TWI828558B - Message transmitting system, user device and hardware security module for use therein - Google Patents

Abstract

The invention relates to a message transmitting system and a user device and a hardware security module for use therein. The message transmitting system includes: a message exchange center, a first user device and a second user device. The hardware security module is installed in the housing of the first user device, and the hardware security module generates a first key establishment combination including at least a first public-private key pair according to a key establishment algorithm. The first private key in the first public-private key pair is only stored in the hardware security module, and the first public key in the first public-private key pair is sent to the message exchange center, the second user device generates a shared key, and the shared key is used to encrypt a first message plaintext to obtain a first message ciphertext, which is sent to the message exchange center and then sent to the first user device. The first user device that received the first message ciphertext obtains the shared key through a shared key acquisition method, and uses the shared key to decrypt the first message ciphertext to get back the first message plaintext.

Description

Information transmission systems and user devices and information security hardware modules used therein

This case is an information transmission system and a user device and information security hardware module applied therein, especially an information transmission system applied to a mobile communication network and a user device and information security hardware module applied therein.

With the continuous development of mobile communication systems, data transmission bandwidth has increased significantly, and users have almost turned to instant messaging software for voice conversations and the transmission of text messages and picture data. However, based on the current architecture of mainstream instant messaging software, it can be seen that the text messages and picture data sent by users to each other must be forwarded through a message exchange center, and the backup of text messages and picture data will be stored in the server set by the industry data server for a period of time or even not deleted at all.

With the extensive use of instant messaging software and high requirements for information security, privacy that does not want to be disclosed is actually stored in the cloud. This traditional instant messaging software can no longer meet users' needs for data confidentiality. Therefore, , various private instant messaging software such as Signal and Telegram came into being. The messages sent by this private instant messaging software will be encrypted before being sent out. Even if they are intercepted during the transmission process or stolen from the cloud database, they cannot be effectively interpreted. Signal also emphasizes that it will not use any text messages and image data. Stored in the operator's data server, privacy that does not want to be disclosed will not have the problem of being stored in the cloud.

However, the keys required for encryption of private instant messaging software are generated by the central processing unit (CPU) of the user's device in today's technology. The generated keys are stored in the user's computer. In the specific data storage area planned in the device. Therefore, once the user device is hacked by an outsider and takes control of the core of the user device (for example, the operating system running on it), the data stored in the specific data storage area managed by the operating system of the user device will Keys will be easily obtained and the encrypted message content will be easily decrypted, causing information security loopholes. How to improve this problem and provide better information security solutions is the main purpose of developing this case.

The invention relates to an information transmission system, which includes: an information exchange center; a first user device, a signal connected to the information exchange center, and a first information security hardware module installed in the first user device , the first information security hardware module generates a first key establishment combination including at least a first public key-private key pair of a first user based on a key establishment algorithm, and the first user's third key establishment combination The first private key in a public key-private key pair is only stored in the first information security hardware module, and the first public key in the first public key-private key pair of the first user is transmitted to the information exchange center; and a second user device, the signal is connected to the information exchange center, the second user device generates a shared key, when the second user device initiates an object to the information exchange center During a message transmission operation of the first user device, the second user device uses the shared key to encrypt a first message plaintext to obtain a first message ciphertext and then sends it to the message exchange center. The information exchange center transmits the first message ciphertext to the first user device, and the first user device that receives the first message ciphertext obtains the shared key through a shared key acquisition means, And use the shared key to decrypt the first message ciphertext to obtain the first message plaintext.

Another aspect of this case is an information transmission system, which includes: a first user device, a signal connected to the Internet, a first information security hardware module installed in the first user device, and the first user device. The information security hardware module generates a first key establishment combination including at least a first public key-private key pair of a first user based on a key establishment algorithm. The first public key-private key pair of the first user is The first private key in the private key pair is only stored in the first information security hardware module; and a second user device is signal-connected to the Internet. When the second user device responds to the first When the user device initiates a message transmission action, the second user device directly sends its network address to the first user device to establish a point-to-point connection, and the second user device generates a shared key. The second user device uses the shared key to encrypt a first message plaintext to obtain a first message ciphertext. The second user device uses the established point-to-point connection to encrypt the first message. The message is transmitted to the first user device, and the first user device that receives the first message ciphertext obtains the shared key through a shared key acquisition method, and uses the shared key to decrypt the first user device. Message ciphertext to obtain the first message plaintext.

Another aspect of the present case is a first user device, which is used between an information exchange center and a second user device. The first user device includes: a communication module, and a signal is connected to the information exchange center. Center; and a first information security hardware module, the signal is connected to the communication module, the first information security hardware module generates at least a first public key of a first user based on a key establishment algorithm. - A first key creation combination of a private key pair, the first private key in the first public key-private key pair of the first user is only stored in the first information security hardware module, and the The first public key in the first public key-private key pair of the first user is sent to the message exchange center, and the second user device generates a shared key. When the second user device responds to the message When the switching center initiates a message transmission action targeted at the first user device, the second user device uses the shared key to encrypt a first message plaintext to obtain a first message ciphertext and then sends it to the The message exchange center transmits the first message ciphertext to the first user device, and the first user device that receives the first message ciphertext obtains the first message ciphertext through a shared key acquisition method. A shared key is used to decrypt the first message ciphertext to obtain the first message plaintext.

According to the above concept, the second user device in this case generates a second key establishment combination including at least a second user's first public key-private key pair based on the key establishment algorithm. The second key establishment combination The first private key in the user's first public key-private key pair is only stored in the second user device, and the first public key in the second user's first public key-private key pair The key is sent to the information clearing center, the second user device obtains the first public key of the first user from the information clearing center, and the second user device at least uses the first public key of the first user and the second user's first private key to perform key establishment to generate the shared key, and the shared key acquisition method is for the first user to obtain the second user's first private key from the information exchange center. public key, and causes the first information security hardware module to use at least the first public key of the second user and the first private key of the first user to perform key establishment to obtain the shared key.

