TWI712307B - Methods for encrypting and decrypting the group message and transporting the encrypted group message - Google Patents
Methods for encrypting and decrypting the group message and transporting the encrypted group message Download PDFInfo
- Publication number
- TWI712307B TWI712307B TW108133623A TW108133623A TWI712307B TW I712307 B TWI712307 B TW I712307B TW 108133623 A TW108133623 A TW 108133623A TW 108133623 A TW108133623 A TW 108133623A TW I712307 B TWI712307 B TW I712307B
- Authority
- TW
- Taiwan
- Prior art keywords
- electronic device
- key
- group
- message
- server
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/16—Arrangements for providing special services to substations
- H04L12/18—Arrangements for providing special services to substations for broadcast or conference, e.g. multicast
- H04L12/1813—Arrangements for providing special services to substations for broadcast or conference, e.g. multicast for computer conferences, e.g. chat rooms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/04—Real-time or near real-time messaging, e.g. instant messaging [IM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Multimedia (AREA)
- Storage Device Security (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Description
本發明係有關一種加解密訊息及傳輸訊息之方法,尤其是一種加、解密群組訊息及傳遞訊息之方法。The invention relates to a method of encrypting and decrypting messages and transmitting messages, in particular to a method of encrypting and decrypting group messages and transmitting messages.
隨著網際網路的普及,各種即時通訊系統也廣泛普遍地被使用,例如: Line、Wechat,甚至是社群網站最後都朝向即時通訊這領域開發平台,例如:臉書的Messager,然而,一般的即時通訊系統平台多屬於開放式的通訊平台,並無法限制通訊平台的使用者,雖然開放式的通訊平台對於使用者的限制極低,因此對於使用者的訊息自由度極高,With the popularity of the Internet, various instant messaging systems are widely used, such as Line, Wechat, and even social networking sites. Finally, they are developing platforms in the field of instant messaging, such as Facebook’s Messager. However, generally Most of the instant messaging system platforms are open communication platforms and cannot restrict users of the communication platform. Although the open communication platform has extremely low restrictions on users, it has a high degree of freedom for users.
現有即時通技術中,其一是以雲端、行動通訊裝置與推播技術提供單一個層級之組織內部之訊息交換服務,在此情況之即產生公文被私文淹沒的問題(即不易發現該篇公文)。因此,雲端推播方式的即時通訊技術為解決“習知個人對個人的即時訊息系統不適合群組/公司使用”的問題,因而提供“以固定單一個群組動態消息提供單一個層級之組織在其中分享訊息”的功效。另一現有即時通訊技術為以雲端技術供電腦及行動通訊裝置進行訊息交換,而只能提供固定單一個動態消息,意即其所面臨問題亦是“無法區分公、私兩種用途”,如此若要區分公、私用途,則需設立不同的帳號或群組,例如:公文用途在Facebook at Work,而私文用途則在Facebook。而區分公、私用途所產生的技術效果則為“提供適合四種不同情境的方式,皆以固定單一個動態消息提供單一個層級之組織在其中分享訊息”。Among the existing instant messaging technologies, one of them uses cloud, mobile communication devices, and push technologies to provide information exchange services within a single level of organization. In this case, the problem of official documents being overwhelmed by private documents (that is, it is not easy to find the article) Official document). Therefore, the cloud push method of instant messaging technology solves the problem of "the known person-to-person instant messaging system is not suitable for group/company use", and therefore provides "a fixed single group dynamic message to provide a single level of organization in Among them, share the message" effect. Another existing instant messaging technology uses cloud technology for computer and mobile communication devices to exchange messages, and can only provide a fixed single dynamic message, which means that the problem it faces is also "inability to distinguish between public and private uses." If you want to distinguish between public and private purposes, you need to set up different accounts or groups. For example, official documents are for Facebook at Work, and private documents are for Facebook. The technical effect of distinguishing between public and private uses is "providing a method suitable for four different situations, all with a fixed single dynamic message providing a single level of organization to share information in it".
但相對地,上述之兩種即時通訊系統平台仍無法滿足具有私密需求的族群,而無法對於具有私密需求的族群提供特定的私密對話訊息,因此仍有待改善之處。有鑑於此,遂有發明出一種企業內部使用之即時通訊系統平台。即使以企業內部使用之即時通訊作為主要目的,但仍然未能有效提供訊息加密手段;再者,針對特定加密群組之中的訊息作加密保全,大多數現有即時通訊平台的加密方式為透過伺服器進行加密處理,並未排除伺服器的加密處理角色,且一般加密手段在於透過伺服器進行加密,而客戶端並未提供有效加密手段,仍會被有心人士於傳遞過程中擷取訊息,而造成企業內部營業秘密遭到有心人士外洩。However, the above two instant messaging system platforms are still unable to satisfy the groups with privacy needs, and cannot provide specific private dialogue messages for the groups with privacy needs, so there is still room for improvement. In view of this, an instant messaging system platform for enterprise internal use was invented. Even if the main purpose is to use instant messaging internally in the enterprise, it still fails to provide effective means of message encryption. Furthermore, for the encryption of messages in a specific encryption group, most of the existing instant messaging platforms use server-based encryption. The encryption processing performed by the server does not exclude the encryption processing role of the server, and the general encryption method is to encrypt through the server, and the client does not provide an effective encryption method, and the message will still be retrieved by interested parties during the transmission process. As a result, the internal business secrets of the enterprise were leaked by interested persons.
基於上述之問題,本發明提供一種加、解密群組訊息及傳遞訊息之方法,其藉由電子裝置本身提供加、解密手段,並讓伺服器無法辨識,因而排除伺服器及傳輸過程中被外洩訊息,進一步地增加群組通訊的安全性。Based on the above-mentioned problems, the present invention provides a method for encrypting and decrypting group messages and transmitting messages. The electronic device itself provides encryption and decryption methods, and makes the server unable to identify, thereby eliminating the server and the transmission process from being outside. Leaking information further increases the security of group communication.
本發明之主要目的,提供一種加、解密群組訊息及傳遞訊息之方法,其利用使用者所使用之電子裝置直接加、解密,並讓伺服器無法辨識,以提升通訊過程與訊息本身的安全性。The main purpose of the present invention is to provide a method for encrypting and decrypting group messages and transmitting messages, which utilizes the electronic device used by the user to directly encrypt and decrypt, and make the server unable to identify, so as to improve the security of the communication process and the message itself Sex.
