TW202327313A - Message transmitting system, user device and hardware security module for use therein - Google Patents

Abstract

The invention relates to a message transmitting system and a user device and a hardware security module for use therein. The message transmitting system includes: a message exchange center, a first user device and a second user device. The hardware security module is installed in the housing of the first user device, and the hardware security module generates a first key establishment combination including at least a first public-private key pair according to a key establishment algorithm. The first private key in the first public-private key pair is only stored in the hardware security module, and the first public key in the first public-private key pair is sent to the message exchange center, the second user device generates a shared key, and the shared key is used to encrypt a first message plaintext to obtain a first message ciphertext, which is sent to the message exchange center and then sent to the first user device. The first user device that received the first message ciphertext obtains the shared key through a shared key acquisition method, and uses the shared key to decrypt the first message ciphertext to get back the first message plaintext.

Description

Messaging system and user device and information security hardware module applied therein

This case relates to a message transmission system and a user device and information security hardware module applied therein, especially a message transmission system applied to a mobile communication network and a user device and information security hardware module applied thereto.

With the continuous development of mobile communication systems, the bandwidth of data transmission has increased significantly, and users have almost switched to instant messaging software for voice chat and transmission of text messages and picture data. However, based on the structure of the current mainstream instant messaging software, it can be seen that the text messages and picture data sent by users must be forwarded through a message exchange center, and the backup of the text messages and picture data will be stored in the operator's settings. will not be deleted at all from the data server for a period of time.

With the extensive use of instant messaging software by users and the high requirements for information security, the privacy that does not want to be disclosed is actually stored in the cloud. This traditional instant messaging software can no longer meet the needs of users for data confidentiality. Therefore, , such as Signal, Telegram and other private instant messaging software came into being. The messages sent by these private instant messaging software will be encrypted before being sent out. Even if they are intercepted during transmission or stolen from the cloud database, they cannot be effectively interpreted. Among them, Signal also emphasizes that it will not share any text messages and picture data. Stored in the data server of the operator, there will be no problem of being stored in the cloud if the privacy that does not want to be disclosed.

However, the keys (keys) required for encryption of private instant messaging software are all generated by the central processing unit (CPU) of the user device in the current technology, and the generated keys (keys) are stored in the user's In the specific data storage area planned in the device. Therefore, once the user device is hacked by an outsider and obtains the dominance of the core of the user device (such as the operating system running on it), the data stored in the specific data storage area managed by the operating system of the user device Keys (keys) will be easily obtained and the encrypted message content will be easily interpreted, forming a loophole in information security. How to improve this problem and provide a better information security solution is the main purpose of the development of this case.

The present invention relates to a message transmission system, which includes: a message switching center; a first user device, which is connected to the message switching center with a signal, and a first information security hardware module is installed in the first user device , the first information security hardware module generates a first key establishment combination including at least a first public key-private key pair of a first user according to a key establishment algorithm, and the first user's first key establishment combination The first private key in a public key-private key pair is only stored in the first information security hardware module, and the first public key in the first public key-private key pair of the first user is transmitted to the clearinghouse; and a second user device, signally connected to the clearinghouse, the second user device generates a shared key when the second user device initiates an object to the clearinghouse For a message transmission action of the first user device, the second user device uses the shared key to encrypt a first message plaintext to obtain a first message ciphertext and then transmits it to the message switching center, The message switching center transmits the first message ciphertext to the first user device, and the first user device receiving the first message ciphertext obtains the shared key through a shared key acquisition means, and using the shared key to decrypt the ciphertext of the first message to obtain the plaintext of the first message.

Another aspect of this case is a message transmission system, which includes: a first user device connected to the Internet, a first information security hardware module is installed in the first user device, the first The information security hardware module generates a first key establishment combination including at least a first public key-private key pair of a first user according to a key establishment algorithm, and the first public key of the first user- The first private key in the private key pair is only stored in the first information security hardware module; and a second user device connected to the Internet, when the second user device is connected to the first When the user device initiates a message transmission action, the second user device directly sends its network address to the first user device to establish a point-to-point connection, and the second user device generates a shared key, The second user device uses the shared key to encrypt a first message plaintext to obtain a first message ciphertext, and the second user device uses the established point-to-point connection to encrypt the first message The message is sent to the first user device, and the first user device that receives the first message ciphertext obtains the shared key through a shared key acquisition means, and uses the shared key to decrypt the first message ciphertext to obtain the plaintext of the first message.

Another aspect of this case is a first user device, which is used between a message exchange center and a second user device, the first user device includes: a communication module, signal connected to the message exchange center; and a first information security hardware module, signally connected to the communication module, the first information security hardware module generates a first public key including at least a first user according to a key establishment algorithm - a first key combination of a private key pair, the first private key in the first public key-private key pair of the first user is only stored in the first information security hardware module, and the first user The first public key of the first public key-private key pair of the first user is sent to the message switching center, the second user device generates a shared key, and when the second user device responds to the message When the switching center initiates a message transmission action to the first user device, the second user device uses the shared key to encrypt a first message plaintext to obtain a first message ciphertext and then transmits it to the A message switching center, the message switching center transmits the first message ciphertext to the first user device, and the first user device receiving the first message ciphertext obtains the first message ciphertext through a shared key acquisition means and using the shared key to decrypt the ciphertext of the first message to obtain the plaintext of the first message.

According to the above idea, the second user device described in this case generates a second key establishment combination including at least a first public key-private key pair of a second user according to the key establishment algorithm, the second The first private key in the first public key-private key pair of the user is only stored in the device of the second user, and the first public key in the first public key-private key pair of the second user key is transmitted to the clearinghouse, the second user device obtains the first user's first public key from the clearinghouse, and the second user device uses at least the first user's first public key and the first private key of the second user to perform key establishment to generate the shared key, and the means for obtaining the shared key is that the first user obtains the first private key of the second user from the information exchange center public key, and make the first information security hardware module use at least the first public key of the second user and the first private key of the first user to perform key establishment to obtain the shared key.

