KR20170033575A - Device for receiving key data, server for providing decoding procedure and device for sending key data - Google Patents
Device for receiving key data, server for providing decoding procedure and device for sending key data Download PDFInfo
- Publication number
- KR20170033575A KR20170033575A KR1020150131488A KR20150131488A KR20170033575A KR 20170033575 A KR20170033575 A KR 20170033575A KR 1020150131488 A KR1020150131488 A KR 1020150131488A KR 20150131488 A KR20150131488 A KR 20150131488A KR 20170033575 A KR20170033575 A KR 20170033575A
- Authority
- KR
- South Korea
- Prior art keywords
- decryption
- procedure
- encrypted data
- decryption procedure
- procedures
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0457—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply dynamic encryption, e.g. stream encryption
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The apparatus for receiving encrypted data includes an encrypted data receiving unit for receiving encrypted encrypted data based on an encryption key from an encrypted data transmitting apparatus, and an encrypted data receiving unit for receiving at least one decrypted procedure generated based on an encryption key from a decryption procedure providing server And at least one decryption procedure is configured to decrypt the encrypted data and determine whether or not the decryption has been completed.
Description
The present invention relates to an encrypted data receiving apparatus, a decryption procedure providing server, and an encrypted data transmitting apparatus.
"Encryption" refers to the conversion of data in the form of ciphertexts whose meaning is unknown, and it is possible to protect the data by encrypting the data to prevent the outflow of data. Encryption means to convert information into ciphertext using a cryptographic key, and decryption means to restore original information using a decryption key. The original data can not be restored except for the person having the decryption key, and the information can be protected if the decryption key is not leaked to the third party.
In connection with this encryption technique, Korean Unexamined Patent Publication No. 2006-0051957 discloses a method for distributing encrypted data, an encryption device, a decryption device, an encryption program, and a decryption program.
However, in a data encryption environment based on a cryptographic key / decryption key, there is a possibility that a cryptographic key and encrypted data may be leaked. If both the information are exposed, there is a risk that anyone can decrypt or encrypt the data.
The cryptographic data receiver includes a cryptographic data receiving device for receiving a procedure used for decryption from the decryption procedure providing server and decrypting the decrypted cryptographic data so that the decrypted cryptographic data can be decrypted without forwarding the cryptographic key from the sender, And an encrypted data transmitting apparatus. Decryption information (key, encryption decryption data) commonly provided between the encryption data sender, the encryption data receiver, and the decryption procedure providing server does not exist, thereby reducing the risk of data leakage and improving the security. A receiving apparatus, a decryption procedure providing server, and an encrypted data transmitting apparatus. It is another object of the present invention to provide an encrypted data receiving apparatus, a decryption proxy providing server, and an encrypted data transmitting apparatus that enable dynamic control of a decryption process by changing a decryption procedure. It is to be understood, however, that the technical scope of the present invention is not limited to the above-described technical problems, and other technical problems may exist.
According to an aspect of the present invention, there is provided a cryptographic apparatus including a cryptographic data receiving unit for receiving cryptographic data encrypted based on a cryptographic key from a cryptographic data transmitting apparatus, And a decryption procedure receiving unit for receiving at least one decryption procedure generated based on the key, wherein the at least one decryption procedure is configured to decrypt the encrypted data and determine whether or not the decryption has been completed can do.
According to another embodiment of the present invention, there is provided a communication apparatus including a receiving unit that receives an encryption key from an encrypted data transmission apparatus, a procedure generation unit that generates at least one decryption procedure based on the encryption key, The encrypted data is transmitted from the encrypted data transmission apparatus to the encrypted data reception apparatus, and the at least one decryption procedure is transmitted from the encrypted data transmission apparatus to the encrypted data reception apparatus, And decrypting the encrypted data and determining whether or not the decryption has been completed.
According to another embodiment of the present invention, there is provided a data processing apparatus including an encryption unit for generating encryption data for original data based on an encryption key, and a transmission unit for transmitting the generated encryption key to a decryption procedure server, And at least one decryption procedure is generated by the decryption procedure server based on the encryption key, and then transmitted to the encrypted data receiving apparatus, and the at least one decryption procedure is transmitted to the encrypted data receiving apparatus, And decides whether or not the decryption has been completed.
The above-described task solution is merely exemplary and should not be construed as limiting the present invention. In addition to the exemplary embodiments described above, there may be additional embodiments described in the drawings and the detailed description of the invention.
