CN113300999B - Information processing method, electronic device, and readable storage medium - Google Patents
Information processing method, electronic device, and readable storage medium Download PDFInfo
- Publication number
- CN113300999B CN113300999B CN202010110320.8A CN202010110320A CN113300999B CN 113300999 B CN113300999 B CN 113300999B CN 202010110320 A CN202010110320 A CN 202010110320A CN 113300999 B CN113300999 B CN 113300999B
- Authority
- CN
- China
- Prior art keywords
- key
- message
- equipment
- encryption
- encrypting
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000010365 information processing Effects 0.000 title claims abstract description 31
- 238000003672 processing method Methods 0.000 title claims abstract description 26
- 230000004044 response Effects 0.000 claims abstract description 33
- 230000002452 interceptive effect Effects 0.000 claims abstract description 32
- 238000000034 method Methods 0.000 claims description 43
- 238000004891 communication Methods 0.000 claims description 21
- 230000003993 interaction Effects 0.000 claims description 19
- 230000001419 dependent effect Effects 0.000 claims description 13
- 230000005540 biological transmission Effects 0.000 claims description 11
- 230000001360 synchronised effect Effects 0.000 claims 6
- 238000010586 diagram Methods 0.000 description 11
- 238000004590 computer program Methods 0.000 description 9
- 230000015654 memory Effects 0.000 description 9
- 230000006870 function Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 238000009472 formulation Methods 0.000 description 2
- 230000014509 gene expression Effects 0.000 description 2
- 239000000203 mixture Substances 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/16—Arrangements for providing special services to substations
- H04L12/18—Arrangements for providing special services to substations for broadcast or conference, e.g. multicast
- H04L12/185—Arrangements for providing special services to substations for broadcast or conference, e.g. multicast with management of multicast group membership
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The present disclosure provides an information processing method, including: obtaining a first key and a plurality of second keys, wherein each of the plurality of second keys is generated from a public key for one of the plurality of recipients, encrypting the first key based on the second key to generate an encryption key, sending the encryption key to a server, encrypting the message based on the first key in response to receiving a send request to send the message to the plurality of recipients to generate a message ciphertext, generating an interactive message based on the message ciphertext, and broadcasting the interactive message to the plurality of recipients such that the recipients obtain the encryption key from the server in response to the interactive message to decrypt the message ciphertext based on the encryption key. Another aspect of the present disclosure also provides another electronic device and a readable storage medium.
Description
Technical Field
The present disclosure relates to the field of internet technology, and more particularly, to an information processing method, an electronic device, and a readable storage medium.
Background
With the rapid development of artificial intelligence, automation, communication, and computer technology, there is increasing interaction between electronic devices. Messages exchanged between electronic devices often need to be encrypted to ensure the security of the interaction. For example, if a user a in the chat group needs to publish a message in the chat group, the message needs to be encrypted multiple times at the client of the user a, where each encryption in the multiple times is performed for the clients of different users in the chat group, so as to send the message to the clients of different users.
In the process of implementing the disclosed concept, the inventor finds that at least the following problems exist in the related art: the client consumes too much time in encrypting the message.
Disclosure of Invention
In view of this, the present disclosure provides an information processing method and an electronic device, readable storage medium.
One aspect of the present disclosure provides an information processing method including: obtaining a first key and a plurality of second keys, wherein each of the plurality of second keys is generated from a public key for one of a plurality of recipients; encrypting the first key based on the second key to generate an encryption key; sending the encryption key to a server; in response to receiving a transmission request for transmitting a message to a plurality of recipients, encrypting the message based on the first key to generate a message ciphertext; generating an interactive message based on the message ciphertext; and broadcasting the interactive message to the plurality of receivers, so that the receivers acquire the encryption key from the server in response to the interactive message to decrypt the message ciphertext based on the encryption key.
According to an embodiment of the present disclosure, encrypting the message based on the first key to generate a message ciphertext includes: taking the first secret key as an initial serial code of a ratchet algorithm; generating a message key by utilizing the ratchet algorithm based on the initial string code; and encrypting the message based on the message key to generate a message ciphertext.
According to an embodiment of the present disclosure, obtaining the plurality of second keys includes: obtaining public keys of a plurality of receivers from a server; and encrypting the public key and a private key of the local device using a communication-dependent algorithm to obtain a second key for each of the plurality of recipients.
According to an embodiment of the present disclosure, the method is applied to a plurality of electronic devices, including a master device and a slave device, and the method further includes: in the case that the local device is used as a master device, in response to receiving a synchronization request from the device, encrypting a private key of the local device to obtain an encryption result; and sending the encryption result to the slave device, so that the slave device determines the private key of the slave device according to the encryption result.
According to an embodiment of the disclosure, the method further includes, in a case where the local device is a slave device, sending a synchronization request to the master device, where the synchronization request is used to obtain a private key of the master device; and receiving an encryption result from the master device, and determining a private key of the slave device according to the encryption result.
According to an embodiment of the present disclosure, the method further comprises: and in response to acquiring an instruction of switching the master device from the first device to the second device, sending switching information to a server, so that the server informs the slave device of resynchronizing the private key of the second device as the private key of the slave device.
According to an embodiment of the present disclosure, the sending a synchronization request to the master device includes: in response to receiving the handoff information from the server, a synchronization request is sent to a master device specified in the handoff information.
According to an embodiment of the present disclosure, the method further includes updating the first key in case of a change in device information of the plurality of recipients.
