WO2021237388A1 - Methods for encrypting and decrypting group message, and method for transmitting message - Google Patents

Methods for encrypting and decrypting group message, and method for transmitting message Download PDF

Info

Publication number
WO2021237388A1
WO2021237388A1 PCT/CN2020/091961 CN2020091961W WO2021237388A1 WO 2021237388 A1 WO2021237388 A1 WO 2021237388A1 CN 2020091961 W CN2020091961 W CN 2020091961W WO 2021237388 A1 WO2021237388 A1 WO 2021237388A1
Authority
WO
WIPO (PCT)
Prior art keywords
electronic device
key
group
message
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2020/091961
Other languages
French (fr)
Chinese (zh)
Inventor
林相宇
庄贤哲
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Gamania Digital Entertainment Co Ltd
Original Assignee
Gamania Digital Entertainment Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gamania Digital Entertainment Co Ltd filed Critical Gamania Digital Entertainment Co Ltd
Priority to PCT/CN2020/091961 priority Critical patent/WO2021237388A1/en
Publication of WO2021237388A1 publication Critical patent/WO2021237388A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network

Definitions

  • the general instant messaging system platform is mostly an open communication platform and cannot restrict users of the communication platform. Although the open communication platform has extremely low restrictions on users, it has a high degree of freedom for users.
  • the present invention provides a method for encrypting and decrypting group messages and transmitting messages.
  • the electronic device itself provides encryption and decryption methods, and makes the server unable to identify, thereby eliminating the server and the transmission process from being leaked. Messages further increase the security of group communication.
  • the main purpose of the present invention is to provide a method for encrypting and decrypting group messages and transmitting messages, which uses the electronic device used by the user to directly encrypt and decrypt, and make the server unable to identify, so as to improve the security of the communication process and the message itself .
  • the present invention discloses a method for transmitting messages, which is applied to a first electronic device, a second electronic device, a data server and a communication group server.
  • the first electronic device is based on a first electronic device.
  • the account logs in to the communication group server, the second electronic device logs in to the communication group server according to a second account in order to receive the invitation of the first electronic device, and the first electronic device logs in to the communication group server according to a group data corresponding to the communication group server Generate a first device key and a first public key, the second electronic device generates a second device key and a second public key according to the group data, and the first electronic device generates a corresponding group according to the group data
  • the group key is used to encrypt the first public key to correspondingly generate a first encryption key, and the first electronic device records a corresponding first code and the previously obtained first encryption key in the data server , And the first electronic device further obtains the second public key transmitted from the second electronic device through the communication group server
  • the method for transmitting messages of the present invention first uses the first electronic device according to the first account number Download the first encryption key from the data server, whereby the first electronic device generates a group key according to the first device key and the first encryption key, and then encrypts a first message according to the group key , And generate a first encrypted message, followed by the first electronic device uploading the first encrypted message to the communication group server according to the first account; the second electronic device downloading the second encryption key from the data server according to the second account and downloading the second encryption key from the communication
  • the group server downloads the first encrypted message, and the second electronic device generates a group key according to the second device key and the second encryption key, whereby the second electronic device decrypts the first encrypted message according to the group key,
  • the second electronic device restores the first message and displays it, that is, the second electronic device decodes the first encrypted message of the first electronic device, and thus displays it on the second electronic device.
  • the present invention provides an embodiment, the content of which is that when the first electronic device does not read the first code, the first encryption key cannot be downloaded, and when the second electronic device does not read the second code, Unable to download the second encryption key.
  • the present invention provides an embodiment, the content of which is that the method of the present invention further includes: connecting the second electronic device to reply to the first message, thereby generating a second message according to the first message, and connecting the second electronic device according to the group key
  • the second message is encrypted to generate a second encrypted message, whereby the second electronic device uploads the second encrypted message to the communication group server according to the second account; then, the first electronic device downloads the second encrypted message from the communication group server Then, the first electronic device decrypts the second encrypted message according to the group key to restore the second message in the first electronic device.
  • the present invention provides an embodiment, the content of which is that a first electronic device generates a first device key and a first public key according to an asymmetric cryptographic algorithm, and a second electronic device generates a second device secret according to an asymmetric cryptographic algorithm. Key and the second encryption key.
  • the present invention provides an embodiment, the content of which is that the method for transferring messages further includes the step of transferring the second device key and the second public key to the fourth electronic device, and the second electronic device first obtains it according to the encryption group A second barcode and temporarily store the first device key and the first public key corresponding to the encryption group in the server, connect the fourth electronic device to obtain authorization information according to the second barcode, and then the fourth electronic device automatically according to the authorization information
  • the server downloads and restores the second device key and the second public key, and then the fourth electronic device joins the encryption group and encrypts the second public key according to the encryption group to generate the second encryption key and record the
  • the fourth electronic device and the second encryption key are in the server.
  • the present invention provides an embodiment.
  • the second electronic device obtains a second barcode according to the communication group server and temporarily stores the second device key and the second public key in the data server
  • the second electronic device The second device key and the second public key are encrypted to generate a second encrypted data, which is temporarily stored in the data server.
  • the present invention provides another embodiment.
  • the electronic device In the step of decrypting according to a device key and the encryption key, the electronic device further decrypts according to an asymmetric cryptographic algorithm to generate the group key.
  • the present invention also discloses a method for decrypting group messages, which is applied to an electronic device to store an encryption key to a data server according to an account, and the encryption key corresponds to a device of the electronic device
  • the electronic device first downloads the encryption key according to the account number, and the connected electronic device decrypts the encryption key according to the device key to generate a group key; the electronic device according to the group The group key decrypts an encrypted message to generate a decrypted message. In this way, the security of group messages is improved.
  • the present invention provides another embodiment, the content of which is that in the step of decrypting according to a device key and the encryption key, the electronic device further decrypts according to an asymmetric cryptographic algorithm to generate the group key.
  • the present invention provides another embodiment, the content of which is that in the step of generating and displaying a decrypted message according to the group key and an encrypted message, the encrypted message is further generated according to an Advanced Encryption Standard (AES) algorithm.
  • AES Advanced Encryption Standard
  • Figure 1A is a partial flowchart of an embodiment of the present invention
  • FIG. 2 is a schematic diagram of a system of a first encryption key according to an embodiment of the present invention
  • FIG. 4 is a schematic diagram of a system for encrypting messages by a first electronic device according to an embodiment of the present invention
  • 4B is a schematic diagram of a system for decrypting messages by a second electronic device according to an embodiment of the present invention
  • FIG. 6 is a flowchart of the encrypted group message of the present invention.
  • Fig. 7 is a flowchart of decrypting group messages according to the present invention.
  • 8A is a partial flowchart of the replacement of the first electronic device to the third electronic device according to the present invention.
  • 8B is a partial flowchart of the replacement of the first electronic device to the third electronic device according to the present invention.
  • FIG. 9 is a schematic diagram of a system of a first encryption key according to an embodiment of the present invention.
  • FIG. 10 is a schematic diagram of a second encryption key system according to an embodiment of the present invention.
  • FIG. 11 is a schematic diagram of a system for encrypting messages according to an embodiment of the present invention.
  • FIG. 12 is a schematic diagram of a system for decrypting messages according to an embodiment of the present invention.
  • 13A is a partial flowchart of the replacement of the second electronic device to the fourth electronic device according to the present invention.
  • FIG. 16 is a schematic diagram of a system for encrypting messages according to an embodiment of the present invention.
  • FIG. 17 is a schematic diagram of a system for decrypting messages according to an embodiment of the present invention.
  • Reference Signs 1 group system; 2 group system; 10 data server; 12 key list; 20 first electronic device; 22 first device key; 24 first public key; 30 second electronic device; 32 Second device key; 34 second public key; 40 communication group server; 40A encryption group; 50 multifunction server; 50A encryption group; 60 third electronic device; 62 third device key; 64 third public key Key; 70 fourth electronic device; 72 fourth device key; 74 fourth public key; D1 first encrypted data; D2 second encrypted data; device1 first code; device2 second code; key1 first encryption key; key2 second encryption key; keyg group key; M1 first message; M12 first encrypted message; M2 second message; M22 second encrypted message; QR1 first barcode; QR2 second barcode; S10-S120 steps; Steps S210-S230; Steps S310-S330; Steps S410-S560; Steps S610-S760.
  • the present invention proposes a method for encrypting and decrypting group messages and transferring messages to solve the problem of message reliability caused by the prior art.
  • a method of message delivery of the present invention includes the following steps:
  • Step S10 The first electronic device downloads the first encryption key from the data server according to the first account number
  • Step S20 The first electronic device decrypts the first encryption key according to the first device key to obtain the group key;
  • Step S50 The second electronic device downloads the second encryption key from the data server and downloads the first encrypted message from the communication group server according to the second account number;
  • Step S60 The second electronic device decrypts the second encryption key according to the second device key to obtain the group key;
  • Step S70 The second electronic device decrypts the first encrypted message according to the group key to restore the first message in the second electronic device.
  • the group system 1 used in the method of transmitting messages of the present invention includes a data server 10, a first electronic device 20, a second electronic device 30, and a communication group server 40.
  • the first electronic device 20 Log in to the communication group server 40 according to a first account A1
  • the first account A1 of the first electronic device 20 is stored in the communication group server 40
  • the first account A1 acts as a manager in a communication group 40A and is managed by the first
  • the electronic device 20 invites the second electronic device 30 to log in to the communication group server according to a second account A2
  • the first account A1 is a communication group G1 in the communication group server 40 as a manager.
  • the first electronic device 20 generates a first device key 22 and a first public key 24 according to a group data GD1 of the communication group G1, and the second electronic device 30 generates a second device key according to the group data GD1
  • the device key 32 and a second public key 34 so the first electronic device 20 encrypts the first public key 24 according to a group key keyg corresponding to the group data GD1 to generate a first encryption key Key1
  • An electronic device 20 obtains the second public key 34 of the second electronic device 30 through the communication group server 40, that is, the second electronic device 30 transmits the second public key 34 to the first electronic device 20 through the communication group server 40
  • the first electronic device 20 encrypts the second public key 34 according to the group key keyg to generate a second encryption key Key2, where the group data GD1 is the communication group 40A corresponding to the group communication server 40, so this implementation
  • the key mentioned in the example is the application communication group 40A and cannot be used in other groups to enhance security.
  • storing data and group broadcasting messages are performed on different servers, that is, the data server 10 and the group communication server 40 are distinguished, so the data server 10 and the communication group server 40 are distinguished.
  • the data server 10 stores a first encryption key Key1 and a second encryption key Key2.
  • the first encryption key key1 and the second encryption key key2 are respectively connected (or bound) with a first code device1 and a second code device2,
  • the first code device1 and the second code device2 are codes corresponding to the first electronic device 20 and the second electronic device 30 respectively.
  • the first device key 22 and the first public key 24 are generated by the first electronic device 20 according to an asymmetric encryption algorithm
  • the second device key 32 and the second public key 34 are generated by the second electronic device 30 according to The asymmetric encryption algorithm is generated, for example, the RSA encryption algorithm, so the first device key 22 is matched to the first public key 24, and the second device key 32 is matched to the second public key 34.
  • step S10 the first account A1 of the first electronic device 20 is in the communication group server 40, and a data download request is made to download the first encryption key key1 previously stored in the data server 10.
  • the data server 10 allows the first electronic device 20 to download the first encryption key key1 in the internal storage space of the first electronic device 20 according to the first code device1.
  • step S20 as shown in FIG. 4, the first electronic device 20 decrypts the first encryption key Key1, so that the first electronic device 20 obtains the group key keyg corresponding to the communication group 40A, and then in step S30 Here, the first electronic device 20 encrypts a first message M1 to be transmitted by the first electronic device 20 according to the group key keyg, thereby generating a first encrypted message M12.
  • step S40 as shown in FIG. 4, the first electronic device 20 uploads the first encrypted message M12 to the communication group 40A.
  • the second electronic device 30 makes a data download request for the second encryption key key2 to the data server 10, so that the data server 10 downloads the second encryption key key2 according to the second code device2 , While allowing the second electronic device 30 to download the first encrypted message M12 from the communication group 40A, and then in step S60, the second electronic device 30 decrypts according to the second device key 32 and the second encryption key key2, thereby obtaining Corresponding to the group key keyg of the communication group 40A, the second electronic device 30 uses the group key keyg to decrypt the encrypted message M12 in step S70 to restore the first encrypted message M12 to the first message M1. In the second electronic device 30, the second electronic device 30 can display the first message M1 instead of the first encrypted message M12.
  • the method of transmitting messages of the present invention allows the server to no longer interpret or recognize the messages transmitted by the first electronic device 20 to the second electronic device 30, thereby avoiding the leakage of information by third parties, and because the process of message transmission is Encrypting messages further improves the reliability of message delivery.
  • the method for transferring messages of the present invention can also be applied to the transfer process of the reply message of the second electronic device 30. Therefore, according to node A, the steps of the method of the present invention are further continued to step S150, that is to say, this
