TWI667591B - Method for safely transferring pictures - Google Patents

Abstract

The present invention is a method for safely transmitting a picture file, which is applied to a first terminal device, a second terminal device and a communication server, and the first terminal device stores an original image file and a deformation image file. The deformed image file is obtained by the original image file after an image deformation process, wherein the first terminal device can encrypt the original image file, and then the original image file can encrypt the original image file and The deformation image file is transmitted to the communication server, and the communication server transmits the deformation image file to the second terminal device, and after receiving the original image request message sent by the second terminal device, Transmitting the encrypted original image file to the second terminal device, enabling the second terminal device to decrypt the encrypted original image file to present the original image file.

Description

Method for safely transferring pictures

The invention relates to a method for transmitting a graphic file, in particular to an encryption program which is completed by a terminal device, and the transmission file process of the plurality of terminal devices and the communication server, and the image file stored by the communication server are all encrypted image files. To improve the privacy of the image file.

According to the rise of smart phones and the advancement of wireless network technology, people nowadays exchange their feelings through instant messaging (IM), which is almost the future trend, according to "comScore". According to the information, in 2016, the number of people using "instant messaging" in Taiwan has exceeded 7.5 million, which means that people's dependence on "instant messaging" is increasing day by day. This situation not only makes instant messaging software enter the market. The era of contending for a hundred schools has caused instant messaging software to continue to evolve and become popular with consumers.

In addition, in order to be able to stand out in many instant messaging software, various instant messaging softwares have developed various functions to develop exclusive features. For example, "WhatsApp" is an instant messaging software with no ads or textures. "LINE" is an instant messaging software that uses cute textures as a software feature. "Viber" is an instant messaging software. Its biggest feature is that users can directly dial VoIP calls without opening the instant messaging software. "WeChat" is an instant messaging software that can search for friends around you by "shake"; "M+" This instant messaging software automatically distinguishes between carriers. According to "SimilarWeb" survey report on 187 countries, "WhatsApp" has a leading position in 109 countries (such as Russia, Brazil, India, Britain, Germany, Spain, etc.), and "Messenger" is among them. 49 countries (such as the United States, Canada, Australia, etc.) are in the mainstream, and "Viber" is the mainstream communication software in 10 countries (such as Belarus, Ukraine, Serbia, etc.); It can be seen that the instant messaging software with special functions and features can effectively grasp the eyes of users and cultivate the high loyalty of users. In view of this, the instant messaging software market has already caused fierce competition among many manufacturers. Do not rack your brains and develop distinctive features to gain a foothold in this market.

In addition, in addition to the original voice call function, the existing smart phone has various additional functions such as photo, video, video call, music listening, online program watching, etc., and its memory capacity is also greatly increased. Therefore, the user not only stores a large number of files, videos, music, etc. in the smart phone, but also shares the aforementioned files with other friends. Therefore, the instant messaging software has not simply transmitted text messages, but Ability to transfer photos, videos, music and other files, and even transfer their geographic location information to other friends to meet the user's "sharing" needs.

In view of this, the applicant has designed a new way of transferring photos in the instant messaging software developed by the applicant to attract the attention of the user. It is briefly explained in the following, in general, during the use of instant messaging software. In addition to text, people generally use photos to present their current situation. In particular, for men and women who are new and unmasked, they will know how to look at each other by sending a selfie, but the existing instant messaging software. Both of them send photos directly to each other. Therefore, the applicant is able to improve the fun of chat interaction between the two parties. After the photo, the photo is deformed and the deformed photo is transmitted to the other party, and then the other party can obtain the original photo (ie, the undeformed photo) according to specific conditions (eg, completing the activity), thereby enhancing the interaction between the two parties. At the same time, you can evoke the interest of the other party with a distorted photo. However, the applicant has found that the foregoing method still has the following defects in security: (1) When the two parties transmit photos, the original photo (ie, undeformed photo) is stored (or temporarily stored) on the cloud server. If a malicious user invades the cloud server, the original photo (ie, undeformed photo) can be stolen; (2) the current process of encrypting the photo is usually after the user uploads the photo, and then the cloud is served by the cloud. Encryption, therefore, when a malicious user invades the cloud server, the encryption mode of the cloud server can be easily obtained, and then decrypted, causing the original photo (ie, undeformed photo) to be stolen; (3) when the cloud When the server transmits the photo to the other terminal device, the photo transmitted is the original photo (ie, the undeformed photo). After all, the encryption behavior of the cloud server is to protect the photo inside, but before the transmission. The system decrypts first, so the malicious user can intercept and steal the original photo (ie, undeformed photo) during the transmission.