Another aspect of the present disclosure provides an information processing method, including: in response to receiving the interaction message, obtaining an encryption key from the server, the encryption key generated by the sender encrypting the first key based on the second key, wherein the interaction message comprises a message ciphertext; determining a second key of the recipient, the second key being generated from a public key for the recipient; decrypting the encryption key based on the second key to obtain a first key; and decrypting the message ciphertext based on the first key.
According to an embodiment of the present disclosure, decrypting the message ciphertext based on the first key includes: the number of iterations of the first key is performed by using a ratchet algorithm when the sending end encrypted message is obtained; iterating the first key according to the iteration times to obtain a message key; and decrypting the message ciphertext based on the message key.
According to an embodiment of the present disclosure, the method further comprises storing the first key to a storage unit for decrypting other message ciphertexts from the sender using the first key.
According to an embodiment of the present disclosure, the interaction message includes a first key identifier, and the method further includes: determining whether the first key exists in the storage unit based on the first key identification; and acquiring the first key from the storage unit under the condition that the first key exists in the storage unit.
Another aspect of the present disclosure provides an information processing apparatus including an acquisition module configured to acquire a first key and a plurality of second keys, wherein each of the plurality of second keys is generated from a public key for one of a plurality of recipients; a first generation module configured to encrypt the first key based on the second key to generate an encryption key; the sending module is used for sending the encryption key to the server; a second generation module for generating a message ciphertext by encrypting the message based on the first key in response to receiving a transmission request for transmitting the message to a plurality of recipients; the third generation module is used for generating an interactive message based on the message ciphertext; and a broadcasting module for broadcasting the interactive message to the plurality of receivers, so that the receivers acquire the encryption key from the server in response to the interactive message to decrypt the message ciphertext based on the encryption key.
Another aspect of the present disclosure provides an electronic device, comprising: one or more processors; and a storage means for storing one or more programs, wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the method of any of the above.
Another aspect of the present disclosure provides a computer-readable storage medium storing computer-executable instructions that, when executed, are configured to implement a method as described above.
Another aspect of the present disclosure provides a computer program comprising computer executable instructions which when executed are for implementing a method as described above.
According to the embodiment of the disclosure, the problem that the client consumes excessive time when encrypting the message can be at least partially solved, and therefore the technical effect of reducing the time consumed when the client encrypts the message can be achieved.
Drawings
The above and other objects, features and advantages of the present disclosure will become more apparent from the following description of embodiments thereof with reference to the accompanying drawings in which:
FIG. 1 schematically illustrates an exemplary system architecture of an information processing method according to an embodiment of the present disclosure;
FIG. 2 schematically illustrates a flow chart of an information processing method according to an embodiment of the present disclosure;
FIG. 3 schematically illustrates a flow chart of a method of generating message ciphertext at operation S204, in accordance with an embodiment of the disclosure;
fig. 4 schematically illustrates a schematic diagram of an information processing method according to another embodiment of the present disclosure;
FIG. 5 schematically illustrates a flow chart of an information processing method according to another embodiment of the present disclosure;
fig. 6 schematically shows a block diagram of an information processing apparatus according to an embodiment of the present disclosure; and
fig. 7 schematically illustrates a block diagram of an electronic device according to an embodiment of the disclosure.
Detailed Description
Hereinafter, embodiments of the present disclosure will be described with reference to the accompanying drawings. It should be understood that the description is only exemplary and is not intended to limit the scope of the present disclosure. In the following detailed description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the embodiments of the present disclosure. It may be evident, however, that one or more embodiments may be practiced without these specific details. In addition, in the following description, descriptions of well-known structures and techniques are omitted so as not to unnecessarily obscure the concepts of the present disclosure.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. The terms "comprises," "comprising," and/or the like, as used herein, specify the presence of stated features, steps, operations, and/or components, but do not preclude the presence or addition of one or more other features, steps, operations, or components.
All terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art unless otherwise defined. It should be noted that the terms used herein should be construed to have meanings consistent with the context of the present specification and should not be construed in an idealized or overly formal manner.
Where expressions like at least one of "A, B and C, etc. are used, the expressions should generally be interpreted in accordance with the meaning as commonly understood by those skilled in the art (e.g.," a system having at least one of A, B and C "shall include, but not be limited to, a system having a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.). Where a formulation similar to at least one of "A, B or C, etc." is used, in general such a formulation should be interpreted in accordance with the ordinary understanding of one skilled in the art (e.g. "a system with at least one of A, B or C" would include but not be limited to systems with a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.).
The embodiment of the disclosure provides an information processing method, which comprises the following steps: obtaining a first key and a plurality of second keys, wherein each of the plurality of second keys is generated from a public key for one of the plurality of recipients, encrypting the first key based on the second key to generate an encryption key, sending the encryption key to a server, encrypting the message based on the first key in response to receiving a send request to send the message to the plurality of recipients to generate a message ciphertext, generating an interactive message based on the message ciphertext, and broadcasting the interactive message to the plurality of recipients such that the recipients obtain the encryption key from the server in response to the interactive message to decrypt the message ciphertext based on the encryption key.
Fig. 1 schematically illustrates an exemplary system architecture 100 of an information processing method according to an embodiment of the present disclosure. It should be noted that fig. 1 is only an example of a system architecture to which embodiments of the present disclosure may be applied to assist those skilled in the art in understanding the technical content of the present disclosure, but does not mean that embodiments of the present disclosure may not be used in other devices, systems, environments, or scenarios.