  • the invented method of delivering messages also includes:
  • Step S80 the second electronic device generates a second message according to the first message
  • Step S90 The second electronic device encrypts the second message according to the second device key and the second encryption key to generate a second encrypted message
  • Step S100 the second electronic device uploads the second encrypted message to the communication group server according to the second account
  • Step S110 the first electronic device downloads the second encrypted message from the communication group server.
  • Step S120 The first electronic device decrypts the second encrypted message according to the first device key and the first encryption key to restore the second message in the first electronic device.
  • step S110 the second electronic device 30 generates a corresponding reply message according to the first message M1, that is, correspondingly generates a second message M2, and then, in step S120, the second electronic device 30 generates a corresponding response message according to the second device key 32
  • the group key keyg generated by decrypting with the second encryption key key2 is used to encrypt the second message M2, wherein the second electronic device 30 can download the second encryption key key2 again from the data server 10, and execute the first
  • the second encryption key key2 is decrypted to obtain the group key keyg, and the second message M2 is encrypted to generate the corresponding second encrypted message M22, or the second electronic device 30 according to the second device key 32
  • the second encryption key key2 downloaded in the previous step S70 is directly used for decryption to obtain the group key keyg, and then the second message M2 is encrypted.
  • step S130 the second electronic device 30 uploads the second encrypted message M22 to the communication group 40A of the communication group server 40, so that the first electronic device 20 is connected to the communication group 40A from the communication group server 40 in step S140. Download the second encrypted message M22 to the internal storage space of the device.
  • step S150 the first electronic device 20 decrypts the second encrypted message M22 according to the group key keyg generated by decrypting the first device key 22 and the first encryption key key1 to restore the second encrypted message M22.
  • the first electronic device 20 can download the first encryption key key1 again from the data server 10, and perform the decryption of the first encryption key key1 again to obtain the group key keyg, and the second encrypted message M22 encrypts to restore the corresponding second message M2, or the first electronic device 20 directly uses the first encryption key key1 downloaded in the previous step S20 to decrypt according to the first device key 22 to obtain the group
  • the group key keyg further decrypts the second encrypted message M22.
  • the method for encrypting group messages of the present invention includes the following steps:
  • Step S210 the electronic device downloads the encryption key stored in the server
  • Step S220 Decrypt the encryption key according to the device key to obtain the group key
  • Step S230 Generate an encrypted message according to the group key and the group message, and send it to an encrypted group.
  • step S220 the first electronic device 20 performs decryption to obtain the group key keyg corresponding to the encrypted group 40.
  • step S230 the first electronic device 20 pairs the group message (that is, the first The message M1) is encrypted, and the corresponding first encrypted message M12 is generated and uploaded to the corresponding encrypted group.
  • the first electronic device 20 sends a group message to the encrypted group. If the second electronic device 30 sends a group message to the encrypted group, the above steps S210 to S230 are also followed.
  • the method for decrypting group messages of the present invention includes the following steps:
  • Step S310 an electronic device downloads an encryption key stored in a server
  • Step S320 Decrypt the encryption key according to a device key to obtain a group key
  • Step S330 Generate a decrypted message according to the group key and an encrypted message and display it on the electronic device.
  • step S220 the second electronic device 30 performs Decryption to generate a group key keyg corresponding to the encrypted group.
  • step S230 the second electronic device 30 decrypts the first encrypted message M12 according to the group key keyg, and restores it to the corresponding first message M1 (ie, group message), so that the second electronic device 30 can display the first message M1 instead of displaying the encrypted first encrypted message M12.
  • the second electronic device 30 wants to restore the encrypted message of the encrypted group. If the first electronic device 20 wants to restore the encrypted message of the encrypted group, the steps S310 to S330 are also followed.
  • the first electronic device 20 and the second electronic device 30 cannot encrypt the sent group message or cannot decrypt the encrypted message. Therefore, when the first electronic device 20 and the second electronic device 30 are not registered in the key list 12, it is displayed that the messages in the encrypted group are all encrypted group messages and are displayed as unrecognizable garbled characters.
  • the following embodiments further illustrate that the communication group server 40 and the data server 10 are combined into a multifunctional server 50, and the first electronic device 20 and the second electronic device 30 log in to the multifunctional server with the first account A1 and the second account A2, respectively.
  • the user of the first electronic device 20 replaces the electronic device to rejoin the encryption group 50A, and holds the description of the key related to the first electronic device 20 again.
  • FIGS. 8A and 8B are flowcharts of replacing the first electronic device to the third electronic device according to the present invention.
  • the method of transmitting messages of the present invention further includes a step flow of replacing the first electronic device, including the following steps:
  • Step S410 The first electronic device downloads the first encryption key from the data server according to the first account number
  • Step S420 The first electronic device decrypts the first encryption key according to the first device key to obtain the group key;
  • Step S430 The first electronic device encrypts the first message according to the group key to generate the first encrypted message
  • Step S440 the first electronic device uploads the first encrypted message to the communication group server according to the first account
  • Step S450 The second electronic device downloads the second encryption key from the data server and downloads the first encrypted message from the communication group server according to the second account number;
  • Step S460 The second electronic device decrypts the second encryption key according to the second device key to obtain the group key;
  • Step S470 The second electronic device decrypts the first encrypted message according to the group key to restore the first message in the second electronic device;
  • Step S480 the second electronic device generates a second message according to the first message
  • Step S490 The second electronic device encrypts the second message according to the group key obtained by the second device key and the second encryption key to generate a second encrypted message;
  • Step S500 the second electronic device uploads the second encrypted message to the communication group server according to the second account
  • Step S510 The first electronic device downloads the second encrypted message from the communication group server
  • Step S520 The first electronic device decrypts the second encrypted message according to the group key obtained by the first device key and the first encryption key, so as to restore the second message in the first electronic device;
  • Step S530 The first electronic device obtains the first barcode according to the encryption group and temporarily stores the first device key and the first public key corresponding to the encryption group in the server;
  • Step S540 The third electronic device obtains the authorization information according to the first barcode and joins the encryption group;
  • Step S550 The third electronic device downloads and restores the first device key and the first public key from the server according to the authorization information
  • Step S560 The third electronic device encrypts the first public key according to the encryption group to generate a first encryption key and records the third electronic device with the first encryption key on the server.
  • FIGS. 9 to 12 are schematic diagrams of a system according to another embodiment of the present invention.
  • the difference between FIGS. 2 to 4B and FIGS. 9 to 12 is that FIGS. 9 to 12 further include a third electronic device 60.
  • Steps S410 to S520 have been disclosed in steps S10 to S120 of the above-mentioned embodiment, so they will not be repeated. Since the first electronic device 20 sends the first encrypted message M12, the user of the first electronic device 20 will The third electronic device 60 is replaced by the third electronic device 60. Therefore, in step S530, as shown in FIG. The first device key 22 and the first public key 24 for encryption and decryption purposes will be temporarily stored to the multifunctional server 50, where the first electronic device 20 further encrypts the first device key 22 and the first public key 24, thus A corresponding first encrypted data D1 is generated, so that the multifunctional server 50 does not recognize the first device key 22 and the first public key 24, thereby avoiding the problem of server-side leakage.
  • step S540 the third electronic device 60 reads the first barcode QR1, for example: using a built-in camera to capture the image of the first barcode QR1, thereby obtaining a temporary third device key 62 and the third public key 64 are added to the encryption group 50A, so the third public key 64 is encrypted to generate a third encryption key key3 and upload it to the key list 12, which is to temporarily authorize the third electronic device 60 to use Corresponding to the encryption and decryption of the encryption group 50A; in step S550, as shown in FIG.
  • the third electronic device 60 downloads the temporarily stored first encrypted data D1 from the multifunction server 50, and the third electronic device 60 targets the first
  • the encrypted data D1 is decrypted to restore the first device key 22 and the first public key 24 in the third electronic device 60, and then in step S560, the restored first public key 24 is encrypted to generate the corresponding
  • the first encryption key key1 of the third electronic device 60 is uploaded to the key list 12 of the multifunction server 50.
  • the first encryption key key1 is changed to correspond to the third electronic device 60, wherein, since the third electronic device 60 replaces the first electronic device 20 as the manager of the encryption group 50A, step In S560, the complete asymmetric encryption key of the first device key 22 and the first public key 24 has been obtained by the third electronic device 60, so the encryption process can be directly performed.
  • FIG. 13A and FIG. 13B are flowcharts of replacing the second electronic device to the fourth electronic device.
  • the method of transmitting messages of the present invention further includes a step flow of replacing the second electronic device, and the steps include:
  • Step S610 The first electronic device downloads the first encryption key to the data server according to the first account number
  • Step S620 The first electronic device decrypts the first encryption key according to the first device key to obtain the group key;
  • Step S630 The first electronic device encrypts the first message according to the group key to generate the first encrypted message
  • Step S640 the first electronic device uploads the first encrypted message to the communication group server according to the first account
  • Step S650 The second electronic device downloads the second encryption key from the data server and downloads the first encrypted message from the communication group server according to the second account.
  • Step S660 The second electronic device decrypts the second encryption key according to the second device key to obtain the group key;
  • Step S670 The second electronic device decrypts the first encrypted message according to the group key to restore the first message on the second electronic device
  • Step S680 The second electronic device generates a second message according to the first message
  • Step 690 The second electronic device encrypts the second message according to the group key obtained by the second device key and the second encryption key to generate a second encrypted message;
  • Step S700 the second electronic device uploads the second encrypted message to the communication group server according to the second account
  • Step S710 The first electronic device downloads the second encrypted message from the communication group server;
  • Step S720 The first electronic device decrypts the second encrypted message according to the group key obtained by the first device key and the first encryption key, so as to restore the second message in the first electronic device;
  • Step S730 The second electronic device obtains the second barcode according to the encryption group and temporarily stores the second device key and the second public key corresponding to the encryption group in the server;
  • Step S740 the fourth electronic device obtains the authorization information according to the second barcode and joins the encryption group;
  • Step S750 The fourth electronic device downloads and restores the second device key and the second public key from the server according to the authorization information.
  • Step S760 The fourth electronic device encrypts the second public key according to the encryption group to generate a second encryption key and records the fourth electronic device with the second encryption key on the server.
  • FIG. 14 Please also refer to FIG. 14 to FIG. 17 for system schematic diagrams of another embodiment of the present invention.
  • the difference between FIGS. 9-12 and FIGS. 14-17 is that FIGS. 9-12 replace the first electronic device 20 with the third electronic device 60, and FIGS. 14-17 replace the second electronic device 30 with the fourth electronic device 70. .
  • Steps S610 to S720 have been disclosed in steps S10 to S120 of the above-mentioned embodiment, so they will not be repeated. Since the second electronic device 30 decrypts the first encrypted message M12 and displays it, the use of the second electronic device 30 The user will be replaced with the fourth electronic device 70.
  • step S730 the second electronic device 30 obtains a second barcode QR2 for transfer from the encryption group 50A, and the second electronic device 30 will temporarily store it
  • the second device key 32 and the second public key 34 for encryption and decryption purposes are sent to the multifunction server 50, wherein the second electronic device 30 further encrypts the second device key 32 and the second public key 34, thereby generating a corresponding one
  • the second encrypted data D2 prevents the multi-function server 50 from identifying the second device key 32 and the second public key 34, thereby avoiding the problem of server-side leakage.
  • the fourth electronic device 70 reads the second barcode QR2, for example: using a built-in camera to capture the image of the second barcode QR2, thereby obtaining the temporary fourth device key 72 and the fourth public key 74 and join the encryption group 50A, so the fourth public key 74 is encrypted and uploaded to the key list 12, that is, the fourth electronic device 70 is temporarily authorized to use the encryption and decryption corresponding to the encryption group 50A; in step S750, The fourth electronic device 70 downloads the temporarily stored second encrypted data D2 from the multifunction server 50, and the fourth electronic device 70 decrypts the second encrypted data D2 to restore the second device key 32 and the second public key 34.
  • the restored second public key 34 is encrypted, thereby generating a second encryption key key2 corresponding to the fourth electronic device 70, and uploading the key to the multifunction server 50 Listing 12.
  • the second encryption key key2 is changed to correspond to the fourth electronic device 70, and since the second electronic device 30 itself is not the manager of the encryption group 50A, the fourth electronic device 70 replaces the first After the second electronic device 30 joins the encryption group 50A, the fourth electronic device 70 still needs to be encrypted by the first electronic device 20 when the second public key 34 is encrypted into the second encryption key key2.
  • the method for encrypting and decrypting group messages and transmitting messages of the present invention is based on the fact that after the electronic device enters the encrypted group, the group manager receives the public key from other electronic devices and encrypts it for the server to establish The corresponding key list prevents the server from reading or identifying the public key, so that the electronic device only encrypts and decrypts the group information.
  • the electronic device can be encrypted according to the encryption principle of the present invention to be applied to the user to replace the electronic device.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Transfer Between Computers (AREA)
  • Storage Device Security (AREA)

Abstract

Disclosed in the present invention are methods for encrypting and decrypting a group message, and a method for transmitting a message. The present invention not only encrypts a message by means of an electronic device before transmitting the message, but also further encrypts a public key, so that a server cannot identify the encrypted public key, thereby reducing the leakage risk of third-party data.

