WO2022022009A1 - Procédé et appareil de traitement de message, dispositif et support de stockage - Google Patents

Procédé et appareil de traitement de message, dispositif et support de stockage Download PDF

Info

Publication number
WO2022022009A1
WO2022022009A1 PCT/CN2021/093918 CN2021093918W WO2022022009A1 WO 2022022009 A1 WO2022022009 A1 WO 2022022009A1 CN 2021093918 W CN2021093918 W CN 2021093918W WO 2022022009 A1 WO2022022009 A1 WO 2022022009A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
message
sender
content
random number
Prior art date
Application number
PCT/CN2021/093918
Other languages
English (en)
Chinese (zh)
Inventor
简怀兵
Original Assignee
百果园技术(新加坡)有限公司
简怀兵
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 百果园技术(新加坡)有限公司, 简怀兵 filed Critical 百果园技术(新加坡)有限公司
Publication of WO2022022009A1 publication Critical patent/WO2022022009A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Definitions

  • the present application relates to the field of communication technologies, for example, to a message processing method, apparatus, device, and storage medium.
  • the present application provides a message processing method, apparatus, device and storage medium, which can optimize the message processing scheme.
  • a message processing method applied to the sender of the message, including:
  • the sender uses a preset encryption algorithm to encrypt the sender identifier
  • the sender identification is decrypted according to the first information.
  • a message processing device configured on the sender of the message, including:
  • a sender identification encryption module configured to encrypt the sender identification by using a preset encryption algorithm to obtain the first information
  • a message sending module configured to send a first message including the first information and the content of the first message to the server, wherein the first message is used to instruct the server to save the first information and the first message a message content, and if the preset sending conditions are met, send the first information and the first message content to the receiver corresponding to the first message for the receiver to send the first message according to the first message.
  • the information is decrypted for the sender identification.
  • a message processing device is also provided, which is configured on the server and includes:
  • a message receiving module configured to receive a first message sent by a sender that includes first information and content of the first message, wherein the first information is obtained by the sender encrypting the sender identifier by using a preset encryption algorithm;
  • a saving module configured to save the first information and the content of the first message
  • a message sending module configured to send the first information and the content of the first message to a receiver corresponding to the first message when a preset sending condition is met, so that the receiver can send the first message according to the
  • the first information decrypts the sender identifier.
  • a message processing device is also provided, which is configured on the receiver of the message, including:
  • the message receiving module is configured to receive the first information and the first message content sent by the server, wherein the first information and the first message content are included in the first message sent by the sender to the server.
  • the first information is obtained by encrypting the identifier of the sender by the sender using a preset encryption algorithm;
  • the sender identifier decryption module is configured to decrypt the sender identifier according to the first information.
  • a computer device including a memory, a processor, and a computer program stored in the memory and running on the processor, and the processor implements the above-mentioned message processing method when the processor executes the computer program.
  • a computer-readable storage medium is also provided, on which a computer program is stored, and when the program is executed by a processor, the above-mentioned message processing method is implemented.
  • FIG. 1 is a scene architecture diagram of an application scenario to which a message processing method provided by an embodiment of the present application is applicable;
  • FIG. 2 is a schematic flowchart of a message processing method provided by an embodiment of the present application.
  • FIG. 3 is a schematic flowchart of another message processing method provided by an embodiment of the present application.
  • FIG. 4 is a schematic diagram of a message interaction provided by an embodiment of the present application.
  • FIG. 5 is a schematic flowchart of a message processing method provided by an embodiment of the present application.
  • FIG. 6 is a schematic flowchart of another message processing method provided by an embodiment of the present application.
  • FIG. 7 is a schematic flowchart of another message processing method provided by an embodiment of the present application.
  • FIG. 8 is a schematic diagram of a one-to-one message interaction provided by an embodiment of the present application.
  • FIG. 9 is a schematic diagram of a group message interaction provided by an embodiment of the present application.
  • FIG. 10 is a structural block diagram of a message processing apparatus provided by an embodiment of the application.
  • FIG. 11 is a structural block diagram of another message processing apparatus provided by an embodiment of the present application.
  • FIG. 12 is a structural block diagram of another message processing apparatus provided by an embodiment of the present application.
  • FIG. 13 is a structural block diagram of a computer device provided by an embodiment of the present application.
  • FIG. 1 is a scene architecture diagram of an application scenario to which a message processing method provided by an embodiment of the present application is applicable.
  • the application scenario may include a sender 101, a server 102 and a receiver 103.
  • the sender 101 needs to send a message to the receiver 103, it first sends the message to the server 102, and then the server 102 sends the message to the receiver 103.
  • the message is sent to the recipient 103 .
  • This embodiment of the present application does not limit the type of application scenarios.
  • the types of scenarios may be instant messaging (Instant Messaging, IM) scenarios, email sending and receiving scenarios, transfer scenarios of bitcoin accounts in the blockchain, and payment application programs (Application, APP) scenarios.
  • IM Instant Messaging
  • APP payment application programs
  • the embodiment of the present application does not limit the respective physical devices corresponding to the sender 101 , the server 102 and the receiver 103 , for example, the physical devices may be mobile phones, tablet computers, desktop computers, or servers, and so on.
  • the following takes an IM scenario as an example for a schematic illustration.
  • Many applications include IM functions, such as social instant messaging APPs and live broadcast APPs, etc.
  • the messages transmitted in these applications can be timely messages between ordinary users. Communication messages, signaling of business logic, etc.
  • the basic function of the IM system is to efficiently and stably send messages from one user to another, but in many cases, the message recipient cannot receive the message in time.
  • the network is unstable, the IM system must process a large number of offline messages, and the offline messages are usually stored in the database.
  • the corresponding relationship between the sender and the receiver of the message (hereinafter referred to as the user relationship chain) is stored in the database. ), that is, the relationship between who sends to whom and who is communicating with whom. From the perspective of security and privacy, the user relationship chain should not be public, or at least disclosed to a third party under the premise of an authorization. However, when encountering a drag library (generally refers to the behavior of hackers stealing database content), the user relationship chain stored in the database is easily exposed to unauthorized third parties or criminals, and there is a great security risk.
  • a drag library generally refers to the behavior of hackers stealing database content
  • the sender of the message before sending the first message content to the server, the sender of the message encrypts the sender's identifier by using a preset encryption algorithm, so that when the first message content is stored in the server, the first message content
  • the identity of the corresponding sender is encrypted, so it can ensure that the user relationship chain of the message is kept secret, preventing exposure to malicious third parties.
  • FIG. 2 is a schematic flowchart of a message processing method provided by an embodiment of the present application.
  • the method can be executed by a message processing apparatus, wherein the apparatus can be implemented by software and/or hardware, and can generally be integrated in computer equipment, and the computer equipment has Message sending function.
  • the method includes:
  • Step 201 Encrypt the sender identifier by using a preset encryption algorithm to obtain first information.
  • the preset encryption algorithm may be a preset symmetric encryption algorithm.
  • Symmetric encryption algorithm is also known as shared key encryption algorithm or single key encryption algorithm. In a symmetric encryption algorithm, only one key is used, and both sender and receiver use this key to encrypt and decrypt data.
  • the data encryption process may be that, in a symmetric encryption algorithm, the data sender undergoes special encryption processing together with the plaintext (original data, which may be the sender's identifier in this embodiment of the present application) and the encryption key to generate a complex encrypted
  • the ciphertext (which may be the first information in this embodiment of the present application) is sent;
  • the data decryption process may be that after the data receiver receives the ciphertext, if it wants to read the original data, it needs to use the encryption key and the same
  • the inverse of the algorithm decrypts the encrypted ciphertext and restores it to readable plaintext.
  • the preset symmetric encryption algorithm may be an Advanced Encryption Standard (Advanced Encryption Standard, AES) algorithm, a Data Encryption Standard (Data Encryption Standard, DES) or triple data encryption Algorithms (Triple Data Encryption Algorithm, TDEA), etc.
  • AES Advanced Encryption Standard
  • DES Data Encryption Standard
