[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

TWI789635B - Electronic device and method for encrypted communication - Google Patents

Electronic device and method for encrypted communication Download PDF

Info

Publication number
TWI789635B
TWI789635B TW109134109A TW109134109A TWI789635B TW I789635 B TWI789635 B TW I789635B TW 109134109 A TW109134109 A TW 109134109A TW 109134109 A TW109134109 A TW 109134109A TW I789635 B TWI789635 B TW I789635B
Authority
TW
Taiwan
Prior art keywords
sub
cloud server
registered
unregistered
key
Prior art date
Application number
TW109134109A
Other languages
Chinese (zh)
Other versions
TW202215813A (en
Inventor
吳祖進
蔡維新
Original Assignee
大宏數創意股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 大宏數創意股份有限公司 filed Critical 大宏數創意股份有限公司
Priority to TW109134109A priority Critical patent/TWI789635B/en
Publication of TW202215813A publication Critical patent/TW202215813A/en
Application granted granted Critical
Publication of TWI789635B publication Critical patent/TWI789635B/en

Links

Images

Landscapes

  • Communication Control (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

An electronic device includes a cloud server, a registered sub-device, and an unregistered sub-device. The registered sub-device executes an application, so that the registered sub-device can establish a communication channel with the cloud server. The registered sub-device receives an address from the cloud server through the communication channel. The unregistered sub-device receives the address from the registered sub-device. When the unregistered sub-device is connected to the cloud server through the address, the cloud server sends an authentication message to the registered sub-device, so that the registered sub-device can perform identity authentication on the unregistered sub-device. When the registered sub-device approves the identity authentication of the unregistered sub-device, the cloud server establishes the communication channel with the unregistered sub-device, so that the registered sub-device can perform an encrypted communication with the unregistered sub-device through the cloud server.

Description

用於加密通訊的電子裝置及方法Electronic device and method for encrypted communication

本發明係有關於一電子裝置,特別係有關於用於加密通訊的電子裝置及方法。The present invention relates to an electronic device, in particular to an electronic device and method for encrypted communication.

大多數的即時訊息服務(例如,交友通訊應用程式)都要求發送者和接收者都必須在其服務上註冊一個帳號,以便發送者和接收者可以彼此發現並創建安全的通訊通道。現今的使用習慣中,使用者更加不願意安裝新的應用程式。如果兩個使用者沒有共同的即時訊息應用程式,則彼此係無法進行安全通訊。Most instant messaging services (eg, dating and messaging apps) require both the sender and receiver to register an account on their service so that the sender and receiver can discover each other and create a secure communication channel. In today's usage habits, users are even more reluctant to install new applications. If two users do not have a common instant messaging application, they cannot communicate securely with each other.

依據本發明實施例之電子裝置,包括一雲端伺服器、一已註冊子裝置,及一未註冊子裝置。雲端伺服器驗證至少一子裝置是否已註冊。已註冊子裝置執行一應用程式,使得已註冊子裝置得以與雲端伺服器建立一通訊通道。已註冊子裝置透過通訊通道,從雲端伺服器接收一網址。未註冊子裝置透過其他通訊管道從已註冊子裝置接收網址。當未註冊子裝置透過瀏覽器造訪網址而與雲端伺服器相連線時,雲端伺服器傳送一驗證訊息予已註冊子裝置,使得已註冊子裝置得以對未註冊子裝置執行身分驗證。當已註冊子裝置核准未註冊子裝置的身分驗證,雲端伺服器建立與未註冊子裝置之間的通訊通道,使得已註冊子裝置可透過雲端伺服器與未註冊子裝置進行一加密通訊。An electronic device according to an embodiment of the present invention includes a cloud server, a registered sub-device, and an unregistered sub-device. The cloud server verifies whether at least one sub-device is registered. The registered sub-device executes an application program, so that the registered sub-device can establish a communication channel with the cloud server. The registered sub-device receives a URL from the cloud server through the communication channel. The unregistered child device receives the URL from the registered child device through other communication channels. When the unregistered sub-device connects to the cloud server by visiting the website through the browser, the cloud server sends a verification message to the registered sub-device, so that the registered sub-device can perform identity verification on the unregistered sub-device. When the registered sub-device approves the identity verification of the unregistered sub-device, the cloud server establishes a communication channel with the unregistered sub-device, so that the registered sub-device can conduct an encrypted communication with the unregistered sub-device through the cloud server.

如上所述之電子裝置,其中,已註冊子裝置執行應用程式而產生一第一公開金鑰及一第一私密金鑰,並且透過通訊通道將第一公開金鑰傳送予雲端伺服器。雲端伺服器透過第一公開金鑰確認該已註冊子裝置的身分。The above electronic device, wherein the registered sub-device executes the application program to generate a first public key and a first private key, and transmits the first public key to the cloud server through the communication channel. The cloud server confirms the identity of the registered child device through the first public key.

如上所述之電子裝置,其中,網址為一統一資源定位符(uniform resource locator:URL)。驗證訊息為一雙因素驗證(two-factor authentication)。The above electronic device, wherein the URL is a uniform resource locator (uniform resource locator: URL). The verification message is a two-factor authentication.

如上所述之電子裝置,其中,當雲端伺服器傳送驗證訊息予已註冊子裝置時,已註冊子裝置產生一驗證使用者介面(UI) ,或透過對該已註冊子裝置及/或該雲端伺服器的設定,該已註冊子裝置可在收到該驗證訊息時自動授權。The electronic device as above, wherein, when the cloud server sends a verification message to the registered sub-device, the registered sub-device generates a verification user interface (UI), or through the registered sub-device and/or the cloud Server settings, the registered sub-device can be automatically authorized when receiving the verification message.