為了達到上述之目的,本發明揭示了一種傳遞訊息之方法,其應用於一第一電子裝置、一第二電子裝置、一資料伺服器與一通訊群組伺服器,該第一電子裝置依據一第一帳號登入該通訊群組伺服器,該第二電子裝置為收到該第一電子裝置之邀請而依據一第二帳號登入該通訊群組伺服器,且該第一電子裝置依據該通訊群組伺服器對應之一群組資料產生一第一裝置金鑰與一第一公開金鑰,該第二電子裝置依據該群組資料產生一第二裝置金鑰與一第二公開金鑰,該第一電子裝置依據該群組資料產生對應之一群組金鑰,用以對該第一公開金鑰進行加密,以對應產生一第一加密金鑰,該第一電子裝置將其對應之一第一代碼與先前所得之該第一加密金鑰記錄於該資料伺服器,且該第一電子裝置進一步經該通訊群組伺服器取得來自於該第二電子裝置所傳送之該第二公開金鑰,該第一電子裝置依據該群組金鑰對該第二公開金鑰進行加密而產生一第二加密金鑰,該第一電子裝置將該第二電子裝置對應之一第二代碼與該第二加密金鑰記錄於該資料伺服器,基於上述條件,本發明之傳遞訊息之方法先由該第一電子裝置依據該第一帳號向該資料伺服器下載該第一加密金鑰,藉此,該第一電子裝置依據該第一裝置金鑰與該第一加密金鑰產生該群組金鑰,以接續依據該群組金鑰加密一第一訊息,而產生一第一加密訊息,接續由該第一電子裝置依據該第一帳號上傳該第一加密訊息至該通訊群組伺服器;該第二電子裝置依據該第二帳號向該資料伺服器下載該第二加密金鑰並向該通訊群組伺服器下載該第一加密訊息,該第二電子裝置依據該第二裝置金鑰與該第二加密金鑰產生該群組金鑰,藉此,該第二電子裝置依據該群組金鑰解密該第一加密訊息,以在該第二電子裝置還原成該第一訊息並顯示,也就是該第二電子裝置解讀了該第一電子裝置之該第一加密訊息,因而顯示於該第二電子裝置上。藉此,增加提升通訊過程與訊息本身的安全性。In order to achieve the above objective, the present invention discloses a method of transmitting messages, which is applied to a first electronic device, a second electronic device, a data server and a communication group server, the first electronic device is based on a The first account logs in the communication group server, the second electronic device logs in the communication group server according to a second account in order to receive the invitation of the first electronic device, and the first electronic device logs in according to the communication group The group server generates a first device key and a first public key corresponding to a group of data, the second electronic device generates a second device key and a second public key according to the group data, the The first electronic device generates a corresponding group key according to the group data for encrypting the first public key to correspondingly generate a first encryption key, and the first electronic device corresponds to one The first code and the previously obtained first encryption key are recorded in the data server, and the first electronic device further obtains the second public money sent from the second electronic device via the communication group server Key, the first electronic device encrypts the second public key according to the group key to generate a second encryption key, the first electronic device corresponds to a second code corresponding to the second electronic device and the The second encryption key is recorded in the data server. Based on the above conditions, the method of transmitting messages of the present invention first downloads the first encryption key to the data server by the first electronic device according to the first account number, thereby , The first electronic device generates the group key according to the first device key and the first encryption key, and then encrypts a first message according to the group key to generate a first encrypted message, and then The first electronic device uploads the first encrypted message to the communication group server according to the first account; the second electronic device downloads the second encryption key to the data server according to the second account and sends it to the The communication group server downloads the first encrypted message, and the second electronic device generates the group key according to the second device key and the second encryption key, whereby the second electronic device according to the group The key decrypts the first encrypted message to restore and display the first message on the second electronic device. That is, the second electronic device decodes the first encrypted message of the first electronic device and displays it on the On the second electronic device. In this way, the security of the communication process and the message itself is increased.
本發明提供一實施例,其內容在於,當該第一電子裝置未讀取到該第一代碼時,無法下載該第一加密金鑰,當該第二電子裝置未讀取到該第二代碼時,無法下載該第二加密金鑰。The present invention provides an embodiment, the content of which is that when the first electronic device does not read the first code, the first encryption key cannot be downloaded, and when the second electronic device does not read the second code , The second encryption key cannot be downloaded.
本發明提供一實施例,其內容在於本發明之方法更進一步,接續由 該第二電子裝置回復該第一訊息,因而依據該第一訊息產生一第二訊息,接續該第二電子裝置再依據該群組金鑰加密該第二訊息,以產生一第二加密訊息,藉此,該第二電子裝置依據該第二帳號上傳該第二加密訊息至該通訊群組伺服器;接續,該第一電子裝置自該通訊群組伺服器下載該第二加密訊息,然後,該第一電子裝置依據該群組金鑰解密該第二加密訊息,以在該第一電子裝置內還原成該第二訊息。The present invention provides an embodiment. The content of the method of the present invention is that the second electronic device responds to the first message, so a second message is generated based on the first message, and the second electronic device is connected to The group key encrypts the second message to generate a second encrypted message, whereby the second electronic device uploads the second encrypted message to the communication group server according to the second account; continue, the first An electronic device downloads the second encrypted message from the communication group server, and then the first electronic device decrypts the second encrypted message according to the group key to restore the second encrypted message in the first electronic device message.
本發明提供一實施例,其內容在於該第一電子裝置依據一非對稱式密碼演算法產生該第一裝置金鑰與該第一公開金鑰,該第二電子裝置依據該非對稱式密碼演算法產生該第二裝置金鑰與該第二加密金鑰。The present invention provides an embodiment wherein the first electronic device generates the first device key and the first public key according to an asymmetric cryptographic algorithm, and the second electronic device generates the first device key and the first public key according to the asymmetric cryptographic algorithm Generate the second device key and the second encryption key.
本發明提供一實施例,其內容在於該傳遞訊息之方法進一步包含轉移該第一裝置金鑰與該第一公開金鑰至一第三電子裝置之步驟,其先以該第一電子裝置依據該加密群組取得一第一條碼並暫存該加密群組對應之該第一裝置金鑰與該第一公開金鑰於該伺服器,接續以該第三電子裝置依據該第一條碼取得一授權資訊,然後該第三電子裝置依據該授權資訊自該伺服器下載並還原該第一裝置金鑰與該第一公開金鑰,再由該第三電子裝置加入該加密群組並依據該加密群組加密該第一公開金鑰,以產生該第一加密金鑰並記錄該第三電子裝置與該第一加密金鑰於該伺服器,因此完成轉移該第一裝置金鑰與該第一公開金鑰至該第三電子裝置。The present invention provides an embodiment, the content of which is that the method for transmitting a message further includes the step of transferring the first device key and the first public key to a third electronic device, which first uses the first electronic device according to the The encryption group obtains a first barcode and temporarily stores the first device key and the first public key corresponding to the encryption group on the server, and then the third electronic device obtains an authorization according to the first barcode Information, and then the third electronic device downloads and restores the first device key and the first public key from the server according to the authorization information, and then the third electronic device joins the encryption group according to the encryption group Encrypt the first public key to generate the first encryption key and record the third electronic device and the first encryption key on the server, thus completing the transfer of the first device key and the first public key The key to the third electronic device.
本發明提供一實施例,其內容在於該第一電子裝置依據該通訊群組伺服器取得一第一條碼並暫存該第一裝置金鑰與該第一公開金鑰於該資料伺服器之步驟中,該第一電子裝置對該第一裝置金鑰與該第一公開金鑰加密,以產生一第一加密資料,並暫存於該資料伺服器。The present invention provides an embodiment, the content of which is that the first electronic device obtains a first barcode according to the communication group server and temporarily stores the first device key and the first public key in the data server In this case, the first electronic device encrypts the first device key and the first public key to generate a first encrypted data, which is temporarily stored in the data server.
本發明提供一實施例,其內容在於該傳遞訊息之方法進一步包含轉移該第二裝置金鑰與該第二公開金鑰至該第四電子裝置之步驟,其先以該第二電子裝置依據該加密群組取得一第二條碼並暫存該加密群組對應之該第一裝置金鑰與該第一公開金鑰於該伺服器,接續以該第四電子裝置依據該第二條碼取得一授權資訊,然後該第四電子裝置依據該授權資訊自該伺服器下載並還原該第二裝置金鑰與該第二公開金鑰,再由該第四電子裝置加入該加密群組並依據該加密群組加密該第二公開金鑰,以產生該第二加密金鑰並記錄該第四電子裝置與該第二加密金鑰於該伺服器。The present invention provides an embodiment, the content of which is that the method of transmitting a message further includes the step of transferring the second device key and the second public key to the fourth electronic device, which first uses the second electronic device according to the The encryption group obtains a second barcode and temporarily stores the first device key and the first public key corresponding to the encryption group on the server, and then the fourth electronic device obtains an authorization according to the second barcode Information, and then the fourth electronic device downloads and restores the second device key and the second public key from the server according to the authorization information, and then the fourth electronic device joins the encryption group according to the encryption group Encrypt the second public key to generate the second encryption key and record the fourth electronic device and the second encryption key in the server.