According to the above concept, the information exchange center described in this case includes an identity registration center and a second information security hardware module is installed in the second user device. The second information security hardware module is based on the key. The establishment algorithm generates the second key establishment combination, and the first private key in the second user's first public key-private key pair is only stored in the second information security hardware module. The first public key in the user's first public key-private key pair is sent to the identity registration center for identity registration, and the identity registration center confirms that the first user device belongs to the first user. Similarly, The first public key in the second user's first public key-private key pair is sent to the identity registration center for identity registration, and the identity registration center confirms that the second user device belongs to the second user, The first information security hardware module is implemented in the form of a secure digital memory card and inserted into the first user device, or the second information security hardware module is implemented in the form of a secure digital memory card and inserted into the first user device. in the second user device.

According to the above concept, the second user device described in this case obtains the first public key of the first user from the identity registration center, and uses at least the first public key of the first user and the second user's third A private key is created to obtain a shared secret, and then the shared key is derived based on the shared secret. The first user device obtains the first public key of the second user from the registration center, and Utilize the first information security hardware module to perform key establishment using at least the first public key of the second user and the first private key of the first user and obtain the shared secret and store it in the first information security In the hardware module, the first information security hardware module derives the shared key based on the shared secret, and uses the shared key to decrypt the first message ciphertext to obtain the first message plaintext.

According to the above concept, the first user device described in this case will generate a first digital signature after completing the identity registration. The first digital signature uses the first private key of the first user or a first digital signature. The two private keys are used to sign, and the signed message is public information related to the first user device. Then the first user device sends the first digital signature to the information exchange center, and the second user After the device obtains the first digital signature from the information exchange center, it uses the relevant public information of the first user's device for verification. If it passes, it then uses at least the second user's first private key and the first user's first digital signature. Use the first public key to establish the key.

According to the above concept, the first information security hardware module described in this case further provides an identity authentication function. Only after the first user device passes the identity authentication process can the first information security hardware module be driven to provide the The first private key is used to decrypt the ciphertext of the first message and restore the first message.

According to the above concept, the identity authentication function described in this case is to manually enter a password, a biometric feature, or a combination of the two. After the first information security hardware module verifies that the password or biometric feature or a combination of the two is correct, , it is determined that the first user device passes the identity authentication procedure.

According to the above concept, the first information security hardware module described in this case includes a motion sensing element for detecting the vibration generated by the first user device when the password or biometric is manually entered. It is further determined whether the user inputs manually. When the motion sensing element fails to detect the vibration, it is determined as illegal input.

According to the above concept, the first user device described in this case sends a confirmation signal to the information exchange center after successfully receiving the first message ciphertext. After receiving the confirmation signal, the information exchange center Delete the ciphertext of the first message.

According to the above concept, the first information security hardware module described in this case includes a security chip. The security chip generates a master key. The master key is used to encrypt the first private key of the first user. An encryption result, the encryption result is transmitted out of the security chip, leaving only the master key in the security chip and the encryption result is deleted. When the first private key of the first user is needed, the encryption result is The encryption result is sent back to the security chip, which is decrypted using the master key inside the security chip to obtain the first private key of the first user. The method for the security chip to generate the master key includes one of the following: : Randomly generate the master key, select a fixed value stored in the security chip, and use a key derivation function to derive a string input by the user.

According to the above concept, the method for the second user device to generate the shared key described in this case includes one of the following: generating the shared key with random numbers, selecting a fixed value stored in the second user device The shared key is derived by using a key derivation function for the shared key and a string input by the user, and the shared key obtaining method includes the following steps: the second user device obtains the shared key from the The information exchange center obtains the first public key of the first user, uses the first public key of the first user to encrypt the shared key to form an encrypted shared key, and then uses the first public key of the first user to encrypt the shared key. The key is sent to the first user device, and the first user device uses the first private key of the first user stored in the first information security hardware module to encrypt the shared key. Decrypt and obtain the shared key.

Another aspect of the present case is an information security hardware module installed in a casing of a first user device. The first user device and a second user device are both signal-connected to an information exchange center. A message transmission system, the information security hardware module is electrically connected to the first user device, the information security hardware module generates at least a first public key-private key pair based on a key establishment algorithm. A first key creation combination, the first private key in the first public key-private key pair is only stored in the information security hardware module, and the third private key in the first public key-private key pair A public key is sent to the information clearing center, and the second user device generates a shared key. When the second user device initiates a message transmission action to the information clearing center for the first user device , the second user device uses the shared key to encrypt a first message plaintext to obtain a first message ciphertext and then sends it to the information exchange center, and the information exchange center sends the first message ciphertext To the first user device, the first user device that receives the first message ciphertext obtains the shared key through a shared key acquisition method, and uses the shared key to decrypt the first message ciphertext. , used to obtain the clear text of the first message.

In order to have a clearer understanding of the above-mentioned concepts of the present invention, multiple embodiments are listed below and described in detail with the corresponding drawings.

Please refer to Figure 1, which is a functional block diagram of a preferred embodiment of an information transmission system developed in this case. The information transmission system includes an information exchange center 10, a first user device 11 and a second user device 12. The first user device 11 provided with the communication module 112 and the second user device 12 provided with the communication module 122 are both signally connected to the information exchange center 10, for example, through the Internet 1 in the figure to complete each other's communication. signal connection. The above-mentioned communication module 112 and communication module 122 may be mobile communication chips widely installed on smart phones . As for the first user device 11 and the second user device 12, they can be respectively information processing devices such as smart phones, tablet computers, car computers or personal computers that can execute applications and have data communication capabilities. The following is as follows: A smartphone with communication software applications running on it is used as a main example for illustration.