如上所述之電子裝置,其中,當未註冊子裝置透過網址而與雲端伺服器相連線時,未註冊子裝置產生一第二公開金鑰及一第二私密金鑰,並且將第二公開金鑰傳送予雲端伺服器。The above-mentioned electronic device, wherein, when the unregistered sub-device is connected to the cloud server through the website, the unregistered sub-device generates a second public key and a second private key, and publishes the second public key The key is sent to the cloud server.

如上所述之電子裝置,其中,加密通訊包括:已註冊子裝置以第一私密金鑰及第二公開金鑰對欲傳送的一資料進行加密;未註冊子裝置以第二私密金鑰及第一公開金鑰對欲傳送的資料進行解密。The above-mentioned electronic device, wherein the encrypted communication includes: the registered sub-device encrypts a data to be transmitted with the first private key and the second public key; the unregistered sub-device encrypts the data to be transmitted with the second private key and A public key decrypts the data to be transmitted.

如上所述之電子裝置,其中,加密通訊更包括:已註冊子裝置產生一進階加密標準(advance encryption standard:AES)鑰匙;已註冊子裝置以AES鑰匙對欲傳送的一資料進行加密;已註冊子裝置以該第一私密金鑰及第二公開金鑰產生一共享密鑰(shared secret),並且以共享密鑰對AES鑰匙進行加密;未註冊子裝置以第二私密金鑰及第一公開金鑰對AES鑰匙進行解密;未註冊子裝置以AES鑰匙對已接收的資料進行解密。The above-mentioned electronic device, wherein the encrypted communication further includes: the registered sub-device generates an advanced encryption standard (advance encryption standard: AES) key; the registered sub-device encrypts a data to be transmitted with the AES key; The registered sub-device uses the first private key and the second public key to generate a shared secret (shared secret), and encrypts the AES key with the shared secret; the unregistered sub-device uses the second private key and the first The public key decrypts the AES key; the unregistered sub-device uses the AES key to decrypt the received data.

如上所述之電子裝置,其中,當已註冊子裝置與未註冊子裝置進行加密通訊的持續時間大於一閾值,則雲端伺服器切斷加密通訊。In the above-mentioned electronic device, when the duration of the encrypted communication between the registered sub-device and the unregistered sub-device is greater than a threshold, the cloud server cuts off the encrypted communication.

依據本發明實施例之加密通訊的方法,適用於透過一雲端伺服器進行一加密通訊的一已註冊子裝置及一未註冊子裝置,包括:已註冊子裝置執行一應用程式,使得已註冊子裝置得以與雲端伺服器建立一通訊通道;雲端伺服器傳送一網址予已註冊子裝置;已註冊子裝置傳送網址予該未註冊子裝置;當未註冊子裝置透過網址而與雲端伺服器相連線,雲端伺服器傳送一驗證訊息予已註冊子裝置,使得已註冊子裝置得以對未註冊子裝置執行一身分驗證;當已註冊子裝置核准未註冊子裝置的身分驗證,雲端伺服器建立與未註冊子裝置之間的通訊通道,使得已註冊子裝置可透過雲端伺服器與未註冊子裝置進行加密通訊。The encrypted communication method according to the embodiment of the present invention is applicable to a registered sub-device and an unregistered sub-device performing an encrypted communication through a cloud server, including: the registered sub-device executes an application program, so that the registered sub-device The device can establish a communication channel with the cloud server; the cloud server sends a URL to the registered sub-device; the registered sub-device sends the URL to the unregistered sub-device; when the unregistered sub-device is connected to the cloud server through the URL line, the cloud server sends a verification message to the registered sub-device, so that the registered sub-device can perform an identity verification on the unregistered sub-device; when the registered sub-device approves the identity verification of the unregistered sub-device, the cloud server establishes The communication channel between unregistered sub-devices enables registered sub-devices to conduct encrypted communication with unregistered sub-devices through the cloud server.

本發明係參照所附圖式進行描述,其中遍及圖式上的相同參考數字標示了相似或相同的元件。上述圖式並沒有依照實際比例大小描繪,其僅僅提供對本發明的說明。一些發明的型態描述於下方作為圖解示範應用的參考。這意味著許多特殊的細節,關係及方法被闡述來對這個發明提供完整的了解。無論如何,擁有相關領域通常知識的人將認識到若沒有一個或更多的特殊細節或用其他方法,此發明仍然可以被實現。以其他例子來說,眾所皆知的結構或操作並沒有詳細列出以避免對這發明的混淆。本發明並沒有被闡述的行為或事件順序所侷限,如有些行為可能發生在不同的順序亦或同時發生在其他行為或事件之下。此外,並非所有闡述的行為或事件都需要被執行在與現有發明相同的方法之中。The present invention is described with reference to the accompanying drawings, wherein like reference numerals designate similar or identical elements throughout. The above drawings are not drawn according to actual scale, and they are only provided to illustrate the present invention. Some aspects of the invention are described below as references to illustrate exemplary applications. This means that numerous specific details, relationships and methods are set forth to provide a complete understanding of the invention. However, one having ordinary knowledge in the relevant art will recognize that the invention can still be practiced without one or more of the specific details or otherwise. In other instances, well-known structures or operations are not listed in detail to avoid obscuring the invention. The invention is not limited by the illustrated acts or sequence of events, as some acts may occur in a different order or concurrently with other acts or events. Furthermore, not all recited acts or events need be performed in the same manner as a prior invention.

