WO2016177050A1 - Message transmission method and apparatus - Google Patents

Message transmission method and apparatus Download PDF

Info

Publication number
WO2016177050A1
WO2016177050A1 PCT/CN2016/075238 CN2016075238W WO2016177050A1 WO 2016177050 A1 WO2016177050 A1 WO 2016177050A1 CN 2016075238 W CN2016075238 W CN 2016075238W WO 2016177050 A1 WO2016177050 A1 WO 2016177050A1
Authority
WO
WIPO (PCT)
Prior art keywords
dictionary
message
initial session
message unit
session dictionary
Prior art date
Application number
PCT/CN2016/075238
Other languages
French (fr)
Chinese (zh)
Inventor
钱宗文
尤岩枫
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2016177050A1 publication Critical patent/WO2016177050A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/06Message adaptation to terminal or network requirements
    • H04L51/066Format adaptation, e.g. format conversion or compression
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/04Real-time or near real-time messaging, e.g. instant messaging [IM]

Definitions

  • the present invention relates to the field of communications, and in particular to a message transmission method and apparatus.
  • Symmetric encryption is also called private key encryption and shared key encryption; asymmetric encryption is called public key encryption.
  • a symmetric encryption algorithm uses the same key for encryption and decryption, or two keys that can be easily extrapolated from each other. This set of keys is shared between two or more members to maintain a proprietary communication link. Compared with public key encryption, requiring both parties to obtain the same key is one of the main drawbacks of symmetric key encryption. The advantage is that it is much faster than public key encryption.
  • Common symmetric encryption algorithms are DES, 3DES, AES, Blowfish, IDEA, RC5, and RC6.
  • Asymmetric encryption requires a pair of keys, one is a private key and the other is a public key. These two keys are mathematically related. The information obtained by encrypting with a user key can only be decrypted by using the decryption key of the user. If you know one of them, you can't figure out another one. Therefore, if one of a pair of keys is disclosed, it does not endanger the secret nature of the other. Compared with symmetric key encryption, the advantage is that there is no need to share a common key, and the decrypted private key is not sent to any user. Even if the public key is intercepted on the Internet, if there is no private key matching it, it cannot be decrypted, and the intercepted public key is of no use. Common public key encryption algorithms are: RSA, ElGamal, elliptic curve encryption algorithm.
  • Public key systems are usually master-slave architectures. Common methods for passing certificates are SSL/TLS protocols, digital certificates, etc., but this method is not used for common network communication tools.
  • the encryption security related conditions are as follows:
  • an embodiment of the present invention provides a message transmission method and apparatus.
  • a message transmission method including: acquiring an initial session dictionary, wherein a first message unit exists in the initial session dictionary and corresponds to the initial session dictionary one by one a dictionary pointer comprising: a starting position of the first message unit in the initial session dictionary and a length of the first message unit; obtaining by the first message unit and/or the second message unit a message to be encoded, according to the initial session dictionary, compressing and encoding the first message unit of the message to be encoded, to obtain a dictionary pointer and/or the second message unit of the first message unit Forming a to-be-sent message; sending the to-be-sent message, and updating the initial session dictionary according to a preset policy, wherein updating the initial session dictionary comprises: adding the second message unit to the initial session dictionary, A dictionary pointer of the second message unit.
  • the method further comprises: receiving a message to be decoded composed of a dictionary pointer and/or a third message unit of the first message unit; according to the initial session dictionary and a dictionary pointer of the first message unit, decompressing the to-be-decoded message, obtaining a decoded message composed of the first message unit and/or the third message unit; updating the initial session according to the preset policy a dictionary, wherein updating the initial session dictionary comprises: adding the third message unit to the initial session dictionary to obtain a dictionary pointer of the third message unit.
  • the obtaining the initial session dictionary includes one of the following methods: negotiating with the recipient of the to-be-sent message or exchanging the initial session dictionary through peer-to-peer secure communication; acquiring the method by loading a configuration file An initial session dictionary; the initial session dictionary is obtained by randomly generating and encoding a common character font encoding and performing negotiation and interleaving with the receiver of the to-be-sent message; according to a preset period of time with the receiver of the to-be-sent message The session record within, generating the initial session dictionary.
  • the method further comprises: determining whether the initial session dictionary matches an initial session dictionary of a receiver of the to-be-sent message; and if the determination result is a match, performing Subsequent steps; otherwise, the initial session dictionary is reacquired.
  • updating the initial session dictionary according to the preset policy comprises one of: updating the initial session dictionary in real time; updating the initial session dictionary according to a dictionary update instruction.
  • a message transmission apparatus including: a first obtaining module, configured to acquire an initial session dictionary, wherein a first message unit exists in the initial session dictionary, and a dictionary pointer corresponding to the initial session dictionary, the dictionary pointer includes: a starting position of the first message unit in the initial session dictionary and a length of the first message unit; a second acquiring module, setting To obtain a message to be encoded which is composed of the first message unit and/or the second message unit; the encoding module is configured to perform compression coding on the first message unit of the message to be encoded according to the initial session dictionary Obtaining a to-be-sent message formed by the dictionary pointer of the first message unit and/or the second message unit; the sending module is configured to send the to-be-sent message; the first update module is set to be according to a preset policy Updating the initial session dictionary, wherein updating the initial session dictionary comprises: adding the second message unit to the initial session word To give the dictionary of the second message unit pointer.
  • the apparatus further comprises: a receiving module configured to receive a message to be decoded consisting of a dictionary pointer and/or a third message unit of the first message unit; a decoding module configured to be based on the initial session dictionary and a dictionary pointer of the first message unit, decompressing the to-be-decoded message, to obtain a decoded message composed of the first message unit and/or the third message unit; and a second update module, configured to The preset policy updates the initial session dictionary, wherein updating the initial session dictionary comprises: adding the third message unit to the initial session dictionary to obtain a dictionary pointer of the third message unit.
  • the first obtaining module is configured to: negotiate with the receiver of the to-be-sent message or exchange the initial session dictionary through peer-to-peer secure communication; acquire the initial by loading a configuration file a session dictionary; the initial session dictionary is obtained by randomly generating and encoding the common character font encoding and performing negotiation and interleaving with the receiver of the to-be-sent message; according to the receiver with the to-be-sent message, within a preset time period The session record, the initial session dictionary is generated.
  • the apparatus further includes: a verification module, configured to determine whether the initial session dictionary matches an initial conversation dictionary of a receiver of the to-be-sent message; wherein, if the determination result is a match, enabling Subsequent modules; otherwise, returning to the first acquisition module to reacquire the initial session dictionary.
  • a verification module configured to determine whether the initial session dictionary matches an initial conversation dictionary of a receiver of the to-be-sent message; wherein, if the determination result is a match, enabling Subsequent modules; otherwise, returning to the first acquisition module to reacquire the initial session dictionary.
  • the first update module and/or the second update module are set to one of: updating the initial session dictionary in real time; updating the initial session dictionary according to a dictionary update instruction.
  • an initial session dictionary is acquired, where the initial session dictionary includes a first message unit and a dictionary pointer of the first message unit; and a message to be encoded composed of the first message unit and/or the second message unit is acquired; Decoding, according to the initial session dictionary, the first message unit of the coded message, to obtain a to-be-sent message formed by the dictionary pointer and/or the second message unit of the first message unit; sending a to-be-sent message, and updating according to a preset policy
  • An initial session dictionary, wherein updating the initial session dictionary comprises: adding a second message unit to the initial session dictionary, obtaining a dictionary pointer of the second message unit, solving the problem that the real-time communication encryption has low security, and improving real-time communication safety.
  • FIG. 1 is a flow chart of a message transmission method according to an embodiment of the present invention.
  • FIG. 2 is a schematic diagram of encoding in accordance with a preferred embodiment of the present invention.
  • FIG. 3 is a schematic diagram of a topology structure of a master-slave structure communication model according to a preferred embodiment of the present invention
  • FIG. 4 is a schematic diagram of a topology structure of a discrete structure communication model in accordance with a preferred embodiment of the present invention.
  • FIG. 5 is a schematic diagram of a topology structure of a point-to-point structure communication model according to a preferred embodiment of the present invention.
  • FIG. 6 is a flow chart of a basic session of a communication terminal in accordance with a preferred embodiment of the present invention.
  • FIG. 7 is a flowchart of an asynchronous dictionary update in accordance with a preferred embodiment of the present invention.
  • FIG. 8 is a schematic structural diagram of a message transmission apparatus according to an embodiment of the present invention.
  • FIG. 9 is a flowchart showing the operation of the communication extension tool according to a preferred embodiment of the present invention, which is applicable to the topology shown in FIG. 3 and FIG. 5;
  • FIG. 10 is another operational flowchart of a communication extension tool according to a preferred embodiment of the present invention, which is applicable to the topology shown in FIG. 4 and FIG.
  • the compression coding employed in the embodiments of the present invention is a dictionary code, such as an LZ series code.
  • the LZ77 encoding in the related art is taken as an example.
  • the compression function is implemented by replacing the current data with corresponding matching data information that has appeared in the encoder or the decoder.
  • This matching information is encoded using a pair of data called a "length-distance pair" which is equivalent to "each character of a given length is equal to the uncompressed data stream at a subsequent specific distance character position".
  • Both the encoder and the decoder hold a certain amount of the most recent data, such as the last 2 kilobytes (KB), 4 KB, or 32 KB of data.
  • the structure that holds these data is called a sliding window, so LZ77 is sometimes called sliding window compression.
  • the encoder saves this data to find the matching data, and the decoder saves the data to interpret the matching data pointed to by the encoder. So the encoder can use a smaller sliding window than the decoder, but the reverse is not.
  • the dictionary encoding method applied in the embodiment of the present invention improves the compression encoding in the related art, thereby making it suitable for encrypted transmission of real-time communication: generating the same encoding dictionary at both ends of the real-time communication, and the subsequent input data will be prioritized.
  • FIG. 1 is a flowchart of a message transmission method according to an embodiment of the present invention. As shown in FIG. 1 , the process includes the following steps:
  • Step S102 Acquire an initial session dictionary, where the first message unit exists in the initial session dictionary and corresponds to a dictionary pointer of the initial session dictionary, and the dictionary pointer includes: a start of the first message unit in the initial session dictionary. The location and the length of the first message unit;
  • Step S104 Acquire a message to be encoded that is composed of the first message unit and/or the second message unit.
  • Step S106 performing compression coding on the first message unit of the to-be-coded message according to the initial session dictionary, to obtain a to-be-sent message formed by the dictionary pointer and/or the second message unit of the first message unit;
  • Step S108 Send a message to be sent, and update an initial session dictionary according to a preset policy, where updating the initial session dictionary includes: adding a second message unit to the initial session dictionary to obtain a dictionary pointer of the second message unit.
  • the message is transmitted in a dictionary encoding manner, and the initial session dictionary is updated according to the transmitted message.
  • the received information cannot be decoded;
  • the second message unit is updated, so if the other party does not get the previous session record, the same message plaintext cannot be obtained.
  • the embodiment of the invention further provides a communication terminal applying the above message transmission method, which comprises a communication terminal device and/or software used at both ends of the message transmission and reception.
  • the communication terminal device and software are collectively referred to as communication terminals in the embodiments of the present invention.
  • the information transmitted at any time T between the communication terminals can be encoded based on all or part of the information transmitted between the communication terminals before the time T.
  • acquiring the initial session dictionary includes one of the following methods: through peer-to-peer secure communication, negotiating with the receiver of the message to be sent or exchanging the initial session dictionary; and acquiring the initial session by loading the configuration file a dictionary; an initial session dictionary is obtained by randomly generating a code for encoding a common character font and negotiating and interleaving with a receiver of the message to be sent; generating an initial session according to a session record with a receiver of the message to be sent within a preset time period dictionary.
  • the communication terminal A and the communication terminal B of both communication parties can negotiate or exchange a conversation dictionary for message transmission through a secure channel or a secure path.
  • the secure channel may be a point-to-point transmission; the security path and the generation of the session dictionary may also be matching file inputs preset at both ends of the communication.
  • the generation of the conversation dictionary may be performed by randomly generating and performing negotiation and interleaving of common character fonts and the like at both ends of the communication; preferably, the content of the conversation dictionary may be plain text, binary or hexadecimal A block of data, or a text that has been transformed by a certain algorithm.
  • a message to be decoded composed of a dictionary pointer and/or a third message unit of the first message unit may also be received; and the dictionary is decompressed according to the initial session dictionary and the dictionary pointer of the first message unit.
  • Decoding the message obtaining a decoded message composed of the first message unit and/or the third message unit; updating the initial session dictionary according to a preset policy, wherein updating the initial session dictionary comprises: adding a third message unit to the initial session dictionary, obtaining the first A dictionary pointer for three message units.
  • decoding of the received message is achieved, as well as an update of the initial session dictionary based on the received message.
  • the transceiving message can be encrypted and transmitted by dictionary coding.
  • the communication terminal A receives the input message to be transmitted, and starts to retrieve the session dictionary. If the message unit in the message to be transmitted can find a matching value in the session dictionary, the position and length of the matching unit in the dictionary are directly or indirectly
  • the substitute message unit is added as a dictionary pointer to the message to be transmitted; if the message unit in the input message cannot find a matching value in the session dictionary, the message unit is added to the session dictionary, and the message is added directly or indirectly Pending Lose the message.
  • the communication terminal A receives the transmission instruction, the message to be transmitted is transmitted to the communication terminal B.
  • the communication terminal B receives the message of the communication terminal A, reads the message according to a preset rule, and if the message fragment is recognized as a dictionary pointer, searches the session dictionary to restore the message unit, and adds the restored message unit to the message to be output; if the message If the fragment is recognized as a non-dictionary pointer, the message fragment is restored according to a preset rule, added to the message to be output, and the restored message unit is added to the session dictionary; if the communication terminal B receives the output instruction, the message to be output is output. .
  • the communication terminal A and the communication terminal B can exchange roles.
  • the method further comprises: determining whether the initial session dictionary matches the initial conversation dictionary of the recipient of the message to be sent; and if the determination result is a match, performing the subsequent step; otherwise, re-acquiring the initial Conversation dictionary. For example, if a new session is initiated, the session record can be checked. If there is a session record, a session dictionary can be generated through the session record, and the feature values of the dictionary generated at both ends are matched. If the dictionary feature values at both ends match, Use this conversation dictionary.
  • the negotiation process of the session dictionary and the transmission process of the message may be encapsulated by an encryption algorithm and/or a security protocol for additional encrypted transmission.
  • the negotiation of the session dictionary and the transmission of the message can independently use different encryption and transmission paths.
  • the content of the session dictionary changes continuously with the content of the message transmission.
  • the size of the session dictionary may be fixed or variable.
  • updating the initial session dictionary according to the preset policy comprises one of: updating the initial session dictionary in real time; and updating the initial session dictionary according to the dictionary update instruction.
  • the dictionary can be updated by specific instructions, such as rearranging, or varying lengths.
  • the update of the conversation dictionary may be a periodic update or a random update.
  • the update command of the session dictionary may contain/hide in the message to be transmitted for transmission.
  • it can be implemented as follows:
  • the communication terminal A triggers a dictionary update event, encodes the dictionary update command and parameters as an input message and adds it to the message to be transmitted, the communication terminal A updates the local session dictionary, and the communication terminal A transmits the message to be transmitted.
  • the communication terminal B decodes after receiving the message, and when the read decoded content is recognized as an instruction, reads the instruction and the parameter, and the communication terminal B updates the session dictionary according to the instruction and the parameter content, and the instruction content is not added to the message to be output.
  • the communication terminal A may not perform the dictionary update when transmitting the message, and when the communication terminal B receives the message, it feeds back a successfully received message to the communication terminal A, and the communication Terminal A receives the feedback and then performs dictionary update.
  • the communication terminal B can feed back the check value of a session dictionary to the communication terminal A, and the communication terminal A matches the check value of the local dictionary. If the match is matched, the update is performed. If no match, the communication terminal B re-matches Negotiation session dictionary
  • the dictionary in order to avoid the conversation sequence error caused by the delay, can be asynchronously updated, and the communication party communicates with one. After a certain time, or after the amount of exchanged information reaches a certain scale, the two ends initiate a dictionary update, and the session sequence or the check code in a window before the current message is extracted to match, and if the matching is successful, the dictionary is updated using the content in the window. If it cannot be matched, it will be re-matched.
  • the session feedback mechanism may be increased.
  • the communication parties return to the plurality of session windows according to the session record stored by the communication, and generate the content in each window.
  • the check code is compared.
  • the dictionary is generated using the content in the session window corresponding to the check code. If the matching content cannot be found, the original session dictionary is renegotiated or reset.
  • the input and output of the encryption algorithm are usually fixed length, and the input and output length of the compression algorithm are indefinite, because if you do not know the position and length of the pointer structure, you can not know the length of the data matching in the dictionary, and also Know that a message is actually divided into several paragraphs;
  • the encryption algorithm is slice encryption. Any encrypted segment of a certain length can be decoded independently; and the compression algorithm is continuous coding, and any part is lost. Generally, the subsequent part cannot be decoded;
  • the key used by the encryption algorithm is usually fixed.
  • the dictionary used by the compression algorithm is a sliding window and will be updated continuously.
  • the encoding/decoding result of the encryption algorithm is unique, so it can judge the correctness of the data, and further can be exhausted by a specific method; while the encoding output of the compression algorithm is not unique, even if the output is forcibly exhausted, it is basically impossible to judge the correctness.
  • the compression algorithm originally did not have the encryption feature, but due to the vulnerability characteristics of the second point mentioned above, and the sliding window mechanism of the third point, and the uncertainty characteristic of the fourth point, in the scene of real-time message transmission. It has a very high security; on the other hand, the compressed code can also be encrypted by an encryption algorithm.
  • a preferred embodiment of the present invention provides a message transmission method based on compression coding, which can be used for real-time communication.
  • the compression coding used therein may be one or more coding modes for lossless data compression; the compression coding has the following characteristics: First, data transmitted at any time depends on the transmission before the time when decoding is performed. Data, so data within a time segment cannot be decoded separately; second, the transmitted data can be further encrypted by other encryption algorithms or security protocols.
