WO2023169187A1 - Procédé de génération de clé secrète de conférence, terminal et dispositif - Google Patents

Procédé de génération de clé secrète de conférence, terminal et dispositif Download PDF

Info

Publication number
WO2023169187A1
WO2023169187A1 PCT/CN2023/077022 CN2023077022W WO2023169187A1 WO 2023169187 A1 WO2023169187 A1 WO 2023169187A1 CN 2023077022 W CN2023077022 W CN 2023077022W WO 2023169187 A1 WO2023169187 A1 WO 2023169187A1
Authority
WO
WIPO (PCT)
Prior art keywords
conference
key
terminal
user terminal
group
Prior art date
Application number
PCT/CN2023/077022
Other languages
English (en)
Chinese (zh)
Inventor
赵高永
耿峰
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2023169187A1 publication Critical patent/WO2023169187A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/16Arrangements for providing special services to substations
    • H04L12/18Arrangements for providing special services to substations for broadcast or conference, e.g. multicast
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/14Systems for two-way working
    • H04N7/15Conference systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0431Key distribution or pre-distribution; Key agreement
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Definitions

  • the present application relates to the field of computer technology, and in particular, to a conference key generation method, terminal and equipment.
  • End-to-end encryption allows data to always exist in ciphertext during transmission from the source to the destination.
  • end-to-end encryption the message is not decrypted before it reaches the destination when being transmitted. , because the message is protected throughout the transmission process, the message will not be leaked even if a node is damaged.
  • End-to-end secure communication is generally used in instant messaging communication scenarios in consumer-oriented online social media.
  • Conference services for enterprises are usually carried out using conference terminals.
  • the conference terminal is an intelligent host, intelligent central control and other equipment that cooperates with the front-end analog camera to collect images and audio, perform input and output encoding and decoding processing, and then perform point-to-point and point-to-multi transmission.
  • Internal personnel of the enterprise use dedicated conference terminals to join the conference to receive or send audio and video data.
  • Conference services for enterprises generally use group OOB technology to detect whether there is a man-in-the-middle (MitM) risk after the conference is established.
  • Mitsubishi man-in-the-middle
  • This can only detect station-to-device (station-to-device) attacks.
  • Station) pipeline MitM risk it is impossible to determine whether someone has used the conference terminal to join the conference.
  • Embodiments of the present application provide a conference key generation method, terminal and device, which are used to implement security authentication between users and devices through out-of-band data.
  • embodiments of the present application provide a method for generating a conference key.
  • the method includes: the user terminal obtains the group authentication key agreement protocol GAKE of the conference; the user terminal communicates with the conference key according to the GAKE.
  • the user terminals of other participating users negotiate the conference secret key for joining the conference; the user terminal sends the conference secret key to the conference terminal, so that the conference terminal can use the conference secret key after joining the conference.
  • the user terminal encrypts and decrypts the conference data according to the conference secret key.
  • the user terminal can be the user's terminal device (such as a mobile phone, a tablet computer, etc.), and the conference terminal is a terminal device used by the user to join the conference (such as a voice conference terminal or a video conference terminal, etc.).
  • the conference terminal is a terminal device used by the user to join the conference (such as a voice conference terminal or a video conference terminal, etc.).
  • the authentication between users and conference terminals is relatively weak and cannot detect risks from users to conference terminals. risk.
  • the GAKE used to negotiate the secret key can be sent to the user terminal that is strongly bound to the user, and then the user terminal sends the conference secret key determined based on GAKE to the conference terminal, and the conference terminal
  • the conference data is encrypted and decrypted to provide conference services to participating users.
  • the conference terminal obtains the conference secret key through the user terminal, based on the strong binding relationship between the participating users and the user terminal, The authentication between the conference terminal and the participating users has been enhanced. Not only can the encryption between the conference terminal and the conference terminal be guaranteed based on the conference key, the enhanced user authentication can help reduce the risk of man-in-the-middle attacks.
  • the user terminal can also complete operations such as encryption and decoding of conference data; this implementation can also ensure encryption from conference terminal to conference terminal based on the conference key, and effectively reduces man-in-the-middle attacks based on strong binding of user terminals risks of.
  • the user terminal sending the conference secret key to the conference terminal includes: the user terminal generates the public key and private key of the user terminal; the user terminal sends the user terminal The terminal’s public key is sent to the conference terminal, and obtains the public key of the conference terminal; the user terminal encrypts the conference secret key according to the private key of the user terminal and the public key of the conference terminal; the user terminal encrypts the The conference secret key is sent to the conference terminal, so that the conference terminal decrypts and obtains the conference secret key according to the public key of the user terminal and the private key of the conference terminal.
  • the user terminal and the conference terminal generate their own public keys and private keys respectively, and exchange their respective public keys, so that in the subsequent communication process, the user terminal and the conference terminal use their own private keys and the public keys of the other end.
  • the key encrypts or decrypts the data sent or received, thereby ensuring the security of information interaction. Since there is a strong binding relationship between the user terminal and the user, and the user terminal and the conference terminal are securely encrypted, the security between the user and the conference terminal is achieved and the risk of man-in-the-middle attacks is reduced.
  • the user terminal encrypts and decrypts the data of the conference according to the conference secret key, including: the user terminal obtains data from the conference terminal according to the conference secret key.
  • the received remote data is decrypted, and the remote data is the data of the conference from the remote end; the user terminal sends the decrypted data to the conference terminal; and/or the user terminal sends the decrypted data to the conference terminal according to the
  • the conference secret key encrypts local data obtained from the conference terminal, and the local data is the conference data collected locally by the conference terminal; the user terminal sends the encrypted data to the Conference terminal.
  • the conference terminal does not need to obtain the conference secret key and encrypt and decrypt the conference data. Instead, the user terminal with a strong binding relationship with the user encrypts and decrypts the conference data, thereby ensuring the security of the conference data. sex.
  • the user terminal negotiates the conference secret key with the user terminals of other participating users of the conference according to the GAKE, including: the user terminal determines based on the signal Signal based on the GAKE The protocol negotiates a conference secret key with other participating users of the conference; or, the user terminal determines, based on the GAKE, to negotiate a conference secret key with other participating users of the conference based on the message layer security MLS protocol.
  • the user terminal can negotiate the conference key with other user terminals based on the Signal protocol or the MLS protocol.
  • Negotiating the conference key based on the Signal protocol helps reduce initialization costs, and negotiating the conference key based on the MLS protocol helps reduce the cost of subsequent update of the conference key.
  • the user terminal and other participants are included in a group, the group includes at least one secondary group, and the secondary group includes a secondary group owner Node, the user terminal is the main group master node of the group; the user terminal negotiates the conference secret key with the user terminals of other participating users of the conference according to the GAKE, including: the user terminal will The generated conference key is sent to the secondary group master node of the secondary group based on the Signal protocol or the message layer security MLS protocol.
  • the above-mentioned user terminal may form a group with all other participants in the conference, or may also form a group with some participants. Construct a sub-group in the group.
  • the process of distributing conference keys in the sub-group can be carried out at the same time, thus helping to reduce the time for updating the conference key, especially in large conferences.
  • the effect of distribution time is more significant.
  • the above-mentioned user terminal serves as the primary group master node in the group and distributes the conference key determined by it to the secondary group master node based on the Signal protocol or the MLS protocol, so that the secondary group master node can transfer the conference key to the secondary group master node.
  • the secret key is distributed to other nodes in their respective secondary group owners.
  • the user terminal and other participants are included in a group, the group includes at least one secondary group, and the user terminal is a subordinate of the secondary group.
  • Level group master node the group includes a master group master node; the user terminal negotiates the conference secret key with the user terminals of other participating users of the conference according to the GAKE, including: the user terminal receives the The conference secret key sent by the master node of the primary group; the user terminal sends the conference secret key to other nodes in the secondary group based on the message layer security MLS protocol. Construct a sub-group in the group, and the process of distributing conference keys in the sub-group can be carried out at the same time, thus helping to reduce the time for updating the conference key, especially suitable for large conferences.
  • the above-mentioned user terminal can serve as the secondary group owner node of the secondary group owner, and distribute the meeting secret key to other nodes in the secondary group owner based on the MLS protocol.
  • secondary groups may also contain a larger number of nodes. Distributing conference keys based on the MLS protocol is more helpful in reducing the cost of conference key updates.
  • the method further includes: the user terminal obtains the updated GAKE, and negotiates the conference secret key with the user terminals of other participating users of the conference based on the updated GAKE.
  • embodiments of the present application provide a conference key generation method, which is applied to out-of-band authentication equipment.
