WO2012075761A1 - Method and system for encrypting multimedia message service - Google Patents

Method and system for encrypting multimedia message service Download PDF

Info

Publication number
WO2012075761A1
WO2012075761A1 PCT/CN2011/072762 CN2011072762W WO2012075761A1 WO 2012075761 A1 WO2012075761 A1 WO 2012075761A1 CN 2011072762 W CN2011072762 W CN 2011072762W WO 2012075761 A1 WO2012075761 A1 WO 2012075761A1
Authority
WO
WIPO (PCT)
Prior art keywords
mms
data
terminal
encrypted
mms data
Prior art date
Application number
PCT/CN2011/072762
Other languages
French (fr)
Chinese (zh)
Inventor
杨玉林
曹耀斌
张蓬勃
邓方民
孙君生
于松
薛涛
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2012075761A1 publication Critical patent/WO2012075761A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0464Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload using hop-by-hop encryption, i.e. wherein an intermediate entity decrypts the information and re-encrypts it before forwarding it
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/12Messaging; Mailboxes; Announcements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption

Definitions

  • the present invention relates to the field of encryption and decryption technology, and in particular, to a method and system for encrypting MMS (Multimedia Message Service). Background technique
  • MMS Data service is the focus of the development of the third generation of mobile communication technology.
  • MMS is one of the most important data services. Its commercial value is getting higher and higher, the industrial chain is getting bigger and bigger, and it is basically fully popularized to every user in application. Therefore, it is highly concerned by users and operators, so the confidentiality and security of MMS are also receiving more and more attention.
  • the MMS data sent by the user is transmitted in plain text and cached in the form of plain text on the server side. It is very easy to be stolen by a third party and cannot achieve the purpose of transmitting confidential information.
  • the application number is CN200810170689.7, and the invention is entitled "Patent Application for Protection of Mobile Terminals and Their Data Service Messages", which provides a method for protecting a mobile terminal and its data service message, the main feature of which is to use a public key.
  • private key system for encryption Specifically: 1. receiving a data service message that is sent by the sender and encrypted by using a private key certificate, where the information header of the data service message includes the device identity code of the sender; 2. searching according to the device identity code. A public key certificate having the sender, if any, decrypting the data service message with the public key certificate.
  • the application number is CN200810089191.8
  • the patent application whose invention name is "MMS encryption method and mobile terminal for transmitting and receiving encrypted MMS" is also the method of the public key system, specifically: 1.
  • the mobile terminal A uses the public key of B to encrypt the multimedia message to obtain the ciphertext; 2.
  • the mobile terminal A sends the ciphertext to the mobile terminal B; 3.
  • the mobile terminal B decrypts the ciphertext by using its private key to obtain the multimedia message.
  • the object of the present invention is to provide a method and system for encrypting an MMS, which can better solve the problem that the MMS is easily stolen and easily cracked, and the public key private key encryption and decryption technology needs to pre-allocate the public key and the private key and needs
  • the implementation process caused by an electronic visa authority has a large inconvenience.
  • a method for encrypting an MMS comprising: the transmitting terminal encrypting the MMS data by using the transmitting terminal key CK, and transmitting the encrypted MMS data to the network side MMSC;
  • the MMSC After receiving the encrypted MMS data, the MMSC decrypts the encrypted MMS data by using the transmitting terminal CK, and then re-encrypts the decrypted MMS data by using the receiving terminal CK, and then re-encrypts
  • the MMS data is sent to the receiving terminal.
  • the MMSC acquires the transmitting terminal CK and the receiving terminal CK from the network side data center.
  • the network side data center is a home location register/authentication center (HLR/AUC).
  • HLR/AUC home location register/authentication center
  • the network side MMSC acquires the transmitting terminal CK and the receiving terminal CK from the HLR/AUC simultaneously, or acquires the transmitting terminal CK and the receiving terminal CK, respectively.
  • the transmitting terminal CK and the receiving terminal CK are variable.
  • the encrypted MMS data is the body of the MMS protocol data unit (MMS PDU)
  • MMS PDU MMS protocol data unit
  • the (BODY) part is the key data in the BODY of the MMS PDU.
  • the method further includes: the sending terminal selecting whether to encrypt the sending MMS.
  • the method further includes: after receiving the re-encrypted MMS data, the receiving terminal decrypts the re-encrypted MMS data by using the receiving terminal CK.
  • a system for encrypting an MMS comprising: a transmitting terminal, configured to encrypt MMS data by using a sending terminal key CK, and send the encrypted MMS data to a network side MMSC; And after receiving the encrypted MMS data, decrypting the encrypted MMS data by using the sending terminal CK, and then re-encrypting the decrypted MMS data by using the receiving terminal CK, and transmitting the re-encrypted MMS data to the receiving terminal.
  • the MMSC is further configured to acquire the transmitting terminal CK and the receiving terminal CK from the network side data center.
  • the transmitting terminal is further configured to select whether to encrypt and transmit the MMS data.
  • the receiving terminal decrypts the re-encrypted MMS data by using the receiving terminal CK.
  • the invention has the beneficial effects that: the network side MMSC participates in the adding and decrypting process and uses the CK to add and decrypt the MMS, so that the MMS is not easily stolen and cracked by the third party during the transmission and storage process. And the implementation process of encryption and decryption is more convenient.
  • FIG. 1 is a flow chart of a method for encrypting an MMS provided by the present invention
  • FIG. 2 is a flowchart of constructing MMS data by a transmitting terminal according to an embodiment of the present invention
  • FIG. 3 is a flowchart of constructing MMS data by an MMSC according to an embodiment of the present invention
  • FIG. 4 is a flowchart of constructing MMS data by a receiving terminal according to an embodiment of the present invention
  • FIG. 5 is a schematic structural diagram of a system for encrypting an MMS according to an embodiment of the present invention. detailed description
  • FIG. 1 is a flow chart of a method for encrypting an MMS provided by the present invention. As shown in FIG. 1, the method includes the following steps:
  • the sending terminal encrypts the MMS data by using a sending terminal CK (cipher key), and sends the encrypted MMS data to a network side MMSC (MULT MEDIA MESSAGE SERVICE CENTER).
  • CK cipher key
  • the transmitting terminal uses its own CK as an encryption factor to encrypt the MMS data by using the encryption and decryption module, and adds a corresponding encryption indication field to the HEADER of the MMS PDU (Protocol DATA UNIT), and transmits the encrypted MMS data.
  • CK an encryption factor
  • MMS PDU Protocol DATA UNIT
  • the encrypted MMS data is the main body (BODY) part of the MMS PDU or the key data in the BODY of the MMS PDU.
  • the MMSC on the network side decrypts the received encrypted MMS data by using the sending terminal CK, and then re-encrypts the decrypted MMS data by using the receiving terminal CK, and sends the re-encrypted MMS data. To the receiving terminal.
  • the MMSC identifies the encrypted indication field in the HEADER of the received MMS PDU to determine whether it is encrypted MMS data, and if so, obtains and transmits from the HLR/AUC (HOME LOCATION REGISTER/AUTHENTICATION CENTER, Home Location Register/Authentication Center)
