KR102656550B1 - Email reception confirmation and denial prevention system using blockchain - Google Patents

Abstract

The present invention relates to an email reception confirmation and non-repudiation system using blockchain, and includes a blockchain network, a sender terminal used by a sender to create and send emails during the email transmission/reception process, and the sender terminal to send emails. In an email transmission/reception system including a recipient terminal used by a recipient to receive and view an email, sender information (email address), recipient information (email address), email title, and sending time information are stored in the transmitted/received email. A system server that stores comprehensive email information including a hash value and transaction of a block for comprehensive information on transmitted emails generated from the system server. When a transmitted email is received at the recipient terminal, the email reception information is stored in the email reception information according to the reception. A blockchain network that stores hash values and transactions of blocks, generates email information to be sent to the recipient, a sender terminal that connects to the system server and sends an email to be sent to the recipient, and email information generated in the sender terminal. is received from the system server, and includes a recipient terminal that searches and receives the sender's email information from the blockchain network.

Description

Email reception confirmation and denial prevention system using blockchain}

The present invention relates to an email reception confirmation and non-repudiation system using blockchain. More specifically, it applies blockchain technology to the closed non-repudiation function of email services used in the past to prevent malicious impersonation of others. This is about an email reception confirmation and non-repudiation system using blockchain to publicly check the email reliability of the sender and recipient in order to prevent crimes in advance.

As the Internet becomes more popular, the use of electronic mail (e-mail), a representative means of communication on the Internet, is also steadily increasing. In the beginning, only simple text messages were exchanged via email, but recently, important information such as various bills and financial institution transaction details is also being sent and received via email.

Unlike general mail, mail containing important personal information requires a means of protecting the message from network attacks by others, such as hacking. Accordingly, mail sent from financial institutions, etc. is sent to the recipient in the form of an encrypted secure email.

Figures 1 and 2 illustrate this. Figure 1 is a screen where a user who has received a secure email is asked to enter personal information known only to her in order to view it, and Figure 2 shows a screen showing the secure email when the personal information is entered correctly. This is an example of a case that was displayed normally on this screen.

Email is a representative asynchronous message exchange service. In order to send email in the Internet space, various functions such as authentication and file are implemented by adding functions such as SMTP-AUTH, ESMTP, and MIME based on the SMTP protocol standardized in 1982. PEM, PGP, Through the S/MIME function, various security functions such as confidentiality, integrity, user authentication, and non-repudiation of transmission facts are implemented, and additional functions such as reception confirmation are implemented by utilizing the operating principle of web services.

In the case of secure mail, it is mostly implemented using ActiveX technology provided by Microsoft's Internet Explorer. However, in the case of Active The need to implement secure mail is increasing.

However, in the case of JavaScript, etc., during the decoding process of mail, if the mail size is large, the decoding performance deteriorates rapidly, so there was a problem that it took a very long time to open the mail or an error occurred in the browser, which caused problems. To date, there is no secure mail service implemented that can be used without separately installing plug-ins (ActiveX, etc.).

Meanwhile, blockchain technology refers to a data distribution processing technology that distributes and stores all data subject to management by all users participating in the network. It is also called ‘distributed ledger technology (DLC)’ or ‘public transaction ledger’ in that the ledger containing transaction information is not held by the transaction subject or a specific institution, but is shared by all network participants. . Blockchain is a name given to a chain of blocks containing transaction information.

This type of blockchain can be used in a variety of industrial fields, and will be especially suitable for fields where reliability against forgery and falsification must be secured. Proof work, such as user authentication or document verification, is a work that is inevitably exposed to the risk of forgery or falsification, so securing reliability will be more urgent than work in other industrial fields.

KR 10-1387697 KR 10-1600864 KR 10-1953231 KR 10-2240540

The present invention to solve the above problems records the transmission and reception history of emails using blockchain technology that cannot be forged or altered, implements a non-repudiation function for the sender through transparent management and inquiry, and inquires about non-repudiation from the recipient. The purpose is to increase the reliability of e-mail by recording whether it has been received and providing a reception confirmation function.

