the message discard time included in the signal has elapsed. In addition, when the processor of each of the second nodes 401, 402, 403, and 404 included in the secure channel 400 recognizes that the message discard time included in the signal has elapsed, the volatile memory of the at least one second node. The signal including the encrypted message stored in can be deleted. Thus, the encrypted message may be present in the volatile memory of the at least one second node for a long time, thereby preventing the security from being weakened.

However, the present invention is not limited thereto, and the signal including the encrypted message stored in the volatile memory may be deleted when the discard signal is received from the sender terminal 100. Specifically, when the sender terminal 100 receives a command from the user to discard the message at the at least one second node before the message discard time, the sender terminal 100 sends the discard signal to the at least one second node 401, 402, 403,. 404). In this case, each of the at least one second node 401, 402, 403, 404 may propagate a discard signal to all the second nodes 401, 402, 403, 404 included in the secure channel 400. In addition, all the second nodes 401, 402, 403, and 404 included in the secure channel 400 may delete a signal including the encrypted message based on the discard signal from the volatile memory.

On the other hand, the size of the discard signal may have the same size as the signal containing the encrypted message. This is to prevent the hacker from recognizing the signal content only if the signal is a signal containing the message or discarding the signal if the hacker attempts to confirm the content of the message. Here, the discard signal may include a first value associated with the message destination address and a second value indicating the order of the message to enable retrieval of the message. Accordingly, every second node 401, 402, 403, 404 included in the secure channel 400 uses the first value and the second value included in the discard signal to send a signal containing the message to discard. It can be recognized by the volatile memory of the nodes 401, 402, 403, 404.

Although the general channel 300 and the secure channel 400 are represented in FIG. 1, the general channel 300 and the secure channel 400 are not limited thereto, and the general channel 300 and the secure channel 400 are not distinguished from each other and simply transmit a message. It may be different. That is, the nodes constituting the normal channel 300 and the secure channel 400 are the same, but the message transmission method may be different when the message is transmitted through the normal channel 300 and the message is transmitted through the secure channel 400. Can be. However, the present disclosure will be described by dividing the normal channel 300 and the secure channel 400 for convenience of description.

On the other hand, according to the present disclosure, the sender terminal 100, the receiver terminal 200 and the nodes constituting each of the general channel 300 and the secure channel 400 generates a dummy signal to generate a continuous load on the network It may propagate to all nodes constituting each of the channel 300 and the secure channel 400. In this case, the node generating the dummy signal may be determined by a preset protocol. Here, the dummy signal may be a signal that does not include a message and has no meaning. If a dummy signal is propagated and there is a constant load on the network, a hacker can make it difficult to find a signal in the network that contains the necessary information.

Meanwhile, according to some embodiments of the present disclosure, when at least one second node included in the secure channel 400 receives a signal, it may determine whether the integrity of the signal is recognized. The at least one second node included in the secure channel 400 may record the signal in the storage unit of each of the at least one second node only when it is recognized that the integrity of the signal is recognized. Here, the at least one second node may recognize whether the integrity of the signal is recognized by confirming whether all essential fields according to a predetermined protocol exist in the signal.

2 is a block diagram illustrating a sender terminal according to some embodiments of the present disclosure.

The transmitter terminal 100 may include a communication unit 110, a user input unit 120, a memory 130, and a controller 140. However, the components shown in FIG. 2 are not essential in implementing the sender terminal 100, so that the sender terminal 100 described herein has more or fewer components than those listed above. Can have

The communication unit 110 may include a transmitter between the transmitter terminal 100 and at least one first node included in the general channel 300, between the transmitter terminal 100 and at least one second node included in the secure channel 400. It may include one or more modules that enable wireless communication between the terminal 100 and the receiver terminal 200. In addition, the communication unit 110 may include one or more modules for connecting the sender terminal 100 to one or more networks.

The user input unit 120 is for receiving information from a user. When information is input through the user input unit 120, the controller 140 may control an operation of the transmitter terminal 100 to correspond to the input information. . The user input unit 120 may include a mechanical input means (or a mechanical key, for example, buttons located on the front, rear, or side surfaces of the transmitter terminal 100, a dome switch, a jog wheel, Jog switch, etc.) and touch input means. As an example, the touch input means may include a virtual key, a soft key, or a visual key displayed on the touch screen through a software process, or a portion other than the touch screen. The virtual key or the visual key may be displayed on the touch screen while having various forms, for example, graphic or text. ), An icon, a video, or a combination thereof.

The memory 130 may store data supporting various functions of the sender terminal 100. The memory 130 may store a plurality of application programs or applications that are driven by the sender terminal 100, data for operating the sender terminal 100, and instructions. At least some of these applications may be downloaded from an external server via wireless communication. In addition, at least some of these application programs may exist on the sender terminal 100 from the time of shipment for basic functions (for example, call forwarding, call forwarding, message reception, and call forwarding) of the sender terminal 100. Meanwhile, the application program may be stored in the memory 130 and installed on the sender terminal 100 to be driven by the controller 140 to perform an operation (or function) of the sender terminal 100.

The memory 130 may be a flash memory type, a hard disk type, a solid state disk type, an SSD type, a silicon disk drive type, or a multimedia card micro type. ), Card-type memory (e.g., SD or XD memory), random access memory (RAM), static random access memory (SRAM), read-only memory (ROM), electrically erasable programmable read It may include at least one type of storage medium of -only memory (PROM), programmable read-only memory (PROM), magnetic memory, magnetic disk and optical disk. The sender terminal 100 may be operated in connection with a web storage that performs a storage function of the memory 130 on the Internet.

In addition to the operation related to the application program, the controller 140 typically controls the overall operation of the sender terminal 100. The controller 140 may provide or process information or a function appropriate to a user by processing signals, data, information, and the like, which are input or output through the above-described components, or driving an application program stored in the memory 130.

In addition, the controller 140 may control at least some of the components described with reference to FIG. 2 in order to drive an application program stored in the memory 130. In addition, the controller 140 may operate at least two or more of the components included in the sender terminal 100 in combination with each other to drive the application program.

At least some of the components may operate in cooperation with each other to implement an operation, control, or control method of the transmitter terminal 100 according to various embodiments described below. In addition, the operation, control, or control method of the sender terminal 100 may be implemented on the sender terminal 100 by driving at least one application program stored in the memory 130.

According to some embodiments of the present disclosure, the user input unit 120 may receive recipient information and a message from a user. In this case, the controller 140 may recognize the size of the message received from the user. Here, the message may simply mean a message including only text, but is not limited thereto and may mean a message including an image, a video, and the like. When the size of the message is recognized, the controller 140 may select a channel to transmit the message from the general channel and the secure channel based on the size of the message. Detailed description thereof will be described later in more detail with reference to FIGS. 4 to 7.

3 is a block diagram illustrating a receiver terminal according to some embodiments of the present disclosure.

The receiver terminal 200 may include a communication unit 210, a user input unit 220, a memory 230, a display unit 240, and a control unit 250. However, the components shown in FIG. 3 are not essential in implementing the receiver terminal 200, and thus, the receiver terminal 200 described herein may have more or fewer components than those listed above. Can have

The communication unit 210 may include a receiver between the receiver terminal 200 and at least one first node included in the general channel 300, and between the receiver terminal 200 and at least one second node included in the secure channel 400. It may include one or more modules that enable wireless communication between the terminal 100 and the receiver terminal 200. In addition, the communication unit 110 may include one or more modules for connecting the receiver terminal 200 to one or more networks.