  • the terminal CK and the receiving terminal CK first decrypt the encrypted MMS data using the encryption and decryption module as the decryption factor, and then use the encryption and decryption module as the encryption factor to re-encrypt the MMS, and then re-encrypt the MMS data. Send to the receiving terminal.
  • step S200 The sending terminal selects whether to encrypt and send the MMS data, if the sending terminal selects the encrypted sending, step S201 is performed, otherwise step S205 is performed.
  • the sending terminal obtains the current valid CK from the local USIM (Universal Subscriber Identity Module), and the CK is obtained by an algorithm calculated by the RAND and the root key KI of the sending terminal, where RAND is in the signaling connection.
  • the random number sent to the transmitting terminal during the authentication process of the network to the transmitting terminal at the time of establishment, and the KI is a security key shared by the USIM and the HLR/AUC of the home network.
  • step S202 Using the encryption and decryption module, encrypt the MMS data by using the CK obtained in step S201 as an encryption factor.
  • the sending terminal constructs the MMS PDU by using the encrypted MMS data
  • the sending terminal sends the encrypted MMS data to the network side MMSC, and the process ends.
  • FIG. 3 is a flowchart of constructing MMS data by an MMSC according to an embodiment of the present invention. As shown in FIG. 3, the steps of constructing MMS data by the MMSC are as follows:
  • the MMSC receives the MMS data sent by the sending terminal.
  • step S301 Determine, according to the encrypted indication field of the HEADER of the MMS PDU in the received MMS data, whether the currently received MMS data is encrypted MMS data. If yes, go to step S302, otherwise go to step S306.
  • S302 Obtain the transmitting terminal CK and the receiving terminal CK from the HLR/AUC through the MM5 interface extension between the MMSC and the HLR/AUC.
  • S304 Re-encrypt the decrypted MMS data by using the encryption and decryption module by using the receiving terminal CK as an encryption factor.
  • S305 Send the re-encrypted MMS data to the receiving terminal, and the process ends.
  • FIG. 4 is a flowchart of constructing MMS data by a receiving terminal according to an embodiment of the present invention. As shown in FIG. 4, the steps of constructing MMS data by the receiving terminal are as follows:
  • the receiving terminal receives the MMS data sent by the MMSC.
  • S402 Obtain a current valid CK from the local USIM, where the CK is obtained by an algorithm by using a RAND and a root key KI of the receiving terminal as an operation factor, where the RAND is sent to the receiving process during the authentication process of the receiving terminal when the signaling connection is established.
  • the random number of the terminal, KI is a security key shared by the USIM and the HLR/AUC of the home network.
  • S403 Using the encryption and decryption module, the CK obtained by S402 is used as a decryption factor, and the received re-encrypted MMS data is decrypted, and the process ends.
  • FIG. 5 is a schematic structural diagram of a system for encrypting an MMS according to an embodiment of the present invention. As shown in FIG. 5, the system includes: a transmitting terminal 1, an MMSC2, a receiving terminal 3, and an HLR/AUC4.
  • the transmitting terminal 1 is configured to encrypt the MMS data by using the encryption/decryption module by using the CK of the transmitting terminal 1 as an encryption factor, and send the encrypted MMS data to the network side MMSC2.
  • the transmitting terminal 1 includes an encryption and decryption module for performing encryption/decryption of MMS data.
  • the encryption and decryption module obtains the encryption factor CK from the USIM, and determines whether to encrypt and transmit the MMS data according to the agreed rule. If it is encrypted transmission, the corresponding encryption indication field is added in the HEADER of the MMS PDU, and the encrypted MMS data is sent to the MMSC2. If it is a non-encrypted transmission, the MMS data is directly sent to the MMSC2.
  • the CK of the transmitting terminal 1 is obtained by an algorithm calculation by the RAND and the root key KI of the transmitting terminal 1 as an operation factor, which is variable with RAND.
  • RAND is the random number sent to the transmitting terminal 1 during the authentication process of the network to the transmitting terminal 1 when the signaling connection is established
  • KI is a security key shared by the USIM and the HLR/AUC of the home network.
  • the MMSC2 also includes an encryption and decryption module. After receiving the MMS data sent by the transmitting terminal 1, first, the encrypted identifier field of the HEADER of the MMS PDU is identified. If the MMS data is encrypted data, the CK of the transmitting terminal 1 is acquired from the HLR/AUC4. And using the CK of the transmitting terminal 1 as a decryption factor to decrypt the encrypted MMS data by using the encryption/decryption module, and then acquiring the CK of the receiving terminal 3 from the HLR/AUC4, and decrypting the encryption/decryption module using the CK of the receiving terminal 3 as an encryption factor.
  • the MMS data is re-encrypted, and the re-encrypted MMS data is transmitted to the receiving terminal 3.
  • the MMSC 2 can also acquire the CK of the receiving terminal 3 and the CK of the transmitting terminal 1 from the HLR/AUC4.
  • the receiving terminal 3 After receiving the re-encrypted MMS data sent by the MMSC2, the receiving terminal 3 decrypts the re-encrypted MMS data by using the CK of the receiving terminal 3 as a decryption factor.
  • the CK of the receiving terminal 3 is obtained by an algorithm calculation by the RAND and the root key KI of the receiving terminal 3 as an operation factor, which is variable with RAND.
  • RAND is the random number sent to the receiving terminal 3 during the authentication process of the receiving terminal 3 when the signaling connection is established
  • KI is a security key shared by the USIM and the HLR/AUC of the home network.
  • the present invention implements an encrypted MMS by using a CK variable CK as an encryption and decryption factor by adding corresponding hardware and software to the receiving terminal, the transmitting terminal, and the network side MMSC, and the key is Highly protected, it is not shared between the receiving terminal and the transmitting terminal, making the encrypted MMS highly confidential.
  • the hardware encryption and decryption module can be provided by a third party, embedded in the terminal and the network device, and is responsible for encrypting and decrypting the MMS data. In this way, the network, the terminal equipment provider, and the operator cannot steal the encrypted MMS, and the encryption factor is different each time, which makes it more difficult to crack from the wireless transmission environment.
  • the present invention utilizes the network side MMSC and CK to participate in adding and decrypting, which makes the implementation process more convenient.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A method and system for encrypting a Multimedia Message Service (MMS) are provided in the present invention. The method includes that a transmission terminal encrypts MMS data by adopting a Cipher Key (CK) of the transmission terminal, and transmits the encrypted MMS data to a Multimedia Message Service Center (MMSC) at a network side; after receiving the encrypted MMS data from the transmission terminal, the MMSC at the network side decrypts the received encrypted MMS data by adopting the CK of the transmission terminal, and then re-encrypts the decrypted MMS data by adopting a CK of a reception terminal, and transmits the re-encrypted MMS data to the reception terminal. In the present invention, the MMSC at the network side participates in the procedure of encryption and decryption and performs encryption and decryption by using the CK, thus the problem that the MMS is easy to be stolen and decrypted is resolved and the problem that biggish inconvenience exists in the implementation procedure as in an encryption and decryption technique based on a public key and private key, it is needed to allocate the public key and private key in advance and a electronic authentication part is needed is resolved.