  • TDEA Triple Data Encryption Algorithm
  • the embodiments of this application do not limit the number of digits of the encryption algorithm.
  • the number of digits of the encryption algorithm can be 128 bits, 256 bits, or 512 bits, etc., which can be set according to actual needs.
  • the default encryption algorithm is AES256.
  • the sender identification can be understood as an identifier used to represent the unique identity of the sender.
  • This embodiment of the present application does not limit the representation of the sender ID, and the representation of the sender ID may be the sender ID. Account name or sender code, etc.
  • Step 202 Send a first message including the first information and the content of the first message to the server, where the first message is used to instruct the server to save the first information and the content of the first message, and when the content of the first message is satisfied
  • the sending condition is preset, the first information and the content of the first message are sent to the receiver corresponding to the first message, so that the receiver can decrypt the identifier of the sender according to the first information.
  • the embodiment of the present application does not limit the communication protocol adopted between the sender and the server, for example, the communication protocol may be a Hyper Text Transfer Protocol (Hyper Text Transfer Protocol over SecureSocket Layer, HTTPS) or other protocol.
  • HTTPS Hyper Text Transfer Protocol
  • This embodiment of the present application does not limit the structure of the first message, and the structure of the first message may be set according to the communication protocol used, and may also be set differently for the same communication protocol.
  • the message sent by the sender to the server does not contain the first information, and the message in the related art may be referred to as the original message.
  • the communication protocol is determined, in this embodiment of the present application, the first information may be added on the basis of the original message.
  • the embodiment of the present application does not limit the location where the first information is added, and the first information may be added inside the original message, such as the message body can also be added to the outside of the original message, and after the addition is completed, the first message in the embodiment of the present application is obtained.
  • the first message may be any message sent by the sender to the receiver, and the content of the first message is not limited in this embodiment of the present application.
  • This embodiment of the present application does not limit the number of recipients, and the number of recipients may be one or more.
  • a certain encryption algorithm may also be used for encryption, so as to ensure the security of the content of the message.
  • the first message may further include a receiver identifier, so that the server can determine the receiver corresponding to the first message according to the receiver identifier.
  • the receiver identifier corresponding to the first message can also be sent independently of the first message, and the correspondence between the first message and the receiver can be sent to the server, for example, the correspondence between the message ID of the first message and the receiver ID can be sent relation.
  • the server may always store the first information and the first message content.
  • the receiver identifier, message content and sender identifier are stored in the database of the server, and the message content and the sender identifier are sent to the receiver together, so that the receiver can know the source of the message content.
  • the identifier of the sender is not stored, and the first information may be stored at the location where the identifier of the sender was originally stored, or an additional field may be added to store the first information.
  • the preset sending conditions can be set according to actual needs, for example, it can be sent immediately after receiving the first message, it can be sent after relevant verification is performed after receiving the first message, or it can be sent after the first message is received. After receiving the first message, first determine whether the receiver is online or whether the network condition of the receiver is appropriate, and then determine whether to send or not.
  • This embodiment of the present application does not limit the execution order of the steps of saving and sending the first information and the content of the first message, which may be set according to actual conditions.
  • the server may also send other content at the same time, which is not limited in this embodiment of the present application.
  • the server may generate the second message according to the first information and the content of the first message, and send the second message to the receiver.
  • the receiver can use the inverse algorithm corresponding to the preset encryption algorithm and the corresponding key to decrypt the first information.
  • the sender identifier corresponding to the first message can be obtained, that is, the sender identity of the first message can be obtained.
  • the sender and receiver of the message may negotiate a shared key in advance, or may include decryption information in the first information, and the decryption information may help the receiver determine the key used to decrypt the first information according to the information it already knows. .
  • operations such as reporting an error may be performed, which is not limited in this embodiment of the present application.
  • the receiver After receiving the content of the first message, if the content of the first message is encrypted, the receiver can decrypt the content of the first message, and if the decryption is successful, the content of the message that the sender really wants to send can be obtained. If the content of the first message is not encrypted, the subsequent process may be performed according to the sender identifier and the content of the first message.
  • the sender of the message before sending the message to the server, the sender of the message encrypts the identifier of the sender with a preset encryption algorithm to obtain the first information, and then sends the first information to the server. and the first message of the first message content, the first message is used to instruct the server to save the first information and the first message content, and when the preset sending conditions are met, send the first information and the first message content to the first message.
  • the receiver corresponding to the message is for the receiver to decrypt the identifier of the sender according to the first information, so as to obtain the identity of the sender of the first message.
  • the identity of the sender corresponding to the content of the first message is encrypted, and only the real receiver of the message can decrypt it.
  • the relationship chain between the two communication parties of the message is guaranteed to be kept secret to prevent exposure to malicious third parties.
  • the method further includes: signing the first information with the private key of the sender to obtain the second information ; determine first attribute information according to the first information and the second information.
  • the sending the first message including the first information and the first message content to the server includes: sending the first message including the first attribute information and the first message content to the server.
  • the first message is used to instruct the server to save the first information and the first message content, and when the preset sending conditions are met, send the first information and the first message content to the
  • the receiver corresponding to the first message is for the receiver to decrypt the identifier of the sender according to the first information, including: the first message is used to instruct the server to decipher the sender according to the public key of the sender.
  • the second information is used for signature verification, the first attribute information and the first message content are saved after the signature verification is successful, and when the preset sending conditions are met, the first attribute information and the first message are stored.
  • the content is sent to the receiver corresponding to the first message, so that the receiver can decrypt the identifier of the sender according to the first information and decrypt the second information according to the public key of the sender obtained after decryption is successful.
  • Checkout The advantage of this setting is that it can support the server to verify whether the sender of the first message has been tampered with, and ensure the accuracy and security of message communication.
  • the sender uses its own private key to sign the first information, obtains the second information, and sends the first information and the second information together as the first attribute information to the server
  • the server can learn the identity of the sender from the first message (for example, the sender ID may be included in the protocol header of the first message), and then query the corresponding sender's public key, and use the public key to verify the signature of the second information, If the first information can be successfully verified and signed out, it can indicate that the first message is indeed sent by the sender. If the information obtained after verification is inconsistent with the first information, it can indicate that someone may pretend to be the sender to send the first message. In order to achieve the effect of effectively identifying the attack behavior.
  • the receiver is a single user
  • the use of a preset encryption algorithm to encrypt the identifier of the sender to obtain the first information includes: generating a first random number and a first random key pair; using a preset encryption algorithm
  • the key agreement protocol generates a first public key based on the first private key in the first random key pair and the public key of the recipient; the first random number, The first public key and the sender identifier are encrypted to obtain encrypted sender information; according to the first random number, the first public key in the first random key pair, and the encrypted sender information, Determine the first information.
  • the advantage of this setting is that, for a one-to-one message communication scenario, a public key that can be deduced by the sender and the receiver can be generated by means of a preset key agreement protocol, so as to improve the encryption level of the first information, so as to ensure the transmission security of party identification.