  • the data channel of the out-of-band authentication device is different from the data channel of the conference system.
  • the method includes: the out-of-band authentication device receives conference information, and the conference information includes information of N participating users; the out-of-band authentication device generates a group authentication key agreement protocol GAKE for the conference; The out-of-band authentication device sends the GAKE to the user terminal of each user participating in the conference, so that the user terminals of the N users negotiate the conference key of the conference based on the GAKE.
  • the data channel of the out-of-band authentication device is different from the data channel of the conference system of the conference.
  • the out-of-band authentication device sends the GAKE generated based on the conference information to the user terminal of each participating user. Since there is a strong binding relationship between the user terminal and the user, the security of GAKE is guaranteed and helps To avoid the risk of man-in-the-middle attacks.
  • the method further includes: the out-of-band authentication device receiving updated conference information of the conference, where the updated conference information includes information of M participating users;
  • the out-of-band authentication device updates the GAKE of the conference;
  • the out-of-band authentication device sends the updated GAKE to the user terminal of each of the M participating users, so that the M The user's terminal updates the conference key of the conference according to the updated GAKE.
  • the GAKE includes at least one or any combination of the following indication information: indication information instructing the terminal of the participating user to generate a conference key based on the Signal protocol; instructing the participating user Instruction information that the user's terminal generates a conference key based on the message layer security MLS protocol; instruction information that instructs the participating users to construct a secondary group; instruction information that instructs the secondary group to generate a conference key based on the MLS protocol; instruction information Instruction information for generating conference keys between secondary groups based on Signal protocol or MLS protocol.
  • embodiments of the present application provide a user terminal, which includes modules/units that execute the above first aspect and any possible implementation of the first aspect; these modules/units can be implemented by hardware, or A corresponding software implementation can be executed via hardware.
  • the user terminal includes: an acquisition module, used to obtain the group authentication key agreement protocol GAKE of the conference; a negotiation module, used to negotiate with the user terminals of other participating users of the conference to join according to the GAKE
  • the conference secret key of the conference the terminal also includes a sending module for sending the conference secret key to the conference terminal, so that the conference terminal can send the conference secret key to the conference according to the conference secret key after joining the conference.
  • the conference data is encrypted and decrypted; or the terminal further includes an encryption and decryption module for encrypting and decrypting the conference data according to the conference secret key.
  • inventions of the present application provide a computer device.
  • the computer device includes a memory and a processor; the memory stores a computer program; and the processor is configured to call the computer program stored in the memory to execute the following: The method described in the first aspect and any implementation of the first aspect, or performing the method described in the second aspect and any implementation of the second aspect.
  • embodiments of the present application provide a computer-readable storage medium. Instructions are stored in the computer-readable storage medium. When the instructions are run on a computer, they cause the computer to execute the steps as described in the first aspect and the third aspect. The method described in any implementation manner in one aspect, or the method described in any implementation manner of the second aspect and the second aspect is performed.
  • embodiments of the present application provide a computer program product containing instructions that, when run on a computer, cause the method described in the first aspect and any implementation manner of the first aspect to be executed, or cause the method as described in any of the first aspect implementations to be executed.
  • the method described in the second aspect and any implementation manner of the second aspect is executed.
  • Figure 1 is a schematic diagram of a scenario for generating a conference key provided by an embodiment of the present application
  • Figure 2 is a schematic diagram of negotiating a conference key based on the Signal protocol provided by the embodiment of the present application
  • Figure 3 is a ratchet tree structure established based on the MLS protocol provided by the embodiment of the present application.
  • Figure 4 is a schematic diagram of applicable scenarios of the conference key generation method provided by the embodiment of the present application.
  • Figure 5 is a schematic flowchart of a conference key generation method applied to a user terminal provided by an embodiment of the present application
  • Figure 6 is a schematic flow chart of a user terminal and a conference terminal interacting with a conference key provided by an embodiment of the present application;
  • Figure 7a is a schematic diagram of a conference process provided by an embodiment of the present application.
  • Figure 7b is a schematic diagram of another meeting process provided by the embodiment of the present application.
  • Figure 8 is a schematic diagram of a conference key update process provided by an embodiment of the present application.
  • Figure 9 is a schematic structural diagram of a user terminal provided by an embodiment of the present application.
  • Figure 10 is a schematic structural diagram of a computer device provided by an embodiment of the present application.
  • Conference services provided to enterprises are usually group communications. All nodes in group communications can use an agreed key to encrypt sent messages or decrypt received messages to achieve encrypted communications. Generally speaking, the secret key used to encrypt communication messages during the conference can be called the conference key.
  • Each node participating in the conference can be divided into group master nodes and member nodes according to their roles. The group master node is responsible for generating the conference key and delivering the conference key to the member nodes.
  • the group master node can negotiate the channel key with each member node separately to determine the channel key between the group master node and each member node. Then, the group master node can use the channel key with each member node to encrypt the conference key, and then send the encrypted conference key to the corresponding member node, thereby safely distributing the conference key in the group . That is to say, before all nodes carry out encrypted communication, the group master node needs to negotiate the channel key with each member node and distribute the conference key based on the channel key.
  • FIG. 1 is a schematic diagram of a scenario for generating a conference key according to an embodiment of the present application.
  • this scenario includes a server 10 and multiple terminal devices.
  • terminal device 11 , terminal device 12 , terminal device 13 and terminal device 14 are shown as an example.
  • the scenario shown in Figure 1 may have more terminal devices.
  • the number of terminal devices may exceed 1,000.
  • the channel key negotiation can be performed according to the E2EE key agreement protocol or the group key agreement protocol. Two common channel key agreement protocols are introduced below.
  • Signal protocol is an E2EE key agreement protocol.
  • multiple nodes that need to communicate can negotiate channel keys based on the Signal protocol.
  • the group master node can conduct a key negotiation with each member node to determine the channel key between the group master node and each member node. There is a pair of channels between the group master node and each member node. key.
  • FIG. 2 shows that the group includes one group master node (group master node A) and three member nodes (member node B, member node C, and member node D).
  • the channel key between group master node A and member node B obtained after key negotiation between group master node A and member node B is EK AB
  • the channel key between group master node A and member node B obtained after key negotiation between group master node A and member node C is EK AC
  • the channel key between group master node A and member node D obtained after key negotiation between group master node A and member node D is EK AD .
  • each node can independently generate its own keystore, where the keystore of each node includes a public key and a private key, and each node uploads the public key to the server 10 .
  • the group master node performs key negotiation with each member node, it starts from The server 10 obtains the public key of each member node, and generates a channel key corresponding to each member node based on its own key database and the public key of each member node.
  • the group master node After the group master node generates the channel key with each member node, it can be considered to have established a secure trust relationship with each member node. At this time, the group master node can distribute the conference key used for secure communication to each member node.
  • the group master node randomly generates a conference key, and the conference key is used by all nodes for encrypted group communication.
  • the group master node encrypts the conference key through the channel key with each member node, and then sends the encrypted conference key to each member node.
  • all nodes can conduct encrypted group communication. Specifically, the node that sends the message can use the conference key to encrypt the message, and then sends the encrypted message. The node that receives the message uses the conference key to decrypt the received message to obtain the transmitted message.
  • the group master node can use the channel key with each member node to encrypt the conference key. key, which can ensure safe distribution of conference keys.
  • the group master node needs to re-determine the conference key and re-issue the conference key to each member of the current group. member node.
  • the channel key between the group master node and the member nodes can be quickly established, but the overhead of updating the conference key is high.
  • the MLS protocol is a group key agreement protocol that establishes a ratchet tree structure.
  • the ratchet tree structure established based on the MLS protocol is shown in Figure 3 .
  • the nodes at the bottom are leaf nodes, and all leaf nodes correspond to the nodes in the group that need to communicate.
  • the non-leaf nodes are used to assist in forming the ratchet tree and do not correspond to the nodes that actually need to communicate.
  • the ratchet tree is a left-first binary balanced tree composed of all nodes.
  • the group master node can be any node among all nodes, and the group master node is used to assist all nodes in establishing the ratchet tree structure.
  • node A and node B correspond to non-leaf node E
  • node C and node D correspond to non-leaf nodes.
