WO2020242058A1 - Dispositif dans un groupe de multidiffusion - Google Patents

Dispositif dans un groupe de multidiffusion Download PDF

Info

Publication number
WO2020242058A1
WO2020242058A1 PCT/KR2020/005281 KR2020005281W WO2020242058A1 WO 2020242058 A1 WO2020242058 A1 WO 2020242058A1 KR 2020005281 W KR2020005281 W KR 2020005281W WO 2020242058 A1 WO2020242058 A1 WO 2020242058A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
data
group
message data
serial number
Prior art date
Application number
PCT/KR2020/005281
Other languages
English (en)
Korean (ko)
Inventor
방성철
차재원
곽승철
Original Assignee
주식회사 유니온플레이스
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 유니온플레이스 filed Critical 주식회사 유니온플레이스
Priority to JP2021541097A priority Critical patent/JP7176802B2/ja
Publication of WO2020242058A1 publication Critical patent/WO2020242058A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • H04L9/0833Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/16Arrangements for providing special services to substations
    • H04L12/18Arrangements for providing special services to substations for broadcast or conference, e.g. multicast
    • H04L12/185Arrangements for providing special services to substations for broadcast or conference, e.g. multicast with management of multicast group membership
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/16Arrangements for providing special services to substations
    • H04L12/18Arrangements for providing special services to substations for broadcast or conference, e.g. multicast
    • H04L12/1863Arrangements for providing special services to substations for broadcast or conference, e.g. multicast comprising mechanisms for improved reliability, e.g. status reports
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/24Key scheduling, i.e. generating round keys or sub-keys for block encryption

