WO2016177050A1 - Procédé et appareil de transmission de message - Google Patents

Procédé et appareil de transmission de message Download PDF

Info

Publication number
WO2016177050A1
WO2016177050A1 PCT/CN2016/075238 CN2016075238W WO2016177050A1 WO 2016177050 A1 WO2016177050 A1 WO 2016177050A1 CN 2016075238 W CN2016075238 W CN 2016075238W WO 2016177050 A1 WO2016177050 A1 WO 2016177050A1
Authority
WO
WIPO (PCT)
Prior art keywords
dictionary
message
initial session
message unit
session dictionary
Prior art date
Application number
PCT/CN2016/075238
Other languages
English (en)
Chinese (zh)
Inventor
钱宗文
尤岩枫
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2016177050A1 publication Critical patent/WO2016177050A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/06Message adaptation to terminal or network requirements
    • H04L51/066Format adaptation, e.g. format conversion or compression
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/04Real-time or near real-time messaging, e.g. instant messaging [IM]

Definitions

  • the present invention relates to the field of communications, and in particular to a message transmission method and apparatus.
  • Symmetric encryption is also called private key encryption and shared key encryption; asymmetric encryption is called public key encryption.
  • a symmetric encryption algorithm uses the same key for encryption and decryption, or two keys that can be easily extrapolated from each other. This set of keys is shared between two or more members to maintain a proprietary communication link. Compared with public key encryption, requiring both parties to obtain the same key is one of the main drawbacks of symmetric key encryption. The advantage is that it is much faster than public key encryption.
  • Common symmetric encryption algorithms are DES, 3DES, AES, Blowfish, IDEA, RC5, and RC6.
  • Asymmetric encryption requires a pair of keys, one is a private key and the other is a public key. These two keys are mathematically related. The information obtained by encrypting with a user key can only be decrypted by using the decryption key of the user. If you know one of them, you can't figure out another one. Therefore, if one of a pair of keys is disclosed, it does not endanger the secret nature of the other. Compared with symmetric key encryption, the advantage is that there is no need to share a common key, and the decrypted private key is not sent to any user. Even if the public key is intercepted on the Internet, if there is no private key matching it, it cannot be decrypted, and the intercepted public key is of no use. Common public key encryption algorithms are: RSA, ElGamal, elliptic curve encryption algorithm.
  • Public key systems are usually master-slave architectures. Common methods for passing certificates are SSL/TLS protocols, digital certificates, etc., but this method is not used for common network communication tools.
  • the encryption security related conditions are as follows:
  • an embodiment of the present invention provides a message transmission method and apparatus.
  • a message transmission method including: acquiring an initial session dictionary, wherein a first message unit exists in the initial session dictionary and corresponds to the initial session dictionary one by one a dictionary pointer comprising: a starting position of the first message unit in the initial session dictionary and a length of the first message unit; obtaining by the first message unit and/or the second message unit a message to be encoded, according to the initial session dictionary, compressing and encoding the first message unit of the message to be encoded, to obtain a dictionary pointer and/or the second message unit of the first message unit Forming a to-be-sent message; sending the to-be-sent message, and updating the initial session dictionary according to a preset policy, wherein updating the initial session dictionary comprises: adding the second message unit to the initial session dictionary, A dictionary pointer of the second message unit.
  • the method further comprises: receiving a message to be decoded composed of a dictionary pointer and/or a third message unit of the first message unit; according to the initial session dictionary and a dictionary pointer of the first message unit, decompressing the to-be-decoded message, obtaining a decoded message composed of the first message unit and/or the third message unit; updating the initial session according to the preset policy a dictionary, wherein updating the initial session dictionary comprises: adding the third message unit to the initial session dictionary to obtain a dictionary pointer of the third message unit.
  • the obtaining the initial session dictionary includes one of the following methods: negotiating with the recipient of the to-be-sent message or exchanging the initial session dictionary through peer-to-peer secure communication; acquiring the method by loading a configuration file An initial session dictionary; the initial session dictionary is obtained by randomly generating and encoding a common character font encoding and performing negotiation and interleaving with the receiver of the to-be-sent message; according to a preset period of time with the receiver of the to-be-sent message The session record within, generating the initial session dictionary.
  • the method further comprises: determining whether the initial session dictionary matches an initial session dictionary of a receiver of the to-be-sent message; and if the determination result is a match, performing Subsequent steps; otherwise, the initial session dictionary is reacquired.
  • updating the initial session dictionary according to the preset policy comprises one of: updating the initial session dictionary in real time; updating the initial session dictionary according to a dictionary update instruction.
  • a message transmission apparatus including: a first obtaining module, configured to acquire an initial session dictionary, wherein a first message unit exists in the initial session dictionary, and a dictionary pointer corresponding to the initial session dictionary, the dictionary pointer includes: a starting position of the first message unit in the initial session dictionary and a length of the first message unit; a second acquiring module, setting To obtain a message to be encoded which is composed of the first message unit and/or the second message unit; the encoding module is configured to perform compression coding on the first message unit of the message to be encoded according to the initial session dictionary Obtaining a to-be-sent message formed by the dictionary pointer of the first message unit and/or the second message unit; the sending module is configured to send the to-be-sent message; the first update module is set to be according to a preset policy Updating the initial session dictionary, wherein updating the initial session dictionary comprises: adding the second message unit to the initial session word To give the dictionary of the second message unit pointer.