  • the number of bits of the first random number can be set freely, for example, 16 bytes.
  • the first random key pair is randomly generated, and can only be used for the message sent this time to ensure security.
  • the preset key agreement protocol may be, for example, an Elliptic Curves Diffie-Hellman (ECDH) protocol, and an asynchronous public key agreement algorithm in the ECDH protocol may be used based on the first private key in the first random key pair and the recipient's public key to generate the first public key.
  • ECDH Elliptic Curves Diffie-Hellman
  • the receiver After receiving the first information including the first random number, the first public key and the encrypted sender information, the receiver can also use the asynchronous public key agreement algorithm based on the first public key in the first random key pair and its own If there is no abnormality in the intermediate process, the second public key should be the same as the first public key, then the receiver can continue to use the first random number and the second public key for The encrypted sender information is decrypted to obtain the sender identity.
  • the first random number, the first public key and the sender identifier are encrypted by using a first preset encryption algorithm to obtain encrypted sender information, and a preset hash algorithm is used to calculate the first hash value corresponding to the first public key; encrypting the first random number, the first hash value and the sender identifier by using a first preset encryption algorithm to obtain encrypted sender information.
  • the preset hash algorithm may be a secure hash algorithm (Secure Hash Algorithm, SHA), also known as a secure hash algorithm.
  • SHA Secure Hash Algorithm
  • the SHA may be SHA256 or the like.
  • the receiver is a group user
  • the use of a preset encryption algorithm to encrypt the identifier of the sender to obtain the first information includes: generating a second random number; The second random number, the group password corresponding to the group user, and the sender identifier are encrypted to obtain encrypted sender information; the first information is determined according to the second random number and the encrypted sender information.
  • the second preset encryption algorithm may be the same as or different from the first preset encryption algorithm.
  • the group password in this embodiment of the present application may be a group entry password, or a newly added encrypted password dedicated to group message sending.
  • the group password is not known to the rest of the group, so the password can be used as a public key for encryption and decryption.
  • the group password can be fixed, but it can also be changed in some cases, such as when the members change (such as adding new members or existing members who have left the group), or in order to avoid being cracked, it can be changed regularly. After the group password is changed, all current members in the group can be notified.
  • the method further includes: generating a third random number; and signing the third random number with the private key of the sender to obtain the second attribute information.
  • the sending the first message including the first attribute information and the content of the first message to the server includes: sending to the server the first message including the first attribute information, the second attribute information and the first message Content first message.
  • the second attribute information is added to facilitate the server to verify the initiator of the retracted message and prevent other members' messages from being retracted by impersonation. situation happens.
  • the method further includes: after detecting that the first message is targeted for the first message When the withdrawal event is triggered, a fourth random number is generated; the fourth random number, the group password and the sender identification are encrypted by using the second preset encryption algorithm to obtain new encrypted sender information ; According to the fourth random number and the new encrypted sender information, determine the third information; use the private key of the sender to sign the third information to obtain the fourth information; According to the third information and the fourth information to determine third attribute information; send to the server a first retraction message for the first message that includes the third attribute information and the third random number, the first retraction message It is used to instruct the server to verify the signature of the fourth information according to the public key of the sender, and to verify the signature of the second attribute information after the signature verification is successful.
  • the second retraction message for the first message containing the third attribute information is sent to the receiver corresponding to the first message for the receiver Perform the corresponding message recall action.
  • the server verifies the signature of the third attribute information according to the sender's public key, and can verify whether the initiator of the retracted message is indeed the current sender. If the signature verification fails, it indicates that there may be an attack. Continue to verify whether the original sender of the message to be withdrawn is the initiator of the withdrawn message. If the verification is successful, you can continue the follow-up message withdrawal related process. If the verification fails, it means that there may be an impostor and malicious withdrawal, and you can not enter the follow-up. message recall process.
  • FIG. 3 is a schematic flowchart of another message processing method provided by an embodiment of the present application, and the method can be applied to a message sender in a one-to-one message communication scenario in an IM system.
  • Fig. 4 is a schematic diagram of a message interaction provided by an embodiment of the present application.
  • Fig. 4 includes user A and user C.
  • User A's private key and public key pair can be denoted as (c a , C a ), and sender A passes the The network is connected to one or more IM servers (Servers).
  • the IM Server can be responsible for persistently writing messages to the database.
  • User C's private key and public key pair can be recorded as (c c , C c ).
  • Figure 4 takes user A sending a message to user C as an example to illustrate how the user relationship chain "A is communicating with C" will not be leaked even when the database is dragged to the database.
  • the method may include:
  • Step 301 Generate a first random number and a first random key pair.
  • the first random number can be a random number with a length of 16 bytes, which can be recorded as IV; the first random key pair can be regarded as a temporary key pair (key pair) for this message sending operation, and can be recorded as IV.
  • IV is (r, R), where r is the first private key and R is the first public key.
  • Step 302 using a preset key agreement protocol to generate a first public key based on the first private key in the first random key pair and the recipient's public key.
  • the preset key agreement protocol may be an ECDH protocol, and the first public key is obtained in the following manner:
  • P is the first public key.
  • Step 303 Calculate a first hash value corresponding to the first public key by using a preset hash algorithm.
  • the preset hash algorithm is SHA256
  • the first hash value corresponding to the first public key is obtained in the following manner:
  • H is the first hash value.
  • Step 304 Encrypt the first random number, the first hash value and the sender identifier by using the first preset symmetric encryption algorithm to obtain encrypted sender information.
  • the first preset symmetric encryption algorithm is AES256
  • the encrypted sender information is obtained in the following manner:
  • source is used to represent the sender identifier (such as the ID of user A), and source' is used to represent encrypted sender information.
  • Step 305 Determine the first information according to the first random number, the first public key in the first random key pair, and the encrypted sender information.
  • the first information may be recorded as payload (payload).
  • payload can be expressed as:
  • the "+” in the embodiment of the present application does not represent the addition in the operation symbol, but is used to represent the parallel relationship of items, for example, the payload includes several parallel items such as IV, R, and source'.
  • Step 306 Sign the first information with the private key of the sender to obtain the second information.
  • the ca signature payload is used to obtain the second information, and the second information may be denoted as S.
  • Step 307 Determine the first attribute information according to the first information and the second information.
  • Step 308 Send a first message containing the first information and the content of the first message to the server, where the first message is used to instruct the server to verify the signature of the second information according to the public key of the sender, and save the first message after the verification is successful.
  • attribute information and the content of the first message and when the preset sending conditions are met, the first attribute information and the content of the first message are sent to the receiver corresponding to the first message, so that the receiver can identify the sender according to the first information. Decrypt and verify the signature of the second information according to the decrypted public key of the sender after successful decryption.
  • the sender of the message before sending a message to the server, the sender of the message first generates a public key by using a preset key agreement protocol, and calculates the hash of the public key value, use a preset encryption algorithm to encrypt the random number, hash value and sender identification to obtain encrypted sender information, and then determine the first information according to the random number, the public key in the random key pair and the encrypted sender information, Sign the first message with its own private key to obtain the second message, and then send the first message including the first message, the second message and the content of the first message to the server.
  • the identity of the sender can be verified first, and after success, the first information, the second information, and the content of the first message can be saved, and when the preset sending conditions are met, the saved content can be sent to the receiver corresponding to the first message.