  • the session and encoding process is as shown in FIG. 2, assuming that the communication parties are communication terminal A (Terminal A in FIG. 2) and communication terminal B (Terminal B in FIG. 2), both parties start the session.
  • Exchange/negotiate a conversation dictionary for the session (Dictionary in Figure 2).
  • the sequence of the dictionary generated by the initial negotiation is 201: HELOWARY.
  • the communication terminal A When the communication terminal A sends a message to the communication terminal B: HELLO, the communication terminal A searches for the maximum matching field in the dictionary, first finds a HEL matching three characters, assuming that the encoding here uses one byte to indicate the starting position of the character, one Word The section indicates the length of the string (offset), then the encoding of the HEL in the initial dictionary can be expressed as 0x0003; then the LO matching 2 characters is also found, and the encoding can be expressed as 0x0202, so the communication terminal A is sent after encoding.
  • the message of communication terminal B is 0x00030202.
  • the communication terminal B After receiving the message, the communication terminal B decodes according to the same principle, reads two bytes at a time, one byte is the starting position, one byte is the string length, and then the content output is read from the dictionary.
  • HELLOW is added to the dictionary as a new string, resulting in a dictionary as shown in 202.
  • the communication terminal B replies to the message HELLO to the communication terminal A, searches the dictionary for encoding, and the message sent after the encoding is 0x0805. Since the full character matches, the dictionary is not updated.
  • the dictionary 203 of Figure 2 shows an example of a real-time updated encoding, ie the dictionary is updated during the encoding process.
  • A sends a message HOW ARE YOU to B, first finds H (0x0001), then finds OW (0x0302), because the HOW is not in the dictionary, joins the dictionary, then the space, the dictionary does not, Add the dictionary (0x1001).
  • the space character needs to add the information to be transmitted according to the preset rules.
  • the simple point we make here is directly output in ASCII code. Of course, there is usually a way to recognize new characters, such as specifying a pointer.
  • the position starts with FF to indicate a new character, and ends with the next FF (or specifies a random position value to indicate a new character, and ends at the next random position value, skipping the two positions when actually encoding); 0x0502), E (0x0101), because ARE is not in the dictionary, added to the dictionary, the next space has been added to the dictionary (0x1001), but the string with ARE followed by the space is not in the dictionary, so the space is still added to the dictionary. , then Y (0x0701), O (0x0C01), YO is not in the dictionary, add a dictionary, add a dictionary, and finally U is a new character, add a dictionary, U as a new character output.
  • the space is represented as 0xFF20FF
  • U is represented as 0xFF55FF
  • the information sent by A to B is: 0x00010302FF20FF05020101100107010301FF55FF
  • B receives the information for decoding, if the read two bytes is FF
  • the read two bytes is FF
  • the dictionary code can also be called sliding window coding, so the dictionary is not infinitely extended, and sliding backward according to the setting is the correct method.
  • the dictionary size is set to 16 words Section, then the final output of the dictionary should be moved back 9 bytes, the dictionary of 203 should be as follows:
  • the initial dictionary is completely ineffective for the attacker.
  • the encoding output becomes complicated, the transmission fault tolerance is also low, and problems occur, so in fact, more asynchronous updates described later are used.
  • Figure 4 shows the discrete structure communication model.
  • the communication terminal discovers other communication terminals on the network and directly communicates without a server.
  • FIG. 5 shows a peer-to-peer structure communication model.
  • the communication terminal obtains the peer information by registering or reporting its own information to the server, and directly obtains the peer address, and then directly communicates with the peer end, and the session process information may not pass through the server.
  • a communication terminal can simultaneously use several of the structures in the above three structures.
  • the communication terminal of the preferred embodiment of the present invention can generally operate independently under the topology shown in FIG. 4 or 5. At this point, the basic workflow of the communication terminal is as shown in FIG. 6.
  • the communication process is divided into two phases.
  • the first phase (Phase) 1 confirms the initial session dictionary for communication, and Phase 2 performs communication. Among them, the roles of Phase 2 communication terminals A and B can be exchanged.
  • Step S601 the communication terminals A and B negotiate an encrypted channel, which is generally a direct connection without going through the server;
  • step S602 the communication terminals A and B generate an initial session dictionary through the encrypted channel exchange or negotiation, and the local common word sequence of the two communication terminals can be matched and randomly changed.
  • the dictionary size can take a random value within a certain range. If it is not the first communication, the initial session dictionary can be generated based on the past communication records, so that the actual dictionary information is not included in the interaction information.
  • Step S603 after the initial session dictionary is agreed, the encrypted channel is removed. After the communication is required, a new encrypted channel can be reconstructed. At this point, Phase1 ends.
  • Step S604 the communication terminal A receives the message to be sent by the input terminal, and performs coding according to the coding method shown in FIG. 1;
  • Step S605 the communication terminal A sends the encoded message to the communication terminal B;
  • Step S606 the communication terminal B performs decoding after receiving the message
  • Step S607 the communication terminal B outputs the decoded message
  • Step S608 the communication terminal B confirms that the message is received, and sends a receipt or a check code to the communication terminal A;
  • Step S609 the communication terminal A updates the dictionary after receiving the receipt, and the communication terminal B updates the dictionary
  • the communication terminal B transmits a message to the communication terminal A also following the steps of steps S601 to S609.
  • the flow shown in FIG. 6 is slightly different from the real-time update shown in the above special case 1, because the real-time update is not performed, so the second space in the code of the communication terminal A in the special case 1 will be replaced by the new character, but the final update is performed. There is no difference in the dictionary.
  • Step S701 a trigger triggers an update process.
  • the trigger event can be time, message threshold, and the like.
  • Step S702 after receiving the input message, the communication terminal A generates an update signal, and the update signal is usually an instruction including several parameters, such as a dictionary update rule, a dictionary length, etc.; the communication terminal A will update the signal and the received input message. Mix according to certain rules and define the update signal by a specific method.
  • Step S703 the communication terminal A encodes the mixed message
  • Step S704 the communication terminal A sends the encoded message to the communication terminal B;
  • Step S705 the communication terminal B performs decoding after receiving the message
  • Step S706 the communication terminal B reads the decoded message, identifies the update signal delimiter, and separates the message into an update signal and a message to be output according to a specific rule;
  • Step S707 the communication terminal B outputs the output message.
  • Step S708 the communication terminals A and B record the backtracking message according to the parameters in the update signal, generate a message window, and roll back a number of message sequences, and generate a check code by generating a check code for each content in the message window, and generate a plurality of schools.
  • Step S709 the communication terminal B sends a check code sequence to the communication terminal A;
  • Step S710 the communication terminal A compares the self-check code, selects a matching transmission to the communication terminal B;
  • Step S711 the communication terminals A and B update the dictionary according to the content in the message window corresponding to the selected check code
  • the advantage of using this method is that the dictionary will not be updated when there is a communication exception or a delay in the message sequence caused by the transmission delay.
  • the technical solution of the present invention which is essential or contributes to the prior art, may be embodied in the form of a software product stored in a storage medium (such as ROM/RAM, disk,
  • a storage medium such as ROM/RAM, disk,
  • the optical disc includes a number of instructions for causing a terminal device (which may be a cell phone, a computer, a server, or a network device, etc.) to perform the methods of various embodiments of the present invention.
  • a message transmission device is also provided in the embodiment to implement the above-mentioned embodiments and preferred embodiments.
  • the descriptions of the modules involved in the device will be described below.
  • the term "module” may implement a combination of software and/or hardware of a predetermined function.
  • the apparatus described in the following embodiments is preferably implemented in software, hardware, or a combination of software and hardware, is also possible and contemplated.
  • FIG. 8 is a schematic structural diagram of a message transmission apparatus according to an embodiment of the present invention. As shown in FIG. 8, the apparatus includes: a first acquisition module 80, a second acquisition module 82, an encoding module 84, a sending module 86, and a first update module. 88, of which,
  • the first obtaining module 80 is configured to obtain an initial session dictionary, where the first message unit exists in the initial session dictionary and corresponds to a dictionary pointer of the initial session dictionary, the dictionary pointer includes: the first message unit is in the initial session a starting position in the dictionary and a length of the first message unit; a second obtaining module 82, configured to acquire a message to be encoded consisting of the first message unit and/or the second message unit; and an encoding module 84 coupled to the first acquisition
  • the module 80 and the second obtaining module 82 are configured to perform compression coding on the first message unit of the message to be encoded according to the initial session dictionary, to obtain a to-be-sent message formed by the dictionary pointer and/or the second message unit of the first message unit;
  • the sending module 86 is coupled to the encoding module 84 and configured to send a message to be sent.
  • the first updating module 88 is coupled to the second obtaining module 82, and is configured to update the initial session dictionary according to a preset policy, where updating the initial session dictionary comprises: Adding the second message unit to the initial session dictionary to obtain a dictionary pointer of the second message unit.
  • the apparatus further comprises: a receiving module configured to receive a message to be decoded consisting of a dictionary pointer and/or a third message unit of the first message unit; a decoding module coupled to the receiving module, configured to be based on the initial session dictionary and a dictionary pointer of a message unit, decompressing the message to be decoded, to obtain a decoded message composed of the first message unit and/or the third message unit; and a second update module coupled to the receiving module, configured to update the initial session according to a preset policy a dictionary, wherein updating the initial session dictionary comprises: adding a third message unit to the initial session dictionary to obtain a dictionary pointer of the third message unit.
  • the first obtaining module 80 is configured to: negotiate with the receiver of the message to be sent or exchange the initial session dictionary through peer-to-peer secure communication; obtain the initial session dictionary by loading the configuration file; The font encoding is randomly generated and negotiated and interleaved with the receiver of the message to be sent to obtain an initial session dictionary; and an initial session dictionary is generated according to the session record with the receiver of the message to be transmitted within a preset time period.
  • the device further includes: a verification module, coupled to the first acquisition module, configured to determine whether the initial session dictionary matches the initial conversation dictionary of the recipient of the message to be sent; wherein, in the case that the determination result is a match, The module can be followed; otherwise, the first acquisition module 80 is returned to reacquire the initial session dictionary.
  • a verification module coupled to the first acquisition module, configured to determine whether the initial session dictionary matches the initial conversation dictionary of the recipient of the message to be sent; wherein, in the case that the determination result is a match, The module can be followed; otherwise, the first acquisition module 80 is returned to reacquire the initial session dictionary.
  • the first update module and/or the second update module are set to one of: updating the initial session dictionary in real time; updating the initial session dictionary according to the dictionary update instruction.
  • a preferred embodiment of the present invention also provides an extension tool for a real-time communication tool for providing data protection for a server-client structured communication tool.
  • the extension tool A acts on the communication tool A
  • the extension tool B acts on the communication tool B, where the communication tool can be different from the communication terminal in the embodiment of the present invention.
  • the extension tool in the preferred embodiment of the present invention is used for monitoring the input and output interface and the communication port of the communication tool; the extension tool obtains the address of the opposite end and performs interactive confirmation information to the peer extension tool. If the confirmation is successful, the extension tool bypasses the server. Directly negotiate dictionary information with the peer extension tool.
  • the communication tool A starts the information input
  • the extension tool A intercepts the input information for encoding, and sends the encoded message to the input interface of the communication tool.
  • the communication tool B receives the information
  • the extension tool B intercepts the output, performs decoding, and then sends the decoded message to the output interface.
  • the extension tools can communicate directly around the server.
  • the extension tool can provide a dictionary file input function to input a matching file preset at both ends of the communication as a conversation dictionary.
  • Figure 9 provides an example of a workflow for a preferred embodiment of the present invention for use in the expansion of communication tools for communication tools that use point-to-point connections.
  • Terminal A and Terminal B shown in FIG. 9 are existing communication tools, and Plugin A and Plugin B are extension tools of a preferred embodiment of the present invention, in which Plugin A acts on Terminal A and Plugin B acts on Terminal B.
  • Phase 1 shown in Figure 9 is an initialization process for the extension tool to find the peer node for subsequent P2P sessions.
  • Phase 2 is a dictionary negotiation between extension tools, which can be used to generate an initial session dictionary and subsequent dictionary updates, and the process is similar to the steps S601 to S603 shown in FIG. 6.
  • Phase3 is the information transmission phase.
  • the Phase1 process is as follows:
  • the extension tool monitors the network interface and the input and output interfaces of the communication tool, assuming that the communication tool A is the main character and the communication tool B is the called party.
  • Step S901 the communication tools A and B are registered on the server;
  • Step S902 the communication tool A wants the server to query the status of the communication tool B;
  • Step S903 the extension tool A acquires the state of the communication tool B by monitoring the communication tool A, including the communication address;
  • Phase 2 phase extension tool A initiates dictionary negotiation.
  • the Phase 3 phase process is as follows:
  • Step S904 When the extension tool A intercepts the input information of the communication tool A, encodes the information
  • Step S905 the extension tool A transmits the encoded information to the input interface of the communication tool A;
  • Step S906 When the communication tool A sends the encoded information to the communication tool B via the point-to-point connection;
  • Step S907 or when the communication tool A forwards the encoded information to the communication tool B via the server;
  • Step S908 the extension tool B listens to the information received by the communication tool B, intercepts the output, and decodes the information
  • Step S909 The extension tool B transmits the decoded information to the output interface of the communication tool B and outputs it.
  • Figure 10 provides another workflow example for a preferred embodiment of the present invention for use in the expansion of communication tools, suitable for use with communication tools without point-to-point connections, such as the topology shown in Figure 3.
  • Terminal A and Terminal B shown in Fig. 10 are existing communication tools
  • Plugin A and Plugin B are extension tools of a preferred embodiment of the present invention, in which Plugin A acts on Terminal A and Plugin B acts on Terminal B.
  • Phase 1 shown in Figure 10 is an initialization process used by the extension tool to find the peer node for subsequent sessions between extension tools.
  • Phase 2 is a dictionary negotiation between extension tools, which can be used to generate an initial session dictionary and subsequent dictionary updates, and the process is similar to the steps S601 to S603 shown in FIG. 6.
  • Phase 3 is an information transmission phase similar to steps S905 to S909 of the example shown in FIG. The following mainly describes the process of the Phase1 phase:
  • the extension tool monitors the network interface and the input and output interfaces of the communication tool, assuming that the communication tool A is the main character and the communication tool B is the called party.
  • Step S1001 the communication tool is registered on the server, and the opposite end is found;
  • Step S1002 the extension tool detects that the network status of the communication tool changes, that is, starts detecting the local communication address;
  • Step S1003 the extension tool A sends the local communication address to the communication tool B through the communication tool A;
  • Step S1004 the extension tool B intercepts the message received by the communication tool B, and extracts the communication address of the communication tool A;
  • Step S1005 the extension tool B sends the local communication address to the communication tool A through the communication tool B;
  • Step S1006 at the same time, the extension tool B initiates a connection to the extension tool A;
  • step S1007 the extension tool A intercepts the message received by the communication tool A, extracts the communication address of the communication tool B, and after confirming, matches the source address connected in step S1006, and then receives the request, otherwise rejects the connection.
  • the dictionary interaction and information transmission are done in different ways, and the server is encoded information, even if it is stored by the server, it will not reveal private information, which is a very safe method. .
  • each of the above modules may be implemented by software or hardware.
  • the foregoing may be implemented by, but not limited to, the foregoing modules are all located in the same processor; or, the modules are located in multiple In the processor.
  • Embodiments of the present invention also provide a software for performing the technical solutions described in the above embodiments and preferred embodiments.
  • Embodiments of the present invention also provide a storage medium.
  • the above storage medium may be configured to store program code for performing the following steps:
  • S1 obtaining an initial session dictionary, wherein the first message unit exists in the initial session dictionary, and corresponds to a dictionary pointer of the initial session dictionary, the dictionary pointer includes: a starting position of the first message unit in the initial session dictionary with The length of the first message unit;
  • S4 Send a message to be sent, and update an initial session dictionary according to a preset policy, where updating the initial session dictionary includes: adding a second message unit to the initial session dictionary to obtain a dictionary pointer of the second message unit.
  • the foregoing storage medium may include, but not limited to, a USB flash drive, a Read-Only Memory (ROM), a Random Access Memory (RAM), a mobile hard disk, and a magnetic memory.
  • ROM Read-Only Memory
  • RAM Random Access Memory
  • a mobile hard disk e.g., a hard disk
  • magnetic memory e.g., a hard disk
  • the above embodiments and preferred embodiments of the present invention provide an enhanced message encryption transmission method that uses the sliding window mechanism in the data compression algorithm to ensure private data security.
  • the above scheme can be used independently as a message transmission method or provide secondary encryption for existing communication tools, thereby providing higher security on the basis of current popular real-time communication and providing further privacy protection for existing tools.
  • the existing security protocols themselves provide data validation and certain data compression capabilities, but there are still many security risks.
  • the present invention provides a private data security method by using the above embodiments and preferred embodiments, and data integrity can be ensured by a transport layer protocol; although the compression coding principle is used in the above embodiment, the purpose is not compression, due to use.
  • the encoding process of compression coding is a continuous process.
  • the coding dictionary is a sliding window with high uncertainty, so that a single encoded data segment can not be cracked, and it has higher security in real-time communication.
  • modules or steps of the present invention described above can be implemented by a general-purpose computing device that can be centralized on a single computing device or distributed across a network of multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device such that they may be stored in the storage device by the computing device and, in some cases, may be different from the order herein.
  • the steps shown or described are performed, or they are separately fabricated into individual integrated circuit modules, or a plurality of modules or steps thereof are fabricated as a single integrated circuit module.
  • the invention is not limited to any specific combination of hardware and software.
  • an initial session dictionary is acquired, wherein the initial session dictionary includes a first message unit and a dictionary pointer of the first message unit; and the acquisition is composed of the first message unit and/or the second message unit.
  • a dictionary pointer formed by the information unit and/or a message to be sent formed by the second message unit; the message to be sent is sent, and the initial session dictionary is updated according to a preset policy, wherein updating the initial session dictionary includes: adding the second message unit to the initial session dictionary
  • the method of obtaining the dictionary pointer of the second message unit solves the problem that the real-time communication encryption has low security and improves the security of real-time communication.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Compression, Expansion, Code Conversion, And Decoders (AREA)
  • Computer And Data Communications (AREA)