According to the above idea, the information exchange center described in this case includes an identity registration center and a second information security hardware module is installed in the second user device, and the second information security hardware module is based on the key The establishment algorithm generates the second key establishment combination, the first private key in the first public key-private key pair of the second user is only stored in the second information security hardware module, and the first The first public key in the user's first public key-private key pair is sent to the identity registration center for identity registration, and the identity registration center confirms that the first user device belongs to the first user. Similarly, The first public key in the first public key-private key pair of the second user is sent to the identity registration center for identity registration, and the identity registration center confirms that the second user device belongs to the second user, The first information security hardware module is implemented in the form of a secure digital memory card and inserted in the first user device or the second information security hardware module is implemented in the form of a secure digital memory card and inserted in the first user device in the second user device.

According to the above idea, the second user device mentioned in this case obtains the first public key of the first user from the identity registration center, and uses at least the first public key of the first user and the second public key of the second user. A private key, to establish a key to obtain a shared secret, and then derive the shared secret based on the shared secret, the first user device obtains the first public key of the second user from the sub-registration center itself, and Using the first information security hardware module to use at least the first public key of the second user and the first private key of the first user to establish a key and obtain the shared secret and store it in the first information security In the hardware module, the first information security hardware module derives the shared key based on the shared secret, and uses the shared key to decrypt the ciphertext of the first message to obtain the plaintext of the first message.

According to the above idea, the first user device described in this case will generate a corresponding first digital signature after completing the identity registration, and the first digital signature uses the first private key or a first private key of the first user. Two private keys are signed, and the signed message is the relevant public information related to the first user device, and then the first user device transmits the first digital signature to the message exchange center, and the second user After the device obtains the first digital signature from the information exchange center, it uses the relevant public information of the first user's device to verify the seal. The first public key of the first public key is used for key establishment.

According to the above idea, the first information security hardware module described in this case further provides an identity authentication function. Only after the first user device passes the identity authentication procedure can the first information security hardware module be driven to provide the The first private key is used to decrypt the ciphertext of the first message to restore the first message.

According to the above idea, the identity authentication function described in this case is to manually input a password, a biometric feature or a combination of the two, and the first information security hardware module verifies that the password or the biometric feature or the combination of the two is correct. , it is determined that the first user device has passed the identity authentication procedure.

According to the above idea, the first information security hardware module described in this case includes a motion sensing element, which is used to detect the vibration generated by the first user device when the password or the biometric feature is manually input, Then it is judged whether the user inputs manually, and when the motion sensing element fails to detect the vibration, it is judged as an illegal input.

According to the above idea, after the first user device described in this case successfully receives the first message ciphertext, it sends a confirmation signal to the message switching center, and the message switching center sends the message to the message switching center after receiving the confirmation signal The ciphertext of the first message is deleted.

According to the above idea, the first information security hardware module described in this case includes a security chip, and the security chip generates a master key, which is generated by encrypting the first private key of the first user An encryption result, the encryption result is sent out of the security chip, only the master key is left in the security chip and the encryption result is deleted, and when the first private key of the first user is needed, the The encryption result is sent back to the security chip, and the master key inside the security chip is used to decrypt to obtain the first private key of the first user, and the method of generating the master key by the security chip includes one of the following : Generate the master key with random numbers, select a fixed value stored in the security chip, and use a key derivation function to derive a character string input by the user.

According to the above idea, the method for generating the shared key by the second user device described in this case includes one of the following: generating the shared key with random numbers, selecting a fixed value stored in the second user device Deriving the shared key by using a key derivation function for the shared key and a character string input by the user, and the method for obtaining the shared key includes the following steps: the second user device obtains the shared key from the The information exchange center obtains the first public key of the first user, encrypts the shared key with the first public key of the first user to form an encrypted shared key, and then uses the encrypted shared key The key is sent to the first user device, and the first user device uses the first private key of the first user stored in the first information security hardware module to encrypt the encrypted shared key Decrypt to get back the shared key.

Another aspect of the present case is an information security hardware module installed in a casing of a first user device, and the first user device and a second user device are both signal-connected to a message switching center to form a A message transmission system, the information security hardware module is electrically connected to the first user device, and the information security hardware module generates at least a first public key-private key pair according to a key establishment algorithm A first key establishment combination, the first private key in the first public key-private key pair is only stored in the information security hardware module, and the first public key-private key pair in the first A public key is sent to the message switching center, the second user device generates a shared key, and when the second user device initiates a message transmission action to the message switching center to the first user device , the second user device uses the shared key to encrypt a first message plaintext to obtain a first message ciphertext and then send it to the message switching center, and the message switching center sends the first message ciphertext To the first user device, the first user device that receives the first message ciphertext obtains the shared key through a shared key acquisition means, and uses the shared key to decrypt the first message ciphertext , to obtain the plaintext of the first message.

In order to have a clearer understanding of the above-mentioned idea of the present invention, a number of embodiments are specifically cited below, and detailed descriptions are given below with corresponding drawings.

Please refer to FIG. 1, which is a functional block diagram of a preferred embodiment of a message transmission system developed in this case. The message transmission system includes a message switching center 10, a first user device 11 and a second user device 12, Both the first user device 11 provided with the communication module 112 and the second user device 12 provided with the communication module 122 are signal-connected to the information switching center 10, for example, through the Internet 1 in the figure to complete mutual communication signal connection. The above-mentioned communication module 112 and communication module 122 may be mobile communication chips widely installed in smart phones . As for the first user device 11 and the second user device 12, they can be information processing devices such as smartphones, tablet computers, car computers or personal computers that can execute applications and have data communication capabilities, and the following will be referred to as A smartphone running a communication software application is used as the main example for illustration.