According to any one of the above-mentioned objects of the present invention, the cryptographic data receiver can decrypt the cryptographic data by receiving a procedure used for decryption from the decryption procedure providing server, It is possible to provide an encrypted data receiving apparatus, a decryption procedure providing server, and an encrypted data transmitting apparatus. Decryption information (key, encryption decryption data) commonly provided between the encryption data sender, the encryption data receiver, and the decryption procedure providing server does not exist, thereby reducing the risk of data leakage and improving the security. It is possible to provide a receiving apparatus, a decryption procedure providing server, and an encrypted data transmitting apparatus. It is also possible to provide an encrypted data receiving apparatus, a decrypting proxy providing server, and an encrypted data transmitting apparatus that can dynamically control the decryption process by changing a decryption procedure or the like.
1 is a configuration diagram of an encryption data system according to an embodiment of the present invention.
2 is a configuration diagram of an encrypted data transmitting apparatus according to an embodiment of the present invention.
3 is a flowchart of a method of transmitting cryptographic data in an encrypted data transmission apparatus according to an embodiment of the present invention.
4 is a configuration diagram of a decryption procedure providing server according to an embodiment of the present invention.
5 is an exemplary diagram illustrating a process of generating a decryption procedure based on an encryption key in a decryption procedure providing server according to an embodiment of the present invention.
6 is a flowchart of a method of providing a decryption procedure in a decryption procedure providing server according to an embodiment of the present invention.
7 is a configuration diagram of an encrypted data receiving apparatus according to an embodiment of the present invention.
8 is an exemplary diagram illustrating a process of decrypting encrypted data using a decryption procedure in an encrypted data receiving apparatus according to an embodiment of the present invention.
9 is a flowchart of a method for receiving cryptographic data in a cryptographic data receiving apparatus according to an embodiment of the present invention.
Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings, which will be readily apparent to those skilled in the art. The present invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. In order to clearly illustrate the present invention, parts not related to the description are omitted, and similar parts are denoted by like reference characters throughout the specification.
Throughout the specification, when a part is referred to as being "connected" to another part, it includes not only "directly connected" but also "electrically connected" with another part in between . Also, when an element is referred to as "including" an element, it is to be understood that the element may include other elements as well as other elements, And does not preclude the presence or addition of one or more other features, integers, steps, operations, components, parts, or combinations thereof.
In this specification, the term " part " includes a unit realized by hardware, a unit realized by software, and a unit realized by using both. Further, one unit may be implemented using two or more hardware, or two or more units may be implemented by one hardware.
In this specification, some of the operations or functions described as being performed by the terminal or the device may be performed in the server connected to the terminal or the device instead. Similarly, some of the operations or functions described as being performed by the server may also be performed on a terminal or device connected to the server.
Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings.
1 is a configuration diagram of an encryption data system according to an embodiment of the present invention. 1, the
Each component of the
A network refers to a connection structure in which information can be exchanged between nodes such as terminals and servers. An example of such a network is Wi-Fi, Bluetooth, Internet, LAN Network, wireless LAN, WAN, PAN, 3G, 4G, 5G, LTE, and the like.
The encrypted
The encrypted
The
For example, whether or not the decoding has been completed may be determined when a specific instruction word is input to the decoded decoded data and the output value is output as a predetermined value or when the size of the decoded data matches the predetermined size . Further, each of the decryption procedures can be executed independently, and different portions of the encrypted data can be decrypted at different points in time.
The
The
The
The encrypted
The encrypted
Here, the decryption procedure that has been decrypted in at least one of the decryption procedures can check whether there is a decryption procedure corresponding to the next distribution sequence. For example, each of the decryption procedures is given an ID by the
In addition, at least one of the decryption procedures may sequentially decrypt the encrypted data in accordance with the distribution order, and determine whether or not the decryption has been completed. For example, each of the decryption procedures can decrypt different parts of the encrypted data as a unit of decryption. Further, each of the decoding procedures can determine whether decoding has been completed based on a change in the output value, size, or size of the decoded data decoded by the respective decoding procedures.