Abstract

Provided are a message transmission method and apparatus. The method comprises: acquiring an initial session dictionary; acquiring a message to be encoded, which is constituted by a first message unit and/or a second message unit; according to the initial session dictionary, performing compressed encoding on the first message unit of the message to be encoded, and obtaining a message to be sent, which is constituted by a dictionary pointer of the first message unit and/or the second message unit; and sending the message to be sent, and updating the initial session dictionary according to a pre-set policy, wherein updating the initial session dictionary comprises: adding the second message unit to the initial session dictionary, and obtaining a dictionary pointer of the second message unit. By means of the present invention, the problem of low security of real-time communication encryption is solved, and the security of real-time communication is improved.

Description

消息传输方法和装置Message transmission method and device 技术领域Technical field
本发明涉及通信领域,具体而言,涉及一种消息传输方法和装置。The present invention relates to the field of communications, and in particular to a message transmission method and apparatus.
背景技术Background technique
随着移动通信业务及社交网络的发展和普及,各种实时通信业务的使用也越来越多,在此环境下通信安全是一个无法避开的话题。With the development and popularization of mobile communication services and social networks, the use of various real-time communication services is also increasing. Communication security in this environment is an unavoidable topic.
通信中可能使用到的加密算法分为两大类,一类为对称加密,一类为非对称加密。对称加密又称私钥加密、共享密钥加密;非对称加密有称公开密钥加密。The encryption algorithms that may be used in communication are divided into two categories, one is symmetric encryption and the other is asymmetric encryption. Symmetric encryption is also called private key encryption and shared key encryption; asymmetric encryption is called public key encryption.
对称加密算法在加密和解密时使用相同的密钥,或是使用两个可以简单地相互推算的密钥,这组密钥在两个或多个成员间共享,以便维持专属的通讯联系。与公开密钥加密相比,要求双方取得相同的密钥是对称密钥加密的主要缺点之一,优点是比公钥加密快很多。常见的对称加密算法有DES、3DES、AES、Blowfish、IDEA、RC5、RC6。A symmetric encryption algorithm uses the same key for encryption and decryption, or two keys that can be easily extrapolated from each other. This set of keys is shared between two or more members to maintain a proprietary communication link. Compared with public key encryption, requiring both parties to obtain the same key is one of the main drawbacks of symmetric key encryption. The advantage is that it is much faster than public key encryption. Common symmetric encryption algorithms are DES, 3DES, AES, Blowfish, IDEA, RC5, and RC6.
非对称加密需要一对密钥,一是个私人密钥,另一个则是公开密钥。这两个密钥是数学相关,用某用户密钥加密后所得的信息,只能用该用户的解密密钥才能解密。如果知道了其中一个,并不能计算出另外一个。因此如果公开了一对密钥中的一个,并不会危害到另外一个的秘密性质。与对称密钥加密相比,优点在于无需共享的通用密钥,解密的私钥不发往任何用户。即使公钥在网上被截获,如果没有与其匹配的私钥,也无法解密,所截获的公钥是没有任何用处的。常见的公钥加密算法有:RSA、ElGamal、椭圆曲线加密算法。Asymmetric encryption requires a pair of keys, one is a private key and the other is a public key. These two keys are mathematically related. The information obtained by encrypting with a user key can only be decrypted by using the decryption key of the user. If you know one of them, you can't figure out another one. Therefore, if one of a pair of keys is disclosed, it does not endanger the secret nature of the other. Compared with symmetric key encryption, the advantage is that there is no need to share a common key, and the decrypted private key is not sent to any user. Even if the public key is intercepted on the Internet, if there is no private key matching it, it cannot be decrypted, and the intercepted public key is of no use. Common public key encryption algorithms are: RSA, ElGamal, elliptic curve encryption algorithm.
公钥系统通常为主从架构,常用的传递证书的方法为SSL/TLS协议,数字证书等,但对于常用的网络通信工具来说不会使用这种方法。Public key systems are usually master-slave architectures. Common methods for passing certificates are SSL/TLS protocols, digital certificates, etc., but this method is not used for common network communication tools.
关于部分实时通信工具,其加密安全相关情况如下:Regarding some real-time communication tools, the encryption security related conditions are as follows:
1、不加密的,如MSN;1, not encrypted, such as MSN;
2、大部分主流软件采用的是服务器-客户端模式,一方面是使用对称加密,另一方面消息传输会经过服务器存储,无法保证私有数据安全,如QQ、Skype;2. Most of the mainstream software adopts the server-client mode. On the one hand, it uses symmetric encryption. On the other hand, the message transmission will be stored by the server, and private data security cannot be guaranteed, such as QQ and Skype.
3、也有通过基于公钥的算法如利用SSL/TLS协议进行加密的,但目前这些协议已经不再安全;3. There are also public key-based algorithms such as encryption using the SSL/TLS protocol, but these protocols are no longer secure;
4、以当前发展情况来看,实时通信会进一步偏向P2P(点对点)模式,消息传输不经过服务器,在此情况下,虽然信息不会在服务器上存储,但又多了一分被攻击者截获的可能。4. According to the current development situation, real-time communication will be further biased towards P2P (peer-to-peer) mode, and message transmission will not pass through the server. In this case, although the information will not be stored on the server, one more point is intercepted by the attacker. Possible.
针对相关技术中实时通信加密存在安全性低的问题,目前尚未提出有效的解决方案。 Aiming at the problem that the real-time communication encryption in the related art has low security, an effective solution has not been proposed yet.
发明内容Summary of the invention
为了解决上述技术问题,本发明实施例提供了一种消息传输方法和装置。In order to solve the above technical problem, an embodiment of the present invention provides a message transmission method and apparatus.
根据本发明实施例的一个方面,提供了一种消息传输方法,包括:获取初始会话字典,其中,第一消息单元存在于所述初始会话字典中,并一一对应于所述初始会话字典的一个字典指针,字典指针包括:所述第一消息单元在所述初始会话字典中的起始位置和所述第一消息单元的长度;获取由所述第一消息单元和/或第二消息单元构成的待编码消息;根据所述初始会话字典,对所述待编码消息的所述第一消息单元进行压缩编码,得到由所述第一消息单元的字典指针和/或所述第二消息单元构成的待发送消息;发送所述待发送消息,并根据预设策略更新所述初始会话字典,其中,更新所述初始会话字典包括:添加所述第二消息单元至所述初始会话字典,得到所述第二消息单元的字典指针。According to an aspect of the embodiments of the present invention, a message transmission method is provided, including: acquiring an initial session dictionary, wherein a first message unit exists in the initial session dictionary and corresponds to the initial session dictionary one by one a dictionary pointer comprising: a starting position of the first message unit in the initial session dictionary and a length of the first message unit; obtaining by the first message unit and/or the second message unit a message to be encoded, according to the initial session dictionary, compressing and encoding the first message unit of the message to be encoded, to obtain a dictionary pointer and/or the second message unit of the first message unit Forming a to-be-sent message; sending the to-be-sent message, and updating the initial session dictionary according to a preset policy, wherein updating the initial session dictionary comprises: adding the second message unit to the initial session dictionary, A dictionary pointer of the second message unit.
优选地,在获取所述初始会话字典之后,所述方法还包括:接收由所述第一消息单元的字典指针和/或第三消息单元构成的待解码消息;根据所述初始会话字典和所述第一消息单元的字典指针,解压缩所述待解码消息,得到由所述第一消息单元和/或所述第三消息单元构成的解码消息;根据所述预设策略更新所述初始会话字典,其中,更新所述初始会话字典包括:添加所述第三消息单元至所述初始会话字典,得到所述第三消息单元的字典指针。Preferably, after acquiring the initial session dictionary, the method further comprises: receiving a message to be decoded composed of a dictionary pointer and/or a third message unit of the first message unit; according to the initial session dictionary and a dictionary pointer of the first message unit, decompressing the to-be-decoded message, obtaining a decoded message composed of the first message unit and/or the third message unit; updating the initial session according to the preset policy a dictionary, wherein updating the initial session dictionary comprises: adding the third message unit to the initial session dictionary to obtain a dictionary pointer of the third message unit.
优选地,获取所述初始会话字典包括以下之一的方式:通过点对点的安全通信,与所述待发送消息的接收方协商或者交换所述初始会话字典;通过加载配置文件的方式,获取所述初始会话字典;通过对常用字符字库编码的随机生成并与所述待发送消息的接收方进行协商交织复合,得到所述初始会话字典;根据与所述待发送消息的接收方在预设时间段内的会话记录,生成所述初始会话字典。Preferably, the obtaining the initial session dictionary includes one of the following methods: negotiating with the recipient of the to-be-sent message or exchanging the initial session dictionary through peer-to-peer secure communication; acquiring the method by loading a configuration file An initial session dictionary; the initial session dictionary is obtained by randomly generating and encoding a common character font encoding and performing negotiation and interleaving with the receiver of the to-be-sent message; according to a preset period of time with the receiver of the to-be-sent message The session record within, generating the initial session dictionary.
优选地,在获取所述初始会话字典之后,所述方法还包括:判断所述初始会话字典与所述待发送消息的接收方的初始会话字典是否匹配;在判断结果为匹配的情况下,执行后续步骤;否则,重新获取所述初始会话字典。Preferably, after acquiring the initial session dictionary, the method further comprises: determining whether the initial session dictionary matches an initial session dictionary of a receiver of the to-be-sent message; and if the determination result is a match, performing Subsequent steps; otherwise, the initial session dictionary is reacquired.
优选地,根据所述预设策略更新所述初始会话字典包括以下之一的方式:实时更新所述初始会话字典;根据字典更新指令,更新所述初始会话字典。Preferably, updating the initial session dictionary according to the preset policy comprises one of: updating the initial session dictionary in real time; updating the initial session dictionary according to a dictionary update instruction.
根据本发明实施例的另一个方面,还提供了一种消息传输装置,包括:第一获取模块,设置为获取初始会话字典,其中,第一消息单元存在于所述初始会话字典中,并一一对应于所述初始会话字典的一个字典指针,字典指针包括:所述第一消息单元在所述初始会话字典中的起始位置和所述第一消息单元的长度;第二获取模块,设置为获取由所述第一消息单元和/或第二消息单元构成的待编码消息;编码模块,设置为根据所述初始会话字典,对所述待编码消息的所述第一消息单元进行压缩编码,得到由所述第一消息单元的字典指针和/或所述第二消息单元构成的待发送消息;发送模块,设置为发送所述待发送消息;第一更新模块,设置为根据预设策略更新所述初始会话字典,其中,更新所述初始会话字典包括:添加所述第二消息单元至所述初始会话字典,得到所述第二消息单元的字典指针。 According to another aspect of the present invention, a message transmission apparatus is further provided, including: a first obtaining module, configured to acquire an initial session dictionary, wherein a first message unit exists in the initial session dictionary, and a dictionary pointer corresponding to the initial session dictionary, the dictionary pointer includes: a starting position of the first message unit in the initial session dictionary and a length of the first message unit; a second acquiring module, setting To obtain a message to be encoded which is composed of the first message unit and/or the second message unit; the encoding module is configured to perform compression coding on the first message unit of the message to be encoded according to the initial session dictionary Obtaining a to-be-sent message formed by the dictionary pointer of the first message unit and/or the second message unit; the sending module is configured to send the to-be-sent message; the first update module is set to be according to a preset policy Updating the initial session dictionary, wherein updating the initial session dictionary comprises: adding the second message unit to the initial session word To give the dictionary of the second message unit pointer.
优选地,所述装置还包括:接收模块,设置为接收由所述第一消息单元的字典指针和/或第三消息单元构成的待解码消息;解码模块,设置为根据所述初始会话字典和所述第一消息单元的字典指针,解压缩所述待解码消息,得到由所述第一消息单元和/或所述第三消息单元构成的解码消息;第二更新模块,设置为根据所述预设策略更新所述初始会话字典,其中,更新所述初始会话字典包括:添加所述第三消息单元至所述初始会话字典,得到所述第三消息单元的字典指针。Advantageously, the apparatus further comprises: a receiving module configured to receive a message to be decoded consisting of a dictionary pointer and/or a third message unit of the first message unit; a decoding module configured to be based on the initial session dictionary and a dictionary pointer of the first message unit, decompressing the to-be-decoded message, to obtain a decoded message composed of the first message unit and/or the third message unit; and a second update module, configured to The preset policy updates the initial session dictionary, wherein updating the initial session dictionary comprises: adding the third message unit to the initial session dictionary to obtain a dictionary pointer of the third message unit.
优选地,所述第一获取模块设置为以下之一:通过点对点的安全通信,与所述待发送消息的接收方协商或者交换所述初始会话字典;通过加载配置文件的方式,获取所述初始会话字典;通过对常用字符字库编码的随机生成并与所述待发送消息的接收方进行协商交织复合,得到所述初始会话字典;根据与所述待发送消息的接收方在预设时间段内的会话记录,生成所述初始会话字典。Preferably, the first obtaining module is configured to: negotiate with the receiver of the to-be-sent message or exchange the initial session dictionary through peer-to-peer secure communication; acquire the initial by loading a configuration file a session dictionary; the initial session dictionary is obtained by randomly generating and encoding the common character font encoding and performing negotiation and interleaving with the receiver of the to-be-sent message; according to the receiver with the to-be-sent message, within a preset time period The session record, the initial session dictionary is generated.
优选地,所述装置还包括:校验模块,设置为判断所述初始会话字典与所述待发送消息的接收方的初始会话字典是否匹配;其中,在判断结果为匹配的情况下,使能后续模块;否则,返回所述第一获取模块以重新获取所述初始会话字典。Preferably, the apparatus further includes: a verification module, configured to determine whether the initial session dictionary matches an initial conversation dictionary of a receiver of the to-be-sent message; wherein, if the determination result is a match, enabling Subsequent modules; otherwise, returning to the first acquisition module to reacquire the initial session dictionary.
优选地,所述第一更新模块和/或所述第二更新模块设置为以下之一:实时更新所述初始会话字典;根据字典更新指令,更新所述初始会话字典。Preferably, the first update module and/or the second update module are set to one of: updating the initial session dictionary in real time; updating the initial session dictionary according to a dictionary update instruction.
通过本发明实施例,采用获取初始会话字典,其中,初始会话字典包括第一消息单元和第一消息单元的字典指针;获取由第一消息单元和/或第二消息单元构成的待编码消息;根据初始会话字典,对待编码消息的第一消息单元进行压缩编码,得到由第一消息单元的字典指针和/或第二消息单元构成的待发送消息;发送待发送消息,并根据预设策略更新初始会话字典,其中,更新初始会话字典包括:添加第二消息单元至初始会话字典,得到第二消息单元的字典指针的方式,解决了实时通信加密存在安全性低的问题,提高了实时通信的安全性。According to an embodiment of the present invention, an initial session dictionary is acquired, where the initial session dictionary includes a first message unit and a dictionary pointer of the first message unit; and a message to be encoded composed of the first message unit and/or the second message unit is acquired; Decoding, according to the initial session dictionary, the first message unit of the coded message, to obtain a to-be-sent message formed by the dictionary pointer and/or the second message unit of the first message unit; sending a to-be-sent message, and updating according to a preset policy An initial session dictionary, wherein updating the initial session dictionary comprises: adding a second message unit to the initial session dictionary, obtaining a dictionary pointer of the second message unit, solving the problem that the real-time communication encryption has low security, and improving real-time communication safety.
附图说明DRAWINGS
此处所说明的附图用来提供对本发明的进一步理解,构成本申请的一部分,本发明的示意性实施例及其说明用于解释本发明,并不构成对本发明的不当限定。在附图中:The drawings described herein are intended to provide a further understanding of the invention, and are intended to be a part of the invention. In the drawing:
图1是根据本发明实施例的消息传输方法的流程图;1 is a flow chart of a message transmission method according to an embodiment of the present invention;
图2是根据本发明优选实施例的编码示意图;2 is a schematic diagram of encoding in accordance with a preferred embodiment of the present invention;
图3是根据本发明优选实施例的主从结构通信模型拓扑结构示意图;3 is a schematic diagram of a topology structure of a master-slave structure communication model according to a preferred embodiment of the present invention;
图4是根据本发明优选实施例的离散结构通信模型拓扑结构示意图;4 is a schematic diagram of a topology structure of a discrete structure communication model in accordance with a preferred embodiment of the present invention;
图5是根据本发明优选实施例的点对点结构通信模型拓扑结构示意图;5 is a schematic diagram of a topology structure of a point-to-point structure communication model according to a preferred embodiment of the present invention;
图6是根据本发明优选实施例的通信终端基本会话流程图; 6 is a flow chart of a basic session of a communication terminal in accordance with a preferred embodiment of the present invention;
图7是根据本发明优选实施例的异步字典更新流程图;7 is a flowchart of an asynchronous dictionary update in accordance with a preferred embodiment of the present invention;
图8是根据本发明实施例的消息传输装置的结构示意图;FIG. 8 is a schematic structural diagram of a message transmission apparatus according to an embodiment of the present invention; FIG.
图9是根据本发明优选实施例的通信扩展工具的工作流程图,适用于图3、图5所示拓扑结构;9 is a flowchart showing the operation of the communication extension tool according to a preferred embodiment of the present invention, which is applicable to the topology shown in FIG. 3 and FIG. 5;
图10是根据本发明优选实施例的通信扩展工具的另一工作流程图,适用于图4、图5所示拓扑结构。FIG. 10 is another operational flowchart of a communication extension tool according to a preferred embodiment of the present invention, which is applicable to the topology shown in FIG. 4 and FIG.
具体实施方式detailed description
下文中将参考附图并结合实施例来详细说明本发明。需要说明的是,在不冲突的情况下,本申请中的实施例及实施例中的特征可以相互组合。The invention will be described in detail below with reference to the drawings in conjunction with the embodiments. It should be noted that the embodiments in the present application and the features in the embodiments may be combined with each other without conflict.
需要说明的是,本发明的说明书和权利要求书及上述附图中的术语“第一”、“第二”等是用于区别类似的对象,而不必用于描述特定的顺序或先后次序。It is to be understood that the terms "first", "second" and the like in the specification and claims of the present invention are used to distinguish similar objects, and are not necessarily used to describe a particular order or order.
本发明实施例中采用的压缩编码为字典编码,例如LZ系列编码。其中,以相关技术中的LZ77编码为例,在压缩编码时,通过使用编码器或者解码器中已经出现过的相应匹配数据信息替换当前数据从而实现压缩功能。这个匹配信息使用称为“长度-距离对”的一对数据进行编码,它等同于“每个给定长度个字符都等于后面特定距离字符位置上的未压缩数据流”。编码器和解码器都保存一定数量的最近的数据,如最近2千字节(KB)、4KB或者32KB的数据。保存这些数据的结构叫作滑动窗口,因此LZ77有时也称作滑动窗口压缩。编码器保存这个数据查找匹配数据,解码器保存这个数据解释编码器所指代的匹配数据。所以编码器可以使用一个比解码器更小的滑动窗口,但是反过来却不行。The compression coding employed in the embodiments of the present invention is a dictionary code, such as an LZ series code. Wherein, the LZ77 encoding in the related art is taken as an example. In compression encoding, the compression function is implemented by replacing the current data with corresponding matching data information that has appeared in the encoder or the decoder. This matching information is encoded using a pair of data called a "length-distance pair" which is equivalent to "each character of a given length is equal to the uncompressed data stream at a subsequent specific distance character position". Both the encoder and the decoder hold a certain amount of the most recent data, such as the last 2 kilobytes (KB), 4 KB, or 32 KB of data. The structure that holds these data is called a sliding window, so LZ77 is sometimes called sliding window compression. The encoder saves this data to find the matching data, and the decoder saves the data to interpret the matching data pointed to by the encoder. So the encoder can use a smaller sliding window than the decoder, but the reverse is not.