本發明提供一實施例,其內容在於於該第二電子裝置依據該通訊群組伺服器取得一第二條碼並暫存該第二裝置金鑰與該第二公開金鑰於該資料伺服器之步驟中,該第二電子裝置對該第二裝置金鑰與該第二公開金鑰加密,以產生一第二加密資料,並暫存於該資料伺服器。The present invention provides an embodiment in which the content of the second electronic device obtains a second barcode according to the communication group server and temporarily stores the second device key and the second public key in the data server In the step, the second electronic device encrypts the second device key and the second public key to generate a second encrypted data, which is temporarily stored in the data server.
本發明提供一實施例,其內容在於該通訊群組伺服器與該資料伺服器為同一伺服器。The present invention provides an embodiment, the content of which is that the communication group server and the data server are the same server.
為了達到上述之目的,本發明另揭示了一種加密群組訊息之方法,應用於一電子裝置依據一帳號儲存一加密金鑰至一資料伺服器,該加密金鑰對應於該電子裝置之一裝置金鑰,本發明之加密群組訊息之方法先由該電子裝置依據該帳號下載該加密金鑰,接續該電子裝置依據該裝置金鑰對該加密金鑰進行解密而產生一群組金鑰,然後該電子裝置依據該群組金鑰對一訊息進行加密而產生一加密訊息。藉此,改善加密訊息之信賴度。In order to achieve the above objective, the present invention also discloses a method for encrypting group messages, which is applied to an electronic device to store an encryption key to a data server according to an account, the encryption key corresponding to a device of the electronic device In the method of encrypting group messages of the present invention, the electronic device downloads the encryption key according to the account number, and then the electronic device decrypts the encryption key according to the device key to generate a group key. Then the electronic device encrypts a message according to the group key to generate an encrypted message. In this way, the reliability of encrypted messages is improved.
本發明提供另一實施例,其內容在於依據一裝置金鑰與該加密金鑰解密之步驟中,該電子裝置進一步依據一非對稱式密碼演算法進行解密,以產生該群組金鑰。The present invention provides another embodiment, the content of which is that in the step of decrypting according to a device key and the encryption key, the electronic device further decrypts according to an asymmetric cryptographic algorithm to generate the group key.
本發明提供另一實施例,其內容在於依據一裝置金鑰與該加密金鑰解密之步驟中,進一步依據一進階加密標準(AES)演算法產生該加密訊息。The present invention provides another embodiment, the content of which is that in the step of decrypting according to a device key and the encryption key, the encrypted message is further generated according to an Advanced Encryption Standard (AES) algorithm.
為了達到上述之目的,本發明另揭示了一種解密群組訊息之方法,應用於一電子裝置依據一帳號儲存一加密金鑰至一資料伺服器,該加密金鑰對應於該電子裝置之一裝置金鑰,本發明之解密群組訊息之方法先由該電子裝置依據該帳號下載該加密金鑰,接續該電子裝置依據該裝置金鑰對該加密金鑰進行解密而產生一群組金鑰;該電子裝置依據該群組金鑰對一加密訊息進行解密而產生一解密訊息。藉此,提升群組訊息之安全度。In order to achieve the above objective, the present invention also discloses a method for decrypting group messages, which is applied to an electronic device to store an encryption key to a data server according to an account, and the encryption key corresponds to a device of the electronic device In the method of decrypting group messages of the present invention, the electronic device downloads the encryption key according to the account number, and then the electronic device decrypts the encryption key according to the device key to generate a group key; The electronic device decrypts an encrypted message according to the group key to generate a decrypted message. In this way, the security of group messages is improved.
本發明提供另一實施例,其內容在於依據一裝置金鑰與該加密金鑰解密之步驟中,該電子裝置進一步依據一非對稱式密碼演算法進行解密,以產生該群組金鑰。The present invention provides another embodiment, the content of which is that in the step of decrypting according to a device key and the encryption key, the electronic device further decrypts according to an asymmetric cryptographic algorithm to generate the group key.
本發明提供另一實施例,其內容在於依據該群組金鑰與一加密訊息產生一解密訊息並顯示之步驟中,進一步依據一進階加密標準(AES)演算法產生該加密訊息。The present invention provides another embodiment, the content of which is that in the step of generating and displaying a decrypted message based on the group key and an encrypted message, the encrypted message is further generated based on an Advanced Encryption Standard (AES) algorithm.
為使 貴審查委員對本發明之特徵及所達成之功效有更進一步之瞭解與認識,謹佐以實施例及配合說明,說明如後:In order to enable your reviewer to have a further understanding and understanding of the features of the present invention and the effects achieved, the following examples and accompanying descriptions are provided. The description is as follows:
有鑑於習知定位技術對於可靠度的影響,據此,本發明遂提出一種加、解密群組訊息及傳遞訊息之方法,以解決習知技術所造成之訊息信賴度問題。In view of the influence of conventional positioning technology on reliability, the present invention proposes a method for encrypting and decrypting group messages and transmitting messages to solve the problem of message reliability caused by conventional technologies.
以下,將進一步說明本發明一種加、解密群組訊息及傳遞訊息之方法所包含之特性、所搭配之結構及其方法:In the following, the features included in the method of encrypting and decrypting group messages and transmitting messages of the present invention, the structure and the method thereof will be further described:
首先,請參閱第1A圖,其為本發明之一實施例之流程圖。如圖所示,本發明之一種傳遞訊息之方法,其步驟包含:First, please refer to FIG. 1A, which is a flowchart of an embodiment of the present invention. As shown in the figure, a method of transmitting a message of the present invention includes the following steps:
步驟S10: 第一電子裝置依據第一帳號向資料伺服器下載第一加密金鑰;Step S10: The first electronic device downloads the first encryption key to the data server according to the first account;
步驟S20: 第一電子裝置依據第一裝置金鑰解密第一加密金鑰,以取得群組金鑰;Step S20: The first electronic device decrypts the first encryption key according to the first device key to obtain the group key;
步驟S30: 第一電子裝置依據群組金鑰加密第一訊息,以產生第一加密訊息;Step S30: The first electronic device encrypts the first message according to the group key to generate the first encrypted message;
步驟S40: 第一電子裝置依據第一帳號上傳第一加密訊息至通訊群組伺服器;Step S40: The first electronic device uploads the first encrypted message to the communication group server according to the first account;
步驟S50: 第二電子裝置依據第二帳號自該資料伺服器下載第二加密金鑰並向通訊群組伺服器下載第一加密訊息;Step S50: The second electronic device downloads the second encryption key from the data server according to the second account and downloads the first encrypted message to the communication group server;
步驟S60: 第二電子裝置依據第二裝置金鑰解密第二加密金鑰,以取得群組金鑰;Step S60: The second electronic device decrypts the second encryption key according to the second device key to obtain the group key;
步驟S70: 第二電子裝置依據群組金鑰解密第一加密訊息,以在第二電子裝置內還原成第一訊息。Step S70: The second electronic device decrypts the first encrypted message according to the group key to restore the first message in the second electronic device.