At this time, each of the decryption procedures can be deleted based on whether or not the decryption has been completed. Further, each of the decryption procedures can be deleted based on the presence or absence of a decryption procedure corresponding to the next distribution sequence. That is, the decrypted decryption procedure can be deleted by itself, or can be deleted when receiving the deletion command from the
2 is a configuration diagram of an encrypted data transmitting apparatus according to an embodiment of the present invention. Referring to FIG. 2, the encrypted
The
The transmitting
3 is a flowchart of a method of transmitting cryptographic data in an encrypted data transmission apparatus according to an embodiment of the present invention. The method of transmitting the cipher data performed by the cipher
In step 310, the encrypted
In the above description, steps S310 to S320 may be further divided into additional steps or combined into fewer steps, according to an embodiment of the present invention. Also, some of the steps may be omitted as necessary, and the order between the steps may be changed.
4 is a configuration diagram of a decryption procedure providing server according to an embodiment of the present invention. 4, the decryption
The receiving
The
The
The
In addition, the
The decryption
A process of generating and transmitting the above-described decryption procedure will be described in detail with reference to FIG.
5 is an exemplary diagram illustrating a process of generating a decryption procedure based on an encryption key in a decryption procedure providing server according to an embodiment of the present invention. 5, the receiving
The
For example, suppose that the 'decryption procedure 2' 520 reflecting the encryption key is transmitted to the encrypted
The
The decryption
Returning to FIG. 2, the deleting
6 is a flowchart of a method of providing a decryption procedure in a decryption procedure providing server according to an embodiment of the present invention. The method for providing the decryption procedure performed by the decryption
In step S610, the decryption
Although not shown in FIG. 6, the decryption
Although not shown in FIG. 6, the decryption
Although not shown in Fig. 6, the decryption
In the above description, steps S610 to S630 may be further divided into further steps or combined into fewer steps, according to an embodiment of the present invention. Also, some of the steps may be omitted as necessary, and the order between the steps may be changed.
7 is a configuration diagram of an encrypted data receiving apparatus according to an embodiment of the present invention. The encrypted
The encrypted
The decryption
At this time, at least one of the decryption procedures can sequentially decrypt the encrypted data in accordance with the distribution order and determine whether or not the decryption has been completed. Each of the decryption procedures decrypts different portions of the encrypted data as a unit of decryption, and can determine whether or not the decryption has been completed based on the change in the output value or the size of the decrypted data.
When the decoding
Further, each of the decryption procedures can be deleted based on whether or not the decryption has been completed, and can be deleted based on the presence or absence of the decryption procedure corresponding to the next distribution sequence.
A procedure management unit (not shown) can manage the respective decryption procedures. For example, the procedure management unit manages the download schedule of the decryption procedure, and can transmit the decryption procedure status information to the
8 is an exemplary diagram illustrating a process of decrypting encrypted data using a decryption procedure in an encrypted data receiving apparatus according to an embodiment of the present invention. Referring to FIG. 8, the encrypted
For example, when the cryptographic
The 'cryptographic key reflecting decryption procedure 2' 814 temporarily stores the decryption result 815 of the cryptographic data in the
The 'encryption key reflecting decoding procedure 3' 818 temporarily stores the decryption result 819 of the encrypted data in the
The 'cryptographic key reflecting and decoding procedure 4' 822 stores the decryption result 823 of the cryptographic data in the
In this way, for example, when there are ten cryptographic key reflecting decoding procedures, the cryptographic key reflecting decoding procedure can sequentially decode different parts according to the distribution order, and the cryptographic
9 is a flowchart of a method for receiving cryptographic data in a cryptographic data receiving apparatus according to an embodiment of the present invention. The method for receiving the cipher data performed by the cipher
In step S910, the encrypted
In step S920, the encrypted
For example, the encrypted
Further, each of the decryption procedures may be configured to be deleted based on whether or not the decryption has been completed, and may be deleted based on the presence or absence of a decryption procedure corresponding to the next distribution sequence.
In the above description, steps S910 to S920 may be further divided into further steps or combined into fewer steps, according to an embodiment of the present invention. Also, some of the steps may be omitted as necessary, and the order between the steps may be changed.