  • the apparatus further comprises: a receiving module configured to receive a message to be decoded consisting of a dictionary pointer and/or a third message unit of the first message unit; a decoding module configured to be based on the initial session dictionary and a dictionary pointer of the first message unit, decompressing the to-be-decoded message, to obtain a decoded message composed of the first message unit and/or the third message unit; and a second update module, configured to The preset policy updates the initial session dictionary, wherein updating the initial session dictionary comprises: adding the third message unit to the initial session dictionary to obtain a dictionary pointer of the third message unit.
  • the first obtaining module is configured to: negotiate with the receiver of the to-be-sent message or exchange the initial session dictionary through peer-to-peer secure communication; acquire the initial by loading a configuration file a session dictionary; the initial session dictionary is obtained by randomly generating and encoding the common character font encoding and performing negotiation and interleaving with the receiver of the to-be-sent message; according to the receiver with the to-be-sent message, within a preset time period The session record, the initial session dictionary is generated.
  • the apparatus further includes: a verification module, configured to determine whether the initial session dictionary matches an initial conversation dictionary of a receiver of the to-be-sent message; wherein, if the determination result is a match, enabling Subsequent modules; otherwise, returning to the first acquisition module to reacquire the initial session dictionary.
  • a verification module configured to determine whether the initial session dictionary matches an initial conversation dictionary of a receiver of the to-be-sent message; wherein, if the determination result is a match, enabling Subsequent modules; otherwise, returning to the first acquisition module to reacquire the initial session dictionary.
  • the first update module and/or the second update module are set to one of: updating the initial session dictionary in real time; updating the initial session dictionary according to a dictionary update instruction.
  • an initial session dictionary is acquired, where the initial session dictionary includes a first message unit and a dictionary pointer of the first message unit; and a message to be encoded composed of the first message unit and/or the second message unit is acquired; Decoding, according to the initial session dictionary, the first message unit of the coded message, to obtain a to-be-sent message formed by the dictionary pointer and/or the second message unit of the first message unit; sending a to-be-sent message, and updating according to a preset policy
  • An initial session dictionary, wherein updating the initial session dictionary comprises: adding a second message unit to the initial session dictionary, obtaining a dictionary pointer of the second message unit, solving the problem that the real-time communication encryption has low security, and improving real-time communication safety.
  • FIG. 1 is a flow chart of a message transmission method according to an embodiment of the present invention.
  • FIG. 2 is a schematic diagram of encoding in accordance with a preferred embodiment of the present invention.
  • FIG. 3 is a schematic diagram of a topology structure of a master-slave structure communication model according to a preferred embodiment of the present invention
  • FIG. 4 is a schematic diagram of a topology structure of a discrete structure communication model in accordance with a preferred embodiment of the present invention.
  • FIG. 5 is a schematic diagram of a topology structure of a point-to-point structure communication model according to a preferred embodiment of the present invention.
  • FIG. 6 is a flow chart of a basic session of a communication terminal in accordance with a preferred embodiment of the present invention.
  • FIG. 7 is a flowchart of an asynchronous dictionary update in accordance with a preferred embodiment of the present invention.
  • FIG. 8 is a schematic structural diagram of a message transmission apparatus according to an embodiment of the present invention.
  • FIG. 9 is a flowchart showing the operation of the communication extension tool according to a preferred embodiment of the present invention, which is applicable to the topology shown in FIG. 3 and FIG. 5;
  • FIG. 10 is another operational flowchart of a communication extension tool according to a preferred embodiment of the present invention, which is applicable to the topology shown in FIG. 4 and FIG.
  • the compression coding employed in the embodiments of the present invention is a dictionary code, such as an LZ series code.
  • the LZ77 encoding in the related art is taken as an example.
  • the compression function is implemented by replacing the current data with corresponding matching data information that has appeared in the encoder or the decoder.
  • This matching information is encoded using a pair of data called a "length-distance pair" which is equivalent to "each character of a given length is equal to the uncompressed data stream at a subsequent specific distance character position".
  • Both the encoder and the decoder hold a certain amount of the most recent data, such as the last 2 kilobytes (KB), 4 KB, or 32 KB of data.
  • the structure that holds these data is called a sliding window, so LZ77 is sometimes called sliding window compression.
  • the encoder saves this data to find the matching data, and the decoder saves the data to interpret the matching data pointed to by the encoder. So the encoder can use a smaller sliding window than the decoder, but the reverse is not.
  • the dictionary encoding method applied in the embodiment of the present invention improves the compression encoding in the related art, thereby making it suitable for encrypted transmission of real-time communication: generating the same encoding dictionary at both ends of the real-time communication, and the subsequent input data will be prioritized.
  • FIG. 1 is a flowchart of a message transmission method according to an embodiment of the present invention. As shown in FIG. 1 , the process includes the following steps:
  • Step S102 Acquire an initial session dictionary, where the first message unit exists in the initial session dictionary and corresponds to a dictionary pointer of the initial session dictionary, and the dictionary pointer includes: a start of the first message unit in the initial session dictionary. The location and the length of the first message unit;
  • Step S104 Acquire a message to be encoded that is composed of the first message unit and/or the second message unit.
  • Step S106 performing compression coding on the first message unit of the to-be-coded message according to the initial session dictionary, to obtain a to-be-sent message formed by the dictionary pointer and/or the second message unit of the first message unit;
  • Step S108 Send a message to be sent, and update an initial session dictionary according to a preset policy, where updating the initial session dictionary includes: adding a second message unit to the initial session dictionary to obtain a dictionary pointer of the second message unit.