Although the photos are only images, the faces, backgrounds, etc. on them contain a lot of information and are personal privacy. Therefore, how to effectively solve the above problems to ensure the security and privacy of photos, and then The user's willingness to use the user and increase the user's willingness to use the instant messaging software has become an important issue for the present invention.

In view of the above-mentioned method of transmitting photos designed by the applicant, it is still not perfect. Therefore, the inventor, after years of research and development experience, has finally conducted many researches and tests. The method for safely transmitting the image file of the present invention is designed, and the user can ensure the privacy of the photo in the process of sharing the photo by using the instant messaging software, and is not easily stolen by the malicious user.

An object of the present invention is to provide a method for securely transferring a picture file, the method being applied to a network system, the network system comprising a first terminal device, a second terminal device and a communication server, wherein The first terminal device and the second terminal device respectively have an instant messaging software installed, and the terminal devices can respectively establish a connection with the communication server through the instant messaging software, and the first terminal device stores an original image. a file and a deformed image file, wherein the image file is obtained by the image file after the image file is deformed by the image file, and the first terminal device can use at least one encryption key pair before the first terminal device uploads the image file. The original image file is encrypted, and then the first terminal device transmits the encrypted original image file and the deformed image file to the communication server, and the communication server transmits the modified image file to the second terminal device. And storing the encrypted original image file, 嗣, when the communication server receives the original image request message sent by the second terminal device, it will transmit the encrypted original image file Up to the second terminal device, the second terminal device can decrypt the encrypted original image file with a first decryption key to present the original image file on a display screen, thus, whether it is a communication server The image file stored on the file or the transfer file between the terminal device and the communication server only encrypts the original image file to ensure the privacy of the original image file.

Another object of the present invention is that the first terminal device encrypts the deformed image file before uploading the deformed image file to the communication server, so that the communication server transmits the encrypted deformed image file to the After the second terminal device, the second terminal device can decrypt the encrypted image file with a second decryption key, thereby improving the privacy of the image file and avoiding The malicious user restores the deformed image file back to the original image file.

For your convenience, the review committee can make a further understanding and understanding of the purpose, technical features and effects of the present invention. The embodiments are combined with the drawings, and the details are as follows:

[study]

no

〔this invention〕

10‧‧‧Internet

11‧‧‧First terminal device

111‧‧‧ instant messaging software

12‧‧‧Second terminal device

121‧‧‧ instant messaging software

2‧‧‧Communication Server

21‧‧‧Account information

211‧‧ accounts

23‧‧‧ Payment Information

231‧‧‧

301~305‧‧‧Steps

S‧‧‧Network System

H1‧‧‧deduction notification component

1 is a schematic diagram of a network system of the present invention; FIG. 2 is a schematic diagram of an original image file and a deformation image file of the present invention; FIG. 3 is a schematic diagram of account information and money data of the present invention; FIG. 5 is a schematic diagram of a second terminal device of the present invention; FIG. 6 is another schematic diagram of a second terminal device of the present invention; and FIG. 7 is a second terminal device of the present invention. Another screen diagram.

The present invention is a method for securely transmitting a picture file. Referring to FIG. 1 , in an embodiment, the method is applied to a network system S, where the network system S includes a first terminal device 11 , A second terminal device 12 and a communication server 2, wherein the first terminal device 11 can be a smart phone, and an instant messaging software 111 is installed thereon, for example: Skype, Line, M+, Whatsapp, Mimitalks... In addition, the second terminal device 12 can be a tablet computer, and the instant messaging software 121 is also installed thereon. After the first terminal device 11 and the second terminal device 12 respectively activate the corresponding instant messaging software 111 and 121, They can be respectively connected to an Internet 10 to establish a connection with the communication server 2 through the instant messaging software 111, 121, so that information can be transmitted to each other.