The user input unit 220 is for receiving information from a user. When information is input through the user input unit 220, the controller 250 may control an operation of the receiver terminal 200 to correspond to the input information. . The user input unit 220 may be a mechanical input unit (or a mechanical key, for example, buttons located on the front, rear, or side surfaces of the receiver terminal 200, a dome switch, a jog wheel, Jog switch, etc.) and touch input means. As an example, the touch input means may include a virtual key, a soft key, or a visual key displayed on the touch screen through a software process, or a portion other than the touch screen. The virtual key or the visual key may be displayed on the touch screen while having various forms, for example, graphic or text. ), An icon, a video, or a combination thereof.

The memory 230 may store data supporting various functions of the receiver terminal 200. The memory 230 may store a plurality of application programs or applications that are driven in the receiver terminal 200, data for operating the receiver terminal 200, and instructions. At least some of these applications may be downloaded from an external server via wireless communication. In addition, at least some of these application programs may exist on the receiver terminal 200 from the time of shipment for basic functions of the sender terminal 100 (for example, incoming / outgoing / outgoing function, receiving a message, and originating function). The application program may be stored in the memory 230 and installed on the receiver terminal 200 to be driven by the controller 250 to perform an operation (or function) of the receiver terminal 200.

The memory 230 may be a flash memory type, a hard disk type, a solid state disk type, an SSD type, a silicon disk drive type, or a multimedia card micro type. ), Card-type memory (e.g., SD or XD memory), random access memory (RAM), static random access memory (SRAM), read-only memory (ROM), electrically erasable programmable read It may include at least one type of storage medium of -only memory (PROM), programmable read-only memory (PROM), magnetic memory, magnetic disk and optical disk. The receiver terminal 200 may be operated in connection with a web storage that performs a storage function of the memory 230 on the Internet.

The display unit 240 displays (outputs) information processed by the receiver terminal 200. For example, the display unit 240 may display execution screen information of an application program driven in the receiver terminal 200 or user interface (UI) and graphical user interface (GUI) information according to the execution screen information. .

The display unit 240 includes a liquid crystal display (LCD), a thin film transistor-liquid crystal display (TFT LCD), an organic light-emitting diode (OLED), and a flexible display (flexible). display, a 3D display, or an e-ink display.

In addition to the operation related to the application program, the controller 250 typically controls the overall operation of the receiver terminal 200. The controller 250 may provide or process information or functions appropriate to a user by processing signals, data, information, and the like, which are input or output through the above-described components, or driving an application program stored in the memory 230.

In addition, the controller 250 may control at least some of the components described with reference to FIG. 3 in order to drive an application program stored in the memory 230. In addition, the controller 250 may operate at least two or more of the components included in the receiver terminal 200 in combination with each other to drive the application program.

At least some of the components may operate in cooperation with each other in order to implement an operation, control, or control method of the receiver terminal 200 according to various embodiments described below. In addition, the operation, control, or control method of the receiver terminal 200 may be implemented on the receiver terminal 200 by driving at least one application program stored in the memory 230.

According to some embodiments of the present disclosure, the controller 250 may recognize the message reception address of the receiver terminal when the messenger program is running. The controller 250 may calculate a first value associated with the message reception address. A method of calculating the first value will be described later in more detail with reference to FIG. 6. Meanwhile, when the controller 250 calculates the first value, the controller 250 may include a query including the first value of at least one first node related to the general channel 300 and at least one second node related to the secure channel 400. Can be sent to. If the control unit 250 receives a signal corresponding to the query from at least one first node or at least one second node after transmitting the query, the controller 250 may extract a message included in the signal from the signal. The controller 250 may control the display unit 240 to display the received message on the execution screen of the messenger program. A detailed description thereof will be described later with reference to FIGS. 8 to 10.

4 is a flowchart illustrating an example of a method of selecting a channel for transmitting a message by a sender terminal according to some embodiments of the present disclosure. Descriptions overlapping with those described above with reference to FIGS. 1 through 3 with respect to FIG. 4 will not be described again, and will be described below based on differences.

Referring to FIG. 4, the controller 140 of the sender terminal 100 may receive receiver information and a message from a user through the user input unit 120 (S110). In detail, when the messenger program is running, the controller 140 may receive receiver information and a message from the user through the user input unit 120. Here, the messenger program may be a messenger program that may be implemented in a decentralized application (DApp) as a message transmission and reception program having enhanced security. However, the present invention is not limited thereto.

The receiver information may be information related to the receiver terminal 200, that is, information related to the receiver to receive the message. For example, the receiver information may be information for identifying the receiver terminal 200, such as an IP (Internet Protocol) address of the receiver terminal 200, or may be information for identifying the receiver itself. However, the present invention is not limited thereto, and various types of information required to transmit a message to the receiver terminal 200 may be included in the receiver information.

The message may include content that a user of the sender terminal 100 wants to transmit to the user of the receiver terminal 200. However, the present invention is not limited thereto, and the message may include various types of files such as an image file, a document file, a video file, and an audio file as attachment files.

When receiving the receiver information and the message from the user in step S110, the controller 140 may recognize the size of the message (S120). The reason for recognizing the size of the message is that the controller 140 can transmit the message through another channel according to the size of the message.

In detail, the controller 140 may recognize whether an attachment file exists in the message. When the controller 140 recognizes that the attachment does not exist in the message, the controller 140 may recognize the data size of the message itself as the size of the message. However, when the controller 140 recognizes that the attachment exists in the message, the controller 140 recognizes the value of the message size plus the data size of the attachment (eg, a video file, a voice file, etc.) as the size of the message. can do.

When the controller 140 recognizes the size of the message in operation S120, the controller 140 may select a channel to transmit the message based on the size of the message in operation S130. Here, the channel may mean a transmission path through which a signal is transmitted. For example, the channel may include a regular channel 300 and a secure channel 400. The general channel 300 may refer to a transmission path through which a signal including an unencrypted message is transmitted. The secure channel 400 may refer to a transmission path through which a signal including an encrypted message is transmitted. However, the present invention is not limited thereto, and various channels may be included in a channel for transmitting a message.

In detail, when it is recognized in step S120 that the size of the message exceeds a preset size (for example, 4 Kbytes), the controller 140 may select the general channel 300 as a channel for transmitting the message. Meanwhile, when recognizing that the size of the message recognized in step S120 is equal to or smaller than the preset size, the controller 140 may select the secure channel 400 as a channel for transmitting the message. A detailed description thereof will be described below with reference to FIG. 5.

5 is a flowchart illustrating an example of a method of selecting a channel for transmitting a message according to a size of a message by a sender terminal according to some embodiments of the present disclosure. Descriptions overlapping with those described above with reference to FIGS. 1 through 4 with reference to FIG. 5 will not be described again, and will be described below based on differences.

Referring to FIG. 5, the controller 140 of the sender terminal 100 may recognize whether a message size exceeds a preset size (S131). Here, the preset size may be a size preset by a designer who designs a message transmission and reception system.

For example, the controller 140 may recognize whether the message size exceeds 4 Kbytes, which is a preset size. However, the present invention is not limited thereto.

 When the controller 140 recognizes that the size of the message exceeds a preset size (S131, Yes), the controller 140 may select the general channel 300 as a channel to transmit the message (S132). In this case, the controller 140 may transmit the first signal including the message to at least one first node associated with the general channel 300. Detailed description thereof will be described later with reference to FIG. 6.