在本发明实施例中应用的字典编码方式对相关技术中的压缩编码进行了改进,从而使之适用于实时通信的加密传输:在实时通信两端生成相同的编码字典,后续输入的数据将优先查找编码字典:如可以在字典中匹配到该数据,则将该数据以字典中的位置和长度等进行替换,如无法在字典中匹配到该数据,则将该数据加入到字典中。因为此字典是实时更新的,在没有初始编码字典的情况下,数据无法进行解码。The dictionary encoding method applied in the embodiment of the present invention improves the compression encoding in the related art, thereby making it suitable for encrypted transmission of real-time communication: generating the same encoding dictionary at both ends of the real-time communication, and the subsequent input data will be prioritized. Find the encoding dictionary: If the data can be matched in the dictionary, the data is replaced with the position and length in the dictionary, etc. If the data cannot be matched in the dictionary, the data is added to the dictionary. Because this dictionary is updated in real time, the data cannot be decoded without the initial encoding dictionary.
本发明实施例提供了一种消息传输方法,图1是根据本发明实施例的消息传输方法的流程图,如图1所示,该流程包括如下步骤:The embodiment of the present invention provides a message transmission method. FIG. 1 is a flowchart of a message transmission method according to an embodiment of the present invention. As shown in FIG. 1 , the process includes the following steps:
步骤S102,获取初始会话字典,其中,第一消息单元存在于初始会话字典中,并一一对应于初始会话字典的一个字典指针,字典指针包括:第一消息单元在初始会话字典中的起始位置和第一消息单元的长度;Step S102: Acquire an initial session dictionary, where the first message unit exists in the initial session dictionary and corresponds to a dictionary pointer of the initial session dictionary, and the dictionary pointer includes: a start of the first message unit in the initial session dictionary. The location and the length of the first message unit;
步骤S104,获取由第一消息单元和/或第二消息单元构成的待编码消息;Step S104: Acquire a message to be encoded that is composed of the first message unit and/or the second message unit.
步骤S106,根据初始会话字典,对待编码消息的第一消息单元进行压缩编码,得到由第一消息单元的字典指针和/或第二消息单元构成的待发送消息; Step S106, performing compression coding on the first message unit of the to-be-coded message according to the initial session dictionary, to obtain a to-be-sent message formed by the dictionary pointer and/or the second message unit of the first message unit;
步骤S108,发送待发送消息,并根据预设策略更新初始会话字典,其中,更新初始会话字典包括:添加第二消息单元至初始会话字典,得到第二消息单元的字典指针。Step S108: Send a message to be sent, and update an initial session dictionary according to a preset policy, where updating the initial session dictionary includes: adding a second message unit to the initial session dictionary to obtain a dictionary pointer of the second message unit.
通过上述步骤,采用字典编码方式传输消息,并且根据传输的消息更新初始会话字典。首先,在对方没有获取到初始会话字典的情况下,无法对接收到的信息进行解码;其次,即使对方通过某种途经获取了初始会话字典,由于初始会话字典会根据会话记录(例如待编码消息的第二消息单元)进行更新,因此,如果对方没有获取到之前的会话记录,同样无法获取消息明文。可见,通过上述步骤,解决了实时通信加密存在安全性低的问题,提高了实时通信的安全性。Through the above steps, the message is transmitted in a dictionary encoding manner, and the initial session dictionary is updated according to the transmitted message. First, in the case where the other party does not acquire the initial session dictionary, the received information cannot be decoded; secondly, even if the other party acquires the initial session dictionary by some way, since the initial session dictionary is based on the session record (for example, the message to be encoded) The second message unit is updated, so if the other party does not get the previous session record, the same message plaintext cannot be obtained. It can be seen that through the above steps, the problem that the real-time communication encryption has low security is solved, and the security of real-time communication is improved.
本发明实施例还提供了一种应用上述消息传输方法的通信终端,包括消息收发两端所使用的通信终端设备及/或软件。所述通信终端设备及软件在本发明实施例中统称的通信终端。The embodiment of the invention further provides a communication terminal applying the above message transmission method, which comprises a communication terminal device and/or software used at both ends of the message transmission and reception. The communication terminal device and software are collectively referred to as communication terminals in the embodiments of the present invention.
优选地,通过对上述初始会话字典的更新,使得通信终端间任意时刻T所传输的信息,均可基于时刻T之前在通信终端间已传输的所有或部分信息进行编码。Preferably, by updating the initial session dictionary, the information transmitted at any time T between the communication terminals can be encoded based on all or part of the information transmitted between the communication terminals before the time T.
优选地,在进行消息传输前,获取初始会话字典包括以下之一的方式:通过点对点的安全通信,与待发送消息的接收方协商或者交换初始会话字典;通过加载配置文件的方式,获取初始会话字典;通过对常用字符字库编码的随机生成并与待发送消息的接收方进行协商交织复合,得到初始会话字典;根据与待发送消息的接收方在预设时间段内的会话记录,生成初始会话字典。Preferably, before the message transmission is performed, acquiring the initial session dictionary includes one of the following methods: through peer-to-peer secure communication, negotiating with the receiver of the message to be sent or exchanging the initial session dictionary; and acquiring the initial session by loading the configuration file a dictionary; an initial session dictionary is obtained by randomly generating a code for encoding a common character font and negotiating and interleaving with a receiver of the message to be sent; generating an initial session according to a session record with a receiver of the message to be sent within a preset time period dictionary.
例如,通信双方的通信终端A和通信终端B可通过一个安全通道或安全途径协商或交换用于消息传输的会话字典。优选地,安全通道可以为点对点传输;安全途径和会话字典的生成还可以是在通信两端预设的匹配文件输入。For example, the communication terminal A and the communication terminal B of both communication parties can negotiate or exchange a conversation dictionary for message transmission through a secure channel or a secure path. Preferably, the secure channel may be a point-to-point transmission; the security path and the generation of the session dictionary may also be matching file inputs preset at both ends of the communication.
优选地,会话字典的生成还可以是通过在通信两端进行常用字符字库等编码的随机生成并进行协商交织复合而成;优选地,会话字典的内容可以是明文文本、二进制或十六进制数据块、或经过一定算法变换过的文本。Preferably, the generation of the conversation dictionary may be performed by randomly generating and performing negotiation and interleaving of common character fonts and the like at both ends of the communication; preferably, the content of the conversation dictionary may be plain text, binary or hexadecimal A block of data, or a text that has been transformed by a certain algorithm.
优选地,在获取初始会话字典之后,还可以接收由第一消息单元的字典指针和/或第三消息单元构成的待解码消息;根据初始会话字典和第一消息单元的字典指针,解压缩待解码消息,得到由第一消息单元和/或第三消息单元构成的解码消息;根据预设策略更新初始会话字典,其中,更新初始会话字典包括:添加第三消息单元至初始会话字典,得到第三消息单元的字典指针。通过该方式,实现了接收到的消息的解码,以及根据接收到的消息对初始会话字典的更新。通过该方式,使得收发消息可以通过字典编码实现加密传输。Preferably, after the initial session dictionary is acquired, a message to be decoded composed of a dictionary pointer and/or a third message unit of the first message unit may also be received; and the dictionary is decompressed according to the initial session dictionary and the dictionary pointer of the first message unit. Decoding the message, obtaining a decoded message composed of the first message unit and/or the third message unit; updating the initial session dictionary according to a preset policy, wherein updating the initial session dictionary comprises: adding a third message unit to the initial session dictionary, obtaining the first A dictionary pointer for three message units. In this way, decoding of the received message is achieved, as well as an update of the initial session dictionary based on the received message. In this way, the transceiving message can be encrypted and transmitted by dictionary coding.
例如,会话字典确认后,使用如下方法进行消息传输:For example, after the session dictionary is confirmed, the following method is used for message transmission:
通信终端A接收到输入的待传输消息,开始检索会话字典,如果待传输消息中的消息单元可以在会话字典中找到匹配值,则将字典中匹配单元所处的位置及长度,直接或间接的替代消息单元,作为字典指针加入到待传输消息中;如果输入消息中的消息单元无法在会话字典中找到匹配值,则将该消息单元添加到会话字典中,同时将该消息直接或间接的加入待传 输消息中。当通信终端A接收到发送指令,将待传输消息发送给通信终端B。The communication terminal A receives the input message to be transmitted, and starts to retrieve the session dictionary. If the message unit in the message to be transmitted can find a matching value in the session dictionary, the position and length of the matching unit in the dictionary are directly or indirectly The substitute message unit is added as a dictionary pointer to the message to be transmitted; if the message unit in the input message cannot find a matching value in the session dictionary, the message unit is added to the session dictionary, and the message is added directly or indirectly Pending Lose the message. When the communication terminal A receives the transmission instruction, the message to be transmitted is transmitted to the communication terminal B.
通信终端B接收到通信终端A的消息,按预设规则读取消息,如果消息片段被识别为字典指针,则查找会话字典还原消息单元,将还原后的消息单元加入到待输出消息;如果消息片段被识别为非字典指针,则按预设规则将消息片段还原,加入到待输出消息,并将还原后的消息单元加入到会话字典;如通信终端B接收到输出指令,将待输出消息输出。The communication terminal B receives the message of the communication terminal A, reads the message according to a preset rule, and if the message fragment is recognized as a dictionary pointer, searches the session dictionary to restore the message unit, and adds the restored message unit to the message to be output; if the message If the fragment is recognized as a non-dictionary pointer, the message fragment is restored according to a preset rule, added to the message to be output, and the restored message unit is added to the session dictionary; if the communication terminal B receives the output instruction, the message to be output is output. .
需要说明的是,通信终端A和通信终端B可以互换角色。It should be noted that the communication terminal A and the communication terminal B can exchange roles.
优选地,在获取初始会话字典之后,方法还包括:判断初始会话字典与待发送消息的接收方的初始会话字典是否匹配;在判断结果为匹配的情况下,执行后续步骤;否则,重新获取初始会话字典。例如,如发起一个新的会话,可检查会话记录,如存在会话记录,则可通过会话记录生成会话字典,并对两端生成的字典的特征值进行匹配,如果两端字典特征值匹配,则使用该会话字典。Preferably, after obtaining the initial session dictionary, the method further comprises: determining whether the initial session dictionary matches the initial conversation dictionary of the recipient of the message to be sent; and if the determination result is a match, performing the subsequent step; otherwise, re-acquiring the initial Conversation dictionary. For example, if a new session is initiated, the session record can be checked. If there is a session record, a session dictionary can be generated through the session record, and the feature values of the dictionary generated at both ends are matched. If the dictionary feature values at both ends match, Use this conversation dictionary.
优选地,会话字典的协商过程和消息的传输过程,均可通过加密算法和/或安全协议封装以进行额外的加密传输。Preferably, the negotiation process of the session dictionary and the transmission process of the message may be encapsulated by an encryption algorithm and/or a security protocol for additional encrypted transmission.
优选地,会话字典的协商和消息的传输,可以独立使用不同的加密及传输途径。Preferably, the negotiation of the session dictionary and the transmission of the message can independently use different encryption and transmission paths.
在本发明实施例的整个传输过程中,会话字典内容会随消息传输内容不断变化,根据设定,会话字典的大小可以是固定的,也可以是变动的。优选地,根据预设策略更新初始会话字典包括以下之一的方式:实时更新初始会话字典;根据字典更新指令,更新初始会话字典。During the entire transmission process of the embodiment of the present invention, the content of the session dictionary changes continuously with the content of the message transmission. According to the setting, the size of the session dictionary may be fixed or variable. Preferably, updating the initial session dictionary according to the preset policy comprises one of: updating the initial session dictionary in real time; and updating the initial session dictionary according to the dictionary update instruction.
优选地,字典可以通过特定的指令进行更新,比如重新排列,或变化长度。Preferably, the dictionary can be updated by specific instructions, such as rearranging, or varying lengths.
优选地,会话字典的更新可以是定期更新,也可以是随机更新。Preferably, the update of the conversation dictionary may be a periodic update or a random update.
优选地,会话字典的更新指令可以包含/隐藏在待传输消息中进行传输。比如,可以按如下方法实施:Preferably, the update command of the session dictionary may contain/hide in the message to be transmitted for transmission. For example, it can be implemented as follows:
通信终端A触发字典更新事件,将字典更新指令及参数当作一个输入消息进行编码并加入到待传输消息,通信终端A更新本地会话字典,通信终端A发送待传输消息。通信终端B接受到消息后进行解码,当读取解码内容被识别为指令时,读取指令及参数,通信终端B按指令及参数内容更新会话字典,指令内容不加入到待输出消息。The communication terminal A triggers a dictionary update event, encodes the dictionary update command and parameters as an input message and adds it to the message to be transmitted, the communication terminal A updates the local session dictionary, and the communication terminal A transmits the message to be transmitted. The communication terminal B decodes after receiving the message, and when the read decoded content is recognized as an instruction, reads the instruction and the parameter, and the communication terminal B updates the session dictionary according to the instruction and the parameter content, and the instruction content is not added to the message to be output.
优选地,为避免消息接收错误导致的字典未能正常同步,通信终端A在发送消息时可以不进行字典更新,当通信终端B接收到消息后,反馈一个接收成功的消息给通信终端A,通信终端A收到反馈后再进行字典更新。Preferably, in order to avoid the dictionary from being incorrectly synchronized due to the message receiving error, the communication terminal A may not perform the dictionary update when transmitting the message, and when the communication terminal B receives the message, it feeds back a successfully received message to the communication terminal A, and the communication Terminal A receives the feedback and then performs dictionary update.
优选地,通信终端B在收到消息后,可以反馈一个会话字典的校验值给通信终端A,通信终端A匹配本地字典的校验值,如匹配,则进行更新,如不匹配,则重新协商会话字典Preferably, after receiving the message, the communication terminal B can feed back the check value of a session dictionary to the communication terminal A, and the communication terminal A matches the check value of the local dictionary. If the match is matched, the update is performed. If no match, the communication terminal B re-matches Negotiation session dictionary
优选地,为避免时延导致的会话序列错误,可以对字典实行异步更新,通信双方通信一 定时间,或交换信息量达到一定规模之后,两端发起字典更新,通过提取当前消息之前一个窗口内的会话序列或校验码进行匹配,如匹配成功,则使用该窗口内的内容更新字典,如无法匹配,则重新匹配。Preferably, in order to avoid the conversation sequence error caused by the delay, the dictionary can be asynchronously updated, and the communication party communicates with one. After a certain time, or after the amount of exchanged information reaches a certain scale, the two ends initiate a dictionary update, and the session sequence or the check code in a window before the current message is extracted to match, and if the matching is successful, the dictionary is updated using the content in the window. If it cannot be matched, it will be re-matched.
优选地,为避免会话异常终止导致的字典同步错误,可以增加会话回朔机制,当会话重建时,通信双方根据自身存储的会话记录,回朔若干个会话窗口,将每个窗口内的内容生成校验码进行比对,当两方找到匹配的校验码,则使用该校验码对应的会话窗口内的内容生成字典,如无法找到匹配内容,则重新协商或重置为原始会话字典。Preferably, in order to avoid the dictionary synchronization error caused by the abnormal termination of the session, the session feedback mechanism may be increased. When the session is re-established, the communication parties return to the plurality of session windows according to the session record stored by the communication, and generate the content in each window. The check code is compared. When the two parties find a matching check code, the dictionary is generated using the content in the session window corresponding to the check code. If the matching content cannot be found, the original session dictionary is renegotiated or reset.
通过上述描述可知,在本发明实施例提供的消息传输方法中采用的字典编码的压缩算法相对于一般的加密算法,存在下列优势:The above description shows that the dictionary-encoded compression algorithm used in the message transmission method provided by the embodiment of the present invention has the following advantages over the general encryption algorithm:
1、通常加密算法的输入和输出都是定长,而压缩算法输入输出长度都是不定的,因为如果不知道位置和长度的指针结构,就无法知道数据在字典中匹配的长度,同时也不知道一个信息具体被分割成了几段;1. The input and output of the encryption algorithm are usually fixed length, and the input and output length of the compression algorithm are indefinite, because if you do not know the position and length of the pointer structure, you can not know the length of the data matching in the dictionary, and also Know that a message is actually divided into several paragraphs;
2、加密算法是分片加密,任何一个特定长度的加密片段都可以独立解码;而压缩算法是连续编码,丢失任何一部分,一般来说其后续部分将无法解码;2. The encryption algorithm is slice encryption. Any encrypted segment of a certain length can be decoded independently; and the compression algorithm is continuous coding, and any part is lost. Generally, the subsequent part cannot be decoded;
3、加密算法使用的密钥通常是固定的,压缩算法使用的字典是一个滑动窗口,会不断更新3. The key used by the encryption algorithm is usually fixed. The dictionary used by the compression algorithm is a sliding window and will be updated continuously.
4、加密算法的编/解码结果唯一,因此可以判断数据正确性,进一步的可通过特定方法穷举;而压缩算法的编码输出并非唯一,即便强行穷举输出也基本无法判断正确性4. The encoding/decoding result of the encryption algorithm is unique, so it can judge the correctness of the data, and further can be exhausted by a specific method; while the encoding output of the compression algorithm is not unique, even if the output is forcibly exhausted, it is basically impossible to judge the correctness.
5、压缩算法原本并不具备加密特性,但由于上述第2点的易损性特质,以及第3点的滑动窗口机制,以及第4点的不确定性特质,使得在实时消息传输的场景下具备了极高的安全性;另一方面,压缩后编码同样可以通过加密算法进行加密。5. The compression algorithm originally did not have the encryption feature, but due to the vulnerability characteristics of the second point mentioned above, and the sliding window mechanism of the third point, and the uncertainty characteristic of the fourth point, in the scene of real-time message transmission. It has a very high security; on the other hand, the compressed code can also be encrypted by an encryption algorithm.
为了使本发明实施例的描述更加清楚,下面结合优选实施例进行描述和说明。In order to make the description of the embodiments of the present invention more clear, the following description and description are given in conjunction with the preferred embodiments.
本发明优选实施例提供了一种基于压缩编码的消息传输方法,该方法可用于实时通讯。其中采用的压缩编码可以为一种或多种用于无损数据压缩的编码方式;该压缩编码具有下列特点:第一、任一时刻传输的数据,在进行解码时都依赖于该时刻之前传输的数据,因此一个时间片段内的数据无法被单独解码;第二、所传输的数据可以通过其他加密算法或安全协议进一步加密。A preferred embodiment of the present invention provides a message transmission method based on compression coding, which can be used for real-time communication. The compression coding used therein may be one or more coding modes for lossless data compression; the compression coding has the following characteristics: First, data transmitted at any time depends on the transmission before the time when decoding is performed. Data, so data within a time segment cannot be decoded separately; second, the transmitted data can be further encrypted by other encryption algorithms or security protocols.