第1圖為本發明實施例之電子裝置100及其建立通訊通道的示意圖。如第1圖所示,電子裝置100包括一雲端伺服器102、一已註冊子裝置104,及一未註冊子裝置106。在一些實施例中,雲端伺服器102儲存有一註冊用戶清單,用以標記及驗證與其連線的至少一子裝置是否已註冊。FIG. 1 is a schematic diagram of an electronic device 100 and its establishment of a communication channel according to an embodiment of the present invention. As shown in FIG. 1 , the electronic device 100 includes a cloud server 102 , a registered sub-device 104 , and an unregistered sub-device 106 . In some embodiments, the cloud server 102 stores a registered user list for marking and verifying whether at least one sub-device connected to it is registered.

舉例來說,已註冊子裝置104係會(例如以識別碼的方式)出現在雲端伺服器102的註冊用戶清單中。相反地,未註冊子裝置106由於尚未註冊,因此並不會出現在雲端伺服器102的註冊用戶清單中。換句話說,對於雲端伺服器102來說,未註冊子裝置106係為未經驗證的用戶,因此無法一開始就在已註冊子裝置104及未註冊子裝置106之間建立一通訊通道,導致已註冊子裝置104及未註冊子裝置106彼此之間無法進行加密通訊。For example, the registered sub-device 104 will appear in the registered user list of the cloud server 102 (for example, in the form of an identification code). On the contrary, the unregistered sub-device 106 will not appear in the registered user list of the cloud server 102 because it has not been registered yet. In other words, for the cloud server 102, the unregistered sub-device 106 is an unauthenticated user, so it is impossible to establish a communication channel between the registered sub-device 104 and the unregistered sub-device 106 at the beginning, resulting in The registered sub-device 104 and the unregistered sub-device 106 cannot conduct encrypted communication with each other.

在一些實施例中,已註冊子裝置104及未註冊子裝置106不同之處在於,已註冊子裝置104已經安裝關聯於雲端伺服器102的應用程式,但未註冊子裝置106尚未安裝關聯於雲端伺服器102的應用程式。關聯於雲端伺服器102的應用程式係可使得至少一子裝置可透過無線網路連線至雲端伺服器102。舉例來說,當已註冊子裝置104執行關聯於雲端伺服器102的應用程式時,已註冊子裝置104可連線至雲端伺服器102。雲端伺服器102識別已註冊子裝置104已出現在其註冊用戶清單中,因此雲端伺服器102在其自身及已註冊子裝置104之間建立一通訊通道110。In some embodiments, the difference between the registered sub-device 104 and the unregistered sub-device 106 is that the registered sub-device 104 has installed the application program associated with the cloud server 102, but the unregistered sub-device 106 has not installed the application program associated with the cloud server 102. The application program of the server 102. The application program associated with the cloud server 102 can enable at least one sub-device to connect to the cloud server 102 through the wireless network. For example, when the registered sub-device 104 executes an application associated with the cloud server 102 , the registered sub-device 104 can connect to the cloud server 102 . The cloud server 102 recognizes that the registered sub-device 104 has appeared in its registered user list, so the cloud server 102 establishes a communication channel 110 between itself and the registered sub-device 104 .

在一些實施例中,當已註冊子裝置104執行關聯於雲端伺服器102的應用程式時,已註冊子裝置104透過關聯於雲端伺服器102的應用程式,產生一第一公開金鑰及一第一私密金鑰,並且連線至雲端伺服器102。已註冊子裝置104傳送第一公開金鑰予雲端伺服器102。In some embodiments, when the registered sub-device 104 executes the application program associated with the cloud server 102, the registered sub-device 104 generates a first public key and a first public key through the application program associated with the cloud server 102. A private key, and connected to the cloud server 102. The registered sub-device 104 sends the first public key to the cloud server 102 .

在一些實施例中,當雲端伺服器102在其註冊用戶清單中找到相同於第一公開金鑰的資訊時,雲端伺服器102確定已註冊子裝置104為已註冊的用戶,因此在其自身及已註冊子裝置104之間建立通訊通道110。在一些實施例中,已註冊子裝置104及未註冊子裝置106可為筆記型電腦、智慧型手機、平板電腦,但本發明不限於此。In some embodiments, when the cloud server 102 finds the same information as the first public key in its registered user list, the cloud server 102 determines that the registered sub-device 104 is a registered user, and therefore, among itself and A communication channel 110 is established between the registered sub-devices 104 . In some embodiments, the registered sub-device 104 and the unregistered sub-device 106 can be a notebook computer, a smart phone, or a tablet computer, but the invention is not limited thereto.

之後,雲端伺服器102透過通道110傳送關聯於雲端伺服器102的一網址112予已註冊子裝置104。在一些實施例中,網址112可為與雲端伺服器102相連線的連結網址,例如一統一資源定位符(uniform resource locator:URL)。再者,已註冊子裝置104透過一通訊界面114分享來自雲端伺服器102的網址112予未註冊子裝置106。Afterwards, the cloud server 102 sends a URL 112 associated with the cloud server 102 to the registered sub-device 104 through the channel 110 . In some embodiments, the URL 112 can be a URL connected to the cloud server 102 , such as a uniform resource locator (URL). Furthermore, the registered sub-device 104 shares the URL 112 from the cloud server 102 to the unregistered sub-device 106 through a communication interface 114 .