On the other hand, when the controller 140 recognizes that the message size is less than or equal to the preset size (S131, No), the controller 140 may select the secure channel 400 as a channel for transmitting the message. In this case, the controller 140 may transmit a second signal including the encrypted message to at least one second node associated with the secure channel 400. Detailed description thereof will be described later with reference to FIG. 7.

The time it takes to send a message without encrypting it is longer than the time it takes to encrypt and send a message. That is, when the size of the message is larger than the preset size, if the message is transmitted through the secure channel, it may take too much time to transmit the message. Therefore, when the size of the message is larger than the preset size, it may not be suitable to transmit the message through the secure channel. Therefore, the controller 140 may transmit the message through the secure channel only when the size of the message is less than or equal to the preset size, and transmit the message through the normal channel when the size of the message exceeds the preset size.

6 is a flowchart illustrating an example of a method of transmitting a message through a general channel in a sender terminal according to some embodiments of the present disclosure. Descriptions overlapping with those described above with reference to FIGS. 1 through 5 with respect to FIG. 6 will not be described again.

First, referring to FIG. 5, when the controller 140 of the sender terminal 100 recognizes that the message size exceeds a preset size (S131, Yes), the general channel may be selected as a channel for transmitting the message (S131, Yes). S133).

Referring to FIG. 6, when the general channel is selected as a channel for transmitting a message, the controller 140 may select first signature data obtained by encrypting a message using a private key of a public key infrastructure (PKI) associated with the sender terminal 100. Can be generated (S1331). That is, the controller 140 may generate first signature data for performing an electronic signature on the message.

Meanwhile, according to some embodiments of the present disclosure, the controller 140 may calculate a first hash value that hashes a message by using a hash algorithm before generating the first signature data. In addition, the controller 140 may generate the first signature data by encrypting the first hash value by using a private key of the PKI associated with the sender terminal 100. Here, the hash algorithm is MD (Message-Digest) 1, MD4, MD5, Secure Hash Standard (SHS), Secure Hash Algorithm (SHA) -256, SHA-512, HAS-160 (Hash Algorithm Standard-160), HAVAL (Hashing Algorithm with Variable Length of output), RIPEMD (RACE Integrity Primitives Evaluation Message Digest) -160, and the like.

Meanwhile, the controller 140 may calculate a first value related to the message reception address based on the receiver information received from the user in step S110 of FIG. 1 (S1332).

The receiver information may be information related to the receiver terminal 200, that is, information related to the receiver to receive the message. For example, the receiver information may be information for identifying the receiver terminal 200, such as an IP (Internet Protocol) address of the receiver terminal 200, or may be information for identifying the receiver itself. However, the present invention is not limited thereto, and various types of information required to transmit a message to the receiver terminal 200 may be included in the receiver information.

The first value may mean a value associated with the message receiving address so that the message can be properly transmitted to the receiver terminal 200 when the message is transmitted to the receiver terminal 200. The method of calculating the first value is as follows.

In detail, the controller 140 may extract the message receiving address from the receiver information input by the user. The controller 140 may hash the extracted message receiving address through a hash algorithm. Here, the hash algorithm is MD (Message-Digest) 1, MD4, MD5, Secure Hash Standard (SHS), Secure Hash Algorithm (SHA) -256, SHA-512, HAS-160 (Hash Algorithm Standard-160), HAVAL (Hashing Algorithm with Variable Length of output), RIPEMD (RACE Integrity Primitives Evaluation Message Digest) -160, and the like. The controller 140 may obtain a first value hashed by the reception address through a hash algorithm. However, the present invention is not limited thereto, and the controller 140 may acquire the first value in various ways.

The controller 140 may obtain a second value indicating the order of the messages. Here, the second value may indicate how many times the message is sent to the receiver terminal 200. For example, when the sender terminal 100 transmits the fifth message to the receiver terminal 200, the second value may be 5. However, the present invention is not limited thereto.

In the present disclosure, the order of performing steps S1331 and S1332 described above may be changed, and each of steps S1331 and S1332 may be simultaneously performed.

When the controller 140 generates, calculates, or obtains the first value, the second value, and the first signature data as described above, the controller 140 includes a first signal including the first value, the second value, the message, and the first signature data. It may be generated (S1333).

In detail, the controller 140 may generate a first signal including a header and a payload. The controller 140 may insert the first value and the second value into the header of the first signal. In addition, the controller 140 may insert the message and the first signature data into the payload of the first signal.

Meanwhile, when generating the first signal in step S1333, the controller 140 transmits the first signal to at least one first channel associated with the general channel 300 such that the first signal is transmitted to the receiver terminal corresponding to the receiver information. It can transmit to the node (S1334).

When each processor of the at least one first node 301, 302, 303, 304 associated with the general channel 300 receives the first signal from the sender terminal 100, the processor is included in the header of the received first signal. The first value can be recognized. In addition, the processor of each of the at least one first node 301, 302, 303, 304 associated with the general channel 300 may determine a routing path based on the first value and the routing table stored in the storage.

In detail, any one first node 301 included in the general channel 300 may receive the first signal. In this case, the processor of the first node 301 may recognize the signal transmission path corresponding to the first value included in the header of the first signal received using the routing table. Here, the routing table may record information on how to set the signal transmission path according to the size of the first value included in the received signal. Thus, the processor of the first node 301 may determine the next node to receive the signal using the routing table. In this manner, the first signal may be transmitted to the receiver terminal 200.

7 is a flowchart illustrating an example of a method of transmitting a message through a secure channel in a sender terminal according to some embodiments of the present disclosure. Duplicate content described above with reference to FIGS. 1 to 6 with respect to FIG. 7 will not be described again, and will be described below based on differences.

First, referring to FIG. 5, when the controller 140 of the sender terminal 100 recognizes that the message size is less than or equal to the preset size (S131, No), the secure channel 400 may be selected as a channel for transmitting the message. There is (S132).

Referring to FIG. 6, when the secure channel 400 is selected as a channel for transmitting a message, the controller 140 may recognize whether the size of the message is the same as a preset size (for example, 4 Kbytes) (S1321). ).

In detail, when the secure channel 400 is selected as a channel for transmitting a message, the controller 140 may recognize whether the size of the message is less than the preset size or whether the size of the message matches the preset size.

When the controller 140 recognizes that the size of the message is less than the preset size, that is, when the size of the message does not match the preset size (S1321, No), the message size is set to be the preset size. Padding may be performed to generate first data (S1322).

For example, when the controller 140 recognizes that the size of the message is less than the preset size, the controller 140 may generate first data by padding the message using zero bits so that the size of the message becomes the preset size. When the zero bit is added to the message as described above, the controller 140 may make the size of the message a preset size.

However, the above-described example is merely an example, and the method of performing padding on the message is not limited to the above-described example, and the controller 140 may make the size of the message to a preset size by padding the message in various ways. have.

As described above, when recognizing that the size of the message is less than the preset size, the reason why the controller 140 pads the message is that all the messages have the same data size, so that the hacker starts the contents in the encrypted message. This is to make it difficult to check.

When the first data is generated in operation S1322, the controller 140 may generate second signature data for the first data in operation S1323.