Description

加解密群组消息及传递消息的方法Method for encrypting and decrypting group messages and transmitting messages 技术领域Technical field

本发明系有关一种加解密消息及传输消息的方法,尤其是一种加、解密群组消息及传递消息之方法。The present invention relates to a method for encrypting and decrypting messages and transmitting messages, in particular to a method for encrypting and decrypting group messages and transferring messages.

背景技术Background technique

随着网际网路的普及,各种即时通讯系统也广泛普遍地被使用,例如:Line、Wechat,甚至是社群网站最后都朝向即时通讯这领域开发平台,例如:脸书的Messager,然而,一般的即时通讯系统平台多属于开放式的通讯平台,并无法限制通讯平台的使用者,虽然开放式的通讯平台对于使用者的限制极低,因此对于使用者的消息自由度极高,With the popularity of the Internet, various instant messaging systems have been widely used, such as Line, Wechat, and even social networking sites. Finally, they are developing platforms in the field of instant messaging, such as Facebook’s Messager. However, The general instant messaging system platform is mostly an open communication platform and cannot restrict users of the communication platform. Although the open communication platform has extremely low restrictions on users, it has a high degree of freedom for users.

现有即时通技术中,其一是以云端、行动通讯装置与推播技术提供单一个层级的组织内部的消息交换服务,在此情况之即产生公文被私文淹没的问题(即不易发现该篇公文)。因此,云端推播方式的即时通讯技术为解决“已知个人对个人的即时消息系统不适合群组/公司使用”的问题,因而提供“以固定单一个群组动态消息提供单一个层级之组织在其中分享消息”的功效。另一现有即时通讯技术为以云端技术供电脑及行动通讯装置进行消息交换,而只能提供固定单一个动态消息,意即其所面临问题亦是“无法区分公、私两种用途”,如此若要区分公、私用途,则需设立不同的帐号或群组,例如:公文用途在Facebook at Work,而私文用途则在Facebook。而区分公、私用途所产生的技术效果则为“提供适合四种不同情境的方式,皆以固定单一个动态消息提供单一个层级之组织在其中分享消息”。Among the existing instant messaging technologies, one of them uses cloud, mobile communication devices, and push broadcasting technologies to provide a single-level internal message exchange service within the organization. Official document). Therefore, the cloud push method of instant messaging technology is to solve the problem of "known person-to-person instant messaging systems are not suitable for groups/companies." Share the message in it" effect. Another existing instant messaging technology uses cloud technology for computer and mobile communication devices to exchange messages, and can only provide a fixed single dynamic message, which means that the problem it faces is "inability to distinguish between public and private uses." In this way, if you want to distinguish between public and private use, you need to set up different accounts or groups. For example, the use of official documents is on Facebook at Work, and the use of private documents is on Facebook. The technical effect of distinguishing between public and private uses is "providing a method suitable for four different situations, all with a fixed single dynamic message providing a single level of organization to share messages in it".

但相对地,上述之两种即时通讯系统平台仍无法满足具有私密需求的族群,而无法对于具有私密需求的族群提供特定的私密对话消息,因此仍有待改善之处。有鉴于此,遂有发明出一种企业内部使用之即时通讯系统平台。即使以企业内部使用之即时通讯作为主要目的,但仍然未能有效提供消息加密手段;再者,针对特定加密群组之中的消息作加密保全,大多数现有即时通讯平台的加密方式为透过服务器进行加密处理,并未排除服务器的加密处理角 色,且一般加密手段在于透过服务器进行加密,而客户端并未提供有效加密手段,仍会被有心人士于传递过程中撷取消息,而造成企业内部营业秘密遭到有心人士外泄。However, the aforementioned two instant messaging system platforms still cannot satisfy the groups with privacy needs, and cannot provide specific private conversation messages for the groups with privacy needs, so there is still room for improvement. In view of this, an instant messaging system platform for enterprise internal use was invented. Even if the main purpose is to use instant messaging internally in the enterprise, it still fails to provide an effective means of message encryption. Furthermore, for the encryption of messages in a specific encrypted group, most of the existing instant messaging platforms use transparent encryption methods. Encryption processing through the server does not exclude the server’s role in encryption processing, and the general encryption method is to encrypt through the server, and the client does not provide an effective encryption method, and the message will still be retrieved by interested parties during the transmission process. As a result, internal business secrets of the enterprise were leaked by interested parties.

基于上述之问题,本发明提供一种加、解密群组消息及传递消息之方法,其藉由电子装置本身提供加、解密手段,并让服务器无法辨识,因而排除服务器及传输过程中被外泄消息,进一步地增加群组通讯的安全性。Based on the above-mentioned problems, the present invention provides a method for encrypting and decrypting group messages and transmitting messages. The electronic device itself provides encryption and decryption methods, and makes the server unable to identify, thereby eliminating the server and the transmission process from being leaked. Messages further increase the security of group communication.

发明内容Summary of the invention

本发明的主要目的是提供一种加解密群组消息及传递消息的方法,其利用使用者所使用的电子装置直接加、解密,并让服务器无法辨识,以提升通讯过程与消息本身的安全性。The main purpose of the present invention is to provide a method for encrypting and decrypting group messages and transmitting messages, which uses the electronic device used by the user to directly encrypt and decrypt, and make the server unable to identify, so as to improve the security of the communication process and the message itself .

为了达到上述之目的,本发明揭示了一种传递消息的方法,其应用于一第一电子装置、一第二电子装置、一数据服务器与一通讯群组服务器,第一电子装置依据一第一帐号登入该通讯群组服务器,第二电子装置为收到第一电子装置的邀请而依据一第二帐号登入该通讯群组服务器,且第一电子装置依据通讯群组服务器对应的一群组数据产生一第一装置密钥与一第一公钥,该第二电子装置依据群组数据产生一第二装置密钥与一第二公钥,第一电子装置依据群组数据产生对应的一群组密钥,用以对第一公钥进行加密,以对应产生一第一加密密钥,第一电子装置将其对应的一第一代码与先前所得的第一加密密钥记录于的数据服务器,且第一电子装置进一步经通讯群组服务器取得来自于第二电子装置所传送的第二公钥,第一电子装置依据群组密钥对第二公钥进行加密而产生一第二加密密钥,第一电子装置将第二电子装置对应的一第二代码与第二加密密钥记录于数据服务器,基于上述条件,本发明传递消息的方法先由该第一电子装置依据该第一帐号从该数据服务器下载该第一加密密钥,藉此,该第一电子装置依据第一装置密钥与第一加密密钥产生群组密钥,以接续依据群组密钥加密一第一消息,而产生一第一加密消息,接续由第一电子装置依据第一帐号上传第一加密消息至通讯群组服务器;第二电子装置依据第二帐号从数据服务器下载第二加密密钥并从通讯群组服务器下载该第一加密消息,第二电子装置依据第二装置密钥与第二加密密钥产生群组密钥,藉此,第二电子装置依据群组密钥解密第一加密消息,以在第二电子装置还原成第一消息并显示,也就是第二电子装置解读了第一电子装置的第一加密消息,因而显示于该第二电子装置上。藉此,增加提升通讯过程与消息本身的安全性。In order to achieve the above objective, the present invention discloses a method for transmitting messages, which is applied to a first electronic device, a second electronic device, a data server and a communication group server. The first electronic device is based on a first electronic device. The account logs in to the communication group server, the second electronic device logs in to the communication group server according to a second account in order to receive the invitation of the first electronic device, and the first electronic device logs in to the communication group server according to a group data corresponding to the communication group server Generate a first device key and a first public key, the second electronic device generates a second device key and a second public key according to the group data, and the first electronic device generates a corresponding group according to the group data The group key is used to encrypt the first public key to correspondingly generate a first encryption key, and the first electronic device records a corresponding first code and the previously obtained first encryption key in the data server , And the first electronic device further obtains the second public key transmitted from the second electronic device through the communication group server, and the first electronic device encrypts the second public key according to the group key to generate a second encryption key The first electronic device records a second code and a second encryption key corresponding to the second electronic device in the data server. Based on the above-mentioned conditions, the method for transmitting messages of the present invention first uses the first electronic device according to the first account number Download the first encryption key from the data server, whereby the first electronic device generates a group key according to the first device key and the first encryption key, and then encrypts a first message according to the group key , And generate a first encrypted message, followed by the first electronic device uploading the first encrypted message to the communication group server according to the first account; the second electronic device downloading the second encryption key from the data server according to the second account and downloading the second encryption key from the communication The group server downloads the first encrypted message, and the second electronic device generates a group key according to the second device key and the second encryption key, whereby the second electronic device decrypts the first encrypted message according to the group key, The second electronic device restores the first message and displays it, that is, the second electronic device decodes the first encrypted message of the first electronic device, and thus displays it on the second electronic device. In this way, the security of the communication process and the message itself is increased and improved.

本发明提供一实施例,其内容在于,当第一电子装置未读取到该第一代码时,无法下载该第一加密密钥,当该第二电子装置未读取到第二代码时,无法下载第二加密密钥。The present invention provides an embodiment, the content of which is that when the first electronic device does not read the first code, the first encryption key cannot be downloaded, and when the second electronic device does not read the second code, Unable to download the second encryption key.

本发明提供一实施例,其内容在于本发明的方法还包括,接续由第二电子装置回复第一消息,因而依据第一消息产生一第二消息,接续第二电子装置再依据群组密钥加密第二消息,以产生一第二加密消息,藉此,第二电子装置依据第二帐号上传第二加密消息至通讯群组服务器;接续,第一电子装置自通讯群组服务器下载第二加密消息,然后,第一电子装置依据群组密钥解密第二加密消息,以在第一电子装置内还原成第二消息。The present invention provides an embodiment, the content of which is that the method of the present invention further includes: connecting the second electronic device to reply to the first message, thereby generating a second message according to the first message, and connecting the second electronic device according to the group key The second message is encrypted to generate a second encrypted message, whereby the second electronic device uploads the second encrypted message to the communication group server according to the second account; then, the first electronic device downloads the second encrypted message from the communication group server Then, the first electronic device decrypts the second encrypted message according to the group key to restore the second message in the first electronic device.

本发明提供一实施例,其内容在于第一电子装置依据一非对称式密码演算法产生第一装置密钥与第一公钥,第二电子装置依据非对称式密码演算法产生第二装置密钥与第二加密密钥。The present invention provides an embodiment, the content of which is that a first electronic device generates a first device key and a first public key according to an asymmetric cryptographic algorithm, and a second electronic device generates a second device secret according to an asymmetric cryptographic algorithm. Key and the second encryption key.

本发明提供一实施例,其内容在于传递消息方法进一步包含转移第一装置密钥与第一公钥至一第三电子装置的步骤,其先以第一电子装置依据加密群组取得一第一条码并暂存该加密群组对应的第一装置密钥与第一公钥于服务器,接续以第三电子装置依据第一条码取得一授权资讯,然后第三电子装置依据该授权资讯自该服务器下载并还原第一装置密钥与第一公钥,再由第三电子装置加入该加密群组并依据该加密群组加密该第一公钥,以产生该第一加密密钥并记录该第三电子装置与该第一加密密钥于服务器,因此完成转移该第一装置密钥与该第一公钥至该第三电子装置。The present invention provides an embodiment, the content of which is that the message delivery method further includes the step of transferring the first device key and the first public key to a third electronic device. Bar code and temporarily store the first device key and the first public key corresponding to the encryption group on the server, then the third electronic device obtains authorization information according to the first barcode, and then the third electronic device obtains authorization information from the server according to the authorization information Download and restore the first device key and the first public key, and then the third electronic device joins the encryption group and encrypts the first public key according to the encryption group to generate the first encryption key and record the first public key The third electronic device and the first encryption key are on the server, thus completing the transfer of the first device key and the first public key to the third electronic device.

本发明提供一实施例,其内容在于第一电子装置依据通讯群组服务器取得一第一条码并暂存该第一装置密钥与第一公钥于该数据服务器的步骤中,第一电子装置对第一装置密钥与第一公钥加密,以产生一第一加密数据,并暂存于该数据服务器。The present invention provides an embodiment, the content of which is that the first electronic device obtains a first barcode according to the communication group server and temporarily stores the first device key and the first public key in the data server. The first electronic device Encrypting the first device key and the first public key to generate a first encrypted data, which is temporarily stored in the data server.