In addition, we aim to provide an email protection system that allows long-term management of received records of emails as a history of conversations between senders and recipients, and can be used as work reference material when necessary and can also be used as evidence from a forensic perspective. There is a purpose.

The present invention for achieving the above object includes a blockchain network, a sender terminal used by a sender who creates and sends an email in the process of sending/receiving an email, and the sender terminal receives the sent email. In an email sending/receiving system that includes a recipient terminal used by a viewing recipient, email synthesis including sender information (email address), recipient information (email address), email subject, and sending time information from sent/received emails. A system server that stores information, stores the hash value and transaction of the block for the comprehensive information of the transmitted email generated from the system server, and when the transmitted email is received at the recipient terminal, the hash value of the block for the email reception information according to the reception and a blockchain network that stores transactions, a sender terminal that generates email information to be sent to the recipient, connects to the system server and sends an email to be sent to the recipient, and sends the email information generated in the sender terminal from the system server. It is configured to include a recipient terminal that receives the sender's email information by searching it from the blockchain network.

In addition, the system server is configured to group hash values and transactions of blocks stored in the blockchain network and store the group as a merkle root.

In addition, the system server groups the viewing records (reception records) of the comprehensive email information corresponding to the emails received by the recipient terminal, the viewing records of the comprehensive email information for each group and a hash value corresponding to the reading records, It consists of storing the Merkle tree of the group.

In addition, the system server is configured to group administrator authority change records and store the authority change records for each group, the hash value of the authority change records, and the Merkle tree of the group.

In addition, the system server is configured to include an administrator terminal that manages the stored comprehensive e-mail information, and when a request for administrator privilege change occurs, transmits the privilege change request and administrator authentication information to the system server and records the administrator privilege change. It further includes grouping and storing the permission change record for each group, the hash value of the permission change record, and the Merkle tree of the group.

In addition, the system server, when there is a request to confirm forgery and falsification of comprehensive email information from the administrator terminal, Receives the hash value of comprehensive email information from the blockchain network, calculates the hash value from the comprehensive email information stored in the system server, and compares it with the hash value transmitted from the blockchain network to check whether the comprehensive email information has been forged or altered. It further includes confirming and transmitting a forgery or alteration confirmation message to the administrator terminal.

In addition, the manager terminal is characterized in that, when forgery and forgery are confirmed in the comprehensive email information, it transmits a message that forgery has occurred to the email addresses corresponding to the sender terminal and the recipient terminal.

In addition, the system server assigns a separate email ID corresponding to the email generated through the sender terminal, and stores the hash value of the email ID block and the transaction together in the blockchain network.

In addition, the email ID is assigned by the system server according to each email transmission, and includes unique ID information assigned to each address to identify the email address information of the sender terminal, email subject, email time, and email capacity. It is generated by combining classification ID information that identifies comprehensive email information, and the email ID is stored separately in the system server.

In addition, when the email ID is sent from the same sender, the unique ID information is the same, but a new classification ID that identifies the comprehensive email information is created, and when the email is sent from the first sender, the unique ID information is stored in the system. It is characterized by searching on the server, issuing a new one, storing unique ID information, assigning a classification ID, and storing it in the blockchain network.

In addition, the classification ID obtains the entire capacity information value of the email capacity information including the email title, email body, email time, and attached files, and stores the block hash value and transaction for the capacity information value on the blockchain. It is characterized by being stored together on the network.

In addition, the capacity information value is obtained by obtaining the file title information for the attached file as a byte value when an attached file is included in the sent email, and obtaining the extension information of the attached file to obtain the hash value of the block for this. and transactions are stored together in the blockchain network.

The present invention, which is constructed and operates as described above, can easily implement effective receipt confirmation and non-repudiation functions by publicly managing long-term email transmission and reception history, and through blockchain technology, multiple organizations can use one blockchain efficiently. It can be operated as

In addition, it has the advantage of providing an email function that can safely protect recipients from phishing or social engineering attacks by third parties impersonating others that occur in the digital society.