In order to achieve effective data security, in this case, an information security hardware is additionally installed in the first user device 11 on which communication software application programs 111 (such as Signal, Telegram and other private instant messaging software) are running. The module 110 is signal-connected to the communication software application program 111 and the communication module 112, and the flow chart of the encryption and decryption method shown in FIG. 2 is executed on the message transmission system. First, step 21 is for the information security hardware module 110 to generate a first public key-private key pair ( A first key combination of USER_1-Keypair_1), the first private key (USER_1-Private_key_1) of the first public key-private key pair of the first user is only stored in the information security hardware module 110 , and will not be stored outside the information security hardware module 110, so as to ensure that the first private key (USER_1-Private_key_1) of the first user will not be arbitrarily stolen. And because this information security hardware module 110 can be set to not be arbitrarily accessed by the user's device core (for example, the operating system running on it), the key stored in the information security hardware module 110 (keys) will not be easily obtained and the encrypted message content will be easily deciphered.

As for step 22, the first public key (USER_1-Public_key_1) of the first public key-private key pair of the first user is sent to the identity registration center 100 in the message exchange center 10 for identity registration. For example, the identity registration can be completed by using the information switching center 10 through another channel, such as using a mobile phone SMS channel to send an authentication code to the first user's device 11 with the first user's phone number, so that The first user utilizes the authentication code input on the first user device 11 to send back to the message exchange center 10 to confirm that the first user device 11 really belongs to the first user and has not been fraudulently used. The message exchange center 10 including the identity registration center 100 may be a server of the communication software application program 111 (such as a server of various private instant messaging software such as Signal and Telegram). As for another user device (second user device 12 ) that is signally connected to the message switching center 10 , there is also a communication software application program 121 running thereon. The communication software application program 111, the communication software application program 121 and the message exchange center 10 may belong to the same system combination issued by the same program developer. As for the second user device 12, the method similar to steps 21 and 22 can also be used to generate a key including at least one The second key of the first public key-private key pair (USER_2-Keypair_1) of the second user establishes a combination, and the first public key of the second user's first public key-private key pair (USER_2-Keypair_1) The key (USER_2-Public_key_1) is sent to the identity registration center 100 for identity registration, so that the identity registration center 100 can confirm that the second user device belongs to the second user. The second user device 12 may be provided with another information security hardware module (not shown in this figure), or may not be provided with an information security hardware module, and the identity registration may be completed and the following steps may be continued.

Step 23 judges whether the second user device 12 uses the communication software application program 121 to initiate a message transmission action for the first user device 11 to the message switching center 10, when the second user device 12 uses the communication software When the application program 121 initiates a message transmission action (such as writing a text message, posting a picture, sending a voice message or sending a video message) to the message exchange center 10 with the object being the first user device 11, go to step 24 , wherein the second user device 12 obtains the first public key (USER_1-Public_key_1) of the first user from the information exchange center, and the second user device 12 at least uses the first public key of the first user (USER_1-Public_key_1) and the second user's first private key (USER_2-Private_key_1) for key exchange and establishment (for example, Diffie-Hellman key exchange (Diffie–Hellman key exchange)) generated A shared key, the second user device 12 uses the shared key to encrypt a first message plaintext (text message, picture, voice message or audio-visual message) to obtain a first message ciphertext and then send it to the Clearinghouse 10. Of course, in order to reduce the burden on system resources, the shared key generated when the second user device 12 completes the first communication with the first user device 11 can continue to be used in subsequent communications. , and regenerate another shared key until a preset time or a preset number of times is reached.

Step 25 is that the message exchange center 10 transmits the first message ciphertext to the first user device 11, and the first user device 11 that receives the first message ciphertext executes the shared key acquisition The method is to obtain the first public key (USER_2-Public_key_1) of the second user from the information exchange center 10, and make the information security hardware module 110 use the first public key including at least the second user (USER_2-Public_key_1) and the first private key (USER_1-Private_key_1) of the first user to perform key exchange and establishment, and then obtain the shared key, and use the shared key to decrypt the ciphertext of the first message, to get back the plaintext of the first message (step 26). In this way, the communication software application program 111 and the communication software application program 121 can perform secure message forwarding through the message switching center 10 .

The first private key of the above-mentioned first user device 11 is only stored in the information security hardware module 110, so a safer method may be: let the first user device 11 pass the security authentication procedure , to drive the information security hardware module 110 to provide the first private key. That is to say, the first private key will be taken out from the information security hardware module 110 after passing the security authentication procedure, so that the first user device 11 can decrypt the received encrypted message, and the decryption can be completed Afterwards, the first private key is deleted and not stored outside the information security hardware module 110 . Of course, the information security hardware module 110 can also regenerate a new first public key-private key pair periodically (at regular intervals) or quantitatively (after reaching a certain amount of data), so as to reduce the first private key pair. risk of key theft. Or, if the computing power of the information security hardware module 110 is sufficient, the first message ciphertext can also be directly sent to the information security hardware module 110 to decrypt the first message ciphertext to obtain the The first message, such that the first private key will not be transmitted by the information security hardware module 110 at all.