As shown in fig. 1, a system architecture 100 according to this embodiment may include terminal devices 101, 102, 103, a network 104, and a server 105. The network 104 is used as a medium to provide communication links between the terminal devices 101, 102, 103 and the server 105. The network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, among others.
The terminal devices 101, 102, 103 may for example belong to user a, user B and user C, respectively. The user a, the user B, and the user C can, for example, use an instant messaging application to instant communicate in a chat group. The server 105 provides services for the instant messaging application.
In the related art, for example, if the user a needs to issue a message in a chat group using the terminal device 101, the terminal device 101 needs to encrypt the message input by the user a 2 times respectively, one encryption is for the terminal device 102, and the encryption result is sent to the server 105 first, and the server 105 forwards the encryption result to the terminal device 102. The other encryption is for the terminal device 103 and the encryption result is sent to the server 105 first, which is forwarded by the server 105 to the terminal device 103. Therefore, encryption is performed separately for each terminal device, resulting in an excessively long encryption time and consuming a large amount of network resources.
In contrast, according to the information processing method of the embodiment of the present disclosure, if the user a needs to issue a message in a chat group using the terminal apparatus 101, the terminal apparatus 101 needs to perform encryption only once, and transmission of the encryption result to the server 105 also occurs once. Therefore, according to the information processing method of the embodiment of the disclosure, encryption time is at least partially reduced, and consumption of network resources is reduced.
It should be understood that the number of terminal devices, networks and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
Fig. 2 schematically shows a flowchart of an information processing method according to an embodiment of the present disclosure.
As shown in fig. 2, the method includes operations S201 to S206.
In operation S201, a first key and a plurality of second keys, each of which is generated from a public key for one of a plurality of recipients, are acquired.
According to an embodiment of the present disclosure, the method may be applied to a terminal device of a sender. The sender may, for example, obtain the public keys of a plurality of recipients from the server and determine the second key from the public key of each recipient.
According to embodiments of the present disclosure, the public key of the receiver may be directly used as the second key of the receiver.
For example, in the scenario shown in fig. 1, the sender may be terminal device 101 and the receiver may be terminal device 102 and terminal device 103. The terminal device 101 may acquire the public key of the terminal device 102 and the public key of the terminal device 103 from the server 105, respectively, and take the public key of the terminal device 102 as the second key for the terminal device 102 and the public key of the terminal device 103 as the second key for the terminal device 103.
According to another embodiment of the present disclosure, a respective public key of a plurality of recipients may be obtained from a server, and a second key for each of the plurality of recipients may be obtained by encrypting the public key and a private key of a local device using a communication-dependent algorithm.
The second key for the terminal device 102 may be generated, for example, by encrypting the public key of the terminal device 102 and the private key of the terminal device 101 using a communication-dependent algorithm. Similarly, the public key of terminal device 103 and the private key of terminal device 101 are encrypted using a communication-dependent algorithm to generate a second key for terminal device 103.
According to an embodiment of the present disclosure, the first key may be, for example, a randomly generated random string.
In operation S202, the first key is encrypted based on the second key to generate an encryption key.
According to an embodiment of the present disclosure, the first key may be encrypted using, for example, an AES encryption method, and the second key may be used as a key of the AES encryption method.
In operation S203, an encryption key is transmitted to the server.
For example, the sender may send the encryption key of each of the plurality of receivers to the server.
In operation S204, in response to receiving a transmission request for transmitting a message to a plurality of recipients, the message is encrypted based on a first key to generate a message ciphertext.
For example, in the case where the terminal device 101 receives a transmission request for transmitting a message to a plurality of receivers (i.e., the terminal device 102 and the terminal device 103) in the chat group, the message may be encrypted with the first key. For example, the message ciphertext may be generated by encrypting the message using the first key as a key of an encryption algorithm for encrypting the message.
In operation S205, an interactive message is generated based on the message ciphertext.
According to embodiments of the present disclosure, plaintext information and message ciphertext may be included in an interactive message. The plain text information may include, for example, device information of the terminal device of the sender, and the like. The plaintext message may include, for example, identification information of the sender, a device type of the sender, a first key identification, a number of iterations, etc.
In operation S206, the interactive message is broadcast to the plurality of recipients such that the recipients obtain an encryption key from the server in response to the interactive message to decrypt the message ciphertext based on the encryption key.
According to the embodiment of the disclosure, the sending end can send the interactive message to the server, and the server broadcasts the interactive message to a plurality of receivers so that the receivers receive the interactive message.
For example, the recipient obtains the encryption key from the server in response to receiving the interaction message, such that the encryption key is decrypted using the second key to obtain the first key, which in turn is used to decrypt the message ciphertext.
According to the embodiment of the present disclosure, the information processing method may generate an encryption key generated by encrypting the first key before or when the interactive message is transmitted for the first time, and store the encryption key by the server, so that when the interactive message is transmitted to a plurality of receivers by the transmission, the message may be encrypted using the same first key without being separately encrypted for each terminal device, thereby reducing encryption time and reducing consumption of network resources.
Fig. 3 schematically illustrates a flow chart of a method of generating a message ciphertext at operation S204, according to an embodiment of the disclosure.
As shown in fig. 3, the method may include operations S214 to S234.
In operation S214, the first key is used as an initial string of the ratchet algorithm.
In operation S224, a message key is generated using a ratchet algorithm based on the initial string code.