  • the message is transmitted in a dictionary encoding manner, and the initial session dictionary is updated according to the transmitted message.
  • the received information cannot be decoded;
  • the second message unit is updated, so if the other party does not get the previous session record, the same message plaintext cannot be obtained.
  • the embodiment of the invention further provides a communication terminal applying the above message transmission method, which comprises a communication terminal device and/or software used at both ends of the message transmission and reception.
  • the communication terminal device and software are collectively referred to as communication terminals in the embodiments of the present invention.
  • the information transmitted at any time T between the communication terminals can be encoded based on all or part of the information transmitted between the communication terminals before the time T.
  • acquiring the initial session dictionary includes one of the following methods: through peer-to-peer secure communication, negotiating with the receiver of the message to be sent or exchanging the initial session dictionary; and acquiring the initial session by loading the configuration file a dictionary; an initial session dictionary is obtained by randomly generating a code for encoding a common character font and negotiating and interleaving with a receiver of the message to be sent; generating an initial session according to a session record with a receiver of the message to be sent within a preset time period dictionary.
  • the communication terminal A and the communication terminal B of both communication parties can negotiate or exchange a conversation dictionary for message transmission through a secure channel or a secure path.
  • the secure channel may be a point-to-point transmission; the security path and the generation of the session dictionary may also be matching file inputs preset at both ends of the communication.
  • the generation of the conversation dictionary may be performed by randomly generating and performing negotiation and interleaving of common character fonts and the like at both ends of the communication; preferably, the content of the conversation dictionary may be plain text, binary or hexadecimal A block of data, or a text that has been transformed by a certain algorithm.
  • a message to be decoded composed of a dictionary pointer and/or a third message unit of the first message unit may also be received; and the dictionary is decompressed according to the initial session dictionary and the dictionary pointer of the first message unit.
  • Decoding the message obtaining a decoded message composed of the first message unit and/or the third message unit; updating the initial session dictionary according to a preset policy, wherein updating the initial session dictionary comprises: adding a third message unit to the initial session dictionary, obtaining the first A dictionary pointer for three message units.
  • decoding of the received message is achieved, as well as an update of the initial session dictionary based on the received message.
  • the transceiving message can be encrypted and transmitted by dictionary coding.
  • the communication terminal A receives the input message to be transmitted, and starts to retrieve the session dictionary. If the message unit in the message to be transmitted can find a matching value in the session dictionary, the position and length of the matching unit in the dictionary are directly or indirectly
  • the substitute message unit is added as a dictionary pointer to the message to be transmitted; if the message unit in the input message cannot find a matching value in the session dictionary, the message unit is added to the session dictionary, and the message is added directly or indirectly Pending Lose the message.
  • the communication terminal A receives the transmission instruction, the message to be transmitted is transmitted to the communication terminal B.
  • the communication terminal B receives the message of the communication terminal A, reads the message according to a preset rule, and if the message fragment is recognized as a dictionary pointer, searches the session dictionary to restore the message unit, and adds the restored message unit to the message to be output; if the message If the fragment is recognized as a non-dictionary pointer, the message fragment is restored according to a preset rule, added to the message to be output, and the restored message unit is added to the session dictionary; if the communication terminal B receives the output instruction, the message to be output is output. .
  • the communication terminal A and the communication terminal B can exchange roles.
  • the method further comprises: determining whether the initial session dictionary matches the initial conversation dictionary of the recipient of the message to be sent; and if the determination result is a match, performing the subsequent step; otherwise, re-acquiring the initial Conversation dictionary. For example, if a new session is initiated, the session record can be checked. If there is a session record, a session dictionary can be generated through the session record, and the feature values of the dictionary generated at both ends are matched. If the dictionary feature values at both ends match, Use this conversation dictionary.
  • the negotiation process of the session dictionary and the transmission process of the message may be encapsulated by an encryption algorithm and/or a security protocol for additional encrypted transmission.
  • the negotiation of the session dictionary and the transmission of the message can independently use different encryption and transmission paths.
  • the content of the session dictionary changes continuously with the content of the message transmission.
  • the size of the session dictionary may be fixed or variable.
  • updating the initial session dictionary according to the preset policy comprises one of: updating the initial session dictionary in real time; and updating the initial session dictionary according to the dictionary update instruction.
  • the dictionary can be updated by specific instructions, such as rearranging, or varying lengths.
  • the update of the conversation dictionary may be a periodic update or a random update.
  • the update command of the session dictionary may contain/hide in the message to be transmitted for transmission.
  • it can be implemented as follows:
  • the communication terminal A triggers a dictionary update event, encodes the dictionary update command and parameters as an input message and adds it to the message to be transmitted, the communication terminal A updates the local session dictionary, and the communication terminal A transmits the message to be transmitted.
  • the communication terminal B decodes after receiving the message, and when the read decoded content is recognized as an instruction, reads the instruction and the parameter, and the communication terminal B updates the session dictionary according to the instruction and the parameter content, and the instruction content is not added to the message to be output.