本发明提供一实施例,其内容在于该传递消息的方法进一步包含转移该第二装置密钥与该第二公钥至该第四电子装置的步骤,其先第二电子装置依据加密群组取得一第二条码并暂存该加密群组对应的第一装置密钥与第一公钥于服务器中,接续第四电子装置依据第二条码取得一授权资讯,然后第四电子装置依据授权资讯自服务器下载并还原第二装置密钥与第二公钥,再由该第四电子装置加入该加密群组并依据该加密群组加密第二公钥,以产生该第二加密密钥并记录该第四电子装置和第二加密密钥于服务器中。The present invention provides an embodiment, the content of which is that the method for transferring messages further includes the step of transferring the second device key and the second public key to the fourth electronic device, and the second electronic device first obtains it according to the encryption group A second barcode and temporarily store the first device key and the first public key corresponding to the encryption group in the server, connect the fourth electronic device to obtain authorization information according to the second barcode, and then the fourth electronic device automatically according to the authorization information The server downloads and restores the second device key and the second public key, and then the fourth electronic device joins the encryption group and encrypts the second public key according to the encryption group to generate the second encryption key and record the The fourth electronic device and the second encryption key are in the server.

本发明提供一实施例,于第二电子装置依据该通讯群组服务器取得一第二条码并暂存该第二装置密钥与该第二公钥于该数据服务器的步骤中,第二电子装置对第二装置密钥与第二公钥加密,以产生一第二加密数据,并暂存于该数据服务器。The present invention provides an embodiment. In the step in which the second electronic device obtains a second barcode according to the communication group server and temporarily stores the second device key and the second public key in the data server, the second electronic device The second device key and the second public key are encrypted to generate a second encrypted data, which is temporarily stored in the data server.

本发明提供一实施例,其内容在于通讯群组服务器与数据服务器为同一服务器。The present invention provides an embodiment, the content of which is that the communication group server and the data server are the same server.

为了达到上述之目的,本发明另揭示了一种加密群组消息的方法,应用于一电子装置依据一帐号储存一加密密钥至一数据服务器,加密密钥对应于电子装置的装置密钥,本发明的加密群组消息的方法先由电子装置依据帐号下载该加密密钥,接续电子装置依据装置密钥对加密密钥进行解密而产生一群组密钥,然后电子装置依据群组密钥对一消息进行加密而产生一加密消息。藉此,改善加密消息的信赖度。In order to achieve the above objective, the present invention also discloses a method for encrypting group messages, which is applied to an electronic device to store an encryption key to a data server according to an account, and the encryption key corresponds to the device key of the electronic device. In the method of encrypting group messages of the present invention, the electronic device first downloads the encryption key according to the account number, the connected electronic device decrypts the encryption key according to the device key to generate a group key, and then the electronic device according to the group key Encrypt a message to generate an encrypted message. In this way, the reliability of encrypted messages is improved.

本发明提供另一实施例,于依据一装置密钥与该加密密钥解密的步骤中,电子装置进一步依据一非对称式密码演算法进行解密,以产生该群组密钥。The present invention provides another embodiment. In the step of decrypting according to a device key and the encryption key, the electronic device further decrypts according to an asymmetric cryptographic algorithm to generate the group key.

本发明提供另一实施例,于依据一装置密钥与该加密密钥解密的步骤中,进一步依据一进阶加密标准(AES)演算法产生该加密消息。The present invention provides another embodiment. In the step of decrypting according to a device key and the encryption key, the encrypted message is further generated according to an Advanced Encryption Standard (AES) algorithm.

为了达到上述之目的,本发明另揭示了一种解密群组消息的方法,应用于一电子装置依据一帐号储存一加密密钥至一数据服务器,该加密密钥对应于该电子装置的一装置密钥,本发明的解密群组消息的方法先由电子装置依据帐号下载该加密密钥,接续电子装置依据装置密钥对加密密钥进行解密而产生一群组密钥;该电子装置依据群组密钥对一加密消息进行解密而产生一解密消息。藉此,提升群组消息的安全度。In order to achieve the above objective, the present invention also discloses a method for decrypting group messages, which is applied to an electronic device to store an encryption key to a data server according to an account, and the encryption key corresponds to a device of the electronic device In the method for decrypting group messages of the present invention, the electronic device first downloads the encryption key according to the account number, and the connected electronic device decrypts the encryption key according to the device key to generate a group key; the electronic device according to the group The group key decrypts an encrypted message to generate a decrypted message. In this way, the security of group messages is improved.

本发明提供另一实施例,其内容在于依据一装置密钥与该加密密钥解密之步骤中,该电子装置进一步依据一非对称式密码演算法进行解密,以产生该群组密钥。The present invention provides another embodiment, the content of which is that in the step of decrypting according to a device key and the encryption key, the electronic device further decrypts according to an asymmetric cryptographic algorithm to generate the group key.

本发明提供另一实施例,其内容在于依据该群组密钥与一加密消息产生一解密消息并显示的步骤中,进一步依据一进阶加密标准(AES)演算法产生该加密消息。The present invention provides another embodiment, the content of which is that in the step of generating and displaying a decrypted message according to the group key and an encrypted message, the encrypted message is further generated according to an Advanced Encryption Standard (AES) algorithm.

附图说明Description of the drawings

图1A为本发明的一实施例的部分流程图;Figure 1A is a partial flowchart of an embodiment of the present invention;

图1B为本发明的一实施例的部分流程图;FIG. 1B is a partial flowchart of an embodiment of the present invention;

图2为本发明的一实施例的第一加密密钥的系统示意图;2 is a schematic diagram of a system of a first encryption key according to an embodiment of the present invention;

图3为本发明的一实施例的第二加密密钥的系统示意图;FIG. 3 is a schematic diagram of a second encryption key system according to an embodiment of the present invention;

图4为本发明的一实施例的第一电子装置加密消息的系统示意图;4 is a schematic diagram of a system for encrypting messages by a first electronic device according to an embodiment of the present invention;

图4B为本发明的一实施例的第二电子装置解密消息的系统示意图;4B is a schematic diagram of a system for decrypting messages by a second electronic device according to an embodiment of the present invention;

图5A为本发明的一实施例的第二电子装置加密消息的系统示意图;5A is a schematic diagram of a system for encrypting messages by a second electronic device according to an embodiment of the present invention;

图5B为本发明的一实施例的第一电子装置解密消息的系统示意图;5B is a schematic diagram of a system for decrypting messages by the first electronic device according to an embodiment of the present invention;

图6为本发明的加密群组消息的流程图;Figure 6 is a flowchart of the encrypted group message of the present invention;

图7为本发明的解密群组消息的流程图;Fig. 7 is a flowchart of decrypting group messages according to the present invention;

图8A为本发明的更换第一电子装置至第三电子装置的部分流程图;8A is a partial flowchart of the replacement of the first electronic device to the third electronic device according to the present invention;

图8B为本发明的更换第一电子装置至第三电子装置的部分流程图;8B is a partial flowchart of the replacement of the first electronic device to the third electronic device according to the present invention;

图9为本发明的一实施例的第一加密密钥的系统示意图;FIG. 9 is a schematic diagram of a system of a first encryption key according to an embodiment of the present invention;

图10为本发明的一实施例的第二加密密钥的系统示意图;FIG. 10 is a schematic diagram of a second encryption key system according to an embodiment of the present invention;

图11为本发明的一实施例的加密消息的系统示意图;FIG. 11 is a schematic diagram of a system for encrypting messages according to an embodiment of the present invention;

图12为本发明的一实施例的解密消息的系统示意图;FIG. 12 is a schematic diagram of a system for decrypting messages according to an embodiment of the present invention;

图13A为本发明的更换第二电子装置至第四电子装置的部分流程图;13A is a partial flowchart of the replacement of the second electronic device to the fourth electronic device according to the present invention;

图13B为本发明的更换第二电子装置至第四电子装置的部分流程图;13B is a partial flowchart of the replacement of the second electronic device to the fourth electronic device according to the present invention;

图14为本发明的一实施例的第一加密密钥的系统示意图;FIG. 14 is a schematic diagram of a system of a first encryption key according to an embodiment of the present invention;

图15为本发明的一实施例的第二加密密钥的系统示意图;15 is a schematic diagram of a second encryption key system according to an embodiment of the present invention;

图16为本发明的一实施例的加密消息的系统示意图;以及FIG. 16 is a schematic diagram of a system for encrypting messages according to an embodiment of the present invention; and

图17为本发明的一实施例的解密消息的系统示意图。FIG. 17 is a schematic diagram of a system for decrypting messages according to an embodiment of the present invention.

附图标记说明:1群组系统;2群组系统;10数据服务器;12密钥清单;20第一电子装置;22第一装置密钥;24第一公钥;30第二电子装置;32第二装置密钥;34第二公钥;40通讯群组服务器;40A加密群组;50多功能服务器;50A加密群组;60第三电子装置;62第三装置密钥;64第三公钥;70第四电子装置;72第四装置密钥;74第四公钥;D1第一加密数据;D2第二加密数据;device1第一代码;device2第二代码;key1第一加密密钥;key2第二加密密钥;keyg群组密钥;M1第一消息;M12第一加密消息;M2第二消息;M22第二加密消息;QR1第一条码;QR2第二条码;S10-S120步骤;S210-S230步骤;S310-S330步骤;S410-S560步骤;S610-S760步骤。Description of Reference Signs: 1 group system; 2 group system; 10 data server; 12 key list; 20 first electronic device; 22 first device key; 24 first public key; 30 second electronic device; 32 Second device key; 34 second public key; 40 communication group server; 40A encryption group; 50 multifunction server; 50A encryption group; 60 third electronic device; 62 third device key; 64 third public key Key; 70 fourth electronic device; 72 fourth device key; 74 fourth public key; D1 first encrypted data; D2 second encrypted data; device1 first code; device2 second code; key1 first encryption key; key2 second encryption key; keyg group key; M1 first message; M12 first encrypted message; M2 second message; M22 second encrypted message; QR1 first barcode; QR2 second barcode; S10-S120 steps; Steps S210-S230; Steps S310-S330; Steps S410-S560; Steps S610-S760.

具体实施方式Detailed ways

为使本领域技术人员对本发明的特征及所达成的功效有更进一步了解与认识,下面以实施例及附图对本发明进行详细说明。In order to enable those skilled in the art to have a better understanding and understanding of the characteristics of the present invention and the effects achieved, the present invention will be described in detail below with embodiments and drawings.

有鉴于现有技术定位技术对于可靠度的影响,据此,本发明遂提出一种加、解密群组消息及传递消息的方法,以解决现有技术所造成的消息信赖度问题。In view of the influence of the prior art positioning technology on reliability, the present invention proposes a method for encrypting and decrypting group messages and transferring messages to solve the problem of message reliability caused by the prior art.

以下,将进一步说明本发明一种加、解密群组消息及传递消息之方法所包含之特性、所搭配的结构及其方法:In the following, the characteristics, the structure and the method of the method for encrypting and decrypting group messages and transmitting messages of the present invention will be further explained:

首先,请参阅图1A所示的本发明一实施例的流程图。本发明的一种传递消息方法,包括以下步骤:First, please refer to the flowchart of an embodiment of the present invention shown in FIG. 1A. A method of message delivery of the present invention includes the following steps:

步骤S10:第一电子装置依据第一帐号从数据服务器下载第一加密密钥;Step S10: The first electronic device downloads the first encryption key from the data server according to the first account number;

步骤S20:第一电子装置依据第一装置密钥解密第一加密密钥,以取得群组密钥;Step S20: The first electronic device decrypts the first encryption key according to the first device key to obtain the group key;

步骤S30:第一电子装置依据群组密钥加密第一消息,以产生第一加密消息;Step S30: The first electronic device encrypts the first message according to the group key to generate the first encrypted message;

步骤S40:第一电子装置依据第一帐号上传第一加密消息至通讯群组服务器;Step S40: The first electronic device uploads the first encrypted message to the communication group server according to the first account;

步骤S50:第二电子装置依据第二帐号自该数据服务器下载第二加密密钥并从通讯群组服务器下载第一加密消息;Step S50: The second electronic device downloads the second encryption key from the data server and downloads the first encrypted message from the communication group server according to the second account number;

步骤S60:第二电子装置依据第二装置密钥解密第二加密密钥,以取得群组密钥;Step S60: The second electronic device decrypts the second encryption key according to the second device key to obtain the group key;

步骤S70:第二电子装置依据群组密钥解密第一加密消息,以在第二电子装置内还原成第一消息。Step S70: The second electronic device decrypts the first encrypted message according to the group key to restore the first message in the second electronic device.