本发明优选实施例提供的方法中,会话和编码过程如图2所示,假设通信双方为通信终端A(图2中Terminal A)和通信终端B(图2中Terminal B),双方在开始会话前先交换/协商一个用于会话的会话字典(图2中Dictionary)。为方便说明,假设初始协商生成的字典序列为201所示:HELOWARY。In the method provided by the preferred embodiment of the present invention, the session and encoding process is as shown in FIG. 2, assuming that the communication parties are communication terminal A (Terminal A in FIG. 2) and communication terminal B (Terminal B in FIG. 2), both parties start the session. Exchange/negotiate a conversation dictionary for the session (Dictionary in Figure 2). For convenience of explanation, it is assumed that the sequence of the dictionary generated by the initial negotiation is 201: HELOWARY.
当通信终端A向通信终端B发送一个消息:HELLO,通信终端A查找字典中的最大匹配字段,首先查到匹配3个字符的HEL,假设此处编码用一个字节表示字符起始位置,一个字 节表示字串长度(偏移量),那么HEL在初始字典中的编码即可表示为0x0003;然后同样找到匹配2个字符的LO,编码可表示为0x0202,因此通信终端A在编码后发给通信终端B的消息即为0x00030202。When the communication terminal A sends a message to the communication terminal B: HELLO, the communication terminal A searches for the maximum matching field in the dictionary, first finds a HEL matching three characters, assuming that the encoding here uses one byte to indicate the starting position of the character, one Word The section indicates the length of the string (offset), then the encoding of the HEL in the initial dictionary can be expressed as 0x0003; then the LO matching 2 characters is also found, and the encoding can be expressed as 0x0202, so the communication terminal A is sent after encoding. The message of communication terminal B is 0x00030202.
通信终端B在收到消息后,按照同样的原理进行解码,一次读取两个字节,一个字节为起始位置,一个字节为字串长度,然后从字典中读取内容输出。After receiving the message, the communication terminal B decodes according to the same principle, reads two bytes at a time, one byte is the starting position, one byte is the string length, and then the content output is read from the dictionary.
由于HELLO在字典中没有完整匹配项,因此将HELLOW作为新的字串添加到字典中,得到如202所示字典。Since HELLO does not have a complete match in the dictionary, HELLOW is added to the dictionary as a new string, resulting in a dictionary as shown in 202.
然后通信终端B回复消息HELLO给通信终端A,查找字典进行编码,编码后发送的消息为0x0805,由于全字符匹配,因此不用更新字典。Then, the communication terminal B replies to the message HELLO to the communication terminal A, searches the dictionary for encoding, and the message sent after the encoding is 0x0805. Since the full character matches, the dictionary is not updated.
安全性分析:假设A发送个B的消息0x00030203被攻击者截获,但攻击者并没有获取字典,即便他知道这是一个两字符的指针,也只能知道这是一个6字节内容,无法知道具体内容。而在实际的实施中,不会用如此简单的两字符指针组合,因此想要破解是不可能的。再假设初始字典被截获,并且截获到B发送给A的消息0x0806,但并没有截获到A发送给B的消息,由于第08个字节的内容是初始字典中没有的,因此不知道前面到底传输了多少内容或什么内容,因此也不能解码。Security analysis: Assume that A sends a B message 0x00030203 intercepted by the attacker, but the attacker did not get the dictionary, even if he knows that this is a two-character pointer, he can only know that this is a 6-byte content, can't know specific contents. In the actual implementation, such a simple two-character pointer combination is not used, so it is impossible to break. Suppose again that the initial dictionary is intercepted, and intercepts the message 0x0806 sent by B to A, but does not intercept the message sent by A to B. Since the content of the 08th byte is not in the initial dictionary, I don't know what the front is. How much content or content is transferred, so it cannot be decoded.
特例1:图2的字典203展示一个实时更新的编码实例,即在编码过程中更新字典。在字典202的基础上,A向B发送消息HOW ARE YOU,首先查找到H(0x0001),然后查找到OW(0x0302),由于HOW在字典中没有,加入字典,然后是空格,字典中没有,加入字典(0x1001),此时空格字符需要按照预设规则加入待传输的信息,我们这边做的简单点,就直接以ASCII码输出,当然一般要有个方法加以识别新字符,比如指定指针位置以FF开头即表示新字符,到下一个FF结束(或者指定一个随机位置值表示新字符,到下一个随机位置值结束,在实际编码时则跳过这两个位置);接下来AR(0x0502),E(0x0101),由于ARE不在字典中,加入到字典,接下来的空格前面已经加入到字典了(0x1001),但是ARE接空格的字符串并不在字典中,因此仍然把空格加入字典,然后Y(0x0701),O(0x0C01),YO不在字典中,加入字典,最后U是新字符,加入字典,U作为新字符输出。如果把新字符转换为十六进制,那么空格表示为0xFF20FF,U表示为0xFF55FF,A发送给B的信息为:0x00010302FF20FF05020101100107010301FF55FF,B在收到信息进行解码时,如果读取两个字节是FF开头即新字符,则继续读取剩余字节,一直读取到第二个FF为止,提取出新字符,加入字典。Special Case 1: The dictionary 203 of Figure 2 shows an example of a real-time updated encoding, ie the dictionary is updated during the encoding process. On the basis of the dictionary 202, A sends a message HOW ARE YOU to B, first finds H (0x0001), then finds OW (0x0302), because the HOW is not in the dictionary, joins the dictionary, then the space, the dictionary does not, Add the dictionary (0x1001). At this time, the space character needs to add the information to be transmitted according to the preset rules. The simple point we make here is directly output in ASCII code. Of course, there is usually a way to recognize new characters, such as specifying a pointer. The position starts with FF to indicate a new character, and ends with the next FF (or specifies a random position value to indicate a new character, and ends at the next random position value, skipping the two positions when actually encoding); 0x0502), E (0x0101), because ARE is not in the dictionary, added to the dictionary, the next space has been added to the dictionary (0x1001), but the string with ARE followed by the space is not in the dictionary, so the space is still added to the dictionary. , then Y (0x0701), O (0x0C01), YO is not in the dictionary, add a dictionary, and finally U is a new character, add a dictionary, U as a new character output. If the new character is converted to hexadecimal, then the space is represented as 0xFF20FF, U is represented as 0xFF55FF, and the information sent by A to B is: 0x00010302FF20FF05020101100107010301FF55FF, and when B receives the information for decoding, if the read two bytes is FF At the beginning of the new character, continue to read the remaining bytes, until the second FF is read, extract new characters, and join the dictionary.
以上情况在实际实施中发生的概率其实较小,因为在实际实施中会协商一个较大字典,如果字典以字节为最小单元,FF的组合就是256种,也就是256字节以上的字典就可以不用新字符了。The probability that the above situation occurs in the actual implementation is actually small, because in the actual implementation, a large dictionary is negotiated. If the dictionary is the smallest unit in bytes, the combination of FF is 256, that is, the dictionary of 256 bytes or more. You can use new characters instead.
由相关技术的介绍可知,字典编码也可称为滑动窗口编码,因此字典并不是无限扩展的,根据设定向后滑动才是正确的方法,比如此例中,如果设定字典大小为16字节,那么最后输出的字典应该要向后移动9个字节,此时203的字典应该如下: According to the introduction of the related art, the dictionary code can also be called sliding window coding, so the dictionary is not infinitely extended, and sliding backward according to the setting is the correct method. For example, in this example, if the dictionary size is set to 16 words Section, then the final output of the dictionary should be moved back 9 bytes, the dictionary of 203 should be as follows:
Figure PCTCN2016075238-appb-000001
Figure PCTCN2016075238-appb-000001
那么此时初始字典对攻击者就完全无效了。但是这样的话,如果用此例中的实时编码,编码输出就变得复杂,传输容错性也会很低,会产生问题,因此实际上更多的会使用后面介绍的异步更新。Then the initial dictionary is completely ineffective for the attacker. However, in this case, if the real-time encoding in this example is used, the encoding output becomes complicated, the transmission fault tolerance is also low, and problems occur, so in fact, more asynchronous updates described later are used.
本发明优选实施例所示的通信终端通常可以有以下三种工作通信结构:The communication terminal shown in the preferred embodiment of the present invention can generally have the following three types of work communication structures:
图3所示主从结构通信模型,即服务器-客户端构架,通信终端向服务器注册信息,登录至服务器后向对端通信终端ID发送消息,消息经服务器存储转发至对端。The master-slave structure communication model shown in FIG. 3, that is, the server-client architecture, the communication terminal registers information with the server, and after logging in to the server, sends a message to the peer communication terminal ID, and the message is forwarded to the peer through the server.
图4所示为离散结构通信模型,通信终端自行发现网络上的其他通信终端并直接进行通信,不需要服务器。Figure 4 shows the discrete structure communication model. The communication terminal discovers other communication terminals on the network and directly communicates without a server.
图5所示为点对点结构通信模型,通信终端通过向服务器注册或上报自身信息,同时查找其他可通信的终端,直接获取对端地址,然后直接和对端通信,会话过程信息可以不经过服务器。FIG. 5 shows a peer-to-peer structure communication model. The communication terminal obtains the peer information by registering or reporting its own information to the server, and directly obtains the peer address, and then directly communicates with the peer end, and the session process information may not pass through the server.
在实际的应用中,一个通信终端可以同时使用上面3中结构中的几种结构。In practical applications, a communication terminal can simultaneously use several of the structures in the above three structures.
本发明优选实施例的通信终端通常可独立工作在图4或图5所示拓扑结构下。此时通信终端的基本工作流程如图6所示。The communication terminal of the preferred embodiment of the present invention can generally operate independently under the topology shown in FIG. 4 or 5. At this point, the basic workflow of the communication terminal is as shown in FIG. 6.
假设通信终端A为主叫方,通信终端B为被叫方,通信过程分为两个阶段,首先阶段(Phase)1确认用于通信的初始会话字典,Phase2进行通信。其中,Phase2阶段通信终端A和B的角色可以交换。Assuming that the communication terminal A is the calling party and the communication terminal B is the called party, the communication process is divided into two phases. The first phase (Phase) 1 confirms the initial session dictionary for communication, and Phase 2 performs communication. Among them, the roles of Phase 2 communication terminals A and B can be exchanged.
步骤S601,通信终端A和B协商一个加密通道,一般为不经过服务器的直接连接;Step S601, the communication terminals A and B negotiate an encrypted channel, which is generally a direct connection without going through the server;
步骤S602,通信终端A和B通过加密通道交换或协商生成一个初始会话字典,可以使用两个通信终端本地常用字序列符合并进行随机变更序列而成,字典大小可以在一定范围内取随机值。如果不是首次通信,则可根据过往通信记录生成初始会话字典,这样在交互信息中就不会包含实际的字典信息。In step S602, the communication terminals A and B generate an initial session dictionary through the encrypted channel exchange or negotiation, and the local common word sequence of the two communication terminals can be matched and randomly changed. The dictionary size can take a random value within a certain range. If it is not the first communication, the initial session dictionary can be generated based on the past communication records, so that the actual dictionary information is not included in the interaction information.
步骤S603,初始会话字典商定后,拆除加密通道。后需通信可以重建新的加密通道。至此Phase1结束。Step S603, after the initial session dictionary is agreed, the encrypted channel is removed. After the communication is required, a new encrypted channel can be reconstructed. At this point, Phase1 ends.
步骤S604,通信终端A接收到输入端待发送消息,按图1所示编码方法进行编码;Step S604, the communication terminal A receives the message to be sent by the input terminal, and performs coding according to the coding method shown in FIG. 1;
步骤S605,通信终端A将编码后的消息发送给通信终端B; Step S605, the communication terminal A sends the encoded message to the communication terminal B;
步骤S606,通信终端B接受到消息后进行解码;Step S606, the communication terminal B performs decoding after receiving the message;
步骤S607,通信终端B将解码后的消息输出;Step S607, the communication terminal B outputs the decoded message;
步骤S608,通信终端B确认消息收到,向通信终端A发送回执或一个校验码;Step S608, the communication terminal B confirms that the message is received, and sends a receipt or a check code to the communication terminal A;
步骤S609,通信终端A收到回执后更新字典,通信终端B更新字典;Step S609, the communication terminal A updates the dictionary after receiving the receipt, and the communication terminal B updates the dictionary;
通信终端B向通信终端A发送消息也遵循步骤S601~步骤S609的步骤。The communication terminal B transmits a message to the communication terminal A also following the steps of steps S601 to S609.
图6所示流程和上面特例1所示实时更新略有不同,因为没有进行实时更新因此特例1中通信终端A的编码中第二个空格也将用新字符替代进行传输,但最终更新后的字典没有区别。The flow shown in FIG. 6 is slightly different from the real-time update shown in the above special case 1, because the real-time update is not performed, so the second space in the code of the communication terminal A in the special case 1 will be replaced by the new character, but the final update is performed. There is no difference in the dictionary.
为了更可靠的进行字典更新,可以使用如图7所示的异步更新流程。For more reliable dictionary updates, you can use the asynchronous update process shown in Figure 7.
步骤S701,触发器,触发更新流程。触发事件可以是时间、消息阀值等。Step S701, a trigger triggers an update process. The trigger event can be time, message threshold, and the like.
步骤S702,通信终端A收到输入的消息后,生成更新信号,更新信号通常为一个包含若干参数的指令,参数如字典更新规则、字典长度等;通信终端A将更新信号和接收到的输入消息按一定规则混合,并通过特定的方法界定更新信号。Step S702, after receiving the input message, the communication terminal A generates an update signal, and the update signal is usually an instruction including several parameters, such as a dictionary update rule, a dictionary length, etc.; the communication terminal A will update the signal and the received input message. Mix according to certain rules and define the update signal by a specific method.
步骤S703,通信终端A将混合后的消息进行编码;Step S703, the communication terminal A encodes the mixed message;
步骤S704,通信终端A将编码后的消息发送给通信终端B;Step S704, the communication terminal A sends the encoded message to the communication terminal B;
步骤S705,通信终端B接收到消息后进行解码;Step S705, the communication terminal B performs decoding after receiving the message;
步骤S706,通信终端B读取解码后的消息,识别更新信号界定符,将消息按特定规则分离成更新信号和待输出消息;Step S706, the communication terminal B reads the decoded message, identifies the update signal delimiter, and separates the message into an update signal and a message to be output according to a specific rule;
步骤S707,通信终端B将带输出消息输出;Step S707, the communication terminal B outputs the output message.
步骤S708,通信终端A和B按照更新信号内的参数回溯消息记录,生成消息窗口,回退若干个消息序列,每回退一个序列将消息窗口内的内容生成一个校验码,可生成若干校验码;Step S708, the communication terminals A and B record the backtracking message according to the parameters in the update signal, generate a message window, and roll back a number of message sequences, and generate a check code by generating a check code for each content in the message window, and generate a plurality of schools. Code check
步骤S709,通信终端B将校验码序列发送给通信终端A;Step S709, the communication terminal B sends a check code sequence to the communication terminal A;
步骤S710,通信终端A比对自身校验码,选择一个匹配的发送给通信终端B;Step S710, the communication terminal A compares the self-check code, selects a matching transmission to the communication terminal B;
步骤S711,通信终端A和B根据选定的校验码所对应的消息窗口内的内容对字典进行更新;Step S711, the communication terminals A and B update the dictionary according to the content in the message window corresponding to the selected check code;
使用此方法的优点在于出现通信异常或传输时延导致的双方消息序列不对等时,字典不会被更新。The advantage of using this method is that the dictionary will not be updated when there is a communication exception or a delay in the message sequence caused by the transmission delay.
通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到根据上述实施例的方 法可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件,但很多情况下前者是更佳的实施方式。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质(如ROM/RAM、磁碟、光盘)中,包括若干指令用以使得一台终端设备(可以是手机,计算机,服务器,或者网络设备等)执行本发明各个实施例的方法。Through the description of the above embodiments, those skilled in the art can clearly understand the square according to the above embodiments. The method can be implemented by means of software plus the necessary general hardware platform, of course, it can also be through hardware, but in many cases the former is a better implementation. Based on such understanding, the technical solution of the present invention, which is essential or contributes to the prior art, may be embodied in the form of a software product stored in a storage medium (such as ROM/RAM, disk, The optical disc includes a number of instructions for causing a terminal device (which may be a cell phone, a computer, a server, or a network device, etc.) to perform the methods of various embodiments of the present invention.
在本实施例中还提供了一种消息传输装置,用于实现上述实施例及优选实施方式,已经进行过说明的不再赘述,下面对该装置中涉及到的模块进行说明。如以下所使用的,术语“模块”可以实现预定功能的软件和/或硬件的组合。尽管以下实施例所描述的装置较佳地以软件来实现,但是硬件,或者软件和硬件的组合的实现也是可能并被构想的。A message transmission device is also provided in the embodiment to implement the above-mentioned embodiments and preferred embodiments. The descriptions of the modules involved in the device will be described below. As used below, the term "module" may implement a combination of software and/or hardware of a predetermined function. Although the apparatus described in the following embodiments is preferably implemented in software, hardware, or a combination of software and hardware, is also possible and contemplated.
图8是根据本发明实施例的消息传输装置的结构示意图,如图8所示,该装置包括:第一获取模块80、第二获取模块82、编码模块84、发送模块86和第一更新模块88,其中,FIG. 8 is a schematic structural diagram of a message transmission apparatus according to an embodiment of the present invention. As shown in FIG. 8, the apparatus includes: a first acquisition module 80, a second acquisition module 82, an encoding module 84, a sending module 86, and a first update module. 88, of which,
第一获取模块80,设置为获取初始会话字典,其中,第一消息单元存在于初始会话字典中,并一一对应于初始会话字典的一个字典指针,字典指针包括:第一消息单元在初始会话字典中的起始位置和第一消息单元的长度;第二获取模块82,设置为获取由第一消息单元和/或第二消息单元构成的待编码消息;编码模块84,耦合至第一获取模块80和第二获取模块82,设置为根据初始会话字典,对待编码消息的第一消息单元进行压缩编码,得到由第一消息单元的字典指针和/或第二消息单元构成的待发送消息;发送模块86,耦合至编码模块84,设置为发送待发送消息;第一更新模块88,耦合至第二获取模块82,设置为根据预设策略更新初始会话字典,其中,更新初始会话字典包括:添加第二消息单元至初始会话字典,得到第二消息单元的字典指针。The first obtaining module 80 is configured to obtain an initial session dictionary, where the first message unit exists in the initial session dictionary and corresponds to a dictionary pointer of the initial session dictionary, the dictionary pointer includes: the first message unit is in the initial session a starting position in the dictionary and a length of the first message unit; a second obtaining module 82, configured to acquire a message to be encoded consisting of the first message unit and/or the second message unit; and an encoding module 84 coupled to the first acquisition The module 80 and the second obtaining module 82 are configured to perform compression coding on the first message unit of the message to be encoded according to the initial session dictionary, to obtain a to-be-sent message formed by the dictionary pointer and/or the second message unit of the first message unit; The sending module 86 is coupled to the encoding module 84 and configured to send a message to be sent. The first updating module 88 is coupled to the second obtaining module 82, and is configured to update the initial session dictionary according to a preset policy, where updating the initial session dictionary comprises: Adding the second message unit to the initial session dictionary to obtain a dictionary pointer of the second message unit.
