TWI806724B - System and method for determining key - Google Patents

System and method for determining key Download PDF

Info

Publication number
TWI806724B
TWI806724B TW111128902A TW111128902A TWI806724B TW I806724 B TWI806724 B TW I806724B TW 111128902 A TW111128902 A TW 111128902A TW 111128902 A TW111128902 A TW 111128902A TW I806724 B TWI806724 B TW I806724B
Authority
TW
Taiwan
Prior art keywords
key
initiator
receiving end
receiver
key factor
Prior art date
Application number
TW111128902A
Other languages
Chinese (zh)
Other versions
TW202408200A (en
Inventor
賴昌祈
張明信
劉政鋼
吳錦松
Original Assignee
中華電信股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中華電信股份有限公司 filed Critical 中華電信股份有限公司
Priority to TW111128902A priority Critical patent/TWI806724B/en
Application granted granted Critical
Publication of TWI806724B publication Critical patent/TWI806724B/en
Publication of TW202408200A publication Critical patent/TW202408200A/en

Links

Images

Landscapes

  • Mobile Radio Communication Systems (AREA)
  • Circuits Of Receivers In General (AREA)

Abstract

A system and a method for determining a key is provided. The method includes: transmitting, by an initiator device, an initiator-key-factor to a receiver device; transmitting, by the receiver device, a receiver-key-factor to the initiator device; and calculating, by the initiator device, a negotiation key using the receiver-key-factor, and calculating, by the receiver device, the negotiation key using the initiator-key-factor.

Description

用於決定金鑰的系統及方法System and method for determining keys

本發明是有關於一種用於決定金鑰的系統及方法。The present invention relates to a system and method for determining a key.

目前,決定(協商)金鑰的方法通常需要在加密的通訊下才能執行。舉例來說,若多個設備需要進行群組通話,則發起端設備需要與各接收端設備建立秘密通道,才能進行金鑰的決定/協商。此種作法效率較低。Currently, methods of determining (negotiating) keys usually require encrypted communication to be performed. For example, if multiple devices need to conduct a group call, the originating device needs to establish a secret channel with each receiving device to determine/negotiate the key. This approach is less efficient.

本發明提供一種用於決定金鑰的系統及方法,可提高金鑰的安全性以及決定金鑰的效率。The invention provides a system and method for determining a key, which can improve the security of the key and the efficiency of determining the key.

本發明的用於決定金鑰的系統包括發起端設備以及接收端設備。接收端設備通訊連接至發起端設備,其中發起端設備傳送發起端金鑰因子至接收端設備;接收端設備傳送接收端金鑰因子至發起端設備;發起端設備利用接收端金鑰因子計算出協商金鑰,並且接收端設備利用發起端金鑰因子計算出協商金鑰。The system for determining a key of the present invention includes an initiator device and a receiver device. The receiver device communicates with the initiator device, where the initiator device transmits the initiator key factor to the receiver device; the receiver device transmits the receiver key factor to the initiator device; the initiator device uses the receiver key factor to calculate A key is negotiated, and the receiving end device calculates the negotiation key by using the key factor of the initiator.

本發明的用於決定金鑰的方法包括:由發起端設備傳送發起端金鑰因子至接收端設備;由接收端設備傳送接收端金鑰因子至發起端設備;以及由發起端設備利用接收端金鑰因子計算出協商金鑰,並且由接收端設備利用所述發起端金鑰因子計算出協商金鑰。The method for determining the key of the present invention includes: the initiator device transmits the initiator key factor to the receiver device; the receiver device transmits the receiver key factor to the initiator device; and the initiator device utilizes the receiver The key factor calculates the negotiation key, and the receiving end device calculates the negotiation key by using the initiator key factor.

為讓本發明的上述特徵和優點能更明顯易懂,下文特舉實施例,並配合所附圖式作詳細說明如下。In order to make the above-mentioned features and advantages of the present invention more comprehensible, the following specific embodiments are described in detail together with the accompanying drawings.

圖1是根據本發明的一實施例繪示的一種用於決定金鑰的系統100的示意圖。在本實施例中,系統100可以是基於網際網路協定的語音傳輸(VoIP,Voice Over Internet Protocol)的系統。系統100可包括發起端設備110以及接收端設備120。詳細而言,接收端設備120可包括接收端設備120a、接收端設備120b、接收端設備120c、…直到接收端設備120n。接收端設備120(即,接收端設備120a、接收端設備120b、接收端設備120c、…直到接收端設備120n)可(分別)通訊連接至發起端設備110。例如,接收端設備120可利用傳輸控制協定/網際網路協定(TCP/IP)連接至發起端設備110。進一步而言,系統100可包括群組會議控制設備130。群組會議控制設備130例如是對話啟動協定代理伺服器(SIP Proxy Server,Session Initiation Protocol Proxy Server)。接收端設備120(即,接收端設備120a、接收端設備120b、接收端設備120c、…直到接收端設備120n)可通過群組會議控制設備130以(分別)通訊連接至發起端設備110。FIG. 1 is a schematic diagram of a system 100 for determining a key according to an embodiment of the present invention. In this embodiment, the system 100 may be a Voice Over Internet Protocol (VoIP, Voice Over Internet Protocol) system. The system 100 may include an initiator device 110 and a receiver device 120 . In detail, the receiving-end device 120 may include a receiving-end device 120a, a receiving-end device 120b, a receiving-end device 120c, ... until a receiving-end device 120n. The receiving-end devices 120 (ie, the receiving-end device 120 a , the receiving-end device 120 b , the receiving-end device 120 c , . . . up to the receiving-end device 120 n ) can be (respectively) communicatively connected to the initiating-end device 110 . For example, the receiver device 120 can connect to the initiator device 110 using Transmission Control Protocol/Internet Protocol (TCP/IP). Further, the system 100 may include a group conference control device 130 . The group conference control device 130 is, for example, a Session Initiation Protocol Proxy Server (SIP Proxy Server, Session Initiation Protocol Proxy Server). The receiving-end devices 120 (ie, the receiving-end device 120 a , the receiving-end device 120 b , the receiving-end device 120 c , . . . until the receiving-end device 120 n ) can be (respectively) communicatively connected to the initiator device 110 through the group conference control device 130 .