  • the party performs decryption of the sender's identity and signature verification of the sender's identity, respectively.
  • FIG. 5 is a schematic flowchart of a message processing method provided by an embodiment of the present application. As shown in FIG. 5 , the method can be applied to a message sender in a group message communication scenario in an IM system. Also taking FIG. 4 as an example, it is assumed that user A is a user in the communication group, user C is a user other than user A in the communication group, and the communication group may also include other users, such as user B, user D Etc., not shown in FIG. 4 , when user A sends a message in the communication group, other users in the communication group are all recipients, and user C is used as an example for description below.
  • the method may include:
  • Step 501 Generate a second random number.
  • the second random number may be a random number with a length of 16 bytes, and may also be recorded as IV.
  • Step 502 Encrypt the second random number, the group password corresponding to the group user, and the sender identifier by using the second preset symmetric encryption algorithm to obtain encrypted sender information.
  • the second preset symmetric encryption algorithm is AES256
  • the encrypted sender information is obtained in the following manner:
  • source' AES256(IV, group cipher, source)
  • source is used to represent the sender identifier (such as the ID of user A), and source' is used to represent encrypted sender information.
  • Step 503 Determine the first information according to the second random number and the encrypted sender information.
  • the first information may be recorded as payload (payload).
  • payload can be expressed as:
  • Step 504 Sign the first information with the private key of the sender to obtain the second information.
  • the ca signature payload is used to obtain the second information, and the second information may be denoted as S.
  • Step 505 Determine the first attribute information according to the first information and the second information.
  • Step 506 Generate a third random number.
  • the third random number may be a random number with a length of 16 bytes, which may be denoted as IIV. After the third random number is generated, the client needs to save it and apply it to the subsequent message recall process.
  • Step 507 Sign the third random number with the private key of the sender to obtain the second attribute information.
  • the ca signature IIV is used to obtain the second attribute information, and the second attribute information may be denoted as v.
  • Step 508 Send a first message including the first attribute information, the second attribute information and the content of the first message to the server.
  • the first message is used to instruct the server to verify the signature of the second information according to the public key of the sender, save the first attribute information, the content of the first message and the second attribute information after the signature verification is successful, and
  • the sending conditions are preset, the first attribute information and the content of the first message are sent to the receiver corresponding to the first message, so that the receiver can decrypt the identifier of the sender according to the first information and obtain the sender's identity according to the decryption after successful decryption. verifies the second information with the public key.
  • Step 509 generating a fourth random number when it is detected that a withdrawal event for the first message is triggered.
  • the fourth random number may be a random number with a length of 16 bytes, and may also be recorded as IV.
  • a withdrawal event can be initiated, for example, a withdrawal button corresponding to the first message can be triggered.
  • the retraction event of the first message is triggered, and a fourth random number is generated.
  • Step 510 Encrypt the fourth random number, the group password and the sender identifier by using the second preset symmetric encryption algorithm to obtain new encrypted sender information.
  • source' AES256(IV, group cipher, source)
  • Step 511 Determine the third information according to the fourth random number and the new encrypted sender information.
  • Step 512 Sign the third information with the private key of the sender to obtain the fourth information.
  • the fourth information is obtained, and the fourth information may be denoted as S.
  • Step 513 Determine third attribute information according to the third information and the fourth information.
  • Step 514 Send a first withdraw message for the first message that includes the third attribute information and the third random number to the server.
  • the first revocation message is used to instruct the server to verify the signature of the fourth information according to the public key of the sender, and to verify the signature of the second attribute information after the signature verification is successful. If the third random number carried in the message is the same, a second retraction message for the first message containing the third attribute information is sent to the receiver corresponding to the first message for the receiver to perform a corresponding message retraction operation.
  • a group ID (gid) and a message ID (mid) may be included in the retract message, and the group ID (gid) and the message ID (mid) are used to indicate which message in which group is to be retracted.
  • the first retraction message contains the gid of the communication group where the sender is located, and the mid of the first message.
  • the sender of the message uses the group password as the public key before sending the message to the server, and uses a preset symmetric encryption algorithm to encrypt the random number, the group password and the sending.
  • the first information is determined according to the random number and the encrypted sender information, and the first information is signed with its own private key, and the second information is obtained, and the first information and the second information are obtained. It is determined as the first attribute information, and then the random number is signed to obtain the second attribute information, which is used for subsequent message withdrawal verification.
  • the server After receiving the first message, the server can first verify the identity of the sender, and save the first attribute after success. information, the second attribute information and the first message content, and when the preset sending conditions are met, the first attribute information and the first message content are sent to other members in the group, and other members can The decryption of the sender's identity and the verification of the sender's identity are carried out respectively.
  • the sender When the sender initiates the message withdrawal process, it regenerates new encrypted sending information, determines the third information, and after signing the third information, obtains the fourth information, and uses the third information and the fourth information as the third attribute information
  • the third random number saved when the first message was sent before is sent to the server, and the server can know whether the initiator of the withdrawal operation has been impersonated by verifying the fourth information.
  • FIG. 6 is a schematic flowchart of another message processing method provided by an embodiment of the present application.
  • the method may be executed by a message processing apparatus, where the apparatus may be implemented by software and/or hardware, and may generally be integrated in computer equipment such as a server. As shown in Figure 6, the method includes:
  • Step 601 Receive a first message including first information and first message content sent by a sender, wherein the first information is obtained by the sender encrypting a sender identifier by using a preset encryption algorithm.
  • the server can obtain the sender identifier (uid) from the protocol header (https header), and then learn the sender's identity, but in the embodiment of this application, the service The sender does not store the sender identity.
  • Step 602 Save the first information and the content of the first message.
  • the server does not store the identity information of the sender, but only stores the encrypted identifier of the sender and the content of the message that the sender wants to send.
  • Step 603 When the preset sending conditions are met, send the first information and the content of the first message to the receiver corresponding to the first message, so that the receiver sends according to the first information Decryption of party IDs.
  • the server receives the first message sent by the message sender, the first message includes the first information and the first message content, and the first information is sent by the sender using a preset encryption algorithm.
  • the identification is encrypted, and only the real message receiver can decrypt it. Therefore, the first information will not be cracked by others during the storage period of the server, which can ensure the normal message communication between the two parties and the relationship chain between the two parties. are kept confidential to prevent exposure to malicious third parties.
  • the receiving the first message sent by the sender and including the first information and the first message content includes: receiving the first message sent by the sender and including the first attribute information and the first message content, wherein , the first attribute information is determined by the sender according to the first information and the second information, and the second information is signed by the sender using the sender's private key to sign the first information get.
  • the saving of the first information and the content of the first message includes: verifying the second information according to the public key of the sender, and after the signature verification is successful, saving the first attribute information and the first message content.
  • the sending the first information and the content of the first message to a receiver corresponding to the first message, so that the receiver can decrypt the identifier of the sender according to the first information includes:
  • the first attribute information and the content of the first message are sent to the receiver corresponding to the first message, so that the receiver can decrypt the sender's identity according to the first information and obtain the decryption according to the decryption after successful decryption.