請一併參閱第2圖至第4B圖,其為本發明之一實施例之系統示意圖。如圖所示,本發明之傳遞訊息之方法所採用之群組系統1包含一資料伺服器10、一第一電子裝置20、一第二電子裝置30與一通訊群組伺服器40,本實施例中,第一電子裝置20依據一第一帳號A1登入通訊群組伺服器40,第一電子裝置20之第一帳號A1於通訊群組伺服器40中,第一帳號A1在一通訊群組40A中作為管理者並由該第一電子裝置20邀請該第二電子裝置30依據一第二帳號A2登入該通訊群組伺服器,而第一帳號A1於通訊群組伺服器40中之一通訊群組G1作為管理者。Please also refer to FIGS. 2 to 4B, which are schematic diagrams of a system according to an embodiment of the present invention. As shown in the figure, the
接續上述,第一電子裝置20依據通訊群組G1之一群組資料GD1產生一第一裝置金鑰22與一第一公開金鑰24,而第二電子裝置30依據群組資料GD1產生一第二裝置金鑰32與一第二公開金鑰34,因此第一電子裝置20依據群組資料GD1對應之一群組金鑰keyg加密第一公開金鑰22,以產生一第一加密金鑰Key1,且第一電子裝置20經通訊群組伺服器40取得第二電子裝置30之第二公開金鑰34,也就是第二電子裝置30經通訊群組伺服器40傳送至第一電子裝置20,第一電子裝置20依據群組金鑰keyg加密第二公開金鑰34,以產生一第二加密金鑰Key2,其中群組資料GD1為對應於群組通訊伺服器40之通訊群組40A,因此本實施例所述之金鑰為應用通訊群組40A,而無法在其他群組使用,以增強安全性,第一加密金鑰Key1與第二加密金鑰Key2皆對應至群組金鑰keyg。Following the above, the first
進一步,本實施例中,儲存資料與群播訊息執行於不同伺服器,也就是區分為該資料伺服器10與群組通訊伺服器40,因此區分有資料伺服器10與通訊群組伺服器40。資料伺服器10儲存第一加密金鑰Key1與第二加密金鑰Key2,第一加密金鑰key1與第二加密金鑰key2分別連結一第一代碼device1與一第二代碼device2,而第一代碼device1與第二代碼device2分別為對應第一電子裝置20與第二電子裝置30之代碼,因此透過第一電子裝置20上傳至資料伺服器10,讓資料伺服器10記錄第一電子裝置30對應之第一代碼device1與該第一加密金鑰key1,以及讓資料伺服器10記錄第二電子裝置30對應之第二代碼device2與第二加密金鑰key2。其中,第一裝置金鑰22與第一公開金鑰24為第一電子裝置20依據一非對稱加密演算法所產生,而第二裝置金鑰32與第二公開金鑰34為第二電子裝置30依據該非對稱加密演算法所產生,例如:RSA加密演算法,因此第一裝置金鑰22配對於第一公開金鑰24,第二裝置金鑰32配對於第二公開金鑰34。Furthermore, in this embodiment, data storage and group broadcast messages are executed on different servers, that is, the
於步驟S10中,如第4圖所示,第一電子裝置20之第一帳號A1於通訊群組伺服器40中,提出資料下載請求,以下載先前儲存於資料伺服器10之第一加密金鑰key1,資料伺服器10依據第一代碼device1提供第一電子裝置20接續下載第一加密金鑰key1於第一電子裝置20之裝置內部儲存空間。於步驟S20中,如第4圖所示,第一電子裝置20針對第一加密金鑰Key1進行解密,因而讓第一電子裝置20取得對應通訊群組40A之群組金鑰keyg,然後在步驟S30中,第一電子裝置20依據群組金鑰keyg對第一電子裝置20所要傳送之一第一訊息M1進行加密,因而產生一第一加密訊息M12。In step S10, as shown in FIG. 4, the first account A1 of the first
於步驟S40中,如第4圖所示,第一電子裝置20將第一加密訊息M12上傳至通訊群組40A。接續於步驟S50中,如第5圖所示,第二電子裝置30對資料伺服器10針對第二加密金鑰key2提出資料下載請求,以讓資料伺服器10依據第二代碼device2下載第二加密金鑰key2,同時讓第二電子裝置30自通訊群組40A下載第一加密訊息M12,然後於步驟S60中,第二電子裝置30依據第二裝置金鑰32與第二加密金鑰key2進行解密,因而取得對應通訊群組40A之群組金鑰keyg,供第二電子裝置30於步驟S70中利用群組金鑰keyg對加密訊息M12進行解密,以將第一加密訊息M12還原成第一訊息M1於第二電子裝置30中,因而讓第二電子裝置30可顯示出第一訊息M1,而非顯示第一加密訊息M12。In step S40, as shown in FIG. 4, the first
由上述可知,藉由本發明之傳遞訊息之方法讓伺服器不再判讀或辨識出第一電子裝置20傳送至第二電子裝置30之訊息,因而避免第三方洩漏資訊,且因傳遞訊息之過程中為傳遞加密訊息,更進一步提高訊息傳遞之可靠度。It can be seen from the above that the message transmission method of the present invention allows the server to no longer interpret or recognize the message sent by the first
如第1B圖所示,本發明之傳遞訊息之方法更可應用於第二電子裝置30回覆訊息之傳遞過程中,因而依據節點A,進一步延續本發明之方法的步驟至步驟S150,也就是說本發明之傳遞訊息之方法更包含:As shown in FIG. 1B, the method of transmitting messages of the present invention can be applied to the transmission process of the reply message of the second
步驟S80: 第二電子裝置依據第一訊息產生第二訊息;Step S80: The second electronic device generates a second message according to the first message;
步驟S90: 第二電子裝置依據第二裝置金鑰與第二加密金鑰加密第二訊息,以產生第二加密訊息;Step S90: The second electronic device encrypts the second message according to the second device key and the second encryption key to generate a second encrypted message;
步驟S100: 第二電子裝置依據第二帳號上傳第二加密訊息至該通訊群組伺服器;Step S100: The second electronic device uploads the second encrypted message to the communication group server according to the second account;
步驟S110: 第一電子裝置自通訊群組伺服器下載第二加密訊息;以及Step S110: the first electronic device downloads the second encrypted message from the communication group server; and
步驟S120: 第一電子裝置依據第一裝置金鑰與第一加密金鑰解密第二加密訊息,以在第一電子裝置內還原成第二訊息。Step S120: The first electronic device decrypts the second encrypted message according to the first device key and the first encryption key to restore the second message in the first electronic device.