请一并参阅图2至图4B所示的本发明一实施例的系统示意图。本发明传递消息的方法所采用的群组系统1包含一数据服务器10、一第一电子装置20、一第二电子装置30与一通讯群组服务器40,本实施例中,第一电子装置20依据一第一帐号A1登入通讯群组服务器40,第一电子装置20的第一帐号A1保存在通讯群组服务器40中,第一帐号A1在一通讯群组40A中作为管理者并由第一电子装置20邀请第二电子装置30依据一第二帐号A2登入该通讯群组服务器,而第一帐号A1于通讯群组服务器40中的一通讯群组G1作为管理者。Please also refer to the system schematic diagrams of an embodiment of the present invention shown in FIGS. 2 to 4B. The group system 1 used in the method of transmitting messages of the present invention includes a data server 10, a first electronic device 20, a second electronic device 30, and a communication group server 40. In this embodiment, the first electronic device 20 Log in to the communication group server 40 according to a first account A1, the first account A1 of the first electronic device 20 is stored in the communication group server 40, and the first account A1 acts as a manager in a communication group 40A and is managed by the first The electronic device 20 invites the second electronic device 30 to log in to the communication group server according to a second account A2, and the first account A1 is a communication group G1 in the communication group server 40 as a manager.

接续上述,第一电子装置20依据通讯群组G1的一群组数据GD1产生一第一装置密钥22与一第一公钥24,而第二电子装置30依据群组数据GD1产生一第二装置密钥32与一第二公钥34,因 此第一电子装置20依据群组数据GD1对应的一群组密钥keyg加密第一公钥24,以产生一第一加密密钥Key1,且第一电子装置20经通讯群组服务器40取得第二电子装置30的第二公钥34,也就是第二电子装置30经通讯群组服务器40将第二公钥34传送至第一电子装置20,第一电子装置20依据群组密钥keyg加密第二公钥34,以产生一第二加密密钥Key2,其中群组数据GD1为对应于群组通讯服务器40的通讯群组40A,因此本实施例所述的密钥为应用通讯群组40A,而无法在其他群组使用,以增强安全性,第一加密密钥Key1与第二加密密钥Key2皆对应至群组密钥keyg。Following the above, the first electronic device 20 generates a first device key 22 and a first public key 24 according to a group data GD1 of the communication group G1, and the second electronic device 30 generates a second device key according to the group data GD1 The device key 32 and a second public key 34, so the first electronic device 20 encrypts the first public key 24 according to a group key keyg corresponding to the group data GD1 to generate a first encryption key Key1, and An electronic device 20 obtains the second public key 34 of the second electronic device 30 through the communication group server 40, that is, the second electronic device 30 transmits the second public key 34 to the first electronic device 20 through the communication group server 40, The first electronic device 20 encrypts the second public key 34 according to the group key keyg to generate a second encryption key Key2, where the group data GD1 is the communication group 40A corresponding to the group communication server 40, so this implementation The key mentioned in the example is the application communication group 40A and cannot be used in other groups to enhance security. Both the first encryption key Key1 and the second encryption key Key2 correspond to the group key keyg.

进一步,本实施例中,存储数据与群播消息执行于不同服务器,也就是区分为该数据服务器10与群组通讯服务器40,因此区分有数据服务器10与通讯群组服务器40。数据服务器10储存第一加密密钥Key1与第二加密密钥Key2,第一加密密钥key1与第二加密密钥key2分别连结(或绑定)一第一代码device1与一第二代码device2,而第一代码device1与第二代码device2分别为对应第一电子装置20与第二电子装置30的代码,因此透过第一电子装置20上传至数据服务器10,让数据服务器10记录第一电子装置30对应的第一代码device1与该第一加密密钥key1,以及让数据服务器10记录第二电子装置30对应的第二代码device2与第二加密密钥key2。其中,第一装置密钥22与第一公钥24为第一电子装置20依据一非对称加密演算法所产生,而第二装置密钥32与第二公钥34为第二电子装置30依据该非对称加密演算法所产生,例如:RSA加密演算法,因此第一装置密钥22配对于第一公钥24,第二装置密钥32配对于第二公钥34。Furthermore, in this embodiment, storing data and group broadcasting messages are performed on different servers, that is, the data server 10 and the group communication server 40 are distinguished, so the data server 10 and the communication group server 40 are distinguished. The data server 10 stores a first encryption key Key1 and a second encryption key Key2. The first encryption key key1 and the second encryption key key2 are respectively connected (or bound) with a first code device1 and a second code device2, The first code device1 and the second code device2 are codes corresponding to the first electronic device 20 and the second electronic device 30 respectively. Therefore, they are uploaded to the data server 10 through the first electronic device 20 so that the data server 10 records the first electronic device The first code device1 and the first encryption key key1 corresponding to 30, and the data server 10 records the second code device2 and the second encryption key key2 corresponding to the second electronic device 30. The first device key 22 and the first public key 24 are generated by the first electronic device 20 according to an asymmetric encryption algorithm, and the second device key 32 and the second public key 34 are generated by the second electronic device 30 according to The asymmetric encryption algorithm is generated, for example, the RSA encryption algorithm, so the first device key 22 is matched to the first public key 24, and the second device key 32 is matched to the second public key 34.

在步骤S10中,如图4所示,第一电子装置20的第一帐号A1于通讯群组服务器40中,提出数据下载请求,以下载先前储存于数据服务器10的第一加密密钥key1,数据服务器10依据第一代码device1,供第一电子装置20接续下载第一加密密钥key1于第一电子装置20之装置内部储存空间。于步骤S20中,如图4所示,第一电子装置20针对第一加密密钥Key1进行解密,因而让第一电子装置20取得对应通讯群组40A之群组密钥keyg,然后在步骤S30中,第一电子装置20依据群组密钥keyg对第一电子装置20所要传送之一第一消息M1进行加密,因而产生一第一加密消息M12。In step S10, as shown in FIG. 4, the first account A1 of the first electronic device 20 is in the communication group server 40, and a data download request is made to download the first encryption key key1 previously stored in the data server 10. The data server 10 allows the first electronic device 20 to download the first encryption key key1 in the internal storage space of the first electronic device 20 according to the first code device1. In step S20, as shown in FIG. 4, the first electronic device 20 decrypts the first encryption key Key1, so that the first electronic device 20 obtains the group key keyg corresponding to the communication group 40A, and then in step S30 Here, the first electronic device 20 encrypts a first message M1 to be transmitted by the first electronic device 20 according to the group key keyg, thereby generating a first encrypted message M12.

于步骤S40中,如图4所示,第一电子装置20将第一加密消息M12上传至通讯群组40A。接续于步骤S50中,如图5所示,第二电子装置30对数据服务器10针对第二加密密钥key2提出数 据下载请求,以让数据服务器10依据第二代码device2下载第二加密密钥key2,同时让第二电子装置30自通讯群组40A下载第一加密消息M12,然后于步骤S60中,第二电子装置30依据第二装置密钥32与第二加密密钥key2进行解密,因而取得对应通讯群组40A的群组密钥keyg,供第二电子装置30于步骤S70中利用群组密钥keyg对加密消息M12进行解密,以将第一加密消息M12还原成第一消息M1于第二电子装置30中,因而让第二电子装置30可显示出第一消息M1,而非显示第一加密消息M12。In step S40, as shown in FIG. 4, the first electronic device 20 uploads the first encrypted message M12 to the communication group 40A. In step S50, as shown in FIG. 5, the second electronic device 30 makes a data download request for the second encryption key key2 to the data server 10, so that the data server 10 downloads the second encryption key key2 according to the second code device2 , While allowing the second electronic device 30 to download the first encrypted message M12 from the communication group 40A, and then in step S60, the second electronic device 30 decrypts according to the second device key 32 and the second encryption key key2, thereby obtaining Corresponding to the group key keyg of the communication group 40A, the second electronic device 30 uses the group key keyg to decrypt the encrypted message M12 in step S70 to restore the first encrypted message M12 to the first message M1. In the second electronic device 30, the second electronic device 30 can display the first message M1 instead of the first encrypted message M12.

由上述可知,藉由本发明的传递消息的方法让服务器不再判读或辨识出第一电子装置20传送至第二电子装置30的消息,因而避免第三方泄漏资讯,且因传递消息过程中为传递加密消息,更进一步提高消息传递的可靠度。It can be seen from the above that the method of transmitting messages of the present invention allows the server to no longer interpret or recognize the messages transmitted by the first electronic device 20 to the second electronic device 30, thereby avoiding the leakage of information by third parties, and because the process of message transmission is Encrypting messages further improves the reliability of message delivery.

如图1B所示,本发明的传递消息的方法还可应用于第二电子装置30回复消息的传递过程中,因而依据节点A,进一步延续本发明的方法的步骤至步骤S150,也就是说本发明的传递消息的方法还包括:As shown in FIG. 1B, the method for transferring messages of the present invention can also be applied to the transfer process of the reply message of the second electronic device 30. Therefore, according to node A, the steps of the method of the present invention are further continued to step S150, that is to say, this The invented method of delivering messages also includes:

步骤S80:第二电子装置依据第一消息产生第二消息;Step S80: the second electronic device generates a second message according to the first message;

步骤S90:第二电子装置依据第二装置密钥与第二加密密钥加密第二消息,以产生第二加密消息;Step S90: The second electronic device encrypts the second message according to the second device key and the second encryption key to generate a second encrypted message;

步骤S100:第二电子装置依据第二帐号上传第二加密消息至该通讯群组服务器;Step S100: the second electronic device uploads the second encrypted message to the communication group server according to the second account;

步骤S110:第一电子装置自通讯群组服务器下载第二加密消息;以及Step S110: the first electronic device downloads the second encrypted message from the communication group server; and

步骤S120:第一电子装置依据第一装置密钥与第一加密密钥解密第二加密消息,以在第一电子装置内还原成第二消息。Step S120: The first electronic device decrypts the second encrypted message according to the first device key and the first encryption key to restore the second message in the first electronic device.

于步骤S110中,第二电子装置30为依据第一消息M1产生对应的回复消息,即对应产生一第二消息M2,然后,于步骤S120中,第二电子装置30依据第二装置密钥32与第二加密密钥key2解密所产生的群组密钥keyg,对第二消息M2进行加密,其中,第二电子装置30可自数据服务器10再次下载第二加密密钥key2,而再次执行第二加密密钥key2的解密,以获得群组密钥keyg,而对第二消息M2进行加密,以产生对应的第二加密消息M22,或者是第二电子装至30依据第二装置密钥32而直接利用先前步骤S70已下载的第二加密密钥key2进行解密,以获得群组密钥keyg,进而对第二消息M2进行加密。In step S110, the second electronic device 30 generates a corresponding reply message according to the first message M1, that is, correspondingly generates a second message M2, and then, in step S120, the second electronic device 30 generates a corresponding response message according to the second device key 32 The group key keyg generated by decrypting with the second encryption key key2 is used to encrypt the second message M2, wherein the second electronic device 30 can download the second encryption key key2 again from the data server 10, and execute the first The second encryption key key2 is decrypted to obtain the group key keyg, and the second message M2 is encrypted to generate the corresponding second encrypted message M22, or the second electronic device 30 according to the second device key 32 The second encryption key key2 downloaded in the previous step S70 is directly used for decryption to obtain the group key keyg, and then the second message M2 is encrypted.

之后于步骤S130中,第二电子装置30将第二加密消息M22上传至通讯群组服务器40的通讯群组40A中,因而让第一电子装置20接续于步骤S140中,自通讯群组服务器40下载第二加密消息M22于装置内部储存空间。接续,第一电子装置20于步骤S150中,依据第一装置密钥22与第一加密密钥key1解密所产生的群组密钥keyg,对第二加密消息M22进行解密,以还原成第二消息M2,其中,第一电子装置20可自数据服务器10再次下载第一加密密钥key1,而再次执行第一加密密钥key1的解密,以获得群组密钥keyg,而对第二加密消息M22进行加密,以还原成对应的第二消息M2,或者是第一电子装至20依据第一装置密钥22而直接利用先前步骤S20已下载的第一加密密钥key1进行解密,以获得群组密钥keyg,进而对第二加密消息M22进行解密。Then in step S130, the second electronic device 30 uploads the second encrypted message M22 to the communication group 40A of the communication group server 40, so that the first electronic device 20 is connected to the communication group 40A from the communication group server 40 in step S140. Download the second encrypted message M22 to the internal storage space of the device. Continuing, in step S150, the first electronic device 20 decrypts the second encrypted message M22 according to the group key keyg generated by decrypting the first device key 22 and the first encryption key key1 to restore the second encrypted message M22. Message M2, where the first electronic device 20 can download the first encryption key key1 again from the data server 10, and perform the decryption of the first encryption key key1 again to obtain the group key keyg, and the second encrypted message M22 encrypts to restore the corresponding second message M2, or the first electronic device 20 directly uses the first encryption key key1 downloaded in the previous step S20 to decrypt according to the first device key 22 to obtain the group The group key keyg further decrypts the second encrypted message M22.

请参阅图6所示的本发明加密群组消息的流程图。如图所示,本发明的加密群组消息的方法包括以下步骤:Please refer to the flowchart shown in FIG. 6 for encrypting group messages of the present invention. As shown in the figure, the method for encrypting group messages of the present invention includes the following steps:

步骤S210:电子装置下载服务器所储存的加密密钥;Step S210: the electronic device downloads the encryption key stored in the server;

步骤S220:依据装置密钥对加密密钥解密,以取得群组密钥;Step S220: Decrypt the encryption key according to the device key to obtain the group key;

步骤S230:依据群组密钥与群组消息产生加密消息,以传送至一加密群组。Step S230: Generate an encrypted message according to the group key and the group message, and send it to an encrypted group.