Description

一种加密 MMS的方法及*** 技术领域  Method and system for encrypting MMS
本发明涉及加解密技术领域, 特别涉及一种加密 MMS ( Multimedia Message Service, 多媒体短信服务) 的方法和***。 背景技术  The present invention relates to the field of encryption and decryption technology, and in particular, to a method and system for encrypting MMS (Multimedia Message Service). Background technique
数据业务是第三代移动通信技术发展的重点, MMS是最重要的数据业 务之一, 其商业价值越来越高, 产业链也越来越大, 在应用上基本完全普 及到了每一个用户,故受到用户和运营商的高度关注, 因此 MMS的保密性 和安全性也越来越受到关注。  Data service is the focus of the development of the third generation of mobile communication technology. MMS is one of the most important data services. Its commercial value is getting higher and higher, the industrial chain is getting bigger and bigger, and it is basically fully popularized to every user in application. Therefore, it is highly concerned by users and operators, so the confidentiality and security of MMS are also receiving more and more attention.
目前大部分情况下,用户所发送的 MMS数据以明文的形式传输,并且 以明文的形式在服务器端緩存, 非常容易被第三方窃取, 无法达到传递机 密信息的目的。  At present, in most cases, the MMS data sent by the user is transmitted in plain text and cached in the form of plain text on the server side. It is very easy to be stolen by a third party and cannot achieve the purpose of transmitting confidential information.
现在,有技术提出基于公钥体系的加密方法和装置,对 MMS进行加密 传输。  Now, there are technologies that propose encryption methods and devices based on public key systems to encrypt and transmit MMS.
如申请号为 CN200810170689.7, 发明名称为 "移动终端及其数据业务 消息的保护方法" 的专利申请, 该申请提供一种移动终端及其数据业务消 息的保护方法, 其主要特征是使用公钥、 私钥体系进行加密。 具体为: 1、 接收发送端发送的用私钥证书加密的数据业务消息, 所述数据业务消息的 信息头中包含所述发送端的设备身份标识码; 2、 根据所述设备身份标识码 查找是否具有所述发送端的公钥证书, 如果有, 则用该公钥证书解密所述 数据业务消息。  For example, the application number is CN200810170689.7, and the invention is entitled "Patent Application for Protection of Mobile Terminals and Their Data Service Messages", which provides a method for protecting a mobile terminal and its data service message, the main feature of which is to use a public key. , private key system for encryption. Specifically: 1. receiving a data service message that is sent by the sender and encrypted by using a private key certificate, where the information header of the data service message includes the device identity code of the sender; 2. searching according to the device identity code. A public key certificate having the sender, if any, decrypting the data service message with the public key certificate.
如申请号为 CN200810089191.8, 发明名称为 "彩信加密的方法及收发 加密彩信的移动终端" 的专利申请同样也^^于公钥体系的方法, 具体为: 1、 移动终端 A使用 B的公钥将彩信加密得到密文; 2、 移动终端 A将密文 发送给移动终端 B; 3、 移动终端 B利用自己的私钥解密密文得到彩信。 For example, the application number is CN200810089191.8, and the patent application whose invention name is "MMS encryption method and mobile terminal for transmitting and receiving encrypted MMS" is also the method of the public key system, specifically: 1. The mobile terminal A uses the public key of B to encrypt the multimedia message to obtain the ciphertext; 2. The mobile terminal A sends the ciphertext to the mobile terminal B; 3. The mobile terminal B decrypts the ciphertext by using its private key to obtain the multimedia message.
上述两项专利申请的不同是, 一个使用接收方公钥加密, 一个使用发 送方私钥加密, 各自的解密自然也是私钥或者公钥。 虽然二者有所不同, 但是都是基于公钥体系, 所以其缺点相似, 且缺点在于: 基于公钥、 私钥 安全体系, 公钥、 私钥需要预先分配, 且还需要一个电子签证机关负责公 钥证书的发放和有效性验证, 因此虽然可以保证安全性, 但是在实施过程 中存在较大的不便。 发明内容  The difference between the above two patent applications is that one uses the recipient's public key encryption and one uses the sender's private key to encrypt, and the respective decryption is naturally also a private key or a public key. Although the two are different, they are all based on the public key system, so their shortcomings are similar, and the disadvantages are: Based on the public key and private key security system, the public key and private key need to be pre-allocated, and an electronic visa authority is required. The issuance and validity verification of the public key certificate, although the security can be ensured, there is a great inconvenience in the implementation process. Summary of the invention
本发明的目的在于提供一种加密 MMS 的方法和***, 能更好地解决 MMS易被窃取、 易被破解的问题, 以及基于公钥私钥加解密技术需要预先 分配公钥、 私钥且需要一个电子签证机关而导致的实施过程存在较大不便 的问题。  The object of the present invention is to provide a method and system for encrypting an MMS, which can better solve the problem that the MMS is easily stolen and easily cracked, and the public key private key encryption and decryption technology needs to pre-allocate the public key and the private key and needs The implementation process caused by an electronic visa authority has a large inconvenience.
根据本发明的一个方面, 提供了一种加密 MMS的方法, 该方法包括: 发送终端利用发送终端密钥 CK对 MMS数据进行加密,并将加密 MMS 数据发送给网络侧 MMSC; 以及  According to an aspect of the present invention, a method for encrypting an MMS is provided, the method comprising: the transmitting terminal encrypting the MMS data by using the transmitting terminal key CK, and transmitting the encrypted MMS data to the network side MMSC;
MMSC收到加密 MMS数据后,利用发送终端 CK对加密 MMS数据进 行解密, 再利用接收终端 CK对解密的 MMS数据进行再加密, 并将再加密 After receiving the encrypted MMS data, the MMSC decrypts the encrypted MMS data by using the transmitting terminal CK, and then re-encrypts the decrypted MMS data by using the receiving terminal CK, and then re-encrypts
MMS数据发送给接收终端。 The MMS data is sent to the receiving terminal.
优选地 , MMSC从网络侧数据中心获取发送终端 CK和接收终端 CK。 优选地, 网络侧数据中心是归属位置寄存器 /鉴权中心 (HLR/AUC )。 优选地, 网络侧 MMSC从 HLR/AUC中同时获取发送终端 CK和接收 终端 CK, 或者分别获取发送终端 CK和接收终端 CK。  Preferably, the MMSC acquires the transmitting terminal CK and the receiving terminal CK from the network side data center. Preferably, the network side data center is a home location register/authentication center (HLR/AUC). Preferably, the network side MMSC acquires the transmitting terminal CK and the receiving terminal CK from the HLR/AUC simultaneously, or acquires the transmitting terminal CK and the receiving terminal CK, respectively.