In detail, the controller 140 may generate second signature data in which the first data is encrypted using the private key of the PKI associated with the sender terminal. That is, the controller 140 may generate second signature data for performing an electronic signature on the first data padded with the message.

According to some embodiments of the present disclosure, the controller 140 may calculate a second hash value that hashes the first data by using a hash algorithm before generating the second signature data. Here, the hash algorithm is MD (Message-Digest) 1, MD4, MD5, Secure Hash Standard (SHS), Secure Hash Algorithm (SHA) -256, SHA-512, HAS-160 (Hash Algorithm Standard-160), HAVAL (Hashing Algorithm with Variable Length of output), RIPEMD (RACE Integrity Primitives Evaluation Message Digest) -160, and the like. In addition, the controller 140 may generate the second signature data by encrypting the second hash value by using the private key of the PKI associated with the sender terminal 100.

Meanwhile, the controller 140 may generate first encrypted data obtained by encrypting the first data with the public key of the PKI associated with the receiver terminal 200 separately from generating the second signature data (S1324).

In detail, the controller 140 may recognize the public key of the PKI associated with the receiver terminal corresponding to the receiver information. In addition, the controller 140 may generate first encrypted data by encrypting the first data using the public key of the PKI associated with the receiver terminal 200.

More specifically, when the controller 140 generates the first encrypted data, the public key of the PKI associated with the receiver terminal 200 in at least one second node included in the receiver terminal 200 or the secure channel 400. The communication unit 110 may be controlled to transmit a query requesting the request. The controller 140 may receive the public key of the PKI associated with the receiver terminal 200 from the receiver terminal or at least one second node through the communication unit. In addition, the controller 140 may generate first encrypted data by encrypting the first data using the public key of the PKI associated with the receiver terminal 200.

As described above, when encrypting the first data using the public key of the PKI associated with the receiver terminal 200, since the first encrypted data is decrypted only with the private key of the PKI associated with the receiver terminal 200, the message is secured. This can be enhanced.

In the present disclosure, the order of performing steps S1323 and S1324 described above may be changed, and each of steps S1323 and S1324 may be simultaneously performed.

The controller 140 may recognize a message discard time previously stored in the memory 130. Here, the message discard time may mean a time when the second signal including the encrypted message is deleted from the volatile memory of each of the second nodes 401, 402, 403, and 404 included in the secure channel 400. . That is, since the message discard time may be determined as a protocol in the message transmission / reception system, the message discard time may be previously stored in the memory 130 of the sender terminal 100. However, the present invention is not limited thereto, and the user may set a message discard time in advance or may input a message discard time when the user inputs a message.

In addition, the controller 140 may calculate a first value related to the message reception address based on the receiver information received from the user in step S110 of FIG. 1.

The receiver information may be information related to the receiver terminal 200, that is, information related to the receiver to receive the message. For example, the receiver information may be information for identifying the receiver terminal 200, such as an IP (Internet Protocol) address of the receiver terminal 200, or may be information for identifying the receiver itself. However, the present invention is not limited thereto, and various types of information required to transmit a message to the receiver terminal 200 may be included in the receiver information.

The first value may mean a value associated with the message receiving address so that the message can be properly transmitted to the receiver terminal 200 when the message is transmitted to the receiver terminal 200. The method of calculating the first value is as follows.

In detail, the controller 140 may extract the message receiving address from the receiver information input by the user. The controller 140 may hash the extracted message receiving address through a hash algorithm. The controller 140 may obtain a first value hashed by the reception address through a hash algorithm. However, the present invention is not limited thereto, and the controller 140 may acquire the first value in various ways. Here, the hash algorithm is MD (Message-Digest) 1, MD4, MD5, Secure Hash Standard (SHS), Secure Hash Algorithm (SHA) -256, SHA-512, HAS-160 (Hash Algorithm Standard-160), HAVAL (Hashing Algorithm with Variable Length of output), RIPEMD (RACE Integrity Primitives Evaluation Message Digest) -160, and the like.

In addition, the controller 140 may obtain a second value indicating the order of the messages. Here, the second value may indicate how many times the message is sent to the receiver terminal 200. For example, when the sender terminal 100 transmits the fifth message to the receiver terminal 200, the second value may be 5. However, the present invention is not limited thereto.

The controller 140 may generate a second signal including a message discard time, a first value related to the message reception address, a second value indicating the order of the message, the second signature data, and the first encrypted data ( S1325).

In detail, the controller 140 may generate a second signal including a header and a payload. The controller 140 may insert the message discard time, the first value, and the second value into the header of the second signal. In addition, the controller 140 may insert the first encrypted data and the second signature data into the payload of the second signal.

On the other hand, when the control unit 140 generates the second signal in step S1325, at least one of the second signal associated with the secure channel 400 so that the second signal is transmitted to the receiver terminal 200 corresponding to the receiver information. It can transmit to the second node of (S1329).

When each processor of the at least one second node 401, 402, 403, 404 associated with the secure channel 400 receives a second signal from the sender terminal 100, the processor is included in the header of the received second signal. The first value can be recognized. The processor of each of the at least one second node 401, 402, 403, 404 associated with the secure channel 400 may determine a routing path based on the first value and the routing table stored in the storage.

In detail, any one second node 401 included in the secure channel 400 may receive the second signal. In this case, the processor of the second node 401 may recognize the signal transmission path corresponding to the first value included in the header of the received second signal using the routing table. Here, the routing table may record information on how to set the signal transmission path according to the size of the first value included in the received signal. Accordingly, the processor of the second node 401 may use the routing table to determine the next node to receive the signal. In this manner, the second signal may be transmitted to the receiver terminal 200.

On the other hand, if it is recognized in step S1321 that the size of the message matches the preset size (S1321, Yes), the controller 140 does not need to pad the message as in step S1322. Therefore, the controller 140 may generate third signature data for the message (S1326).

In detail, when the controller 140 recognizes that the size of the message matches the preset size in step S1321 (S1321, Yes), the controller 140 encrypts the message using the private key of the PKI associated with the sender terminal. Signature data can be generated. That is, the controller 140 may generate second signature data for digitally signing a message.

According to some embodiments of the present disclosure, the controller 140 may calculate a third hash value hashed message using a hash algorithm before generating the third signature data. Here, the hash algorithm is MD (Message-Digest) 1, MD4, MD5, Secure Hash Standard (SHS), Secure Hash Algorithm (SHA) -256, SHA-512, HAS-160 (Hash Algorithm Standard-160), HAVAL (Hashing Algorithm with Variable Length of output), RIPEMD (RACE Integrity Primitives Evaluation Message Digest) -160, and the like. In addition, the controller 140 may generate the third signature data by encrypting the third hash value by using a private key of the PKI associated with the sender terminal 100.

Meanwhile, the controller 140 may generate second encrypted data obtained by encrypting a message with a public key of a PKI associated with the receiver terminal 200 separately from generating third signature data (S1327).

In detail, the controller 140 may recognize the public key of the PKI associated with the receiver terminal corresponding to the receiver information. The controller 140 may generate the second encrypted data by encrypting the message using the public key of the PKI associated with the receiver terminal 200.

More specifically, when the controller 140 generates the second encrypted data, the public key of the PKI associated with the receiver terminal 200 in at least one second node included in the receiver terminal 200 or the secure channel 400. The communication unit 110 may be controlled to transmit a query requesting the request. The controller 140 may receive the public key of the PKI associated with the receiver terminal 200 from the receiver terminal or at least one second node through the communication unit. The controller 140 may generate the second encrypted data by encrypting the message using the public key of the PKI associated with the receiver terminal 200.