於步驟S110中,第二電子裝置30為依據第一訊息M1產生對應之回復訊息,即對應產生一第二訊息M2,然後,於步驟S120中,第二電子裝置30依據第二裝置金鑰32與第二加密金鑰key2之解密所產生的群組金鑰keyg,對第二訊息M2進行加密,其中,第二電子裝置30可自資料伺服器10再次下載第二加密金鑰key2,而再次執行第二加密金鑰key2之解密,以獲得群組金鑰keyg,而對第二訊息M2進行加密,以產生對應之第二加密訊息M22,或者是第二電子裝至30依據第二裝置金鑰32而直接利用先前步驟S70已下載之第二加密金鑰key2進行解密,以獲得群組金鑰keyg,進而對第二訊息M2進行加密。In step S110, the second
之後於步驟S130中,第二電子裝置30將第二加密訊息M22上傳至通訊群組伺服器40之通訊群組40A中,因而讓第一電子裝置20接續於步驟S140中,自通訊群組伺服器40下載第二加密訊息M22於裝置內部儲存空間。接續,第一電子裝置20於步驟S150中,依據第一裝置金鑰22與第一加密金鑰key1之解密所產生的群組金鑰keyg,對第二加密訊息M22進行解密,以還原成第二訊息M2,其中,第一電子裝置20可自資料伺服器10再次下載第一加密金鑰key1,而再次執行第一加密金鑰key1之解密,以獲得群組金鑰keyg,而對第二加密訊息M22進行加密,以還原成對應之第二訊息M2,或者是第一電子裝至20依據第一裝置金鑰22而直接利用先前步驟S20已下載之第一加密金鑰key1進行解密,以獲得群組金鑰keyg,進而對第二加密訊息M22進行解密。Then in step S130, the second
請參閱第6圖,其為本發明之加密群組訊息之流程圖。如圖所示,本發明之加密群組訊息之方法,其步驟包含如下:Please refer to Figure 6, which is a flowchart of the encrypted group message of the present invention. As shown in the figure, the method for encrypting group messages of the present invention includes the following steps:
步驟S210:電子裝置下載伺服器所儲存之加密金鑰;Step S210: the electronic device downloads the encryption key stored in the server;
步驟S220:依據裝置金鑰與加密金鑰解密,以取得群組金鑰;Step S220: Decrypt according to the device key and the encryption key to obtain the group key;
步驟S230:依據群組金鑰與群組訊息產生加密訊息,以傳送至一加密群組。Step S230: Generate an encrypted message according to the group key and the group message, and send it to an encrypted group.
復參閱第4A圖,第一電子裝置20欲加密第一訊息M1時,需先下載原先上傳至資料伺服器10或多功能伺服器50之第一加密金鑰key1,由於第一加密金鑰key1並非由資料伺服器10或多功能伺服器50所加密,因此資料伺服器10或多功能伺服器50無法對第一加密金鑰key1進行解密,僅可由第一電子裝置20對第一加密金鑰key1進行解密,因此於步驟S220中,由第一電子裝置20進行解密,以取得對應加密群組40之群組金鑰keyg,接續於步驟S230中,第一電子裝置20依據群組金鑰keyg對群組訊息(即第一訊息M1)進行加密,而產生對應之第一加密訊息M12,而上傳至對應之加密群組。Referring again to Figure 4A, when the first
以上實施例,為第一電子裝置20對加密群組發出群組訊息,倘若為第二電子裝置30發出群組訊息至加密群組,亦是遵循上述之步驟S210至步驟S230。In the above embodiment, the first
請參閱第7圖,其為本發明之解密群組訊息之流程圖。如圖所示,本發明之解密群組訊息之方法,其步驟包含如下:Please refer to Figure 7, which is a flow chart of decrypting group messages of the present invention. As shown in the figure, the method for decrypting group messages of the present invention includes the following steps:
步驟S310:一電子裝置下載一伺服器所儲存之一加密金鑰;Step S310: An electronic device downloads an encryption key stored in a server;
步驟S320:依據一裝置金鑰與該加密金鑰解密,取得一群組金鑰;Step S320: Decrypt according to a device key and the encryption key to obtain a group key;
步驟S330: 依據該群組金鑰與一加密訊息產生一解密訊息並顯示於該電子裝置。Step S330: Generate a decrypted message based on the group key and an encrypted message and display it on the electronic device.
復參閱第4B圖,第二電子裝置30欲解密第一加密訊息M12時,需先下載原先上傳至資料伺服器10之第二加密金鑰key2,由於第二加密金鑰key2並非由資料伺服器10或多功能伺服器50所加密,因此資料伺服器10無法對第二加密金鑰key2進行解密,僅可由第二電子裝置30對第二加密金鑰key2進行解密,因此於步驟S220中,由第二電子裝置30進行解密,以產生出對應加密群組之群組金鑰keyg,接續於步驟S230中,第二電子裝置30依據群組金鑰keyg對第一加密訊息M12進行解密,而還原成對應之第一訊息M1(即群組訊息),因而讓第二電子裝置30可顯示第一訊息M1,而非顯示加密之第一加密訊息M12。Referring again to Figure 4B, when the second
以上實施例,為第二電子裝置30欲還原顯示加密群組之加密訊息,倘若為第一電子裝置20欲還原顯示加密群組之加密訊息,亦是遵循上述之步驟S310至步驟S330。In the above embodiment, the second
此外,第一電子裝置20與第二電子裝置30未登錄於金鑰清單12時,第一電子裝置20與第二電子裝置30無法對所發出之群組訊息加密或無法對加密訊息進行解密,因此,當第一電子裝置20與第二電子裝置30未登錄於金鑰清單12時,即顯示加密群組中的訊息皆為經加密之群組訊息,而顯示成無法辨識之亂碼。In addition, when the first
以下實施例為進一步說明通訊群組伺服器40與資料伺服器10結合成多功能伺服器50,且第一電子裝置20與第二電子裝置30分別以第一帳號A1與第二帳號A2登入多功能伺服器,第一電子裝置20之使用者更換電子裝置,以重新加入加密群組50A,並重新握有第一電子裝置20相關金鑰之說明。The following embodiment is to further illustrate that the
請參閱第8A圖與第8B圖,其為本發明之更換第一電子裝置至第三電子裝置之流程圖。如圖所式,本發明之傳遞訊息之方法進一步包含更換第一電子裝置之步驟流程,其步驟包含:Please refer to FIG. 8A and FIG. 8B, which are the flowcharts of replacing the first electronic device to the third electronic device of the present invention. As shown in the figure, the method of transmitting messages of the present invention further includes a step flow of replacing the first electronic device, and the steps include:
步驟S410: 第一電子裝置依據第一帳號向資料伺服器下載第一加密金鑰;Step S410: The first electronic device downloads the first encryption key to the data server according to the first account;
步驟S420: 第一電子裝置依據第一裝置金鑰解密第一加密金鑰,以取得群組金鑰;Step S420: The first electronic device decrypts the first encryption key according to the first device key to obtain the group key;
步驟S430: 第一電子裝置依據群組金鑰加密第一訊息,以產生第一加密訊息;Step S430: The first electronic device encrypts the first message according to the group key to generate the first encrypted message;
步驟S440: 第一電子裝置依據第一帳號上傳第一加密訊息至通訊群組伺服器;Step S440: The first electronic device uploads the first encrypted message to the communication group server according to the first account;
步驟S450: 第二電子裝置依據第二帳號自該資料伺服器下載第二加密金鑰並向通訊群組伺服器下載第一加密訊息;Step S450: The second electronic device downloads the second encryption key from the data server according to the second account and downloads the first encrypted message to the communication group server;
步驟S460: 第二電子裝置依據第二裝置金鑰解密第二加密金鑰,以取得群組金鑰;Step S460: The second electronic device decrypts the second encryption key according to the second device key to obtain the group key;
步驟S470: 第二電子裝置依據群組金鑰解密第加密訊息,以在第二電子裝置還原成第一訊息;Step S470: The second electronic device decrypts the encrypted message according to the group key to restore the first message on the second electronic device;
步驟S480: 第二電子裝置依據第一訊息產生第二訊息;Step S480: The second electronic device generates a second message according to the first message;
步驟S490: 第二電子裝置依據第二裝置金鑰與第二加密金鑰所得之群組金鑰加密第二訊息,以產生第二加密訊息;Step S490: The second electronic device encrypts the second message according to the group key obtained from the second device key and the second encryption key to generate a second encrypted message;
步驟S500: 第二電子裝置依據第二帳號上傳第二加密訊息至通訊群組伺服器;Step S500: The second electronic device uploads the second encrypted message to the communication group server according to the second account;
步驟S510: 第一電子裝置自通訊群組伺服器下載第二加密訊息;Step S510: The first electronic device downloads the second encrypted message from the communication group server;
步驟S520: 第一電子裝置依據第一裝置金鑰與第一加密金鑰所得之群組金鑰解密該第二加密訊息,以在第一電子裝置內還原成第二訊息;Step S520: The first electronic device decrypts the second encrypted message according to the group key obtained by the first device key and the first encryption key to restore the second message in the first electronic device;
步驟S530:第一電子裝置依據加密群組取得第一條碼並暫存加密群組對應之第一裝置金鑰與第一公開金鑰於伺服器;Step S530: The first electronic device obtains the first barcode according to the encryption group and temporarily stores the first device key and the first public key corresponding to the encryption group in the server;
步驟S540: 第三電子裝置依據第一條碼取得授權資訊並加入加密群組;Step S540: The third electronic device obtains authorization information according to the first barcode and joins the encryption group;
步驟S550: 第三電子裝置依據授權資訊自伺服器下載並還原第一裝置金鑰與第一公開金鑰;以及Step S550: The third electronic device downloads and restores the first device key and the first public key from the server according to the authorization information; and
步驟S560: 第三電子裝置依據加密群組加密第一公開金鑰,以產生第一加密金鑰並記錄第三電子裝置與第一加密金鑰於伺服器。Step S560: The third electronic device encrypts the first public key according to the encryption group to generate a first encryption key and records the third electronic device and the first encryption key on the server.