In order to achieve effective data confidentiality, in this case, an information security hardware is additionally installed in the first user device 11 on which the communication software application 111 (such as Signal, Telegram and other private instant messaging software) is running. The module 110 can signally connect to the communication software application 111 and the communication module 112, and the encryption and decryption method flow chart shown in Figure 2 is executed on the message transmission system. First, in step 21, the information security hardware module 110 generates at least a first public key-private key pair ( USER_1-Keypair_1), the first private key (USER_1-Private_key_1) in the first public key-private key pair of the first user is only stored in the information security hardware module 110 , and will not be stored outside the information security hardware module 110 to ensure that the first private key (USER_1-Private_key_1) of the first user will not be stolen arbitrarily. And because the information security hardware module 110 can be set to be arbitrarily accessible by the user's device core (for example, the operating system running on it), the key stored in the information security hardware module 110 (keys) will not be easily accessible so that the encrypted message content will be easily decipherable.

As for step 22, the first public key (USER_1-Public_key_1) of the first public key-private key pair of the first user is sent to the identity registration center 100 in the information exchange center 10 for identity registration. For example, the identity registration can be completed through another channel using the information exchange center 10, such as using a mobile phone SMS channel to send an authentication code to the first user device 11 using the first user's phone number. The first user uses the first user device 11 to input the authentication code and sends it back to the information exchange center 10 to confirm that the first user device 11 indeed belongs to the first user and has not been used fraudulently. The information exchange center 10 including the identity registration center 100 can be the server of the communication software application 111 (such as the servers of various private instant messaging software such as Signal and Telegram). As for another user device (the second user device 12) whose signal is connected to the information exchange center 10, the communication software application 121 is also running on it. The communication software application 111, the communication software application 121 and the information exchange center 10 may belong to the same system combination issued by the same program developer. As for the second user device 12, similar steps 21 and 22 can also be used to generate at least a first user device according to the above key establishment algorithm (which is the same as the key establishment algorithm of the first user device 11). The second key of the first public key-private key pair (USER_2-Keypair_1) of the two users creates a combination, and the first public key of the second user's first public key-private key pair (USER_2-Keypair_1) The key (USER_2-Public_key_1) is sent to the identity registration center 100 for identity registration, so that the identity registration center 100 can confirm that the second user device belongs to the second user. The second user device 12 may be equipped with another information security hardware module (not shown in this figure), or may not be equipped with an information security hardware module. The identity registration may also be completed and the following steps may be continued.

Step 23 determines whether the second user device 12 uses the communication software application 121 to initiate a message transmission action for the first user device 11 to the information exchange center 10. When the second user device 12 uses the communication software When the application program 121 initiates a message transmission action (such as writing a text message, posting a picture, sending a voice message or sending a video message) to the information exchange center 10 and targeting the first user device 11, step 24 is entered. , wherein the second user device 12 obtains the first public key (USER_1-Public_key_1) of the first user from the information clearing center, and the second user device 12 at least uses the first public key of the first user (USER_1-Public_key_1) and the second user's first private key (USER_2-Private_key_1) for key exchange and establishment (for example, Diffie–Hellman key exchange). A shared key. The second user device 12 uses the shared key to encrypt a first message plaintext (text message, picture, voice message or video message) to obtain a first message ciphertext and then sends it to the Clearinghouse10. Of course, in order to reduce the burden on system resources, the shared key generated when the second user device 12 and the first user device 11 complete the first communication can continue to be used in subsequent communications. , and then regenerate another shared key until a preset time or a preset number of times.

Step 25 is that the information exchange center 10 transmits the first message ciphertext to the first user device 11, and the first user device 11 that receives the first message ciphertext performs the shared key acquisition. The method is to obtain the first public key (USER_2-Public_key_1) of the second user from the information exchange center 10 and enable the information security hardware module 110 to use at least the first public key of the second user. (USER_2-Public_key_1) and the first user's first private key (USER_1-Private_key_1) to perform key exchange and establishment, and then obtain the shared key, and use the shared key to decrypt the first message ciphertext, To obtain the first message plaintext (step 26). In this way, the communication software application 111 and the communication software application 121 can transmit messages securely through the message exchange center 10 .

The first private key of the first user device 11 is only stored in the information security hardware module 110. Therefore, a safer approach may be to allow the first user device 11 to pass the security authentication process. , can drive the information security hardware module 110 to provide the first private key. That is, the first private key will be taken out from the information security hardware module 110 after passing the security authentication process, allowing the first user device 11 to decrypt the received encrypted message, and the decryption can be completed. The first private key is then deleted and does not remain outside the information security hardware module 110 . Of course, the information security hardware module 110 can also regenerate a new first public key-private key pair regularly (every fixed time) or quantitatively (after reaching a certain amount of data) to reduce the number of first private key pairs. Risk of key theft. Alternatively, if the computing power of the information security hardware module 110 is sufficient, the first message ciphertext can also be directly sent to the information security hardware module 110 to decrypt the first message ciphertext and obtain the first message ciphertext. The first message, so the first private key will not be transmitted by the information security hardware module 110 at all.