  • the sender's public key is used to verify the signature of the second information in the first attribute information.
  • the recipient is a group user
  • the receiving a first message sent by the sender that includes the first attribute information and the content of the first message includes: receiving a message sent by the sender that includes the first attribute information, the second message attribute information and the first message of the first message content, wherein the second attribute information is obtained by the sender using the sender's private key to sign a third random number, and the third random number is obtained by the sender generated by the sender.
  • the method further includes: saving the second attribute information.
  • two fields may be added to the database of the server, which are respectively used to store the first attribute information and the second attribute information.
  • the first attribute information can be recorded as extra
  • the second attribute information can be recorded as v.
  • a "ciphertext source” field can be added to the database to store extra.
  • This field can also be named extra, and "verifySig” can be added. field is used to store v.
  • the above names are only examples and can be set according to the actual situation. Among them, the names extra and verifySig can improve security and privacy protection, and avoid easily exposing the use of this ciphertext data.
  • the method further includes: receiving a first message for the first message that includes the third attribute information and the third random number and is sent by the sender.
  • a withdrawal message wherein the third attribute information is determined by third information and fourth information, the third information is determined by the sender according to a fourth random number and new encrypted sender information, the fourth random number The number is generated by the sender, and the new encrypted sender information is obtained by the sender encrypting the fourth random number, the group password and the sender ID by using the second preset encryption algorithm,
  • the fourth information is obtained by the sender signing the third information using the sender's private key; the fourth information is signed according to the sender's public key, and the signature is verified.
  • FIG. 7 is a schematic flowchart of another message processing method provided by an embodiment of the present application.
  • the method may be executed by a message processing apparatus, wherein the apparatus may be implemented by software and/or hardware, and may generally be integrated in computer equipment.
  • Step 701 Receive first information and first message content sent by a server, wherein the first information and the first message content are included in the first message sent by the sender to the server, and the first message The information is obtained by encrypting the identifier of the sender by the sender using a preset encryption algorithm.
  • Step 702 Decrypt the sender identifier according to the first information.
  • the receiver receives the first information and the first message content sent by the message sender and forwarded by the server, and the first information is encrypted by the sender using a preset encryption algorithm. Therefore, the first information will not be cracked by others during the storage period of the server, which ensures that the relationship chain between the two communication parties of the message is kept secret and prevents exposure to malicious third parties.
  • an accurate message sender can be obtained, and subsequent operations can be performed according to the message sender and the content of the first message to ensure the accuracy and security of communication between the two parties.
  • the receiving the first information and the first message content sent by the server includes: receiving the first attribute information and the first message content sent by the server, wherein the first attribute information is included in the in the first message, and determined by the sender according to the first information and the second information, the second information is signed by the sender using the sender's private key to the first message get.
  • the method further includes: if the decryption is successful, obtaining the public key of the corresponding sender according to the identifier of the sender obtained by decryption; The second information is verified.
  • the receiver is a single user
  • the first information includes a first random number, a first public key in a first random key pair, and encrypted sender information
  • the first random number and the first random key pair are generated by the sender
  • the encrypted sender information is encrypted by the sender using a first preset encryption algorithm to the first random number, the first public key and the sender.
  • the identifier is encrypted to obtain the first public key
  • the first public key is generated by the sender using a preset key agreement protocol based on the first private key in the first random key pair and the recipient's public key.
  • the decrypting the identifier of the sender according to the first information includes: generating by using the preset key agreement protocol based on the private key of the receiver and the first public key in the first random key pair second public key; decrypting the sender identification for the encrypted sender information according to the second public key and the first random number.
  • the encrypted sender information is encrypted by the sender using a first preset encryption algorithm to encrypt the first random number, the first hash value corresponding to the first public key, and the sender identifier Obtaining; the decrypting the sender identifier for the encrypted sender information according to the second public key and the first random number includes: using a preset hash algorithm to calculate the corresponding correspondence of the second public key The second hash value of the encrypted sender information is decrypted according to the second hash value and the first random number for the encrypted sender information.
  • the advantage of this setting is that it matches the calculation method of the sender's public key. After hash operation, the length of the public key can be fixed, reducing the complexity of subsequent operations.
  • the receiver C can read the first information payload from the first attribute information, and obtain the first random numbers IV and R therein. If the payload also includes version, the receiver C can first The own version information is compared with the obtained version. If the receiver C's own version information is inconsistent with the obtained version, the corresponding version adaptation operation is performed according to the preset compatibility policy. Then, ECDH can be used to calculate the second public key P based on cc and R, namely ECDH: ( c c , R) ⁇ P.
  • An error can be reported if decryption fails.
  • the corresponding public key C a can be queried according to the decrypted source, and the signature of the second information S can be verified using C a . If the signature verification result is consistent with the first information payload, the authenticity of the first message can be proved.
  • the sender is A, that is, the signature verification is successful, and the follow-up process can be entered. If the signature verification fails, operations such as error reporting can be performed.
  • the receiver is a group user
  • the first information includes a second random number and encrypted sender information
  • the second random number is generated by the sender
  • the encrypted sender information is The sender encrypts the second random number, the group password corresponding to the group user, and the sender identifier by using a second preset encryption algorithm; the decryption of the sender identifier is performed according to the first information. , including: decrypting the sender identity for the encrypted sender information according to the second random number and the group password.
  • receiver C can read the first information payload from the first attribute information, and obtain the first random number IV in it. If the payload also includes version, the receiver C's own The version information is compared with the acquired version. If the receiver C's own version information is inconsistent with the acquired version, a corresponding version adaptation operation is performed according to the preset compatibility policy. Then, the source' is decrypted using the first random number IV and the group cipher to obtain the source. An error can be reported if decryption fails. If the decryption is successful, the corresponding public key C a can be queried according to the decrypted source, and the signature of the second information S can be verified using C a .
  • the authenticity of the first message can be proved.
  • the sender is A, that is, the signature verification is successful, and the follow-up process can be entered. If the signature verification fails, operations such as error reporting can be performed. Other receivers in the group can similarly perform the above operations, which are not repeated here.
  • the method further includes: receiving a message including the third attribute information sent by the server.
  • the second retraction message for the first message wherein the third attribute information is included in the first retraction message for the first message sent by the sender to the server, and the third attribute information
  • the information is determined by third information and fourth information, the third information is determined by the sender according to a fourth random number and the new encrypted sender information, the fourth random number is generated by the sender, the The new encrypted sender information is obtained by the sender encrypting the fourth random number, the group password and the sender identifier by using the second preset encryption algorithm, and the fourth information is obtained by the sender
  • the third information is obtained by signing the private key of the sender; according to the fourth random number and the group password, the sender identification is decrypted for the new encrypted sender information; if the decryption is successful, Then, obtain the public
  • the receiver after receiving the second withdrawal message sent by the server, the receiver reads the third attribute information extra, and then obtains the third information payload therein, and obtains the fourth random number IV therein, Use the fourth random number IV and the group password to decrypt the new encrypted sender information source'. If the decryption fails, an error can be reported. If the decryption succeeds, the sender identifier source can be obtained, and the corresponding sender identifier source can be obtained according to the decrypted sender identifier source.