在一些實施例中,舉例來說,已註冊子裝置104可透過簡訊、其他通訊軟體(例如 LINE應用程式、WECHAT應用程式)將關聯於雲端伺服器102的網址112傳送給未註冊子裝置106,但本發明不限於此。當未註冊子裝置106的使用者點擊關聯於雲端伺服器102的網址112(例如透過網頁瀏覽器),未註冊子裝置106可透過網址112的導向,而與雲端伺服器102相連線,並且按下登入鍵後,向雲端伺服器102提出一通訊請求116。In some embodiments, for example, the registered sub-device 104 can send the URL 112 associated with the cloud server 102 to the unregistered sub-device 106 through SMS or other communication software (such as LINE application program, WECHAT application program), But the present invention is not limited thereto. When the user of the unregistered sub-device 106 clicks on the website 112 associated with the cloud server 102 (for example, through a web browser), the unregistered sub-device 106 can connect to the cloud server 102 through the guidance of the website 112, and After pressing the login button, a communication request 116 is made to the cloud server 102 .

在一些實施例中,當未註冊子裝置106透過網址112與雲端伺服器102相連線時,未註冊子裝置106會產生一第二公開金鑰及一第二私密金鑰。未註冊子裝置106將第二公開金鑰傳送予雲端伺服器102(例如透過通訊請求116)。當雲端伺服器102收到來自未註冊子裝置106的通訊請求116及第二公開金鑰時,雲端伺服器102記錄下第二公開金鑰,並且以第二公開金鑰進行註冊。In some embodiments, when the unregistered sub-device 106 is connected to the cloud server 102 through the website 112 , the unregistered sub-device 106 will generate a second public key and a second private key. The unregistered child device 106 transmits the second public key to the cloud server 102 (for example, through the communication request 116 ). When the cloud server 102 receives the communication request 116 and the second public key from the unregistered sub-device 106, the cloud server 102 records the second public key and registers with the second public key.

換句話說,未註冊子裝置106的第二公開金鑰係會出現在雲端伺服器102的註冊用戶清單中。接著,雲端伺服器102會傳送一驗證訊息118予已註冊子裝置104。在一些實施例中,驗證訊息118為一雙因素驗證(two-factor authentication)。換句話說,除了由雲端伺服器102透過未註冊子裝置106的第二公開金鑰確認未註冊子裝置106已註冊,還需透過已註冊子裝置104來確認未註冊子裝置106的身分驗證。In other words, the second public key of the unregistered sub-device 106 will appear in the registered user list of the cloud server 102 . Then, the cloud server 102 will send a verification message 118 to the registered sub-device 104 . In some embodiments, the verification message 118 is a two-factor authentication. In other words, in addition to the cloud server 102 confirming that the unregistered sub-device 106 is registered through the second public key of the unregistered sub-device 106 , the identity verification of the unregistered sub-device 106 needs to be confirmed through the registered sub-device 104 .

在一些實施例中,當已註冊子裝置104接收來自雲端伺服器102的驗證訊息118,已註冊子裝置104會依據驗證訊息118產生一驗證使用者介面(user interface:UI)。在一些實施例中,當已註冊子裝置104接收來自雲端伺服器102的驗證訊息118,並且透過設定,已註冊子裝置104及/或雲端伺服器102已經開啟允許一自動授權的功能,因此已註冊子裝置104可在收到驗證訊息118時自動授權,而無需透過已註冊子裝置104的使用者以驗證使用者介面進行確認。第2圖為本發明實施例之第1圖電子裝置100的已註冊子裝置104所產生的一驗證使用者介面200的示意圖。如第2圖所示,驗證使用者介面200包括一訊息視窗202、一按鍵圖標204,及一按鍵圖標206。在一些實施例中,訊息視窗202係顯示驗證使用者介面200係用於「驗證訊息」,並且詢問已註冊子裝置104的使用者「是否核准」未註冊子裝置106的身分驗證。In some embodiments, when the registered sub-device 104 receives the verification message 118 from the cloud server 102 , the registered sub-device 104 generates a verification user interface (user interface: UI) according to the verification message 118 . In some embodiments, when the registered sub-device 104 receives the verification message 118 from the cloud server 102, and through the setting, the registered sub-device 104 and/or the cloud server 102 has enabled an automatic authorization function, so it has The registered sub-device 104 can be automatically authorized upon receiving the verification message 118 without confirmation by the user of the registered sub-device 104 through the verification user interface. FIG. 2 is a schematic diagram of a verification user interface 200 generated by the registered sub-device 104 of the electronic device 100 in FIG. 1 according to an embodiment of the present invention. As shown in FIG. 2 , the verification user interface 200 includes a message window 202 , a button icon 204 , and a button icon 206 . In some embodiments, the message window 202 displays that the authentication UI 200 is for a "Verification Message" and asks the user of the registered child device 104 to "Approve" the identity verification of the unregistered child device 106 .

當已註冊子裝置104的使用者核准未註冊子裝置106的身分驗證,則已註冊子裝置104的使用者按下按鍵圖標204,使得已註冊子裝置104傳送一驗證回覆120予雲端伺服器102。如第1圖所示,當雲端伺服器102從已註冊子裝置104接收到驗證回覆120後,雲端伺服器102在其自身與未註冊子裝置106之間建立一通訊通道122。已註冊子裝置104及未註冊子裝置106遂可透過通訊通道110、通訊通道122,及雲端伺服器102進行加密通訊。When the user of the registered sub-device 104 approves the identity verification of the unregistered sub-device 106, the user of the registered sub-device 104 presses the button icon 204, so that the registered sub-device 104 sends a verification reply 120 to the cloud server 102 . As shown in FIG. 1 , when the cloud server 102 receives the verification reply 120 from the registered sub-device 104 , the cloud server 102 establishes a communication channel 122 between itself and the unregistered sub-device 106 . The registered sub-device 104 and the unregistered sub-device 106 can conduct encrypted communication through the communication channel 110 , the communication channel 122 , and the cloud server 102 .