  • F, nodes A, B, C, and D each have their own auxiliary information, which includes public and private key pairs.
  • the auxiliary information of node A includes the public key PK A and the private key SK A of the node A
  • the auxiliary information of the node B includes the public key PK B and the private key SK B of the node B
  • the auxiliary information of the node C includes the node C's public key PK C and private key SK C
  • node D's auxiliary information includes node D's public key PK D and private key SK D
  • the auxiliary information of node E is derived based on the auxiliary information of node A and node B.
  • the auxiliary information of node E includes the public key PK AB and private key SK AB of node E.
  • the auxiliary information of node F is derived based on the auxiliary information of node C and node D.
  • the auxiliary information of node F includes the public key PK CD and private key SK CD of node F.
  • the auxiliary information of node G is derived based on the auxiliary information of node E and node F.
  • the auxiliary information of node G includes the public key PK ABCD and private key SK ABCD of node G.
  • Each node stores the auxiliary information of all ancestor nodes of the node and saves the public key in the auxiliary information of the ancestor node's neighbor nodes.
  • node A stores the auxiliary information of nodes E and node G, and stores the public key of node F.
  • the group master node can safely distribute the conference key through the ratchet tree structure. For example, assuming that node A is the group master node, node A can use the public key of node E to encrypt the conference key to generate encrypted data 1 and send the encrypted data 1. Since node B stores the auxiliary information of node E, node B can Decrypt the encrypted data 1 using node E's private key to obtain the conference key. Similarly, node A can also use the public key of node G to encrypt the conference key to generate encrypted data 2, and send the encrypted data 2.
  • node C and node D can decrypt the encrypted data 2 to obtain the conference key, and then complete the Distribution of conference keys.
  • the auxiliary information of non-leaf nodes is used to encrypt the conference key, and the auxiliary information of non-leaf nodes can also be considered as the channel key between the group master node and each node.
  • the auxiliary information of node F needs to be re-derived based on node D, and then the auxiliary information of node G needs to be derived based on the auxiliary information of node F and node E.
  • the channel key update can be completed by updating the auxiliary information of the ancestor nodes stored in nodes A, B, and D, and the public keys of the neighbor nodes of the ancestor nodes. In other words, by negotiating the channel key based on the MLS protocol, non-full channel key updates can be implemented to reduce the cost of the channel key update process.
  • the overhead of negotiating the channel key based on the MLS protocol is higher, but the channel key update is more efficient.
  • the above two methods of negotiating conference keys can only ensure device-to-device security and cannot solve the risk of man-in-the-middle attacks.
  • some employees within the enterprise use conference terminal equipment to hold meetings, but whether the user of the conference equipment is a person allowed to participate in the meeting cannot be identified through technical means. Especially in large conferences, it can even be difficult to identify manually.
  • embodiments of the present application provide a method for generating a conference key to implement security authentication between the user and the device through out-of-band data.
  • the conference scenario includes a conference management system, a multipoint control unit (MCU), out-of-band authentication equipment, and several conference terminals used to access the conference (such as video conference terminals, voice conference terminals, etc.) , the user's user terminal (such as mobile phone, computer, tablet computer, etc.).
  • MCU multipoint control unit
  • the user's user terminal such as mobile phone, computer, tablet computer, etc.
  • the conference management system can be used to create a conference, determine the participating users and corresponding user terminals, determine the conference creation time, determine the number of each user terminal in the conference, update participating users, manage the conference, etc.
  • the MCU can be used to forward conference data.
  • the conference terminal sends the conference data collected locally to the MCU, and the MCU sends the conference data to other conference terminals; the conference terminal can also obtain the conference data collected by other conference terminals from the MCU.
  • the conference management system and MCU can be deployed separately or in the same physical device.
  • the out-of-band authentication device can generate a group authentication key exchange protocol (GAKE) based on the conference information issued by the conference management system, and send GAKE to the user terminal.
  • GAKE group authentication key exchange protocol
  • the out-of-band authentication device is implemented through out-of-band management, and its data channel is different from that of the conference system. Therefore, it will not occupy the resources of the conference system and will not affect the quality of the conference.
  • Figure 4 takes the conference as containing three participating users as an example. Each user can use a user terminal and a conference terminal to join the conference.
  • P1 represents the user terminal of user Alice
  • T1 represents the conference terminal used by user Alice to join the conference
  • P2 represents the user terminal of user Bob
  • T2 represents the conference terminal used by user Bob to join the conference
  • P3 represents the user terminal of user Carol
  • T3 indicates the conference terminal used by user Carol to join the conference.
  • FIG. 5 is a schematic flow chart of a conference key generation method applied to a user terminal provided by an embodiment of the present application. As shown in the figure, the method may include the following steps:
  • Step 501 The user terminal obtains the GAKE of the conference.
  • the user terminal can obtain the GAKE used to negotiate the conference key from the out-of-band authentication device shown in FIG. 4 .
  • the user terminal is a terminal that has a strong binding relationship with the user, such as a mobile phone, a tablet computer, etc.
  • the out-of-band authentication device sends GAKE to the user terminal, so that GAKE is only sent to the user terminal of the conference participant. Since there is a strong binding relationship between the user terminal and the user, the conference secret key is not easily leaked to non-participants. users, thus making the conference key generated based on GAKE more secure and reliable. Even if non-participating users use the enterprise's conference terminal, the conference terminal cannot obtain GAKE and therefore cannot obtain the conference key and cannot access the conference. Therefore, compared with traditional solutions, the solution of this application also realizes user-to-device authentication on the basis of device-to-device encryption, reducing the risk of man-in-the-middle attacks.
  • the out-of-band authentication device can send GAKE to the user terminal through SMS, or the conference application (APP, APP) can be installed in the user terminal in advance.
  • the authentication device sends GAKE to the user terminal through the conference APP, or the user can also obtain GAKE through other methods. This application embodiment does not limit this.
  • Step 502 The user terminal negotiates the conference key for joining the conference with the user terminals of other participating users in the conference according to GAKE.
  • the user terminal can negotiate the conference key according to the method shown in Figure 2; if the user terminal determines to generate the conference secret based on the MLS protocol according to the instructions of GAKE, key, then the user terminal can negotiate the conference key according to the method shown in Figure 3.
  • the user terminal can be the group master node or a member node.
  • the user terminals can also be grouped according to the instructions of GAKE to form a secondary group.
  • the user terminals in the secondary group generate the conference key based on the MLS protocol, and the secondary groups can communicate with each other based on the MLS protocol.
  • Signal protocol or MLS protocol generates a conference key; the above-mentioned user terminal can be the main group master node of the entire group, the secondary group master node of the secondary group, or the member node of the secondary group.
  • the process of the user terminal negotiating the conference key is implemented through an out-of-band channel. That is, the conference key negotiation does not occupy the resources of the conference system, thereby avoiding the impact of occupying conference system resources on the conference and causing delays in conference data. Especially in the process of updating the conference key during the conference, whether the system conference resources are occupied has a significant impact on the conference data.
  • the user terminal After the user terminal negotiates the conference key, it can perform the following step 503a, or it can also perform the following step 503b, thereby providing the user with conference services.
  • Step 503a The user terminal sends the conference secret key to the conference terminal, so that the conference terminal can encrypt and decrypt the conference data according to the conference secret key after joining the conference.
  • participating users join the conference through the conference terminal, obtain conference data through the conference terminal, and send conference data through the conference terminal.
  • the user terminal is only used to provide the conference secret key and does not need to obtain or send conference data.
  • Meeting data needs to be decrypted, encrypted, etc.
  • the user terminal sends the conference secret key to the conference terminal used by the user to join the conference according to the user's operation, so that the conference terminal joins the conference according to the conference secret key, and the conference terminal obtains the conference data and decrypts the conference data.
  • the conference terminal Provide it to the user, or the conference terminal encrypts the conference data and sends the encrypted conference data.
  • user terminals and conference terminals can be connected through wireless communication methods such as near field communication (NFC), Bluetooth, wireless local area network (WLAN), etc., or they can also be connected through hardware, thus Cause the user terminal to send GAKE to the conference terminal.
  • wireless communication methods such as near field communication (NFC), Bluetooth, wireless local area network (WLAN), etc.
  • Step 503b The user terminal encrypts and decrypts the conference data according to the conference key.
  • the conference terminal it is not necessary for the conference terminal to encrypt and decrypt the conference data.
  • the user The user terminal is used to encrypt and decrypt the conference data. Specifically, it can include the following two situations:
  • the user terminal is connected to the conference terminal. Although the participating users use the conference terminal to access the conference, the user terminal performs encryption and decryption operations on the conference data. Specifically, after the conference terminal joins the conference, after obtaining the remote data (that is, the conference data from the remote end), the conference terminal sends the remote data to the user terminal, and the user terminal decrypts the remote data according to the conference secret key.