参阅图4,第一电子装置20欲加密第一消息M1时,需先下载原先上传至数据服务器10或多功能服务器50的第一加密密钥key1,由于第一加密密钥key1并非由数据服务器10或多功能服务器50所加密,因此数据服务器10或多功能服务器50无法对第一加密密钥key1进行解密,仅可由第一电子装置20对第一加密密钥key1进行解密,因此于步骤S220中,由第一电子装置20进行解密,以取得对应加密群组40的群组密钥keyg,接续于步骤S230中,第一电子装置20依据群组密钥keyg对群组消息(即第一消息M1)进行加密,而产生对应的第一加密消息M12,而上传至对应的加密群组。4, when the first electronic device 20 wants to encrypt the first message M1, it needs to download the first encryption key key1 originally uploaded to the data server 10 or the multifunction server 50, because the first encryption key key1 is not generated by the data server 10 or the multi-function server 50, so the data server 10 or the multi-function server 50 cannot decrypt the first encryption key key1, and only the first electronic device 20 can decrypt the first encryption key key1. Therefore, in step S220 In step S230, the first electronic device 20 performs decryption to obtain the group key keyg corresponding to the encrypted group 40. In step S230, the first electronic device 20 pairs the group message (that is, the first The message M1) is encrypted, and the corresponding first encrypted message M12 is generated and uploaded to the corresponding encrypted group.

以上实施例,为第一电子装置20对加密群组发出群组消息,倘若为第二电子装置30发出群组消息至加密群组,亦是遵循上述的步骤S210至步骤S230。In the above embodiment, the first electronic device 20 sends a group message to the encrypted group. If the second electronic device 30 sends a group message to the encrypted group, the above steps S210 to S230 are also followed.

请参阅图7所示的本发明的解密群组消息的流程图。本发明解密群组消息的方法,包括以下步骤:Please refer to the flowchart shown in FIG. 7 for the decryption of group messages of the present invention. The method for decrypting group messages of the present invention includes the following steps:

步骤S310:一电子装置下载一服务器所储存的一加密密钥;Step S310: an electronic device downloads an encryption key stored in a server;

步骤S320:依据一装置密钥对加密密钥解密,取得一群组密钥;Step S320: Decrypt the encryption key according to a device key to obtain a group key;

步骤S330:依据该群组密钥与一加密消息产生一解密消息并显示于该电子装置。Step S330: Generate a decrypted message according to the group key and an encrypted message and display it on the electronic device.

参阅图4B,第二电子装置30欲解密第一加密消息M12时,需先下载原先上传至数据服务器10之第二加密密钥key2,由于第二加密密钥key2并非由数据服务器10或多功能服务器50所加密,因此数据服务器10无法对第二加密密钥key2进行解密,仅可由第二电子装置30对第二加密密钥key2进行解密,因此于步骤S220中,由第二电子装置30进行解密,以产生出对应加密群组的群组密钥keyg,接续于步骤S230中,第二电子装置30依据群组密钥keyg对第一加密消息M12进行解密,而还原成对应之第一消息M1(即群组消息),因而让第二电子装置30可显示第一消息M1,而非显示加密的第一加密消息M12。4B, when the second electronic device 30 wants to decrypt the first encrypted message M12, it needs to download the second encryption key key2 originally uploaded to the data server 10. Because the second encryption key key2 is not used by the data server 10 or the multifunction It is encrypted by the server 50, so the data server 10 cannot decrypt the second encryption key key2. Only the second electronic device 30 can decrypt the second encryption key key2. Therefore, in step S220, the second electronic device 30 performs Decryption to generate a group key keyg corresponding to the encrypted group. In step S230, the second electronic device 30 decrypts the first encrypted message M12 according to the group key keyg, and restores it to the corresponding first message M1 (ie, group message), so that the second electronic device 30 can display the first message M1 instead of displaying the encrypted first encrypted message M12.

以上实施例,为第二电子装置30欲还原显示加密群组的加密消息,倘若为第一电子装置20欲还原显示加密群组之加密消息,亦是遵循上述的步骤S310至步骤S330。In the above embodiment, the second electronic device 30 wants to restore the encrypted message of the encrypted group. If the first electronic device 20 wants to restore the encrypted message of the encrypted group, the steps S310 to S330 are also followed.

此外,第一电子装置20与第二电子装置30未登录于密钥清单12时,第一电子装置20与第二电子装置30无法对所发出的群组消息加密或无法对加密消息进行解密,因此,当第一电子装置20与第二电子装置30未登录于密钥清单12时,即显示加密群组中的消息皆为经加密的群组消息,而显示成无法辨识的乱码。In addition, when the first electronic device 20 and the second electronic device 30 are not registered in the key list 12, the first electronic device 20 and the second electronic device 30 cannot encrypt the sent group message or cannot decrypt the encrypted message. Therefore, when the first electronic device 20 and the second electronic device 30 are not registered in the key list 12, it is displayed that the messages in the encrypted group are all encrypted group messages and are displayed as unrecognizable garbled characters.

以下实施例为进一步说明通讯群组服务器40与数据服务器10结合成多功能服务器50,且第一电子装置20与第二电子装置30分别以第一帐号A1与第二帐号A2登入多功能服务器,第一电子装置20的使用者更换电子装置,以重新加入加密群组50A,并重新握有第一电子装置20相关密钥的说明。The following embodiments further illustrate that the communication group server 40 and the data server 10 are combined into a multifunctional server 50, and the first electronic device 20 and the second electronic device 30 log in to the multifunctional server with the first account A1 and the second account A2, respectively. The user of the first electronic device 20 replaces the electronic device to rejoin the encryption group 50A, and holds the description of the key related to the first electronic device 20 again.

请参阅图8A与图8B,其为本发明之更换第一电子装置至第三电子装置的流程图。本发明之传递消息的方法进一步包含更换第一电子装置的步骤流程,包括以下步骤:Please refer to FIGS. 8A and 8B, which are flowcharts of replacing the first electronic device to the third electronic device according to the present invention. The method of transmitting messages of the present invention further includes a step flow of replacing the first electronic device, including the following steps:

步骤S410:第一电子装置依据第一帐号从数据服务器下载第一加密密钥;Step S410: The first electronic device downloads the first encryption key from the data server according to the first account number;

步骤S420:第一电子装置依据第一装置密钥解密第一加密密钥,以取得群组密钥;Step S420: The first electronic device decrypts the first encryption key according to the first device key to obtain the group key;

步骤S430:第一电子装置依据群组密钥加密第一消息,以产生第一加密消息;Step S430: The first electronic device encrypts the first message according to the group key to generate the first encrypted message;

步骤S440:第一电子装置依据第一帐号上传第一加密消息至通讯群组服务器;Step S440: the first electronic device uploads the first encrypted message to the communication group server according to the first account;

步骤S450:第二电子装置依据第二帐号自数据服务器下载第二加密密钥并从通讯群组服务器下载第一加密消息;Step S450: The second electronic device downloads the second encryption key from the data server and downloads the first encrypted message from the communication group server according to the second account number;

步骤S460:第二电子装置依据第二装置密钥解密第二加密密钥,以取得群组密钥;Step S460: The second electronic device decrypts the second encryption key according to the second device key to obtain the group key;

步骤S470:第二电子装置依据群组密钥解密第一加密消息,以在第二电子装置还原成第一消息;Step S470: The second electronic device decrypts the first encrypted message according to the group key to restore the first message in the second electronic device;

步骤S480:第二电子装置依据第一消息产生第二消息;Step S480: the second electronic device generates a second message according to the first message;

步骤S490:第二电子装置依据第二装置密钥与第二加密密钥所得的群组密钥加密第二消息,以产生第二加密消息;Step S490: The second electronic device encrypts the second message according to the group key obtained by the second device key and the second encryption key to generate a second encrypted message;

步骤S500:第二电子装置依据第二帐号上传第二加密消息至通讯群组服务器;Step S500: the second electronic device uploads the second encrypted message to the communication group server according to the second account;

步骤S510:第一电子装置自通讯群组服务器下载第二加密消息;Step S510: The first electronic device downloads the second encrypted message from the communication group server;

步骤S520:第一电子装置依据第一装置密钥与第一加密密钥所得的群组密钥解密该第二加密消息,以在第一电子装置内还原成第二消息;Step S520: The first electronic device decrypts the second encrypted message according to the group key obtained by the first device key and the first encryption key, so as to restore the second message in the first electronic device;

步骤S530:第一电子装置依据加密群组取得第一条码并暂存加密群组对应的第一装置密钥与第一公钥于服务器中;Step S530: The first electronic device obtains the first barcode according to the encryption group and temporarily stores the first device key and the first public key corresponding to the encryption group in the server;

步骤S540:第三电子装置依据第一条码取得授权资讯并加入加密群组;Step S540: The third electronic device obtains the authorization information according to the first barcode and joins the encryption group;

步骤S550:第三电子装置依据授权资讯自服务器下载并还原第一装置密钥与第一公钥;以及Step S550: The third electronic device downloads and restores the first device key and the first public key from the server according to the authorization information; and

步骤S560:第三电子装置依据该加密群组加密第一公钥,以产生第一加密密钥并记录第三电子装置搭配第一加密密钥于服务器。Step S560: The third electronic device encrypts the first public key according to the encryption group to generate a first encryption key and records the third electronic device with the first encryption key on the server.

请一并参阅图9至图12,其为本发明的另一实施例的系统示意图。图2至图4B与图9至图12的差异在于图9至图12进一步包含一第三电子装置60。Please refer to FIGS. 9 to 12 together, which are schematic diagrams of a system according to another embodiment of the present invention. The difference between FIGS. 2 to 4B and FIGS. 9 to 12 is that FIGS. 9 to 12 further include a third electronic device 60.

于步骤S410至步骤S520,已于上述实施例的步骤S10至步骤S120中揭示,因此不再赘述,由于第一电子装置20于发出第一加密消息M12后,第一电子装置20的使用者将更换成使用第三电子装置60,因此接续于步骤S530中,如图9所示,先由第一电子装置10向加密群组50A取得一转移用途的第一条码QR1,同时第一电子装置20将会暂存加解密用途的第一装置密钥22与第一公钥24至多功能服务器50,其中第一电子装置20为进一步对第一装置密钥22与第一公钥24进行加密,因而产生对应的一第一加密数据D1,藉此让多功能服务器50不会辨识第一装置密钥22与第一公钥24,因而避免服务器端泄密的问题。Steps S410 to S520 have been disclosed in steps S10 to S120 of the above-mentioned embodiment, so they will not be repeated. Since the first electronic device 20 sends the first encrypted message M12, the user of the first electronic device 20 will The third electronic device 60 is replaced by the third electronic device 60. Therefore, in step S530, as shown in FIG. The first device key 22 and the first public key 24 for encryption and decryption purposes will be temporarily stored to the multifunctional server 50, where the first electronic device 20 further encrypts the first device key 22 and the first public key 24, thus A corresponding first encrypted data D1 is generated, so that the multifunctional server 50 does not recognize the first device key 22 and the first public key 24, thereby avoiding the problem of server-side leakage.

于步骤S540中,如图15所示,第三电子装置60为针对第一条码QR1进行读取,例如:利用内建相机撷取第一条码QR1的影像,因而获得暂时性第三装置密钥62与第三公钥64并加入加密 群组50A,因而将第三公钥64加密,以产生一第三加密密钥key3并上传至密钥清单12,也就是暂时授权第三电子装置60使用对应于加密群组50A的加解密;接续于步骤S550中,如图16所示,第三电子装置60从多功能服务器50下载暂存的第一加密数据D1,第三电子装置60针对第一加密数据D1进行解密,以还原出第一装置密钥22与第一公钥24于第三电子装置60中,后在步骤S560中,将还原后的第一公钥24进行加密,因而产生对应第三电子装置60的第一加密密钥key1,并上传至多功能服务器50的密钥清单12。如此在密钥清单12中,第一加密密钥key1改以对应于第三电子装置60,其中,由于第三电子装置60为取代第一电子装置20作为加密群组50A的管理者,因此步骤S560中,由第三电子装置60已经获得完整的第一装置密钥22与第一公钥24的非对称加密密钥,因此可直接进行加密处理。In step S540, as shown in FIG. 15, the third electronic device 60 reads the first barcode QR1, for example: using a built-in camera to capture the image of the first barcode QR1, thereby obtaining a temporary third device key 62 and the third public key 64 are added to the encryption group 50A, so the third public key 64 is encrypted to generate a third encryption key key3 and upload it to the key list 12, which is to temporarily authorize the third electronic device 60 to use Corresponding to the encryption and decryption of the encryption group 50A; in step S550, as shown in FIG. 16, the third electronic device 60 downloads the temporarily stored first encrypted data D1 from the multifunction server 50, and the third electronic device 60 targets the first The encrypted data D1 is decrypted to restore the first device key 22 and the first public key 24 in the third electronic device 60, and then in step S560, the restored first public key 24 is encrypted to generate the corresponding The first encryption key key1 of the third electronic device 60 is uploaded to the key list 12 of the multifunction server 50. In this way, in the key list 12, the first encryption key key1 is changed to correspond to the third electronic device 60, wherein, since the third electronic device 60 replaces the first electronic device 20 as the manager of the encryption group 50A, step In S560, the complete asymmetric encryption key of the first device key 22 and the first public key 24 has been obtained by the third electronic device 60, so the encryption process can be directly performed.