請一併參閱第9圖至第12圖,其為本發明之另一實施例之系統示意圖。第2圖至第4B圖與第9圖至第12圖之差異在於第9圖至第12圖進一步包含一第三電子裝置60。Please also refer to FIGS. 9 to 12, which are system diagrams of another embodiment of the present invention. The difference between FIGS. 2 to 4B and FIGS. 9 to 12 is that FIGS. 9 to 12 further include a third
於步驟S410至步驟S520,已於上述實施例之步驟S10至步驟S120中揭示,因此不再贅述,由於第一電子裝置20於發出第一加密訊息M12後,第一電子裝置20之使用者將更換成使用第三電子裝置60,因此接續於步驟S530中,如第9圖所示,先由第一電子裝置10向加密群組50A取得一轉移用途之第一條碼QR1,同時第一電子裝置20將會暫存加解密用途之第一裝置金鑰22與第一公開金鑰24至多功能伺服器50,其中第一電子裝置20為進一步對第一裝置金鑰22與第一公開金鑰24進行加密,因而產生對應之一第一加密資料D1,藉此讓多功能伺服器50不會辨識第一裝置金鑰22與第一公開金鑰24,因而避免伺服器端洩密的問題。Steps S410 to S520 have been disclosed in steps S10 to S120 of the above-mentioned embodiment, so they will not be repeated. Since the first
於步驟S540中,如第15圖所示,第三電子裝置60為針對第一條碼QR1進行讀取,例如:利用內建相機擷取第一條碼QR1之影像,因而獲得暫時性第三裝置金鑰62與第三公開金鑰64並加入加密群組50A,因而將第三公開金鑰64加密,以產生一第三加密金鑰key3並上傳至金鑰清單12,也就是暫時授權第三電子裝置60使用對應於加密群組50A之加解密;接續於步驟S550中,如第16圖所示,第三電子裝置60從多功能伺服器50下載暫存之第一加密資料D1,第三電子裝置60針對第一加密資料D1進行解密,以還原出第一裝置金鑰22與第一公開金鑰24於第三電子裝置60中,後在步驟S560中,將解開後之第一公開金鑰24進行加密,因而產生對應第三電子裝置60之第一加密金鑰key1,並上傳至多功能伺服器50之金鑰清單12。如此在金鑰清單12中,第一加密金鑰key1改以對應於第三電子裝置60,其中,由於第三電子裝置60為取代第一電子裝置20作為加密群組50A之管理者,因此步驟S560中,由第三電子裝置60已經獲得完整的第一裝置金鑰22與第一公開金鑰24的非對稱加密金鑰,因此可直接進行加密處理。In step S540, as shown in FIG. 15, the third
請參閱第13A圖與第13B圖,其為更換第二電子裝置至第四電子裝置之流程圖。如圖所式,本發明之傳遞訊息之方法進一步包含更換第二電子裝置之步驟流程,其步驟包含:Please refer to FIG. 13A and FIG. 13B, which are flowcharts of replacing the second electronic device to the fourth electronic device. As shown in the figure, the method of transmitting messages of the present invention further includes a step flow of replacing the second electronic device, and the steps include:
步驟S610:第一電子裝置依據第一帳號向資料伺服器下載第一加密金鑰;Step S610: The first electronic device downloads the first encryption key to the data server according to the first account;
步驟S620: 第一電子裝置依據第一裝置金鑰解密第一加密金鑰,以取得群組金鑰;Step S620: The first electronic device decrypts the first encryption key according to the first device key to obtain the group key;
步驟S630: 第一電子裝置依據群組金鑰加密第一訊息,以產生第一加密訊息;Step S630: The first electronic device encrypts the first message according to the group key to generate the first encrypted message;
步驟S640: 第一電子裝置依據第一帳號上傳第一加密訊息至通訊群組伺服器;Step S640: The first electronic device uploads the first encrypted message to the communication group server according to the first account;
步驟S650: 第二電子裝置依據第二帳號自該資料伺服器下載第二加密金鑰並向通訊群組伺服器下載第一加密訊息;Step S650: The second electronic device downloads the second encryption key from the data server according to the second account and downloads the first encrypted message to the communication group server;
步驟S660: 第二電子裝置依據第二裝置金鑰解密第二加密金鑰,以取得群組金鑰;Step S660: The second electronic device decrypts the second encryption key according to the second device key to obtain the group key;
步驟S670: 第二電子裝置依據群組金鑰解密第加密訊息,以在第二電子裝置還原成第一訊息Step S670: The second electronic device decrypts the encrypted message according to the group key to restore the first message on the second electronic device
步驟S680: 第二電子裝置依據第一訊息產生第二訊息;Step S680: The second electronic device generates a second message according to the first message;
步驟690: 第二電子裝置依據第二裝置金鑰與第二加密金鑰所得之群組金鑰加密該第二訊息,以產生第二加密訊息;Step 690: The second electronic device encrypts the second message according to the group key obtained from the second device key and the second encryption key to generate a second encrypted message;
步驟S700: 第二電子裝置依據第二帳號上傳第二加密訊息至通訊群組伺服器;Step S700: The second electronic device uploads the second encrypted message to the communication group server according to the second account;
步驟S710: 第一電子裝置自通訊群組伺服器下載第二加密訊息;Step S710: The first electronic device downloads the second encrypted message from the communication group server;
步驟S720: 第一電子裝置依據第一裝置金鑰與第一加密金鑰所得之群組金鑰解密該第二加密訊息,以在第一電子裝置內還原成第二訊息;Step S720: The first electronic device decrypts the second encrypted message according to the group key obtained from the first device key and the first encryption key to restore the second message in the first electronic device;
步驟S730:第二電子裝置依據加密群組取得第二條碼並暫存加密群組對應之第二裝置金鑰與第二公開金鑰於伺服器;Step S730: The second electronic device obtains the second barcode according to the encryption group and temporarily stores the second device key and the second public key corresponding to the encryption group in the server;
步驟S740: 第四電子裝置依據第二條碼取得授權資訊並加入加密群組;Step S740: The fourth electronic device obtains authorization information according to the second barcode and joins the encryption group;
步驟S750: 第四電子裝置依據授權資訊自伺服器下載並還原第二裝置金鑰與第二公開金鑰;以及Step S750: The fourth electronic device downloads and restores the second device key and the second public key from the server according to the authorization information; and
步驟S760: 第四電子裝置依據加密群組加密第二公開金鑰,以產生第二加密金鑰並記錄第四電子裝置與第二加密金鑰於伺服器。Step S760: The fourth electronic device encrypts the second public key according to the encryption group to generate a second encryption key and records the fourth electronic device and the second encryption key on the server.