  • the communication terminal A may not perform the dictionary update when transmitting the message, and when the communication terminal B receives the message, it feeds back a successfully received message to the communication terminal A, and the communication Terminal A receives the feedback and then performs dictionary update.
  • the communication terminal B can feed back the check value of a session dictionary to the communication terminal A, and the communication terminal A matches the check value of the local dictionary. If the match is matched, the update is performed. If no match, the communication terminal B re-matches Negotiation session dictionary
  • the dictionary in order to avoid the conversation sequence error caused by the delay, can be asynchronously updated, and the communication party communicates with one. After a certain time, or after the amount of exchanged information reaches a certain scale, the two ends initiate a dictionary update, and the session sequence or the check code in a window before the current message is extracted to match, and if the matching is successful, the dictionary is updated using the content in the window. If it cannot be matched, it will be re-matched.
  • the session feedback mechanism may be increased.
  • the communication parties return to the plurality of session windows according to the session record stored by the communication, and generate the content in each window.
  • the check code is compared.
  • the dictionary is generated using the content in the session window corresponding to the check code. If the matching content cannot be found, the original session dictionary is renegotiated or reset.
  • the input and output of the encryption algorithm are usually fixed length, and the input and output length of the compression algorithm are indefinite, because if you do not know the position and length of the pointer structure, you can not know the length of the data matching in the dictionary, and also Know that a message is actually divided into several paragraphs;
  • the encryption algorithm is slice encryption. Any encrypted segment of a certain length can be decoded independently; and the compression algorithm is continuous coding, and any part is lost. Generally, the subsequent part cannot be decoded;
  • the key used by the encryption algorithm is usually fixed.
  • the dictionary used by the compression algorithm is a sliding window and will be updated continuously.
  • the encoding/decoding result of the encryption algorithm is unique, so it can judge the correctness of the data, and further can be exhausted by a specific method; while the encoding output of the compression algorithm is not unique, even if the output is forcibly exhausted, it is basically impossible to judge the correctness.
  • the compression algorithm originally did not have the encryption feature, but due to the vulnerability characteristics of the second point mentioned above, and the sliding window mechanism of the third point, and the uncertainty characteristic of the fourth point, in the scene of real-time message transmission. It has a very high security; on the other hand, the compressed code can also be encrypted by an encryption algorithm.
  • a preferred embodiment of the present invention provides a message transmission method based on compression coding, which can be used for real-time communication.
  • the compression coding used therein may be one or more coding modes for lossless data compression; the compression coding has the following characteristics: First, data transmitted at any time depends on the transmission before the time when decoding is performed. Data, so data within a time segment cannot be decoded separately; second, the transmitted data can be further encrypted by other encryption algorithms or security protocols.
  • the session and encoding process is as shown in FIG. 2, assuming that the communication parties are communication terminal A (Terminal A in FIG. 2) and communication terminal B (Terminal B in FIG. 2), both parties start the session.
  • Exchange/negotiate a conversation dictionary for the session (Dictionary in Figure 2).
  • the sequence of the dictionary generated by the initial negotiation is 201: HELOWARY.
  • the communication terminal A When the communication terminal A sends a message to the communication terminal B: HELLO, the communication terminal A searches for the maximum matching field in the dictionary, first finds a HEL matching three characters, assuming that the encoding here uses one byte to indicate the starting position of the character, one Word The section indicates the length of the string (offset), then the encoding of the HEL in the initial dictionary can be expressed as 0x0003; then the LO matching 2 characters is also found, and the encoding can be expressed as 0x0202, so the communication terminal A is sent after encoding.
  • the message of communication terminal B is 0x00030202.
  • the communication terminal B After receiving the message, the communication terminal B decodes according to the same principle, reads two bytes at a time, one byte is the starting position, one byte is the string length, and then the content output is read from the dictionary.
  • HELLOW is added to the dictionary as a new string, resulting in a dictionary as shown in 202.
  • the communication terminal B replies to the message HELLO to the communication terminal A, searches the dictionary for encoding, and the message sent after the encoding is 0x0805. Since the full character matches, the dictionary is not updated.
  • the dictionary 203 of Figure 2 shows an example of a real-time updated encoding, ie the dictionary is updated during the encoding process.
  • A sends a message HOW ARE YOU to B, first finds H (0x0001), then finds OW (0x0302), because the HOW is not in the dictionary, joins the dictionary, then the space, the dictionary does not, Add the dictionary (0x1001).
  • the space character needs to add the information to be transmitted according to the preset rules.
  • the simple point we make here is directly output in ASCII code. Of course, there is usually a way to recognize new characters, such as specifying a pointer.
  • the position starts with FF to indicate a new character, and ends with the next FF (or specifies a random position value to indicate a new character, and ends at the next random position value, skipping the two positions when actually encoding); 0x0502), E (0x0101), because ARE is not in the dictionary, added to the dictionary, the next space has been added to the dictionary (0x1001), but the string with ARE followed by the space is not in the dictionary, so the space is still added to the dictionary. , then Y (0x0701), O (0x0C01), YO is not in the dictionary, add a dictionary, add a dictionary, and finally U is a new character, add a dictionary, U as a new character output.
  • the space is represented as 0xFF20FF
  • U is represented as 0xFF55FF
  • the information sent by A to B is: 0x00010302FF20FF05020101100107010301FF55FF
  • B receives the information for decoding, if the read two bytes is FF
  • the read two bytes is FF
  • the dictionary code can also be called sliding window coding, so the dictionary is not infinitely extended, and sliding backward according to the setting is the correct method.