优选地,装置还包括:接收模块,设置为接收由第一消息单元的字典指针和/或第三消息单元构成的待解码消息;解码模块,耦合至接收模块,设置为根据初始会话字典和第一消息单元的字典指针,解压缩待解码消息,得到由第一消息单元和/或第三消息单元构成的解码消息;第二更新模块,耦合至接收模块,设置为根据预设策略更新初始会话字典,其中,更新初始会话字典包括:添加第三消息单元至初始会话字典,得到第三消息单元的字典指针。Preferably, the apparatus further comprises: a receiving module configured to receive a message to be decoded consisting of a dictionary pointer and/or a third message unit of the first message unit; a decoding module coupled to the receiving module, configured to be based on the initial session dictionary and a dictionary pointer of a message unit, decompressing the message to be decoded, to obtain a decoded message composed of the first message unit and/or the third message unit; and a second update module coupled to the receiving module, configured to update the initial session according to a preset policy a dictionary, wherein updating the initial session dictionary comprises: adding a third message unit to the initial session dictionary to obtain a dictionary pointer of the third message unit.
优选地,第一获取模块80设置为以下之一:通过点对点的安全通信,与待发送消息的接收方协商或者交换初始会话字典;通过加载配置文件的方式,获取初始会话字典;通过对常用字符字库编码的随机生成并与待发送消息的接收方进行协商交织复合,得到初始会话字典;根据与待发送消息的接收方在预设时间段内的会话记录,生成初始会话字典。Preferably, the first obtaining module 80 is configured to: negotiate with the receiver of the message to be sent or exchange the initial session dictionary through peer-to-peer secure communication; obtain the initial session dictionary by loading the configuration file; The font encoding is randomly generated and negotiated and interleaved with the receiver of the message to be sent to obtain an initial session dictionary; and an initial session dictionary is generated according to the session record with the receiver of the message to be transmitted within a preset time period.
优选地,装置还包括:校验模块,耦合至第一获取模块,设置为判断初始会话字典与待发送消息的接收方的初始会话字典是否匹配;其中,在判断结果为匹配的情况下,使能后续模块;否则,返回第一获取模块80以重新获取初始会话字典。Preferably, the device further includes: a verification module, coupled to the first acquisition module, configured to determine whether the initial session dictionary matches the initial conversation dictionary of the recipient of the message to be sent; wherein, in the case that the determination result is a match, The module can be followed; otherwise, the first acquisition module 80 is returned to reacquire the initial session dictionary.
优选地,第一更新模块和/或第二更新模块设置为以下之一:实时更新初始会话字典;根据字典更新指令,更新初始会话字典。 Preferably, the first update module and/or the second update module are set to one of: updating the initial session dictionary in real time; updating the initial session dictionary according to the dictionary update instruction.
本发明优选实施例还提供了一种用于实时通信工具的扩展工具,用于为服务器-客户端结构的通信工具提供数据保护。扩展工具A作用于通信工具A,扩展工具B作用于通信工具B,此处通信工具可与本发明实施例中的通信终端不同。A preferred embodiment of the present invention also provides an extension tool for a real-time communication tool for providing data protection for a server-client structured communication tool. The extension tool A acts on the communication tool A, and the extension tool B acts on the communication tool B, where the communication tool can be different from the communication terminal in the embodiment of the present invention.
本发明优选实施例中的扩展工具用于监控通信工具的输入输出接口及通信端口;扩展工具通过获取对端的地址,向对端扩展工具进行交互确认信息,如成功确认,则扩展工具绕过服务器直接和对端扩展工具协商字典信息。当通信工具A开始信息输入时,扩展工具A拦截输入信息进行编码,将编码后的消息送到通信工具的输入接口。当通信工具B接收到信息,扩展工具B拦截输出,进行解码,然后将解码后的消息送到输出接口。The extension tool in the preferred embodiment of the present invention is used for monitoring the input and output interface and the communication port of the communication tool; the extension tool obtains the address of the opposite end and performs interactive confirmation information to the peer extension tool. If the confirmation is successful, the extension tool bypasses the server. Directly negotiate dictionary information with the peer extension tool. When the communication tool A starts the information input, the extension tool A intercepts the input information for encoding, and sends the encoded message to the input interface of the communication tool. When the communication tool B receives the information, the extension tool B intercepts the output, performs decoding, and then sends the decoded message to the output interface.
优选地,扩展工具间可绕过服务器直接通信。Preferably, the extension tools can communicate directly around the server.
优选地,扩展工具可提供字典文件输入功能,以输入通信两端预设的匹配文件作为会话字典。Preferably, the extension tool can provide a dictionary file input function to input a matching file preset at both ends of the communication as a conversation dictionary.
图9提供了本发明优选实施例用于通信工具的扩展时的一个工作流程实例,适用于使用点对点连接的通信工具。图9所示的Terminal A和Terminal B为现有通信工具,Plugin A和Plugin B为本发明优选实施例的扩展工具,其中,Plugin A作用于Terminal A,Plugin B作用于Terminal B。Figure 9 provides an example of a workflow for a preferred embodiment of the present invention for use in the expansion of communication tools for communication tools that use point-to-point connections. Terminal A and Terminal B shown in FIG. 9 are existing communication tools, and Plugin A and Plugin B are extension tools of a preferred embodiment of the present invention, in which Plugin A acts on Terminal A and Plugin B acts on Terminal B.
图9所示Phase1是一个初始化过程,用于扩展工具查找对端节点,用于后续的P2P会话。Phase2是扩展工具间进行字典协商,可用于生成初始会话字典和后续的字典更新,其过程和图6所示步骤S601~步骤S603过程相似。Phase3是信息传输阶段。 Phase 1 shown in Figure 9 is an initialization process for the extension tool to find the peer node for subsequent P2P sessions. Phase 2 is a dictionary negotiation between extension tools, which can be used to generate an initial session dictionary and subsequent dictionary updates, and the process is similar to the steps S601 to S603 shown in FIG. 6. Phase3 is the information transmission phase.
Phase1流程如下:The Phase1 process is as follows:
扩展工具监控通信工具的网络接口和输入输出接口,假设通信工具A为主角,通信工具B为被叫。The extension tool monitors the network interface and the input and output interfaces of the communication tool, assuming that the communication tool A is the main character and the communication tool B is the called party.
步骤S901,通信工具A和B在服务器上进行注册;Step S901, the communication tools A and B are registered on the server;
步骤S902,通信工具A想服务器查询通信工具B的状态;Step S902, the communication tool A wants the server to query the status of the communication tool B;
步骤S903,扩展工具A通过监控通信工具A获取到通信工具B的状态,包括通讯地址;Step S903, the extension tool A acquires the state of the communication tool B by monitoring the communication tool A, including the communication address;
由于扩展工具是和对端扩展工具进行交互,一般得到对端通讯地址就足够了,Phase1结束;然后Phase2阶段扩展工具A发起字典协商。Since the extension tool interacts with the peer extension tool, it is generally sufficient to obtain the peer communication address, and Phase1 ends; then Phase 2 phase extension tool A initiates dictionary negotiation.
Phase3阶段流程如下:The Phase 3 phase process is as follows:
步骤S904:当扩展工具A拦截到通信工具A的输入信息,对信息进行编码;Step S904: When the extension tool A intercepts the input information of the communication tool A, encodes the information;
步骤S905:扩展工具A将编码后的信息传递给通信工具A的输入接口;Step S905: the extension tool A transmits the encoded information to the input interface of the communication tool A;
步骤S906:当通信工具A把编码后的信息,经点对点连接向通信工具B发送;Step S906: When the communication tool A sends the encoded information to the communication tool B via the point-to-point connection;
步骤S907:或当通信工具A把编码后的信息,经服务器向通信工具B转发; Step S907: or when the communication tool A forwards the encoded information to the communication tool B via the server;
步骤S908:扩展工具B监听通信工具B接收到的信息,拦截输出,把信息解码;Step S908: the extension tool B listens to the information received by the communication tool B, intercepts the output, and decodes the information;
步骤S909:扩展工具B将解码后的信息传递给通信工具B的输出接口并输出。Step S909: The extension tool B transmits the decoded information to the output interface of the communication tool B and outputs it.
图10提供了本发明优选实施例用于通信工具的扩展时的另一个工作流程实例,适用于使用无点对点连接的通信工具,如图3所示拓扑。图10所示Terminal A和Terminal B为现有通信工具,Plugin A和Plugin B为本发明优选实施例的扩展工具,其中,Plugin A作用于Terminal A,Plugin B作用于Terminal B。Figure 10 provides another workflow example for a preferred embodiment of the present invention for use in the expansion of communication tools, suitable for use with communication tools without point-to-point connections, such as the topology shown in Figure 3. Terminal A and Terminal B shown in Fig. 10 are existing communication tools, and Plugin A and Plugin B are extension tools of a preferred embodiment of the present invention, in which Plugin A acts on Terminal A and Plugin B acts on Terminal B.
图10所示Phase1是一个初始化过程,用于扩展工具查找对端节点,用于后续的扩展工具间的会话。Phase2是扩展工具间进行字典协商,可用于生成初始会话字典和后续的字典更新,其过程和图6所示步骤S601~步骤S603过程相似。Phase3是信息传输阶段,和图9所示实例的步骤S905~步骤S909步骤类似。下面主要说明Phase1阶段的流程: Phase 1 shown in Figure 10 is an initialization process used by the extension tool to find the peer node for subsequent sessions between extension tools. Phase 2 is a dictionary negotiation between extension tools, which can be used to generate an initial session dictionary and subsequent dictionary updates, and the process is similar to the steps S601 to S603 shown in FIG. 6. Phase 3 is an information transmission phase similar to steps S905 to S909 of the example shown in FIG. The following mainly describes the process of the Phase1 phase:
扩展工具监控通信工具的网络接口和输入输出接口,假设通信工具A为主角,通信工具B为被叫。The extension tool monitors the network interface and the input and output interfaces of the communication tool, assuming that the communication tool A is the main character and the communication tool B is the called party.
步骤S1001,通信工具在服务器上注册,并发现对端;Step S1001, the communication tool is registered on the server, and the opposite end is found;
步骤S1002,扩展工具检测到通信工具网络状态变化即开始检测本地通讯地址;Step S1002, the extension tool detects that the network status of the communication tool changes, that is, starts detecting the local communication address;
步骤S1003,扩展工具A将本地通讯地址通过通信工具A发送给通信工具B;Step S1003, the extension tool A sends the local communication address to the communication tool B through the communication tool A;
步骤S1004,扩展工具B拦截通信工具B收到的消息,提取出通信工具A的通讯地址;Step S1004, the extension tool B intercepts the message received by the communication tool B, and extracts the communication address of the communication tool A;
步骤S1005,扩展工具B将本地通讯地址通过通信工具B发送给通信工具A;Step S1005, the extension tool B sends the local communication address to the communication tool A through the communication tool B;
步骤S1006,同时扩展工具B向扩展工具A发起连接;Step S1006, at the same time, the extension tool B initiates a connection to the extension tool A;
步骤S1007,扩展工具A拦截通信工具A收到的消息,提取出通信工具B的通讯地址,确认后和步骤S1006连接的源地址匹配,则接收请求,否则拒绝连接。In step S1007, the extension tool A intercepts the message received by the communication tool A, extracts the communication address of the communication tool B, and after confirming, matches the source address connected in step S1006, and then receives the request, otherwise rejects the connection.
如图9和图10所示实例,其字典交互和信息传输是通过不同的途径完成,而经过服务器的都是编码过的信息,即便被服务器存储也不会泄露隐私信息,是十分安全的方法。As shown in Figure 9 and Figure 10, the dictionary interaction and information transmission are done in different ways, and the server is encoded information, even if it is stored by the server, it will not reveal private information, which is a very safe method. .
需要说明的是,上述各个模块是可以通过软件或硬件来实现的,对于后者,可以通过以下方式实现,但不限于此:上述模块均位于同一处理器中;或者,上述模块分别位于多个处理器中。It should be noted that each of the above modules may be implemented by software or hardware. For the latter, the foregoing may be implemented by, but not limited to, the foregoing modules are all located in the same processor; or, the modules are located in multiple In the processor.
本发明的实施例还提供了一种软件,该软件用于执行上述实施例及优选实施方式中描述的技术方案。Embodiments of the present invention also provide a software for performing the technical solutions described in the above embodiments and preferred embodiments.
本发明的实施例还提供了一种存储介质。在本实施例中,上述存储介质可以被设置为存储用于执行以下步骤的程序代码:Embodiments of the present invention also provide a storage medium. In this embodiment, the above storage medium may be configured to store program code for performing the following steps:
S1,获取初始会话字典,其中,第一消息单元存在于初始会话字典中,并一一对应于初始会话字典的一个字典指针,字典指针包括:第一消息单元在初始会话字典中的起始位置和 第一消息单元的长度;S1, obtaining an initial session dictionary, wherein the first message unit exists in the initial session dictionary, and corresponds to a dictionary pointer of the initial session dictionary, the dictionary pointer includes: a starting position of the first message unit in the initial session dictionary with The length of the first message unit;
S2,获取由第一消息单元和/或第二消息单元构成的待编码消息;S2. Acquire a message to be encoded that is formed by the first message unit and/or the second message unit.
S3,根据初始会话字典,对待编码消息的第一消息单元进行压缩编码,得到由第一消息单元的字典指针和/或第二消息单元构成的待发送消息;S3. Perform compression coding on the first message unit of the to-be-coded message according to the initial session dictionary, to obtain a to-be-sent message formed by the dictionary pointer and/or the second message unit of the first message unit.
S4,发送待发送消息,并根据预设策略更新初始会话字典,其中,更新初始会话字典包括:添加第二消息单元至初始会话字典,得到第二消息单元的字典指针。S4: Send a message to be sent, and update an initial session dictionary according to a preset policy, where updating the initial session dictionary includes: adding a second message unit to the initial session dictionary to obtain a dictionary pointer of the second message unit.
可选地,在本实施例中,上述存储介质可以包括但不限于:U盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、移动硬盘、磁碟或者光盘等各种可以存储程序代码的介质。Optionally, in this embodiment, the foregoing storage medium may include, but not limited to, a USB flash drive, a Read-Only Memory (ROM), a Random Access Memory (RAM), a mobile hard disk, and a magnetic memory. A variety of media that can store program code, such as a disc or a disc.
可选地,本实施例中的具体示例可以参考上述实施例及可选实施方式中所描述的示例,本实施例在此不再赘述。For example, the specific examples in this embodiment may refer to the examples described in the foregoing embodiments and the optional embodiments, and details are not described herein again.
综上所述,本发明的上述实施例和优选实施例提供了一种增强型消息加密传输方法,使用数据压缩算法中的滑动窗口机制保证私有数据安全性。上述方案可独立用作消息传输方法,或为现有通信工具提供二次加密,从而在当前流行的实时通信基础上提供更高的安全性,并可为现有工具提供进一步隐私保护。现有的安全协议本身提供了数据校验和一定的数据压缩功能,但仍有很多安全隐患。本发明通过上述实施例和优选实施例提供的是一种私有数据安全方法,而数据完整性可以由传输层协议来保证;上述实施例中虽然使用了压缩编码原理,但目的并非压缩,由于使用的压缩编码技术其编码过程是一个连续过程,编码字典是一个具有高度不确定性的滑动窗口,使得单个编码数据片段无法被破解,在实时通信中具备了更高的安全性。In summary, the above embodiments and preferred embodiments of the present invention provide an enhanced message encryption transmission method that uses the sliding window mechanism in the data compression algorithm to ensure private data security. The above scheme can be used independently as a message transmission method or provide secondary encryption for existing communication tools, thereby providing higher security on the basis of current popular real-time communication and providing further privacy protection for existing tools. The existing security protocols themselves provide data validation and certain data compression capabilities, but there are still many security risks. The present invention provides a private data security method by using the above embodiments and preferred embodiments, and data integrity can be ensured by a transport layer protocol; although the compression coding principle is used in the above embodiment, the purpose is not compression, due to use. The encoding process of compression coding is a continuous process. The coding dictionary is a sliding window with high uncertainty, so that a single encoded data segment can not be cracked, and it has higher security in real-time communication.
显然,本领域的技术人员应该明白,上述的本发明的各模块或各步骤可以用通用的计算装置来实现,它们可以集中在单个的计算装置上,或者分布在多个计算装置所组成的网络上,可选地,它们可以用计算装置可执行的程序代码来实现,从而,可以将它们存储在存储装置中由计算装置来执行,并且在某些情况下,可以以不同于此处的顺序执行所示出或描述的步骤,或者将它们分别制作成各个集成电路模块,或者将它们中的多个模块或步骤制作成单个集成电路模块来实现。这样,本发明不限制于任何特定的硬件和软件结合。It will be apparent to those skilled in the art that the various modules or steps of the present invention described above can be implemented by a general-purpose computing device that can be centralized on a single computing device or distributed across a network of multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device such that they may be stored in the storage device by the computing device and, in some cases, may be different from the order herein. The steps shown or described are performed, or they are separately fabricated into individual integrated circuit modules, or a plurality of modules or steps thereof are fabricated as a single integrated circuit module. Thus, the invention is not limited to any specific combination of hardware and software.
以上所述仅为本发明的优选实施例而已,并不用于限制本发明,对于本领域的技术人员来说,本发明可以有各种更改和变化。凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。The above description is only the preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes can be made to the present invention. Any modifications, equivalent substitutions, improvements, etc. made within the spirit and scope of the present invention are intended to be included within the scope of the present invention.
工业实用性Industrial applicability
在本发明实施例的消息传输过程中,采用获取初始会话字典,其中,初始会话字典包括第一消息单元和第一消息单元的字典指针;获取由第一消息单元和/或第二消息单元构成的待编码消息;根据初始会话字典,对待编码消息的第一消息单元进行压缩编码,得到由第一消 息单元的字典指针和/或第二消息单元构成的待发送消息;发送待发送消息,并根据预设策略更新初始会话字典,其中,更新初始会话字典包括:添加第二消息单元至初始会话字典,得到第二消息单元的字典指针的方式,解决了实时通信加密存在安全性低的问题,提高了实时通信的安全性。 In the message transmission process of the embodiment of the present invention, an initial session dictionary is acquired, wherein the initial session dictionary includes a first message unit and a dictionary pointer of the first message unit; and the acquisition is composed of the first message unit and/or the second message unit. The message to be encoded; according to the initial session dictionary, the first message unit of the message to be encoded is compression-encoded, and the first message is obtained. a dictionary pointer formed by the information unit and/or a message to be sent formed by the second message unit; the message to be sent is sent, and the initial session dictionary is updated according to a preset policy, wherein updating the initial session dictionary includes: adding the second message unit to the initial session dictionary The method of obtaining the dictionary pointer of the second message unit solves the problem that the real-time communication encryption has low security and improves the security of real-time communication.