The method for receiving the encrypted data in the encrypted data receiving apparatus described with reference to Figs. 1 to 9 can also be embodied in the form of a recording medium including a computer program stored in a medium executed by the computer or an instruction executable by the computer have. In addition, the method for receiving the encrypted data in the encrypted data receiving apparatus described with reference to Figs. 1 to 9 may also be implemented in the form of a computer program stored in a medium executed by the computer. Computer readable media can be any available media that can be accessed by a computer and includes both volatile and nonvolatile media, removable and non-removable media. In addition, the computer-readable medium may include both computer storage media and communication media. Computer storage media includes both volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. Communication media typically includes any information delivery media, including computer readable instructions, data structures, program modules, or other data in a modulated data signal such as a carrier wave, or other transport mechanism.
It will be understood by those skilled in the art that the foregoing description of the present invention is for illustrative purposes only and that those of ordinary skill in the art can readily understand that various changes and modifications may be made without departing from the spirit or essential characteristics of the present invention. will be. It is therefore to be understood that the above-described embodiments are illustrative in all aspects and not restrictive. For example, each component described as a single entity may be distributed and implemented, and components described as being distributed may also be implemented in a combined form.
The scope of the present invention is defined by the appended claims rather than the detailed description and all changes or modifications derived from the meaning and scope of the claims and their equivalents are to be construed as being included within the scope of the present invention do.
110: Password data transmitting device
120: Decryption procedure providing server
130: Password data receiving device
210:
220:
410:
420: Procedure generating unit
430: ID generation unit
440: Distribution Order Scheduler
450: decoded procedure transmission unit
460:
710:
720: decoding procedure receiver
Claims (21)
An encrypted data receiving unit for receiving the encrypted data encrypted based on the encryption key from the encrypted data transmitting apparatus; And
A decoding procedure receiver for receiving at least one decoding procedure generated based on the encryption key from a decoding procedure providing server
Lt; / RTI >
Wherein the at least one decryption procedure is configured to decrypt the encrypted data and determine whether or not the decryption has been completed.
Wherein each of the decryption procedures is configured to decrypt different parts of the encrypted data as a unit of decryption.
Whether or not the decryption has been completed is determined based on a change in the output value, size, or size of decrypted data decrypted by the respective decryption procedures.
Wherein the at least one decryption procedure is configured to sequentially decrypt the encrypted data according to a distribution order.
Wherein the decryption procedure receiver is configured to sequentially receive the at least one decryption procedure based on whether or not the decryption has been completed for each of the decryption procedures and the distribution procedure.
Wherein the decryption procedure that has been decrypted among the at least one decryption procedure is configured to check whether there is a decryption procedure corresponding to the next distribution sequence.
Wherein each of the decryption procedures is given an ID by the decryption procedure server and is provided with an ID of a decryption procedure corresponding to a next distribution sequence based on the distribution procedure,
Wherein the decryption procedure that has been decrypted is configured to check whether a decryption procedure corresponding to the next distribution sequence exists in the encrypted data reception apparatus by using the ID of the decryption procedure corresponding to the next distribution sequence, Device.
When the decryption procedure corresponding to the next distribution sequence of the decrypted decryption procedure is not present in the encrypted data reception apparatus,
Wherein the decrypted decryption procedure transmits its ID to the decryption procedure providing server,
Wherein the decryption procedure receiving unit is configured to receive a decryption procedure corresponding to the next distribution sequence from the decryption procedure providing server.
Wherein each of the decryption procedures is configured to be deleted based on whether or not the decryption has been completed.
Wherein each of the decryption procedures is configured to be deleted based on whether or not there is a decryption procedure corresponding to a next distribution sequence.
A receiving unit for receiving an encryption key from an encrypted data transmitting apparatus;
A procedure generator for generating at least one decoding procedure based on the encryption key; And
A decryption procedure transmission unit for transmitting the at least one decryption procedure to the encrypted data receiving apparatus,
Lt; / RTI >
Wherein the encryption key encrypts the original text data with encrypted data,
The encrypted data is transmitted from the encrypted data transmission device to the encrypted data reception device,
Wherein the at least one decryption procedure is configured to decrypt the encrypted data and to determine whether or not the decryption has been completed.
Wherein the procedure generation unit is configured to generate the at least one decryption procedure configured as one set based on the encryption key.
Wherein each of the decryption procedures is configured to decrypt different parts of the encrypted data as a unit of decryption.
Wherein the completion of the decryption is determined based on a change in an output value, a size, or a size of decrypted data in which a part of the encrypted data is decrypted.
And a distribution order scheduler for determining a distribution order for the at least one decoding procedure
Further comprising:
Wherein the at least one decryption procedure is configured to sequentially decrypt the encrypted data according to the distribution order.