As for the security authentication procedure, it can be compared by inputting a default verification password or a biometric feature (such as a fingerprint). During the process of the first user device 11 of the hardware module 110, when the communication software application program 111 and the information security hardware module 110 are bound and linked, the user can input the setting, and can be used every time When logging into the communication software application program 111, it needs to be input again. In addition, in order to prevent hackers from remotely attacking, the identity authentication program may require the user to manually input the default verification password, the biometric feature or a combination of the two, and the information security hardware module verifies the password or When the biometric feature or the combination of both is correct, it is determined that the first user device 11 has passed the identity authentication procedure. And the first user device 11 is further provided with a motion sensing element 1101, which is used to detect the vibration generated by the first user device 11 when manually inputting the password or the biometric feature, and then determine that it is the user. Whether to input manually, when the motion sensing element 1101 fails to detect vibration, it is judged as an illegal input. A preferred method for the motion sensing element 1101 may be to set it in the information security hardware module 110 to ensure the correct operation of the motion sensing element 1101 and not to be remotely controlled by hackers.

And the above step 24 of key establishment by the second user device 12 at least using the first public key (USER_1-Public_key_1) of the first user and the first private key (USER_2-Private_key_1) of the second user In the key establishment, a shared secret (shared secret) can be obtained first, and then the shared secret can be derived based on the shared secret. Similarly, the first user device 11 makes the information security hardware module 110 use at least the first public key (USER_2-Public_key_1) of the second user and the first private key (USER_1) of the first user. -Private_key_1) In the step 26 of key establishment, the key establishment can be performed to first obtain a shared secret, and then derive the shared key based on the shared secret, obtain the shared key, and use the shared key to decrypt The ciphertext of the first message is used to obtain the plaintext of the first message. Since the shared key can be generated according to the shared secret and a derivation function, the shared key can be periodically updated according to the shared secret and the derivation function, reducing the chance of the shared key being cracked. The way of deriving the shared key based on the shared secret can be various common key derivation functions (KDF for short), so that different shared keys can be derived by using the shared secret.

In addition, the system and method of this case including the information security hardware module 110 can also be applied to the application of point-to-point multimedia encrypted communication, that is, another application environment in which the message exchange center 10 in the message transmission system of FIG. 1 is omitted. . In this way, when the first user device 12 intends to initiate multimedia (audio, video and text) communication, the second user device 12 can skip the transfer of the message switching center 10 based on the aforementioned encrypted message sending method. directly use the Internet 1 to send its network address to the first user device 11, and the two can establish a point-to-point connection through the Internet 1. After the connection is established, the first user device 11 uses the information security hardware module 110 to generate the public key-private key pair required for the session, and performs a key establishment protocol with the second user device 12 to obtain a The session key (in order to reduce the resources required for encryption and decryption, the session encryption key and the session decryption key in this example may be the same shared key) is stored in the information security hardware module 110 . Then, the second user device 12 uses the information security hardware module 110 to encrypt the plaintext of the multimedia packet to be sent to the first user device 11 using the session encryption key, and the first user device 11 also uses the information security hardware module The body module 110 uses the session decryption key to decrypt the ciphertext of the multimedia packet from the second user device, and then obtains the plaintext of the multimedia packet. Similarly, after the connection is established, the second user device 12 can also use the same method to perform session encryption and decryption, so details are not repeated here. Of course, the meeting encryption key and the meeting decryption key can also be used as a public key-private key pair for the meeting, which can be selected depending on the computing power of the system.

The flow chart of the encryption and decryption method shown in Figure 3 is the flow chart of the embodiment method carried out on the point-to-point multimedia encryption communication. First, step 31 is the first user device 11 that runs the communication software application program 111 on it. The information security hardware module 110 generates a first public key-private key pair (USER_1- Keypair_1) to create a first key combination, the first private key (USER_1-Private_key_1) in the first public key-private key pair of the first user is only stored in the information security hardware module 110, It will not be stored outside the information security hardware module 110 to ensure that the first private key (USER_1-Private_key_1) of the first user will not be arbitrarily stolen.

As for step 32, another user device (second user device 12) that is signally connected to the Internet 1 establishes an algorithm based on the key (the same as the key establishment algorithm of the first user device 11) ) to generate a second key creation combination including at least a first public key-private key pair (USER_2-Keypair_1) of a second user, on which the communication software application program 121 is also running. The communication software application program 111 and the communication software application program 121 belong to the same system combination issued by the same program developer. The second user device 12 may be provided with another information security hardware module (not shown in this figure), or may not be provided with an information security hardware module.

Step 33 judges whether the second user device 12 uses the communication software application program 121 to initiate a message transmission action for the first user device 11, when the second user device 12 uses the communication software application program 121 to initiate a message transmission action During the message transmission action of the first user device 11 (such as writing a text message, posting a picture, sending a voice message or sending a video message), enter step 34, wherein the second user device 12 directly sends its The network address is sent to the first user device 11, and the two can successfully establish a point-to-point connection, and the second user device 12 obtains the first user device 11 through the point-to-point connection. A user's first public key (USER_1-Public_key_1), the second user device 12 at least uses the first user's first public key (USER_1-Public_key_1) and the second user's first private key (USER_2 -Private_key_1) to perform key establishment (for example, to establish according to the agreement of Diffie-Hellman key exchange) to generate a shared key, and the second user device 12 uses the shared key to send a first message The plaintext (text message, picture, voice message or audio-visual message) is encrypted to obtain a first message ciphertext.

Step 35 is that the second user device 12 uses the established point-to-point connection to transmit the first message ciphertext to the first user device 11, and the first user who receives the first message ciphertext The means for acquiring the shared key performed by the user device 11 is to obtain the first public key (USER_2-Public_key_1) of the second user from the second user device 12 through the point-to-point connection, and make the information secure The hardware module 110 uses at least the first public key (USER_2-Public_key_1) of the second user and the first private key (USER_1-Private_key_1) of the first user to establish a key to obtain the shared key , and use the shared key to decrypt the ciphertext of the first message to obtain the plaintext of the first message (step 36). In this way, the communication software application program 111 and the communication software application program 121 can perform secure message forwarding through the point-to-point connection.