  • the conference terminal After the conference terminal joins the conference, after obtaining the remote data (that is, the conference data from the remote end), the conference terminal sends the remote data to the user terminal, and the user terminal decrypts the remote data according to the conference secret key.
  • the conference terminal will display the decrypted data to the user, such as playing voice information, playing video information, displaying text information, etc.; the conference terminal obtains local data (that is, the conference terminal collects it from the local After receiving the conference data (such as local data obtained through input devices such as speakers and cameras), the local data can be sent to the user terminal.
  • the user terminal encrypts the local data according to the conference key and sends the encrypted data to Conference terminal, so that the conference terminal sends encrypted data to the MCU or other conference terminals participating in the conference.
  • the user terminal and the conference terminal can be connected through wireless communication methods such as NFC, Bluetooth, and WLAN, or they can also be connected through hardware.
  • Scenario 2 Participants use user terminals to access the conference.
  • the user terminal obtains the encrypted conference data from the MCU and decrypts the encrypted conference data based on the conference secret key.
  • the user terminal encrypts the conference data to be sent and
  • the encrypted conference data is sent to the MCU.
  • the conference APP can be installed in the user terminal in advance, the out-of-band authentication device sends GAKE to the user terminal through the conference APP, and the user terminal obtains and sends conference data through the conference APP. In this case, there is no need to use hardware for the conference terminal.
  • the GAKE used to negotiate the secret key can be sent to the user terminal that is strongly bound to the user, and then the user terminal sends the conference secret key determined based on GAKE to the conference terminal, and the conference terminal
  • the conference data is encrypted and decrypted to provide conference services to participating users.
  • the conference terminal obtains the conference secret key through the user terminal, based on the strong binding relationship between the participating users and the user terminal, The authentication between the conference terminal and the participating users has been enhanced.
  • the enhanced user authentication can help reduce the risk of man-in-the-middle attacks.
  • the user terminal can also complete operations such as encryption and decoding of conference data; this implementation can also ensure encryption from conference terminal to conference terminal based on the conference key, and effectively reduces man-in-the-middle attacks based on strong binding of user terminals risks of.
  • the Signal protocol and the MLS protocol have been briefly introduced before.
  • the channel key between the group master node and the member node can be quickly established. That is, the initialization cost of the channel key is low, but subsequent The cost of updating the conference key is high; the channel key is negotiated based on the MLS protocol, and the channel key initialization cost is high, but non-full channel key updates can be achieved to reduce the cost of the channel key update process.
  • large conferences such as group conferences with more than 1,000 parties, complex initialization processes and complex key update processes will have a greater impact on the conference. For example, the long conference creation process causes users to wait for the conference creation time process, or the secret key
  • the large update overhead leads to delays in meeting data, which will seriously affect the user experience.
  • the group can be constructed by the conference management system.
  • the conference management system can construct a conference group for the users after obtaining the information of the participating users; although the group is constructed for the users, the operation of each node in the group is performed by the user's user terminal.
  • the conference management system can also build a system for the user terminal after obtaining the participating users and each user terminal information of the participating users.
  • Conference group at this time, each user terminal is an independent node in the group.
  • the conference management system can Construct a secondary group for the conference group to reduce the cost of key negotiation.
  • a conference group can be set up with a group master node (for convenience of distinction, it can also be called the main group master node), and other nodes can be called member nodes.
  • the main group master node in the conference group can be designated by the conference management system, which means that the conference management system also has the function of specifying the main group master node; or the main group master node can also be the default, such as the default conference group
  • the node numbered 1 in the group serves as the main group master node.
  • Each secondary group can also have a secondary group master node.
  • the secondary group master node can be specified by the conference management system; it can also be the default one. For example, the node numbered 1 in the default secondary group serves as the secondary group master node.
  • the secondary group master node in each secondary group is the node with the smallest number in the secondary group, that is, the secondary group master node of secondary group 1 is node 1, and the secondary group master node of secondary group 2 is The group master node is node 11, the secondary group master node of secondary group 3 is node 21,..., and the secondary group master node of secondary group 10 is node 91. It can be seen that node 1 can serve as the main group master node of the conference group, or as the secondary group master node in secondary group 1.
  • the primary group master node can distribute the generated conference key to each secondary group master node, and then each secondary group master node distributes the conference secret key to each secondary group. member node. Since the process of distributing conference keys within each sub-group can be carried out at the same time, that is, processed in parallel, it helps to reduce the time for updating the conference keys.
  • the conference key can be negotiated based on the MLS protocol within each secondary group, and the conference key can be negotiated between secondary groups based on the Signal protocol or the MLS protocol, thereby further reducing the initialization and update process. of overall expenses.
  • the group master node can determine the public and private key pairs according to its own private key pair.
  • the key and the public key of the member node are used to generate the channel secret key of the group master node.
  • the member node can generate the channel secret key based on its own private key and the public key of the group master node.
  • the initialization cost for distributing conference keys based on the Signal protocol is 100.
  • the group master node After the group master node generates the conference secret key, the group master node sends the generated conference secret key to each member node respectively.
  • the group master node sends the conference secret key to the member node N
  • the channel secret key between the group master node and the member node N can be used to encrypt the conference secret key; after receiving the encrypted conference secret key, the member node can encrypt the conference secret key according to the channel secret key. Decrypt the key to obtain the conference secret key.
  • each secondary group contains 50 nodes.
  • the initialization cost is 2.
  • the cost of sending the generated conference key to the secondary group master node based on the Signal protocol is 1.
  • Conference keys can also be distributed between secondary groups based on the MLS protocol. This embodiment of the present application will not give an example.
  • the above embodiment describes how to generate a conference key when a conference is created.
  • the above conference key generation method can also be applied to the updating process of the conference key during the conference. For example, during the course of the meeting, the participants change and a participant exits the meeting. At this time, the meeting secret key can be updated to prevent those who should exit the meeting from continuing to obtain and decrypt the meeting data; or, When new participants join the meeting, the meeting key can also be updated to prevent new participants from being able to obtain and decrypt the meeting data before joining. For another example, if the meeting lasts too long, the security of the meeting key will decrease as the usage time increases. Therefore, the meeting key can be automatically updated every time the meeting lasts for a preset time to ensure the security of the meeting data. safety.
  • the user terminal obtains the updated GAKE, for example, from the out-of-band authentication device shown in Figure 4, updates the conference key according to the new GAKE, and then encrypts and decrypts the conference data.
  • the updated GAKE for example, from the out-of-band authentication device shown in Figure 4
  • the user terminal After receiving the updated GAKE, the user terminal negotiates a new conference key with the user terminals of other participating users based on the updated GAKE. Similarly, during the update process, the user terminal can also negotiate the conference key with other terminals based on the Signal protocol or the MLS protocol. Alternatively, the user terminal can also form a new group based on the updated GAKE and negotiate with other user terminals in the group based on the MLS protocol. Negotiate the conference key, and negotiate the conference key between groups based on the Signal protocol or MLS protocol.
  • the distribution process of the conference key during the update process is similar to the distribution process of the conference key when creating a conference. Reference can be made to the conference key distribution process in the previous embodiment, which will not be described again here.
  • the user terminal needs to send the conference secret key to the conference terminal.
  • the user terminal can encrypt the conference secret key and send the encrypted conference secret key to Conference terminal.
  • the user terminal and the conference terminal can each configure their own public and private key pairs. The user terminal sends its own public key to the conference terminal, and the conference terminal sends its public key to the user terminal, using Used to encrypt and decrypt sent data.
  • the user terminal When the user terminal sends information to the conference terminal, the user terminal encrypts the information to be sent based on its own private key and the public key of the conference terminal and sends it; after receiving the information sent by the user terminal, the conference terminal encrypts the information based on its own private key and the public key of the conference terminal. The public key of the user terminal decrypts the received information, and the correct information can be obtained.
  • the conference terminal sends information to the user terminal, the conference terminal encrypts the information to be sent according to its own private key and the user terminal public key and sends it; after receiving the information sent by the conference terminal, the user terminal encrypts and sends the information according to its own private key and the conference terminal's public key.