Definitions

  • the present disclosure relates to a device in a multicast group, and more specifically, to a device in a multicast group that receives and signal processing the encrypted message data and encryption key data for decrypting the encrypted message data to obtain message data.
  • a device in a multicast group that receives and signal processing the encrypted message data and encryption key data for decrypting the encrypted message data to obtain message data.
  • the publish-subscriber pattern is one of the asynchronous messaging patterns.
  • the publish-subscribe pattern is used by a sender (generally referred to as "publisher") within a multicast group to transmit message data to one or more recipients (generally referred to as "subscriber") using multicast. do.
  • a multicast group includes a number of devices, one of which is designated as a publisher, and other devices as a subscriber. That is, in general, there is one publisher and one or more subscribers within a specific multicast group. According to the publish-subscribe pattern, in general, the publisher does not know which subscriber will receive the message data, and the subscriber can receive the desired message data even without accurate knowledge of the publisher.
  • the publish-subscribe pattern can be used, for example, for publishers to send message data to subscribers within a multicast group comprising multiple devices used for wireless communication.
  • the publish-subscribe pattern may be used, for example, for a publisher to transmit message data to a subscriber within a multicast group including various devices used for Internet of Things (IoT) communication.
  • IoT Internet of Things
  • an encryption key for a device in the multicast group can be used.
  • the publisher encrypts the message data using the group key and transmits it to the subscriber, and the subscriber decrypts the encrypted message data received using the group key.
  • the group key generally a symmetric key can be used. For example, Korean Patent Publication No.
  • Patent Document 1 exemplarily discloses a method of updating a group traffic key (ie, "group key” in the present specification) used for encrypting and decrypting multicast data (ie, message data).
  • group traffic key ie, "group key” in the present specification
  • MAC message authentication code
  • Korean Patent Publication No. 10-2017-0089747 Patent Document 2 entitled “Thing Authentication System and Method” filed on October 17, 2016 by LG Electronics and published on August 4, 2017
  • An exemplary method of using a message authentication code for authentication in the Internet is disclosed.
  • the message authentication code may be generated using a hash function.
  • the publisher adds a message authentication code to the message data and then transmits the message data to which the message authentication code is added to the subscriber.
  • the subscriber compares the result of calculating the received message data using the hash function with the message authentication code included in the received message data. If the result of the operation and the message authentication code are the same, the message data may be regarded as being transmitted by an authenticated issuer.
  • a security problem may occur. For example, if the malicious device knows the group key and the message authentication code, the malicious device can also receive and use the message data.
  • Patent Document 1 Korean Patent Publication No. 10-2014-0006996.
  • Patent Document 2 Korean Patent Publication No. 10-2017-0089747.
  • the object of the technology disclosed herein is to obtain key data for decrypting encrypted message data based on a serial number and use the obtained key data to decrypt the encrypted message data, thereby enhancing the security of a multicast group. It is to provide devices within a group.
  • Another object of the technology disclosed herein is to obtain a return address and an authentication key corresponding to the message data by using return address extraction information included in the key data, and to access the computing device using the obtained return address and authentication key. It is to provide devices within a multicast group.
  • a device in a multicast group (a) increasing i from 1 to n (where n is a natural number of 2 or more), (a-1) A process of obtaining an i-th key packet including an i-th serial number and an i-th encryption key data, and (a-2) an i-th key obtained by decrypting the i-th encryption key data using a group key of the multicast group
  • a process of acquiring data and (a-3) a process of decoding the i-th key data according to a key data analysis standard, one or more keys are extracted, and the first to nth serial numbers and the A process of obtaining a correspondence relationship between one or more keys
  • a device including an operation processing unit that performs a process of obtaining first message data to nth message data by performing a process of obtaining data is provided.
  • security of a multicast group can be enhanced by obtaining key data for decrypting encrypted message data based on a serial number and decrypting the encrypted message data using the obtained key data.
  • a return address and an authentication key corresponding to the message data may be obtained using return address extraction information included in the key data, and the obtained return address and authentication key may be used to access the computing device.
  • FIG. 1 is a diagram showing an exemplary configuration of a device in a multicast group according to a first embodiment disclosed herein.
  • FIG. 2 is a diagram illustrating an exemplary configuration of a multicast group including devices according to the first embodiment.
  • FIG 3 is a diagram illustrating a first processing performed by an operation processing unit of the device according to the first embodiment.
  • FIG. 4 is a diagram showing an exemplary configuration of an i-th key packet according to the first embodiment.
  • 5A to 5D are diagrams showing an exemplary configuration of the i-th key data.
  • FIG. 6 is a diagram illustrating a correspondence relationship between a first serial number to an n-th serial number and one or more keys according to the first embodiment.
  • FIG. 7 is a diagram illustrating a process of decrypting an i-th encryption key data by way of example in the device according to the first embodiment.
  • FIG. 8 is a diagram illustrating a second processing performed by an operation processing unit of the device according to the first embodiment.
  • FIG. 9 is a diagram showing an exemplary configuration of an ith data packet according to the first embodiment.
  • FIG. 10 is a diagram illustrating a process of decrypting an ith encrypted message data by way of example in the device according to the first embodiment.
  • FIG. 11 is a diagram illustrating a third process performed by an operation processing unit of the device according to the first embodiment.
  • FIG. 12 is a diagram illustrating an exemplary relationship between message data and return address extraction information in the device according to the first embodiment.
  • FIG. 13 is a diagram illustrating a process using a return address and an authentication key in the device according to the first embodiment.
  • FIG. 14 is a diagram showing an exemplary configuration of a device in a multicast group according to a second embodiment disclosed herein.
  • 15 is a diagram showing an exemplary configuration of a multicast group including devices according to the second embodiment.
  • 16 is a diagram showing an exemplary configuration of an i-th integrated data packet according to the second embodiment.
  • 17 is a diagram illustrating a first process performed by an operation processing unit of a device according to the second embodiment.
  • FIG. 18 is a diagram illustrating a process of decrypting an i-th encryption key data by way of example in the device according to the second embodiment.
  • 19 is a diagram illustrating a process of decrypting an i-th encrypted message data by way of a device according to the second embodiment.
  • 20 is a diagram exemplarily showing a second processing performed by an operation processing unit of the device according to the second embodiment.
  • FIG. 1 is a diagram showing an exemplary configuration of a device in a multicast group according to a first embodiment disclosed herein.
  • the device 100 includes an operation processing unit 110.
  • the operation processing unit 110 is implemented by, for example, a semiconductor device such as a central processing unit (CPU) and an application-specific integrated circuit (ASIC). The detailed configuration of the operation processing unit 110 will be described later.
  • the device 100 may further include a group key decryption unit 140 and a key decryption unit 150.
  • the group key decryption unit 140 and the key decryption unit 150 are collectively referred to below as the decryption unit 130.
  • the decoding unit 130 is implemented by, for example, a semiconductor device such as a CPU and an ASIC.
  • the decryption unit 130 may be implemented by using a security module having very high security, for example, a security module according to any one of an EMV (Europay MasterCard Visa) standard and a TEE (Trusted Execution Environment) standard.