The infrastructure of the above-mentioned information security hardware module 110 can be a common hardware security module (Hardware security module, HSM), in order to enhance its performance, as shown in Figure 4a and Figure 4b, this case is based on the information In addition to the motion sensing element 1101 and the housing 1100 in the security hardware module 110, a security chip 1102 can also be added, and the preferred embodiment of the housing 1100 appearance of the information security hardware module 110 can be an external Type memory card device, in the current common application example, the external memory card device can be a secure digital memory card (Secure Digital Memory Card), and can choose different size types, such as secure digital memory card (Secure Digital Memory Card) Standard size (32.0×24.0×2.1 mm), Mini size: (21.5×20.0×1.4 mm) and Micro size (15.0×11.0×1.0 mm), among which Micro size secure digital memory cards are most suitable for today’s smart phones cell phone. Of course, the technical means of this case can also be extended to other memory card specifications, such as Memory Stick (Memory Stick), so it will not be repeated here. According to the above technical description, it can be seen that the information security hardware module 110 of this case can have the following functions: (1) generate one or more sets of public key-private key pair key establishment combinations according to the key establishment algorithm, and save in the hardware module. (2) Use the key establishment combination stored in the hardware module to establish the key, generate a shared secret and store it in the hardware module. (3) Using the shared secret stored in the hardware module to derive a shared key and store it in the hardware. (4) Using the shared key to encrypt the plaintext of the message to obtain the ciphertext of the message, or to decrypt the ciphertext of the message to obtain the plaintext of the message. (5) The shared secret or shared key can be selectively exported according to the result of the security authentication procedure. The above message plaintext can be various digital data, such as document files, image files, sound files or multimedia files mixed with the above contents.

The above-mentioned security chip 1102 can be installed in the casing 1100. The security chip 1102 can be used to generate the above-mentioned public key-private key pair and perform identity authentication procedures. The security chip 1102 usually needs to meet the following conditions: built-in cryptographic calculation Cryptographic Algorithm, Tamper Resistant, Secure OS, Sensors to detect various intrusive or non-invasive attacks, and to store Cryptographic Keys Secure storage space, etc. However, FIG. 4 a shows an embodiment in which the motion sensing element 1101 is disposed outside the security chip 1102 , which does not require a security chip with special specifications. Figure 4b is an embodiment of setting the motion sensing element 1101 in the security chip 1102, which requires a security chip with special specifications, but can ensure the correct operation of the motion sensing element 1101 and will not be hacked from the remote manipulation.

The information security hardware module 110 that includes the above-mentioned security chip 1102 can further enhance the information security function of the information exchange system of this case, and then execute the method flow chart of another preferred embodiment as shown in Figure 5, which is compared with that in Figure 5 The flow chart of the method shown in 1 has similar concepts but also has encryption and decryption steps that are not easy to crack. First, the security chip 1102 in the information security hardware module 110 in the first user device 11 generates a key establishment combination, the key establishment combination at least includes the first public key-private key pair and a first Two public key-private key pair. In addition, the security chip 1102 can also randomly generate a master key to encrypt the first private key (step 41). Of course, the master key can also be generated in other ways. For example, the master key is selected from a fixed value stored in the security chip 1102, or a character string input by the user is used to generate a key derivation function. to derive the master key. And in order to save the storage space of the security chip 1102, the encryption result of the first private key encrypted by the master key can be passed out of the security chip 1102, leaving only the master key stored in the security chip 1102 and deleting the encryption result . When the subsequent system needs the first private key of the first user, the encryption result is sent back to the security module (security chip 1102 ) and decrypted using the internal master key. The decrypted first user's first private key can then be used to establish a key (for example, it is established in compliance with the Diffie-Hellman key exchange protocol), using at least the second user's first private key. public key to jointly establish a shared secret or shared key.

In addition, when the above-mentioned two parties establish a shared secret or shared key, if they directly use their own private key and the received public key, but cannot confirm the authenticity of the public key, a man in the middle attack (man in the middle attack) will occur. attack) problem. Therefore, in this case, a digital signature is introduced here to enhance information security. Then, after the first user device 11 performs identity registration in step 22 as shown in FIG. The first private key of the user or a second private key, and the information contained in this signature is public information known to both parties (for example, the first public key of the first user, of course, another One of the second public keys in a set of second public-private key pairs, or select other public information related to the first user). Taking the implementation of Signal as an example, the information used in the digital signature here is also public information known by both parties. Since each user in the Signal protocol generates several public-private key pairs, and then uses one of them A specific public key (such as the second public key) is used as the information contained in the digital signature.

Then send this first digital signature to the message exchange center. After the second user device 12 obtains the first digital signature from the information exchange center 10, it uses the relevant public information of the first user device 11 (in this example, the first public key of the first user) to verify the seal. After passing the seal verification, the above-mentioned series of key establishment procedures are then performed using at least the first private key of the second user and the first public key of the first user.

Therefore, the first public key, the first private key encrypted by the master key and the digital signature are sent out of the security chip 1102 and stored in a storage space of the first user device 11 (step 42), in addition, the first private key, the first public key and the digital signature encrypted by the master key in the security chip 1102 of the information security hardware module 110 can be deleted to save the In the data storage space of the information security hardware module 110 , only the master key is stored in the security chip 1102 . Until the first private key is needed for decryption, the first private key encrypted by the master key stored in the storage space is sent back to the information security hardware module, and the master key is used to decrypt and restore Get the first private key.