In operation S234, a message ciphertext is generated based on encrypting the message with the message key.
According to embodiments of the present disclosure, the first key may be used, for example, as an initial chain key for a ratchet algorithm that iterates over the initial chain key to obtain the message key. The number of iterations of the ratchet algorithm may be set by those skilled in the art as desired.
The message key generated by the ratchet algorithm is used to encrypt the message. The message cipher text may be generated by encrypting the message using the message key as a key for the AES algorithm, for example.
Fig. 4 schematically illustrates a schematic diagram of an information processing method according to another embodiment of the present disclosure.
As shown in fig. 4, a transmitting terminal a, a receiving terminal B, a receiving terminal C, and a server may be included in the schematic diagram.
The sending terminal a, the receiving terminal B and the receiving terminal C can report the respective public keys to the server, so that other terminals can obtain the public keys of the respective terminals from the server.
In operation S401, the transmitting terminal a may generate a first key. The first key may be, for example, a random string generated by the transmitting terminal.
In operation S402, the transmitting terminal a may acquire public keys of the receiving terminal B and the receiving terminal C from the server side. The public key of the receiving terminal B and the private key of the transmitting end a are encrypted by a communication-dependent algorithm to generate a second key for the receiving terminal B. Similarly, the public key of the receiving terminal C and the private key of the transmitting end a are encrypted using a communication-dependent algorithm, and a second key for the receiving terminal C is generated.
Operation S201 described above with reference to fig. 2 may be performed, for example, in operation S401 and operation S402.
In operation S403, the second key is used as a key for encrypting the first key, which may be encrypted using, for example, AES algorithm to generate an encryption key. Operation S202 described above with reference to fig. 2 may be performed, for example.
In operation S404, an encryption key may be transmitted to the server, for example. Operation S203 described above with reference to fig. 2 may be performed, for example.
In operation S405, the first key may be iterated, for example, using a ratchet algorithm, and the iterated result is used as a key for encrypting the chat message, and the chat message is encrypted to generate a message ciphertext. Operation S204 described above with reference to fig. 2 may be performed, for example.
In operation S406, an interactive message is transmitted to the server to be broadcasted by the server to the receiving terminal B and the receiving terminal C.
In operation S407, the server broadcasts an interaction message to the receiving terminal B and the receiving terminal C.
In response to the interaction message, the receiving terminal B may transmit a request for acquiring an encryption key to the server to acquire the encryption key from the server in operation S408. Similarly, in operation S409, the receiving terminal C may transmit a request for acquiring an encryption key to the server in response to the interaction message to acquire the encryption key from the server.
In operation S410 and operation S411, the receiving terminal B and the receiving terminal C may determine the second key according to their own public keys, respectively, so as to decrypt the encryption key with the second key to obtain the first key.
According to an embodiment of the present disclosure, the first key may be an initial chain key of the ratchet algorithm, and the iteration is performed according to the iteration number of the ratchet algorithm, thereby determining an iteration result, which is a key for encrypting the chat message.
In operation S412 and operation S413, the receiving terminal B and the receiving terminal C may decrypt the message ciphertext using the iteration result, respectively, to thereby obtain the chat message.
According to an embodiment of the present disclosure, the method may be applied to a plurality of electronic devices, including a master device and a slave device. For example, user a has a plurality of electronic devices, including a first terminal device and a second terminal device, respectively. The user a can log in the instant messaging application program on the first terminal device and the second terminal device. For example, the first terminal device may be a master device and the second terminal device may be a slave device.
In this embodiment, the information processing method may further include, in a case where the local device is a master device, encrypting a private key of the local device in response to receiving a synchronization request from the slave device to obtain an encryption result, and transmitting the encryption result to the slave device, so that the slave device determines the private key of the slave device from the encryption result. Under the condition that the local equipment is used as slave equipment, a synchronization request is sent to the master equipment, and the synchronization request is used for acquiring the private key of the master equipment; and receiving the encryption result from the master device and determining the private key of the slave device according to the encryption result.
For example, in the above scenario, when the user a switches from chatting using the first terminal device to chatting using the second terminal device, the second terminal device sends a synchronization request to the first terminal device. The first terminal device encrypts a private key of the first terminal device in response to receiving the synchronization request from the second terminal device to obtain an encryption result. The first terminal device transmits the encryption result to the second terminal device so that the second terminal device can decrypt the encryption result, thereby obtaining a private key of the first terminal device, and taking the private key as its own private key, so as to perform operation S202 described above.
According to an embodiment of the present disclosure, the above information processing method may further include, in response to acquiring an instruction that the master device is switched from the first device to the second device, transmitting switching information to the server, so that the server notifies the slave device to resynchronize the private key of the second device as the private key of the slave device.
For example, in the above scenario, in the case where the master device of the user a is switched from the first terminal device to the third terminal device, a switching message may be sent to the server side, so that the server notifies the slave device to resynchronize the private key of the second device as the private key of the slave device.
For example, when the user uses the third terminal device for the first time, the third terminal device sends the public key of the third terminal to the server. According to the embodiment of the disclosure, the user can notify the server side main device to be switched to the third terminal device by using the third terminal device. The server sends a notification message to the slave device (i.e., the second terminal device) so that the slave device resynchronizes the private key of the third terminal device as its own private key.
In the case where the local device is a slave device, a synchronization request is sent to the master device specified in the handover information in response to receiving the handover information from the server. For example in the scenario described above, the second terminal device sends a synchronization request to the third terminal device.