  • the party's public key C a according to the obtained public key C a to verify the signature of the fourth information S, if the signature verification is successful, a corresponding withdrawal operation can be performed for the first message, such as removing the first message from the group conversation removed from the interface.
  • FIG. 8 is a schematic diagram of a one-to-one message interaction provided by an embodiment of the present application. As shown in FIG. 8 , the interaction process may include:
  • Step 801 The sender encrypts the sender identifier by using a preset encryption algorithm to obtain first information.
  • Step 802 The sender signs the first information with the sender's private key to obtain the second information, and determines the first attribute information according to the first information and the second information.
  • Step 803 The sender sends a first message including the first attribute information and the content of the first message to the server.
  • Step 804 The server verifies the signature of the second information according to the public key of the sender, and saves the first attribute information and the content of the first message after the signature verification is successful.
  • Step 805 The server sends the first attribute information and the first message content to the receiver when the preset sending condition is satisfied.
  • Step 806 The receiver decrypts the sender's identity according to the first information, and if the decryption is successful, obtains the corresponding sender's public key according to the decrypted sender's identity, and verifies the signature of the second information according to the obtained public key. .
  • FIG. 9 is a schematic diagram of a group message interaction provided by an embodiment of the present application. As shown in FIG. 9 , the interaction process may include:
  • Step 901 The sender encrypts the sender identifier by using a preset encryption algorithm to obtain first information.
  • Step 902 The sender signs the first information with the sender's private key to obtain the second information, and determines the first attribute information according to the first information and the second information.
  • Step 903 The sender signs the third random number with the sender's private key, obtains second attribute information, and saves the third random number.
  • Step 904 The sender sends a first message including the first attribute information, the second attribute information and the content of the first message to the server.
  • Step 905 The server verifies the signature of the second information according to the public key of the sender, and saves the first attribute information, the second attribute information and the content of the first message after the signature verification is successful.
  • Step 906 When the preset sending condition is met, the server sends the first attribute information and the first message content to the receiver.
  • Step 907 The receiver decrypts the sender's identity according to the first information, and if the decryption is successful, obtains the corresponding sender's public key according to the decrypted sender's identity, and verifies the signature of the second information according to the obtained public key. .
  • Step 908 when the sender detects that the recall event for the first message is triggered, the sender uses a preset encryption algorithm to encrypt the sender identifier to obtain third information.
  • Step 909 The sender signs the third information with the sender's private key to obtain fourth information, and determines the third attribute information according to the third information and the fourth information.
  • Step 910 The sender sends a first retraction message for the first message that includes the third attribute information and the third random number to the server.
  • Step 911 the server verifies the signature of the fourth information according to the public key of the sender, and verifies the signature of the second attribute information after the signature verification is successful.
  • Step 912 The server determines that the signature verification result is consistent with the random number carried in the first retraction message, and sends a second retraction message for the first message that includes the third attribute information to the recipient.
  • Step 913 The receiver decrypts the sender's identity according to the third information, and if the decryption is successful, obtains the corresponding sender's public key according to the decrypted sender's identity, and verifies the fourth information according to the obtained public key. , if the signature verification is successful, a corresponding withdrawal operation is performed for the first message.
  • FIG. 10 is a structural block diagram of a message processing apparatus provided by an embodiment of the application.
  • the apparatus can be implemented by software and/or hardware, and can generally be integrated in a computer device serving as a message sender.
  • Message processing methods can be executed by executing a message processing method. send processing.
  • the device includes:
  • the sender of the message before sending the message to the server, the sender of the message encrypts the identifier of the sender with a preset encryption algorithm to obtain the first information, and then sends the first information and the message to the server to the server.
  • the first message of the first message content The first message is used to instruct the server to save the first information and the first message content, and send the first information and the first message content to the first message when the preset sending conditions are met.
  • the corresponding receiver is used for the receiver to decrypt the identifier of the sender according to the first information, so as to obtain the identity of the sender of the first message.
  • the identity of the sender corresponding to the content of the first message is encrypted, and only the real receiver of the message can decrypt it.
  • the relationship chain between the two communication parties of the message is guaranteed to be kept secret to prevent exposure to malicious third parties.
  • FIG. 11 is a structural block diagram of another message processing apparatus provided by an embodiment of the application.
  • the apparatus can be implemented by software and/or hardware, and can generally be integrated in computer equipment such as a server, and can perform message forwarding by executing a message processing method. deal with.
  • the device includes:
  • the first message receiving module 1101 is configured to receive a first message sent by a sender that includes first information and content of a first message, wherein the first information is performed by the sender using a preset encryption algorithm to identify the sender.
  • the saving module 1102 is configured to save the first information and the content of the first message; the second message sending module 1103 is configured to save the first information and the first message when the preset sending conditions are met.
  • a message content is sent to the receiver corresponding to the first message, so that the receiver can decrypt the sender identifier according to the first information.
  • the server receives the first message sent by the message sender, the first message includes first information and the content of the first message, and the first information is sent by the sender using a preset encryption algorithm.
  • the logo is encrypted, and only the real message receiver can decrypt it. Therefore, the first information will not be cracked by others during the storage period of the server, which can ensure the normal message communication between the two parties and the relationship chain between the two parties. are kept confidential to prevent exposure to malicious third parties.
  • the second message receiving module 1201 is configured to receive first information and first message content sent by the server, wherein the first information and the first message content are included in the first message sent by the sender to the server , the first information is obtained by encrypting the sender identifier by the sender using a preset encryption algorithm; the sender identifier decryption module 1202 is configured to decrypt the sender identifier according to the first information.
  • the receiver receives the first information and the first message content sent by the message sender and forwarded by the server, and the first information is encrypted by the sender using a preset encryption algorithm. Therefore, the first information will not be cracked by others during the storage period of the server, which ensures that the relationship chain between the two communication parties of the message is kept secret and prevents exposure to malicious third parties.
  • an accurate message sender can be obtained, and subsequent operations can be performed according to the message sender and the content of the first message to ensure the accuracy and security of communication between the two parties.
  • Fig. 13 is a structural block diagram of a computer device provided by an embodiment of the present application.
  • the computer device 1300 includes a memory 1301, a processor 1302, and a computer program stored in the memory 1301 and executable on the processor 1302. When the processor 1302 executes the computer program, the message processing method provided by the embodiments of the present application is implemented.
  • the embodiments of the present application further provide a storage medium containing computer-executable instructions, where the computer-executable instructions are used to execute the message processing method provided by the embodiments of the present application when executed by a computer processor.
  • the message processing apparatus, device, and storage medium provided in the above embodiments can execute the message processing method provided by any embodiment of the present application, and have corresponding functional modules and beneficial effects for executing the method.
  • the message processing method provided by any embodiment of the present application can execute the message processing method provided by any embodiment of the present application, and have corresponding functional modules and beneficial effects for executing the method.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