优选地, 发送终端 CK和接收终端 CK是可变的。  Preferably, the transmitting terminal CK and the receiving terminal CK are variable.
优选地, 加密 MMS数据是 MMS协议数据单元 ( MMS PDU ) 的主体 ( BODY )部分或者是 MMS PDU的 BODY中的关键数据。 Preferably, the encrypted MMS data is the body of the MMS protocol data unit (MMS PDU) The (BODY) part is the key data in the BODY of the MMS PDU.
优选地, 在发送终端加密 MMS数据之前, 所述方法还包括: 发送终端 选择是否加密发送 MMS。  Preferably, before the sending terminal encrypts the MMS data, the method further includes: the sending terminal selecting whether to encrypt the sending MMS.
进一步地,所述方法还包括: 所述接收终端收到所述再加密 MMS数据 后, 利用接收终端 CK对所述再加密 MMS数据进行解密。  Further, the method further includes: after receiving the re-encrypted MMS data, the receiving terminal decrypts the re-encrypted MMS data by using the receiving terminal CK.
根据本发明的另一方面, 提供了一种加密 MMS的***, 该***包括: 发送终端, 用于利用发送终端密钥 CK对 MMS数据进行加密, 并将加密 MMS数据发送给网络侧 MMSC; MMSC, 用于在收到加密 MMS数据后, 利用发送终端 CK对加密 MMS数据进行解密,再利用接收终端 CK对解密 的 MMS数据进行再加密, 并将再加密 MMS数据发送给接收终端。  According to another aspect of the present invention, a system for encrypting an MMS is provided, the system comprising: a transmitting terminal, configured to encrypt MMS data by using a sending terminal key CK, and send the encrypted MMS data to a network side MMSC; And after receiving the encrypted MMS data, decrypting the encrypted MMS data by using the sending terminal CK, and then re-encrypting the decrypted MMS data by using the receiving terminal CK, and transmitting the re-encrypted MMS data to the receiving terminal.
优选地, MMSC进一步用于从网络侧数据中心获取发送终端 CK和接 收终端 CK。  Preferably, the MMSC is further configured to acquire the transmitting terminal CK and the receiving terminal CK from the network side data center.
优选地, 发送终端进一步用于选择是否加密发送 MMS数据。  Preferably, the transmitting terminal is further configured to select whether to encrypt and transmit the MMS data.
进一步地,所述接收终端用于收到所述再加密 MMS数据后,利用接收 终端 CK对所述再加密 MMS数据进行解密。  Further, after receiving the re-encrypted MMS data, the receiving terminal decrypts the re-encrypted MMS data by using the receiving terminal CK.
与现有技术相比,本发明的有益效果在于:釆用网络侧 MMSC参与加、 解密过程并使用 CK对 MMS加、 解密, 从而使 MMS在传输、 储存过程中 不易被第三方窃取、 破解, 并且使加解密的实施过程比较方便。 附图说明  Compared with the prior art, the invention has the beneficial effects that: the network side MMSC participates in the adding and decrypting process and uses the CK to add and decrypt the MMS, so that the MMS is not easily stolen and cracked by the third party during the transmission and storage process. And the implementation process of encryption and decryption is more convenient. DRAWINGS
图 1是本发明提供的加密 MMS的方法的流程图;  1 is a flow chart of a method for encrypting an MMS provided by the present invention;
图 2是本发明实施例提供的发送终端构建 MMS数据的流程图; 图 3是本发明实施例提供的 MMSC构建 MMS数据的流程图; 图 4是本发明实施例提供的接收终端构建 MMS数据的流程图; 图 5是本发明实施例提供的加密 MMS的***的结构示意图。 具体实施方式 2 is a flowchart of constructing MMS data by a transmitting terminal according to an embodiment of the present invention; FIG. 3 is a flowchart of constructing MMS data by an MMSC according to an embodiment of the present invention; FIG. 4 is a flowchart of constructing MMS data by a receiving terminal according to an embodiment of the present invention; FIG. 5 is a schematic structural diagram of a system for encrypting an MMS according to an embodiment of the present invention. detailed description
以下结合附图对本发明的优选实施例进行详细说明, 应当理解, 以下 所说明的优选实施例仅用于说明和解释本发明, 并不用于限定本发明。  The preferred embodiments of the present invention are described in detail below with reference to the accompanying drawings.
图 1是本发明提供的加密 MMS的方法的流程图,如图 1所示,该方法 包括以下几个步骤:  1 is a flow chart of a method for encrypting an MMS provided by the present invention. As shown in FIG. 1, the method includes the following steps:
S101 : 发送终端利用发送终端 CK ( cipher key, 加密性密钥)对 MMS 数据进行加密, 并将加密 MMS数据发送给网络侧 MMSC ( MULTIMEDIA MESSAGE SERVICE CENTER , 多媒体短信服务中心)。  S101: The sending terminal encrypts the MMS data by using a sending terminal CK (cipher key), and sends the encrypted MMS data to a network side MMSC (MULT MEDIA MESSAGE SERVICE CENTER).
发送终端使用自己的 CK作为加密因子利用加解密模块对 MMS数据进 行加密, 并在 MMS PDU ( PROTOCOL DATA UNIT, 协议数据单元) 的 HEADER (报头 )中加入相应加密标示字段, 并将加密 MMS数据发送给网 络侧 MMSC。  The transmitting terminal uses its own CK as an encryption factor to encrypt the MMS data by using the encryption and decryption module, and adds a corresponding encryption indication field to the HEADER of the MMS PDU (Protocol DATA UNIT), and transmits the encrypted MMS data. Give the network side MMSC.
其中,加密 MMS数据是 MMS PDU的主体( BODY )部分或者是 MMS PDU的 BODY中的关键数据。  The encrypted MMS data is the main body (BODY) part of the MMS PDU or the key data in the BODY of the MMS PDU.
S102: 网络侧 MMSC收到发送终端的加密 MMS数据后, 利用发送终 端 CK对接收到的加密 MMS数据进行解密,再利用接收终端 CK对解密的 MMS数据进行再加密, 并将再加密 MMS数据发送给接收终端。  S102: After receiving the encrypted MMS data of the sending terminal, the MMSC on the network side decrypts the received encrypted MMS data by using the sending terminal CK, and then re-encrypts the decrypted MMS data by using the receiving terminal CK, and sends the re-encrypted MMS data. To the receiving terminal.