在第1圖中,愈下方的箭頭表示其發生的時間愈晚。例如,雲端伺服器102傳送網址112給已註冊子裝置104的時間點係晚於雲端伺服器102建立通訊通道110的時間點。未註冊子裝置106透過網址112與雲端伺服器102相連線並傳送通訊請求116的時間點係早於雲端伺服器102傳送驗證訊息118給已註冊子裝置104的時間點。In Figure 1, the lower the arrow indicates the later the occurrence time. For example, the time point when the cloud server 102 transmits the URL 112 to the registered sub-device 104 is later than the time point when the cloud server 102 establishes the communication channel 110 . The time point when the unregistered sub-device 106 connects with the cloud server 102 through the URL 112 and sends the communication request 116 is earlier than the time point when the cloud server 102 sends the verification message 118 to the registered sub-device 104 .

在一些實施例中,為了確保已註冊子裝置104及未註冊子裝置106之間加密通訊的安全性,雲端伺服器102可偵測已註冊子裝置104及未註冊子裝置106之間加密通訊的持續時間。當已註冊子裝置104及未註冊子裝置106之間加密通訊的持續時間大於一閾值(例如5分鐘),則雲端伺服器102可自動切斷已註冊子裝置104及未註冊子裝置106之間的加密通訊,而不需經過已註冊子裝置104及未註冊子裝置106的同意。In some embodiments, in order to ensure the security of the encrypted communication between the registered sub-device 104 and the unregistered sub-device 106, the cloud server 102 can detect the encrypted communication between the registered sub-device 104 and the unregistered sub-device 106 duration. When the duration of the encrypted communication between the registered sub-device 104 and the unregistered sub-device 106 is greater than a threshold (for example, 5 minutes), the cloud server 102 can automatically cut off the communication between the registered sub-device 104 and the unregistered sub-device 106 encrypted communication without the consent of the registered sub-device 104 and the unregistered sub-device 106.

在一些實施例中,當已註冊子裝置104或未註冊子裝置106任一方結束加密通訊,例如已註冊子裝置104的使用者退出與裝置106的對話介面,或未註冊子裝置106的使用者關掉導向網址112的網頁瀏覽器,則雲端伺服器102亦會切斷已註冊子裝置104及未註冊子裝置106之間的加密通訊,用以確保已註冊子裝置104及未註冊子裝置106之間的加密通訊為一次性的加密通訊。In some embodiments, when either the registered sub-device 104 or the unregistered sub-device 106 ends the encrypted communication, for example, the user of the registered sub-device 104 exits the dialog interface with the device 106, or the user of the unregistered sub-device 106 Close the web browser leading to the URL 112, then the cloud server 102 will also cut off the encrypted communication between the registered sub-device 104 and the unregistered sub-device 106 to ensure that the registered sub-device 104 and the unregistered sub-device 106 The encrypted communication between is a one-time encrypted communication.

在一些實施例中,當雲端伺服器102切斷已註冊子裝置104及未註冊子裝置106之間的加密通訊時,原本儲存在註冊用戶清單中的未註冊子裝置106的第二公開金鑰亦會被刪除。在一些實施例中,雲端伺服器102可事先將未註冊子裝置106的第二公開金鑰儲存在註冊用戶清單中的一臨時註冊資料夾。因此,當雲端伺服器102切斷已註冊子裝置104及未註冊子裝置106之間的加密通訊時,雲端伺服器102可直接清空臨時註冊資料夾內的所有資料。In some embodiments, when the cloud server 102 cuts off the encrypted communication between the registered sub-device 104 and the unregistered sub-device 106, the second public key of the unregistered sub-device 106 originally stored in the registered user list will also be deleted. In some embodiments, the cloud server 102 may store the second public key of the unregistered sub-device 106 in a temporary registration folder in the registered user list in advance. Therefore, when the cloud server 102 cuts off the encrypted communication between the registered sub-device 104 and the unregistered sub-device 106, the cloud server 102 can directly clear all the data in the temporary registration folder.

在另一實施例中,當已註冊子裝置104的使用者不核准未註冊子裝置106的身分驗證,則已註冊子裝置104的使用者按下按鍵圖標206,使得已註冊子裝置104傳送另一驗證回覆(未圖示於第1圖中)予雲端伺服器102。當雲端伺服器102接收到另一驗證回覆時,則雲端伺服器不建立其與未註冊子裝置106之間的通訊通道,因此已註冊子裝置104及未註冊子裝置106係無法透過雲端伺服器102進行加密通訊。In another embodiment, when the user of the registered sub-device 104 does not approve the identity verification of the unregistered sub-device 106, the user of the registered sub-device 104 presses the button icon 206, so that the registered sub-device 104 sends another A verification reply (not shown in FIG. 1 ) is sent to the cloud server 102 . When the cloud server 102 receives another verification reply, the cloud server does not establish a communication channel with the unregistered sub-device 106, so the registered sub-device 104 and the unregistered sub-device 106 cannot pass through the cloud server. 102 for encrypted communication.