1 and 2 are screens showing an example of a secure email format according to the prior art;
Figure 3 is a configuration diagram of an email receipt confirmation and non-repudiation system using blockchain according to the present invention;
Figure 4 is a flowchart of the transmission process in the email reception confirmation and non-repudiation system using blockchain according to the present invention;
Figure 5 is a flowchart of the reception process in the email reception confirmation and non-repudiation system using blockchain according to the present invention;
Figure 6 is a flow chart showing the sender's email cancellation process in the email reception confirmation and non-repudiation system using blockchain according to the present invention;
Figure 7 is a configuration diagram showing the information leakage prevention process in the email reception confirmation and non-repudiation system using blockchain according to the present invention;
Figure 8 is a configuration diagram showing the recipient's response structure to an APT attack in the email reception confirmation and non-repudiation system using blockchain according to the present invention;
Figure 9 is a flowchart of the blockchain storage process stored in the blockchain in the email reception confirmation and non-repudiation system using the blockchain according to the present invention;
Figure 10 is a flowchart of a viewing request according to a user terminal in an email reception confirmation and non-repudiation system using a blockchain according to the present invention.

Hereinafter, with reference to the attached drawings, the email reception confirmation and non-repudiation system using blockchain according to the present invention will be described in detail as follows.

The email receipt confirmation and non-repudiation system using blockchain according to the present invention includes a blockchain network, a sender terminal used by a sender who creates and sends an email during the email sending/receiving process, and the sender terminal used to send the email. In an email sending/receiving system that includes a recipient terminal used by a recipient who receives and reads an email, sender information (email address), recipient information (email address), email title, and sending time information are collected from the sent/received email. A system server that stores comprehensive email information, which stores block hash values and transactions for transmitted email comprehensive information generated from the system server, and when a transmitted email is received at the recipient terminal, the email reception information is A blockchain network that stores the hash value of the block and the transaction, generates email information to be sent to the recipient, a sender terminal that connects to the system server and sends an email to be sent to the recipient, and email information generated in the sender terminal. It is configured to include a recipient terminal that receives information from the system server and receives the sender's email information by searching it from the blockchain network.

The email reception confirmation and non-repudiation system using blockchain according to the present invention provides information corresponding to all emails sent, such as the email address, sender, email subject, and sending time, corresponding to the email sent/received by the sender and recipient. The main technical point is about an email verification system that can verify email receipt and secure the reliability of sending/receiving emails by generating and storing comprehensive email information and creating and storing it as block hash values and transactions in the blockchain network. Do this.

Figure 3 is a configuration diagram of an email reception confirmation and non-repudiation system using blockchain according to the present invention.

The system of the present invention includes a blockchain network to provide a blockchain-based email verification system, and includes an email transmission/reception system including a sender terminal and a recipient terminal.

The sender terminal 100 and the receiver terminal 300 each generate a transmission email for sending mail, and the receiver terminal 300 receives the email generated from the sender terminal 100.

The system server 200 stores comprehensive email information including sender information (email address), recipient information (email address), email title, and sending time information in sent/received emails.

Here, the email comprehensive information corresponds to all information about sent/received emails, and when an email to be sent through the sender terminal is created, one email comprehensive information is created and stored in the system server 200.

The blockchain network 400 stores the block hash value and transaction for the comprehensive information of the transmitted email generated from the system server, and when the transmitted email is received at the recipient terminal 300, the email reception information according to the reception is stored. Stores the hash value and transaction of the block.

The blockchain network 200 stores the hash value of the block for comprehensive email information generated from the system server. Blockchain is a technology in which the ledger recording data information is distributed to a P2P network rather than a central server of a specific organization, and computing devices participating in the network jointly record and manage it. The existing system had a random central manager who was responsible for confirming and clearing data between both parties and storing transaction records, but blockchain ultimately made the role of such a central manager unnecessary, lowering the infrastructure costs of the system and allowing blockchain to There is also the advantage that the more computing devices participate, the greater the integrity of the data.

As shown, multiple transactions are created and stored in one block, and the comprehensive email information is stored through these transactions.

Meanwhile, the present invention stores the hash value of the block stored in the blockchain network in the form of a Merkle tree.