As for the security authentication process, a preset verification password or biometric (such as a fingerprint) can be entered for comparison. The default verification password or biometric can be installed when the user installs the communication software application 111 to have the information security During the process of installing the first user device 11 of the hardware module 110, when the communication software application 111 and the information security hardware module 110 are bound and linked, the user can input the settings, and the settings can be entered each time. When logging into the communication software application 111, you need to enter it again. In addition, in order to avoid remote attacks by hackers, the identity authentication process may require the user to manually enter the default verification password, the biometric feature, or a combination of the two, and the information security hardware module verifies the password or After the biometric characteristics or the combination of the two are correct, it is determined that the first user device 11 has passed the identity authentication procedure. The first user device 11 is further provided with a motion sensing element 1101 for detecting the vibration generated to the first user device 11 when the password or biometric feature is manually input, and then determines that the user is the user. Whether the input is done manually, when the motion sensing element 1101 fails to detect the vibration, it is determined as an illegal input. A better approach for the motion sensing element 1101 is to be disposed in the information security hardware module 110 to ensure that the motion sensing element 1101 operates correctly and is not remotely controlled by hackers.

The second user device 12 uses at least the first public key (USER_1-Public_key_1) of the first user and the first private key (USER_2-Private_key_1) of the second user to perform the key establishment step 24. , you can perform key establishment to first obtain a shared secret (shared secret), and then derive the shared key based on the shared secret. Similarly, in the first user device 11, the information security hardware module 110 uses at least the first public key (USER_2-Public_key_1) of the second user and the first private key (USER_1) of the first user. -Private_key_1) In step 26 of key establishment, you can perform key establishment to first obtain a shared secret, then derive the shared key based on the shared secret, obtain the shared key, and use the shared key to decrypt The first message ciphertext is used to obtain the first message plaintext. Since the shared key can be generated based on the shared secret and a derived function, the shared key can be regularly updated based on the shared secret and the derived function, thereby reducing the chance of the shared key being cracked. The method of deriving the shared key based on the shared secret can be various common key derivation functions (KDF), so that the shared secret can be used to derive different shared keys.

In addition, the present system and method including the information security hardware module 110 can also be applied to point-to-point multimedia encrypted communication applications, which is another application environment in which the message exchange center 10 in the message transmission system of Figure 1 is omitted. . In this way, when the first user device 12 wants to initiate multimedia (voice, image and text) communication, the second user device 12 can send encrypted messages based on the aforementioned method but skip the transmission of the message exchange center 10 The first user device 11 directly uses the Internet 1 to send its network address to the first user device 11, and the two can establish a point-to-point connection through the Internet 1. After the connection is established, the first user device 11 uses the information security hardware module 110 to generate a public key-private key pair required for the session, and performs a key establishment protocol with the second user device 12 to obtain a The session key (in order to reduce the resources required for encryption and decryption, the session encryption key and the session decryption key in this example can be the same shared key) are stored in the information security hardware module 110 . Then, the second user device 12 uses the information security hardware module 110 to encrypt the plaintext of the multimedia packet to be sent to the first user device 11 using the session encryption key. The first user device 11 also uses the information security hardware module 110 to encrypt the multimedia packet plaintext to be sent to the first user device 11. The module group 110 uses the session decryption key to decrypt the ciphertext of the multimedia packet from the second user device, and then obtains the plaintext of the multimedia packet. Similarly, after the connection is established, the second user device 12 can also use the same method to perform session encryption and decryption operations, so details will not be described again. Of course, you can also use the session encryption key and the session decryption key as a public key-private key pair, and the session key pair can be selected based on the computing power of the system.

The encryption and decryption method flow chart shown in Figure 3 is a flow chart of an embodiment of the method executed on point-to-point multimedia encrypted communication. First, step 31 is the first user device 11 on which the communication software application 111 is running. The information security hardware module 110 generates at least a first public key-private key pair (USER_1- Keypair_1), the first private key (USER_1-Private_key_1) of the first user's first public key-private key pair is only stored in the information security hardware module 110, It will not be stored outside the information security hardware module 110 to ensure that the first private key (USER_1-Private_key_1) of the first user will not be stolen arbitrarily.

As for step 32, another user device (the second user device 12) signal connected to the Internet 1 uses the key establishment algorithm (which is the same as the key establishment algorithm of the first user device 11). ) generates a second key creation combination including at least a second user's first public key-private key pair (USER_2-Keypair_1), on which the communication software application 121 is also run. The communication software application 111 and the communication software application 121 belong to the same system combination issued by the same program developer. The second user device 12 may be provided with another information security hardware module (not shown in this figure), or may not be provided with an information security hardware module.

Step 33 determines whether the second user device 12 uses the communication software application 121 to initiate a message transmission action for the first user device 11. When the second user device 12 uses the communication software application 121 to initiate a message transmission action for the first user device 11, When the first user device 11 performs a message transmission action (such as writing a text message, posting a picture, sending a voice message, or sending a video message), step 34 is entered, in which the second user device 12 directly transmits the message. The network address is sent to the first user device 11, and the two can successfully establish a point-to-point connection. The second user device 12 obtains the third user device 12 from the first user device 11 through the point-to-point connection. A user's first public key (USER_1-Public_key_1), the second user device 12 at least uses the first user's first public key (USER_1-Public_key_1) and the second user's first private key (USER_2 -Private_key_1) to perform key establishment (for example, in accordance with the Diffie-Hellman key exchange protocol) to generate a shared key. The second user device 12 uses the shared key to transmit a first message The plain text (text message, picture, voice message or video message) is encrypted to obtain a first message cipher text.

Step 35 is when the second user device 12 uses the established point-to-point connection to send the first message ciphertext to the first user device 11, and the first user who receives the first message ciphertext The shared key acquisition method executed by the user device 11 is to obtain the first public key (USER_2-Public_key_1) of the second user from the second user device 12 through the point-to-point connection, and make the information secure The hardware module 110 uses at least the first public key (USER_2-Public_key_1) of the second user and the first private key (USER_1-Private_key_1) of the first user to perform key establishment to obtain the shared key. , and use the shared key to decrypt the first message ciphertext to obtain the first message plaintext (step 36). In this way, the communication software application 111 and the communication software application 121 can transmit messages securely through the point-to-point connection.