As described above, when encrypting a message using the public key of the PKI associated with the receiver terminal 200, since the second encrypted data is decrypted only with the private key of the PKI associated with the receiver terminal 200, the security of the message is enhanced. Can be.

In the present disclosure, the order of performing steps S1326 and S1327 described above may be changed, and each of steps S1326 and S1327 may be simultaneously performed.

In addition, the controller 140 may recognize a message discard time previously stored in the memory 130. Here, the message discard time may mean a time when the second signal including the encrypted message is deleted from the volatile memory of each of the second nodes 401, 402, 403, and 404 included in the secure channel 400. . That is, since the message discard time may be determined as a protocol in the message transmission / reception system, the message discard time may be previously stored in the memory 130 of the sender terminal 100. However, the present invention is not limited thereto, and the user may set a message discard time in advance or may input a message discard time when the user inputs a message.

In addition, the controller 140 may calculate a first value related to the message reception address based on the receiver information received from the user in step S110 of FIG. 1.

The receiver information may be information related to the receiver terminal 200, that is, information related to the receiver to receive the message. For example, the receiver information may be information for identifying the receiver terminal 200, such as an IP (Internet Protocol) address of the receiver terminal 200, or may be information for identifying the receiver itself. However, the present invention is not limited thereto, and various types of information required to transmit a message to the receiver terminal 200 may be included in the receiver information.

The first value may mean a value associated with the message receiving address so that the message can be properly transmitted to the receiver terminal 200 when the message is transmitted to the receiver terminal 200. The method of calculating the first value is as follows.

In detail, the controller 140 may extract the message receiving address from the receiver information input by the user. The controller 140 may hash the extracted message receiving address through a hash algorithm. Here, the hash algorithm is MD (Message-Digest) 1, MD4, MD5, Secure Hash Standard (SHS), Secure Hash Algorithm (SHA) -256, SHA-512, HAS-160 (Hash Algorithm Standard-160), HAVAL (Hashing Algorithm with Variable Length of output), RIPEMD (RACE Integrity Primitives Evaluation Message Digest) -160, and the like. The controller 140 may obtain a first value hashed by the reception address through a hash algorithm. However, the present invention is not limited thereto, and the controller 140 may acquire the first value in various ways.

In addition, the controller 140 may obtain a second value indicating the order of the messages. Here, the second value may indicate how many times the message is sent to the receiver terminal 200. For example, when the sender terminal 100 transmits the fifth message to the receiver terminal 200, the second value may be 5. However, the present invention is not limited thereto.

In addition, the controller 140 may generate a third signal including a message discard time, a first value related to the message reception address, a second value indicating the order of the message, third signature data, and second encrypted data ( S1328).

In detail, the controller 140 may generate a third signal including a header and a payload. The controller 140 may insert the message discard time, the first value, and the second value into the header of the third signal. In addition, the controller 140 may insert the second encrypted data and the third signature data into the payload of the third signal.

Meanwhile, when generating the third signal in operation S1328, the controller 140 transmits the third signal associated with the secure channel 400 so that the third signal is transmitted to the receiver terminal 200 corresponding to the receiver information. It can transmit to the second node of (S1329).

When each processor of the at least one second node 401, 402, 403, 404 associated with the secure channel 400 receives a third signal from the sender terminal 100, the processor is included in the header of the received third signal. The first value can be recognized. The processor of each of the at least one second node 401, 402, 403, 404 associated with the secure channel 400 may determine a routing path based on the first value and the routing table stored in the storage.

In detail, any one second node 401 included in the secure channel 400 may receive the third signal. In this case, the processor of the second node 401 may recognize the signal transmission path corresponding to the first value included in the header of the received third signal using the routing table. Here, the routing table may record information on how to set the signal transmission path according to the size of the first value included in the received signal. Accordingly, the processor of the second node 401 may use the routing table to determine the next node to receive the signal. In this manner, the third signal may be transmitted to the receiver terminal 200.

Meanwhile, according to some embodiments of the present disclosure, after the second signal or the third signal is transmitted to the at least one second node in step S1329, the controller 140 receives a message from the user through the user input unit 120. A command may be received to discard the message before the discard time. In this case, the controller 140 may generate a discard signal and transmit it to at least one second node.

Here, the discard signal may include a header and a payload. The controller 140 may write a command to delete the second signal or the third signal from the volatile memory of the second node in the payload.

Meanwhile, the discard signal may include a first value associated with the message destination address and a second value indicating the order of the message to enable retrieval of the message. In detail, the controller 140 may record the first value and the second value in the header of the discard signal.

Accordingly, every second node 401, 402, 403, 404 included in the secure channel 400 uses a first value and a second value included in the header of the discard signal to include a second signal including the message to discard. Alternatively, the third signal may be recognized by the volatile memories of all the second nodes 401, 402, 403, and 404.

 Meanwhile, when each of the at least one second node receives the discard signal, each of the at least one second node may propagate the discard signal to all second nodes included in the secure channel 400. In addition, all second nodes included in the secure channel 400 may delete the second signal or the third signal from the volatile memory based on the discard signal.

On the other hand, the magnitude of the discard signal may have the same magnitude as the second signal and the third signal. This is to make it impossible for a hacker to recognize the contents of a message by stealing the signal, so that whether the stolen signal is a signal including the message or a discard signal cannot be recognized only by the size of the signal.

8 is a flowchart illustrating an example of a method of receiving a message by a receiver terminal according to some embodiments of the present disclosure. Descriptions overlapping with those described above with reference to FIGS. 1 through 7 with reference to FIG. 8 will not be described again, and will be described below based on differences.

Referring to FIG. 8, when receiving a message, the controller 250 of the receiver terminal 200 may calculate a first value related to the message reception address of the receiver terminal. The first value may mean a value associated with the message receiving address so that the message can be properly transmitted to the receiver terminal 200 when the message is transmitted to the receiver terminal 200. The method of calculating the first value is as follows.

In detail, the controller 140 may recognize the message reception address recorded in the memory 230 of the receiver terminal 200. The controller 140 may hash the recognized message reception address through a hash algorithm. Here, the hash algorithm is MD (Message-Digest) 1, MD4, MD5, Secure Hash Standard (SHS), Secure Hash Algorithm (SHA) -256, SHA-512, HAS-160 (Hash Algorithm Standard-160), HAVAL (Hashing Algorithm with Variable Length of output), RIPEMD (RACE Integrity Primitives Evaluation Message Digest) -160, and the like. The controller 140 may calculate a first value hashed by the reception address through a hash algorithm. However, the present invention is not limited thereto, and the controller 140 may calculate the first value in various ways.

When calculating the first value in step S210, the controller 250 may transmit a query including the first value to at least one first node related to the general channel and at least one second node related to the secure channel. There is (S220).

After transmitting the query in step S220, the controller 250 may receive a signal corresponding to the query through the communication unit 210 from at least one first node or at least one second node (S230). Here, the signal corresponding to the query may be a signal including a first value in the header.

In detail, the at least one first node and the at least one second node that receive the query including the first value may search for a signal including the first value in the header. At least one first node and at least one second node may transmit a signal including the first value to the receiver terminal 200. In this case, the controller 250 may receive a signal corresponding to the query from the at least one first node or the at least one second node through the communication unit 210.