  • the dictionary size is set to 16 words Section, then the final output of the dictionary should be moved back 9 bytes, the dictionary of 203 should be as follows:
  • the initial dictionary is completely ineffective for the attacker.
  • the encoding output becomes complicated, the transmission fault tolerance is also low, and problems occur, so in fact, more asynchronous updates described later are used.
  • Figure 4 shows the discrete structure communication model.
  • the communication terminal discovers other communication terminals on the network and directly communicates without a server.
  • FIG. 5 shows a peer-to-peer structure communication model.
  • the communication terminal obtains the peer information by registering or reporting its own information to the server, and directly obtains the peer address, and then directly communicates with the peer end, and the session process information may not pass through the server.
  • a communication terminal can simultaneously use several of the structures in the above three structures.
  • the communication terminal of the preferred embodiment of the present invention can generally operate independently under the topology shown in FIG. 4 or 5. At this point, the basic workflow of the communication terminal is as shown in FIG. 6.
  • the communication process is divided into two phases.
  • the first phase (Phase) 1 confirms the initial session dictionary for communication, and Phase 2 performs communication. Among them, the roles of Phase 2 communication terminals A and B can be exchanged.
  • Step S601 the communication terminals A and B negotiate an encrypted channel, which is generally a direct connection without going through the server;
  • step S602 the communication terminals A and B generate an initial session dictionary through the encrypted channel exchange or negotiation, and the local common word sequence of the two communication terminals can be matched and randomly changed.
  • the dictionary size can take a random value within a certain range. If it is not the first communication, the initial session dictionary can be generated based on the past communication records, so that the actual dictionary information is not included in the interaction information.
  • Step S603 after the initial session dictionary is agreed, the encrypted channel is removed. After the communication is required, a new encrypted channel can be reconstructed. At this point, Phase1 ends.
  • Step S604 the communication terminal A receives the message to be sent by the input terminal, and performs coding according to the coding method shown in FIG. 1;
  • Step S605 the communication terminal A sends the encoded message to the communication terminal B;
  • Step S606 the communication terminal B performs decoding after receiving the message
  • Step S607 the communication terminal B outputs the decoded message
  • Step S608 the communication terminal B confirms that the message is received, and sends a receipt or a check code to the communication terminal A;
  • Step S609 the communication terminal A updates the dictionary after receiving the receipt, and the communication terminal B updates the dictionary
  • the communication terminal B transmits a message to the communication terminal A also following the steps of steps S601 to S609.
  • the flow shown in FIG. 6 is slightly different from the real-time update shown in the above special case 1, because the real-time update is not performed, so the second space in the code of the communication terminal A in the special case 1 will be replaced by the new character, but the final update is performed. There is no difference in the dictionary.
  • Step S701 a trigger triggers an update process.
  • the trigger event can be time, message threshold, and the like.
  • Step S702 after receiving the input message, the communication terminal A generates an update signal, and the update signal is usually an instruction including several parameters, such as a dictionary update rule, a dictionary length, etc.; the communication terminal A will update the signal and the received input message. Mix according to certain rules and define the update signal by a specific method.
  • Step S703 the communication terminal A encodes the mixed message
  • Step S704 the communication terminal A sends the encoded message to the communication terminal B;
  • Step S705 the communication terminal B performs decoding after receiving the message
  • Step S706 the communication terminal B reads the decoded message, identifies the update signal delimiter, and separates the message into an update signal and a message to be output according to a specific rule;
  • Step S707 the communication terminal B outputs the output message.
  • Step S708 the communication terminals A and B record the backtracking message according to the parameters in the update signal, generate a message window, and roll back a number of message sequences, and generate a check code by generating a check code for each content in the message window, and generate a plurality of schools.
  • Step S709 the communication terminal B sends a check code sequence to the communication terminal A;
  • Step S710 the communication terminal A compares the self-check code, selects a matching transmission to the communication terminal B;
  • Step S711 the communication terminals A and B update the dictionary according to the content in the message window corresponding to the selected check code
  • the advantage of using this method is that the dictionary will not be updated when there is a communication exception or a delay in the message sequence caused by the transmission delay.
  • the technical solution of the present invention which is essential or contributes to the prior art, may be embodied in the form of a software product stored in a storage medium (such as ROM/RAM, disk,
  • a storage medium such as ROM/RAM, disk,
  • the optical disc includes a number of instructions for causing a terminal device (which may be a cell phone, a computer, a server, or a network device, etc.) to perform the methods of various embodiments of the present invention.
  • a message transmission device is also provided in the embodiment to implement the above-mentioned embodiments and preferred embodiments.
  • the descriptions of the modules involved in the device will be described below.
  • the term "module” may implement a combination of software and/or hardware of a predetermined function.
  • the apparatus described in the following embodiments is preferably implemented in software, hardware, or a combination of software and hardware, is also possible and contemplated.
  • FIG. 8 is a schematic structural diagram of a message transmission apparatus according to an embodiment of the present invention. As shown in FIG. 8, the apparatus includes: a first acquisition module 80, a second acquisition module 82, an encoding module 84, a sending module 86, and a first update module. 88, of which,