And the first user device 11 transmits the encrypted combination including the first public key and the digital signature to the message exchange center 10 (step 43). Then, because the second user device 12 initiates a message transmission action targeting the first user device 11 to the message switching center 10 (step 44), the message switching center 10 then uses the encryption combination and the digital signature sent to the second user device 12 (step 45), the second user device 12 confirms whether the content of the digital signature is correct according to the first public key and the digital signature, and then verifies the digital signature The authenticity (step 46).

After verifying that the digital signature is true, the second user device 12 at least uses the first public key of the first user and the first private key of the second user to perform key establishment to generate a shared key, Use the shared key to encrypt the first message to obtain a first message ciphertext and then send it to the message switching center 10 (step 47), and the message switching center 10 sends the first message ciphertext to the first User device 11 (step 48), this first user device 11 that receives this first message ciphertext just obtains the first public key of this second user from this message switching center 10, and makes this information security hardware The security chip 1102 of the phantom module 110 uses at least the first public key of the second user and the first private key of the first user for key exchange and establishment, and then obtains the shared key, and uses the The shared key decrypts the ciphertext of the first message to obtain the plaintext of the first message (step 49).

In addition, in the above examples, only the embodiment in which the first user device 11 is provided with the information security hardware module 110 is described, but in fact, the second user device 12 may also be provided with another information security hardware module 110. Body module (not shown in Fig. 1) or software that provides similar functions can also send another encrypted combination corresponding to the second user device 12 and another digital signature to the message exchange center 10, the message exchange When the second user device 12 initiates the message transmission action for the first user device 11 to the message exchange center 10, the center 10 transmits the other encryption combination and the other digital signature to the message switching center 10. The first user device 11, the first user device 11 verifies the authenticity of the other digital signature according to the another encryption combination and the other digital signature. When verifying that the digital signature is true, the identity of the second user device 12 can be authenticated as true, so that the first user device 11 that receives the first message ciphertext can be used again The security chip 1102 of the information security hardware module 110 uses at least the first public key of the second user and the first private key of the first user to perform key exchange and establishment, and then obtain the shared key Afterwards, the ciphertext of the first message is decrypted to obtain the first message.

And whether this part of authentication of the identity of the second user device 12 is true can be carried out before step 49 in Fig. 5, if the verification of the digital signature bit program fails, the second user cannot be authenticated When the identity of the device 12 is true, the first user device 11 receiving the ciphertext of the first message sent by the second user device 12 will not execute the decryption action.

Of course, in this embodiment, the security chip 1102 in the information security hardware module 110 also provides an identity authentication function, and the security chip 1102 can be driven to provide a decryption function only after the first user device 11 passes the identity authentication procedure. , and then restore the first message and the digital signature. Moreover, the identity authentication function is to manually input a password or a biometric feature (such as a fingerprint) or a combination of both. users pass the identity authentication process. In addition, in the above-mentioned various embodiments, after the first user device 11 successfully receives the first message ciphertext, it can send a confirmation signal to the message switching center 10, and the message switching center 10 receives the After confirming the signal, the ciphertext of the first message is deleted to reduce the possibility of improper use of the message.

Referring to Fig. 6 again, it is another preferred embodiment method flow chart developed by this case, which is roughly the same as the main body of the embodiment method described in Fig. 2 above, that is, step 61, step 62, step 63 and step 65 is consistent with the contents of step 21, step 22, step 23 and step 25 in FIG. 2 . However, the method of generating the shared key in the original step 24 is changed to generate the shared key with random numbers in step 64, and select a fixed value stored in the second user device as the shared key or It is accomplished by using a key derivation function to derive the shared key from a character string input by the user.

As for the original shared key acquisition means in step 26, in step 66, the following steps are changed to complete: the second user device 12 obtains the first public key of the first user from the message exchange center 10, use the first user's first public key to encrypt the shared key to form an encrypted shared key, and then transmit the encrypted shared key to the first user device 11, the first The user device 11 uses the first private key of the first user stored in the information security hardware module 110 to decrypt the encrypted shared key, and then obtain the shared key. The shared key generation method and shared key acquisition method in this embodiment can also be extended to the system and method embodiments shown in Figure 3 to Figure 5 to replace the key generation and exchange. mechanism. Since the concepts are similar, they will not be repeated here.

To sum up, through the additional installation of the information security hardware module 110 developed in this project, for example, the information security hardware module 110 completed in the form of a Secure Digital Memory Card is inserted into the user device ( For example, in a smart phone), the communication security of the instant messaging software on the user device (such as a smart phone) can be greatly improved, because important keys will be properly kept in the information security hardware module 110 instead of It is easily obtained, successfully eliminates the loopholes in information security in conventional means, and then improves the problems of traditional technologies, completes a better information security solution, and achieves the main purpose of the development of this project.

In addition, if the information security hardware module solution proposed in this case can be installed on the user device (such as a smart phone) and executed smoothly, it needs to be compatible with the operation on the user device (such as a smart phone) Good coordination is achieved between communication software applications. Therefore, the communication software application program must be modified to be able to cooperate with the information security hardware module 110 (such as a secure digital memory card (Secure Digital Memory Card)). Since some applications (such as Signal communication software) are of the type of open source code, it is possible to directly modify the source code of the communication software application program provided by the program developer, and then compile the modified source code to generate The communication software application program that can cooperate with the information security hardware module solution of this case, and then the completed application program to be installed is provided to the customer who purchases the information security hardware module 110 for installation. Of course, the modified complete source code can also be additionally provided to the downstream customers who purchase the information security hardware module 110, so that the customers can have room for modification again.