MMSC对收到的 MMS PDU的 HEADER中加密标示字段进行识别,判 断是否是加密 MMS数据, 如果是, 则从 HLR/AUC ( HOME LOCATION REGISTER/AUTHENTICATION CENTER, 归属位置寄存器 /鉴权中心) 中 获取发送终端 CK和接收终端 CK, 先将发送终端 CK作为解密因子使用加 解密模块对加密 MMS数据进行解密,再将接收终端 CK作为加密因子使用 加解密模块对 MMS进行再加密,然后将再加密 MMS数据发送给接收终端。  The MMSC identifies the encrypted indication field in the HEADER of the received MMS PDU to determine whether it is encrypted MMS data, and if so, obtains and transmits from the HLR/AUC (HOME LOCATION REGISTER/AUTHENTICATION CENTER, Home Location Register/Authentication Center) The terminal CK and the receiving terminal CK first decrypt the encrypted MMS data using the encryption and decryption module as the decryption factor, and then use the encryption and decryption module as the encryption factor to re-encrypt the MMS, and then re-encrypt the MMS data. Send to the receiving terminal.
图 2是本发明实施例提供的发送终端构建 MMS数据的流程图,如图 2 所示, 发送终端构建并发送 MMS数据的步骤如下: S200:发送终端选择是否加密发送 MMS数据,如果发送终端选择加密 发送, 则执行步骤 S201 , 否则执行步骤 S205。 2 is a flowchart of constructing MMS data by a transmitting terminal according to an embodiment of the present invention. As shown in FIG. 2, the steps of the transmitting terminal constructing and transmitting MMS data are as follows: S200: The sending terminal selects whether to encrypt and send the MMS data, if the sending terminal selects the encrypted sending, step S201 is performed, otherwise step S205 is performed.
S201 : 发送终端从本地 USIM ( Universal Subscriber Identity Module, 全球用户识别卡)中获取当前有效 CK, CK由 RAND和发送终端的根密钥 KI作为运算因子通过算法计算获得,其中 RAND是在信令连接建立时网络 对发送终端的认证过程中发给发送终端的随机数, KI是 USIM和归属网络 的 HLR/AUC共享的一个安全密钥。  S201: The sending terminal obtains the current valid CK from the local USIM (Universal Subscriber Identity Module), and the CK is obtained by an algorithm calculated by the RAND and the root key KI of the sending terminal, where RAND is in the signaling connection. The random number sent to the transmitting terminal during the authentication process of the network to the transmitting terminal at the time of establishment, and the KI is a security key shared by the USIM and the HLR/AUC of the home network.
S202: 利用加解密模块, 将步骤 S201 获取的 CK作为加密因子, 对 MMS数据进行加密。  S202: Using the encryption and decryption module, encrypt the MMS data by using the CK obtained in step S201 as an encryption factor.
S203 : 发送终端使用加密后的 MMS 数据构建 MMS PDU , 并在 S203: The sending terminal constructs the MMS PDU by using the encrypted MMS data, and
HEADER中添加相应的加密标示字段。 Add the corresponding encrypted label field to the HEADER.
S204: 发送终端向网络侧 MMSC发送加密 MMS数据, 流程结束。 S204: The sending terminal sends the encrypted MMS data to the network side MMSC, and the process ends.
S205: 进行非加密 MMS数据构建流程。 S205: Perform a non-encrypted MMS data construction process.
图 3是本发明实施例提供的 MMSC构建 MMS数据的流程图, 如图 3 所示, MMSC构建 MMS数据的步骤如下:  FIG. 3 is a flowchart of constructing MMS data by an MMSC according to an embodiment of the present invention. As shown in FIG. 3, the steps of constructing MMS data by the MMSC are as follows:
S300: MMSC接收发送终端发送的 MMS数据;  S300: The MMSC receives the MMS data sent by the sending terminal.
S301 : 根据收到的 MMS数据中的 MMS PDU的 HEADER的加密标示 字段判断当前收到的 MMS数据是否为加密 MMS数据, 如果是, 则执行步 骤 S302, 否则执行步骤 S306。  S301: Determine, according to the encrypted indication field of the HEADER of the MMS PDU in the received MMS data, whether the currently received MMS data is encrypted MMS data. If yes, go to step S302, otherwise go to step S306.
S302: 通过 MMSC和 HLR/AUC之间 MM5接口扩展, 从 HLR/AUC 获取发送终端 CK和接收终端 CK。  S302: Obtain the transmitting terminal CK and the receiving terminal CK from the HLR/AUC through the MM5 interface extension between the MMSC and the HLR/AUC.
S303: 使用发送终端 CK作为解密因子, 利用加解密模块对收到的加 密 MMS数据进行解密。  S303: Using the sending terminal CK as a decryption factor, decrypting the received encrypted MMS data by using the encryption and decryption module.
S304:使用接收终端 CK作为加密因子,利用加解密模块对解密的 MMS 数据进行再加密。 S305: 将再加密 MMS数据发送到接收终端, 流程结束。 S304: Re-encrypt the decrypted MMS data by using the encryption and decryption module by using the receiving terminal CK as an encryption factor. S305: Send the re-encrypted MMS data to the receiving terminal, and the process ends.
S306: 进行非加密 MMS数据处理流程。  S306: Perform a non-encrypted MMS data processing process.
图 4是本发明实施例提供的接收终端构建 MMS数据的流程图,如图 4 所示, 接收终端构建 MMS数据的步骤如下:  4 is a flowchart of constructing MMS data by a receiving terminal according to an embodiment of the present invention. As shown in FIG. 4, the steps of constructing MMS data by the receiving terminal are as follows:
S400: 接收终端接收 MMSC发送的 MMS数据。  S400: The receiving terminal receives the MMS data sent by the MMSC.
S401 : 根据收到的 MMS数据中的 MMS PDU的 HEADER的加密标示 字段判断当前接收到的 MMS 数据是否为加密数据, 如果是, 则执行步骤 S402 , 否则执行步骤 S404。  S401: Determine, according to the encrypted indication field of the HEADER of the MMS PDU in the received MMS data, whether the currently received MMS data is encrypted data, and if yes, execute step S402; otherwise, execute step S404.
S402: 从本地 USIM获取当前有效 CK, 该 CK由 RAND和接收终端 的根密钥 KI作为运算因子通过算法计算获得,其中 RAND是在信令连接建 立时网络对接收终端的认证过程中发给接收终端的随机数, KI是 USIM和 归属网络的 HLR/AUC共享的一个安全密钥。  S402: Obtain a current valid CK from the local USIM, where the CK is obtained by an algorithm by using a RAND and a root key KI of the receiving terminal as an operation factor, where the RAND is sent to the receiving process during the authentication process of the receiving terminal when the signaling connection is established. The random number of the terminal, KI is a security key shared by the USIM and the HLR/AUC of the home network.
S403: 利用加解密模块, 将 S402获取的 CK作为解密因子, 对接收到 的再加密 MMS数据进行解密, 流程结束。  S403: Using the encryption and decryption module, the CK obtained by S402 is used as a decryption factor, and the received re-encrypted MMS data is decrypted, and the process ends.
S404: 进行非加密 MMS数据构建流程。  S404: Perform a non-encrypted MMS data construction process.