The infrastructure of the above-mentioned information security hardware module 110 can be a common hardware security module (Hardware security module, HSM), in order to enhance its performance, as shown in Figure 4a and Figure 4b, this case is based on this information In addition to the motion sensing element 1101 and the housing 1100, the security hardware module 110 can also be equipped with a security chip 1102. A preferred embodiment of the appearance of the housing 1100 of the information security hardware module 110 can be an external In current common application examples, the external memory card device can be a Secure Digital Memory Card, and different sizes and types can be selected, such as a Secure Digital Memory Card. Standard size (32.0×24.0×2.1 mm), Mini size: (21.5×20.0×1.4 mm) and Micro size (15.0×11.0×1.0 mm). Among them, the Micro size secure digital memory card is most suitable for today’s smart devices. mobile phone. Of course, the technical means in this case can also be applied to other memory card specifications, such as Memory Stick, etc., so they will not be described again here. According to the above technical description, the information security hardware module 110 of this case can have the following functions: (1) Generate one or more sets of key establishment combinations of public key-private key pairs according to the key establishment algorithm, and save them in the hardware module. (2) Use the key establishment combination stored in the hardware module to establish the key, generate a shared secret and store it in the hardware module. (3) Use the shared secret stored in the hardware module to derive the shared key and store it in the hardware. (4) Use the shared key to encrypt the message plaintext to obtain the message ciphertext, or decrypt the message ciphertext to obtain the message plaintext. (5) Shared secrets or shared keys can be selectively exported based on the results of the security authentication process. The above-mentioned message plain text can be a variety of digital data, such as document files, image files, sound files, or multimedia files mixed with the above contents.

The above-mentioned security chip 1102 can be disposed in the housing 1100. The security chip 1102 can be used to generate the above-mentioned public key-private key pair and perform identity authentication procedures. The security chip 1102 usually needs to meet the following conditions: built-in cryptographic algorithm. Cryptographic Algorithm, Tamper Resistant, Secure OS, Sensors that can detect various intrusive or non-intrusive attacks, and Cryptographic Keys. Secure storage space, etc. Figure 4a shows an embodiment in which the motion sensing element 1101 is provided outside the security chip 1102, which does not require a security chip with special specifications. Figure 4b is an embodiment in which the motion sensing element 1101 is installed in the security chip 1102. This requires a security chip with special specifications, but it can ensure the correct operation of the motion sensing element 1101 and will not be hacked remotely. Control.

The information security hardware module 110 including the above-mentioned security chip 1102 can further enhance the information security function of the information exchange system of this case, and then execute the method flow chart of another preferred embodiment as shown in Figure 5. Compared with Figure 5 The method flow chart shown in 1 has the same concept but also has encryption and decryption steps that are difficult to crack. First, the security chip 1102 in the information security hardware module 110 in the first user device 11 generates a key creation combination, which at least includes the first public key-private key pair and a first key creation combination. Two public key-private key pairs. In addition, the security chip 1102 can also randomly generate a master key to encrypt the first private key (step 41). Of course, the master key can also be generated in other ways. For example, the master key uses a fixed value stored in the security chip 1102, or uses a string input by the user and then uses a key derivation function. to derive the master key. In order to save the storage space of the security chip 1102, the encryption result of the first private key encrypted by the master key can be transferred out of the security chip 1102, leaving only the master key stored in the security chip 1102 and the encryption result is deleted. . When the subsequent system requires the first private key of the first user, the encryption result is transmitted back to the security module (security chip 1102) and decrypted using the internal master key. The decrypted first private key of the first user can then be used to create a key (for example, in accordance with the Diffie-Hellman key exchange protocol), using at least the first private key of the second user. public key to jointly establish a shared secret or shared key.

In addition, when the two parties establish a shared secret or key, if they directly use their own private key and the received public key, but have no way to confirm the authenticity of the public key, a man in the middle attack will occur. attack) problem. Therefore, this case introduces digital signature here to enhance information security. Therefore, after the first user device 11 performs the identity registration in step 22 as shown in Figure 2, a "first digital signature" is generated correspondingly. The encryption private key used to generate the first digital signature may be the first The user's first private key or a second private key, and the information contained in this signature is public information known to both parties (for example, the first public key of the first user, of course, you can also choose another One of the second public keys in a set of second public-private key pairs, or other public information related to the first user). Take the implementation of Signal as an example. The information used in the digital signature here is also public information known to both parties. Since each user in the Signal protocol generates several public key-private key pairs, and then uses one of them. A specific public key (for example, the second public key) serves as the message contained in the digital signature.

The first digital signature is then sent to the message clearing center. After obtaining the first digital signature from the information exchange center 10, the second user device 12 uses the relevant public information of the first user device 11 (in this example, the first public key of the first user) to verify the signature. If After the verification is passed, the above-mentioned series of key creation procedures are then performed using at least the first private key of the second user and the first public key of the first user.

Therefore, the first public key, the first private key encrypted by the master key and the digital signature are sent out of the security chip 1102 and stored in a storage space of the first user device 11 (step 42), in addition, the first private key, the first public key and the digital signature encrypted by the master key in the security chip 1102 of the information security hardware module 110 can be deleted to save the In the data storage space of the information security hardware module 110, the security chip 1102 only stores the master key. When the first private key is needed for decryption, the first private key encrypted by the master key stored in the storage space is returned to the information security hardware module, and the master key is used to decrypt and restore the information. Extract the first private key.