The system server according to the present invention stores the Merkle root in the blockchain network by creating a transaction containing the Merkle root as data and disseminating it to the blockchain network. The system server 100 stores the transaction ID of the transaction or the blockchain address used to create the transaction for each group. By searching the transaction ID or the blockchain address in the blockchain network, you can check the corresponding Merkle root stored in the blockchain network.

The transaction ID or the blockchain address is information used to specify the transaction in the blockchain network, and the system server may store only one of the transaction ID and the blockchain address. If you know the transaction ID, you can check the transaction on the blockchain network and check the blockchain address. If you know the blockchain address, you can check the transaction ID.

The Merkle tree used in the present invention means that even if there is an attempt to forge comprehensive email information, if you follow the Merkle path of the Merkle tree, a different hash value will be obtained, allowing forgery and falsification of records to be immediately detected and prevented. there is. In the present invention, comprehensive information about emails is grouped and stored, and one hash value, or Merkle root, is stored for each group in the blockchain network. If the Merkle tree structure is not used for grouping, if the email comprehensive information is forged and altered, it can only be confirmed that the forged comprehensive information exists in the group, and the forged comprehensive information cannot be specified.

By using the Merkle tree structure, it is possible to specify forged comprehensive information within the group without storing only the Merkle root of the group in the blockchain network and storing all email comprehensive information hash values.

Therefore, in the present invention, comprehensive email information is stored/managed in a Merkle tree structure. If the Merkle tree structure is not used because the comprehensive information is not grouped, the system server stores the comprehensive information and stores the hash value for this record in the blockchain network. The system server stores the hash value in the blockchain network by creating a transaction containing the hash value as data and disseminating it to the blockchain network. The system server stores the transaction ID of the transaction or the blockchain address used to create the transaction for each comprehensive information. By searching the transaction ID or the blockchain address in the blockchain network, you can check the corresponding hash value stored in the blockchain network.

Meanwhile, if there is a request to confirm forgery or falsification of the comprehensive email information, the system server Receive the hash value of the comprehensive email information from the blockchain network, calculate the hash value from the comprehensive email information stored in the system server, and compare it with the hash value transmitted from the blockchain network to determine whether the comprehensive email information has been forged or altered. Check .

In order to prevent external intrusion or intentional manipulation, if forgery or alteration of the comprehensive email information occurs, the system server checks whether forgery or alteration and provides it.

The administrator terminal 300 is an administrator terminal that comprehensively manages comprehensive information resulting from email creation. For example, it corresponds to a terminal of an account provider that provides email hosting, or a terminal that comprehensively manages the system server. .

In addition, the administrator terminal 300 may correspond to a terminal used by the person in charge of each organization to change and upload each information when information changes in a series of situations such as email transmission and reception, forgery attempts, external attacks, etc. . At this time, the administrator terminal 300 may be an organization that manages the comprehensive email information, and may be composed of a plurality of administrator terminals that directly participate in the blockchain node.

Let's look at the email transmission process, reception confirmation, and recovery process through Figures 4 to 6 below.

Figure 4 is a flowchart of the transmission process in the email reception confirmation and non-repudiation system using blockchain according to the present invention.

The email sending process is the process of sending an email to a recipient. The sender writes an email, calculates the hash value in the header and body of the block stored in the blockchain, and then compiles the information to create a transaction, that is, creates comprehensive email information. After creating a transaction by sending it to the blockchain, an email is finally sent to the recipient.

Figure 5 is a flowchart of the reception process in the email reception confirmation and non-repudiation system using blockchain according to the present invention.

Receipt prevention and non-repudiation are the processes of publicly viewing the mail sent by the sender and recording the search history. When the mail is viewed through the recipient terminal 300, a reception confirmation function is activated to the sender as a basic function, and then a block is sent. After checking the chain based on the sender's e-mail address and e-mail ID to confirm the actual sent email, the inquiry history is created and stored as a block transaction.

Through this, non-repudiation of reception can be accurately resolved because the inquiry records of emails viewed on the recipient's terminal are stored on the blockchain.