  • the first obtaining module 80 is configured to obtain an initial session dictionary, where the first message unit exists in the initial session dictionary and corresponds to a dictionary pointer of the initial session dictionary, the dictionary pointer includes: the first message unit is in the initial session a starting position in the dictionary and a length of the first message unit; a second obtaining module 82, configured to acquire a message to be encoded consisting of the first message unit and/or the second message unit; and an encoding module 84 coupled to the first acquisition
  • the module 80 and the second obtaining module 82 are configured to perform compression coding on the first message unit of the message to be encoded according to the initial session dictionary, to obtain a to-be-sent message formed by the dictionary pointer and/or the second message unit of the first message unit;
  • the sending module 86 is coupled to the encoding module 84 and configured to send a message to be sent.
  • the first updating module 88 is coupled to the second obtaining module 82, and is configured to update the initial session dictionary according to a preset policy, where updating the initial session dictionary comprises: Adding the second message unit to the initial session dictionary to obtain a dictionary pointer of the second message unit.
  • the apparatus further comprises: a receiving module configured to receive a message to be decoded consisting of a dictionary pointer and/or a third message unit of the first message unit; a decoding module coupled to the receiving module, configured to be based on the initial session dictionary and a dictionary pointer of a message unit, decompressing the message to be decoded, to obtain a decoded message composed of the first message unit and/or the third message unit; and a second update module coupled to the receiving module, configured to update the initial session according to a preset policy a dictionary, wherein updating the initial session dictionary comprises: adding a third message unit to the initial session dictionary to obtain a dictionary pointer of the third message unit.
  • the first obtaining module 80 is configured to: negotiate with the receiver of the message to be sent or exchange the initial session dictionary through peer-to-peer secure communication; obtain the initial session dictionary by loading the configuration file; The font encoding is randomly generated and negotiated and interleaved with the receiver of the message to be sent to obtain an initial session dictionary; and an initial session dictionary is generated according to the session record with the receiver of the message to be transmitted within a preset time period.
  • the device further includes: a verification module, coupled to the first acquisition module, configured to determine whether the initial session dictionary matches the initial conversation dictionary of the recipient of the message to be sent; wherein, in the case that the determination result is a match, The module can be followed; otherwise, the first acquisition module 80 is returned to reacquire the initial session dictionary.
  • a verification module coupled to the first acquisition module, configured to determine whether the initial session dictionary matches the initial conversation dictionary of the recipient of the message to be sent; wherein, in the case that the determination result is a match, The module can be followed; otherwise, the first acquisition module 80 is returned to reacquire the initial session dictionary.
  • the first update module and/or the second update module are set to one of: updating the initial session dictionary in real time; updating the initial session dictionary according to the dictionary update instruction.
  • a preferred embodiment of the present invention also provides an extension tool for a real-time communication tool for providing data protection for a server-client structured communication tool.
  • the extension tool A acts on the communication tool A
  • the extension tool B acts on the communication tool B, where the communication tool can be different from the communication terminal in the embodiment of the present invention.
  • the extension tool in the preferred embodiment of the present invention is used for monitoring the input and output interface and the communication port of the communication tool; the extension tool obtains the address of the opposite end and performs interactive confirmation information to the peer extension tool. If the confirmation is successful, the extension tool bypasses the server. Directly negotiate dictionary information with the peer extension tool.
  • the communication tool A starts the information input
  • the extension tool A intercepts the input information for encoding, and sends the encoded message to the input interface of the communication tool.
  • the communication tool B receives the information
  • the extension tool B intercepts the output, performs decoding, and then sends the decoded message to the output interface.
  • the extension tools can communicate directly around the server.
  • the extension tool can provide a dictionary file input function to input a matching file preset at both ends of the communication as a conversation dictionary.
  • Figure 9 provides an example of a workflow for a preferred embodiment of the present invention for use in the expansion of communication tools for communication tools that use point-to-point connections.
  • Terminal A and Terminal B shown in FIG. 9 are existing communication tools, and Plugin A and Plugin B are extension tools of a preferred embodiment of the present invention, in which Plugin A acts on Terminal A and Plugin B acts on Terminal B.
  • Phase 1 shown in Figure 9 is an initialization process for the extension tool to find the peer node for subsequent P2P sessions.
  • Phase 2 is a dictionary negotiation between extension tools, which can be used to generate an initial session dictionary and subsequent dictionary updates, and the process is similar to the steps S601 to S603 shown in FIG. 6.
  • Phase3 is the information transmission phase.
  • the Phase1 process is as follows:
  • the extension tool monitors the network interface and the input and output interfaces of the communication tool, assuming that the communication tool A is the main character and the communication tool B is the called party.
  • Step S901 the communication tools A and B are registered on the server;
  • Step S902 the communication tool A wants the server to query the status of the communication tool B;
  • Step S903 the extension tool A acquires the state of the communication tool B by monitoring the communication tool A, including the communication address;
  • Phase 2 phase extension tool A initiates dictionary negotiation.
  • the Phase 3 phase process is as follows:
  • Step S904 When the extension tool A intercepts the input information of the communication tool A, encodes the information
  • Step S905 the extension tool A transmits the encoded information to the input interface of the communication tool A;
  • Step S906 When the communication tool A sends the encoded information to the communication tool B via the point-to-point connection;
  • Step S907 or when the communication tool A forwards the encoded information to the communication tool B via the server;
  • Step S908 the extension tool B listens to the information received by the communication tool B, intercepts the output, and decodes the information