The first user device 11 then transmits the encryption combination including the first public key and the digital signature to the information exchange center 10 (step 43). Then, in response to the second user device 12 initiating a message transmission action targeted at the first user device 11 to the information exchange center 10 (step 44), the information exchange center 10 combines the encryption combination and the digital signature. Sent to the second user device 12 (step 45), the second user device 12 confirms whether the content of the digital signature is correct based on the first public key and the digital signature, and then verifies the digital signature. authenticity (step 46).

After verifying that the digital signature is authentic, the second user device 12 uses at least the first public key of the first user and the first private key of the second user to perform key establishment to generate a shared key, The first message is encrypted using the shared key to obtain a first message ciphertext and then sent to the message exchange center 10 (step 47). The message exchange center 10 sends the first message ciphertext to the first message exchange center 10 (step 47). The user device 11 (step 48), after receiving the first message ciphertext, obtains the first public key of the second user from the information exchange center 10 and makes the information security hardware The security chip 1102 of the body module 110 uses at least the first public key of the second user and the first private key of the first user to perform key exchange and establishment, and then obtains the shared key and uses the The shared key decrypts the first message ciphertext to obtain the first message plaintext (step 49).

In addition, in the above example, only the embodiment in which the information security hardware module 110 is provided in the first user device 11 is described, but in fact, the second user device 12 may also be provided with another information security hardware module. The body model group (not shown in Figure 1) or software that provides similar functions can also send another encryption combination corresponding to the second user device 12 and another digital signature to the information exchange center 10. The information exchange When the center 10 initiates the message transmission action for the first user device 11 to the information exchange center 10 in response to the second user device 12, the center 10 then sends the other encryption combination and the other digital signature to the message exchange center 10. The first user device 11 verifies the authenticity of the other digital signature based on the other encryption combination and the other digital signature. When the digital signature is verified to be authentic, the identity of the second user device 12 can be authenticated. In this way, the first user device 11 that receives the ciphertext of the first message can then use The security chip 1102 of the information security hardware module 110 uses at least the first public key of the second user and the first private key of the first user to perform key exchange and establishment, and then obtains the shared key. Later, the ciphertext of the first message is decrypted, and the first message is obtained.

This method of verifying whether the identity of the second user device 12 is authentic can be performed before step 49 in Figure 5. If the verification of the digital signature bit fails, the second user cannot be authenticated. When the identity of the device 12 is true, the first user device 11 that receives the first message ciphertext sent by the second user device 12 will not perform the decryption action.

Of course, in this embodiment, the security chip 1102 in the information security hardware module 110 also provides an identity authentication function. Only after the first user device 11 passes the identity authentication process can the security chip 1102 be driven to provide a decryption function. , and then restore the first message and the digital signature. Moreover, the identity authentication function is to manually enter a password or biometrics (such as fingerprints) or a combination of the two. After the security chip 1102 verifies that the password or biometrics or a combination of the two is correct, it determines the first user device 11 of users pass the identity authentication process. In addition, in the various embodiments described above, after successfully receiving the first message ciphertext, the first user device 11 can send a confirmation signal to the message exchange center 10, and the message exchange center 10 receives After the confirmation signal, the ciphertext of the first message is deleted, thereby reducing the possibility of improper use of the message.

Please refer to Figure 6 again, which is a flow chart of another preferred embodiment method developed in this case. It is roughly the same as the main body of the embodiment method described in Figure 2, that is, step 61, step 62, step 63 and step 63. 65 is consistent with the contents of step 21, step 22, step 23 and step 25 in Figure 2. However, the original method of generating the shared key in step 24 is changed to using random numbers to generate the shared key in step 64, selecting a fixed value stored in the second user device as the shared key, or selecting a fixed value stored in the second user device as the shared key. This is accomplished by using a string input by the user and then using a key derivation function to derive the shared key.

As for the original method of obtaining the shared key in step 26, in step 66, the following steps are changed: the second user device 12 obtains the first public key of the first user from the information exchange center 10, The shared key is encrypted using the first public key of the first user to form an encrypted shared key, and then the encrypted shared key is sent to the first user device 11. The user device 11 uses the first private key of the first user stored in the information security hardware module 110 to decrypt the encrypted shared key, thereby obtaining the shared key. The shared key generation method and shared key acquisition method in this embodiment can also be extended to the system and method embodiments shown in Figures 3 to 5 to replace the key generation and exchange. mechanism. Since the concepts are similar, they will not be described again here.

In summary, by additionally installing the information security hardware module 110 developed in this case, for example, the information security hardware module 110 in the form of a Secure Digital Memory Card is inserted into the user device ( For example, in a smart phone), the communication security of the instant messaging software on the user's device (such as a smart phone) can be greatly improved, because the important keys will be properly kept in the information security hardware module 110. It was easily obtained and successfully eliminated the information security loopholes in conventional methods, thereby improving the problems of traditional technology and completing better information security solutions, thus achieving the main purpose of developing this case.

In addition, if the information security hardware module solution proposed in this case can be installed on a user device (such as a smartphone) and executed smoothly, it must be the same as running on the user device (such as a smartphone). Good coordination between communication software applications. Therefore, the communication software application must be modified to operate in conjunction with the information security hardware module 110 (eg, Secure Digital Memory Card). Since some applications (such as Signal communication software) are open source, you can directly modify the communication software application source code provided by the program development manufacturer, and then compile the modified source code to generate A communication software application that can match the information security hardware module solution of this case, and then the completed application to be installed is provided to customers who purchase the information security hardware module 110 for installation. Of course, the modified complete source code can also be provided to downstream customers who purchase the information security hardware module 110, so that customers can have room for modification again.