At this time, the email ID is assigned through a separate combination method, which is stored separately on the system server to facilitate DB management and to be stored and identified separately in addition to blockchain storage. For this purpose, the email ID is assigned by the system server according to each email transmission, and includes unique ID information assigned to each address to identify the email address information of the sender terminal, email title, email time, and email capacity information. By combining and generating classification ID information that identifies the comprehensive email information included, the ease and identification of the storage DB can be improved.

Figure 6 is a flowchart showing the sender's email cancellation process in the email reception confirmation and non-repudiation system using blockchain according to the present invention.

In the process of canceling (cancelling) an email sent through the sender's terminal, if the sender cancels sending the email before the recipient confirms the email, this corresponds to the process of recording an interruption record in the blockchain. The sender first performs a retrieval function on the recipient to retrieve the sent email, and then creates a retrieval transaction on the blockchain and records the e-mail ID to be terminated.

In this case as well, as described above, when a cancellation request is made for a sent email, a record of the cancellation is recorded on the blockchain and a transaction for the cancellation record is created and stored.

In addition, in the present invention, in order to identify various information about comprehensive email information, the classification ID information includes the total capacity information value of the email capacity information including the email title, email body, email time, and attached files, and the capacity is obtained. The hash value of the block for the information value and the transaction are stored together in the blockchain network. When sending an email, the email subject, email body, and email sending time information are essentially created (here, omitted for emails without a subject or body), and an attachment is attached here to send the email. At this time, more accurate email verification can be performed by extracting the entire capacity information for one email and storing it in the blockchain. The capacity information value obtains the file title information for the attachment as a byte value when an attached file is included in the sent email, obtains the extension information of the attachment, and obtains the hash value of the block and transaction for this. is stored together in the blockchain network.

Figures 7 and 8 show the structure of information leak prevention and recipient response to APT attacks in the email reception confirmation and non-repudiation system using blockchain according to the present invention.

From an information protection perspective, only information about the organization is disclosed, so attackers cannot guess additional information and cannot send offensive emails using this information, so the information protection function can be supplemented.

If the recipient also receives an attack email from a third party impersonating another person, the non-repudiation function allows the recipient to recognize that the email sent is an impersonation email, and can be used to actively respond after recognition.

Figure 9 is a flowchart of the blockchain storage process in the email receipt confirmation and non-repudiation system using the blockchain according to the present invention.

Regarding the generated email comprehensive information, the system server 100 enters the input (generated) email comprehensive information in step 1-1. And the first and second steps are to group the email comprehensive information and store the comprehensive information, comprehensive information hash value, and Merkle tree for each group, and the first and third steps are to store the hash value and Merkle tree for the comprehensive information. Then, the system server 100 requests the blockchain network 200 to store the Merkle root and stores the Merkle root in the blockchain network.

Figure 10 is a flowchart of a viewing request according to a user terminal in the email receipt confirmation and non-repudiation system using blockchain according to the present invention.

When a request to view email comprehensive information occurs from the administrator terminal or user terminal, the system server transmits a request to view comprehensive information and administrator authentication information to the system server, and groups the viewing records of comprehensive information to provide comprehensive information for each group. Stores the hash value of the browsing records and comprehensive information browsing records, and the Merkle tree of the group.

At this time, when a change in the e-mail guardian information (adoption, distribution) occurs, the administrator terminal uploads the user terminal information corresponding to the guardian and requests the new user information to be stored on the system server to change the e-mail guardian information. Change the permission information so that you can check the comprehensive information of the email.

In addition, when a request for an administrator privilege change occurs from the administrator terminal, the system server transmits a privilege change request and administrator authentication information to the system server, groups the administrator privilege change record, and records the privilege change record and privilege change record for each group. Stores the hash value and Merkle tree of the group.

In addition, when there is a request to confirm forgery and falsification of comprehensive information from the administrator terminal, the system server, Receives a hash value of the comprehensive information from the blockchain network, calculates the hash value from the comprehensive information stored in the system server, and checks whether the comprehensive information has been forged or altered by comparing it with the hash value transmitted from the blockchain network, A confirmation message for forgery or alteration is transmitted to the manager terminal.