As shown in FIG. 1 , the first terminal device 11 stores an original image file and a deformation image file, and the deformation image file is obtained by the image transformation process after the original image file is obtained. In this embodiment, the original image file can be subjected to Gaussian blurring to form the deformation image file (as shown in FIG. 2), but in other embodiments of the present invention, the operator can pass other methods, such as mosaic, A mask, a negative film, etc., as long as the deformed image file cannot completely present the content of the original image file, that is, the deformed image file referred to in the present invention. In particular, the source of the original image of the first terminal device 11 can be captured by the camera module of the first terminal device 11 or downloaded from a cloud space (eg, Flickr), or It is obtained by an external device (such as a memory card, a camera, etc.), and the image warping program can be a built-in function of the instant messaging software 111.

In this embodiment, as shown in Figures 1 and 3, the communication server 2 is further provided with an account data 21 and a payment data 23, the account information 21 includes a plurality of accounts 211, and each of the accounts 211 can The user account (such as: a1~a4), the mobile phone number, or the mobile phone unique code (IMEI), etc., is mainly used to represent the user corresponding to each account 211. Identity, the amount of money 23 includes a plurality of payments 231, and each of the funds 231 can be cash or virtual points, and each account 211 will correspond to a sum of money 231, for example, see Figure 3 The amount 231 corresponding to the account 211 of "a1" is 1000 points, and the amount 231 corresponding to the account 211 of "a3" is 2000 points...etc.

In order to explain the overall technical features of the present invention, the operation flow of the present invention will be exemplified, as shown in FIGS. 1 to 4, wherein it is assumed that Party A is the user of the first terminal device 11, and Party B is the second terminal device 12. The user can perform the following steps when Party A wants to transfer a picture file (such as a selfie) to Party B:

Step (301): In this embodiment, the first terminal device 11 can convert the original image file into "BASE64 format NO_WRAP", and generate a set of "AESKEY (for the original image file) and AESIV (for the original image file). (ie, the first encryption key), 第一, the first terminal device 11 uses the "AESKEY (for original image file) and AESIV (for original image file)" (ie, the first encryption key) for the original The image file is encrypted to form an encrypted original image file. However, in other embodiments of the present invention, the operator can generate a corresponding encrypted original image file according to different encryption technologies and requirements, and even increase the user's personal identification number (UID) in the encrypted original image file. In order to verify which user the encrypted original image belongs to, and in order to improve privacy and security, the first terminal device 11 may also perform an encryption process on the user's personal identification number (UID), but Not limited to this. As described above, as long as the first terminal device 11 can encrypt the original image file with at least one encryption key, it is a technical feature of the step.

Step (302): In this embodiment, the first terminal device 11 can first transmit the encrypted original image file to the communication server 2, and obtain a first picture identification code corresponding to the encrypted original image file. (eg, original image file ID), 第一, the first terminal device 11 can perform Gaussian blur on the original image file to obtain a blurred image file (such as the photo on the right in FIG. 2), and then the first terminal device 11 can transmit the deformed image file to the communication server 2, and obtain a second picture identification code (such as a deformed image file ID) corresponding to the deformed image file. However, in addition to the foregoing timing of generating the deformed image file, in other embodiments of the present invention, the first terminal device 11 can also upload the encrypted original image file to the communication before encrypting the original image file. Before the server 2, the fuzzy image file is formed, and then the first terminal device 11 transmits the encrypted original image file and the deformed image file to the communication server 2, instead of being limited to the foregoing process. Chen Ming.

Step (303): the communication server 2 can transmit the deformation image file to the second terminal End device 12, and storing the encrypted original image file; in this embodiment, the communication server 2 first transmits a second picture identification code (eg, a deformed image file ID) to the second terminal device 12, the first The second terminal device 12 can request and obtain the deformation image file from the communication server 2 by using the second picture identification code (eg, the deformed image file ID). However, in other embodiments of the present invention, the operator can Demand, adjust the above method. In this special statement, the process of steps (302)-(303) is the interaction process between the terminal devices 11, 12 and the communication server 2, and for the user's use situation, it is the party A and the party B. Through the instant messaging software 111, 121 chat, during the chat, Party A can select a photo (such as the photo on the left of Figure 2) to be transmitted to Party B, and then Party B can display the display on its second terminal device 12. The deformation image is seen on the top (as shown in Figure 5).