La présente invention concerne un procédé et un appareil de traitement de message, un dispositif, ainsi qu'un support de stockage. Le procédé de traitement de message consiste à : chiffrer un identificateur d'expéditeur à l'aide d'un algorithme de chiffrement prédéfini, de façon à obtenir des premières informations ; et envoyer, à un serveur, un premier message comprenant les premières informations et un premier contenu de message, et utilisé pour donner l'instruction au serveur de sauvegarder les premières informations et le premier contenu de message, et lorsqu'une condition d'envoi prédéfinie est satisfaite, envoyer les premières informations et le premier contenu de message à un récepteur correspondant au premier message, de telle sorte que le récepteur déchiffre l'identificateur d'expéditeur selon les premières informations.
PCT/CN2021/093918 2020-07-28 2021-05-14 Procédé et appareil de traitement de message, dispositif et support de stockage WO2022022009A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010737744.7A CN111914291A (zh) 2020-07-28 2020-07-28 消息处理方法、装置、设备及存储介质
CN202010737744.7 2020-07-28

Publications (1)

Publication Number Publication Date
WO2022022009A1 true WO2022022009A1 (fr) 2022-02-03

Family

ID=73280204

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/093918 WO2022022009A1 (fr) 2020-07-28 2021-05-14 Procédé et appareil de traitement de message, dispositif et support de stockage