在一些實施例中,在已註冊子裝置104及未註冊子裝置106透過雲端伺服器102(通訊通道110、122)進行加密通訊的過程中,例如已註冊子裝置104要傳送一資料A給未註冊子裝置106,已註冊子裝置104首先從雲端伺服器102得到未註冊子裝置106的第二公開金鑰。已註冊子裝置104以執行關聯於雲端伺服器102的應用程式所產生的第一私密金鑰及未註冊子裝置106的第二公開金鑰對欲傳送的資料A進行加密,而成為一加密資料A’。加密資料A’係經由通訊通道110,雲端伺服器102,及通訊通道122被傳送至未註冊子裝置106。In some embodiments, during encrypted communication between the registered sub-device 104 and the unregistered sub-device 106 through the cloud server 102 (communication channels 110, 122), for example, the registered sub-device 104 wants to send a data A to the unregistered sub-device To register the sub-device 106 , the registered sub-device 104 first obtains the second public key of the unregistered sub-device 106 from the cloud server 102 . The registered sub-device 104 uses the first private key generated by executing the application program associated with the cloud server 102 and the second public key of the unregistered sub-device 106 to encrypt the data A to be transmitted to become an encrypted data A'. The encrypted data A' is transmitted to the unregistered sub-device 106 through the communication channel 110, the cloud server 102, and the communication channel 122.

同理,未註冊子裝置106亦從雲端伺服器102得到註冊子裝置104的第一公開金鑰。未註冊子裝置106以透過網址與雲端伺服器102相連線時所產生的第二私密金鑰及已註冊子裝置104的第一公開金鑰對加密資料A’進行解密,而得到資料A的內容。上述實施例中所使用的加密/解密方式係為一迪菲-赫爾曼密鑰交換演算法(Diffie-Hellman key exchange algorithm:DH algorithm)。由於迪菲-赫爾曼密鑰交換演算法係為一習知的技術,故本發明不再多加贅述。Similarly, the unregistered sub-device 106 also obtains the first public key of the registered sub-device 104 from the cloud server 102 . The unregistered sub-device 106 decrypts the encrypted data A' with the second private key generated when connecting to the cloud server 102 through the website and the first public key of the registered sub-device 104, and obtains the data A' content. The encryption/decryption method used in the above embodiments is a Diffie-Hellman key exchange algorithm (Diffie-Hellman key exchange algorithm: DH algorithm). Since the Diffie-Hellman key exchange algorithm is a known technology, the present invention will not repeat it here.

在一些實施例中,在已註冊子裝置104及未註冊子裝置106透過雲端伺服器102(通訊通道110、122)進行加密通訊的過程中,例如已註冊子裝置104要傳送一資料B給未註冊子裝置106,已註冊子裝置104產生一進階加密標準(advance encryption standard:AES)鑰匙。已註冊子裝置104以AES鑰匙對資料B進行加密。已註冊子裝置104以自身的第一私密金鑰及未註冊子裝置106的第二公開金鑰產生一共享密鑰(shared secret),並且以共享密鑰對AES鑰匙進行加密,而成為一加密資料B’。加密資料B’係經由通訊通道110,雲端伺服器102,及通訊通道122被傳送至未註冊子裝置106。In some embodiments, during encrypted communication between the registered sub-device 104 and the unregistered sub-device 106 through the cloud server 102 (communication channels 110, 122), for example, the registered sub-device 104 wants to send a data B to the unregistered sub-device Registering the sub-device 106, the registered sub-device 104 generates an advance encryption standard (AES) key. The registered sub-device 104 encrypts the data B with the AES key. The registered sub-device 104 generates a shared secret with its own first private key and the second public key of the unregistered sub-device 106, and encrypts the AES key with the shared secret to become an encrypted Profile B'. The encrypted data B' is transmitted to the unregistered sub-device 106 through the communication channel 110, the cloud server 102, and the communication channel 122.

未註冊子裝置106在收到加密資料B’後,以自身的第二私密金鑰及已註冊子裝置104的第一公開金鑰對AES鑰匙進行解密。最後未註冊子裝置106以AES鑰匙對加密資料B’進行解密,而得到資料B的內容。在一些實施例中,資料A、B可為任何形式的文字訊息、影像訊息、聲音訊息,及VoIP電話等,但本發明不限於此。After receiving the encrypted data B', the unregistered sub-device 106 decrypts the AES key with its second private key and the first public key of the registered sub-device 104. Finally, the unregistered sub-device 106 decrypts the encrypted data B' with the AES key to obtain the content of the data B. In some embodiments, the data A and B can be text messages, video messages, audio messages, and VoIP calls in any form, but the present invention is not limited thereto.

本發明亦提出了一種在具有註冊帳戶的移動應用程式(例如第1圖的已註冊子裝置104)與具有臨時帳戶的網頁瀏覽器(例如第1圖的未註冊子裝置106)之間在建立一次性使用的安全通訊通道的方法。移動應用程式和網路應用程式都分別保護自己所擁有的密鑰。當網路應用程式端登錄時,移動應用程式可執行雙因素驗證(two-factor authentication)以進行授權。The present invention also proposes a method for establishing a connection between a mobile application with a registered account (such as the registered sub-device 104 in FIG. 1 ) and a web browser with a temporary account (such as the unregistered sub-device 106 in FIG. 1 ). A method for a single-use secure communication channel. Both the mobile app and the web app protect their own private keys. When the web application logs in, the mobile application can perform two-factor authentication for authorization.