Meanwhile, when receiving a signal from at least one first node or at least one second node, the controller 250 may extract a message included in the signal from the signal (S240).

In detail, when the control unit 250 receives a signal from at least one first node or at least one second node, the transmitter terminal 100 having verified the validity of the signature included in the signal and transmitting the signal receives the signal. You can check whether the transmission is correct. In addition, when the transmitter 250 recognizes that the transmitter terminal 100 transmits a signal, the controller 250 may extract a message from the signal. A method of recognizing whether or not the transmitter terminal 100 transmits a signal is described below in more detail with reference to FIGS. 9 and 10, and a method of extracting a message from a signal will be described below.

For example, the controller 250 may receive a signal from at least one first node, and if it is recognized that a signature included in the signal is valid, the controller 250 may extract a message included in the signal.

In another example, when the controller 250 receives a signal from at least one second node and recognizes that the signature included in the signal is valid, the controller 250 may convert the encrypted data included in the received signal into a PKI associated with the receiver terminal 200. Can be decrypted with the private key. The controller 250 may extract the message from the decrypted data by analyzing the decrypted data.

In detail, the controller 250 may analyze the decoded data and recognize whether zero bits are inserted into the decoded data in a predetermined pattern. When the controller 250 recognizes that the zero bits are inserted in the preset pattern, the controller 250 may recognize that the decoded data is padded. The controller 250 may extract the message from the decoded data by deleting the zero bit having the preset pattern from the decoded data. On the other hand, if the controller 250 does not recognize that zero bits are inserted in the decoded data in a predetermined pattern, the controller 250 may recognize that the decoded data is a message.

Meanwhile, when extracting a message in step S240, the controller 250 may control the display unit 240 to display the message on the execution screen of the messenger program. Therefore, the user of the receiver terminal 200 may check the message through the screen.

9 is a flowchart illustrating an example of a method of determining whether to extract a message from a signal when a receiver terminal receives a signal through a general channel according to some embodiments of the present disclosure. Descriptions overlapping with those described above with reference to FIGS. 1 through 8 with reference to FIG. 9 will not be described again.

Referring first to FIG. 8, in operation S230, when the controller 250 receives a signal corresponding to a query from at least one first node, the signal may include a message and first signature data in a payload. . In this case, the controller 250 may verify whether the sender terminal 100 that transmits the signal is correct by verifying the validity of the first signature data included in the signal. This will be described in more detail with reference to FIG. 9.

Referring to FIG. 9, the controller 250 may extract first data by decrypting first signature data included in a received signal by using a public key of a PKI associated with a sender terminal (S310).

In detail, the controller 250 may recognize the public key of the PKI associated with the sender terminal 100. In addition, the controller 140 may extract the first data by decoding the first signature data by using the public key of the PKI associated with the sender terminal 100.

When the first data is extracted in step S310, the controller 250 may recognize whether the message included in the received signal matches the first data (S320). The controller 250 may determine whether to extract the message from the signal based on whether the first data and the message match.

Specifically, when the controller 250 recognizes that the message and the first data match (S320, Yes), it may determine that the message is extracted from the signal (S330). That is, when the controller 250 recognizes that the message and the first data match, the controller 250 may recognize that the validity of the first signature data included in the signal is recognized. In addition, the controller 250 may extract the message from the signal.

Meanwhile, when recognizing that the message and the first data do not match (S320, No), the controller 250 may determine that the message is not extracted from the signal (S340). That is, when the controller 250 recognizes that the message and the first data do not match, the controller 250 may recognize that the validity of the first signature data included in the signal is not recognized. The controller 250 may not extract the message from the signal. This is because the signal is not transmitted from the sender terminal 100 when the first data does not match the message.

As described above, when the controller 250 extracts the message from the signal only when the validity of the first signature data is recognized, the virus is installed in the receiver terminal 200 by extracting the message from the signal transmitted by another user. It can prevent.

Meanwhile, according to some embodiments of the present disclosure, when the controller 250 recognizes that the first data is a hash value before step S320, the controller 250 hashes a message included in the received signal through a hash algorithm. The value can be obtained. The controller 250 may recognize whether the first hash value matches the first data instead of the message included in the signal received in operation S320. The controller 250 may determine whether the first hash value corresponds to the first hash value. It may be determined whether to extract the message from the signal based on whether the 1 data matches. That is, if it is recognized that the first hash value and the first data match, the controller 250 may determine to extract the message from the signal. When the controller 250 recognizes that the first hash value does not match the first data, the controller 250 may determine that the message is not extracted from the signal.

10 is a flowchart illustrating an example of a method of determining whether to extract a message from a signal when a receiver terminal receives a signal through a secure channel according to some embodiments of the present disclosure. Descriptions overlapping with those described above with reference to FIGS. 1 through 9 with reference to FIG. 10 will not be described again.

Referring first to FIG. 8, when the control unit 250 receives a signal corresponding to a query from at least one second node in step S230, the signal may include encrypted data and second signature data in a payload. have. In this case, the controller 250 may verify the validity of the second signature data included in the signal to determine whether the transmitter terminal 100 that transmits the signal is correct. This will be described in more detail with reference to FIG. 10.

Referring to FIG. 10, the controller 250 may extract first data by decrypting second signature data included in a received signal using a public key of a PKI associated with a sender terminal (S410).

In detail, the controller 250 may recognize the public key of the PKI associated with the sender terminal 100. In addition, the controller 140 may extract the first data by decoding the second signature data by using the public key of the PKI associated with the sender terminal 100.

Meanwhile, in addition to extracting the first data from the second signature data, the controller 250 extracts the second data by decrypting the first encrypted data included in the received signal using a PKI private key associated with the receiver terminal. can do.

Meanwhile, when extracting the first data and the second data in steps S410 and S420, the controller 250 may recognize whether the first data and the second data match or not (S430). The controller 250 may determine whether to extract the message from the signal based on whether the first data and the second data match.

In detail, when the controller 250 recognizes that the message and the first data match (S430, Yes), the controller 250 may determine to extract the message from the signal (S440). That is, when the controller 250 recognizes that the first data and the second data match, the controller 250 may recognize that the validity of the second signature data included in the signal is recognized. In addition, the controller 250 may extract the message from the second data. Here, the extraction of the message from the second data is described above with reference to FIG. 8, and thus a detailed description thereof will be omitted.

On the other hand, if it is recognized that the first data and the second data do not match (S430, No), the controller 250 may determine not to extract the message from the signal (S450). That is, when recognizing that the first data and the second data do not match, the controller 250 may recognize that the validity of the second signature data included in the signal is not recognized. The controller 250 may not extract the message from the second data. This is because the signal is not transmitted from the transmitter terminal 100 when the first data does not match the second data.

As described above, when the control unit 250 extracts the message from the second data only when the validity of the second signature data is recognized, the virus is installed in the receiver terminal 200 by extracting the message from the signal transmitted by another user. Can be prevented.

Meanwhile, according to some embodiments of the present disclosure, when the first data is a hash value before step S430, the controller 250 may acquire a second hash value hashed from the second data through a hash algorithm. Can be. The controller 250 may recognize whether the second hash value matches the first data instead of the second data in step S430, and the controller 250 matches the second hash value with the second data. It may be determined whether to extract the message from the signal based on whether or not. That is, when the controller 250 recognizes that the second hash value matches the second data, the controller 250 may determine to extract the message from the signal. When the controller 250 recognizes that the second hash value and the second data do not match, the controller 250 may determine that the message is not extracted from the signal.