The above-mentioned application to be installed can be pre-installed in the user's device (such as the above-mentioned first user device 11 and the second user device 12) when leaving the factory, or provide a remote link (such as a public website, Private cloud or application store) for users to download and install. Of course, the application can also be stored directly in the information security hardware module 110, so that the user can plug the information security hardware module 110 into After the user installs it, click Install. Alternatively, the manufacturer of the information security hardware module 110 can also provide an API library of a Secure Digital Memory Card for downstream customers to integrate by themselves.

The components/devices in the above embodiments can also have different settings and arrangements, and can be adjusted or changed appropriately depending on the actual needs and conditions of the application. Therefore, the functional block diagrams shown in the description and drawings are for illustration only and are not intended to limit the scope of the present disclosure. In addition, those skilled in the art should know that the details of the method steps in the embodiments are not limited to the single form shown in the drawings, and can be modified according to the needs of actual application without departing from the technical spirit disclosed in this case. Make adjustments accordingly. Therefore, the relevant technical concepts of the message transmission system proposed in this case and the user device equipped with the information security hardware module can certainly be applied to similar message transmission systems such as email systems or online conference systems, and can also achieve communication Security is greatly improved, and important keys cannot be easily obtained.

In summary, although the present invention is disclosed in the above embodiments, they are not intended to limit the present invention. Those with ordinary knowledge in the technical field to which the present invention belongs can make various modifications and modifications without departing from the technical spirit and scope of the present invention. Therefore, the protection scope of the present invention shall be determined by the appended patent application claims.

1:Internet 10:Message exchange center 100: Identity Registration Center 11: First user device 12: Second user device 111, 121: Communication software applications 112, 122: Communication module 110:Information security hardware module 1101: Motion sensing element 1102: Security chip 1100: Shell

Figure 1 is a functional block diagram of a preferred embodiment of a message transmission system developed in this project. Figure 2 is a flow chart of the encryption and decryption method in the message transmission system developed in this case. Figure 3 is a flow chart of an embodiment of the method developed in this case and implemented on point-to-point multimedia encrypted communication. Figure 4a and Figure 4b are schematic diagrams of two embodiments of the information security hardware module in this case. Figure 5 is a flow chart of an embodiment of another encryption and decryption method in the message transmission system developed in this case. Figure 6 is a flow chart of another preferred embodiment of the encryption and decryption method in the message transmission system developed in this case.

1:Internet

10:Message exchange center

100: Identity Registration Center

11: First user device

12: Second user device

111, 121: Communication software applications

112, 122: Communication module

110:Information security hardware module

1101: Motion sensing element

Claims (10)