  • a security module having very high security, for example, a security module according to any one of an EMV (Europay MasterCard Visa) standard and a TEE (Trusted Execution Environment) standard.
  • the group key decryption unit 140 stores a group key and decrypts data using the group key.
  • the group key may be, for example, either a group key of the first multicast group 200 or a group key of the second multicast group 300.
  • the group key will be described on the assumption that it is a group key of the first multicast group 200.
  • the key decryption unit 150 stores one or more keys and decrypts data using any one of the one or more keys. At least one key is a key for decrypting a first data packet to an n-th data packet to be described later. However, n is a natural number of 2 or more.
  • FIG. 2 is a diagram illustrating an exemplary configuration of a multicast group including a device according to the first embodiment disclosed herein.
  • a multicast group according to the first embodiment includes a first multicast group 200 and a second multicast group 300.
  • the first multicast group 200 includes a publisher 210 and one or more devices.
  • Each of the publishers 210 and one or more devices includes at least a semiconductor device such as a CPU and an ASIC.
  • the one or more devices include, for example, devices 100-1 to 100-x.
  • x is a natural number of 1 or more.
  • the first multicast group 200 is, for example, a multicast group for delivering a first key packet to an n-th key packet to be described later, and the issuer 210 may transmit one or more first to n-th key packets to be described later.
  • the device 100-1 to the device 100-x For example, to the device 100-1 to the device 100-x.
  • One or more of the devices, such as devices 100-1 to 100-x, are preferably substantially identical to device 100 described above.
  • one or more devices include an operation processing unit 110, and a decryption unit 130, that is, a group key decryption unit 140 and a key decryption unit 150 ) May be further included.
  • the second multicast group 300 includes a publisher 310 and one or more devices. Each of the publisher 310 and one or more devices includes at least semiconductor elements such as a CPU and an ASIC. More specifically, the one or more devices include, for example, devices 100-1 to 100-x.
  • the second multicast group 300 is, for example, a multicast group for delivering a first data packet to an n-th data packet to be described later, and the issuer 310 may transmit one or more first to n-th data packets to be described later. , For example, to the device 100-1 to the device 100-x.
  • one or more devices such as devices 100-1 to 100 -x, belong to a first multicast group 200 and also belong to a second multicast group 300.
  • the issuer 210 and the issuer 310 are shown as separate devices, but the same device may operate as the issuer 210 and the issuer 310. That is, the same single device may operate as the issuer 210 of the first multicast group 200 and the issuer 310 of the second multicast group 300.
  • one or more devices may be connected to the computing device 400 using a return address and an authentication key to be described later.
  • the computing device 400 includes at least semiconductor devices such as a CPU and an ASIC. The computing device 400 will be described later.
  • the device 100 includes an operation processing unit 110.
  • the operation processing unit 110 performs the processing described below.
  • the first process is a process of obtaining a correspondence relationship between a first serial number to an n-th serial number and one or more keys.
  • FIG 3 is a diagram illustrating a first processing performed by an operation processing unit of the device according to the first embodiment.
  • the operation processing unit 110 performs the following processing while sequentially increasing i by 1 from 1 to n.
  • the operation processing unit 110 obtains an i-th key packet including the i-th serial number and the i-th encryption key data (S110). More specifically, the operation processing unit 110 may receive, for example, a data stream including a first key packet to an n-th key packet from the issuer 210.
  • the i-th key packet includes an i-th serial number and i-th encryption key data.
  • the i-th serial number is sequentially designated corresponding to the first key packet to the n-th key packet. For example, if the serial number of the first key packet is "101", the serial number of the second key packet is sequentially designated in the same format as "102".
  • the operation processing unit 110 obtains the i-th key data by decrypting the i-th encryption key data using the group key (S120).
  • 5A to 5D are diagrams illustrating an exemplary configuration of i-th key data.
  • the i-th key data includes key identification information, a start serial number, and a key.
  • the key identification information is identification information of a key.
  • the key identification information is designated as "Key #1".
  • the starting serial number indicates the serial number to which the key corresponding to "Key #1" is applied. For example, if the starting serial number is "101" and the serial number of the first key packet is "101", it indicates that the key corresponding to "Key #1" is applied from the first key packet.
  • the key is a key value corresponding to key identification information. For example, if the key corresponding to "Key #1" is "0x12 0x23 0xfa ...
  • the key has a value of "0x12 0x23 0xfa ... 0xa0". If the ith serial number is less than the start serial number, the operation processing unit 110 determines that the ith key data is abnormal.
  • the ith key data includes a key corresponding to the ith serial number. That is, it includes a key used to decrypt the ith data packet corresponding to the ith serial number.
  • a key whose key identification information is "key #1” and a key value of "0x12 0x23 0xfa ... 0xa0" is used to decrypt the i-th data packet.
  • the i-th key data includes key identification information, a start serial number, a key, and an initial vector.
  • the key identification information, the start serial number, and the key are the same as in Fig. 5A described above.
  • the initial vector is an initial value for encryption/decryption of data.
  • the i-th key data includes key identification information, a start serial number, a key, a key change point serial number, and an additional key.
  • the key identification information, the start serial number, and the key are the same as in Fig. 5A described above.
  • the key change time serial number indicates the key change time serial number at which the additional key starts to be applied.
  • the ith serial number is "102”
  • the key identification information is "key #1”
  • the starting serial number is "101”
  • the key is "0x12 0x23 0xfa ... 0xa0”
  • the serial number at the time of key change is " 104" and the additional key is "0x42 0xa3 0xab ...
  • the key identification information is "key #1” and the key value is "0x12 0x23 0xfa” in order to decrypt the ith data packet corresponding to the ith serial number. It indicates that a key of "... 0xa0” is used, and from the serial number "104", an additional key, that is, a key whose key value is "0x42 0xa3 0xab ... 0x35” is used.
  • the i-th key data may further include identification information of an additional key. For example, it may further include "key #2", which is identification information of the additional key.
  • the i-th key data may include a key corresponding to the i-th serial number, key change information for obtaining a k-th serial number (where k is a natural number greater than i), and a key corresponding to the k-th serial number.
  • the key change information for obtaining the kth serial number is, for example, the aforementioned key change time serial number.
  • the key corresponding to the kth serial number is, for example, the above-described additional key.
  • the key change information for obtaining the k-th serial number may include, for example, a difference value from the i-th serial number. For example, in the example with reference to FIG.
  • the i-th key data may include key identification information, start serial number, key, serial number difference value, and additional key.
  • the difference value of the serial number may be designated as "2".
  • the reason why the i-th key data further includes an additional key is for smooth operation of the operation processing unit 110. That is, the operation processing unit 110 may obtain a key corresponding to the k-th serial number in advance, for example, before processing the k-th data packet.
  • the i-th key data includes key identification information, a start serial number, a key, and extraction information of an i-th return address.
  • the key identification information, the start serial number, and the key are the same as in Fig. 5A described above.
  • the ith return address extraction information is information for extracting a return address and an authentication key included in the ith message data.
  • the ith return address extraction information may include, for example, information such as a start position and length of a return address and a start position and length of an authentication key in the ith message data.