图 5是本发明实施例提供的加密 MMS 的***的结构示意图, 如图 5 所示, 该***包括: 发送终端 1、 MMSC2、 接收终端 3和 HLR/AUC4。  FIG. 5 is a schematic structural diagram of a system for encrypting an MMS according to an embodiment of the present invention. As shown in FIG. 5, the system includes: a transmitting terminal 1, an MMSC2, a receiving terminal 3, and an HLR/AUC4.
发送终端 1 ,用于使用发送终端 1的 CK作为加密因子利用加解密模块 对 MMS数据进行加密, 并将加密 MMS数据发送给网络侧 MMSC2。 发送 终端 1包含加解密模块,所述加解密模块用于完成 MMS数据的加密 /解密。 加解密模块从 USIM中获取加密因子 CK,按照约定规则判断是否加密发送 MMS数据, 如果是加密发送, 则在 MMS PDU的 HEADER中添加相应的 加密标示字段, 并将加密 MMS数据发送给 MMSC2。 如果是非加密发送, 则直接将 MMS数据发送给 MMSC2。发送终端 1的 CK由 RAND和发送终 端 1的根密钥 KI作为运算因子通过算法计算获得, 是随着 RAND可变的。 其中 RAND是在信令连接建立时网络对发送终端 1的认证过程中发给发送 终端 1的随机数, KI是 USIM和归属网络的 HLR/AUC共享的一个安全密 钥。 The transmitting terminal 1 is configured to encrypt the MMS data by using the encryption/decryption module by using the CK of the transmitting terminal 1 as an encryption factor, and send the encrypted MMS data to the network side MMSC2. The transmitting terminal 1 includes an encryption and decryption module for performing encryption/decryption of MMS data. The encryption and decryption module obtains the encryption factor CK from the USIM, and determines whether to encrypt and transmit the MMS data according to the agreed rule. If it is encrypted transmission, the corresponding encryption indication field is added in the HEADER of the MMS PDU, and the encrypted MMS data is sent to the MMSC2. If it is a non-encrypted transmission, the MMS data is directly sent to the MMSC2. The CK of the transmitting terminal 1 is obtained by an algorithm calculation by the RAND and the root key KI of the transmitting terminal 1 as an operation factor, which is variable with RAND. Where RAND is the random number sent to the transmitting terminal 1 during the authentication process of the network to the transmitting terminal 1 when the signaling connection is established, and KI is a security key shared by the USIM and the HLR/AUC of the home network.
MMSC2也包含加解密模块, 在收到发送终端 1发送的 MMS数据后, 首先对 MMS PDU的 HEADER的加密标示字段进行识别, 如果 MMS数据 是加密数据, 则从 HLR/AUC4获取发送终端 1的 CK, 并使用发送终端 1 的 CK作为解密因子利用加解密模块对加密 MMS数据进行解密, 然后从 HLR/AUC4获取接收终端 3的 CK,并使用接收终端 3的 CK作为加密因子 利用加解密模块对解密的 MMS数据进行再加密,再将再加密 MMS数据发 送给接收终端 3。 MMSC2也可以从 HLR/AUC4 —次性地获取接收终端 3 的 CK和发送终端 1的 CK。  The MMSC2 also includes an encryption and decryption module. After receiving the MMS data sent by the transmitting terminal 1, first, the encrypted identifier field of the HEADER of the MMS PDU is identified. If the MMS data is encrypted data, the CK of the transmitting terminal 1 is acquired from the HLR/AUC4. And using the CK of the transmitting terminal 1 as a decryption factor to decrypt the encrypted MMS data by using the encryption/decryption module, and then acquiring the CK of the receiving terminal 3 from the HLR/AUC4, and decrypting the encryption/decryption module using the CK of the receiving terminal 3 as an encryption factor. The MMS data is re-encrypted, and the re-encrypted MMS data is transmitted to the receiving terminal 3. The MMSC 2 can also acquire the CK of the receiving terminal 3 and the CK of the transmitting terminal 1 from the HLR/AUC4.
接收终端 3收到 MMSC2发送的再加密 MMS数据后, 用接收终端 3 的 CK作为解密因子, 对再加密 MMS数据进行解密。 接收终端 3的 CK由 RAND和接收终端 3的根密钥 KI作为运算因子通过算法计算获得,是随着 RAND可变的。 其中 RAND是在信令连接建立时网络对接收终端 3的认证 过程中发给接收终端 3的随机数, KI是 USIM和归属网络的 HLR/AUC共 享的一个安全密钥。  After receiving the re-encrypted MMS data sent by the MMSC2, the receiving terminal 3 decrypts the re-encrypted MMS data by using the CK of the receiving terminal 3 as a decryption factor. The CK of the receiving terminal 3 is obtained by an algorithm calculation by the RAND and the root key KI of the receiving terminal 3 as an operation factor, which is variable with RAND. Where RAND is the random number sent to the receiving terminal 3 during the authentication process of the receiving terminal 3 when the signaling connection is established, and KI is a security key shared by the USIM and the HLR/AUC of the home network.
综上所述, 本发明通过在接收终端、 发送终端和网络侧 MMSC中添加 相应的硬件和软件, 利用随着 RAND可变的 CK作为加解密因子实现加密 MMS, 且在传输过程中密钥被高度保护起来, 在接收终端和发送终端之间 不共享,使得加密 MMS具有高度机密性。硬件加解密模块可以由第三方提 供,嵌入终端及网络设备中, 负责对 MMS数据进行加解密运算。这样网络、 终端设备商和运营商都无法对加密 MMS 进行窃取, 且加密因子每次都不 同, 更加大了从无线传输环境中进行破解的难度。 另外, 本发明利用网络 侧 MMSC和 CK来参与加、 解密, 使得实施过程更加方便。 尽管上文对本发明进行了详细说明, 但是本发明不限于此, 本技术领 域技术人员可以根据本发明的原理进行各种修改。 因此, 凡按照本发明原 理所作的修改, 都应当理解为落入本发明的保护范围。 In summary, the present invention implements an encrypted MMS by using a CK variable CK as an encryption and decryption factor by adding corresponding hardware and software to the receiving terminal, the transmitting terminal, and the network side MMSC, and the key is Highly protected, it is not shared between the receiving terminal and the transmitting terminal, making the encrypted MMS highly confidential. The hardware encryption and decryption module can be provided by a third party, embedded in the terminal and the network device, and is responsible for encrypting and decrypting the MMS data. In this way, the network, the terminal equipment provider, and the operator cannot steal the encrypted MMS, and the encryption factor is different each time, which makes it more difficult to crack from the wireless transmission environment. In addition, the present invention utilizes the network side MMSC and CK to participate in adding and decrypting, which makes the implementation process more convenient. Although the invention has been described in detail above, the invention is not limited thereto, and various modifications may be made by those skilled in the art in accordance with the principles of the invention. Therefore, modifications made in accordance with the principles of the invention should be construed as falling within the scope of the invention.