According to an embodiment of the present disclosure, the above information processing method may further include: in the case that the device information of the plurality of receivers is changed, the first key is updated. For example, in the scenario shown in fig. 1, if the user B exits the group chat, the device information of the recipient changes, and at this time, the first key may be regenerated to ensure the security of communication, so as to prevent the user B from decrypting the chat message by using the first key decrypted before.
Fig. 5 schematically illustrates a flowchart of an information processing method according to another embodiment of the present disclosure.
As shown in fig. 5, the information processing method may include operations S501 to S504.
In response to receiving the interactive message, which includes the message ciphertext, an encryption key is obtained from the server, the encryption key being generated by the sender encrypting the first key based on the second key in operation S501.
For example, in the scenario described above with reference to fig. 4, the interaction message may be from the transmitting terminal a. The receiving terminal B may perform operation S408 described above with reference to fig. 4 in response to receiving the interaction message.
In operation S502, a second key of the receiving party is determined, the second key being generated from a public key for the receiving party.
The second key may be, for example, the public key of the recipient or the second key may be generated by encrypting the public key of the recipient and the private key of the sender using a communication-dependent algorithm.
According to an embodiment of the present disclosure, if the second key is generated by encrypting the public key of the receiver and the private key of the sender using a communication-dependent algorithm, the second key may be obtained by decryption by the receiver using the communication-dependent algorithm. Specifically, the receiver may obtain the public key of the sender from the server, so that the public key of the sender and the public key thereof are used as decryption keys, and the second key is obtained by decrypting with the communication-dependent algorithm.
In operation S503, the encryption key is decrypted based on the second key to obtain the first key. Operation S410 described above with reference to fig. 4 may be performed, for example.
According to an embodiment of the present disclosure, the first key may be, for example, an initial chain key of a ratchet algorithm.
In operation S504, the message ciphertext is decrypted based on the first key. Operation S412 described above with reference to fig. 4 may be performed, for example.
According to an embodiment of the present disclosure, decrypting a message ciphertext based on a first key includes: the method comprises the steps of obtaining the iteration times of a first key by utilizing a ratchet algorithm when a sending end encrypts a message, obtaining the message key by iterating the first key according to the iteration times, and decrypting a message ciphertext based on the message key.
According to an embodiment of the present disclosure, the number of iterations of the first key with the ratchet algorithm when the sender encrypts the message may be, for example, in the form of plaintext in the interactive message. The receiver iterates the first key (namely, the initial chain key) according to the iteration times, so that an iteration result is obtained, and the iteration result is the message key, so that the message ciphertext is decrypted by the message key.
According to an embodiment of the present disclosure, the information processing method may further include storing the first key to the storage unit so as to decrypt other message ciphertext from the sender using the first key. When the receiver decrypts the encryption key for the first time to obtain the first key, the first key may be stored in a storage unit of the receiver, so that when the interaction message is received again later, the first key may be directly read from the storage unit, so as to reduce the number of interactions with the server and the number of decryption times.
According to an embodiment of the present disclosure, the interaction message includes a first key identifier, and the method further includes: determining whether the first key exists in the storage unit based on the first key identification; in the case where the first key is present in the storage unit, the first key is acquired from the storage unit.
According to an embodiment of the present disclosure, the first key identification may include, for example, an ID of the first key and signature information of the first key. For example, the ID of the first key and the signature information of the first key are checked to determine whether the first key is present in the storage unit.
Specifically, for example, the interaction message may include a plaintext message, where the plaintext message may include, for example, identification information of the sender, a device type of the sender, a first key identifier, and a number of iterations. The receiving end can query a corresponding relation table stored by the receiving end, determine a first key identifier according to the identification information of the sending end and the equipment type of the sending end, and compare the obtained first key identifier with the first key identifier in the plaintext message, so as to determine whether the first key of the sending end exists in the storage unit. And when the first key identification determined according to the corresponding relation table is inconsistent with the first key identification in the plaintext message, determining that the first key does not exist in the storage unit. And determining that the first key exists in the storage unit when the first key identification determined according to the corresponding relation table is consistent with the first key identification in the plaintext message.
According to an embodiment of the present disclosure, the signature information of the first key may be obtained by hashing the chat message with a private key of the sender, for example. The receiver may decrypt the signature information in the plaintext message using, for example, the public key of the sender, and if the decryption is successful, it may be determined that the verification of the signature information passes.
Fig. 6 schematically shows a block diagram of an information processing apparatus 600 according to an embodiment of the present disclosure.
As shown in fig. 6, the information processing apparatus 600 may include an acquisition module 610, a first generation module 620, a transmission module 630, a second generation module 640, a third generation module 650, and a broadcasting module 660.
The obtaining module 610 may, for example, perform operation S201 described above with reference to fig. 2 for obtaining a first key and a plurality of second keys, wherein each of the plurality of second keys is generated from a public key for one of a plurality of recipients.
The first generation module 620 may, for example, perform operation S202 described above with reference to fig. 2 for encrypting the first key based on the second key to generate an encryption key.
The transmission module 630 may perform, for example, operation S203 described above with reference to fig. 2 for transmitting the encryption key to the server.
The second generating module 640 may, for example, perform operation S204 described above with reference to fig. 2 for generating a message ciphertext in response to receiving a transmission request for transmitting a message to a plurality of recipients, encrypting the message based on the first key.