Country Status (2)

Country Link
CN (1) CN111914291A (fr)
WO (1) WO2022022009A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023231817A1 (fr) * 2022-05-31 2023-12-07 腾讯科技(深圳)有限公司 Procédé et appareil de traitement de données, et dispositif informatique et support de stockage
CN117834138A (zh) * 2024-03-04 2024-04-05 北卡科技有限公司 一种适用于即时通信的密钥协商方法、系统、设备及介质
WO2024098550A1 (fr) * 2022-11-10 2024-05-16 阿里巴巴(中国)有限公司 Procédé de chiffrement et procédé de déchiffrement pour identifiant d'utilisateur dans des données, et système et dispositif

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111914291A (zh) * 2020-07-28 2020-11-10 广州市百果园信息技术有限公司 消息处理方法、装置、设备及存储介质
CN114501417A (zh) * 2020-11-12 2022-05-13 华为技术有限公司 一种信息发送方法及装置
CN113204794B (zh) * 2021-07-02 2021-10-15 深圳市深圳通有限公司 交易记录安全存储方法、装置、设备及存储介质
CN113783847B (zh) * 2021-08-24 2023-06-30 上海浦东发展银行股份有限公司 消息交互方法、装置、计算机设备和存储介质

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130219166A1 (en) * 2012-02-20 2013-08-22 Motorola Mobility, Inc. Hardware based identity manager
CN103916310A (zh) * 2014-03-28 2014-07-09 北京奇虎科技有限公司 发送即时通信消息的方法、即时通信客户端和服务器
CN108667718A (zh) * 2018-04-26 2018-10-16 济南浪潮高新科技投资发展有限公司 一种即时通信系统及其通信方法
CN108833373A (zh) * 2018-05-29 2018-11-16 东北大学 面向关系隐私保护社交网络的即时通信与匿名访问方法
CN111914291A (zh) * 2020-07-28 2020-11-10 广州市百果园信息技术有限公司 消息处理方法、装置、设备及存储介质

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2415579B (en) * 2004-06-23 2006-12-20 Hewlett Packard Development Co Cryptographic method and apparatus
CN101834806B (zh) * 2010-03-25 2012-10-24 盈世信息科技(北京)有限公司 一种邮件撤回方法及系统
CN103166832A (zh) * 2011-12-15 2013-06-19 腾讯科技(深圳)有限公司 一种发送消息的方法和服务器

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130219166A1 (en) * 2012-02-20 2013-08-22 Motorola Mobility, Inc. Hardware based identity manager
CN103916310A (zh) * 2014-03-28 2014-07-09 北京奇虎科技有限公司 发送即时通信消息的方法、即时通信客户端和服务器
CN108667718A (zh) * 2018-04-26 2018-10-16 济南浪潮高新科技投资发展有限公司 一种即时通信系统及其通信方法
CN108833373A (zh) * 2018-05-29 2018-11-16 东北大学 面向关系隐私保护社交网络的即时通信与匿名访问方法
CN111914291A (zh) * 2020-07-28 2020-11-10 广州市百果园信息技术有限公司 消息处理方法、装置、设备及存储介质

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023231817A1 (fr) * 2022-05-31 2023-12-07 腾讯科技(深圳)有限公司 Procédé et appareil de traitement de données, et dispositif informatique et support de stockage
WO2024098550A1 (fr) * 2022-11-10 2024-05-16 阿里巴巴(中国)有限公司 Procédé de chiffrement et procédé de déchiffrement pour identifiant d'utilisateur dans des données, et système et dispositif
CN117834138A (zh) * 2024-03-04 2024-04-05 北卡科技有限公司 一种适用于即时通信的密钥协商方法、系统、设备及介质
CN117834138B (zh) * 2024-03-04 2024-05-24 北卡科技有限公司 一种适用于即时通信的密钥协商方法、系统、设备及介质

Also Published As

Publication number Publication date
CN111914291A (zh) 2020-11-10

Similar Documents

Publication Publication Date Title
WO2022022009A1 (fr) Procédé et appareil de traitement de message, dispositif et support de stockage
US11533297B2 (en) Secure communication channel with token renewal mechanism
US20180013555A1 (en) Data transmission method and apparatus
US7149311B2 (en) Methods and apparatus for providing networked cryptographic devices resilient to capture
CN108111497B (zh) 摄像机与服务器相互认证方法和装置
US8433066B2 (en) Method for generating an encryption/decryption key
US20180219688A1 (en) Information Transmission Method and Mobile Device
CN109951513B (zh) 基于量子密钥卡的抗量子计算智能家庭量子云存储方法和系统
US9942042B1 (en) Key containers for securely asserting user authentication
CN111294203B (zh) 信息传输方法
CN110505055B (zh) 基于非对称密钥池对和密钥卡的外网接入身份认证方法和系统
JP2019514314A (ja) 暗号化メッセージを送受信するために動的公開鍵インフラストラクチャを用いる方法、システム、及び媒体
US11438316B2 (en) Sharing encrypted items with participants verification
CN108768613A (zh) 一种基于多种加密算法的密文口令校验方法
CN113347143B (zh) 一种身份验证方法、装置、设备及存储介质
WO2023151479A1 (fr) Procédé de traitement de données et dispositif
US20240106633A1 (en) Account opening methods, systems, and apparatuses
CN115473655B (zh) 接入网络的终端认证方法、装置及存储介质
WO2023116266A1 (fr) Procédé, système et dispositif de chiffrement de communication
CN116366364A (zh) 一种用于云电脑的终端数据处理方法及系统
CN115412236A (zh) 一种密钥管理和密码计算的方法、加密方法及装置
CN111212068B (zh) 一种输入法对文字加解密的方法
CN113475038A (zh) 使用半信任中介的安全消息传递
CN112350920A (zh) 基于区块链的即时通讯系统
CN107623571B (zh) 一种握手处理方法、客户端及服务器

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21848595

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21848595

Country of ref document: EP

Kind code of ref document: A1