請一併參閱第14圖至第17圖,其為本發明之另一實施例之系統示意圖。其中第9圖至第12圖與第14圖至第17圖之差異在於第9圖至第12圖更換第一電子裝置20為第三電子裝置60,第14圖至第17圖更換第二電子裝置30為第四電子裝置70。Please refer to FIG. 14 to FIG. 17 together, which are schematic diagrams of a system according to another embodiment of the present invention. The difference between Figures 9 to 12 and Figures 14 to 17 is that Figures 9 to 12 replace the first
於步驟S610至步驟S720,已於上述實施例之步驟S10至步驟S120中揭示,因此不再贅述,由於第二電子裝置30於解密第一加密訊息M12並顯示後,第二電子裝置30之使用者將更換成使用第四電子裝置70,因此接續於步驟S730中,先由第二電子裝置30向加密群組50A取得一轉移用途之第二條碼QR2,同時第二電子裝置30將會暫存加解密用途之第二裝置金鑰32與第二公開金鑰34至多功能伺服器50,其中第二電子裝置30為進一步對第二裝置金鑰32與第二公開金鑰34進行加密,因而產生對應之一第二加密資料D2,藉此讓多功能伺服器50不會辨識第二裝置金鑰32與第二公開金鑰34,因而避免伺服器端洩密的問題。Steps S610 to S720 have been disclosed in steps S10 to S120 of the above-mentioned embodiment, so they will not be repeated. Since the second
於步驟S740中,第四電子裝置70為針對第二條碼QR2進行讀取,例如:利用內建相機擷取第二條碼QR2之影像,因而獲得暫時性第四裝置金鑰72與第四公開金鑰74並加入加密群組50A,因而將第四公開金鑰74加密並上傳至金鑰清單12,也就是暫時授權第四電子裝置70使用對應於加密群組50A之加解密;接續於步驟S750中,第四電子裝置70從多功能伺服器50下載暫存之第二加密資料D2,第四電子裝置70針對第二加密資料D2進行解密,以還原出第二裝置金鑰32與第二公開金鑰34於第四電子裝置70中,後在步驟S760中,將解開後之第二公開金鑰34進行加密,因而產生對應第四電子裝置70之第二加密金鑰key2,並上傳至多功能伺服器50之金鑰清單12。如此在金鑰清單12中,第二加密金鑰key2改以對應於第四電子裝置70,其中由於第二電子裝置30本身非加密群組50A之管理者,因此第四電子裝置70於取代第二電子裝置30加入加密群組50A後,第四電子裝置70於第二公開金鑰34加密為第二加密金鑰key2時,仍需由第一電子裝置20進行金鑰加密。In step S740, the fourth
綜上所述,本發明之加、解密群組訊息及傳遞訊息之方法為依據電子裝置於進入加密群組後,由群組之管理者接收來自其他電子裝置之公開金鑰並加密,以供伺服器建立對應之金鑰清單,因而讓伺服器無法對公開金鑰讀取或辨識,如此單純由電子裝置進行群組資訊之加解密。進一步地,電子裝置更可藉由本發明之加密原則進行加密,以應用於使用者更換電子裝置。In summary, the method of encrypting and decrypting group messages and transmitting messages of the present invention is based on the fact that after the electronic device enters the encryption group, the group manager receives the public key from other electronic devices and encrypts it for The server creates a list of corresponding keys, so that the server cannot read or recognize the public key, so that the electronic device only encrypts and decrypts the group information. Furthermore, the electronic device can be encrypted by the encryption principle of the present invention to be applied to the user to replace the electronic device.
故本發明實為一具有新穎性、進步性及可供產業上利用者,應符合我國專利法專利申請要件無疑,爰依法提出發明專利申請,祈 鈞局早日賜准專利,至感為禱。Therefore, the present invention is really novel, progressive, and available for industrial use. It should meet the patent application requirements of my country's patent law. Undoubtedly, I filed an invention patent application in accordance with the law. I pray that the Bureau will grant the patent as soon as possible.
惟以上所述者,僅為本發明之較佳實施例而已,並非用來限定本發明實施之範圍,舉凡依本發明申請專利範圍所述之形狀、構造、特徵及精神所為之均等變化與修飾,均應包括於本發明之申請專利範圍內。However, the above are only the preferred embodiments of the present invention, and are not used to limit the scope of implementation of the present invention. For example, the shapes, structures, features and spirits described in the scope of the patent application of the present invention are equally changed and modified. , Should be included in the scope of patent application of the present invention.
1:群組系統
2:群組系統
10:資料伺服器
12:金鑰清單
20:第一電子裝置
22:第一裝置金鑰
24:第一公開金鑰
30:第二電子裝置
32:第二裝置金鑰
34:第二公開金鑰
40:通訊群組伺服器
40A:加密群組
50:多功能伺服器
50A:加密群組
60:第三電子裝置
62:第三裝置金鑰
64:第三公開金鑰
70:第四電子裝置
72:第四裝置金鑰
74:第四公開金鑰
D1:第一加密資料
D2:第二加密資料
device1:第一代碼
device2:第二代碼
key1:第一加密金鑰
key2:第二加密金鑰
keyg:群組金鑰
M1:第一訊息
M12:第一加密訊息
M2:第二訊息
M22:第二加密訊息
QR1:第一條碼
QR2:第二條碼
S10-S120:步驟
S210-S230:步驟
S310-S330:步驟
S410-S560:步驟
S610-S760:步驟
1: Group system
2: Group system
10: Data server
12: Key list
20: The first electronic device
22: The first device key
24: The first public key
30: second electronic device
32: The second device key
34: The second public key
40:
第1A圖:其為本發明之一實施例之部分流程圖; 第1B圖:其為本發明之一實施例之部分流程圖; 第2圖:其為本發明之一實施例之第一加密金鑰之系統示意圖; 第3圖:其為本發明之一實施例之第二加密金鑰之系統示意圖; 第4A圖:其為本發明之一實施例之第一電子裝置加密訊息之系統示意圖; 第4B圖:其為本發明之一實施例之第二電子裝置解密訊息之系統示意圖; 第5A圖:其為本發明之一實施例之第二電子裝置加密訊息之系統示意圖; 第5B圖:其為本發明之一實施例之第一電子裝置解密訊息之系統示意圖; 第6圖:其為本發明之加密群組訊息之流程圖; 第7圖:其為本發明之解密群組訊息之流程圖; 第8A圖:其為本發明之更換第一電子裝置至第三電子裝置之部分流程圖; 第8B圖:其為本發明之更換第一電子裝置至第三電子裝置之部分流程圖; 第9圖:其為本發明之一實施例之第一加密金鑰之系統示意圖; 第10圖:其為本發明之一實施例之第二加密金鑰之系統示意圖; 第11圖:其為本發明之一實施例之加密訊息之系統示意圖; 第12圖:其為本發明之一實施例之解密訊息之系統示意圖; 第13A圖:其為本發明之更換第二電子裝置至第四電子裝置之部分流程圖; 第13B圖:其為本發明之更換第二電子裝置至第四電子裝置之部分流程圖; 第14圖:其為本發明之一實施例之第一加密金鑰之系統示意圖; 第15圖:其為本發明之一實施例之第二加密金鑰之系統示意圖; 第16圖:其為本發明之一實施例之加密訊息之系統示意圖;以及 第17圖:其為本發明之一實施例之解密訊息之系統示意圖。 Figure 1A: It is a partial flowchart of an embodiment of the present invention; Figure 1B: It is a partial flowchart of an embodiment of the present invention; Figure 2: It is a system diagram of the first encryption key in an embodiment of the present invention; Figure 3: It is a schematic diagram of the system of the second encryption key according to an embodiment of the present invention; Figure 4A: It is a schematic diagram of a system for encrypting messages with a first electronic device according to an embodiment of the present invention; Figure 4B: It is a schematic diagram of a system for decrypting messages by a second electronic device according to an embodiment of the present invention; Figure 5A: It is a schematic diagram of a system for encrypting messages with a second electronic device according to an embodiment of the present invention; Figure 5B: It is a schematic diagram of a system for decrypting messages by the first electronic device according to an embodiment of the present invention; Figure 6: It is a flowchart of the encrypted group message of the present invention; Figure 7: It is a flow chart of decrypting group messages of the present invention; Figure 8A: It is a partial flowchart of the replacement of the first electronic device to the third electronic device of the present invention; Figure 8B: It is a partial flowchart of the replacement of the first electronic device to the third electronic device of the present invention; Figure 9: It is a system diagram of the first encryption key in an embodiment of the present invention; Figure 10: It is a schematic diagram of a second encryption key system according to an embodiment of the present invention; Figure 11: It is a schematic diagram of an encrypted message system according to an embodiment of the present invention; Figure 12: It is a schematic diagram of a system for decrypting messages according to an embodiment of the present invention; Figure 13A: It is a partial flowchart of the replacement of the second electronic device to the fourth electronic device of the present invention; Figure 13B: It is a partial flowchart of the replacement of the second electronic device to the fourth electronic device of the present invention; Figure 14: It is a system diagram of the first encryption key according to an embodiment of the present invention; Figure 15: It is a schematic diagram of a second encryption key system according to an embodiment of the present invention; Figure 16: It is a schematic diagram of an encrypted message system according to an embodiment of the present invention; and Figure 17: It is a schematic diagram of a system for decrypting messages according to an embodiment of the present invention.