请参阅图13A与图13B,其为更换第二电子装置至第四电子装置的流程图。如图所示,本发明传递消息的方法进一步包含更换第二电子装置的步骤流程,其步骤包含:Please refer to FIG. 13A and FIG. 13B, which are flowcharts of replacing the second electronic device to the fourth electronic device. As shown in the figure, the method of transmitting messages of the present invention further includes a step flow of replacing the second electronic device, and the steps include:

步骤S610:第一电子装置依据第一帐号向数据服务器下载第一加密密钥;Step S610: The first electronic device downloads the first encryption key to the data server according to the first account number;

步骤S620:第一电子装置依据第一装置密钥解密第一加密密钥,以取得群组密钥;Step S620: The first electronic device decrypts the first encryption key according to the first device key to obtain the group key;

步骤S630:第一电子装置依据群组密钥加密第一消息,以产生第一加密消息;Step S630: The first electronic device encrypts the first message according to the group key to generate the first encrypted message;

步骤S640:第一电子装置依据第一帐号上传第一加密消息至通讯群组服务器;Step S640: the first electronic device uploads the first encrypted message to the communication group server according to the first account;

步骤S650:第二电子装置依据第二帐号自该数据服务器下载第二加密密钥并从通讯群组服务器下载第一加密消息;Step S650: The second electronic device downloads the second encryption key from the data server and downloads the first encrypted message from the communication group server according to the second account.

步骤S660:第二电子装置依据第二装置密钥解密第二加密密钥,以取得群组密钥;Step S660: The second electronic device decrypts the second encryption key according to the second device key to obtain the group key;

步骤S670:第二电子装置依据群组密钥解密第一加密消息,以在第二电子装置还原成第一消息Step S670: The second electronic device decrypts the first encrypted message according to the group key to restore the first message on the second electronic device

步骤S680:第二电子装置依据第一消息产生第二消息;Step S680: The second electronic device generates a second message according to the first message;

步骤690:第二电子装置依据第二装置密钥和第二加密密钥所得的群组密钥加密该第二消息,以产生第二加密消息;Step 690: The second electronic device encrypts the second message according to the group key obtained by the second device key and the second encryption key to generate a second encrypted message;

步骤S700:第二电子装置依据第二帐号上传第二加密消息至通讯群组服务器;Step S700: the second electronic device uploads the second encrypted message to the communication group server according to the second account;

步骤S710:第一电子装置自通讯群组服务器下载第二加密消息;Step S710: The first electronic device downloads the second encrypted message from the communication group server;

步骤S720:第一电子装置依据第一装置密钥和第一加密密钥所得的群组密钥解密该第二加密消息,以在第一电子装置内还原成第二消息;Step S720: The first electronic device decrypts the second encrypted message according to the group key obtained by the first device key and the first encryption key, so as to restore the second message in the first electronic device;

步骤S730:第二电子装置依据加密群组取得第二条码并暂存加密群组对应的第二装置密钥和第二公钥于服务器;Step S730: The second electronic device obtains the second barcode according to the encryption group and temporarily stores the second device key and the second public key corresponding to the encryption group in the server;

步骤S740:第四电子装置依据第二条码取得授权资讯并加入加密群组;Step S740: the fourth electronic device obtains the authorization information according to the second barcode and joins the encryption group;

步骤S750:第四电子装置依据授权资讯自服务器下载并还原第二装置密钥与第二公钥;以及Step S750: The fourth electronic device downloads and restores the second device key and the second public key from the server according to the authorization information; and

步骤S760:第四电子装置依据加密群组加密第二公钥,以产生第二加密密钥并记录第四电子装置搭配第二加密密钥于服务器。Step S760: The fourth electronic device encrypts the second public key according to the encryption group to generate a second encryption key and records the fourth electronic device with the second encryption key on the server.

请一并参阅图14至图17的本发明另一实施例的系统示意图。其中图9至图12与图14至图17的差异在于图9至图12更换第一电子装置20为第三电子装置60,图14至图17更换第二电子装置30为第四电子装置70。Please also refer to FIG. 14 to FIG. 17 for system schematic diagrams of another embodiment of the present invention. The difference between FIGS. 9-12 and FIGS. 14-17 is that FIGS. 9-12 replace the first electronic device 20 with the third electronic device 60, and FIGS. 14-17 replace the second electronic device 30 with the fourth electronic device 70. .

于步骤S610至步骤S720,已于上述实施例之步骤S10至步骤S120中揭示,因此不再赘述,由于第二电子装置30于解密第一加密消息M12并显示后,第二电子装置30之使用者将更换成使用第四电子装置70,因此接续于步骤S730中,先由第二电子装置30向加密群组50A取得一转移用途的第二条码QR2,同时第二电子装置30将会暂存加解密用途的第二装置密钥32与第二公钥34至多功能服务器50,其中第二电子装置30为进一步对第二装置密钥32与第二公钥34进行加密,因而产生对应的一第二加密数据D2,藉此让多功能服务器50不会辨识第二装置密钥32与第二公钥34,因而避免服务器端泄密的问题。Steps S610 to S720 have been disclosed in steps S10 to S120 of the above-mentioned embodiment, so they will not be repeated. Since the second electronic device 30 decrypts the first encrypted message M12 and displays it, the use of the second electronic device 30 The user will be replaced with the fourth electronic device 70. Therefore, in step S730, the second electronic device 30 obtains a second barcode QR2 for transfer from the encryption group 50A, and the second electronic device 30 will temporarily store it The second device key 32 and the second public key 34 for encryption and decryption purposes are sent to the multifunction server 50, wherein the second electronic device 30 further encrypts the second device key 32 and the second public key 34, thereby generating a corresponding one The second encrypted data D2 prevents the multi-function server 50 from identifying the second device key 32 and the second public key 34, thereby avoiding the problem of server-side leakage.

于步骤S740中,第四电子装置70为针对第二条码QR2进行读取,例如:利用内建相机撷取第二条码QR2的影像,因而获得暂时性第四装置密钥72与第四公钥74并加入加密群组50A,因而将第四公钥74加密并上传至密钥清单12,也就是暂时授权第四电子装置70使用对应于加密群组50A的加解密;接续于步骤S750中,第四电子装置70从多功能服务器50下载暂存的第二加密数据D2,第四电子装置70针对第二加密数据D2进行解密,以还原出第二装置密钥32与第二公钥34于第四电子装置70中,后在步骤S760中,将还原后的第二公钥34进行加密,因而产生对应第四电子装置70的第二加密密钥key2,并上传至多功能服务器50的密钥清单12。如此在密钥清单12中,第二加密密钥key2改以对应于第四电子装置70,其中由于第二电子装置30本身非加密群组50A的管理者,因此第四电子装置70于取代第二电子装置30加入加密群组50A后, 第四电子装置70于第二公钥34加密为第二加密密钥key2时,仍需由第一电子装置20进行密钥加密。In step S740, the fourth electronic device 70 reads the second barcode QR2, for example: using a built-in camera to capture the image of the second barcode QR2, thereby obtaining the temporary fourth device key 72 and the fourth public key 74 and join the encryption group 50A, so the fourth public key 74 is encrypted and uploaded to the key list 12, that is, the fourth electronic device 70 is temporarily authorized to use the encryption and decryption corresponding to the encryption group 50A; in step S750, The fourth electronic device 70 downloads the temporarily stored second encrypted data D2 from the multifunction server 50, and the fourth electronic device 70 decrypts the second encrypted data D2 to restore the second device key 32 and the second public key 34. In the fourth electronic device 70, in step S760, the restored second public key 34 is encrypted, thereby generating a second encryption key key2 corresponding to the fourth electronic device 70, and uploading the key to the multifunction server 50 Listing 12. In this way, in the key list 12, the second encryption key key2 is changed to correspond to the fourth electronic device 70, and since the second electronic device 30 itself is not the manager of the encryption group 50A, the fourth electronic device 70 replaces the first After the second electronic device 30 joins the encryption group 50A, the fourth electronic device 70 still needs to be encrypted by the first electronic device 20 when the second public key 34 is encrypted into the second encryption key key2.

综上所述,本发明加、解密群组消息及传递消息的方法为依据电子装置于进入加密群组后,由群组的管理者接收来自其他电子装置的公钥并加密,以供服务器建立对应的密钥清单,因而让服务器无法对公钥读取或辨识,如此单纯由电子装置进行群组资讯的加解密。进一步地,电子装置更可藉由本发明的加密原则进行加密,以应用于使用者更换电子装置。In summary, the method for encrypting and decrypting group messages and transmitting messages of the present invention is based on the fact that after the electronic device enters the encrypted group, the group manager receives the public key from other electronic devices and encrypts it for the server to establish The corresponding key list prevents the server from reading or identifying the public key, so that the electronic device only encrypts and decrypts the group information. Furthermore, the electronic device can be encrypted according to the encryption principle of the present invention to be applied to the user to replace the electronic device.

以上所述仅为本发明的较佳实施例,并非用来限定本发明实施范围,举凡依本发明权利要求所述形状、构造、特征及精神所为的均等变化与修饰,均应包括于本发明的保护范围之内。The foregoing descriptions are only preferred embodiments of the present invention, and are not intended to limit the scope of implementation of the present invention. All the equivalent changes and modifications of the shape, structure, characteristics and spirit described in the claims of the present invention shall be included in this Within the scope of protection of the invention.

Claims (15)