  • the terminal's public key decrypts the received information and the correct information can be obtained.
  • Figure 6 exemplarily provides a conference key interaction process for implementing the above step 503a.
  • the participating user turns on the NFC function of the mobile phone, opens the conference APP installed in the mobile phone, and turns on the authentication function between the mobile phone and the conference terminal.
  • a personal identification number (PIN) is generated and displayed to the user.
  • the mobile phone further generates the mobile phone's public key P-pub key and private key P-private key based on the PIN.
  • the conference terminal prompts the user to enter the mobile phone PIN.
  • the conference terminal When the user enters the PIN, the conference terminal generates the conference terminal's public key T-pub key and private key T-private key based on the PIN.
  • the mobile phone sends the public key P-pub key of the mobile phone to the conference terminal through the NFC function, and the conference terminal sends the public key T-pub key of the conference terminal to the mobile phone through the NFC function.
  • the mobile phone calculates the sk value based on its own private key P-private key and the public key T-pub key of the conference terminal, and generates the encryption initial vector IV according to the AES128GCM algorithm. Then the mobile phone encrypts the conference secret key based on the sk value and the encrypted initial vector IV, and sends the encrypted initial vector IV and the encrypted conference secret key to the conference terminal.
  • the conference terminal calculates the sk' value based on the public key P-pub key of the mobile phone and the private key T-private key of the conference terminal, and then decrypts the encrypted conference secret key based on the sk' value and the encryption initial vector IV to obtain the correct conference Secret key. Further, the conference terminal can send a response message indicating successful authentication to the mobile phone.
  • the user terminal does not need to send the conference secret key to the conference terminal, but the user terminal and the conference terminal can still generate their respective public keys, private keys, sk values or sk' values according to the above method
  • the mobile phone sends the encrypted initial vector IV to the conference terminal, thereby realizing the binding of the user terminal and the conference terminal.
  • the conference terminal can encrypt the data to be sent based on the sk' value and the encryption initial vector IV or decrypt the data received from the mobile phone.
  • the mobile phone can encrypt the data based on the sk value and the encryption initial vector IV.
  • the initial vector IV decrypts the received data or encrypts the data to be sent to ensure the security of conference data transmitted between the user terminal and the conference terminal.
  • the GAKE obtained by the user terminal may be obtained from the out-of-band authentication device.
  • the out-of-band authentication device can generate the GAKE of the conference after receiving the conference information sent by the conference management system, and then send the generated GAKE to the user terminal of each participant in the conference, so that Each user terminal obtains the conference key according to the conference key generation method described in Figure 5, thereby providing conference services to the user.
  • the conference management system can send the relevant conference information of the conference to be created to the out-of-band authentication device, so that the out-of-band authentication device can trigger the generation of the conference key without occupying conference system resources.
  • the conference information may include information of participating users, so that the out-of-band authentication device can send relevant information, such as GAKE, used to generate a conference key to the user terminal based on the information of participating users. For example, if a conference is to be created with a total of N participating users, the conference information may include information about each of the N participating users.
  • the GAKE generated by the out-of-band authentication device can include the Signal protocol or MLS protocol introduced earlier.
  • the out-of-band authentication device can determine the GAKE to be used based on the number of participating users.
  • the out-of-band authentication device can determine whether users need to be grouped based on the number of users.
  • the out-of-band authentication device determines that grouping is required, it can further determine the GAKE used to negotiate the conference key within the group after the grouping and the GAKE used to negotiate the conference key between groups.
  • PA1 represents the user terminal of participant 1
  • A1 represents the conference terminal used by participant 1 to access the conference
  • PA2 represents the user terminal of participant 2
  • A2 represents participant 2.
  • PA1 can serve as the main group master node of a group composed of all user terminals.
  • the conference management system and the MCU that provide business services for the conference are deployed separately. As mentioned above, they can also be deployed in a unified manner.
  • Step 701 The conference management system sends conference information to the out-of-band authentication device.
  • the conference information may include information about each participating user, etc.
  • Step 702 The out-of-band authentication device generates a GAKE of the conference.
  • the out-of-band authentication device can determine the GAKE to be used based on the number of participating users.
  • Step 703 The out-of-band authentication device sends the generated GAKE to PA1 and PA2.
  • the out-of-band authentication device also needs to send the generated GAKE to other user terminals, so that each user terminal obtains the conference key according to the conference key generation method described in Figure 5 secret key to provide users with conference services.
  • Step 704 PA1 generates a conference key and sends the conference key to PA2 according to GAKE.
  • PA1 as the master node of the main group, generates a conference key and sends the generated conference key to other member nodes.
  • PA2 serves as a member node and obtains the conference key from PA1; if there can be other member nodes besides PA2 as shown in the figure, PA1 also needs to send the conference key to other member nodes.
  • PA2 shown in the figure is the secondary group master node. After PA2 receives the conference key, it also needs to distribute the conference key to the secondary group where it is located.
  • Each member node (not shown in Figure 7a); if there are other secondary groups and corresponding secondary group master nodes not shown in the figure, PA1 also needs to send the conference secret key to other secondary group masters node.
  • Step 705 The conference management system instructs the MCU to convene a conference when the reserved conference time arrives.
  • Step 706a PA1 sends the encrypted conference key to A1, and PA2 sends the encrypted conference key to A2.
  • PA1 and A1, and PA2 and A2 can transmit the encrypted conference key in the manner shown in Figure 6.
  • step 706 and the above-mentioned step 705 can be exchanged.
  • Step 707a A1 decrypts the conference data obtained from the MCU according to the conference secret key, encrypts the local conference data according to the conference secret key and sends it to the MCU; A2 decrypts the conference data obtained from the MCU according to the conference secret key , encrypt the local conference data according to the conference key and send it to the MCU.
  • Step 706b PA1 is bound to A1, and PA2 is bound to A2.
  • PA1 and A1 can each generate their own public keys and private keys, then send their own public keys to the other party, and then perform binding authentication according to the preset algorithm.
  • the binding methods of PA2 and A2 are similar and will not be described again.
  • the embodiment of the present application does not limit the execution order of step 706b, and it can be executed at any time before step 707b.
  • Step 707b A1 obtains the encrypted conference data from the MCU. At the same time, A2 can also obtain conference data from the MCU.
  • Step 708b PA1 grabs the encrypted meeting data from A1, decrypts the encrypted meeting data according to the meeting secret key, and sends the decrypted meeting data to A1.
  • PA2 can also grab the encrypted meeting data from A2, decrypt the encrypted meeting data based on the meeting secret key, and send the decrypted meeting data to A2.
  • Step 709b PA1 grabs the locally collected meeting data from A1, encrypts the local meeting data according to the meeting secret key, and sends the encrypted meeting data to A1.
  • PA2 can also capture the locally collected meeting data from A2, encrypt the local meeting data based on the meeting secret key, and send the encrypted meeting data to A2.
  • Step 710b A1 sends the locally encrypted conference data to the MCU.
  • A2 can also send locally encrypted conference data to the MCU.
  • the embodiment of the present application does not limit the execution order of the above-mentioned steps 707b to 708b, and step 709b to 710b. According to the needs of the meeting, the corresponding steps can be executed, and they can even be executed synchronously.
  • the execution steps of PA1-A1 and PA2-A2 may be the same or different.
  • PA1-A1 may be executing steps 707b-step 708b, while PA2-A2 may be executing steps 709b-step 710b; or, PA1 -A1 may be performing steps 709b-step 710b, while PA2-A2 may be performing steps 707b-step 708b.
  • Step 801 The conference management system sends updated conference information to the out-of-band authentication device.
  • the updated conference information may include updated information of the participating users.
  • Step 802 The out-of-band authentication device generates an updated GAKE.
  • the updated GAKE can contain indication information indicating the updated negotiation protocol; if the out-of-band authentication device believes that there is no need to change the negotiation protocol , the updated GAKE can be used only to indicate updating the conference key, or it can continue to indicate the same negotiation protocol.
  • Step 803 The out-of-band authentication device sends the updated GAKE to PA1 and PA2.
  • the updated conference still includes User 1 and User 2. If the updated conference no longer includes user 1 or user 2, the out-of-band authentication device will not send the updated GAKE to PA1 or PA2. If the updated conference also involves other user terminals, the out-of-band authentication device also needs to send the updated GAKE to other user terminals.
  • Step 804 PA1 generates a new conference key and sends the new conference key to PA2 according to GAKE.
  • PA1 as the master node of the main group, generates a new conference key and sends the new conference key to other member nodes.
  • PA2 serves as a member node and obtains a new conference key from PA1; if there can be other member nodes besides PA2 as shown in the figure, PA1 also needs to send the new conference key. Give other members nodes.
  • PA2 shown in the figure is the secondary group master node. After receiving the conference key, PA2 also needs to distribute the new conference key to the secondary group where it is located.
  • Each member node in the group (not shown in Figure 7a); if there are other secondary groups and corresponding secondary group master nodes not shown in the figure, PA1 also needs to send the new conference key to other Secondary group master node.
  • PA1 is still the main group master node in the updated conference.