發起端設備110(或接收端設備120或群組會議控制設備130)具有處理單元(如:處理器但不限於此)、通訊單元(如:各類通訊晶片、藍芽晶片、WiFi晶片等但不限於此)及儲存單元(如:可移動隨機存取記憶體、快閃記憶體、硬碟等但不限於此)等運行發起端設備110(或接收端設備120或群組會議控制設備130)的必要構件。The initiator device 110 (or the receiver device 120 or the group meeting control device 130) has a processing unit (such as: a processor but not limited to this), a communication unit (such as: various communication chips, Bluetooth chips, WiFi chips, etc. but Not limited to this) and storage unit (such as: removable random access memory, flash memory, hard disk, etc. but not limited to this), etc. to run the initiator device 110 (or the receiver device 120 or the group conference control device 130 ) necessary components.

在本實施例中,發起端設備110可儲存質數(Prime Number)

Figure 02_image001
。質數
Figure 02_image001
例如是大數值的質數。質數
Figure 02_image001
的用途將於後續說明。 In this embodiment, the initiator device 110 can store a prime number (Prime Number)
Figure 02_image001
. prime number
Figure 02_image001
For example, a prime number with a large value. prime number
Figure 02_image001
The use of will be explained later.

圖2是根據本發明的一實施例繪示的用於決定金鑰的方法的信令圖。在此需先說明的是,如圖1所示,由於接收端設備120(即,接收端設備120a、接收端設備120b、接收端設備120c、…直到接收端設備120n)是通過群組會議控制設備130以(分別)通訊連接至發起端設備110,為了方便說明,圖2的各步驟並未繪示群組會議控制設備130。換言之,圖2所示的各步驟中,發起端設備110是經由群組會議控制設備130以與接收端設備120a互相傳送或者接收訊息、發起端設備110是經由群組會議控制設備130以與接收端設備120b互相傳送或者接收訊息、…直到發起端設備110是經由群組會議控制設備130以與接收端設備120n互相傳送或者接收訊息。FIG. 2 is a signaling diagram illustrating a method for determining a key according to an embodiment of the present invention. What needs to be explained here is that, as shown in FIG. 1 , since the receiving end device 120 (that is, the receiving end device 120a, the receiving end device 120b, the receiving end device 120c, ... until the receiving end device 120n) is controlled by the group conference The devices 130 are (respectively) connected to the initiating device 110 through communication. For convenience of description, the steps in FIG. 2 do not show the group conference control device 130 . In other words, in each step shown in FIG. 2 , the initiator device 110 transmits or receives messages with the receiver device 120 a through the group conference control device 130 , and the initiator device 110 communicates with the receiver device 120 a through the group conference control device 130 . The terminal devices 120b transmit or receive messages with each other, .

請參照圖2。當發起端設備110欲發起金鑰的協商時(例如,當發起端設備110欲發起SIP通話時),在步驟S201中,發起端設備110可利用質數

Figure 02_image001
獲得原根(Primitive Root)
Figure 02_image003
。詳細而言,發起端設備110可產生以質數
Figure 02_image001
為除數模數(Modulo)運算的原根
Figure 02_image003
。接著,發起端設備110可傳送群組金鑰協商邀請訊息(圖2未繪示)至接收端設備120a、接收端設備120b、接收端設備120c、…直到接收端設備120n,以邀請此些接收端設備加入金鑰的協商。在此假設接收端設備120a傳送了群組金鑰協商參與請求(圖2未繪示)至發起端設備110(即,接收端設備120a欲參與金鑰的協商)。發起端設備110可利用原根
Figure 02_image003
以及發起端質數
Figure 02_image005
計算出發起端金鑰因子
Figure 02_image007
,其中發起端質數
Figure 02_image005
小於質數
Figure 02_image001
。詳細而言,發起端設備110可從小於質數
Figure 02_image001
的各質數中,選出(例如,隨機選出)發起端質數
Figure 02_image005
,並且根據下述公式1計算出發起端金鑰因子
Figure 02_image009
Figure 02_image011
…  (公式1) Please refer to Figure 2. When the initiator device 110 intends to initiate key negotiation (for example, when the initiator device 110 intends to initiate a SIP call), in step S201, the initiator device 110 can use the prime number
Figure 02_image001
Get Primitive Root
Figure 02_image003
. In detail, the initiator device 110 can generate a prime number
Figure 02_image001
is the original root of the divisor modulo (Modulo) operation
Figure 02_image003
. Then, the initiator device 110 can send a group key negotiation invitation message (not shown in FIG. 2 ) to the receiver device 120a, the receiver device 120b, the receiver device 120c, ... until the receiver device 120n, to invite these recipients The end device joins the negotiation of the key. Here, it is assumed that the receiver device 120a sends a group key negotiation participation request (not shown in FIG. 2 ) to the initiator device 110 (ie, the receiver device 120a wants to participate in the key negotiation). Initiator device 110 may utilize the original root
Figure 02_image003
and the initiator prime
Figure 02_image005
Calculate the initiator key factor
Figure 02_image007
, where the initiator prime
Figure 02_image005
less than a prime number
Figure 02_image001
. In detail, the initiator device 110 can start from a prime number less than
Figure 02_image001
Among the prime numbers of , select (for example, randomly select) the initiator prime number
Figure 02_image005
, and calculate the initiator key factor according to the following formula 1
Figure 02_image009
.
Figure 02_image011
… (Formula 1)

在步驟S202中,發起端設備110可傳送質數

Figure 02_image001
、原根
Figure 02_image003
以及發起端金鑰因子
Figure 02_image009
至接收端設備120a。 In step S202, the initiator device 110 can transmit the prime number
Figure 02_image001
, original root
Figure 02_image003
and the initiator key factor
Figure 02_image009
to the receiver device 120a.