S10-S120:步驟 S10-S120: steps
Claims (15)
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW108133623A TWI712307B (en) | 2019-09-18 | 2019-09-18 | Methods for encrypting and decrypting the group message and transporting the encrypted group message |
| CN202010445012.0A CN112532571A (en) | 2019-09-18 | 2020-05-23 | Method for encrypting and decrypting group message and transmitting message |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW108133623A TWI712307B (en) | 2019-09-18 | 2019-09-18 | Methods for encrypting and decrypting the group message and transporting the encrypted group message |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| TWI712307B true TWI712307B (en) | 2020-12-01 |
| TW202114373A TW202114373A (en) | 2021-04-01 |
Family
ID=74670136
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| TW108133623A TWI712307B (en) | 2019-09-18 | 2019-09-18 | Methods for encrypting and decrypting the group message and transporting the encrypted group message |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN112532571A (en) |
| TW (1) | TWI712307B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TW200409515A (en) * | 2002-11-26 | 2004-06-01 | Matsushita Electric Ind Co Ltd | Data encryption and decryption method and apparatus |
| US9419951B1 (en) * | 2001-03-23 | 2016-08-16 | St. Luke Technologies, Llc | System and method for secure three-party communications |
| TWM575897U (en) * | 2018-11-27 | 2019-03-21 | 遊戲橘子數位科技股份有限公司 | Emergency reporting and communication system |
| TWI689191B (en) * | 2019-01-31 | 2020-03-21 | 遊戲橘子數位科技股份有限公司 | Clone game account establishing method and system thereof |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2013022651A1 (en) * | 2011-08-08 | 2013-02-14 | Marvell World Trade Ltd. | Key derivative function for network communications |
| CN104917787B (en) * | 2014-03-11 | 2018-10-23 | 中国电信股份有限公司 | File security sharing method based on group key and system |
| CN104734847B (en) * | 2015-04-21 | 2018-01-19 | 武汉理工大学 | Towards the shared symmetric key data encryption and decryption method of public key cryptography application |
| CN106850195B (en) * | 2016-04-18 | 2020-05-19 | 中国科学院信息工程研究所 | Group key negotiation and communication method in instant communication |
| CN108155987A (en) * | 2017-12-22 | 2018-06-12 | 中国联合网络通信集团有限公司 | Group message sending method, method of reseptance and its system and communicating terminal |
-
2019
- 2019-09-18 TW TW108133623A patent/TWI712307B/en active
-
2020
- 2020-05-23 CN CN202010445012.0A patent/CN112532571A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9419951B1 (en) * | 2001-03-23 | 2016-08-16 | St. Luke Technologies, Llc | System and method for secure three-party communications |
| TW200409515A (en) * | 2002-11-26 | 2004-06-01 | Matsushita Electric Ind Co Ltd | Data encryption and decryption method and apparatus |
| TWI224456B (en) * | 2002-11-26 | 2004-11-21 | Matsushita Electric Ind Co Ltd | Data encryption and decryption method and apparatus |
| TWM575897U (en) * | 2018-11-27 | 2019-03-21 | 遊戲橘子數位科技股份有限公司 | Emergency reporting and communication system |
| TWI689191B (en) * | 2019-01-31 | 2020-03-21 | 遊戲橘子數位科技股份有限公司 | Clone game account establishing method and system thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| TW202114373A (en) | 2021-04-01 |
| CN112532571A (en) | 2021-03-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10659454B2 (en) | Service authorization using auxiliary device | |
| US9590949B2 (en) | Confidential message exchange using benign, context-aware cover message generation | |
| US10242217B1 (en) | Secure file transfer | |
| JP7133285B2 (en) | User terminal, method and computer program for sending and receiving messages | |
| US9225538B2 (en) | Stateless application notifications | |
| CN102427442B (en) | Combining request-dependent metadata with media content | |
| US9485096B2 (en) | Encryption / decryption of data with non-persistent, non-shared passkey | |
| US20160080149A1 (en) | Secure Key Management for Roaming Protected Content | |
| WO2008030184A1 (en) | Improved authentication system | |
| US20170288870A1 (en) | Methods and systems of securing and retrieving secret information | |
| JP2011176435A (en) | Secret key sharing system, method, data processor, management server, and program | |
| JP6528856B2 (en) | Control system, communication control method, and program | |
| EP3282670A1 (en) | Maintaining data security in a network device | |
| KR101541165B1 (en) | Mobile message encryption method, computer readable recording medium recording program performing the method and download server storing the method | |
| US9049025B1 (en) | Method of decrypting encrypted information for unsecure phone | |
| TWI712307B (en) | Methods for encrypting and decrypting the group message and transporting the encrypted group message | |
| WO2021237388A1 (en) | Methods for encrypting and decrypting group message, and method for transmitting message | |
| US10205599B2 (en) | Methods and systems of increasing security quality of computing-device communications | |
| KR101933444B1 (en) | Message server | |
| US20240160790A1 (en) | Distributed Computing System for Secure Document Routing | |
| KR20180017979A (en) | Messaging server and method for providing chatting service, terminal apparatus and method for using chatting service | |
| CN117294458A (en) | Encryption type multimedia information management system and implementation method thereof |