The above-mentioned application program to be installed can be pre-installed in the user's device (such as the above-mentioned first user device 11 and the second user device 12) when leaving the factory, or provide a remote link (such as a public website, private cloud or application program store) for users to download and install, of course, the application program can also be directly stored in the information security hardware module 110, so that the user can insert the information security hardware module 110 into the After installing the user device, click Install. Alternatively, the manufacture of the information security hardware module 110 may also provide an API library (API library) of a Secure Digital Memory Card for downstream customers to integrate by themselves.

The elements/devices in the above embodiments can also be arranged and arranged differently, and can be adjusted or changed appropriately depending on the actual needs and conditions of the application. Therefore, the functional block diagrams shown in the specification and drawings are for illustration only, and are not intended to limit the protection scope of the present disclosure. In addition, those skilled in the art should know that the details of the method steps in the embodiments are not limited to the single form depicted in the drawings, and can be changed according to the needs of practical applications without departing from the technical spirit disclosed in this case. Adjust accordingly. Therefore, the information transmission system proposed in this case and the user device loaded with information security hardware modules, its related technical concepts can of course be applied to similar information transmission systems such as email systems or online conference systems, and can also achieve communication The security is greatly improved, and the important key is not easily obtained.

To sum up, although the present invention is disclosed above with the embodiments, it is not intended to limit the present invention. Those with ordinary knowledge in the technical field of the present invention can make various changes and modifications without departing from the technical spirit and scope of the present invention. Therefore, the scope of protection of the present invention should be defined by the appended patent claims.

1: Internet 10: Information exchange center 100: Identity Registration Center 11: The first user device 12: Second user device 111, 121: Communication software applications 112, 122: communication module 110:Information security hardware module 1101: motion sensing element 1102: security chip 1100: Shell

FIG. 1 is a functional block diagram of a preferred embodiment of a message transmission system developed in this case. Fig. 2 is a flow chart of the encryption and decryption method in the message transmission system developed in this case. Fig. 3, it is the flow chart of the embodiment method developed by this case and carried out on point-to-point multimedia encryption communication. FIG. 4a and FIG. 4b are schematic diagrams of two embodiments of the information security hardware module in this case. Fig. 5 is a flow chart of an embodiment of another encryption and decryption method in the message transmission system developed in this case. Fig. 6 is a flow chart of another preferred embodiment of the encryption and decryption method in the message transmission system developed by this case.

1: Internet

10: Information exchange center

100: Identity Registration Center

11: The first user device

12: Second user device

111, 121: Communication software applications

112, 122: communication module

110:Information security hardware module

1101: motion sensing element

Claims (10)