The third generation module 650 may, for example, perform operation S205 described above with reference to fig. 2 for generating the interaction message based on the message ciphertext.
The broadcasting module 660 may perform, for example, operation S206 described above with reference to fig. 2, to broadcast the interactive message to the plurality of recipients, such that the recipients obtain the encryption key from the server in response to the interactive message to decrypt the message ciphertext based on the encryption key.
Fig. 7 schematically illustrates a block diagram of an electronic device according to an embodiment of the disclosure. The electronic device shown in fig. 7 is merely an example and should not be construed to limit the functionality and scope of use of the disclosed embodiments.
As shown in fig. 7, an electronic device 700 according to an embodiment of the present disclosure includes a processor 701 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 702 or a program loaded from a storage section 708 into a Random Access Memory (RAM) 703. The processor 701 may include, for example, a general purpose microprocessor (e.g., a CPU), an instruction set processor and/or an associated chipset and/or a special purpose microprocessor (e.g., an Application Specific Integrated Circuit (ASIC)), or the like. The processor 701 may also include on-board memory for caching purposes. The processor 701 may comprise a single processing unit or a plurality of processing units for performing different actions of the method flows according to embodiments of the disclosure.
In the RAM 703, various programs and data necessary for the operation of the electronic apparatus 700 are stored. The processor 701, the ROM 702, and the RAM 703 are connected to each other through a bus 704. The processor 701 performs various operations of the method flow according to the embodiments of the present disclosure by executing programs in the ROM 702 and/or the RAM 703. Note that the program may be stored in one or more memories other than the ROM 702 and the RAM 703. The processor 701 may also perform various operations of the method flow according to embodiments of the present disclosure by executing programs stored in the one or more memories.
According to an embodiment of the present disclosure, the electronic device 700 may further include an input/output (I/O) interface 705, the input/output (I/O) interface 705 also being connected to the bus 704. The electronic device 700 may also include one or more of the following components connected to the I/O interface 705: an input section 706 including a keyboard, a mouse, and the like; an output portion 707 including a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, a speaker, and the like; a storage section 708 including a hard disk or the like; and a communication section 709 including a network interface card such as a LAN card, a modem, or the like. The communication section 709 performs communication processing via a network such as the internet. The drive 710 is also connected to the I/O interface 705 as needed. A removable medium 711 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 710 as necessary, so that a computer program read therefrom is mounted into the storage section 708 as necessary.
According to embodiments of the present disclosure, the method flow according to embodiments of the present disclosure may be implemented as a computer software program. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable storage medium, the computer program comprising program code for performing the method shown in the flowcharts. In such an embodiment, the computer program may be downloaded and installed from a network via the communication portion 709, and/or installed from the removable medium 711. The above-described functions defined in the system of the embodiments of the present disclosure are performed when the computer program is executed by the processor 701. The systems, devices, apparatus, modules, units, etc. described above may be implemented by computer program modules according to embodiments of the disclosure.
The present disclosure also provides a computer-readable storage medium that may be embodied in the apparatus/device/system described in the above embodiments; or may exist alone without being assembled into the apparatus/device/system. The computer-readable storage medium carries one or more programs which, when executed, implement methods in accordance with embodiments of the present disclosure.
According to embodiments of the present disclosure, the computer-readable storage medium may be a non-volatile computer-readable storage medium, which may include, for example, but is not limited to: a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this disclosure, a computer-readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. For example, according to embodiments of the present disclosure, the computer-readable storage medium may include ROM 702 and/or RAM 703 and/or one or more memories other than ROM 702 and RAM 703 described above.
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
Those skilled in the art will appreciate that the features recited in the various embodiments of the disclosure and/or in the claims may be combined in various combinations and/or combinations, even if such combinations or combinations are not explicitly recited in the disclosure. In particular, the features recited in the various embodiments of the present disclosure and/or the claims may be variously combined and/or combined without departing from the spirit and teachings of the present disclosure. All such combinations and/or combinations fall within the scope of the present disclosure.
The embodiments of the present disclosure are described above. However, these examples are for illustrative purposes only and are not intended to limit the scope of the present disclosure. Although the embodiments are described above separately, this does not mean that the measures in the embodiments cannot be used advantageously in combination. The scope of the disclosure is defined by the appended claims and equivalents thereof. Various alternatives and modifications can be made by those skilled in the art without departing from the scope of the disclosure, and such alternatives and modifications are intended to fall within the scope of the disclosure.
Claims (13)
1. An information processing method, comprising:
acquiring a first key and a plurality of second keys;
encrypting the first key based on the second key to generate an encryption key;
Sending the encryption key to a server;
in response to receiving a transmission request for transmitting a message to a plurality of recipients, encrypting the message based on the first key to generate a message ciphertext;
generating an interactive message based on the message ciphertext; and
broadcasting the interactive message to the plurality of recipients, such that the recipients obtain the encryption key from the server in response to the interactive message to decrypt the message ciphertext based on the encryption key;
wherein the obtaining the plurality of second keys comprises:
obtaining public keys of a plurality of receivers from a server; and
encrypting the public key and a private key of the local device using a communication-dependent algorithm to obtain a second key for each of the plurality of recipients;
the method is applied to a plurality of electronic devices, wherein the plurality of electronic devices comprise a master device and a slave device, and the plurality of electronic devices belong to a sender;
the method further comprises the steps of:
under the condition that the local equipment is switched from a master equipment to a slave equipment, the slave equipment sends a synchronous request to the master equipment, and the synchronous request is used for acquiring a private key of the master equipment; and
And the slave equipment receives the encryption result from the master equipment, determines the private key of the slave equipment according to the encryption result, and executes the operation of encrypting the first key.