11 shows a brief general schematic diagram of an example computing environment in which embodiments of the present disclosure may be implemented.

Although the present disclosure has been described above generally with respect to computer executable instructions that may be executed on one or more computers, those skilled in the art will appreciate that the present disclosure may be implemented in combination with other program modules and / or as a combination of hardware and software. will be.

In general, modules herein include routines, procedures, programs, components, data structures, etc. that perform particular tasks or implement particular abstract data types. In addition, those skilled in the art will appreciate that the methods of the present disclosure may include uniprocessor or multiprocessor computer systems, minicomputers, mainframe computers, as well as personal computers, handheld computing devices, microprocessor-based or programmable consumer electronics, and the like (each of which And other computer system configurations, including one or more associated devices, which may operate in conjunction with one or more associated devices.

The described embodiments of the present disclosure can also be practiced in distributed computing environments where certain tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote memory storage devices.

Computers typically include a variety of computer readable media. Any medium that can be accessed by a computer can be a computer readable medium, which can be volatile and nonvolatile media, transitory and non-transitory media, removable and non-transitory media. Removable media. By way of example, and not limitation, computer readable media may comprise computer readable storage media and computer readable transmission media.

Computer-readable storage media are volatile and nonvolatile media, temporary and non-transitory media, removable and non-removable implemented in any method or technology for storing information such as computer readable instructions, data structures, program modules or other data. Media. Computer-readable storage media may include RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital video disk or other optical disk storage device, magnetic cassette, magnetic tape, magnetic disk storage device or other magnetic storage. It includes, but is not limited to, a device or any other medium that can be accessed by a computer and used to store desired information.

Computer-readable transmission media typically embody computer readable instructions, data structures, program modules or other data in a modulated data signal, such as a carrier wave or other transport mechanism, and the like. Includes all information delivery media. The term modulated data signal means a signal that has one or more of its characteristics set or changed to encode information in the signal. By way of example, and not limitation, computer readable transmission media includes wired media such as a wired network or direct-wired connection, and wireless media such as acoustic, RF, infrared, or other wireless media. Combinations of any of the above should also be included within the scope of computer readable transmission media.

An example environment 1100 is illustrated that implements various aspects of the present disclosure, including a computer 1102, which includes a processing unit 1104, a system memory 1106, and a system bus 1108. do. System bus 1108 connects system components, including but not limited to system memory 1106, to processing unit 1104. Processing unit 1104 may be any of a variety of commercial processors. Dual processor and other multiprocessor architectures may also be used as the processing unit 1104.

System bus 1108 may be any of several types of bus structures that may be further interconnected to a memory bus, a peripheral bus, and a local bus using any of a variety of commercial bus architectures. System memory 1106 includes read only memory (ROM) 1110 and random access memory (RAM) 1112. The basic input / output system (BIOS) is stored in nonvolatile memory 1110, such as ROM, EPROM, EEPROM, etc., and the BIOS provides a basic aid for transferring information between components in the computer 1102, such as during startup. Contains routines. RAM 1112 may also include fast RAM, such as static RAM, for caching data.

Computer 1102 also includes an internal hard disk drive (HDD) 1114 (eg, EIDE, SATA) —this internal hard disk drive 1114 may also be configured for external use within a suitable chassis (not shown). Yes, magnetic floppy disk drive (FDD) 1116 (eg, for reading from or writing to removable diskette 1118), and optical disk drive 1120 (eg, CD-ROM Disk 1122 for reading from or writing to or reading from other high capacity optical media such as DVD). The hard disk drive 1114, the magnetic disk drive 1116, and the optical disk drive 1120 are connected to the system bus 1108 by the hard disk drive interface 1124, the magnetic disk drive interface 1126, and the optical drive interface 1128, respectively. ) Can be connected. The interface 1124 for external drive implementation includes, for example, at least one or both of Universal Serial Bus (USB) and IEEE 1394 interface technologies.

These drives and their associated computer readable media provide nonvolatile storage of data, data structures, computer executable instructions, and the like. In the case of computer 1102, drives and media correspond to storing any data in a suitable digital format. While the above description of computer readable storage media refers to HDDs, removable magnetic disks, and removable optical media such as CDs or DVDs, those skilled in the art will appreciate zip drives, magnetic cassettes, flash memory cards, cartridges, Other types of computer readable media, such as the like, may also be used in the exemplary operating environment and it will be appreciated that any such media may include computer executable instructions for performing the methods of the present disclosure. .

Multiple program modules may be stored in the drive and RAM 1112, including operating system 1130, one or more application programs 1132, other program modules 1134, and program data 1136. All or a portion of the operating system, applications, modules and / or data may also be cached in RAM 1112. It will be appreciated that the present disclosure may be implemented in various commercially available operating systems or combinations of operating systems.

A user may enter commands and information into the computer 1102 via one or more wired / wireless input devices, such as a keyboard 1138 and a mouse 1140. Other input devices (not shown) may include a microphone, IR remote control, joystick, game pad, stylus pen, touch screen, and the like. These and other input devices are often connected to the processing unit 1104 via an input device interface 1142, which is connected to the system bus 1108, but the parallel port, IEEE 1394 serial port, game port, USB port, IR interface, Etc. can be connected by other interfaces.

A monitor 1144 or other type of display device is also connected to the system bus 1108 via an interface such as a video adapter 1146. In addition to the monitor 1144, the computer generally includes other peripheral output devices (not shown) such as speakers, printers, and the like.

Computer 1102 may operate in a networked environment using logical connections to one or more remote computers, such as remote computer (s) 1148, via wired and / or wireless communications. Remote computer (s) 1148 may be a workstation, server computer, router, personal computer, portable computer, microprocessor-based entertainment device, peer device, or other conventional network node, and generally for computer 1102. Although many or all of the described components are included, for simplicity, only memory storage 1150 is shown. The logical connections shown include wired / wireless connections to a local area network (LAN) 1152 and / or a larger network, such as a telecommunications network (WAN) 1154. Such LAN and WAN networking environments are commonplace in offices and businesses, facilitating enterprise-wide computer networks such as intranets, all of which may be connected to worldwide computer networks, such as the Internet.

When used in a LAN networking environment, the computer 1102 is connected to the local network 1152 via a wired and / or wireless communication network interface or adapter 1156. Adapter 1156 may facilitate wired or wireless communication to LAN 1152, which also includes a wireless access point installed therein for communicating with wireless adapter 1156. When used in a WAN networking environment, the computer 1102 may include a modem 1158, connect to a communication server on the WAN 1154, or otherwise establish communications over the WAN 1154. Have the means. The modem 1158, which may be an internal or external and wired or wireless device, is connected to the system bus 1108 via the serial port interface 1142. In a networked environment, program modules or portions thereof described with respect to computer 1102 may be stored in remote memory / storage device 1150. It will be appreciated that the network connections shown are exemplary and other means of establishing a communications link between the computers can be used.

Computer 1102 is associated with any wireless device or entity disposed and operating in wireless communication, such as a printer, scanner, desktop and / or portable computer, portable data assistant, communications satellite, wireless detectable tag. Communicate with any equipment or location and telephone. This includes at least Wi-Fi and Bluetooth wireless technology. Thus, the communication can be a predefined structure as in a conventional network or simply an ad hoc communication between at least two devices.