Claims

权利要求书 Claim
1、 一种加密 MMS的方法, 其特征在于, 所述方法包括:  A method for encrypting an MMS, the method comprising:
发送终端利用发送终端密钥 CK对多媒体短信服务 MMS数据进行加 密 , 并将加密 MMS数据发送给网络侧多媒体短信服务中心 MMSC; 以及 The transmitting terminal encrypts the MMS data of the multimedia short message service by using the sending terminal key CK, and sends the encrypted MMS data to the MMSC of the network side multimedia short message service center;
MMSC收到所述加密 MMS数据后 ,利用发送终端 CK对所述加密 MMS 数据进行解密, 再利用接收终端 CK对解密的 MMS数据进行再加密, 并将 再加密 MMS数据发送给接收终端。 After receiving the encrypted MMS data, the MMSC decrypts the encrypted MMS data by using the transmitting terminal CK, and then re-encrypts the decrypted MMS data by using the receiving terminal CK, and transmits the re-encrypted MMS data to the receiving terminal.
2、 根据权利要求 1所述的方法, 其特征在于, 所述 MMSC从网络侧 数据中心获取发送终端 CK和接收终端 CK。  The method according to claim 1, wherein the MMSC acquires the transmitting terminal CK and the receiving terminal CK from the network side data center.
3、 根据权利要求 2所述的方法, 其特征在于, 所述网络侧数据中心是 归属位置寄存器 /鉴权中心 HLR/AUC。  3. The method according to claim 2, wherein the network side data center is a home location register/authentication center HLR/AUC.
4、 根据权利要求 3 所述的方法, 其特征在于, 网络侧 MMSC 从 HLR/AUC中同时获取发送终端 CK和接收终端 CK, 或者分别获取发送终 端 CK和接收终端 CK。  The method according to claim 3, wherein the network side MMSC acquires the transmitting terminal CK and the receiving terminal CK from the HLR/AUC simultaneously, or acquires the transmitting terminal CK and the receiving terminal CK, respectively.
5、 根据权利要求 1所述的方法, 其特征在于, 所述发送终端 CK和接 收终端 CK是可变的。  The method according to claim 1, characterized in that the transmitting terminal CK and the receiving terminal CK are variable.
6、 根据权利要求 1所述的方法, 其特征在于, 所述加密 MMS数据是 MMS协议数据单元 MMS PDU的主体 BODY部分或者是 MMS PDU的 BODY中的关键数据。  The method according to claim 1, wherein the encrypted MMS data is a main BODY part of an MMS protocol data unit MMS PDU or a key data in a BODY of an MMS PDU.
7、 根据权利要求 1所述的方法, 其特征在于, 在发送终端加密 MMS 数据之前, 所述方法还包括: 发送终端选择是否加密发送 MMS。  The method according to claim 1, wherein before the sending terminal encrypts the MMS data, the method further comprises: the sending terminal selecting whether to encrypt the transmitting MMS.
8、 根据权利要求 1所述的方法, 其特征在于, 所述方法还包括: 所述 接收终端收到所述再加密 MMS数据后, 利用接收终端 CK对所述再加密 MMS数据进行解密。  The method according to claim 1, wherein the method further comprises: after receiving the re-encrypted MMS data, the receiving terminal decrypts the re-encrypted MMS data by using the receiving terminal CK.
9、 一种加密 MMS的***, 其特征在于, 所述***包括: 发送终端, 用于利用发送终端密钥 CK对 MMS数据进行加密, 并将加 密 MMS数据发送给网络侧 MMSC; 以及 9. A system for encrypting an MMS, the system comprising: a transmitting terminal, configured to encrypt the MMS data by using the sending terminal key CK, and send the encrypted MMS data to the network side MMSC;
MMSC, 用于在收到发送终端的加密 MMS数据后, 利用发送终端 CK 对收到的加密 MMS数据进行解密, 再利用接收终端 CK对解密的 MMS数 据进行再加密, 并将再加密 MMS数据发送给接收终端。  The MMSC is configured to: after receiving the encrypted MMS data of the transmitting terminal, decrypt the received encrypted MMS data by using the sending terminal CK, and then re-encrypt the decrypted MMS data by using the receiving terminal CK, and send the re-encrypted MMS data. To the receiving terminal.
10、 根据权利要求 9所述的***, 其特征在于, 所述 MMSC进一步用 于从网络侧数据中心获取发送终端 CK和接收终端 CK。  The system according to claim 9, wherein the MMSC is further configured to acquire the transmitting terminal CK and the receiving terminal CK from the network side data center.
11、 根据权利要求 9 所述的***, 其特征在于, 发送终端进一步用于 选择是否加密发送 MMS数据。  The system according to claim 9, wherein the transmitting terminal is further configured to select whether to encrypt and transmit the MMS data.
12、 根据权利要求 9所述的***, 其特征在于, 所述接收终端用于收 到所述再加密 MMS数据后, 利用接收终端 CK对所述再加密 MMS数据进 行解密。  The system according to claim 9, wherein the receiving terminal is configured to decrypt the re-encrypted MMS data by using the receiving terminal CK after receiving the re-encrypted MMS data.
PCT/CN2011/072762 2010-12-09 2011-04-14 Method and system for encrypting multimedia message service WO2012075761A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201010581440.2A CN102036194B (en) 2010-12-09 2010-12-09 Method and system for encrypting MMS
CN201010581440.2 2010-12-09