在步驟S203中,接收端設備120a可利用原根

Figure 02_image003
以及接收端質數
Figure 02_image013
計算出接收端金鑰因子
Figure 02_image015
,其中接收端質數
Figure 02_image013
小於質數
Figure 02_image001
。詳細而言,接收端設備120a可從小於質數
Figure 02_image001
的各質數中,選出(例如,隨機選出)接收端質數
Figure 02_image013
,並且根據下述公式2計算出接收端金鑰因子
Figure 02_image015
Figure 02_image017
…  (公式2) In step S203, the receiver device 120a can use the original root
Figure 02_image003
and the receiving prime
Figure 02_image013
Calculate the receiving end key factor
Figure 02_image015
, where the prime number at the receiving end
Figure 02_image013
less than a prime number
Figure 02_image001
. In detail, the receiver device 120a can start from less than a prime number
Figure 02_image001
Among the prime numbers in , select (for example, randomly select) the prime numbers at the receiving end
Figure 02_image013
, and calculate the receiving end key factor according to the following formula 2
Figure 02_image015
.
Figure 02_image017
… (Formula 2)

在步驟S204中,接收端設備120a可傳送接收端金鑰因子

Figure 02_image015
至發起端設備110。 In step S204, the receiver device 120a may transmit the receiver key factor
Figure 02_image015
to the initiator device 110.

在步驟S205中,發起端設備110可利用接收端金鑰因子

Figure 02_image015
計算出協商金鑰
Figure 02_image019
。具體而言,發起端設備110可利用接收端金鑰因子
Figure 02_image015
以及發起端質數
Figure 02_image005
,以根據下述公式3計算出協商金鑰
Figure 02_image021
Figure 02_image023
…  (公式3) In step S205, the initiator device 110 can use the receiver key factor
Figure 02_image015
Calculate the negotiation key
Figure 02_image019
. Specifically, the initiator device 110 can use the receiver key factor
Figure 02_image015
and the initiator prime
Figure 02_image005
, to calculate the negotiation key according to the following formula 3
Figure 02_image021
.
Figure 02_image023
… (Formula 3)

在步驟S206中,接收端設備120a可利用發起端金鑰因子

Figure 02_image009
計算出協商金鑰
Figure 02_image021
。具體而言,接收端設備120a可利用發起端金鑰因子
Figure 02_image009
以及接收端質數
Figure 02_image013
,以根據下述公式4計算出協商金鑰
Figure 02_image021
Figure 02_image025
…  (公式4) In step S206, the receiver device 120a can use the initiator key factor
Figure 02_image009
Calculate the negotiation key
Figure 02_image021
. Specifically, the receiver device 120a can use the initiator key factor
Figure 02_image009
and the receiving prime
Figure 02_image013
, to calculate the negotiation key according to the following formula 4
Figure 02_image021
.
Figure 02_image025
… (Formula 4)

在此需說明的是,系統100可基於迪菲赫爾曼金鑰交換(Diffie Hellman Key Exchange)技術。因此,上述公式3以及公式4所計算出的協商金鑰

Figure 02_image021
將會是相同數值。在完成上述步驟S201~S206之後,發起端設備110以及接收端設備120a已完成金鑰的協商(亦稱,第一次金鑰協商)。例如,發起端設備110以及接收端設備120a可利用協商金鑰
Figure 02_image021
來執行SIP通話。 It should be noted here that the system 100 may be based on Diffie Hellman Key Exchange (Diffie Hellman Key Exchange) technology. Therefore, the negotiation key calculated by the above formula 3 and formula 4
Figure 02_image021
will be the same value. After the above steps S201 - S206 are completed, the initiator device 110 and the receiver device 120a have completed key negotiation (also known as the first key negotiation). For example, the initiator device 110 and the receiver device 120a can utilize the negotiated key
Figure 02_image021
to perform SIP calls.

在此假設接收端設備120b也傳送了群組金鑰協商參與請求(圖2未繪示)至發起端設備110(即,接收端設備120b也欲參與金鑰的協商)。在步驟S207中,發起端設備110可利用原根

Figure 02_image003
以及協商金鑰
Figure 02_image021
,以根據下述公式5計算出更新的發起端金鑰因子
Figure 02_image027
Figure 02_image029
…  (公式5) It is assumed here that the receiver device 120b also sends a group key negotiation participation request (not shown in FIG. 2 ) to the initiator device 110 (ie, the receiver device 120b also wants to participate in the key negotiation). In step S207, the initiator device 110 can use the original root
Figure 02_image003
and the negotiation key
Figure 02_image021
, to calculate the updated initiator key factor according to the following formula 5
Figure 02_image027
.
Figure 02_image029
… (Formula 5)

在步驟S208中,發起端設備110可傳送質數

Figure 02_image001
、原根
Figure 02_image003
以及發起端金鑰因子
Figure 02_image027
至接收端設備120b。 In step S208, the initiator device 110 can transmit the prime number
Figure 02_image001
, original root
Figure 02_image003
and the initiator key factor
Figure 02_image027
to the receiver device 120b.