  • the authentication key is, for example, a key used for authentication and encryption between the computing device 400 and the device 100.
  • the issuer 310 may insert the return address and the authentication key into the ith message data.
  • the issuer 210 receives information such as the location and length of the return address and the authentication key inserted in the i-th message data from the issuer 310 to generate the i-th return address extraction information, and then the i-th return address extraction information Can be inserted into the i-th key data.
  • the i-th key data has been exemplarily described with reference to FIGS. 5A to 5D, the i-th key data is not limited thereto.
  • the i-th key data may be configured by combining the examples disclosed in FIGS. 5A to 5D, and other information may be further included.
  • the i-th key data may include key identification information, a start serial number, a key, an initial vector, a key change point serial number, an additional key, and extraction information of an i-th return address.
  • the ith return address extraction information may also be configured in a different form.
  • the key data may be set differently depending on the serial number.
  • the first key data included in the first key packet includes key identification information, a starting serial number and a key
  • the second key data included in the second key packet is key identification information, a starting sequence number, a key, and a key change. It may also include a starting serial number and an additional key.
  • the operation processing unit 110 decodes the i-th key data according to the key data analysis standard (S130).
  • the i-th key data acquired through the process S120 is analyzed according to the key data analysis standard.
  • the key data interpretation standard represents the rules for decoding information contained in the i-th key data, for example, the starting position and length of the key identification information, the starting position and length of the starting serial number, the starting position and length of the key, and the initial vector are included. It contains information on whether or not, the starting position and length of the initial vector, whether an additional key is included, the starting position and length of the serial number at the time of key change, the starting position and length of the additional key, and the i th return address extraction information. It includes information such as whether or not there is, the starting position and length of the ith return address extraction information.
  • the operation processing unit 110 extracts one or more keys by sequentially increasing i from 1 to n by 1, and performs processing S110 to S130, and corresponds to the first serial number to the nth serial number and one or more keys.
  • the relationship is acquired (S140).
  • FIG. 6 is a diagram illustrating a correspondence relationship between a first serial number to an n-th serial number and one or more keys according to the first embodiment.
  • the key identification information is "key #1" and the key value is "0x12 0x23 0xfa ...
  • the key identification information is "key #1" and the key value is "0x12 0x23 0xfa. .. Decrypted using a key of 0xa0”
  • the fourth data packet corresponding to the fourth serial number to the fifth data packet (nth data packet) corresponding to the fifth serial number (nth serial number) is identified as a key It is decrypted using a key whose information is "Key #2” and the key value is "0x42 0xa3 0xab ... 0x35".
  • the operation processing unit 110 obtains the i-th key data through processing S120.
  • the operation processor 110 may directly decrypt the i-th encryption key data using a group key to obtain the i-th key data.
  • the group key decryption unit 140 is implemented using a security module having very high security, for example, a security module according to any one of EMV and TEE standards. Accordingly, the operation processing unit 110 may obtain the i-th key data by using the group key decryption unit 140.
  • FIG. 7 is a diagram illustrating a process of decrypting the i-th encryption key data by way of example in the device according to the first embodiment.
  • the operation processing unit 110 obtains a group key (S210). For example, if the group key is the group key of the first multicast group 200 described above, the operation processing unit 110 obtains the group key from the issuer 210 or the device providing the group key of the first multicast group 200 do. For example, if the group key is the group key of the second multicast group 300 described above, the operation processor 110 obtains the group key from the issuer 310 or the device providing the group key of the second multicast group 300 do.
  • the operation processing unit 110 transmits the group key to the group key decryption unit 140 (S220).
  • the group key decryption unit 140 stores the group key (S230).
  • Processes S210 to S230 are performed before performing the first process described with reference to FIG. 3, for example.
  • the operation processing unit 110 may obtain a group key and store the group key in the group key decryption unit 140.
  • the operation processing unit 110 After obtaining the i-th key packet through the process S110, the operation processing unit 110 transmits the i-th encryption key data to the group key decryption unit 140 (S240).
  • the group key decryption unit 140 decrypts the i-th encryption key data using the group key to generate the i-th key data (S250).
  • the group key decryption unit 140 transmits the i-th key data to the operation processing unit 110 (S260).
  • the operation processor 110 may obtain the i-th key data through the processes S210 to S260. After that, the operation processing unit 110 performs the above-described processing S130.
  • the second process is a process of acquiring first to n-th message data.
  • FIG. 8 is a diagram illustrating a second processing performed by an operation processing unit of the device according to the first embodiment.
  • the operation processing unit 110 performs the following processing while sequentially increasing i by 1 from 1 to n.
  • an ith data packet including the ith serial number and the ith encrypted message data is obtained (S310). More specifically, the operation processing unit 110 may receive, for example, a data stream including a first data packet to an n-th data packet from the issuer 310.
  • FIG. 9 is a diagram showing an exemplary configuration of an i-th data packet according to the first embodiment.
  • the ith data packet includes an ith serial number and the ith encrypted message data.
  • the i-th serial number is sequentially designated, for example, corresponding to the first data packet to the n-th data packet. For example, if the serial number of the first data packet is 101, the serial number of the second data packet is sequentially designated in the same format as 102.
  • the serial number of each of the first to n-th key packets is the same as the serial number of each of the first to n-th data packets. For example, if the serial number of the first key packet is "101", the serial number of the first data packet is also "101". Further, for example, when n is 5, if the serial number of the n-th key packet (the fifth key packet) is "105", the serial number of the n-th data packet (the fifth data packet) is equally "105".
  • the operation processing unit 110 designates a decryption key used to decrypt the i-th encrypted message data from among one or more keys based on the correspondence obtained through the first processing (S320).
  • a decryption key used to decrypt the ith encrypted message data is designated based on the ith serial number of the ith data packet.
  • the key identification information is "key #1" and the key value is "
  • the fifth data packet (nth data packet) corresponding to the key of 0x12 0x23 0xfa ... 0xa0" and corresponding to the fourth to fifth serial number (nth serial number) corresponding to the fourth serial number is It corresponds to a key whose key identification information is "Key #2" and a key value of "0x42 0xa3 0xab ... 0x35".
  • the operation processing unit 110 designates a decryption key used to decrypt the i-th encrypted message data from among one or more keys based on the correspondence relationship.
  • the operation processing unit 110 obtains the ith message data decrypted by using the decryption key of the ith encrypted message data (S330).
  • the operation processing unit 110 obtains the first message data to the nth message data by sequentially increasing i from 1 to n by 1 and performing processes S310 to S330 (S340).
  • the first message data to the nth message data are, for example, message data transmitted by the issuer 310, for example, the message data is divided into n pieces. If the message data is divided into n pieces, the operation processing unit 110 may restore the message data by merging the first message data to the nth message data.
  • the operation processing unit 110 may directly decrypt the i-th encrypted message data using the decryption key to obtain the i-th message data.