Claims (10)

  1. 一种消息传输方法,包括:A message transmission method includes:
    获取初始会话字典,其中,第一消息单元存在于所述初始会话字典中,并一一对应于所述初始会话字典的一个字典指针,字典指针包括:所述第一消息单元在所述初始会话字典中的起始位置和所述第一消息单元的长度;Obtaining an initial session dictionary, wherein a first message unit exists in the initial session dictionary and corresponds one-to-one to a dictionary pointer of the initial session dictionary, the dictionary pointer comprising: the first message unit in the initial session a starting position in the dictionary and a length of the first message unit;
    获取由所述第一消息单元和/或第二消息单元构成的待编码消息;Acquiring a message to be encoded formed by the first message unit and/or the second message unit;
    根据所述初始会话字典,对所述待编码消息的所述第一消息单元进行压缩编码,得到由所述第一消息单元的字典指针和/或所述第二消息单元构成的待发送消息;Decoding, according to the initial session dictionary, the first message unit of the to-be-encoded message, to obtain a to-be-sent message formed by a dictionary pointer of the first message unit and/or the second message unit;
    发送所述待发送消息,并根据预设策略更新所述初始会话字典,其中,更新所述初始会话字典包括:添加所述第二消息单元至所述初始会话字典,得到所述第二消息单元的字典指针。Sending the to-be-sent message, and updating the initial session dictionary according to a preset policy, where updating the initial session dictionary includes: adding the second message unit to the initial session dictionary, and obtaining the second message unit Dictionary pointer.
  2. 根据权利要求1所述的方法,其中,在获取所述初始会话字典之后,所述方法还包括:The method of claim 1, wherein after obtaining the initial session dictionary, the method further comprises:
    接收由所述第一消息单元的字典指针和/或第三消息单元构成的待解码消息;Receiving a message to be decoded consisting of a dictionary pointer and/or a third message unit of the first message unit;
    根据所述初始会话字典和所述第一消息单元的字典指针,解压缩所述待解码消息,得到由所述第一消息单元和/或所述第三消息单元构成的解码消息;Decompressing the to-be-decoded message according to the initial session dictionary and a dictionary pointer of the first message unit, to obtain a decoded message composed of the first message unit and/or the third message unit;
    根据所述预设策略更新所述初始会话字典,其中,更新所述初始会话字典包括:添加所述第三消息单元至所述初始会话字典,得到所述第三消息单元的字典指针。Updating the initial session dictionary according to the preset policy, wherein updating the initial session dictionary comprises: adding the third message unit to the initial session dictionary to obtain a dictionary pointer of the third message unit.
  3. 根据权利要求1所述的方法,其中,获取所述初始会话字典包括以下之一的方式:The method of claim 1 wherein obtaining the initial session dictionary comprises one of:
    通过点对点的安全通信,与所述待发送消息的接收方协商或者交换所述初始会话字典;Securely communicating with the recipient of the to-be-sent message or exchanging the initial session dictionary through peer-to-peer secure communication;
    通过加载配置文件的方式,获取所述初始会话字典;Obtaining the initial session dictionary by loading a configuration file;
    通过对常用字符字库编码的随机生成并与所述待发送消息的接收方进行协商交织复合,得到所述初始会话字典;Obtaining the initial session dictionary by randomly generating a random code generated by a common character font and negotiating and interleaving with a receiver of the to-be-sent message;
    根据与所述待发送消息的接收方在预设时间段内的会话记录,生成所述初始会话字典。The initial session dictionary is generated according to a session record with a recipient of the to-be-sent message within a preset time period.
  4. 根据权利要求1所述的方法,其中,在获取所述初始会话字典之后,所述方法还包括:The method of claim 1, wherein after obtaining the initial session dictionary, the method further comprises:
    判断所述初始会话字典与所述待发送消息的接收方的初始会话字典是否匹配;Determining whether the initial session dictionary matches the initial session dictionary of the receiver of the to-be-sent message;
    在判断结果为匹配的情况下,执行后续步骤;否则,重新获取所述初始会话字典。In the case where the judgment result is a match, the subsequent steps are performed; otherwise, the initial session dictionary is re-acquired.
  5. 根据权利要求1至4中任一项所述的方法,其中,根据所述预设策略更新所述初始会话字典包括以下之一的方式: The method according to any one of claims 1 to 4, wherein updating the initial session dictionary according to the preset policy comprises one of the following:
    实时更新所述初始会话字典;Updating the initial session dictionary in real time;
    根据字典更新指令,更新所述初始会话字典。The initial session dictionary is updated according to a dictionary update instruction.
  6. 一种消息传输装置,包括:A message transmission device comprising:
    第一获取模块,设置为获取初始会话字典,其中,第一消息单元存在于所述初始会话字典中,并一一对应于所述初始会话字典的一个字典指针,字典指针包括:所述第一消息单元在所述初始会话字典中的起始位置和所述第一消息单元的长度;a first obtaining module, configured to acquire an initial session dictionary, wherein the first message unit exists in the initial session dictionary, and corresponds to a dictionary pointer of the initial session dictionary, the dictionary pointer includes: the first a starting position of the message unit in the initial session dictionary and a length of the first message unit;
    第二获取模块,设置为获取由所述第一消息单元和/或第二消息单元构成的待编码消息;a second acquiring module, configured to acquire a message to be encoded that is formed by the first message unit and/or the second message unit;
    编码模块,设置为根据所述初始会话字典,对所述待编码消息的所述第一消息单元进行压缩编码,得到由所述第一消息单元的字典指针和/或所述第二消息单元构成的待发送消息;An encoding module, configured to perform compression coding on the first message unit of the to-be-encoded message according to the initial session dictionary, to obtain a dictionary pointer and/or the second message unit of the first message unit To be sent message;
    发送模块,设置为发送所述待发送消息;a sending module, configured to send the to-be-sent message;
    第一更新模块,设置为根据预设策略更新所述初始会话字典,其中,更新所述初始会话字典包括:添加所述第二消息单元至所述初始会话字典,得到所述第二消息单元的字典指针。a first update module, configured to update the initial session dictionary according to a preset policy, where updating the initial session dictionary comprises: adding the second message unit to the initial session dictionary to obtain the second message unit Dictionary pointer.
  7. 根据权利要求6所述的装置,其中,所述装置还包括:The apparatus of claim 6 wherein said apparatus further comprises:
    接收模块,设置为接收由所述第一消息单元的字典指针和/或第三消息单元构成的待解码消息;a receiving module, configured to receive a message to be decoded that is formed by a dictionary pointer and/or a third message unit of the first message unit;
    解码模块,设置为根据所述初始会话字典和所述第一消息单元的字典指针,解压缩所述待解码消息,得到由所述第一消息单元和/或所述第三消息单元构成的解码消息;a decoding module, configured to decompress the to-be-decoded message according to the initial session dictionary and a dictionary pointer of the first message unit, to obtain a decoding composed of the first message unit and/or the third message unit Message
    第二更新模块,设置为根据所述预设策略更新所述初始会话字典,其中,更新所述初始会话字典包括:添加所述第三消息单元至所述初始会话字典,得到所述第三消息单元的字典指针。a second update module, configured to update the initial session dictionary according to the preset policy, where updating the initial session dictionary comprises: adding the third message unit to the initial session dictionary, to obtain the third message The dictionary pointer for the unit.
  8. 根据权利要求6所述的装置,其中,所述第一获取模块设置为以下之一:The apparatus of claim 6, wherein the first acquisition module is set to one of the following:
    通过点对点的安全通信,与所述待发送消息的接收方协商或者交换所述初始会话字典;Securely communicating with the recipient of the to-be-sent message or exchanging the initial session dictionary through peer-to-peer secure communication;
    通过加载配置文件的方式,获取所述初始会话字典;Obtaining the initial session dictionary by loading a configuration file;
    通过对常用字符字库编码的随机生成并与所述待发送消息的接收方进行协商交织复合,得到所述初始会话字典;Obtaining the initial session dictionary by randomly generating a random code generated by a common character font and negotiating and interleaving with a receiver of the to-be-sent message;
    根据与所述待发送消息的接收方在预设时间段内的会话记录,生成所述初始会话字典。 The initial session dictionary is generated according to a session record with a recipient of the to-be-sent message within a preset time period.
  9. 根据权利要求6所述的装置,其中,所述装置还包括:The apparatus of claim 6 wherein said apparatus further comprises:
    校验模块,设置为判断所述初始会话字典与所述待发送消息的接收方的初始会话字典是否匹配;a verification module, configured to determine whether the initial session dictionary matches an initial session dictionary of a receiver of the to-be-sent message;
    其中,在判断结果为匹配的情况下,使能后续模块;否则,返回所述第一获取模块以重新获取所述初始会话字典。Wherein, in the case that the judgment result is a match, the subsequent module is enabled; otherwise, the first acquisition module is returned to re-acquire the initial session dictionary.
  10. 根据权利要求6至9中任一项所述的装置,其中,所述第一更新模块和/或所述第二更新模块设置为以下之一:The apparatus according to any one of claims 6 to 9, wherein the first update module and/or the second update module are set to one of the following:
    实时更新所述初始会话字典;Updating the initial session dictionary in real time;
    根据字典更新指令,更新所述初始会话字典。 The initial session dictionary is updated according to a dictionary update instruction.
PCT/CN2016/075238 2015-07-21 2016-03-01 Message transmission method and apparatus WO2016177050A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510432625.XA CN106375177A (en) 2015-07-21 2015-07-21 Message transmission method and apparatus
CN201510432625.X 2015-07-21