在步驟S209中,接收端設備120b可利用原根

Figure 02_image003
以及接收端質數
Figure 02_image031
計算出接收端金鑰因子
Figure 02_image033
,其中接收端質數
Figure 02_image031
小於質數
Figure 02_image001
。詳細而言,接收端設備120b可從小於質數
Figure 02_image001
的各質數中,選出(例如,隨機選出)接收端質數
Figure 02_image031
,並且根據下述公式6計算出接收端金鑰因子
Figure 02_image033
Figure 02_image035
…  (公式6) In step S209, the receiver device 120b can use the original root
Figure 02_image003
and the receiving prime
Figure 02_image031
Calculate the receiving end key factor
Figure 02_image033
, where the prime number at the receiving end
Figure 02_image031
less than a prime number
Figure 02_image001
. In detail, the receiver device 120b can start from less than the prime number
Figure 02_image001
Among the prime numbers in , select (for example, randomly select) the prime numbers at the receiving end
Figure 02_image031
, and calculate the receiving end key factor according to the following formula 6
Figure 02_image033
.
Figure 02_image035
… (Formula 6)

在步驟S210中,接收端設備120b可傳送接收端金鑰因子

Figure 02_image033
至發起端設備110。 In step S210, the receiver device 120b may transmit the receiver key factor
Figure 02_image033
to the initiator device 110.

在步驟S211中,發起端設備110可利用接收端金鑰因子

Figure 02_image033
計算出(更新的)協商金鑰
Figure 02_image037
。詳細而言,發起端設備110可利用接收端金鑰因子
Figure 02_image033
以及(舊的)協商金鑰
Figure 02_image019
,以根據下述公式7計算出(更新的)協商金鑰
Figure 02_image037
Figure 02_image039
…  (公式7) In step S211, the initiator device 110 can use the receiver key factor
Figure 02_image033
Compute the (updated) negotiation key
Figure 02_image037
. In detail, the initiator device 110 can use the receiver key factor
Figure 02_image033
and the (old) negotiation key
Figure 02_image019
, to calculate the (updated) negotiation key according to the following formula 7
Figure 02_image037
.
Figure 02_image039
… (Formula 7)

在步驟S212中,接收端設備120b可利用發起端金鑰因子

Figure 02_image027
以及接收端質數
Figure 02_image031
,以根據下述公式8計算出協商金鑰
Figure 02_image037
Figure 02_image041
…  (公式8) In step S212, the receiver device 120b can use the initiator key factor
Figure 02_image027
and the receiving prime
Figure 02_image031
, to calculate the negotiation key according to the following formula 8
Figure 02_image037
.
Figure 02_image041
… (Formula 8)

在步驟S213中,發起端設備110可傳送接收端金鑰因子

Figure 02_image033
至接收端設備120a。 In step S213, the initiator device 110 may transmit the receiver key factor
Figure 02_image033
to the receiver device 120a.

在步驟S214中,接收端設備120a可將接收端金鑰因子

Figure 02_image033
做為發起端金鑰因子,以利用發起端金鑰因子
Figure 02_image033
以及(舊的)協商金鑰
Figure 02_image019
,並根據下述公式9計算出更新的協商金鑰
Figure 02_image037
Figure 02_image043
…  (公式9) In step S214, the receiver device 120a may set the receiver key factor
Figure 02_image033
As the initiator key factor to use the initiator key factor
Figure 02_image033
and the (old) negotiation key
Figure 02_image019
, and calculate the updated negotiation key according to the following formula 9
Figure 02_image037
.
Figure 02_image043
… (Formula 9)

如前述實施例所說明的,由於系統100可基於迪菲赫爾曼金鑰交換技術,上述公式7、公式8以及公式9所計算出的協商金鑰

Figure 02_image045
將會是相同數值。在完成上述步驟S207~S214之後,發起端設備110、接收端設備120a以及接收端設備120b已完成金鑰的協商(亦稱,第二次金鑰協商)。例如,發起端設備110、接收端設備120a以及接收端設備120b可利用協商金鑰
Figure 02_image045
來執行SIP通話。 As described in the foregoing embodiments, since the system 100 can be based on the Diffie-Hellman key exchange technology, the negotiation key calculated by the above formula 7, formula 8 and formula 9
Figure 02_image045
will be the same value. After completing the above steps S207 - S214 , the initiating device 110 , the receiving device 120 a and the receiving device 120 b have completed key negotiation (also known as the second key negotiation). For example, the initiator device 110, the receiver device 120a, and the receiver device 120b may utilize the negotiated key
Figure 02_image045
to perform SIP calls.

在此假設,接收端設備120c、接收端設備120d、…、直到接收端設備120n-1也如上述實施例所說明的,依序參與了金鑰的協商(即,第三次金鑰協商中計算出協商金鑰

Figure 02_image047
、第四次金鑰協商中計算出協商金鑰
Figure 02_image049
、…、直到第n-1次金鑰協商中計算出協商金鑰
Figure 02_image051
)。基此,在第n-1次金鑰協商完成之後,發起端設備110以及接收端設備120a、接收端設備120b、…、直到接收端設備120n-1都已獲得協商金鑰
Figure 02_image051
。為了方便說明,圖2並未繪示上述的第三次金鑰協商、第四次金鑰協商、…、直到第n-1次金鑰協商。 It is assumed here that the receiving end device 120c, the receiving end device 120d, ..., until the receiving end device 120n-1 also participated in the key negotiation in sequence as described in the above embodiment (that is, in the third key negotiation Calculate the negotiation key
Figure 02_image047
, Calculate the negotiation key in the fourth key negotiation
Figure 02_image049
,..., until the negotiation key is calculated in the n-1th key negotiation
Figure 02_image051
). Based on this, after the n-1th key negotiation is completed, the initiating device 110, the receiving device 120a, the receiving device 120b, ..., and the receiving device 120n-1 have all obtained the negotiation key
Figure 02_image051
. For the convenience of illustration, FIG. 2 does not show the above-mentioned third key negotiation, fourth key negotiation, . . . up to n−1th key negotiation.

在此假設接收端設備120n也傳送了群組金鑰協商參與請求(圖2未繪示)至發起端設備110(即,接收端設備120n欲參與金鑰的協商)。在步驟S215中,發起端設備110可利用原根

Figure 02_image003
以及(舊的)協商金鑰
Figure 02_image051
,以根據下述公式10計算出更新的發起端金鑰因子
Figure 02_image053
Figure 02_image055
…  (公式10) It is assumed here that the receiver device 120n also transmits a group key negotiation participation request (not shown in FIG. 2 ) to the initiator device 110 (ie, the receiver device 120n wants to participate in the key negotiation). In step S215, the initiator device 110 can use the original root
Figure 02_image003
and the (old) negotiation key
Figure 02_image051
, to calculate the updated initiator key factor according to the following formula 10
Figure 02_image053
.
Figure 02_image055
… (Formula 10)

在步驟S216中,發起端設備110可傳送質數

Figure 02_image001
、原根
Figure 02_image003
以及發起端金鑰因子
Figure 02_image053
至接收端設備120n。 In step S216, the initiator device 110 can transmit the prime number
Figure 02_image001
, original root
Figure 02_image003
and the initiator key factor
Figure 02_image053
to the receiver device 120n.

在步驟S217中,接收端設備120n可利用原根

Figure 02_image003
以及接收端質數
Figure 02_image057
計算出接收端金鑰因子
Figure 02_image059
,其中接收端質數
Figure 02_image057
小於質數
Figure 02_image001
。詳細而言,接收端設備120n可從小於質數
Figure 02_image001
的各質數中,選出(例如,隨機選出)接收端質數
Figure 02_image057
,並且根據下述公式11計算出接收端金鑰因子
Figure 02_image059
Figure 02_image061
…  (公式11) In step S217, the receiver device 120n can use the original root
Figure 02_image003
and the receiving prime
Figure 02_image057
Calculate the receiving end key factor
Figure 02_image059
, where the prime number at the receiving end
Figure 02_image057
less than a prime number
Figure 02_image001
. In detail, the receiver device 120n can be smaller than the prime number
Figure 02_image001
Among the prime numbers in , select (for example, randomly select) the prime numbers at the receiving end
Figure 02_image057
, and calculate the receiving end key factor according to the following formula 11
Figure 02_image059
.
Figure 02_image061
… (Formula 11)

在步驟S218中,接收端設備120n可傳送接收端金鑰因子

Figure 02_image059
至發起端設備110。 In step S218, the receiver device 120n may transmit the receiver key factor
Figure 02_image059
to the initiator device 110.

在步驟S219中,發起端設備110可利用接收端金鑰因子

Figure 02_image059
計算出(更新的)協商金鑰
Figure 02_image063
。詳細而言,發起端設備110可利用接收端金鑰因子
Figure 02_image059
以及(舊的)協商金鑰
Figure 02_image065
,以根據下述公式12計算出更新的協商金鑰
Figure 02_image063
Figure 02_image067
…  (公式12) In step S219, the initiator device 110 can use the receiver key factor
Figure 02_image059
Compute the (updated) negotiation key
Figure 02_image063
. In detail, the initiator device 110 can use the receiver key factor
Figure 02_image059
and the (old) negotiation key
Figure 02_image065
, to calculate the updated negotiation key according to the following formula 12
Figure 02_image063
.
Figure 02_image067
… (Formula 12)

在步驟S220中,接收端設備120n可利用發起端金鑰因子

Figure 02_image053
以及接收端質數
Figure 02_image057
,以根據下述公式13計算出協商金鑰
Figure 02_image063
Figure 02_image069
…  (公式13) In step S220, the receiver device 120n can use the initiator key factor
Figure 02_image053
and the receiving prime
Figure 02_image057
, to calculate the negotiation key according to the following formula 13
Figure 02_image063
.
Figure 02_image069
… (Formula 13)

在此需先說明的是,為了便於理解,下述步驟S221(a)為在發起端設備110以及接收端設備120a之間執行的步驟,且S222(a)為接收端設備120a執行的步驟。相似的,下述步驟S221(b)為在發起端設備110以及接收端設備120b之間執行的步驟,且S222(b)為接收端設備120b執行的步驟。依此類推,直到下述步驟S221(n-1)為在發起端設備110以及接收端設備120n-1之間執行的步驟,且S222(n-1)為接收端設備120n-1執行的步驟。進一步而言,發起端設備110可傳送接收端金鑰因子至接收端設備120a、接收端設備120b、接收端設備120c、…以及接收端設備120n-1的每一者。以下將繼續說明。It should be explained here that, for ease of understanding, the following step S221(a) is a step performed between the initiator device 110 and the receiver device 120a, and S222(a) is a step performed by the receiver device 120a. Similarly, the following step S221(b) is a step performed between the initiator device 110 and the receiver device 120b, and S222(b) is a step performed by the receiver device 120b. And so on, until the following step S221(n-1) is a step performed between the initiator device 110 and the receiver device 120n-1, and S222(n-1) is a step performed by the receiver device 120n-1 . Further, the initiator device 110 may transmit the receiving-end key factor to each of the receiving-end device 120a, the receiving-end device 120b, the receiving-end device 120c, . . . and the receiving-end device 120n-1. The description will continue below.

在步驟S221(a)中,發起端設備110可傳送接收端金鑰因子

Figure 02_image059
至接收端設備120a。 In step S221(a), the initiator device 110 may transmit the receiver key factor
Figure 02_image059
to the receiver device 120a.

在步驟S222(a)中,接收端設備120a可將接收端金鑰因子

Figure 02_image059
做為發起端金鑰因子,以利用發起端金鑰因子
Figure 02_image059
以及(舊的)協商金鑰
Figure 02_image065
,並根據下述公式14計算出更新的協商金鑰
Figure 02_image063
Figure 02_image071
…  (公式14) In step S222(a), the receiver device 120a may set the receiver key factor
Figure 02_image059
As the initiator key factor to use the initiator key factor
Figure 02_image059
and the (old) negotiation key
Figure 02_image065
, and calculate the updated negotiation key according to the following formula 14
Figure 02_image063
.
Figure 02_image071
… (Formula 14)

如圖2所示,與步驟S221(a)相似的S221(b)、S221(c)、…、直到S221(n-1)將會被執行。另外,與步驟S222(a)相同的S222(b)、S222 (c)、…、直到S222(n-1)將會被執行。例如,在步驟S221(n-1)中,發起端設備110可傳送接收端金鑰因子

Figure 02_image059
至接收端設備120n-1。此外,在步驟S222(n-1)中,相同於上述步驟S222(a),接收端設備120n-1可利用上述公式14計算出更新的協商金鑰
Figure 02_image063
。換言之,接收端設備120a、接收端設備120b、…直到接收端設備120n-1將會利用相同的方式計算出更新的協商金鑰
Figure 02_image063
。 As shown in FIG. 2, S221(b), S221(c), . . . up to S221(n-1) similar to step S221(a) will be executed. In addition, S222(b), S222(c), . . . up to S222(n-1) which are the same as step S222(a) will be executed. For example, in step S221(n-1), the initiator device 110 may transmit the receiver key factor
Figure 02_image059
to the receiver device 120n-1. In addition, in step S222(n-1), similar to the above step S222(a), the receiving end device 120n-1 can use the above formula 14 to calculate the updated negotiation key
Figure 02_image063
. In other words, the receiving end device 120a, the receiving end device 120b, ... until the receiving end device 120n-1 will use the same method to calculate the updated negotiation key
Figure 02_image063
.

如前述實施例所說明的,由於系統100可基於迪菲赫爾曼金鑰交換技術,上述公式12、公式13以及公式14所計算出的協商金鑰

Figure 02_image073
將會是相同數值。在完成上述步驟S215~S220,以及上述步驟S221(a)、步驟S222(a)、步驟S221(b)、步驟S222(b)、…、直到步驟S221(n-1)及步驟S222(n-1)之後,發起端設備110以及各接收端設備(接收端設備120a、接收端設備120b、…、接收端設備120n-1以及接收端設備120n)已完成金鑰的協商(亦稱,第n次金鑰協商)。例如,發起端設備110以及各接收端設備(接收端設備120a、接收端設備120b、…、直到接收端設備120n-1以及接收端設備120n)可利用協商金鑰
Figure 02_image073
來執行SIP通話。 As described in the foregoing embodiments, since the system 100 can be based on the Diffie-Hellman key exchange technology, the negotiation key calculated by the above formula 12, formula 13 and formula 14
Figure 02_image073
will be the same value. After completing the above steps S215~S220, and the above steps S221(a), step S222(a), step S221(b), step S222(b), ..., until step S221(n-1) and step S222(n- 1) Afterwards, the initiator device 110 and each receiver device (receiver device 120a, receiver device 120b, ..., receiver device 120n-1, and receiver device 120n) have completed key negotiation (also known as the nth secondary key negotiation). For example, the initiator device 110 and each receiver device (the receiver device 120a, the receiver device 120b, ..., until the receiver device 120n-1 and the receiver device 120n) can use the negotiation key
Figure 02_image073
to perform SIP calls.

圖3是根據本發明的一實施例繪示的一種用於決定金鑰的方法的流程圖。在步驟S301中,由發起端設備傳送發起端金鑰因子至接收端設備。在步驟S302中,由接收端設備傳送接收端金鑰因子至發起端設備。在步驟S303中,由發起端設備利用接收端金鑰因子計算出協商金鑰,並且由接收端設備利用發起端金鑰因子計算出協商金鑰。FIG. 3 is a flow chart of a method for determining a key according to an embodiment of the present invention. In step S301, the initiator device transmits the initiator key factor to the receiver device. In step S302, the receiver device transmits the receiver key factor to the initiator device. In step S303, the initiator device calculates the negotiation key by using the receiver key factor, and the receiver device calculates the negotiation key by using the initiator key factor.

綜上所述,本發明的用於決定金鑰的系統及方法可由發起端設備與各接收端設備(分別)執行金鑰協商以決定金鑰。換言之,此些金鑰協商為發起端設備與特定接收端設備之間的,點對點金鑰協商,第三方將無法獲得此金鑰,因此可提高金鑰的安全性。除此之外,本發明的用於決定金鑰的系統及方法可以不需預先建立秘密通道,從而提高了決定金鑰的效率。To sum up, in the system and method for determining the key of the present invention, the initiator device and each receiver device (respectively) perform key negotiation to determine the key. In other words, such key negotiation is a point-to-point key negotiation between the initiator device and the specific receiver device, and the third party will not be able to obtain the key, thus improving the security of the key. In addition, the system and method for determining the key of the present invention do not need to establish a secret channel in advance, thereby improving the efficiency of determining the key.

雖然本發明已以實施例揭露如上,然其並非用以限定本發明,任何所屬技術領域中具有通常知識者,在不脫離本發明的精神和範圍內,當可作些許的更動與潤飾,故本發明的保護範圍當視後附的申請專利範圍所界定者為準。Although the present invention has been disclosed above with the embodiments, it is not intended to limit the present invention. Anyone with ordinary knowledge in the technical field may make some changes and modifications without departing from the spirit and scope of the present invention. The scope of protection of the present invention should be defined by the scope of the appended patent application.

100:用於決定金鑰的系統 110:發起端設備 120a~120n:接收端設備 130:群組會議控制設備 S201~S220、S221(a)、S222(a)、S221(b)、S222(b)、S221(n-1)、S222(n-1)、S301~S303:步驟 100: The system used to determine the key 110: Initiating device 120a~120n: Receiver equipment 130: Group meeting control equipment S201~S220, S221(a), S222(a), S221(b), S222(b), S221(n-1), S222(n-1), S301~S303: steps

圖1是根據本發明的一實施例繪示的一種用於決定金鑰的系統的示意圖。 圖2是根據本發明的一實施例繪示的用於決定金鑰的方法的信令圖。 圖3是根據本發明的一實施例繪示的一種用於決定金鑰的方法的流程圖。 FIG. 1 is a schematic diagram of a system for determining a key according to an embodiment of the present invention. FIG. 2 is a signaling diagram illustrating a method for determining a key according to an embodiment of the present invention. FIG. 3 is a flow chart of a method for determining a key according to an embodiment of the present invention.

S301~S303:步驟 S301~S303: steps

Claims (9)

一種用於決定金鑰的系統,包括:發起端設備;以及接收端設備,通訊連接至所述發起端設備,其中所述發起端設備傳送發起端金鑰因子至所述接收端設備;所述接收端設備傳送接收端金鑰因子至所述發起端設備;所述發起端設備利用所述接收端金鑰因子計算出協商金鑰,並且所述接收端設備利用所述發起端金鑰因子計算出所述協商金鑰,其中所述接收端設備包括多個第一接收端設備以及第二接收端設備,其中所述第二接收端設備傳送所述接收端金鑰因子至所述發起端設備;所述發起端設備傳送所述接收端金鑰因子至所述多個第一接收端設備的每一者;所述多個第一接收端設備的每一者將所述接收端金鑰因子做為所述發起端金鑰因子,以利用所述發起端金鑰因子以及所述協商金鑰計算出更新的所述協商金鑰。 A system for determining a key, comprising: an initiator device; and a receiver device, communicatively connected to the initiator device, wherein the initiator device transmits an initiator key factor to the receiver device; The receiving end device transmits the receiving end key factor to the initiating end device; the initiating end device uses the receiving end key factor to calculate a negotiation key, and the receiving end device uses the initiating end key factor to calculate issue the negotiation key, wherein the receiving end device includes a plurality of first receiving end devices and a second receiving end device, wherein the second receiving end device transmits the receiving end key factor to the initiating end device ; the initiator device transmits the receiving end key factor to each of the plurality of first receiving end devices; each of the plurality of first receiving end devices transfers the receiving end key factor As the initiator key factor, the updated negotiation key is calculated by using the initiator key factor and the negotiation key. 如請求項1所述的系統,其中所述發起端設備儲存質數,其中所述發起端設備利用所述質數獲得原根; 所述發起端設備利用所述原根以及發起端質數計算出所述發起端金鑰因子,其中所述發起端質數小於所述質數。 The system according to claim 1, wherein the initiator device stores a prime number, wherein the initiator device uses the prime number to obtain an original root; The initiator device calculates the initiator key factor by using the original root and the initiator prime number, wherein the initiator prime number is smaller than the prime number. 如請求項2所述的系統,其中所述發起端設備利用所述接收端金鑰因子以及所述發起端質數計算出所述協商金鑰。 The system according to claim 2, wherein the initiating device calculates the negotiation key by using the receiving-end key factor and the initiating-end prime number. 如請求項1所述的系統,其中所述發起端設備利用原根以及所述協商金鑰計算出更新的所述發起端金鑰因子。 The system according to claim 1, wherein the initiator device calculates the updated initiator key factor by using the original root and the negotiated key. 如請求項4所述的系統,其中所述發起端設備利用所述接收端金鑰因子以及所述協商金鑰計算出更新的所述協商金鑰。 The system according to claim 4, wherein the initiator device calculates the updated negotiation key by using the receiver key factor and the negotiation key. 如請求項1所述的系統,其中所述發起端設備儲存質數,其中所述發起端設備傳送所述質數以及原根至所述接收端設備;所述接收端設備利用所述原根以及接收端質數計算出所述接收端金鑰因子,其中所述接收端質數小於所述質數。 The system as claimed in claim 1, wherein the initiator device stores a prime number, wherein the initiator device transmits the prime number and the original root to the receiver device; the receiver device utilizes the original root and receives The receiver prime number is used to calculate the receiver key factor, wherein the receiver prime number is smaller than the prime number. 如請求項6所述的系統,其中所述接收端設備利用所述發起端金鑰因子以及所述接收端質數計算出所述協商金鑰。 The system according to claim 6, wherein the receiving end device calculates the negotiation key by using the initiator key factor and the receiving end prime number. 如請求項1所述的系統,更包括群組會議控制設備,其中所述接收端設備通過所述群組會議控制設備以通訊連接至所述發起端設備。 The system according to claim 1, further comprising a group conference control device, wherein the receiver device is communicatively connected to the initiator device through the group conference control device. 一種用於決定金鑰的方法,包括:由發起端設備傳送發起端金鑰因子至接收端設備;由所述接收端設備傳送接收端金鑰因子至所述發起端設備;以及由所述發起端設備利用所述接收端金鑰因子計算出協商金鑰,並且由所述接收端設備利用所述發起端金鑰因子計算出所述協商金鑰,其中所述接收端設備包括多個第一接收端設備以及第二接收端設備,其中所述方法更包括:由所述第二接收端設備傳送所述接收端金鑰因子至所述發起端設備;由所述發起端設備傳送所述接收端金鑰因子至所述多個第一接收端設備的每一者;由所述多個第一接收端設備的每一者將所述接收端金鑰因子做為所述發起端金鑰因子,以利用所述發起端金鑰因子以及所述協商金鑰計算出更新的所述協商金鑰。 A method for determining a key, comprising: sending an initiator key factor to a receiver device by an initiator device; transmitting a receiver key factor to the initiator device by the receiver device; and sending the receiver key factor to the initiator device by the initiator device The end device calculates the negotiation key by using the key factor of the receiving end, and the receiving end device calculates the negotiation key by using the key factor of the initiator, wherein the receiving end device includes a plurality of first The receiving end device and the second receiving end device, wherein the method further includes: transmitting the receiving end key factor to the initiating end device by the second receiving end device; transmitting the received key factor by the initiating end device terminal key factor to each of the plurality of first receiving end devices; each of the plurality of first receiving end devices uses the receiving end key factor as the initiator key factor , to calculate an updated negotiation key by using the initiator key factor and the negotiation key.
TW111128902A 2022-08-02 2022-08-02 System and method for determining key TWI806724B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW111128902A TWI806724B (en) 2022-08-02 2022-08-02 System and method for determining key

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW111128902A TWI806724B (en) 2022-08-02 2022-08-02 System and method for determining key

Publications (2)

Publication Number Publication Date
TWI806724B true TWI806724B (en) 2023-06-21
TW202408200A TW202408200A (en) 2024-02-16

Family

ID=87803233

Family Applications (1)

Application Number Title Priority Date Filing Date
TW111128902A TWI806724B (en) 2022-08-02 2022-08-02 System and method for determining key

Country Status (1)

Country Link
TW (1) TWI806724B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW543312B (en) * 1999-03-25 2003-07-21 Koninkl Philips Electronics Nv Multi-node encryption and key delivery
TWI434577B (en) * 2011-09-23 2014-04-11
TWI501104B (en) * 2014-03-06 2015-09-21 Univ Nat Chi Nan The method of establishing the conversation key
US20220166616A1 (en) * 2020-11-24 2022-05-26 International Business Machines Corporation Key reclamation in blockchain network via oprf
US20220166614A1 (en) * 2020-11-25 2022-05-26 Cryptography Research, Inc. System and method to optimize generation of coprime numbers in cryptographic applications

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW543312B (en) * 1999-03-25 2003-07-21 Koninkl Philips Electronics Nv Multi-node encryption and key delivery
TWI434577B (en) * 2011-09-23 2014-04-11
TWI501104B (en) * 2014-03-06 2015-09-21 Univ Nat Chi Nan The method of establishing the conversation key
US20220166616A1 (en) * 2020-11-24 2022-05-26 International Business Machines Corporation Key reclamation in blockchain network via oprf
US20220166614A1 (en) * 2020-11-25 2022-05-26 Cryptography Research, Inc. System and method to optimize generation of coprime numbers in cryptographic applications

Also Published As

Publication number Publication date
TW202408200A (en) 2024-02-16

Similar Documents

Publication Publication Date Title
KR101516909B1 (en) Discovery of security associations for key management relying on public keys
JP5507688B2 (en) Secure key management in conferencing systems
JP5507689B2 (en) Secure key management in multimedia communication systems
US8238558B2 (en) Key agreement and re-keying over a bidirectional communication path
US9692834B2 (en) Multimodal conversation transfer
US7975140B2 (en) Key negotiation and management for third party access to a secure communication session
CN101582906B (en) Key agreement method and device
US7764945B2 (en) Method and apparatus for token distribution in session for future polling or subscription
KR20150138106A (en) Efficient secure instant messaging
EP2426852A1 (en) Method and system for implementing secure forking calling session in ip multi-media subsystem
JP2014514860A (en) How to find security associations
KR101705440B1 (en) Hybrid cloud media architecture for media communications
EP2911432B1 (en) Sip based inter-mtc device secure communications method, device, and system
TW202037112A (en) Method of identity authentication for voice over internet protocol call and related device
CN111478911A (en) Instant messaging encryption method adopting lightweight key exchange algorithm
CN111064742B (en) Method, device and related equipment for realizing intranet access based on network agent
US8615651B1 (en) Offline shared security key calculation
CN113094722B (en) Three-party password authentication key exchange method
TWI806724B (en) System and method for determining key
KR100656485B1 (en) System and method for providing pta service
CN107395552A (en) A kind of data transmission method and device
Li et al. A new certificateless authenticated key agreement protocol for SIP with different KGCs
JP2013501990A (en) Automatic session admission
CN115208983B (en) Secure communication method, apparatus, computer device and storage medium
CN112738038B (en) Key negotiation method and device based on asymmetric password authentication