Wireless Fidelity (Wi-Fi) allows you to connect to the Internet without wires. Wi-Fi is a wireless technology such as a cell phone that allows such a device, for example, a computer, to transmit and receive data indoors and outdoors, ie anywhere within the coverage area of a base station. Wi-Fi networks use a wireless technology called IEEE 802.11 (a, b, g, etc.) to provide secure, reliable, high-speed wireless connections. Wi-Fi may be used to connect computers to each other, to the Internet, and to a wired network (using IEEE 802.3 or Ethernet). Wi-Fi networks can operate in unlicensed 2.4 and 5 GHz wireless bands, for example, at 11 Mbps (802.11a) or 54 Mbps (802.11b) data rates, or in products that include both bands (dual band). have.

One of ordinary skill in the art of the disclosure will appreciate that the various illustrative logical blocks, modules, processors, means, circuits and algorithm steps described in connection with the embodiments disclosed herein may be implemented in electronic hardware, It will be appreciated that for purposes of the present invention, various forms of program or design code, or combinations thereof, may be implemented. To clearly illustrate this interchangeability of hardware and software, various illustrative components, blocks, modules, circuits, and steps have been described above generally in terms of their functionality. Whether such functionality is implemented as hardware or software depends on the particular application and design constraints imposed on the overall system. One skilled in the art of the present disclosure may implement the described functionality in various ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present disclosure.

The various embodiments presented herein may be embodied in a method, apparatus, or article of manufacture using standard programming and / or engineering techniques. The term "article of manufacture" includes a computer program or media accessible from any computer-readable device. For example, computer-readable storage media may include magnetic storage devices (eg, hard disks, floppy disks, magnetic strips, etc.), optical discs (eg, CDs, DVDs, etc.), smart cards, and flashes. Memory devices (eg, EEPROM, cards, sticks, key drives, etc.), but are not limited to these. The term “machine-readable medium” includes, but is not limited to, a wireless channel and various other media capable of storing, holding, and / or delivering instruction (s) and / or data.

It is to be understood that the specific order or hierarchy of steps in the processes presented is an example of exemplary approaches. Based upon design priorities, it is understood that the specific order or hierarchy of steps in the processes may be rearranged within the scope of the present disclosure. The accompanying method claims present elements of the various steps in a sample order, but are not meant to be limited to the specific order or hierarchy presented.

The description of the presented embodiments is provided to enable any person skilled in the art to make or use the present disclosure. Various modifications to these embodiments will be apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the scope of the present disclosure. Thus, the present disclosure should not be limited to the embodiments presented herein but should be construed in the broadest scope consistent with the principles and novel features presented herein.

The scope of the claims in the claims of the present disclosure is generated by the functions and features described in the respective steps, and the claims are not specified unless the order of precedence in each order constitutes the method. It is not influenced by the order of description of each step in. For example, in the claims that are described by a method comprising steps A and B, even if step A is described before step B, the scope of the right is not limited to that step A should precede step B.

Claims (15)

A computer program stored in a computer readable storage medium,
The computer program includes instructions for causing a control unit of a sender terminal to perform the following steps, the steps:
Receiving recipient information and a message from a user;
Recognizing the size of the message; And
Selecting a channel to transmit the message among a general channel and a secure channel based on the size of the message;
Including,
Computer program stored on a computer readable storage medium. The method of claim 1,
Selecting a channel to transmit the message of the normal channel and the secure channel based on the size of the message,
If the size of the message exceeds a preset size, selecting the general channel as a channel for transmitting the message; or
If the size of the message is less than or equal to a preset size, selecting the secure channel as a channel to transmit the message;
Including,
Computer program stored on a computer readable storage medium. The method of claim 2,
When the size of the message exceeds a preset size, selecting the general channel as a channel for transmitting the message,
When the general channel is selected as a channel for transmitting the message, generating first signature data by encrypting the message using a private key of a public key infrastructure (PKI) associated with the sender terminal;
Calculating a first value associated with a message destination address based on the recipient information;
Generating a first signal comprising the first value, a second value representing the order of the message, the message and the first signature data; And
Transmitting the first signal to at least one first node associated with the general channel such that the first signal is transmitted to a receiver terminal corresponding to the receiver information;
Further comprising,
Computer program stored on a computer readable storage medium. The method of claim 2,
When the size of the message is less than or equal to a preset size, selecting the secure channel as a channel for transmitting the message,
Recognizing whether the size of the message is less than the preset size when the secure channel is selected as a channel to transmit the message;
If it is recognized that the size of the message is less than the preset size, padding the message to generate the first data such that the size of the message is a preset size;
Generating second signature data by encrypting the first data using a private key of a PKI associated with the sender terminal;
Recognizing a public key of a PKI associated with a receiver terminal corresponding to the receiver information;
Generating first encrypted data by encrypting the first data using the public key;
Recognizing a message discard time previously stored in a memory of the sender terminal;
Calculating a first value associated with a message destination address based on the recipient information;
Generating a second signal comprising the message discard time, the first value, a second value indicating the order of the message, the second signature data and the first encrypted data; And
Transmitting the second signal to at least one second node associated with the secure channel through a communication unit of the sender terminal such that the second signal is transmitted to a receiver terminal corresponding to the receiver information;
Further comprising,
Computer program stored on a computer readable storage medium. The method of claim 4, wherein
Sending a discard signal to the at least one second node when receiving a command from the user to discard the message at the at least one second node before the message discard time;
More,
The discard signal is,
Including the first value and the second value to enable retrieval of the message,
Computer program stored on a computer readable storage medium. The method of claim 5,
The magnitude of the discard signal is,
Having the same magnitude as the second signal,
Computer program stored on a computer readable storage medium. The method of claim 4, wherein
If it is recognized that the size of the message is less than the preset size, the step of padding the message to generate the first data so that the size of the message is a predetermined size,
Generating the first data by padding the message using zero bits such that the size of the message becomes the preset size;
Including,
Computer program stored on a computer readable storage medium. The method of claim 2,
When the size of the message is less than or equal to a preset size, selecting the secure channel as a channel for transmitting the message,
Recognizing whether the size of the message matches the preset size when the secure channel is selected as a channel for transmitting the message;
Generating a third signature data of encrypting the message by using a private key of a PKI associated with the sender terminal when it is recognized that the size of the message matches the preset size;
Recognizing a public key of a PKI associated with a receiver terminal corresponding to the receiver information;
Generating second encrypted data encrypting the message using the public key;
Recognizing a message discard time previously stored in a memory of the sender terminal;
Calculating a first value associated with a message destination address based on the recipient information;
Generating a third signal comprising the message discard time, the first value, a second value representing the order of the message, the third signature data and the second encrypted data; And
Transmitting the third signal to at least one second node associated with the secure channel through a communication unit of the sender terminal such that the third signal is transmitted to a receiver terminal corresponding to the receiver information;
Further comprising,
Computer program stored on a computer readable storage medium. The method of claim 8,
Sending a discard signal to the at least one second node when receiving a command from the user to discard the message at the at least one second node before the message discard time;
More,
The discard signal is,
Including the first value and the second value to enable retrieval of the message,
Computer program stored on a computer readable storage medium. The method of claim 9,
The magnitude of the discard signal is,
Having the same magnitude as the third signal,
Computer program stored on a computer readable storage medium. delete delete delete delete delete

Images