  • Step S909 The extension tool B transmits the decoded information to the output interface of the communication tool B and outputs it.
  • Figure 10 provides another workflow example for a preferred embodiment of the present invention for use in the expansion of communication tools, suitable for use with communication tools without point-to-point connections, such as the topology shown in Figure 3.
  • Terminal A and Terminal B shown in Fig. 10 are existing communication tools
  • Plugin A and Plugin B are extension tools of a preferred embodiment of the present invention, in which Plugin A acts on Terminal A and Plugin B acts on Terminal B.
  • Phase 1 shown in Figure 10 is an initialization process used by the extension tool to find the peer node for subsequent sessions between extension tools.
  • Phase 2 is a dictionary negotiation between extension tools, which can be used to generate an initial session dictionary and subsequent dictionary updates, and the process is similar to the steps S601 to S603 shown in FIG. 6.
  • Phase 3 is an information transmission phase similar to steps S905 to S909 of the example shown in FIG. The following mainly describes the process of the Phase1 phase:
  • the extension tool monitors the network interface and the input and output interfaces of the communication tool, assuming that the communication tool A is the main character and the communication tool B is the called party.
  • Step S1001 the communication tool is registered on the server, and the opposite end is found;
  • Step S1002 the extension tool detects that the network status of the communication tool changes, that is, starts detecting the local communication address;
  • Step S1003 the extension tool A sends the local communication address to the communication tool B through the communication tool A;
  • Step S1004 the extension tool B intercepts the message received by the communication tool B, and extracts the communication address of the communication tool A;
  • Step S1005 the extension tool B sends the local communication address to the communication tool A through the communication tool B;
  • Step S1006 at the same time, the extension tool B initiates a connection to the extension tool A;
  • step S1007 the extension tool A intercepts the message received by the communication tool A, extracts the communication address of the communication tool B, and after confirming, matches the source address connected in step S1006, and then receives the request, otherwise rejects the connection.
  • the dictionary interaction and information transmission are done in different ways, and the server is encoded information, even if it is stored by the server, it will not reveal private information, which is a very safe method. .
  • each of the above modules may be implemented by software or hardware.
  • the foregoing may be implemented by, but not limited to, the foregoing modules are all located in the same processor; or, the modules are located in multiple In the processor.
  • Embodiments of the present invention also provide a software for performing the technical solutions described in the above embodiments and preferred embodiments.
  • Embodiments of the present invention also provide a storage medium.
  • the above storage medium may be configured to store program code for performing the following steps:
  • S1 obtaining an initial session dictionary, wherein the first message unit exists in the initial session dictionary, and corresponds to a dictionary pointer of the initial session dictionary, the dictionary pointer includes: a starting position of the first message unit in the initial session dictionary with The length of the first message unit;
  • S4 Send a message to be sent, and update an initial session dictionary according to a preset policy, where updating the initial session dictionary includes: adding a second message unit to the initial session dictionary to obtain a dictionary pointer of the second message unit.
  • the foregoing storage medium may include, but not limited to, a USB flash drive, a Read-Only Memory (ROM), a Random Access Memory (RAM), a mobile hard disk, and a magnetic memory.
  • ROM Read-Only Memory
  • RAM Random Access Memory
  • a mobile hard disk e.g., a hard disk
  • magnetic memory e.g., a hard disk
  • the above embodiments and preferred embodiments of the present invention provide an enhanced message encryption transmission method that uses the sliding window mechanism in the data compression algorithm to ensure private data security.
  • the above scheme can be used independently as a message transmission method or provide secondary encryption for existing communication tools, thereby providing higher security on the basis of current popular real-time communication and providing further privacy protection for existing tools.
  • the existing security protocols themselves provide data validation and certain data compression capabilities, but there are still many security risks.
  • the present invention provides a private data security method by using the above embodiments and preferred embodiments, and data integrity can be ensured by a transport layer protocol; although the compression coding principle is used in the above embodiment, the purpose is not compression, due to use.
  • the encoding process of compression coding is a continuous process.
  • the coding dictionary is a sliding window with high uncertainty, so that a single encoded data segment can not be cracked, and it has higher security in real-time communication.
  • modules or steps of the present invention described above can be implemented by a general-purpose computing device that can be centralized on a single computing device or distributed across a network of multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device such that they may be stored in the storage device by the computing device and, in some cases, may be different from the order herein.
  • the steps shown or described are performed, or they are separately fabricated into individual integrated circuit modules, or a plurality of modules or steps thereof are fabricated as a single integrated circuit module.
  • the invention is not limited to any specific combination of hardware and software.
  • an initial session dictionary is acquired, wherein the initial session dictionary includes a first message unit and a dictionary pointer of the first message unit; and the acquisition is composed of the first message unit and/or the second message unit.
  • a dictionary pointer formed by the information unit and/or a message to be sent formed by the second message unit; the message to be sent is sent, and the initial session dictionary is updated according to a preset policy, wherein updating the initial session dictionary includes: adding the second message unit to the initial session dictionary
  • the method of obtaining the dictionary pointer of the second message unit solves the problem that the real-time communication encryption has low security and improves the security of real-time communication.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Compression, Expansion, Code Conversion, And Decoders (AREA)
  • Computer And Data Communications (AREA)