2. The method of claim 1, wherein the encrypting the message based on the first key to generate a message ciphertext comprises:
taking the first secret key as an initial serial code of a ratchet algorithm;
generating a message key by utilizing the ratchet algorithm based on the initial string code; and
and encrypting the message based on the message key to generate a message ciphertext.
3. The method of claim 1, further comprising:
in the case that the local device is used as a master device, in response to receiving a synchronization request from the device, encrypting a private key of the local device to obtain an encryption result; and
and sending the encryption result to the slave device, so that the slave device determines the private key of the slave device according to the encryption result.
4. The method of claim 1, further comprising:
and in response to acquiring an instruction of switching the master device from the first device to the second device, sending switching information to a server, so that the server informs the slave device of resynchronizing the private key of the second device as the private key of the slave device.
5. The method of claim 3, wherein the sending a synchronization request to the master device comprises: in response to receiving the handoff information from the server, a synchronization request is sent to a master device specified in the handoff information.
6. The method of claim 1, further comprising:
and updating the first key in the case that the device information of the plurality of receivers changes.
7. An information processing method, comprising:
in response to receiving the interaction message, obtaining an encryption key from the server, the encryption key generated by the sender encrypting the first key based on the second key, wherein the interaction message comprises a message ciphertext;
determining a second key of the receiver, the second key generated by encrypting a public key of the receiver and a private key of a local device of the sender using a communication-dependent algorithm;
decrypting the encryption key based on the second key to obtain a first key; and
decrypting the message ciphertext based on the first key;
the local equipment of the sender comprises a plurality of electronic equipment, wherein the plurality of electronic equipment comprises a master equipment and a slave equipment;
The sender is configured to:
under the condition that the local equipment is switched from a master equipment to a slave equipment, the slave equipment sends a synchronous request to the master equipment, and the synchronous request is used for acquiring a private key of the master equipment; and
and the slave equipment receives the encryption result from the master equipment, determines the private key of the slave equipment according to the encryption result, and executes the operation of encrypting the first key.
8. The method of claim 7, wherein the decrypting the message ciphertext based on the first key comprises:
the number of iterations of the first key is performed by using a ratchet algorithm when the sender encrypted message is acquired;
iterating the first key according to the iteration times to obtain a message key; and
decrypting the message ciphertext based on the message key.
9. The method of claim 7, further comprising:
the first key is stored in a storage unit to decrypt other message ciphertext from the sender using the first key.
10. The method of claim 9, wherein the interaction message includes a first key identification therein, the method further comprising:
Determining whether the first key exists in the storage unit based on the first key identification;
and acquiring the first key from the storage unit under the condition that the first key exists in the storage unit.
11. An information processing apparatus comprising:
the acquisition module is used for acquiring the first key and a plurality of second keys;
a first generation module configured to encrypt the first key based on the second key to generate an encryption key;
the sending module is used for sending the encryption key to the server;
a second generation module for generating a message ciphertext by encrypting the message based on the first key in response to receiving a transmission request for transmitting the message to a plurality of recipients;
the third generation module is used for generating an interactive message based on the message ciphertext; and
a broadcasting module for broadcasting the interactive message to the plurality of receivers, so that the receivers acquire the encryption key from the server in response to the interactive message to decrypt the message ciphertext based on the encryption key;
the acquisition module is specifically configured to:
obtaining public keys of a plurality of receivers from a server; and
Encrypting the public key and a private key of the local device using a communication-dependent algorithm to obtain a second key for each of the plurality of recipients;
the device is applied to a plurality of electronic devices, wherein the plurality of electronic devices comprise a master device and a slave device, and the plurality of electronic devices belong to a sender;
the device is also for:
under the condition that the local equipment is switched from a master equipment to a slave equipment, the slave equipment sends a synchronous request to the master equipment, and the synchronous request is used for acquiring a private key of the master equipment; and
and the slave equipment receives the encryption result from the master equipment, determines the private key of the slave equipment according to the encryption result, and executes the operation of encrypting the first key.
12. An electronic device, comprising:
one or more processors;
storage means for storing one or more programs,
wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the method of any of claims 1-10.