  • the updated primary group master node may also change, and the updated secondary group master node may also change.
  • PA1, A1, PA2 and A2 can perform the operations shown in steps 706a and 707a, or can also perform the operations shown in steps 707b to 710b.
  • embodiments of the present application also provide a user terminal for implementing the above method embodiments.
  • the user terminal may include modules/units that execute any of the possible implementation methods in the above method embodiments; these modules/units may be implemented by hardware, or may be implemented by hardware executing corresponding software.
  • the user terminal may include: an acquisition module 901, a negotiation module 902, and further may include a sending module 903 or an encryption and decryption module 904.
  • the acquisition module 901 is used to acquire the group authentication key agreement protocol GAKE of the conference.
  • the negotiation module 902 is configured to negotiate a conference key for joining the conference with the user terminals of other participating users of the conference according to the GAKE.
  • the terminal also includes a sending module 903, which is used to send the conference secret key to the conference terminal, so that the conference terminal can encrypt and decrypt the data of the conference according to the conference secret key after joining the conference. .
  • the terminal also includes an encryption and decryption module 904, which is used to encrypt and decrypt the conference data according to the conference key.
  • the sending module 903 is specifically configured to: generate the public key and private key of the user terminal; send the public key of the user terminal to the conference terminal, and obtain the The public key of the conference terminal; encrypt the conference secret key according to the private key of the user terminal and the public key of the conference terminal; send the encrypted conference secret key to the conference terminal so that the The conference terminal decrypts and obtains the conference secret key according to the public key of the user terminal and the private key of the conference terminal.
  • the encryption and decryption module 904 is specifically configured to: decrypt the remote data obtained from the conference terminal according to the conference secret key, and the remote data is from the remote the user terminal sends the decrypted data to the conference terminal; and/or encrypts the local data obtained from the conference terminal according to the conference secret key,
  • the local data is the conference data collected locally by the conference terminal; the user terminal sends the encrypted data to the conference terminal.
  • the negotiation module 902 is specifically configured to: determine, according to the GAKE, to negotiate a conference secret key with other participating users of the conference based on the Signal protocol; or, according to the GAKE, It is determined to negotiate the conference key with other participating users of the conference based on the message layer security MLS protocol.
  • the user terminal and other participants are included in a group, the group includes at least one secondary group, and the secondary group includes a secondary group owner Node, the user terminal is the main group master node of the group.
  • the negotiation module 902 is specifically configured to send the generated conference key to the secondary group master node of the secondary group based on the Signal protocol or the message layer security MLS protocol.
  • the user terminal and other participants are included in a group, the group includes at least one secondary group, and the user terminal is a subordinate of the secondary group.
  • Level group master node the group includes the main group master node.
  • the negotiation module 902 is specifically configured to: receive the conference key sent by the primary group master node; and send the conference key to other nodes in the secondary group based on the message layer security MLS protocol.
  • inventions of the present application also provide a computer device.
  • the computer device includes a processor 1001 as shown in Figure 10, and a communication interface 1002 connected to the processor 1001.
  • the processor 1001 may be a general processor, a microprocessor, an application specific integrated circuit (ASIC), a field programmable gate array (FPGA) or other programmable logic device, discrete gate or transistor logic device, or one or more integrated circuits used to control the execution of the program of this application, etc.
  • a general-purpose processor may be a microprocessor or any conventional processor, etc.
  • Communication interface 1002 is used to communicate with other devices, such as PCI bus interface, Ethernet, wireless access network (radio access network, RAN), wireless local area networks (WLAN), etc.
  • PCI bus interface Ethernet
  • wireless access network radio access network
  • WLAN wireless local area networks
  • the processor 1001 is used to call the communication interface 1002 to perform receiving and/or sending functions, and to perform the method described in the previous possible implementation manner.
  • the computer device may also include a memory 1003 and a communication bus 1004.
  • the memory 1003 is used to store program instructions and/or data, so that the processor 1001 calls the instructions and/or data stored in the memory 1003 to implement the above functions of the processor 1001.
  • the memory 1003 may be a read-only memory (ROM) or other type of static storage device that can store static information and instructions, a random access memory (random access memory (RAM)) or other type that can store information and instructions.
  • ROM read-only memory
  • RAM random access memory
  • a dynamic storage device that can also be an electrically erasable programmable read-only memory (EEPROM) or can be used to carry or store desired program code in the form of instructions or data structures and can be stored by a computer. any other medium, but not limited to this.
  • the memory 1003 may exist independently, such as an off-chip memory, and is connected to the processor 1001 through the communication bus 1004.
  • the memory 1003 may also be integrated with the processor 1001.
  • Communication bus 1004 may include a path for communicating information between the components described above.
  • the processor 1001 can perform the following steps through the communication interface 1002: obtain the group authentication key agreement protocol GAKE of the conference; negotiate with the user terminals of other participating users of the conference to join the conference according to the GAKE The conference secret key; sending the conference secret key to the conference terminal, so that the conference terminal can encrypt and decrypt the data of the conference according to the conference secret key after joining the conference; or, according to the The conference key encrypts and decrypts the conference data.
  • GAKE group authentication key agreement protocol
  • the processor 1001 when the processor 1001 sends the conference secret key to the conference terminal through the communication interface 1002, it is specifically configured to: generate the public key and private key of the computer device; The public key of the computer device is sent to the conference terminal, and the public key of the conference terminal is obtained; the conference secret key is encrypted according to the private key of the computer device and the public key of the conference terminal; the encrypted key is The resulting conference secret key is sent to the conference terminal, so that the conference terminal decrypts and obtains the conference secret key according to the public key of the computer device and the private key of the conference terminal.
  • the processor 1001 when the processor 1001 encrypts and decrypts the conference data according to the conference secret key, it is specifically configured to: Decrypt the obtained remote data, which is the data from the remote conference, and send the decrypted data to the conference terminal; and/or, according to the conference secret key,
  • the local data obtained by the conference terminal is encrypted, the local data is the conference data collected locally by the conference terminal, and the encrypted data is sent to the conference terminal.
  • the processor 1001 when the processor 1001 negotiates the conference key with the user terminals of other participating users of the conference according to the GAKE, the processor 1001 is specifically configured to: determine based on the signal based on the GAKE The Signal protocol negotiates the conference secret key with other participating users of the conference; or according to the GAKE, it is determined to negotiate the conference secret key with other participating users of the conference based on the message layer security MLS protocol.
  • the computer device and other participants are included in a group, the group includes at least one secondary group, and the secondary group includes a secondary group owner Node, the computer device is the main group master node of the group.
  • the processor 1001 negotiates the conference key with the user terminals of other participating users of the conference according to the GAKE, it is specifically used to: use the generated conference key based on the Signal protocol or the message layer security MLS protocol. Sent to the secondary group master node of the secondary group.
  • the computer device and other participants are included in a group, and the group includes at least one secondary group, and the computer device is a subordinate of the secondary group.
  • Level group master node the group includes the main group master node.
  • the processor 1001 negotiates the conference secret key with the user terminals of other participating users of the conference according to the GAKE, it is specifically used to: receive the conference secret key sent by the main group master node; based on message layer security The MLS protocol sends the conference key to other nodes in the secondary group.
  • embodiments of the present application also provide a computer-readable storage medium.
  • Computer-readable instructions are stored in the computer-readable storage medium.
  • the above-mentioned Method embodiments are executed.
  • embodiments of the present application provide a computer program product containing instructions, which when run on a computer causes the above method embodiments to be executed.
  • embodiments of the present application may be provided as methods, systems, or computer program products. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment that combines software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
  • computer-usable storage media including, but not limited to, disk storage, CD-ROM, optical storage, etc.
  • These computer program instructions may also be stored in a computer-readable memory that causes a computer or other programmable data processing apparatus to operate in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including the instruction means, the instructions
  • the device implements the functions specified in a process or processes of the flowchart and/or a block or blocks of the block diagram.
  • These computer program instructions may also be loaded onto a computer or other programmable data processing device, causing a series of operating steps to be performed on the computer or other programmable device to produce computer-implemented processing, thereby executing on the computer or other programmable device.
  • Instructions provide steps for implementing the functions specified in a process or processes of a flowchart diagram and/or a block or blocks of a block diagram.