第3圖為本發明實施例之加密通訊方法的流程圖。本發明的加密通訊的方法係適用於透過一雲端伺服器(例如第1圖的雲端伺服器102)進行一加密通訊的一已註冊子裝置(例如第1圖的已註冊子裝置104)及一未註冊子裝置(例如第1圖的未註冊子裝置106)。如第3圖所示,在步驟S300中,已註冊子裝置104執行一應用程式,使得已註冊子裝置104得以與雲端伺服器102建立一通訊通道(例如第1圖的通訊通道110)。Fig. 3 is a flowchart of an encrypted communication method according to an embodiment of the present invention. The encrypted communication method of the present invention is applicable to a registered sub-device (such as the registered sub-device 104 in Fig. 1) and a registered sub-device (such as the registered sub-device 104 in Fig. An unregistered sub-device (such as the unregistered sub-device 106 in FIG. 1 ). As shown in FIG. 3 , in step S300 , the registered sub-device 104 executes an application program, so that the registered sub-device 104 can establish a communication channel (such as the communication channel 110 in FIG. 1 ) with the cloud server 102 .

接著,在步驟S302中,雲端伺服器102傳送一網址予(例如第1圖的網址112)已註冊子裝置104。在步驟S304中,當未註冊子裝置106透過網址而與雲端伺服器102相連線,雲端伺服器102傳送一驗證訊息(例如第1圖的驗證訊息118)予已註冊子裝置104,使得已註冊子裝置104得以對未註冊子裝置106執行一身分驗證。Next, in step S302 , the cloud server 102 sends a URL to the registered sub-device 104 (for example, the URL 112 in FIG. 1 ). In step S304, when the unregistered sub-device 106 is connected to the cloud server 102 through the URL, the cloud server 102 sends a verification message (for example, the verification message 118 in FIG. 1 ) to the registered sub-device 104, so that the registered sub-device 104 The registered sub-device 104 can perform an identity verification on the unregistered sub-device 106 .

最後,在步驟S306中,當已註冊子裝置104核准未註冊子裝置106的身分驗證,雲端伺服器102建立與未註冊子裝置106之間的通訊通道(例如第1圖的通訊通道122),使得已註冊子裝置104可透過雲端伺服器102與未註冊子裝置106進行加密通訊。Finally, in step S306, when the registered sub-device 104 approves the identity verification of the unregistered sub-device 106, the cloud server 102 establishes a communication channel (such as the communication channel 122 in FIG. 1 ) with the unregistered sub-device 106, The registered sub-device 104 can communicate encrypted with the unregistered sub-device 106 through the cloud server 102 .

雖然本發明的實施例如上述所描述,我們應該明白上述所呈現的只是範例,而不是限制。依據本實施例上述示範實施例的許多改變是可以在沒有違反發明精神及範圍下被執行。因此,本發明的廣度及範圍不該被上述所描述的實施例所限制。While embodiments of the present invention have been described above, it should be understood that the foregoing has been presented by way of example only, and not limitation. Many changes of the above exemplary embodiments according to this embodiment can be implemented without departing from the spirit and scope of the invention. Therefore, the breadth and scope of the present invention should not be limited by the above-described embodiments.

更確切地說,本發明的範圍應該要以以下的申請專利範圍及其相等物來定義。儘管上述發明已被一或多個相關的執行來圖例說明及描繪,等效的變更及修改將被依據上述規格及附圖且熟悉這領域的其他人所想到。此外,儘管本發明的一特別特徵已被相關的多個執行之一所示範,上述特徵可能由一或多個其他特徵所結合,以致於可能有需求及有助於任何已知或特別的應用。Rather, the scope of the present invention should be defined by the following claims and their equivalents. While the above invention has been illustrated and described by one or more pertinent implementations, equivalent alterations and modifications will occur to others skilled in the art in light of the above specification and drawings. Furthermore, although a particular feature of the invention has been demonstrated in relation to one of its implementations, the aforementioned feature may be combined with one or more other features as may be required and useful for any known or particular application .

本說明書所使用的專業術語只是為了描述特別實施例的目的,並不打算用來作為本發明的限制。除非上下文有明確指出不同,如本處所使用的單數型,一、該及上述的意思係也包含複數型。再者,用詞「包括」,「包含」,「(具、備)有」,「設有」,或其變化型不是被用來作為詳細敘述,就是作為申請專利範圍。而上述用詞意思是包含,且在某種程度上意思是等同於用詞「包括」。The terminology used in this specification is for the purpose of describing particular embodiments only, and is not intended to be used as a limitation of the present invention. Unless the context clearly indicates otherwise, as used herein in the singular, the meanings of 1, this and the above also include the plural. Furthermore, the words "comprise", "comprise", "(have, have) have", "have", or their variants are used either as a detailed description or as a scope of patent application. However, the above words are meant to include, and to some extent, are meant to be equivalent to the word "comprising".

除非有不同的定義,所有本文所使用的用詞(包含技術或科學用詞)是可以被屬於上述發明的技術中擁有一般技術的人士做一般地了解。我們應該更加了解到上述用詞,如被定義在眾所使用的字典內的用詞,在相關技術的上下文中應該被解釋為相同的意思。除非有明確地在本文中定義,上述用詞並不會被解釋成理想化或過度正式的意思。Unless otherwise defined, all terms (including technical or scientific terms) used herein can be commonly understood by those having ordinary skill in the art pertaining to the above inventions. We should be more aware that the above terms, such as those defined in commonly used dictionaries, should be interpreted as the same meanings in the context of related technologies. Unless expressly defined herein, the above terms are not to be interpreted in an idealized or overly formal sense.