Abstract

L'invention concerne un procédé et un appareil de transmission de message. Le procédé comprend les étapes consistant : à acquérir un dictionnaire de session initial ; à acquérir un message à coder, qui est constitué par une première unité de message et/ou une seconde unité de message ; conformément au dictionnaire de session initial, à effectuer un codage compressif sur la première unité de message du message à coder, et à obtenir un message à envoyer, qui est constitué par un pointeur de dictionnaire de la première unité de message et/ou la seconde unité de message ; et à envoyer le message à envoyer, et à mettre à jour le dictionnaire de session initial conformément à une politique prédéfinie, la mise à jour du dictionnaire de session initial comprenant : l'ajout de la seconde unité de message au dictionnaire de session initial, et l'obtention d'un pointeur de dictionnaire de la seconde unité de message. Au moyen de la présente invention, le problème de faible sécurité de chiffrement de communication en temps réel est résolu, et la sécurité de communication en temps réel est améliorée.
PCT/CN2016/075238 2015-07-21 2016-03-01 Procédé et appareil de transmission de message WO2016177050A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510432625.X 2015-07-21
CN201510432625.XA CN106375177A (zh) 2015-07-21 2015-07-21 消息传输方法和装置

Publications (1)

Publication Number Publication Date
WO2016177050A1 true WO2016177050A1 (fr) 2016-11-10

Family

ID=57217354

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/075238 WO2016177050A1 (fr) 2015-07-21 2016-03-01 Procédé et appareil de transmission de message

Country Status (2)

Country Link
CN (1) CN106375177A (fr)
WO (1) WO2016177050A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114299673A (zh) * 2021-12-29 2022-04-08 建信金融科技有限责任公司 实物管理方法、装置、实物柜、计算机设备和存储介质

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107528828A (zh) * 2017-07-27 2017-12-29 福建天泉教育科技有限公司 一种压缩数据的方法及终端
CN110740123B (zh) * 2019-09-18 2021-03-09 华为技术有限公司 数据压缩方法和基于其的数据传输方法、终端设备和系统
CN110928809A (zh) * 2019-11-25 2020-03-27 航天科技控股集团股份有限公司 图像数据通过CAN总线烧写到外部Flash的方法

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1228887A (zh) * 1996-07-24 1999-09-15 尤尼西斯公司 与串搜索交错进行即时字典更新的数据压缩和解压缩系统
US20080147801A1 (en) * 2006-12-18 2008-06-19 Telefonaktiebolaget Lm Ericsson (Publ) Method, communications node, and memory for dynamic dictionary updating and optimization for compression and decompression of messages
CN103078706A (zh) * 2012-12-31 2013-05-01 上海宇芯科技有限公司 一种利用冗余位的字典查询压缩方法及装置
CN103095305A (zh) * 2013-01-06 2013-05-08 中国科学院计算技术研究所 一种硬件lz77的压缩实现系统及方法

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1228887A (zh) * 1996-07-24 1999-09-15 尤尼西斯公司 与串搜索交错进行即时字典更新的数据压缩和解压缩系统
US20080147801A1 (en) * 2006-12-18 2008-06-19 Telefonaktiebolaget Lm Ericsson (Publ) Method, communications node, and memory for dynamic dictionary updating and optimization for compression and decompression of messages
CN103078706A (zh) * 2012-12-31 2013-05-01 上海宇芯科技有限公司 一种利用冗余位的字典查询压缩方法及装置
CN103095305A (zh) * 2013-01-06 2013-05-08 中国科学院计算技术研究所 一种硬件lz77的压缩实现系统及方法

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114299673A (zh) * 2021-12-29 2022-04-08 建信金融科技有限责任公司 实物管理方法、装置、实物柜、计算机设备和存储介质

Also Published As

Publication number Publication date
CN106375177A (zh) 2017-02-01

Similar Documents

Publication Publication Date Title
CN110870250B (zh) 密钥协商设备和方法
CN111162906B (zh) 一种基于茫然传输算法的协同秘密分享方法及装置、系统、介质
RU2638639C1 (ru) Кодер, декодер и способ кодирования и шифрования входных данных
CN111404672B (zh) 量子密钥分发方法及装置
US7899056B2 (en) Device and method for reducing overhead in a wireless network
WO2016177050A1 (fr) Procédé et appareil de transmission de message
CN111049650A (zh) 一种基于sm2算法的协同解密方法及装置、系统、介质
US8023513B2 (en) System and method for reducing overhead in a wireless network
CN103957241A (zh) 一种基于报文数据的通信方法及装置
CN109474425B (zh) 一种基于多个共享密钥获得任意指定长度派生密钥的方法
EP2962420B1 (fr) Dispositif de réseau configuré pour calculer une clé partagée
EP3337200A1 (fr) Procédé et dispositif d'émission et de réception de messages courts
CN112926075B (zh) 一种sm9密钥生成方法、装置、设备及存储介质
CN112715016A (zh) 密钥封装协议
CN113452649A (zh) 一种安全多方计算方法、设备、系统及存储介质
CN112468291A (zh) 一种同步敏感数据的方法、装置、系统、计算机设备及计算机可读存储介质
CN105556890A (zh) 加密处理方法、加密系统以及服务器
CN110417804B (zh) 一种适于单片机实现的双向身份认证加密通信方法及系统
WO2023236984A1 (fr) Procédé, appareil et dispositif d'accès à un réseau sans fil et support de stockage
CN110351086B (zh) 一种机器人群组内加密信息处理与传输方法和系统
Langberg et al. Beyond capacity: The joint time-rate region
CN102624741A (zh) 一种基于tlv的数据传输方法及系统
CN109818743A (zh) 一种椭圆曲线公钥文本化传递方法及系统
CN113094721A (zh) 一种基于模上错误学习的后量子口令认证密钥交换方法
Tyagi et al. Fault-tolerant secret key generation

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16789044

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16789044

Country of ref document: EP

Kind code of ref document: A1