13. A computer readable storage medium having stored thereon executable instructions which when executed by a processor cause the processor to perform the method of any of claims 1 to 10.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010110320.8A CN113300999B (en) | 2020-02-21 | 2020-02-21 | Information processing method, electronic device, and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010110320.8A CN113300999B (en) | 2020-02-21 | 2020-02-21 | Information processing method, electronic device, and readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113300999A CN113300999A (en) | 2021-08-24 |
| CN113300999B true CN113300999B (en) | 2023-12-05 |
Family
ID=77318529
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010110320.8A Active CN113300999B (en) | 2020-02-21 | 2020-02-21 | Information processing method, electronic device, and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113300999B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114338176A (en) * | 2021-12-29 | 2022-04-12 | 支付宝(杭州)信息技术有限公司 | Data transmission method, device and network card |
| CN114844688A (en) * | 2022-04-15 | 2022-08-02 | 浙江大华技术股份有限公司 | Data transmission method, device, equipment and computer storage medium |
| CN115529130B (en) * | 2022-11-25 | 2023-04-25 | 无锡沐创集成电路设计有限公司 | Data processing method, terminal, server, system, device, medium and product |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1119132A2 (en) * | 2000-01-19 | 2001-07-25 | Research In Motion Limited | Broadcasting encrypted messages using session keys |
| CN104243146A (en) * | 2014-09-05 | 2014-12-24 | 宇龙计算机通信科技(深圳)有限公司 | Encryption communication method and device and terminal |
| CN104539433A (en) * | 2014-10-30 | 2015-04-22 | 马洁韵 | Voice communication encryption system and encryption method thereof |
| CN105450395A (en) * | 2015-12-30 | 2016-03-30 | 中科创达软件股份有限公司 | Information encryption and decryption processing method and system |
| US9654288B1 (en) * | 2014-12-11 | 2017-05-16 | Wickr Inc. | Securing group communications |
| CN107566324A (en) * | 2016-06-30 | 2018-01-09 | 南京中兴新软件有限责任公司 | Encryption method, decryption method and device |
| CN107635227A (en) * | 2017-10-30 | 2018-01-26 | 中国联合网络通信集团有限公司 | A kind of group message encryption method and device |
| CN107682141A (en) * | 2017-10-26 | 2018-02-09 | 广州市雷军游乐设备有限公司 | Data ciphering method and system for data transfer |
| CN109802825A (en) * | 2017-11-17 | 2019-05-24 | 深圳市金证科技股份有限公司 | A kind of data encryption, the method for decryption, system and terminal device |
| WO2019110574A1 (en) * | 2017-12-04 | 2019-06-13 | Wellness Technology and Media Group Ltd | Methods of secure communication |
-
2020
- 2020-02-21 CN CN202010110320.8A patent/CN113300999B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1119132A2 (en) * | 2000-01-19 | 2001-07-25 | Research In Motion Limited | Broadcasting encrypted messages using session keys |
| CN104243146A (en) * | 2014-09-05 | 2014-12-24 | 宇龙计算机通信科技(深圳)有限公司 | Encryption communication method and device and terminal |
| CN104539433A (en) * | 2014-10-30 | 2015-04-22 | 马洁韵 | Voice communication encryption system and encryption method thereof |
| US9654288B1 (en) * | 2014-12-11 | 2017-05-16 | Wickr Inc. | Securing group communications |
| CN105450395A (en) * | 2015-12-30 | 2016-03-30 | 中科创达软件股份有限公司 | Information encryption and decryption processing method and system |
| CN107566324A (en) * | 2016-06-30 | 2018-01-09 | 南京中兴新软件有限责任公司 | Encryption method, decryption method and device |
| CN107682141A (en) * | 2017-10-26 | 2018-02-09 | 广州市雷军游乐设备有限公司 | Data ciphering method and system for data transfer |
| CN107635227A (en) * | 2017-10-30 | 2018-01-26 | 中国联合网络通信集团有限公司 | A kind of group message encryption method and device |
| CN109802825A (en) * | 2017-11-17 | 2019-05-24 | 深圳市金证科技股份有限公司 | A kind of data encryption, the method for decryption, system and terminal device |
| WO2019110574A1 (en) * | 2017-12-04 | 2019-06-13 | Wellness Technology and Media Group Ltd | Methods of secure communication |
Non-Patent Citations (1)
| Title |
|---|
| 一种高效的无线网络组密钥管理方案;柯钢;《西南师范大学学报(自然科学版)》;20170120(第01期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113300999A (en) | 2021-08-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20220006627A1 (en) | Quantum key distribution node apparatus and method for quantum key distribution thereof | |
| US5812671A (en) | Cryptographic communication system | |
| CN110335043B (en) | Transaction privacy protection method, device and system based on blockchain system | |
| CN113300999B (en) | Information processing method, electronic device, and readable storage medium | |
| CN104219051B (en) | The communication means and system of a kind of inner group message | |
| CN105376261B (en) | Encryption method and system for instant messaging message | |
| JP2015517685A (en) | Method, apparatus and system for implementing media data processing | |
| JP6556955B2 (en) | Communication terminal, server device, program | |
| WO2023160420A1 (en) | Group message encryption method and apparatus, device and storage medium | |
| JP7212697B2 (en) | Communication terminal, communication system, and program | |
| CN114499857B (en) | Method for realizing data correctness and consistency in encryption and decryption of large data quanta | |
| Reshma et al. | Pairing-free CP-ABE based cryptography combined with steganography for multimedia applications | |
| JPH10107832A (en) | Cipher multi-address mail system | |
| CN113297599A (en) | Data transmission system, data acquisition method, terminal, and storage medium | |
| CN106487761B (en) | Message transmission method and network equipment | |
| CN112217862A (en) | Data communication method, device, terminal equipment and storage medium | |
| KR20140148295A (en) | Broadcast encryption method and system | |
| Kadam et al. | Hybrid rsa-aes encryption for web services | |
| CN115834113A (en) | OT communication method, OT communication device, electronic device, and storage medium | |
| Somaiya et al. | Implementation and evaluation of EMAES–A hybrid encryption algorithm for sharing multimedia files with more security and speed | |
| US11082406B2 (en) | System and method for providing end-to-end security of data and metadata | |
| JP2018042081A (en) | Data transmitting/receiving method and sensing system | |
| WO2015156145A1 (en) | Re-encryption method, re-encryption system, and re-encryption device | |
| CN110855628A (en) | Data transmission method and system | |
| CN112889240B (en) | Server device, communication terminal, communication system, and recording medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |