A7 B7 經濟部中央標準局員工消费合作社印製 五、發明説明() 發明領域: 本發明關於一種在通話網路中在通訊各方間之傳輪 之保護方法。 發明背景: 在通訊的開始,通常在通訊網路中的多烟應用間進行 符號交換(handshake),其中有關之各方通常確認 (authenticate)*r万並交換重要資訊,例如協商在通訊中將 用的蹁碼運算法則(encryption algorithm)及密碼檢索表 (cryptographic key)。在符號交換後,才傳輸眞實资料。舉 例而言,藉由接瑪以安排傳輪的機密性。第la圈及第lb 圈呈現可用來保護傳输的兩種已知的密场運算法則:對·稱 撿索表運算法則及公共撿索表運算法則。 第la圈呈現基於兩値參加者分享的秘密檢索表的對 稱運算法則。在參加者A的一端,在第la圖所示的箱子E 裡,用分享的秘密撿索表K,把將傳到參加者B的訊息Μ 编碼。經由一條傳送路徑傳送此訊息,以做為编碼的密碼 内容C,參加者Β可在第la醒所示的箱子D裡,依相同的 秘密撿索表K,把該訊息解碼。藉著解碼,參加著B得到 原始瓿息Μ。竊聽傳訊的侵入者須知秘密檢索表K,才能 讀及瞭解所傳的密瑪内容C。可把該對稱運算法則的编碼 及解礴表示為以下方程式: C * ΕΚ(Μ) Μ =* DK(C) 2 本紙張尺度適用中國國家標準(CNS ) A4規格(210X297公釐〉 ^—^-------1T—-----^--^ {請先閱讀背面之注意事項再填寫本I) A7 B7 經濟部中央標準局負工消費合作社印聚 —混合编碭法則運 僅期吼撿索表(session k 五、發明説明( 其中,C是密碼内容,Μ是普通的(未編碼的)訊息, Εκ是用检索表所做的鉻碼,DK是用檢索表所做的解碼。 第lb圈呈現公開撿索表運算法則,這是對稱方法。 此運置法則是基於兩份撿索表:公閹撿索表及私人檢索表 。此二檢索表的關係是用公蘭檢索表K+所搞碼的訊息僅 能用對應私人檢索表K.予以解碼,反之亦然。在笫lb圖 中,在參加者A的一端,在箱子E中,用目揲接收者的公 期撿索表K+,把訊息Μ編磷。經由一條傳送路徑傳送编瑪 的訊息C到參加者Β的一蟪,參加者Β在箱子D裡,依對 應私人撿索表Κ.,還康該訊息。可把該對稱運算法則的鵜 礴及解瑪表示為以下方程式: C = Εβ+(Μ) Μ * Db*(C) 其中,C是密碼内容,Μ是普通的(未编磷的)訊息, Εβ+是用撿索表ΚΒ +所做的蝙碼,D,是用檢索表ΚΒ·所做 的解碍。 在公開檢索表運算法則中,用訊息發送者的私人檢索 表Κ·所做的訊息的蝙瑪做為簽名,因為任何人可用發送者 的公開撿索表Κ+把該訊息解碼。跣然用不對稱檢索表的時 間比用對稱檢索表的時間長,不對稱運糞法則需要較多處 理功率。因此,不對稱算法剌適合把大量資料編碼。 用k述兩種運算法則。舉例而言, :ey)是用公開換索表運篁則予〆* 交換,且用對稱方法把it訊的其中部分编碼。 本紙張尺度適用中國國家標率(CNS ) A4規格(2丨0 X 297公釐) -----^--------裝If----訂—-----線f ‘ f碕先閲讀背面之注意事碩再填寫本耳} B7 五、發明説明() 為在連絡中提供訊息完整性及確認,計算訊息確認瑀 (MAC,message authentication code)並把它附於所傳送的 訊息。舉例而言,可依以下方式運用單向混雜運算法則計 算 MAC : h = Η(Κ,Μ,K) 其中,Κ是檢索表,Μ是訊息,Η是混雜功能。輸入 不能從輸出予以扣除。當MAC被附於一個訊息,就不能 破解或公開該訊息。接收方用所接收的訊息友舆傳送方所 用者相同的泥雜功能及檢索表計算MAC ,並比較所算出 的MAC及附於該訊息的MAC,以證實它。 第2圈呈現多個通訊速絡的例子。在GSM(泛歐全球 行動通訊系統)網路中運作的行動台(MS)能做直接從GSM 網路到貯存單元的連絡。第2圈所呈現的其他可能速絡是 從GSM網路經閘道(GW)及網除網路到不同服務的速絡。 在行動通訊網路中(例如GSM),從行動台MS至GSM網路 的空氣介面被良妤保護而不被誤用,但該傳送路徑的其他 部分像任何其他公開t話網路一樣易被侵害,未有任何方 法可提供連絡安全。 經濟部中央標準局員工消费合作社印製 (請先閲讀背面之注意事項再填寫本頁) 提供連絡安全所遇到的一個問題是符號交換需要許 多處理時《,因為須在有鼷的各方之《傳送數個訊息。在 行動通訊網路中,在行動台裡的低處理功率及窄頻寬使符 號交換特別麻煩。對有大量同步處理的應用(例如在貯存 單元裡的伺服機)而言,符號交換亦是麻煩的。因此,吾 人希望把符號交換的數量及時間減到最少。達導致攻擊者 4- 本紙張尺度適用中國國家標準(CNS.)八衫見格(210X297公釐) 經濟部中央標準局員工消费合作社印聚 A7 ____ B7 _. 五、發明説明() 有許多時閼蝙碼,因為在兩次符號交換間用相同编碼檢索 表。若攻擊者在编碎法射中成功,則他可取得在兩次符號 交換之《所傳送的全部資料。 發明概讒: 本發明之目的是提供一種方法以牢固保護在多個通 訊應用之間(特別是經由窄頻寬速絡)所傳送的资訊而不必 然瓣通机各方造成負荷。 用本發明的方法可達成上述目的,本發明的方法的特 歡見於申請專利範面第1項。本發明的多個特定實施例見 於其他項申婊專利範团。 本發明依據後述觀念:通訊各方在傳送期《 (session) 中,依彼此協議的用期(康文是intervals,意指一次計算 到下一次計算的時《),彼此同步重新計算安全參數,並 繼績通訊,且用這些新參數為訊息提供連絡安全。通訊各 方監視重新計算的用期,並在所協議的周期中重新計算, 並因此改變安全參努而不發生符號交換。在本發明的基本 實施例中,把各個訊息標號,且這呰號礴在各個周期中啓 動重新計算。 本發明的方法的優》是可在連絡期間中改變安全參 數而不必符號交換。這減少對符號交換的需求。 本發明的方法的另一優點是可改進傳送的安全,亦即 攻擊變得更難且更無利益。A7 B7 Printed by the Consumer Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs 5. Description of the invention () Field of the invention: The present invention relates to a method for protecting the transfer of communication between parties in a communication network. Background of the invention: At the beginning of communication, a handshake is usually performed between smoke-prone applications in the communication network. The parties concerned usually authenticate and exchange important information. For example, negotiation will be used in communication. Encryption algorithm and cryptographic key. The actual data is transmitted after the symbol exchange. For example, the confidentiality of the pass is arranged by picking up the horse. Circles la and lb present two known dense-field algorithms that can be used to protect transmissions: antithesis search table algorithms and public search table algorithms. Circle la presents a symmetric algorithm based on a secret retrieval table shared by two participants. At the end of participant A, in the box E shown in Figure la, the shared secret search table K is used to encode the message M to be transmitted to participant B. This message is transmitted via a transmission path as the coded cipher content C. Participant B can decode the message in the same secret search table K in box D as shown in the next page. By decoding, participate in B to get the original ampoule M. The intruder who eavesdrops on the communication must know the secret retrieval form K in order to read and understand the transmitted Cima content C. The encoding and solution of the symmetric algorithm can be expressed as the following equation: C * ΕΚ (Μ) Μ = * DK (C) 2 This paper size is applicable to the Chinese National Standard (CNS) A4 specification (210X297 mm> ^ — ^ ------- 1T —----- ^-^ {Please read the notes on the back before filling in this I) A7 B7 Printed by the Central Standards Bureau of the Ministry of Economic Affairs and Consumer Cooperatives—Mixed Editing Rules This is a search list (session k V. Description of the invention (where C is the password content, M is the ordinary (uncoded) message, Εκ is the chrome code made using the search form, and DK is the search form The decoding is done. Circle lb presents the public retrieval table algorithm, which is a symmetric method. This operation rule is based on two retrieval tables: the public retrieval table and the private retrieval table. The relationship between the two retrieval tables is The message coded by Gonglan search form K + can only be decoded with the corresponding private search form K. and vice versa. In the 笫 lb diagram, at the end of participant A, in box E, use the recipient ’s In the official period, the table K + is searched and the message M is edited. The message C is transmitted to the participant B through a transmission path. In addition, B is in the box D and corresponds to the private search table K. The message can also be expressed as the following equation: C = Εβ + (Μ) M * Db * (C) Among them, C is the content of the password, M is the ordinary (unprogrammed phosphorus) message, Εβ + is the bat code made using the search table KB +, and D is the solution made using the retrieval table KB. In the public retrieval table algorithm, the signature of the message made by the sender's private retrieval table K · is used as the signature, because anyone can decode the message with the sender's public retrieval table K +. It takes longer to use an asymmetric lookup table than a symmetric lookup table. Asymmetric manure transport requires more processing power. Therefore, asymmetric algorithms are not suitable for encoding large amounts of data. Use k to describe two algorithms. For example ,: Ey) is exchanged with a public exchange table, and then 〆 * is exchanged, and a part of it is coded using a symmetric method. This paper size applies the Chinese National Standard (CNS) A4 specification (2 丨 0 X 297 (Mm) ----- ^ -------- Install If ---- Order ------- line f 'f 碕 read the note on the back first Master again fill in this ear} B7 V. Description of the invention () To provide message integrity and confirmation in the contact, calculate the message authentication code (MAC) and attach it to the transmitted message. For example, The MAC can be calculated using the one-way hashing algorithm in the following way: h = , (K, M, K) where K is the lookup table, M is the message, and Η is the hash function. Inputs cannot be deducted from the output. When MAC is attached In a message, it cannot be cracked or made public. The receiver calculates the MAC using the same messy function and lookup table used by the receiver and the sender, and compares the calculated MAC and the MAC attached to the message to confirm it. The second circle presents multiple communication speed examples. A mobile station (MS) operating in a GSM (Pan-European Global System for Mobile Communications) network can make a direct connection from the GSM network to the storage unit. The other possible speed networks presented in lap 2 are speed networks from GSM networks via gateways (GW) and network removal to different services. In mobile communication networks (such as GSM), the air interface from mobile station MS to GSM network is well protected from misuse, but other parts of the transmission path are as vulnerable as any other public telephone network. There is no way to provide contact security. Printed by the Consumers' Cooperative of the Central Standards Bureau of the Ministry of Economic Affairs (please read the notes on the back before filling out this page). One of the problems encountered in providing contact security is that symbol exchange requires a lot of processing. "Sending several messages. In mobile communication networks, low processing power and narrow bandwidth in mobile stations make sign exchange particularly troublesome. For applications with a large number of simultaneous processes (such as a servo in a storage unit), symbol swapping is also cumbersome. Therefore, we want to minimize the amount and time of handshaking. Leading to the attacker 4- This paper size applies the Chinese National Standard (CNS.) Yakisumi (210X297 mm) Employees' Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs printed A7 ____ B7 _. V. Description of invention () There are many times阏 Bat code, because the same code is used to retrieve the table between two handshakes. If the attacker succeeds in marshalling, he can obtain all the data transmitted in the two symbol exchanges. Summary of the invention: The object of the present invention is to provide a method to securely protect the information transmitted between multiple communication applications (especially through a narrow bandwidth network) without having to load the parties of the machine. The above-mentioned object can be achieved by the method of the present invention, and the method of the present invention is particularly preferred in the first aspect of the patent application. Specific embodiments of the invention are found in other patent applications. The present invention is based on the concept described later: during the transmission period (session), the communication parties use the time period agreed upon with each other (Kangwen is intervals, meaning the time from one calculation to the next calculation), recalculate the security parameters in synchronization with each other, and Continue communication and use these new parameters to provide contact security for messages. The communication parties monitor the recalculation period and recalculate it in the agreed period, and therefore change the security parameters without sign exchange. In the basic embodiment of the present invention, each message is numbered, and this number is recalculated in each cycle. The advantage of the method of the present invention is that the security parameters can be changed during the contact period without the need for symbol swapping. This reduces the need for handshaking. Another advantage of the method of the invention is that the security of the transmission can be improved, i.e. attacks become harder and less profitable.
_ F 本紙張尺度通用中國國家標準(CMS ) A4規格(210X297公釐) ---------裝—「----訂------線--. (請先閲讀背面之注意事項再填寫本頁) 經濟部中央樣準扃员工消费合作社印s A7 ____ B7 _ . , 五、發明説明() 圈式簡述: 第la圈是一個對稱编碼運算法則的方塊明。 第lb國是一個不對笋编碼運算法則的方塊圈? 第2圈是從行動通訊網路到一.些應用的連.路的一些例子。 第3覊IS示多個通訊期間撿索表,其依據本發明的基本實 施例,為所傳送的訊息提供連絡安全。 第4圈係本發明的基本實施例的流程圈。 發明詳述: 本發明可被應用在任何通訊網路中。以下,用在數值 式GSM(泛歐全球行動通訊系統)***中運作並輿在gSM 網路内或外的應用通訊的行動台為例,詳知揆迷本發明。 以下參考第2、3及4圈,更詳Μ描述本發明的基本 實施例。 第2圈係稍早所述之連络的例子。連絡在貯存單元中 的伺服器的行動台MS首先進行依據先前技術的符號交換 ,在其中,MS及貯存單元Φ可能確認彼此,並交換所需 的任何期間檢索表。依據本發明,在符號交換中,行動台 與在貯存單元裡的應用協商,及铬議適t周期(intervals) 以重新計算安全參數,被用以提供在通訊中的隱私、資料 完整及確認。舉例而言,可進行谄商以致通訊各方(在第2 國所示的例子中,是行動台MS及在貯存單元中的應用) 提議適當的重新計算的周期,且選擇並協議所提議的幾段 周期之一。將用以決定周期的適當參數的一個例子是訊息 6 本紙張尺度適用中國國家標準(CNS ) Λ4規格(210X 297公釐) -----^-----裝一'Λ----訂------線——C · {請先閱讀背面之注意事項再填寫本頁) 經濟部中央標準局貝工消費合作社印掣 A7 B7 五、發明説明() 序列數,例如每一個第四號詛東成一段速當斯聞(period) 。即使不需符號交換且因此不在通訊期間的閼始進行符 號交換,依據本發明,遘訊各方仍须協議重新計算的周期 〇 協議重新計篡的用期後,雙方監視所捣議的周期。若 诲議田個訊泉德的用期,則任一方轚视所傳送的訊息的數 量,這需要無損失訊息的可靠傳送媒介,或把所傳送的全 部訊息编號並傳送這些序號及該等訊息。傳送序號或時刻 印記及該等訊息的優點是在兩鴂的重新計算是同步的,雎 然有呰訊息在途中損失或所接收的訊息不依正確順序。在 上述實施例t,當第四個訊息被傳送及被接收,通訊雙方 重新針算安全麥數並使用這些新參數為後續四锢訊息提 供連絡安全。不是在參數的重新計算中或後進行符號交換 或任何其他期闍檢索表交換。舉例而言,重新計算 分享的秘密及最後序统。可依下列方式,用安全參數計算 編瑪用的期間檢索表及极息確認碼:_ F This paper is sized according to the Chinese National Standard (CMS) A4 (210X297 mm) --------- installation-"---- order ------ line--" (Please read first Note on the back, please fill in this page again.) Central sample of the Ministry of Economic Affairs 印 A7 ____ B7 _., V. Description of the invention () Brief description of the circle: The first circle is a block description of a symmetric coding algorithm. Country lb is a square circle that does not encode the bamboo shooter algorithm? Circle 2 is some examples of links from mobile communication networks to some applications. The third example is the search table during multiple communications. According to the basic embodiment of the present invention, it provides contact security for the transmitted message. The fourth circle is the flow circle of the basic embodiment of the present invention. Detailed description of the invention: The invention can be applied to any communication network. In the following, A mobile station operating in a numerical GSM (Pan-European Global System for Mobile Communications) system and communicating with applications inside or outside the gSM network is taken as an example to understand the invention in detail. Reference is made to laps 2, 3 and 4 below. The basic embodiment of the present invention will be described in more detail. The second circle is an example of the contact described earlier. The mobile station MS of the server networked in the storage unit first performs a symbol exchange according to the prior art, in which the MS and the storage unit Φ may confirm each other and exchange lookup tables for any period required. According to the present invention, in the symbol exchange The mobile station negotiates with the application in the storage unit, and re-calculates the security parameters during the t-intervals, which are used to provide privacy, completeness and confirmation of the information in the communication. For example, 谄As a result, the communication parties (in the example shown in the second country, the mobile station MS and its application in the storage unit) propose an appropriate recalculation period, and select and agree on one of the periods proposed. An example of an appropriate parameter to determine the period is message 6. The paper size applies the Chinese National Standard (CNS) Λ4 specification (210X 297 mm) ----- ^ ----- packed 'Λ ---- Order ------ line——C · {Please read the notes on the back before filling out this page) Printed by the Central Standards Bureau of the Ministry of Economy, Shellfish Consumer Cooperatives, A7 B7 V. Description of the invention () Sequence number, such as each Curse No. 4 East into One Period. Even if no symbol exchange is required and therefore no symbol exchange is performed at the beginning of the communication period, according to the present invention, the parties to the communication must agree on the period of recalculation. After the agreement recounts the period of tampering, The two parties monitor the cycle of the dispute. If the duration of the Tianquanquande is disregarded, either party despise the number of messages transmitted, which requires a reliable transmission medium without loss of information, or the entire message transmitted The serial number and these messages are transmitted. The advantage of sending serial numbers or time stamps and such messages is that the recalculation of the two frames is synchronized, but there are some messages that are lost on the way or the received messages are not in the correct order. In the above-mentioned embodiment t, when the fourth message is transmitted and received, the communicating parties calculate the security number again and use these new parameters to provide contact security for the subsequent four messages. It is not a symbol exchange or any other period retrieval table exchange during or after the recalculation of parameters. For example, recalculate shared secrets and final order. The security parameters can be used to calculate the period retrieval table and the extreme interest confirmation code for editing as follows:
Kn = H(S, N) MAC = H(M, S, N) 其中H是預定涨合運算法則,S是分享的秘密,N是 最後序號,且Μ是將以普通内容傳送的訊息。 第3圈表現本發明的期間撿索表的改變的例子。在第 3圈中,毋杆動会MS所傳出的讯息被標以〇至$的序號。 在第3圈中,重新計算的周期是在兩個被傳送的訊息以後 。有序號0的訊息被傳到用期間檢索表K1予以编碼的脖 7 本紙張尺ϋ用中國國家標準(CNS ) M規格(210x297公釐) ---------裝IΛ----訂------線--( (請先閱讀背面之注意事項再填寫本萸) B7 五、發明説明() 存單元。對稱運算法則被用在编碼中,在貯存單元裡的應 用用相同的期間檢索表K1把訊息0解碼。有序號1的訊息 也被傳出以期間檢索表K1予以编碣,因行動台己傳送.兩 個訊息,行動台MS及在貯存單元裡的應用都用雙方分车 的秘密及最後序號(亦即1)重新計算安全參數(例如期間檢 索表K2)。重新計算後,MS傳送下一個訊息2到用期間檢 索表K2予以编务的貯存單元。訊息3也在傳送前以期間檢 索表K2予以编碼。MS及在貯存單元裡的應用注意已達成 所诲議的用期,且雙方用分享的秘密及最後序號3重新計 算安全參數(例如期問檢索表K3>。 經濟部中央梂準局負工消費合作社印製 (請先聞請背面之注意事項再填寫本頁) 第4«係本發明的基本實施例的流程覊。在一次通訊 的開始,在步驟41,有闕於通钒的各方(在第2圈中是MS 及在貯存單元裡的應用)¾未並協議安全參數重新計算的 周期。如上述例子,我捫假设用期是在兩個被傳送的訊息 後。通訊雙方追蹤被傳送的訊息的编號,摹例而言,用在 每一端的計數器。在步驟42,通訊雙方之一(例如MS)把 將輿期間檢索表K1 (期闥撿索表K1來自符號交換時交換 的分享的秘密或有關的各方以其他方式分享的秘密)一起 傳送的第一訊息编碼。被鵜磷的钒息被傳送且接收方以對 應的期間檢索表K1把該訊息解碼(步驟43)。在此時,計 數器被設為1。在步驟44,雙方(在此例中是MS及在貯存 單无t之應用)藉著撿査在計數器裡的值是否等於協議的 周期,而檢査是否已達到協議的用期。因為所傳送的訊息 僅是第一訊息,所以不重新計算,且用相同的期間檢索表 ____ 8 —本紙痕尺度適用中關家標準(CNS ) A4規格(210X297公趁) " 經濟部中央榡準局員工消費合作社印聚 A7 ___ B7 , 五、發明説明() K1把下一個訊息编碼並解碼。傳送兩個訊息且計數器指示 數值2(對應協議的周期)後,在步驟44的的子句變成眞, 且通訊雙方以預定方式重新計算安全參數,並獲得一分新 的期間檢索表K2(步驟45)。在步驟46,重新設定周期監 梘,亦即重新開始計數,舉例而言,把計數器設定為〇 〇 在步驟47,檢査是否還有訊息要送出,若有,則在步驟 42用最新的期間檢索表Κ2繼續把將傳送的訊息编碼,之 後,該訊息被傳送且計數器被設為數值1。過程以相似的 方式繼績,直到要送出的訊息被傳送。 在本發明的另一實施例中,MAC被用來為ά息傳送 提供連络安全β代翁瑪。依據本發明,舉例而言,從安全 參數的最後被觸發的重新計算的序號計算MAC。在第3 圈所示的例子中,對用K2予以接的訊息,MAC被計算 為序號1,對用K3予以编號的訊息,MAC被計算為序號3 。除此而外,本發明的此實施例的實施方式與第一實施例 的實施方式相同。 本發明的另一實施例用编碼及MAC為訊息提供連絡 安全。用上述幾個實施例即可達成此實施例。 安全參數的重新計算還包括改變在把下一訊息编碼 時所用的编碼運算法則的可能性。 «式及相隨的解释僅為展示本發‘相的原則。本發明的 細節可在申諝專利範固内變化。雖然以上大部分描述本發 明在行動台及服務應用通訊中之使用,本發明還可提供在 任何兩個或更多個一起通訊的應用間的訊息的連络安全 9 本紙張尺度適用中國國家標準(CNS ) A4規格(210X297公釐) -----·——---装|「----訂------線--f 1请先閱讀背面之注意事項鼻填寫本頁) 五、發明説明() A7 B7 ,還可應用在演講(speech)、資料及短訊(short message) 傳送裡的行動至行動連絡。本發明還適合計算在期間檢索 表及MAC以外的安全參數。本發明不限於上述的编碼, 卻可與任何编瑪運算法則一起應用。Kn = H (S, N) MAC = H (M, S, N) where H is the predetermined expansion algorithm, S is the shared secret, N is the last serial number, and M is the message to be transmitted as normal content. The third lap shows an example of the change of the retrieval table during the present invention. In the third lap, the messages sent by the MS will be numbered from 0 to $. In cycle 3, the recalculation period is after the two transmitted messages. A message with a serial number of 0 was transmitted to the neck coded with the period search form K1. The paper size is in accordance with the Chinese National Standard (CNS) M specification (210x297 mm) --------- I I-- --Order ------ line-(Please read the precautions on the back before filling in this note) B7 V. Description of the invention () Storage unit. The symmetric algorithm is used in coding and in the storage unit The application uses the same period retrieval table K1 to decode the message 0. The message with the serial number 1 is also sent out and the period retrieval table K1 is compiled because the mobile station has transmitted it. Two messages, the mobile station MS and the storage unit The application uses the secret and the last serial number (ie, 1) of both parties to recalculate the security parameters (such as the period retrieval table K2). After recalculation, the MS sends the next message 2 to the period retrieval table K2 for storage. Unit 3. Message 3 is also encoded with the period retrieval form K2 before transmission. MS and the application in the storage unit have noticed that the agreed period has been reached, and both parties recalculate the security parameters using the shared secret and the final serial number 3 ( For example, the periodical search form K3 >. Printed by the company (please listen to the notes on the back before filling out this page) Chapter 4 «is the flow of the basic embodiment of the present invention. At the beginning of a communication, in step 41, there are parties who are involved in vanadium ( In the second circle, the MS and its application in the storage unit) ¾ The cycle of recalculating the security parameters of the protocol. As the above example, I assume that the period of use is after the two messages are transmitted. The two sides of the communication track the transmission. The number of the message, for example, a counter at each end. In step 42, one of the two communication parties (such as MS) sends the period retrieval table K1 (the period retrieval table K1) from the The shared secret or the secret shared by other parties in other ways) the first message code transmitted together. The vanadium interest of the phosphorus is transmitted and the receiver decodes the message with the corresponding period retrieval table K1 (step 43) At this time, the counter is set to 1. At step 44, the two parties (in this example, MS and the application without t in the storage order) check whether the value in the counter is equal to the period of the agreement and check whether Has reached the end of the agreement. The message sent is only the first message, so it is not recalculated, and the same period search form is used. ____ 8 — The paper mark size applies the Zhongguanjia Standard (CNS) A4 specification (210X297) while the central Ministry of Economic Affairs Bureau employee consumer cooperative printed A7 ___ B7, V. Description of invention () K1 encodes and decodes the next message. After sending two messages and the counter indicates the value 2 (corresponding to the period of the agreement), the clause in step 44 Becomes 眞, and the communicating parties recalculate the security parameters in a predetermined manner and obtain a new period retrieval table K2 (step 45). In step 46, the cycle monitoring is reset, that is, counting is restarted. For example, to The counter is set to 00. In step 47, it is checked whether there is any message to be sent. If it is, then in step 42, the latest period retrieval table K2 is used to continue encoding the message to be transmitted. After that, the message is transmitted and the counter is set. Is the value 1. The process continues in a similar manner until the message to be sent is transmitted. In another embodiment of the present invention, the MAC is used to provide communication security for the message transmission. According to the invention, for example, the MAC is calculated from the last recalculated sequence number of the security parameter that was triggered. In the example shown in circle 3, for messages received with K2, the MAC is calculated as sequence number 1, and for messages numbered with K3, the MAC is calculated as sequence number 3. Except for this, the embodiment of this embodiment of the present invention is the same as the embodiment of the first embodiment. Another embodiment of the present invention uses codes and MACs to provide communication security for messages. This embodiment can be achieved by using the above several embodiments. The recalculation of the security parameters also includes the possibility of changing the coding algorithm used when coding the next message. The «style and accompanying explanations are just to show the principle of the‘ phase of the present invention ’. The details of the invention may vary within the scope of the patent application. Although most of the above describes the use of the present invention in mobile station and service application communication, the present invention can also provide the security of the communication between any two or more applications communicating together. 9 This paper standard applies to Chinese national standards (CNS) A4 specifications (210X297 mm) ----- · ——--- install | "---- Order ------ line --f 1 Please read the notes on the back first and fill out this Page) 5. Description of the invention () A7 B7, can also be applied to speech-to-speech, data and short message transmission of action-to-action contact. The invention is also suitable for calculating security other than period lookup tables and MAC Parameters. The present invention is not limited to the encoding described above, but can be applied with any encoding algorithm.
請 I 先I 閱 | 讀 背I 面 I 之- % I $ I 項 再 填I 弇裝 I I ,1T1^1 ml i ml Jut n-^ 經濟部中央標準局員工消費合作社印掣 線--「------- 本紙張尺度適用中國國家標準(CNS ) A4規格(210X 297公釐)Please read it first | Read the back of I-% I $ I, then fill in I Outfit II, 1T1 ^ 1 ml i ml Jut n- ^ Printed by the Consumers' Cooperatives of the Central Standards Bureau of the Ministry of Economic Affairs-"- ------ This paper size applies to China National Standard (CNS) A4 (210X 297mm)