一种传递消息的方法,该方法应用于一第一电子装置、一第二电子装置、一数据服务器与一通讯群组服务器,第一电子装置依据一第一帐号登入通讯群组服务器并由第一电子装置邀请第二电子装置依据一第二帐号登入通讯群组服务器,第一电子装置依据通讯群组服务器对应的一群组数据产生一第一装置密钥与一第一公钥,第二电子装置依据群组数据产生一第二装置密钥与一第二公钥,第一电子装置依据群组数据对应产生一群组密钥,第一电子装置依据群组密钥加密第一公钥,以产生一第一加密密钥并记录第一电子装置对应的一第一代码与第一加密密钥于数据服务器,第二电子装置经由通讯群组服务器传送第二公钥至第一电子装置,第一电子装置依据群组密钥加密第二公钥,以产生一第二加密密钥并记录第二电子装置对应的一第二代码与第二加密密钥于数据服务器,所述方法包括以下步骤:A method for transmitting messages, the method is applied to a first electronic device, a second electronic device, a data server and a communication group server. The first electronic device logs in to the communication group server according to a first account, and the first electronic device logs into the communication group server according to a first account. An electronic device invites the second electronic device to log in to the communication group server according to a second account. The first electronic device generates a first device key and a first public key according to a group data corresponding to the communication group server. The second The electronic device generates a second device key and a second public key according to the group data, the first electronic device generates a group key corresponding to the group data, and the first electronic device encrypts the first public key according to the group key , To generate a first encryption key and record a first code and a first encryption key corresponding to the first electronic device in the data server, and the second electronic device transmits the second public key to the first electronic device via the communication group server The first electronic device encrypts the second public key according to the group key to generate a second encryption key and records a second code and a second encryption key corresponding to the second electronic device on the data server, the method includes The following steps: 第一电子装置依据第一帐号从数据服务器下载第一加密密钥;The first electronic device downloads the first encryption key from the data server according to the first account; 第一电子装置依据第一装置密钥解密第一加密密钥,以获得群组密钥;The first electronic device decrypts the first encryption key according to the first device key to obtain the group key; 第一电子装置依据群组密钥加密一第一消息,以产生一第一加密消息;The first electronic device encrypts a first message according to the group key to generate a first encrypted message; 第一电子装置依据第一帐号上传第一加密消息至通讯群组服务器;The first electronic device uploads the first encrypted message to the communication group server according to the first account; 第二电子装置依据第二帐号自数据服务器下载第二加密密钥并从通讯群组服务器下载第一加密消息;The second electronic device downloads the second encryption key from the data server and downloads the first encrypted message from the communication group server according to the second account; 第二电子装置依据第二装置密钥解密第二加密密钥,以获得群组密钥;以及The second electronic device decrypts the second encryption key according to the second device key to obtain the group key; and 第二电子装置依据群组密钥解密第一加密消息,以在第二电子装置还原成该第一消息。The second electronic device decrypts the first encrypted message according to the group key to restore the first message in the second electronic device. 如权利要求1所述的传递消息的方法,其中,当第一电子装置未读取到第一代码时,无法下载该第一加密密钥,当第二电子装置未读取到第二代码时,无法下载第二加密密钥。2. The method for transmitting messages according to claim 1, wherein when the first electronic device does not read the first code, the first encryption key cannot be downloaded, and when the second electronic device does not read the second code , Unable to download the second encryption key. 如权利要求1所述的传递消息的方法,还包括:The method for delivering messages according to claim 1, further comprising: 第二电子装置依据第一消息产生一第二消息;The second electronic device generates a second message according to the first message; 第二电子装置依据群组密钥加密第二消息,以产生一第二加密消息;The second electronic device encrypts the second message according to the group key to generate a second encrypted message; 第二电子装置依据第二帐号上传第二加密消息至通讯群组服务器;The second electronic device uploads the second encrypted message to the communication group server according to the second account; 第一电子装置自通讯群组服务器下载第二加密消息;以及The first electronic device downloads the second encrypted message from the communication group server; and 第一电子装置依据群组密钥解密第二加密消息,以在第一电子装置内还原成该第二消息。The first electronic device decrypts the second encrypted message according to the group key to restore the second message in the first electronic device. 如权利要求1所述的传递消息的方法,其中,第一电子装置还依据一非对称式密码演算法产生第一装置密钥与第一公钥,第二电子装置还依据非对称式密码演算法产生第二装置密钥与第二公钥。8. The method of transmitting messages according to claim 1, wherein the first electronic device further generates the first device key and the first public key according to an asymmetric cryptographic algorithm, and the second electronic device also generates the first device key and the first public key according to an asymmetric cryptographic algorithm. Method to generate the second device key and the second public key. 如权利要求1所述的传递消息的方法,还包括:The method for delivering messages according to claim 1, further comprising: 第一电子装置从通讯群组服务器取得一第一条码并暂存第一装置密钥与第一公钥于数据服务器中;The first electronic device obtains a first barcode from the communication group server and temporarily stores the first device key and the first public key in the data server; 一第三电子装置依据第一条码取得一授权资讯并依据第一帐号登入通讯群组服务器;A third electronic device obtains authorization information according to the first barcode and logs in to the communication group server according to the first account; 第三电子装置依据授权资讯自数据服务器下载并还原第一装置密钥与第一公钥;以及The third electronic device downloads and restores the first device key and the first public key from the data server according to the authorization information; and 第三电子装置依据加密群组加密第一公钥,以产生第一加密密钥并记录第三电子装置搭配第一加密密钥于数据服务器中。The third electronic device encrypts the first public key according to the encryption group to generate a first encryption key and records the third electronic device with the first encryption key in the data server. 如权利要求5所述的传递消息的方法,其中,于第一电子装置从通讯群组服务器取得一第一条码并暂存该第一装置密钥与该第一公钥于数据服务器的步骤中,第一电子装置对第一装置密钥与第一公钥加密,以产生一第一加密数据,并暂存于数据服务器。5. The method for transmitting messages according to claim 5, wherein the step of obtaining a first barcode from the communication group server in the first electronic device and temporarily storing the first device key and the first public key in the data server , The first electronic device encrypts the first device key and the first public key to generate a first encrypted data, which is temporarily stored in the data server. 如权利要求1所述的传递消息的方法,还包括:The method for delivering messages according to claim 1, further comprising: 第二电子装置从通讯群组服务器取得一第二条码并暂存第二装置密钥与第二公钥于数据服务器;The second electronic device obtains a second barcode from the communication group server and temporarily stores the second device key and the second public key in the data server; 一第四电子装置依据第二条码取得一授权资讯并依据第二帐号登入通讯群组服务器;A fourth electronic device obtains authorization information according to the second barcode and logs in to the communication group server according to the second account; 第四电子装置依据授权资讯自数据服务器下载并还原第二装置密钥与第二公钥;以及The fourth electronic device downloads and restores the second device key and the second public key from the data server according to the authorization information; and 第四电子装置加密该第二公钥,以产生第二加密密钥并记录第四电子装置搭配第二加密密钥于数据服务器。The fourth electronic device encrypts the second public key to generate a second encryption key and records the fourth electronic device with the second encryption key in the data server. 如权利要求7所述的传递消息的方法,其中,在第二电子装置从通讯群组服务器取得一第二条码并暂存第二装置密钥与第二公钥于数据服务器的步骤中,第二电子装置对第二装置密钥与该第二公钥加密,以产生一第二加密数据,并暂存于该数据服务器。7. The method for transmitting messages according to claim 7, wherein in the step of obtaining a second barcode from the communication group server by the second electronic device and temporarily storing the second device key and the second public key in the data server, the first The two electronic devices encrypt the second device key and the second public key to generate a second encrypted data, which is temporarily stored in the data server. 如权利要求1所述的传递消息的方法,其中,通讯群组服务器与数据服务器为同一服务器。8. The method for delivering messages according to claim 1, wherein the communication group server and the data server are the same server. 一种加密群组消息的方法,该方法应用于一电子装置依据一帐号储存一加密密钥至一数据服务器,所述加密密钥对应于一公钥与一群组密钥,公钥配对于电子装置的一装置密钥,所述方法包括以下步骤:A method for encrypting group messages. The method is applied to an electronic device storing an encryption key to a data server according to an account number. The encryption key corresponds to a public key and a group key. A device key of an electronic device, the method includes the following steps: 电子装置依据帐号下载加密密钥;The electronic device downloads the encryption key according to the account; 电子装置依据装置密钥对加密密钥进行解密而取得群组密钥;以及The electronic device decrypts the encryption key according to the device key to obtain the group key; and 电子装置依据群组密钥对一消息进行加密而产生一加密消息。The electronic device encrypts a message according to the group key to generate an encrypted message. 如权利要求10所述的加密群组消息的方法,其中,在电子装置依据装置密钥对加密密钥进行解密的步骤中,电子装置进一步依据一非对称式密码演算法进行解密,以产生群组密钥。10. The method for encrypting group messages according to claim 10, wherein in the step of decrypting the encryption key by the electronic device according to the device key, the electronic device further decrypts according to an asymmetric cryptographic algorithm to generate the group Group key. 如权利要求10所述的加密群组消息的方法,其中,在电子装置依据群组密钥对一消息进行加密而产生一加密消息的步骤中,进一步依据一进阶加密标准(AES)演算法产生加密消息。The method for encrypting group messages according to claim 10, wherein in the step of generating an encrypted message by the electronic device encrypting a message according to the group key, further according to an Advanced Encryption Standard (AES) algorithm Generate encrypted messages. 一种解密群组消息的方法,该方法应用于一电子装置依据一帐号储存一加密密钥至一数据服务器,所述加密密钥对应于一公钥与一群组密钥,该公钥配对于电子装置的一装置密钥,所述方法包括以下步骤:A method for decrypting group messages. The method is applied to an electronic device storing an encryption key to a data server according to an account number. The encryption key corresponds to a public key and a group key. For a device key of an electronic device, the method includes the following steps: 电子装置依据帐号下载加密密钥;The electronic device downloads the encryption key according to the account; 电子装置依据装置密钥对加密密钥进行解密而取得群组密钥;以及The electronic device decrypts the encryption key according to the device key to obtain the group key; and 该电子装置依据群组密钥对一加密消息进行解密而还原成一群组消息。The electronic device decrypts an encrypted message according to the group key and restores it to a group message. 如权利要求13所述的解密群组消息的方法,其中,在电子装置依据装置密钥与加密密钥进行解密的步骤中,电子装置进一步依据一非对称式密码演算法进行解密,以产生群组密钥。The method for decrypting group messages according to claim 13, wherein in the step of decrypting the electronic device according to the device key and the encryption key, the electronic device further decrypts according to an asymmetric cryptographic algorithm to generate the group Group key. 如权利要求13所述的解密群组消息的方法,其中,在电子装置依据群组密钥与一加密消息产生一群组消息于电子装置的步骤中,进一步依据一进阶加密标准(AES)演算法产生解密消息。The method for decrypting a group message as claimed in claim 13, wherein the step of generating a group message on the electronic device according to the group key and an encrypted message by the electronic device is further according to an advanced encryption standard (AES) The algorithm generates the decrypted message.
PCT/CN2020/091961 2020-05-23 2020-05-23 Methods for encrypting and decrypting group message, and method for transmitting message Ceased WO2021237388A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2020/091961 WO2021237388A1 (en) 2020-05-23 2020-05-23 Methods for encrypting and decrypting group message, and method for transmitting message

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2020/091961 WO2021237388A1 (en) 2020-05-23 2020-05-23 Methods for encrypting and decrypting group message, and method for transmitting message

Publications (1)

Publication Number Publication Date
WO2021237388A1 true WO2021237388A1 (en) 2021-12-02

Family

ID=78745089

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/091961 Ceased WO2021237388A1 (en) 2020-05-23 2020-05-23 Methods for encrypting and decrypting group message, and method for transmitting message

Country Status (1)

Country Link
WO (1) WO2021237388A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115333813A (en) * 2022-08-02 2022-11-11 中国电信股份有限公司 Data encryption transmission method and device, electronic equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014017959A1 (en) * 2012-07-27 2014-01-30 Telefonaktiebolaget L M Ericsson (Publ) Secure session for a group of network nodes
CN104065479A (en) * 2014-07-11 2014-09-24 中国人民公安大学 Key generation method and system and key distribution method and system based on group
CN106664197A (en) * 2014-09-05 2017-05-10 三星电子株式会社 Method and device for data encryption
CN106850195A (en) * 2016-04-18 2017-06-13 中国科学院信息工程研究所 Group key agreement and communication means in a kind of instant messaging
CN111130778A (en) * 2019-12-31 2020-05-08 郑州信大捷安信息技术股份有限公司 Method and system for safely recovering encrypted data based on hardware

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014017959A1 (en) * 2012-07-27 2014-01-30 Telefonaktiebolaget L M Ericsson (Publ) Secure session for a group of network nodes
CN104065479A (en) * 2014-07-11 2014-09-24 中国人民公安大学 Key generation method and system and key distribution method and system based on group
CN106664197A (en) * 2014-09-05 2017-05-10 三星电子株式会社 Method and device for data encryption
CN106850195A (en) * 2016-04-18 2017-06-13 中国科学院信息工程研究所 Group key agreement and communication means in a kind of instant messaging
CN111130778A (en) * 2019-12-31 2020-05-08 郑州信大捷安信息技术股份有限公司 Method and system for safely recovering encrypted data based on hardware

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115333813A (en) * 2022-08-02 2022-11-11 中国电信股份有限公司 Data encryption transmission method and device, electronic equipment and storage medium
CN115333813B (en) * 2022-08-02 2024-11-29 中国电信股份有限公司 Data encryption transmission method, device, electronic device and storage medium

Similar Documents

Publication Publication Date Title
US10659454B2 (en) Service authorization using auxiliary device
US9225538B2 (en) Stateless application notifications
US9590949B2 (en) Confidential message exchange using benign, context-aware cover message generation
JP7133285B2 (en) User terminal, method and computer program for sending and receiving messages
JP4148979B2 (en) E-mail system, e-mail relay device, e-mail relay method, and e-mail relay program
US20150326512A1 (en) Message transmission system and method for a structure of a plurality of organizations
WO2020019387A1 (en) Method for acquiring video resource file, and management system
GB2568966A (en) An encryption process
CN111343202B (en) Internet of things data security storage system based on private cloud
JP2002024147A (en) System and method for secure mail proxy and recording medium
CN104365127B (en) Method for following the trail of mobile device in remote display unit
US10417437B2 (en) Maintaining data security in a network device
KR101541165B1 (en) Mobile message encryption method, computer readable recording medium recording program performing the method and download server storing the method
KR102293610B1 (en) Secure instant messaging method and attaratus thereof
CN116057893A (en) Multi-Factor Geofencing System for Secure Encryption and Decryption System
WO2021237388A1 (en) Methods for encrypting and decrypting group message, and method for transmitting message
CN112769783A (en) Data transmission method, cloud server, receiving end and sending end
TWI712307B (en) Methods for encrypting and decrypting the group message and transporting the encrypted group message
US20140185808A1 (en) Apparatus, systems, and methods for encryption key distribution
CN109302287B (en) Message forwarding method and system
CN1997141A (en) A method and system for control of the video captured figure in the instant communication
KR20180017979A (en) Messaging server and method for providing chatting service, terminal apparatus and method for using chatting service
CN100369405C (en) Certification Receipt
US20240283635A1 (en) Communication system, user terminal, communication method, and communication program
CN120238533A (en) A method for sending and receiving attachment files, and a device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20937403

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20937403

Country of ref document: EP

Kind code of ref document: A1