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Multimedia (AREA)
  • Telephonic Communication Services (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

L'invention concerne un procédé de génération de clé de conférence, un terminal et un dispositif, qui sont appliqués au domaine technique des ordinateurs. Dans le procédé, un terminal d'utilisateur obtient un GAKE d'une conférence ; selon le GAKE, le terminal d'utilisateur négocie, avec des terminaux d'utilisateur d'autres utilisateurs participant à la conférence, une clé secrète de conférence pour rejoindre la conférence ; le terminal d'utilisateur envoie la clé secrète de conférence au terminal de conférence, de sorte que le terminal de conférence crypte et décrypte des données de la conférence selon la clé secrète de conférence après avoir rejoint la conférence ; ou alors le terminal d'utilisateur crypte et décrypte les données de la conférence selon la clé de conférence. Du fait que le terminal de conférence obtient la clé secrète de conférence au moyen du terminal d'utilisateur ayant une forte relation de liaison avec l'utilisateur, l'authentification entre le terminal de conférence et l'utilisateur participant à la conférence est améliorée, et l'authentification d'utilisateur améliorée peut réduire efficacement le risque d'attaques par interception. Ou alors, des opérations telles que le cryptage et le décryptage des données de conférence sont menées à bien par le terminal d'utilisateur, et le risque d'attaques par interception peut également être efficacement réduit sur la base du terminal d'utilisateur ayant une forte liaison.
PCT/CN2023/077022 2022-03-09 2023-02-18 Procédé de génération de clé secrète de conférence, terminal et dispositif WO2023169187A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202210225329.2A CN116782207A (zh) 2022-03-09 2022-03-09 一种会议秘钥生成方法、终端及设备
CN202210225329.2 2022-03-09