  • the key decryption unit 150 is implemented using a security module having very high security, for example, a security module according to any one of EMV and TEE standards. Accordingly, the operation processing unit 110 may obtain the i-th message data using the key decryption unit 150.
  • FIG. 10 is a diagram illustrating an example of a process of decrypting an i-th encrypted message data in the device according to the first embodiment.
  • the operation processing unit 110 obtains one or more keys (S410).
  • the operation processing unit 110 may obtain one or more keys through, for example, processing S140 described above.
  • the operation processing unit 110 transmits one or more keys to the key decryption unit 150 (S420).
  • the key decryption unit 150 stores one or more keys (S430).
  • the operation processing unit 110 After receiving the i-th data packet through processing S310 and designating the decryption key through processing S320, the operation processing unit 110 transmits the identification information of the decryption key and the i-th encrypted message data to the key decryption unit 150 (S440 ).
  • the key decryption unit 150 decrypts the i-th encrypted message data using the decryption key to generate the i-th message data (S450).
  • the key decryption unit 150 transmits the i-th message data to the operation processing unit 110 (S460).
  • the operation processing unit 110 may obtain the i-th message data through processing S410 to processing S460. After that, the operation processing unit 110 performs the above-described processing S340.
  • the third process is a process of obtaining a return address and an authentication key.
  • the ith key data may further include the ith return address extraction information for extracting the return address and the authentication key included in the ith message data.
  • FIG. 11 is a diagram illustrating a third processing performed by an operation processing unit of the device according to the first embodiment.
  • the operation processing unit 110 obtains a return address and an authentication key based on at least one of the first message data to the nth message data (S510). For example, assuming that the n-th key data further includes the return address included in the n-th message data and the n-th return address extraction information for extracting the authentication key, the operation processing unit 110 is based on the n-th return address extraction information. By analyzing the nth message data, a return address and an authentication key are extracted.
  • FIG. 12 is a diagram illustrating an exemplary relationship between message data and return address extraction information in the device according to the first embodiment.
  • the n-th return address extraction information obtained from the n-th key data includes information such as the start position and length of the return address and the start position and length of the authentication key in the n-th message data. Therefore, the operation processing unit 110 returns from the n-th message data using information such as the start position of the return address and the length of the return address, the start position of the authentication key, and the length of the authentication key included in the n-th return address extraction information. Extract the address and authentication key.
  • the operation processing unit 110 accesses the computing device identified by the return address obtained through the process S510, and performs authentication with the computing device using the authentication key acquired through the process S510 (S520).
  • the return address may be the network address of the computing device 400 shown in FIG. 2.
  • the computing device 400 stores the authentication key in advance.
  • FIG. 13 is a diagram illustrating an example of processing using a return address and an authentication key in the device according to the first embodiment.
  • the operation processing unit 110 accesses the computing device 400 using a return address (S610). Next, the operation processing unit 110 transmits an authentication request to the computing device 400 (S620). Next, when receiving the authentication request, the computing device 400 generates authentication data (S630) and transmits the authentication data to the operation processing unit 110 (S640).
  • the authentication data is data for checking whether the authentication key stored by the computing device 400 and the authentication key acquired by the operation processing unit 110 are the same, and the format and length are not particularly limited.
  • the operation processing unit 110 generates encrypted authentication data by encrypting the authentication data using an authentication key (S650), and transmits the encrypted authentication data to the computing device 400 (S660).
  • the computing device 400 compares the decrypted value of the encrypted authentication data using the authentication key with the authentication data, and generates an authentication result (S670). If the decrypted value and the authentication data are the same, the computing device 400 generates an authentication result as the authentication key stored in the computing device 400 and the authentication key acquired by the operation processing unit 110 are the same, that is, authentication success. do. If the decrypted value and the authentication data are not the same, the computing device 400 generates an authentication result due to authentication failure. Next, the computing device 400 transmits the authentication result to the operation processing unit 110 (S680).
  • the computing device 400 and the operation processing unit 110 transmit and receive encrypted data that is encrypted using, for example, an authentication key, and authenticate the encrypted data. It can be decrypted using the key.
  • the security of the multicast group can be enhanced.
  • a malicious device not belonging to a multicast group In order for a malicious device not belonging to a multicast group to decrypt a key packet and a data packet, it must know both the group key and the key data interpretation standard.
  • the group key is stored using a highly secured security module, and the encryption key data included in the key packet cannot be interpreted unless the key data interpretation standard is known. Therefore, it is virtually impossible for a malicious device to decrypt the message data.
  • the device may access the computing device and perform authentication with the computing device using the return address and authentication key included in the message data. Accordingly, encrypted communication with the computing device can be performed using the authentication key.
  • FIG. 14 is a diagram showing an exemplary configuration of a device in a multicast group according to a second embodiment disclosed herein.
  • the device 100 ′ includes an operation processing unit 110 ′.
  • the detailed configuration of the operation processing unit 110' will be described later.
  • the device 100 ′ may further include a group key decryption unit 140 and a key decryption unit 150.
  • the group key decryption unit 140 and the key decryption unit 150 are collectively referred to below as the decryption unit 130. Since the group key decryption unit 140 and the key decryption unit 150 according to the second embodiment are the same as the group key decryption unit 140 and the key decryption unit 150 according to the first embodiment, detailed descriptions are omitted. .
  • 15 is a diagram illustrating an exemplary configuration of a multicast group including devices according to a second embodiment disclosed herein.
  • a multicast group 200' includes a publisher 210' and one or more devices. More specifically, the one or more devices include, for example, devices 100'-1 to 100'-x. However, x is a natural number of 1 or more.
  • the multicast group 200' is, for example, a multicast group for delivering a first to an nth integrated data packet to be described later, and the issuer 210' is a first to an nth integrated data packet to be described later. Is transmitted to one or more devices, such as devices 100'-1 to 100'-x. However, n is a natural number of 2 or more.
  • One or more devices, such as devices 100'-1 to 100'-x are preferably substantially the same as device 100' described above.
  • one or more devices include an operation processing unit 110', and a decryption unit 130, that is, a group key decryption unit 140 and a key decryption unit. It may further include a unit 150.
  • one or more devices may be connected to the computing device 400.
  • 16 is a diagram showing an exemplary configuration of an i-th integrated data packet according to the second embodiment.
  • the i-th integrated data packet includes an i-th serial number, i-th encryption key data, and i-th encrypted message data.
  • the ith serial number and the ith encryption key data are substantially the same as the ith serial number and the ith encryption key data according to the first embodiment.
  • the i-th encrypted message data is substantially the same as the configuration of the i-th encrypted data according to the first embodiment.
  • the ith encrypted message data according to the second embodiment may further include an ith serial number encrypted using the group key.
  • the first process is a process of acquiring first to nth message data.
  • 17 is a diagram illustrating a first process performed by an operation processing unit of a device according to the second embodiment.
  • the operation processing unit 110 ′ performs the following processing while sequentially increasing i by 1 from 1 to n.
  • the operation processing unit 110 ′ obtains an i-th integrated data packet including an i-th serial number, i-th encryption key data, and i-th encrypted message data (S710). More specifically, the operation processing unit 110 ′ may receive, for example, a data stream including a first to an n-th integrated data packet from the publisher 210 ′.
  • the operation processing unit 110 ′ obtains the i-th key data obtained by decrypting the i-th encryption key data of the i-th integrated data packet using the group key (S720).
  • the i-th key data according to the second embodiment is substantially the same as the i-th key data in the first embodiment, detailed descriptions are omitted.
  • the operation processing unit 110 ′ decodes the i-th key data according to the key data analysis standard and extracts one or more keys including at least a decryption key for decrypting the i-th encrypted message data (S730). .
  • the operation processing unit 110 ′ obtains the i-th message data decrypted by using the decryption key (S740).
  • the operation processing unit 110 ′ acquires the first message data to the nth message data by sequentially increasing i from 1 to n by 1 and performing processes S710 to S740 (S750).
  • the operation processing unit 110 ′ may obtain the i-th key data using the group key decryption unit 140.
  • FIG. 18 is a diagram illustrating a process of decrypting the i-th encryption key data by way of example in the device according to the second embodiment.
  • the operation processing unit 110' obtains a group key (S210'). Since the process S210' is substantially the same as the process S210 of the first embodiment, a detailed description is omitted.
  • the operation processing unit 110' transmits the group key to the group key decryption unit 140 (S220').
  • the group key decryption unit 140 stores the group key (S230').
  • Processes S210' to S230' are performed before performing the first process described with reference to FIG. 17, for example.
  • the operation processing unit 110' may obtain a group key and store the group key in the group key decryption unit 140.
  • the operation processing unit 110 ′ After receiving the i-th integrated data packet including the i-th encryption key data through the process S710, the operation processing unit 110 ′ transmits the i-th encryption key data to the group key decryption unit 140 (S240 ′).
  • the group key decryption unit 140 decrypts the i-th encryption key data using the group key to generate the i-th key data (S250').
  • the group key decryption unit 140 transmits the i-th key data to the operation processing unit 110' (S260').
  • the operation processing unit 110 ′ may obtain the i-th key data through processes S210 ′ to S260 ′. After that, the operation processing unit 110' performs the above-described processing S730.
  • the operation processing unit 110 ′ may obtain the i-th message data using the key decryption unit 150.
  • 19 is a diagram illustrating an example of a process of decrypting an i-th encrypted message data in the device according to the second embodiment.
  • the operation processing unit 110' obtains one or more keys (S410').
  • the operation processing unit 110 ′ may obtain one or more keys through, for example, processing S730 described above.
  • the operation processing unit 110' transmits one or more keys to the key decryption unit 150 (S420').
  • the key decryption unit 150 stores one or more keys (S430').
  • the operation processing unit 110 ′ After acquiring the i-th integrated data packet including the i-th encrypted message data through processing S710 and extracting the decryption key through processing S730, the operation processing unit 110 ′ stores the identification information of the decryption key and the i-th encrypted message data. It is transmitted to the decoding unit 150 (S440'). The key decryption unit 150 decrypts the i-th encrypted message data using a decryption key to generate the i-th message data (S450').
  • the key decryption unit 150 transmits the i-th message data to the operation processing unit 110' (S460').
  • the operation processing unit 110 ′ receives the i-th serial number obtained through processing S710 and the key decryption unit 150.
  • the i-th serial numbers included in the i-th message data are compared and matched, it may be determined that the i-th message data is normal.
  • the operation processing unit 110 ′ may obtain the i-th message data through processing S410 ′ to processing S460 ′.
  • the second process is a process of obtaining a return address and an authentication key.
  • the ith key data may further include the ith return address extraction information for extracting the return address and the authentication key included in the ith message data.
  • 20 is a diagram illustrating a second processing performed by an operation processing unit of the device according to the second exemplary embodiment.
  • the operation processing unit 110 ′ obtains a return address and an authentication key based on at least one of the first message data to the n-th message data (S510 ′). For example, suppose that the n-th key data further includes the return address included in the n-th message data and the n-th return address extraction information for extracting the authentication key. By parsing the n-th message data, the return address and authentication key are extracted.
  • the operation processing unit 110' accesses the computing device identified by the return address obtained through the process S510', and performs authentication with the computing device using the authentication key acquired through the process S510' ( S520').
  • the return address may be the network address of the computing device 400 shown in FIG. 2.
  • the computing device 400 stores the authentication key in advance.
  • Processing using the return address and the authentication key is substantially the same as the processing using the return address and the authentication key according to the first embodiment with reference to FIG.
  • the second embodiment described above it is possible to enhance the security of the multicast group.
  • a malicious device that does not belong to a multicast group to decrypt an aggregate data packet in which key data and message data are integrated, it must know both the group key and the key data interpretation standard.
  • the group key is stored using a highly secure security module, and the encryption key data cannot be interpreted without knowing the key data interpretation standard. Therefore, it is virtually impossible for a malicious device to decrypt the message data.
  • the integrated data packet in which the key data and the message data are integrated can be received and processed, the key data and the message data can always be synchronized and received.
  • the device may access the computing device and perform authentication with the computing device using the return address and authentication key included in the message data. Accordingly, encrypted communication with the computing device can be performed using the authentication key.
  • the first key packet to the n-th key packet are transmitted to the operation processing unit 110 through the first multicast group 200.
  • the i-th key packet that is, the first key packet to the n-th key packet may be transmitted through unicast. That is, the ith key packet may be transmitted through unicast communication between the issuer 210 and the device 100.
  • the i-th serial number included in the i-th key packet or the i-th serial number included in the i-th data packet may also be encrypted.
  • the i-th serial number included in the i-th key packet may be encrypted using the group key, and the i-th serial number included in the i-th data packet is decrypted. It may be encrypted using a key.
  • the message data may further include a message authentication code (MAC).
  • MAC message authentication code
  • security of a multicast group can be enhanced by obtaining key data for decrypting encrypted message data based on a serial number and decrypting the encrypted message data using the obtained key data.
  • a return address and an authentication key corresponding to the message data may be obtained using return address extraction information included in the key data, and the obtained return address and authentication key may be used to access the computing device.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La technique d'après la présente invention s'applique à un dispositif dans un groupe de multidiffusion, le dispositif pouvant renforcer la sécurité du groupe de multidiffusion en acquérant, sur la base d'un numéro de série, des données de clé permettant de déchiffrer des données de message chiffrées et en utilisant les données de clé acquises de façon à déchiffrer les données de message chiffrées.
PCT/KR2020/005281 2019-05-31 2020-04-22 Dispositif dans un groupe de multidiffusion WO2020242058A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2021541097A JP7176802B2 (ja) 2019-05-31 2020-04-22 マルチキャストグループ内のデバイス

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020190064208A KR102024058B1 (ko) 2019-05-31 2019-05-31 멀티캐스트 그룹 내의 디바이스
KR10-2019-0064208 2019-05-31

Publications (1)

Publication Number Publication Date
WO2020242058A1 true WO2020242058A1 (fr) 2020-12-03

Family

ID=68069013

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2020/005281 WO2020242058A1 (fr) 2019-05-31 2020-04-22 Dispositif dans un groupe de multidiffusion

Country Status (3)

Country Link
JP (1) JP7176802B2 (fr)
KR (1) KR102024058B1 (fr)
WO (1) WO2020242058A1 (fr)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102024058B1 (ko) * 2019-05-31 2019-09-24 주식회사 유니온플레이스 멀티캐스트 그룹 내의 디바이스

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20060064469A (ko) * 2004-12-08 2006-06-13 한국전자통신연구원 멀티캐스트 방식으로 스트리밍 서비스되는 동영상 파일의보호 장치 및 그 방법
KR20080006621A (ko) * 2005-05-24 2008-01-16 가부시끼가이샤 도시바 콘텐트 재생 장치, 콘텐트 재생 방법 및 콘텐트 재생용 컴퓨터 판독 가능한 매체
US20110138170A1 (en) * 2007-06-15 2011-06-09 Koolspan, Inc. System and method of per-packet keying
KR101130001B1 (ko) * 2004-10-08 2012-03-28 톰슨 라이센싱 피어 그룹간 통신 성립 방법
KR20130030476A (ko) * 2011-09-19 2013-03-27 에스케이플래닛 주식회사 오디오 데이터를 이용한 디바이스 간 통신 설정 시스템 및 방법
KR102024058B1 (ko) * 2019-05-31 2019-09-24 주식회사 유니온플레이스 멀티캐스트 그룹 내의 디바이스

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2002247022A (ja) 2001-02-22 2002-08-30 Nippon Telegr & Teleph Corp <Ntt> 情報配送方法、情報利用方法及びその実施装置並びにその処理プログラムと記録媒体
JP2004166153A (ja) 2002-11-15 2004-06-10 Nec Corp マルチキャスト配信システムにおける鍵交換方式
JP2008066882A (ja) 2006-09-05 2008-03-21 Matsushita Electric Ind Co Ltd 暗号鍵配信装置および暗号鍵配信方法
JP2008306395A (ja) 2007-06-06 2008-12-18 Canon Inc 情報処理装置、情報処理方法
WO2013008990A1 (fr) 2011-07-11 2013-01-17 Lg Electronics Inc. Gestion de clé de chiffrement de trafic pour un groupe de multidiffusion de machine à machine
JP6179815B2 (ja) 2014-01-10 2017-08-16 パナソニックIpマネジメント株式会社 暗号化データ通信装置、暗号化データ通信方法、プログラム、及び、記録媒体
KR102578441B1 (ko) 2016-01-27 2023-09-14 엘지전자 주식회사 사물 인증 시스템 및 방법
JP2017220886A (ja) 2016-06-10 2017-12-14 ヒロテック株式会社 コンテンツ配信方法、送信装置および受信装置

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101130001B1 (ko) * 2004-10-08 2012-03-28 톰슨 라이센싱 피어 그룹간 통신 성립 방법
KR20060064469A (ko) * 2004-12-08 2006-06-13 한국전자통신연구원 멀티캐스트 방식으로 스트리밍 서비스되는 동영상 파일의보호 장치 및 그 방법
KR20080006621A (ko) * 2005-05-24 2008-01-16 가부시끼가이샤 도시바 콘텐트 재생 장치, 콘텐트 재생 방법 및 콘텐트 재생용 컴퓨터 판독 가능한 매체
US20110138170A1 (en) * 2007-06-15 2011-06-09 Koolspan, Inc. System and method of per-packet keying
KR20130030476A (ko) * 2011-09-19 2013-03-27 에스케이플래닛 주식회사 오디오 데이터를 이용한 디바이스 간 통신 설정 시스템 및 방법
KR102024058B1 (ko) * 2019-05-31 2019-09-24 주식회사 유니온플레이스 멀티캐스트 그룹 내의 디바이스

Also Published As

Publication number Publication date
JP7176802B2 (ja) 2022-11-22
JP2022517381A (ja) 2022-03-08
KR102024058B1 (ko) 2019-09-24

Similar Documents

Publication Publication Date Title
WO2019088689A1 (fr) Système de terminal de sécurité cryptographique quantique puf-qrng, et procédé de génération de clé cryptographique
WO2013025085A2 (fr) Appareil et procédé permettant de prendre en charge un nuage de famille dans un système informatique en nuage
WO2020147383A1 (fr) Procédé, dispositif et système d&#39;examen et d&#39;approbation de processus utilisant un système de chaîne de blocs, et support de stockage non volatil
WO2012011726A2 (fr) Procédé et appareil de fourniture d&#39;un service de gestion de droits numériques
WO2014069783A1 (fr) Procédé d&#39;authentification par mot de passe et appareil pour l&#39;exécuter
WO2020186775A1 (fr) Procédé, appareil et dispositif de fourniture de données de service, et support de stockage lisible par ordinateur
WO2013065915A1 (fr) Procédé d&#39;interfonctionnement de confiance entre une région de confiance et une région non de confiance, procédé, serveur et terminal pour commander le téléchargement d&#39;applications de confiance, et système de commande les appliquant
WO2013048111A2 (fr) Procédé et appareil de détection d&#39;une intrusion dans un service informatique en nuage
WO2015157942A1 (fr) Dispositif et procédé d&#39;accès à un réseau sans fil
WO2013129785A1 (fr) Émetteur de données, récepteur de données système de transmission et de réception de données, procédé de transmission de données, procédé de réception de données et procédé de transmission et de réception de données
WO2010087567A1 (fr) Procédé d&#39;installation d&#39;un objet de droits destiné à du contenu dans une carte de mémoire
WO2018166099A1 (fr) Procédé et dispositif de détection de fuite d&#39;informations, serveur et support d&#39;informations lisible par ordinateur
WO2015126037A1 (fr) Système et procédé d&#39;identification personnelle et antivol utilisant une clé aléatoire jetable
WO2021261728A1 (fr) Dispositif de communication sécurisée pour une fournir une fonction sécurisée multifonctions, et procédé de fonctionnement associé
WO2016126023A1 (fr) Appareil de diffusion et procédé d&#39;authentification de données de diffusion
WO2020242062A1 (fr) Dispositif de transmission de données de clé à un abonné faisant partie d&#39;un groupe de multidiffusion
WO2016056856A1 (fr) Procédé et système pour générer des données de vérification d&#39;intégrité
WO2017111483A1 (fr) Dispositif d&#39;authentification basée sur des données biométriques, serveur de commande et serveur d&#39;application relié à celui-ci, et procédé de commande associé
WO2020242058A1 (fr) Dispositif dans un groupe de multidiffusion
WO2020122368A1 (fr) Système et procédé de sécurisation et de gestion de données dans un dispositif de stockage au moyen d&#39;un terminal sécurisé
WO2023054857A1 (fr) Dispositif à l&#39;intérieur d&#39;un réseau
WO2015026083A1 (fr) Système et procédé de sécurisation de message texte permettant d&#39;empêcher l&#39;utilisation illégale d&#39;une authentification utilisateur par un téléphone mobile et d&#39;empêcher le hameçonnage par sms
WO2011037318A2 (fr) Procédé d&#39;utilisation de droits à des contenus
WO2023113168A1 (fr) Procédé de communication sécurisée de données
WO2013009120A2 (fr) Terminal de communication mobile et appareil et procédé d&#39;authentification d&#39;applications

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20814620

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2021541097

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20814620

Country of ref document: EP

Kind code of ref document: A1