Step (304): When Party B wants to further view the original image file, it can operate the second terminal device 12, for example, click on the deformed image file on the fifth drawing surface, other virtual buttons or physical buttons, and then, the first The second terminal device 12 can generate a deduction notification component H1 (as shown in FIG. 6). Then, the party B can click "OK" (virtual button) in the deduction notification component H1, and the second terminal device 12 Generating an original picture request message, the original picture request message includes at least one person identification code and a first picture identification code (eg, original picture file ID), wherein the personal identification code matches one of the accounts 211, the second terminal The device 12 transmits the original request request message to the communication server 2, and the communication server 2 can obtain the account 211 and the payment 231 corresponding to the second terminal device 12 according to the content of the original request message, and execute A deduction procedure (for example, deducting 3 points for each photo unlocked), and after successfully deducting the predetermined amount (ie, 3 o'clock), the communication server 2 will encrypt the corresponding image according to the first picture identification code. The original image file is transmitted to the second terminal 12, for subsequent decryption processing, at the same time, the communication server 2 will also add the aforementioned predetermined amount (ie, 3 points) to the money 231 corresponding to the first terminal device 11; otherwise, when the communication server 2 Deduction failed (ie, payment After the amount in item 231 is less than the predetermined amount, it does not transmit the encrypted original image. However, in other embodiments of the present invention, the foregoing method is not limited. For example, the operator can save each user the right to unlock the photo several times for free. Therefore, the user only needs to operate the second terminal device 12 so that the user The second terminal device 12 generates an original image request message, and the communication server 2 can transmit the corresponding encrypted original image file to the second terminal device 12 according to the content of the original image request message, that is, the technical feature of the step .

Step (305): After receiving the encrypted original image file, the second terminal device 12 can use a first decryption key (for example, "AESKEY (for original image file) and AESIV (for original image file)") Decrypting the original image file to obtain the original image file of "BASE64 format NO_WRAP", after which the second terminal device 12 can convert the original image file of "BASE64 format NO_WRAP" and present the original image on the display screen. Figure file (as shown in Figure 7).

In this statement, according to different encryption technologies (such as: Advanced Encryption Standard (AES), Data Encryption Standard (DES), asymmetric cryptography, etc.) The content of the first encryption key and the first decryption key can be the same or different, wherein when the "key" is used to encrypt the image file, it is "encryption key", but when the "key" is used When decrypting the image file, it is the "decryption key", which is described first. In this embodiment, as shown in FIGS. 1 and 4, the manner in which the second terminal device 12 obtains the first decryption key includes at least the following two methods:

(A1) The first mode: after the first terminal device 11 transmits the encrypted original image file to the communication server 2, the first decryption key can be transmitted to the second terminal device 12, wherein When the first terminal device 11 transmits the first decryption key, the content of the first decryption key can also be encrypted to improve confidentiality. For example, both sides can use asymmetric encryption. (asymmetric cryptography) technology, and retains the public key and the private key respectively. Therefore, after Party A transmits the first decryption key to Party B, Party B can unlock the encrypted content with its own private key and obtain the first decryption key. However, it is not limited to this. In addition, both parties can exchange public keys (when they use asymmetric encryption technology) when they start communication chats. Therefore, when the two parties are in the follow-up chat, the first terminal device 11 The messages exchanged with the second terminal device 12 (including text, photos, encrypted pictures, movies, etc.) can be encrypted first by using asymmetric encryption technology to improve security and privacy.

(A2) The second mode: after successfully deducting the predetermined payment, the communication server 2 transmits a key message to the first terminal device 11, and after receiving the key message, the first terminal device 11 The first decryption key is transmitted to the second terminal device 12. As described above, when the first terminal device 11 transmits the first decryption key, the content of the first decryption key can also be encrypted.

In summary, it can be seen that, by the overall technical features of the present invention, the following effects can be achieved: (1) since the original image file stored on the communication server 2 has been encrypted, when a malicious user invades the After the communication server 2, since the encrypted original image file cannot be decrypted, and the content of the original image file cannot be obtained, the privacy of the user and the image file can be effectively maintained, and in addition, only the communication server 2 has Deformed image file, but because the deformation image file cannot completely present the content of the original image file, it still has a certain security effect; (2) since the encryption program of the present invention is completed by the first terminal device 11, the decryption program is It is completed by the second terminal device 12, so whether the first terminal device 11 transmits the image file to the communication server 2 or the communication server 2 transmits the image file to the second terminal device 12, The original image file of the secret, therefore, when the malicious user maliciously intercepts the transmission content during the aforementioned transmission, the original image file cannot be obtained because the original image file cannot be decrypted; (3) When the first terminal device 11 transmits the first decryption key, it is intentionally staggered to transmit the "encrypted original image file", and when the two users chat through the instant messaging software 111, 121, there are many messages to and from. Therefore, the malicious user cannot easily obtain the first decryption key, thereby reducing the probability that the malicious user correctly decrypts the "encrypted original image file".