Although the present invention has been described and illustrated in connection with preferred embodiments for illustrating the principles of the present invention, the present invention is not limited to the construction and operation as so shown and described. Rather, those skilled in the art will appreciate that many changes and modifications can be made to the present invention without departing from the spirit and scope of the appended claims. Accordingly, all such appropriate changes, modifications and equivalents shall be considered to fall within the scope of the present invention.

100: Sender terminal
200: system server
210: Administrator terminal
300: Recipient terminal
400: Blockchain network

Claims (12)

delete delete delete delete A blockchain network that includes a sender terminal used by a sender who creates and sends an email during the email sending/receiving process, and a receiver terminal used by the recipient who receives and views the email sent by the sender terminal. In the email receipt confirmation and non-repudiation system using,
A system server that stores comprehensive email information including sender information (email address), recipient information (email address), email title, and sending time information in sent/received emails;
A blockchain that stores the block hash value and transaction for the comprehensive information on transmitted emails generated from the system server, and when the transmitted email is received at the recipient terminal, it stores the hash value of the block and transaction for the email reception information according to the reception. network;
a sender terminal that generates email information to be sent to the recipient, and connects to the system server to send an email to be sent to the recipient; and
It includes a recipient terminal that receives email information generated by the sender terminal from the system server, and receives the sender's email information by inquiring from the blockchain network;
The system server records a viewing record of comprehensive email information including sender information (email address), recipient information (email address), email title, and sending time information, which is the comprehensive email information corresponding to the email received by the recipient terminal ( Receive records) are grouped, and the viewing records of the grouped email comprehensive information, the hash values corresponding to the viewing records, and the Merkle tree of the group are stored,
When there is a request to confirm forgery and alteration of the grouped email comprehensive information from the administrator terminal, the system server receives the hash value of the grouped email comprehensive information from the blockchain network and stores the grouped email comprehensive information stored in the system server. Calculate the hash value from
Verifies whether the grouped email comprehensive information has been forged or altered by comparing it with the hash value transmitted from the blockchain network, and sends a message confirming whether the grouped email information has been forged or altered to the administrator terminal.
When forgery is confirmed in the grouped email comprehensive information, the manager terminal sends a message that forgery has occurred to the email addresses corresponding to the sender terminal and the recipient terminal.
The system server assigns a separate email ID to the email generated and transmitted through the sender terminal, and stores the hash value and transaction of the email ID block together in the blockchain network.
The email ID includes unique ID information assigned to each email address to identify the email address information of the sender terminal, and email subject, email time, and email volume. It is created by combining classification ID information that identifies comprehensive information, and the email ID is also stored separately on the system server.
When an email is sent from the same sender, the unique ID information is the same, but a new classification ID that identifies the comprehensive email information is created. When an email is sent from the sender for the first time, the unique ID information is stored in the system server. After searching, a new unique ID is issued, the unique ID information is stored, and a classification ID is assigned and stored in the blockchain network.
The classification ID obtains the entire capacity information value of the email capacity information including the email title, email body, email time, and attached files, and sends the block hash value and transaction for the capacity information value to the blockchain network. Save it together
The capacity information value obtains the file title information for the attachment as a byte value when an attached file is included in the sent email, obtains the extension information of the attachment, and obtains the hash value of the block and transaction for this. An email reception confirmation and non-repudiation system using blockchain that is configured by storing the information together in the blockchain network. The method of claim 5, wherein the system server:
An email reception confirmation and non-repudiation system using blockchain that includes grouping hash values and transactions of blocks stored in the blockchain network and storing the group as a merkle root. delete The method of claim 6, wherein the system server:
An email receipt confirmation and non-repudiation system using blockchain that includes grouping administrator authority change records and storing the authority change records for each group, the hash value of the authority change records, and the Merkle tree of the group. The method of claim 5, wherein the system server:
It is configured to include an administrator terminal that manages the stored comprehensive email information,
When an administrator permission change request occurs, the permission change request and administrator authentication information are transmitted to the system server, and the administrator permission change records are grouped to store the permission change record for each group, the hash value of the permission change record, and the Merkle tree of the group. An email reception confirmation and non-repudiation system using blockchain that further includes: delete delete delete