Wherein the decryption procedure transmission unit is configured to sequentially transmit the at least one decryption procedure based on whether or not the decryption has been completed for each of the decryption procedures and the distribution procedure.
Wherein the decrypted procedure of the at least one decryption procedure is configured to check whether a decryption procedure corresponding to the next distribution sequence exists.
An ID generation unit for generating and giving an ID corresponding to each of the at least one decoding procedure,
And further comprising:
Wherein the distribution sequence scheduler provides the IDs of the decryption procedures corresponding to the next distribution sequence to the respective decryption procedures based on the distribution sequence,
Wherein the decrypted procedure is configured to check whether a decryption procedure corresponding to the next distribution sequence exists in the encrypted data reception apparatus by using the ID of the decryption procedure corresponding to the next distribution sequence, .
A deletion unit configured to receive the completion of the decoding from each of the decoding procedures and to transmit a delete command to each of the decoding procedures based on whether or not the decoding is completed,
Lt; / RTI > Decryption procedure providing server.
An encryption unit for generating encrypted data for original data based on the encryption key; And
A transmitting unit for transmitting the generated encryption key to a decryption procedure server and transmitting the encrypted data to an encrypted data receiving apparatus,
Lt; / RTI >
At least one decryption procedure is generated by the decryption procedure server based on the encryption key, and then transmitted to the encrypted data reception device,
Wherein the at least one decryption procedure is configured to decrypt the encrypted data and determine whether or not the decryption has been completed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| KR1020150131488A KR20170033575A (en) | 2015-09-17 | 2015-09-17 | Device for receiving key data, server for providing decoding procedure and device for sending key data |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| KR1020150131488A KR20170033575A (en) | 2015-09-17 | 2015-09-17 | Device for receiving key data, server for providing decoding procedure and device for sending key data |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| KR20170033575A true KR20170033575A (en) | 2017-03-27 |
Family
ID=58497030
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| KR1020150131488A KR20170033575A (en) | 2015-09-17 | 2015-09-17 | Device for receiving key data, server for providing decoding procedure and device for sending key data |
Country Status (1)
| Country | Link |
|---|---|
| KR (1) | KR20170033575A (en) |
-
2015
- 2015-09-17 KR KR1020150131488A patent/KR20170033575A/en unknown
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP2016513825A (en) | Safety communication method and apparatus | |
| EP3476078B1 (en) | Systems and methods for authenticating communications using a single message exchange and symmetric key | |
| CN104821944A (en) | Hybrid encrypted network data security method and system | |
| CN111371790B (en) | Data encryption sending method based on alliance chain, related method, device and system | |
| CN106411504B (en) | Data encryption system, method and device | |
| CN110401527B (en) | Data encryption and decryption method and device and storage medium | |
| US10050964B2 (en) | Method and system for securing data communicated in a network | |
| US20150229621A1 (en) | One-time-pad data encryption in communication channels | |
| CN105007254A (en) | Data transmission method and system, and terminal | |
| CN113300999B (en) | Information processing method, electronic device, and readable storage medium | |
| CN105959281A (en) | File encrypted transmission method and device | |
| CN112087302A (en) | Device for encrypting and decrypting algorithm of asymmetric dynamic token | |
| CN111181944A (en) | Communication system, information distribution method, device, medium, and apparatus | |
| CN114499836A (en) | Key management method, key management device, computer equipment and readable storage medium | |
| CN114338005A (en) | Data transmission encryption method and device, electronic equipment and storage medium | |
| CN106487761B (en) | Message transmission method and network equipment | |
| KR101695361B1 (en) | Terminology encryption method using paring calculation and secret key | |
| KR20170084802A (en) | Methdo and system for transmitting secure data in a terminal | |
| JP5745493B2 (en) | Key sharing system, key sharing method, program | |
| JP2000305849A (en) | Transmitter and its method, receiver and its method and communication system | |
| CN102510431A (en) | Method, system, device and user terminal for obtaining remote resource | |
| CN113779629A (en) | Key file sharing method and device, processor chip and server | |
| KR20170033575A (en) | Device for receiving key data, server for providing decoding procedure and device for sending key data | |
| KR20150034591A (en) | Cloud server for re-encrypting the encrypted data and re-encrypting method thereof | |
| JP2018042081A (en) | Data transmitting/receiving method and sensing system |