A message transmission system that includes: a message clearing center; A first user device, the signal is connected to the information exchange center, a first information security hardware module is installed in the first user device, the first information security hardware module generates a key according to a key establishment algorithm A first key creation combination including at least a first public key-private key pair of a first user, the first private key of the first public key-private key pair being stored only in the In the first information security hardware module, and the first public key in the first public key-private key pair of the first user is transmitted to the information exchange center, the first information security hardware module includes A security chip. The security chip generates a master key. The master key is used to encrypt the first private key of the first user to generate an encryption result. The encryption result is transmitted out of the security chip, leaving only The master key is stored in the security chip and the encryption result is deleted. When the first private key of the first user is needed, the encryption result is transmitted back to the security chip and the master key inside the security chip is used. Decrypt the key to obtain the first private key of the first user; and A second user device is signal-connected to the information exchange center. The second user device generates a shared key. When the second user device initiates a message to the information exchange center for the first user device, During the message transmission operation, the second user device uses the shared key to encrypt a first message plaintext to obtain a first message ciphertext and then sends it to the information exchange center, and the information exchange center sends the first message ciphertext to the information exchange center. The message ciphertext is transmitted to the first user device, and the first user device that receives the first message ciphertext obtains the shared key through a shared key acquisition method, and the shared key acquisition method is used Only the first private key is stored in the first information security hardware module, and the shared key is used to decrypt the first message ciphertext to obtain the first message plaintext. The first user's After the first public key is obtained by the second user device from the information exchange center, it is used by the second user device to generate the shared key, or is used by the second user device to transmit the shared key. During the installation process for the first user. The message transmission system as described in claim 1, wherein the first user device sends a confirmation signal to the message exchange center after successfully receiving the first message ciphertext, and the message exchange center receives the confirmation After receiving the signal, the ciphertext of the first message is deleted. The information transmission system as described in claim 1, wherein the first information security hardware module is plugged and installed in the first user device, and the method for the security chip to generate the master key includes one of the following: Randomly generate the master key, select a fixed value stored in the security chip, and derive a string entered by the user using a key derivation function. The information transmission system as described in claim 1, wherein the method for the second user device to generate the shared key includes one of the following: generating the shared key with random numbers, selecting the shared key stored in the second user device A fixed value is the shared key and a key derivation function is used to derive the shared key using a string input by the user, and the shared key obtaining method includes the following steps: the second use The user device obtains the first public key of the first user from the information exchange center, uses the first public key of the first user to encrypt the shared key to form an encrypted shared key, and then uses the first public key of the first user to encrypt the shared key. The encrypted shared key is sent to the first user device, and the first user device uses the first private key of the first user stored in the first information security hardware module to encrypt the encrypted shared key. Decrypt the shared key and obtain the shared key. A message transmission system that includes: A first user device, the signal is connected to the Internet, a first information security hardware module is installed in the first user device, the first information security hardware module generates at least A first key creation combination including a first public key-private key pair of a first user, the first private key of the first user's first public key-private key pair being stored only in the first In an information security hardware module, the first information security hardware module includes a security chip. The security chip generates a master key. The master key is used to encrypt the first private key of the first user. An encryption result is generated, and the encryption result is transmitted out of the security chip, leaving only the master key in the security chip and deleting the encryption result. When the first private key of the first user is needed, Send the encryption result back to the security chip, use the master key inside the security chip to decrypt and obtain the first private key of the first user; and A second user device is signal-connected to the Internet. When the second user device initiates a message transmission action to the first user device, the second user device directly sends its network address to the first user device. The first user device establishes a point-to-point connection, the second user device generates a shared key, and the second user device uses the shared key to encrypt a first message plaintext to obtain a first The second user device uses the established point-to-point connection to send the first message ciphertext to the first user device, and the first user who receives the first message ciphertext The device obtains the shared key through a shared key acquisition method that uses the first private key stored only in the first information security hardware module, and uses the shared key Decrypt the first message ciphertext to obtain the first message plaintext. After the first user's first public key is obtained from the information exchange center by the second user's device, it is then installed by the second user. In the process of generating the shared key, or being used by the second user device to transmit the shared key to the first user device. The message transmission system of claim 5, wherein the second user device generates a second key establishment combination including at least a first public key-private key pair of a second user according to the key establishment algorithm. , the first private key in the second user's first public key-private key pair is only stored in the second user device, and the first private key in the first user's first public key-private key pair The first public key is transmitted to the second user device through the point-to-point connection. The second user device at least uses the first public key of the first user and the first private key of the second user. To perform key establishment to generate the shared key, and the shared key acquisition method is for the first user to obtain the first public key of the second user from the second user through the point-to-point connection, and causing the first information security hardware module to use at least the first public key of the second user and the first private key of the first user to perform key establishment to obtain the shared key, the first information The secure hardware module is implemented in the form of a secure digital memory card and inserted into the first user device. The information transmission system as described in claim 5, wherein the method for the second user device to generate the shared key includes one of the following: generating the shared key with random numbers, selecting the shared key stored in the second user device A fixed value is the shared key and a key derivation function is used to derive the shared key using a string input by the user, and the shared key obtaining method includes the following steps: the second use The user device obtains the first public key of the first user from the information exchange center, and uses the first public key of the first user to encrypt the shared key to form an encrypted shared key, and then The encrypted shared key is sent to the first user, and the first user uses the first private key of the first user stored in the first information security hardware module to encrypt the encrypted shared key. Decrypt the shared key to obtain the shared key. A first user device is used between an information exchange center and a second user device. The first user device includes: a communication module, a signal connected to the information exchange center; and A first information security hardware module is installed in a housing of the first user device and is signal-connected to the communication module. The first information security hardware module generates at least A first key creation combination including a first public key-private key pair of a first user, the first private key of the first user's first public key-private key pair being stored only in the first In an information security hardware module, and the first public key in the first public key-private key pair of the first user is transmitted to the information exchange center, the first information security hardware module includes an A security chip. The security chip generates a master key. The master key is used to encrypt the first private key of the first user to generate an encryption result. The encryption result is transmitted out of the security chip, leaving only the first private key. The master key is stored in the security chip and the encryption result is deleted. When the first private key of the first user is needed, the encryption result is returned to the security chip and the master key inside the security chip is used. Decrypt to obtain the first private key of the first user, the second user device generates a shared key, and when the second user device initiates a message to the information exchange center for the first user device During the message transmission operation, the second user device uses the shared key to encrypt a first message plaintext to obtain a first message ciphertext and then sends it to the information exchange center, and the information exchange center sends the first message ciphertext to the information exchange center. The message ciphertext is transmitted to the first user device, and the first user device that receives the first message ciphertext obtains the shared key through a shared key acquisition method, and the shared key acquisition method is used Only the first private key is stored in the first information security hardware module, and the shared key is used to decrypt the first message ciphertext to obtain the first message plaintext. The first user's After the first public key is obtained by the second user device from the information exchange center, it is used by the second user device to generate the shared key, or is used by the second user device to transmit the shared key. During the installation process for the first user. The first user device as described in claim 8, wherein after successfully receiving the first message ciphertext, the first user device sends a confirmation signal to the message exchange center, and the message exchange center receives After the confirmation signal, the first message ciphertext is deleted, and the method of generating the master key by the security chip includes one of the following: generating the master key with random numbers, selecting one of the keys stored in the security chip The fixed value is derived from a string entered by the user using a key derivation function. An information security hardware module is installed in the casing of a first user device. The first user device and a second user device are both signal-connected to an information exchange center to form an information transmission system. The information The security hardware module is electrically connected to the first user device. The information security hardware module generates a first key establishment combination including at least a first public key-private key pair according to a key establishment algorithm. , the first private key in the first public key-private key pair is only stored in the information security hardware module, and the first public key in the first public key-private key pair is transmitted to the Information exchange center, the first information security hardware module includes a security chip, the security chip generates a master key, and the master key is used to encrypt the first private key of the first user to generate an encryption result, The encryption result is transmitted out of the security chip, leaving only the master key in the security chip and deleting the encryption result. When the first private key of the first user is needed, the encryption result is transmitted Return the security chip, use the master key inside the security chip to decrypt and obtain the first private key of the first user. The second user device generates a shared key. When the second user device When the information exchange center initiates a message transmission action targeted at the first user device, the second user device uses the shared key to encrypt a first message plaintext to obtain a first message ciphertext and then transmits it. To the information exchange center, the information exchange center transmits the first message ciphertext to the first user device, and the first user device that receives the first message ciphertext obtains the means through a shared key. Obtaining the shared key, the shared key obtaining method includes using the first private key stored only in the information security hardware module, and using the shared key to decrypt the first message ciphertext to obtain After returning the first message plain text, the first public key of the first user is obtained by the second user device from the information exchange center and is used by the second user device to generate the shared key, or is used by the second user device to generate the shared key. The second user device is used to transmit the shared key to the first user device.

Images