In addition, in order to prevent the malicious user from restoring the blurred image file and obtaining the content of the original image file, in another embodiment of the present invention, refer to the first and fourth figures, in step (302), the first After the terminal device 11 generates the blurred image file, it can first convert the blurred image file into "BASE64 format NO_WRAP", and generate a set of "AESKEY (for blur image files) and AESIV (for blur image files)" ( That is, the second encryption key), after which the first terminal device 11 uses the set of "AESKEY (for fuzzy image files) and AESIV (for fuzzy image files)" (ie, the second encryption key) for the blurred map. The file is encrypted to form the encrypted fuzzy image file, and can be in a text composition format [encrypted fuzzy image file BASE64], and the first terminal device 11 can transmit the encrypted fuzzy image file to the communication server. 2. The image files owned by the communication server 2 are all encrypted files to improve the security of the image file.

Furthermore, as shown in FIGS. 1 and 4, after the communication server 2 receives the encrypted fuzzy image file, it can transmit the encrypted deformation image file to the second in step (303). The terminal device 12, the second terminal device 12 can decrypt the encrypted deformed image file with a second decryption key to present the deformed image file on the display screen, wherein the second decryption key can The contents of the second encryption key can be the same or different, and can also be the first in the manner of (A1) above. The terminal device 11 transmits the second decryption key to the second terminal device 12. In particular, in order to improve the security of the transmission file, the operator can also encrypt the same image file by using various encryption programs, so that the first terminal device can perform the original image file one or more times first. Encrypted, and after receiving the deformed image file, the second terminal device obtains the encrypted original image file from the communication server, and can decrypt the encrypted original image file one or more times, which is the scope of the claimed invention. .

The above is only the preferred embodiment of the present invention, but the scope of the claims of the present invention is not limited thereto, and according to those skilled in the art, according to the technical content disclosed in the present invention, Equivalent changes that are easily considered are within the scope of protection of the invention.

Claims (6)

A method for securely transmitting a file is applied to a network system, the network system including a first terminal device, a second terminal device, and a communication server, wherein the first terminal device and the second device The terminal device is respectively installed with an instant messaging software. After the first terminal device and the second terminal device respectively activate the instant messaging software, the first terminal device and the second terminal device can establish a connection with the communication server through the instant messaging software. The first terminal device At least one original image file and one deformed image file are stored in the image file, and the image file is obtained by the image patterning process. The method is configured to enable the network system to perform the following steps: the first terminal device At least one encryption key encrypts the original image file; the first terminal device transmits the encrypted original image file and the deformed image file to the communication server; the communication server transmits the modified image file to the first a second terminal device, and storing the encrypted original image file; after receiving the original image request message sent by the second terminal device, the communication server encrypts the original image file Sent to the second terminal; and the second terminal apparatus at least a first of the encrypted decryption key to decrypt the original image file, to render the original image file. The method of claim 1, wherein the first terminal device encrypts the deformed image file before uploading the deformed image file to the communication server, and then transmits the encrypted deformed image file to the communication a server, after the communication server transmits the encrypted deformation image file to the second terminal device, the second terminal device can decrypt the encrypted deformation image file with a second decryption key to present the deformation Image file. The method of claim 2, wherein the communication server further has an account information and a payment data, the account information includes a plurality of accounts, and the payment includes a plurality of funds. And each account corresponds to a sum of money, and the communication server receives an original request message sent by the second terminal device, and before transmitting the encrypted original image file to the second terminal device, the following Step: Perform a debit procedure on the second terminal device according to the account and the money corresponding to the second terminal device, and after successfully deducting the predetermined amount, transmit the encrypted original image file to the second terminal device. The method of claim 1, 2 or 3, wherein the first terminal device transmits the encrypted original image file to the communication server, and transmits the first decryption key to the second terminal device . The method of claim 3, wherein the communication server transmits a key message to the first terminal device after the successful deduction of the predetermined amount, so that the first terminal device decrypts the first decryption key And transmitting to the second terminal device, for the second terminal to decrypt the encrypted original image file. The method of claim 2 or 3, wherein the first terminal device transmits the encrypted original image file to the communication server, and transmits the first decryption key and the second decryption key to The second terminal device.