Publications (1)

Publication Number Publication Date
WO2023169187A1 true WO2023169187A1 (fr) 2023-09-14

Family

ID=87937151

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2023/077022 WO2023169187A1 (fr) 2022-03-09 2023-02-18 Procédé de génération de clé secrète de conférence, terminal et dispositif

Country Status (2)

Country Link
CN (1) CN116782207A (fr)
WO (1) WO2023169187A1 (fr)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060095376A1 (en) * 2002-12-20 2006-05-04 Arthur Mitchell Virtual meetings
CN104580151A (zh) * 2014-12-03 2015-04-29 中国科学院信息工程研究所 防止保密会议信息泄露的方法及终端
WO2017075134A1 (fr) * 2015-10-28 2017-05-04 Cisco Technology, Inc. Gestion de clés pour conférence à confidentialité assurée
US20180351757A1 (en) * 2017-06-06 2018-12-06 Cisco Technology, Inc. Unauthorized participant detection in multiparty conferencing
US20200259640A1 (en) * 2017-11-08 2020-08-13 Wickr Inc. End-to-End Encryption During a Secure Communication Session

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060095376A1 (en) * 2002-12-20 2006-05-04 Arthur Mitchell Virtual meetings
CN104580151A (zh) * 2014-12-03 2015-04-29 中国科学院信息工程研究所 防止保密会议信息泄露的方法及终端
WO2017075134A1 (fr) * 2015-10-28 2017-05-04 Cisco Technology, Inc. Gestion de clés pour conférence à confidentialité assurée
US20180351757A1 (en) * 2017-06-06 2018-12-06 Cisco Technology, Inc. Unauthorized participant detection in multiparty conferencing
US20200259640A1 (en) * 2017-11-08 2020-08-13 Wickr Inc. End-to-End Encryption During a Secure Communication Session

Also Published As

Publication number Publication date
CN116782207A (zh) 2023-09-19

Similar Documents

Publication Publication Date Title
US10594672B2 (en) Secure node admission in a communication network
US10778656B2 (en) Sharing resources across multiple devices in online meetings
US8156337B2 (en) Systems and methods for authenticating communications in a network medium
CN112737774B (zh) 网络会议中的数据传输方法、装置及存储介质
CN111404950B (zh) 一种基于区块链网络的信息共享方法、装置和相关设备
JP2012508999A (ja) Wi−Fiデバイスツーデバイスネットワークにおいてデバイスの追加を実現するための方法、システム、およびデバイス
CN101771659B (zh) 一种安全切换配置方法、系统和设备
US11728978B2 (en) Method and apparatus for establishing trusted channel between user and trusted computing cluster
WO2008022520A1 (fr) Procédé, système et dispositif de sécurisation des communications entre plusieurs parties
US11212265B2 (en) Perfect forward secrecy (PFS) protected media access control security (MACSEC) key distribution
WO2015100675A1 (fr) Procédé de configuration de réseau, et dispositif et système associés
WO2014131356A1 (fr) Procédé, système et terminal de gestion hiérarchique de clés de groupes de système de grappes à large bande
CN203859823U (zh) 一种量子加密视频会议终端和系统
US20200175505A1 (en) System and method for creating a secure mesh network utilizing the blockchain
CN111709053B (zh) 基于松散耦合交易网络的作业方法及作业装置
US9049592B2 (en) Techniques for key derivation for secure communication in wireless mesh networks
WO2023169187A1 (fr) Procédé de génération de clé secrète de conférence, terminal et dispositif
KR101067720B1 (ko) 공개키 암호 알고리즘 및 그룹키를 이용한 통신 장치 및 방법
CN109889763B (zh) 会议电视系统的呼叫建立方法、装置及存储介质
JP6801921B2 (ja) 暗号通信方法、情報処理装置及びプログラム
TWI782701B (zh) 區塊鏈錢包的非互動式批核系統及其方法
WO2019148832A1 (fr) Procédé et dispositif de génération de clé privée
KR20240002666A (ko) 메신저 서비스를 제공하기 위한 방법, 시스템 및 비일시성의 컴퓨터 판독 가능한 기록 매체
WO2023082578A1 (fr) Procédé de vérification, nœud de communication et système
WO2023221856A1 (fr) Procédé et dispositif de communication sécurisée quantique, réseau de service de mot de passe quantique et système de communication

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23765765

Country of ref document: EP

Kind code of ref document: A1