Publications (1)

Publication Number Publication Date
WO2016177050A1 true WO2016177050A1 (en) 2016-11-10

Family

ID=57217354

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/075238 WO2016177050A1 (en) 2015-07-21 2016-03-01 Message transmission method and apparatus

Country Status (2)

Country Link
CN (1) CN106375177A (en)
WO (1) WO2016177050A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114299673A (en) * 2021-12-29 2022-04-08 建信金融科技有限责任公司 Material object management method and device, material object cabinet, computer equipment and storage medium

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107528828A (en) * 2017-07-27 2017-12-29 福建天泉教育科技有限公司 The method and terminal of a kind of compressed data
CN110740123B (en) * 2019-09-18 2021-03-09 华为技术有限公司 Data compression method and data transmission method, terminal equipment and system based on data compression method
CN110928809A (en) * 2019-11-25 2020-03-27 航天科技控股集团股份有限公司 Method for programming image data to external Flash through CAN bus

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1228887A (en) * 1996-07-24 1999-09-15 尤尼西斯公司 Data compression and decompression system with immediate dictionary updating interleaved with string search
US20080147801A1 (en) * 2006-12-18 2008-06-19 Telefonaktiebolaget Lm Ericsson (Publ) Method, communications node, and memory for dynamic dictionary updating and optimization for compression and decompression of messages
CN103078706A (en) * 2012-12-31 2013-05-01 上海宇芯科技有限公司 Dictionary query compression method and device by utilizing redundancy bits
CN103095305A (en) * 2013-01-06 2013-05-08 中国科学院计算技术研究所 System and method for hardware LZ77 compression implementation

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1228887A (en) * 1996-07-24 1999-09-15 尤尼西斯公司 Data compression and decompression system with immediate dictionary updating interleaved with string search
US20080147801A1 (en) * 2006-12-18 2008-06-19 Telefonaktiebolaget Lm Ericsson (Publ) Method, communications node, and memory for dynamic dictionary updating and optimization for compression and decompression of messages
CN103078706A (en) * 2012-12-31 2013-05-01 上海宇芯科技有限公司 Dictionary query compression method and device by utilizing redundancy bits
CN103095305A (en) * 2013-01-06 2013-05-08 中国科学院计算技术研究所 System and method for hardware LZ77 compression implementation

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114299673A (en) * 2021-12-29 2022-04-08 建信金融科技有限责任公司 Material object management method and device, material object cabinet, computer equipment and storage medium

Also Published As

Publication number Publication date
CN106375177A (en) 2017-02-01

Similar Documents

Publication Publication Date Title
CN110870250B (en) Key agreement device and method
RU2638639C1 (en) Encoder, decoder and method for encoding and encrypting input data
CN111162906B (en) Collaborative secret sharing method, device, system and medium based on vast transmission algorithm
CN111404672B (en) Quantum key distribution method and device
US7899056B2 (en) Device and method for reducing overhead in a wireless network
WO2016177050A1 (en) Message transmission method and apparatus
US8023513B2 (en) System and method for reducing overhead in a wireless network
CN111049650A (en) SM2 algorithm-based collaborative decryption method, device, system and medium
CN103957241A (en) Communication method and device based on message data
CN109474425B (en) Method for obtaining derived key with any specified length based on multiple shared keys
EP3337200A1 (en) Short message transmission and reception method and device
EP2962420A1 (en) Network device configured to derive a shared key
CN112104454A (en) Data secure transmission method and system
CN112715016A (en) Key encapsulation protocol
US10419212B2 (en) Methods, systems, apparatuses, and devices for securing network communications using multiple security protocols
CN105556890A (en) Cryptographic processing method, cryptographic system, and server
CN104869570A (en) Speaking terminal confirmation method based on language channel
CN112926075B (en) SM9 key generation method, device, equipment and storage medium
CN110417804B (en) Bidirectional identity authentication encryption communication method and system suitable for single-chip microcomputer implementation
WO2023236984A1 (en) Wireless network access method, apparatus and device, and storage medium
CN110351086B (en) Method and system for processing and transmitting encrypted information in robot group
CN113452649A (en) Secure multi-party computing method, device, system and storage medium
CN102624741A (en) TLV (Threshold Limit Value) based data transmission method and system thereof
CN109560917B (en) QKD method, device and system
Langberg et al. Beyond capacity: The joint time-rate region

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16789044

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16789044

Country of ref document: EP

Kind code of ref document: A1