A message transmission system comprising: a clearinghouse; A first user device, signally connected to the information exchange center, a first information security hardware module is installed in the first user device, and the first information security hardware module generates according to a key establishment algorithm A first key building combination comprising at least a first public key-private key pair of a first user, the first private key of the first public key-private key pair of the first user is stored only in the In the first information security hardware module, and the first public key of the first user's first public key-private key pair is sent to the message exchange center, the first information security hardware module includes A security chip, the security chip generates a master key, the master key is used to encrypt the first private key of the first user to generate an encryption result, and the encryption result is passed out of the security chip, leaving only The master key is stored in the security chip and the encryption result is deleted. When the first private key of the first user is needed, the encryption result is sent back to the security chip, and the master key inside the security chip is used. decrypt the key to obtain the first private key of the first user; and a second user device, signally connected to the message switching center, the second user device generates a shared key, and when the second user device initiates a message to the message switching center with the object being the first user device When the message is transmitted, the second user device uses the shared key to encrypt a first message plaintext to obtain a first message ciphertext and then sends it to the message switching center, and the message switching center sends the first message The message ciphertext is sent to the first user device, and the first user device that receives the first message ciphertext obtains the shared key through a shared key acquisition means, and the shared key acquisition means uses only store the first private key in the first information security hardware module, and use the shared key to decrypt the first message ciphertext to obtain the first message plaintext, the first user's After the first public key is obtained by the second user device from the message switching center, it is used by the second user device to generate the shared key, or is used by the second user device to transmit the shared key In the process of giving the first user device. The message transmission system as described in Claim 1, wherein the first user device sends a confirmation signal to the message switching center after successfully receiving the first message ciphertext, and the message switching center receives the confirmation After the signal, the first message ciphertext is deleted. The message transmission system as described in claim 1, wherein the first information security hardware module is plugged and installed in the first user device, and the method for generating the master key by the security chip includes one of the following: Random numbers generate the master key, select a fixed value stored in the security chip, and use a key derivation function to derive a character string input by the user. The message transmission system as described in claim 1, wherein the method for generating the shared key by the second user device includes one of the following: generating the shared key with random numbers, selecting the stored key in the second user device One of the fixed values is the shared key and a character string input by the user is then used to derive the shared key using a key derivation function, and the method for obtaining the shared key includes the following steps: the second use The or device obtains the first public key of the first user from the information exchange center, uses the first public key of the first user to encrypt the shared key to form an encrypted shared key, and then the The encrypted shared key is sent to the first user device, and the first user device uses the first private key of the first user stored in the first information security hardware module to encrypt the encrypted shared key. Decrypt the shared key to get back the shared key. A message transmission system comprising: A first user device, signal connected to the Internet, a first information security hardware module is installed in the first user device, and the first information security hardware module generates at least A first key building combination comprising a first public key-private key pair of a first user, the first private key of the first public key-private key pair of the first user is stored only in the first user's first public key-private key pair In an information security hardware module, the first information security hardware module includes a security chip, the security chip generates a master key, and the master key is used to encrypt the first private key of the first user to Generate an encryption result, the encryption result is passed out of the security chip, only the master key is left in the security chip and the encryption result is deleted, when the first private key of the first user is needed, then send the encryption result back to the security chip, use the master key inside the security chip to decrypt to get back the first private key of the first user; and A second user device, signal connected to the Internet, when the second user device initiates a message transmission action to the first user device, the second user device directly sends its network address to The first user device establishes a point-to-point connection, the second user device generates a shared key, and the second user device uses the shared key to encrypt a first message plaintext to obtain a first message ciphertext, the second user device transmits the first message ciphertext to the first user device through the established point-to-point connection, and the first user who receives the first message ciphertext The device obtains the shared key through a shared key acquisition means, the shared key acquisition means uses the first private key stored only in the first information security hardware module, and utilizes the shared key Decrypt the ciphertext of the first message to obtain the plaintext of the first message. After the first public key of the first user is obtained from the message switching center by the second user device, it is obtained by the second user device used to generate the shared key, or used by the second user device to transmit the shared key to the first user device. The message transmission system as described in claim 5, wherein the second user device generates a second key establishment combination comprising at least a second user's first public key-private key pair according to the key establishment algorithm , the first private key in the first public key-private key pair of the second user is only stored in the second user device, and the first public key-private key pair in the first user The first public key is transmitted to the second user device through the point-to-point connection, and the second user device uses at least the first public key of the first user and the first private key of the second user to perform key establishment to generate the shared key, and the shared key acquisition means is that the first user obtains the first public key of the second user from the second user through the point-to-point connection, And make the first information security hardware module use at least the first public key of the second user and the first private key of the first user to perform key establishment to obtain the shared key, the first information The secure hardware module is completed in the form of a secure digital memory card and inserted into the first user device. The message transmission system as described in claim 5, wherein the method for generating the shared key by the second user device includes one of the following: generating the shared key with random numbers, selecting the stored key in the second user device One of the fixed values is the shared key and a character string input by the user is then used to derive the shared key using a key derivation function, and the method for obtaining the shared key includes the following steps: the second use The or device obtains the first public key of the first user from the information exchange center, and uses the first public key of the first user to encrypt the shared key to form an encrypted shared key, and then The encrypted shared key is sent to the first user, and the first user uses the first private key of the first user stored in the first information security hardware module to encrypt the encrypted shared key The shared key is decrypted to obtain the shared key. A first user device, which is used between a message switching center and a second user device, the first user device includes: a communication module, signally connected to the clearinghouse; and A first information security hardware module is installed in a casing of the first user device and is signal-connected to the communication module, and the first information security hardware module generates at least A first key building combination comprising a first public key-private key pair of a first user, the first private key of the first public key-private key pair of the first user is stored only in the first user's first public key-private key pair In an information security hardware module, and the first public key of the first user's first public key-private key pair is transmitted to the message exchange center, the first information security hardware module includes a Security chip, the security chip generates a master key, the master key is used to encrypt the first private key of the first user to generate an encryption result, and the encryption result is passed out of the security chip, leaving only the The master key is stored in the security chip and the encryption result is deleted. When the first private key of the first user is needed, the encryption result is sent back to the security chip, and the master key inside the security chip is used Decipher and get back the first private key of the first user, the second user device generates a shared key, when the second user device initiates a private key for the first user device to the message switching center When the message is transmitted, the second user device uses the shared key to encrypt a first message plaintext to obtain a first message ciphertext and then sends it to the message switching center, and the message switching center sends the first message The message ciphertext is sent to the first user device, and the first user device that receives the first message ciphertext obtains the shared key through a shared key acquisition means, and the shared key acquisition means uses only store the first private key in the first information security hardware module, and use the shared key to decrypt the first message ciphertext to obtain the first message plaintext, the first user's After the first public key is obtained by the second user device from the message switching center, it is used by the second user device to generate the shared key, or is used by the second user device to transmit the shared key In the process of giving the first user device. The first user device as described in claim 8, wherein the first user device sends a confirmation signal to the message switching center after successfully receiving the first message ciphertext, and the message switching center receives the After the confirmation signal, the ciphertext of the first message is deleted, and the method of generating the master key by the security chip includes one of the following: random number generation of the master key, selection of one stored in the security chip The fixed value and a character string input by the user are derived by using a key derivation function. An information security hardware module is installed in the casing of a first user device, and the first user device and a second user device are signal-connected to a message exchange center to form a message transmission system, the information The security hardware module is electrically connected to the first user device, and the information security hardware module generates a first key establishment combination including at least a first public key-private key pair according to a key establishment algorithm , the first private key in the first public key-private key pair is only stored in the information security hardware module, and the first public key in the first public key-private key pair is transmitted to the In the information exchange center, the first information security hardware module includes a security chip, and the security chip generates a master key, and the master key is used to encrypt the first private key of the first user to generate an encryption result, The encryption result is sent out of the security chip, leaving only the master key in the security chip and deleting the encryption result. When the first private key of the first user is needed, the encryption result is sent to Back to the security chip, use the master key inside the security chip to decrypt to get back the first private key of the first user, the second user device generates a shared key, when the second user device When the message exchange center initiates a message transmission action to the first user device, the second user device uses the shared key to encrypt a first message plaintext to obtain a first message ciphertext and then transmits To the message switching center, the message switching center transmits the first message ciphertext to the first user device, and the first user device receiving the first message ciphertext obtains the information through a shared key acquisition means Obtaining the shared key, the means for obtaining the shared key uses the first private key stored only in the information security hardware module, and uses the shared key to decrypt the ciphertext of the first message to obtain In response to the plaintext of the first message, the first public key of the first user is obtained by the second user device from the message switching center, and is used by the second user device to generate the shared key, or is used by the second user device The second user device is used in the process of transmitting the shared key to the first user device.

Images