Publications (1)

Publication Number Publication Date
WO2012075761A1 true WO2012075761A1 (en) 2012-06-14

Family

ID=43888373

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2011/072762 WO2012075761A1 (en) 2010-12-09 2011-04-14 Method and system for encrypting multimedia message service

Country Status (2)

Country Link
CN (1) CN102036194B (en)
WO (1) WO2012075761A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104301102B (en) * 2013-07-19 2019-03-15 ***通信集团北京有限公司 Widget communication means, apparatus and system
CN104680073A (en) * 2013-11-29 2015-06-03 联芯科技有限公司 Security method and device for data in mobile communication terminal
CN106162622A (en) * 2015-04-09 2016-11-23 中兴通讯股份有限公司 A kind of method realizing data process and terminal
CN110311985A (en) * 2019-07-09 2019-10-08 晏保华 Information synchronization system, method and device between a kind of cloud storage gateway

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003134105A (en) * 2001-10-26 2003-05-09 Hitachi Eng Co Ltd Method and apparatus for transmitting and receiving encrypted message
CN1859087A (en) * 2005-12-30 2006-11-08 华为技术有限公司 Key consulting method and its system for customer end and server
CN101242264A (en) * 2008-02-01 2008-08-13 深圳华为通信技术有限公司 Data transmission method, device and system and mobile terminal
CN101340443A (en) * 2008-08-28 2009-01-07 中国电信股份有限公司 Session key negotiating method, system and server in communication network

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8195205B2 (en) * 2004-05-06 2012-06-05 Telecommunication Systems, Inc. Gateway application to support use of a single internet address domain for routing messages to multiple multimedia message service centers

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003134105A (en) * 2001-10-26 2003-05-09 Hitachi Eng Co Ltd Method and apparatus for transmitting and receiving encrypted message
CN1859087A (en) * 2005-12-30 2006-11-08 华为技术有限公司 Key consulting method and its system for customer end and server
CN101242264A (en) * 2008-02-01 2008-08-13 深圳华为通信技术有限公司 Data transmission method, device and system and mobile terminal
CN101340443A (en) * 2008-08-28 2009-01-07 中国电信股份有限公司 Session key negotiating method, system and server in communication network

Also Published As

Publication number Publication date
CN102036194A (en) 2011-04-27
CN102036194B (en) 2014-09-10

Similar Documents

Publication Publication Date Title
CN101340443B (en) Session key negotiating method, system and server in communication network
JP5307191B2 (en) System and method for secure transaction of data between a wireless communication device and a server
CN103338437B (en) The encryption method of a kind of mobile instant message and system
WO2010078755A1 (en) Method and system for transmitting electronic mail, wlan authentication and privacy infrastructure (wapi) terminal thereof
CN110087240B (en) Wireless network security data transmission method and system based on WPA2-PSK mode
WO2009155781A1 (en) Method and system of transmitting the encrypted information
JP2013502782A (en) Method, device, and network system for negotiating encryption information
EP1025675A2 (en) Security of data connections
WO2012024906A1 (en) Mobile communication system and voice call encryption method thereof
CN101909290A (en) Method, system and mobile terminal for encrypting voice call
TW201417546A (en) Instant messaging method and system
WO2010124482A1 (en) Method and system for implementing secure forking calling session in ip multi-media subsystem
CN112671710B (en) Security encryption device based on national cryptographic algorithm, bidirectional authentication and encryption method
CN103167494B (en) Method for sending information and system
WO2012129929A1 (en) Method, system and appararus for secure transmission of media message
WO2012075761A1 (en) Method and system for encrypting multimedia message service
CN101420687B (en) Identity verification method based on mobile terminal payment
JP4924943B2 (en) Authenticated key exchange system, authenticated key exchange method and program
CN112019553B (en) Data sharing method based on IBE/IBBE
CN112291196B (en) End-to-end encryption method and system suitable for instant messaging
JP2006262425A (en) Mutual authentication on network by public key cryptosystem, and mutual exchange system of public key
TW202301830A (en) Encryption system and encryption method for group instant massaging
AU2012311701B2 (en) System and method for the safe spontaneous transmission of confidential data over unsecure connections and switching computers
WO2010069102A1 (en) Moblie terminal, cipher key transmission method, decrypt method and secrecy communication realizing method
JP2005051368A (en) Communication apparatus, base station apparatus and communication system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11846759

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11846759

Country of ref document: EP

Kind code of ref document: A1