100:電子裝置 102:雲端伺服器 104:已註冊子裝置 106:未註冊子裝置 110:通訊通道 112:網址 114:通訊界面 116:通訊請求 118:驗證訊息 120:驗證回覆 122:通訊通道 200:驗證使用者介面 202:訊息視窗 204,206:按鍵圖標 S300,S302,S304,S306:步驟 100: Electronic device 102:Cloud server 104:Sub-device registered 106: Unregistered child device 110: communication channel 112: URL 114: Communication interface 116:Communication request 118: Verification message 120: Verification reply 122: Communication channel 200: Validate UI 202: Message window 204,206: button icons S300, S302, S304, S306: steps

第1圖為本發明實施例之電子裝置及其建立通訊通道的示意圖。 第2圖為本發明實施例之第1圖電子裝置的已註冊子裝置所產生的一驗證使用者介面的示意圖。 第3圖為本發明實施例之加密通訊方法的流程圖。 FIG. 1 is a schematic diagram of an electronic device and its establishment of a communication channel according to an embodiment of the present invention. FIG. 2 is a schematic diagram of a verification user interface generated by a registered sub-device of the electronic device in FIG. 1 according to an embodiment of the present invention. Fig. 3 is a flowchart of an encrypted communication method according to an embodiment of the present invention.

100:電子裝置 100: Electronic device

102:雲端伺服器 102:Cloud server

104:已註冊子裝置 104:Sub-device registered

106:未註冊子裝置 106: Unregistered child device

110:通訊通道 110: communication channel

112:網址 112: URL

114:通訊界面 114: Communication interface

116:通訊請求 116:Communication request

118:驗證訊息 118: Verification message

120:驗證回覆 120: Verification reply

122:通訊通道 122: Communication channel

Claims (7)

一種電子裝置,包括:一雲端伺服器,用以驗證至少一子裝置是否已註冊;一已註冊子裝置,執行一應用程式,使得該已註冊子裝置得以與該雲端伺服器建立一通訊通道;並且,透過該通訊通道,從該雲端伺服器接收一網址;一未註冊子裝置,從該已註冊子裝置接收該網址;其中,當該未註冊子裝置透過該網址而與該雲端伺服器相連線,使得該雲端伺服器允許該未註冊子裝置的註冊時,該雲端伺服器傳送一驗證訊息予該已註冊子裝置,使得該已註冊子裝置得以對該未註冊子裝置執行一身分驗證;當該已註冊子裝置核准該未註冊子裝置的該身分驗證,該雲端伺服器建立與該未註冊子裝置之間的該通訊通道,使得該已註冊子裝置可透過該雲端伺服器與該未註冊子裝置進行一加密通訊;其中,該已註冊子裝置執行該應用程式而產生一第一公開金鑰及一第一私密金鑰,並且透過該通訊通道將該第一公開金鑰傳送予該雲端伺服器;其中,當該未註冊子裝置透過該網址而與該雲端伺服器相連線時,該未註冊子裝置產生一第二公開金鑰及一第二私密金鑰,並且將該第二公開金鑰傳送予該雲端伺服器;其中,該加密通訊包括:該已註冊子裝置以該第一私密金鑰及該第二公開金鑰對欲 傳送的一資料進行加密;該未註冊子裝置以該第二私密金鑰及該第一公開金鑰對欲傳送的該資料進行解密;該已註冊子裝置產生一進階加密標準(advance encryption standard:AES)鑰匙;該已註冊子裝置以該AES鑰匙對欲傳送的一資料進行加密;該已註冊子裝置以該第一私密金鑰及該第二公開金鑰產生一共享密鑰(shared secret),並且以該共享密鑰對該AES鑰匙進行加密。 An electronic device, comprising: a cloud server for verifying whether at least one sub-device has been registered; a registered sub-device executing an application program so that the registered sub-device can establish a communication channel with the cloud server; And, through the communication channel, receive a web address from the cloud server; an unregistered sub-device receives the web address from the registered sub-device; wherein, when the unregistered sub-device communicates with the cloud server through the web address connection, so that the cloud server allows the registration of the unregistered sub-device, the cloud server sends a verification message to the registered sub-device, so that the registered sub-device can perform an identity verification on the unregistered sub-device ; When the registered sub-device approves the identity verification of the unregistered sub-device, the cloud server establishes the communication channel with the unregistered sub-device, so that the registered sub-device can communicate with the unregistered sub-device through the cloud server The unregistered sub-device performs an encrypted communication; wherein, the registered sub-device executes the application program to generate a first public key and a first private key, and transmits the first public key to the the cloud server; wherein, when the unregistered sub-device is connected to the cloud server through the website, the unregistered sub-device generates a second public key and a second private key, and the The second public key is sent to the cloud server; wherein, the encrypted communication includes: the registered sub-device uses the first private key and the second public key to Encrypt a data to be transmitted; the unregistered sub-device decrypts the data to be transmitted with the second private key and the first public key; the registered sub-device generates an advanced encryption standard (advance encryption standard : AES) key; the registered sub-device encrypts a data to be transmitted with the AES key; the registered sub-device generates a shared secret with the first private key and the second public key ), and encrypt the AES key with the shared key. 如請求項1所述之電子裝置,其中,該雲端伺服器透過該第一公開金鑰確認該已註冊子裝置的身分。 The electronic device as claimed in claim 1, wherein the cloud server confirms the identity of the registered sub-device through the first public key. 如請求項1所述之電子裝置,其中,該網址為一統一資源定位符(uniform resource locator:URL);該驗證訊息為一雙因素驗證(two-factor authentication)。 The electronic device according to claim 1, wherein the URL is a uniform resource locator (URL); the authentication message is a two-factor authentication. 如請求項1所述之電子裝置,其中,當該雲端伺服器傳送該驗證訊息予該已註冊子裝置時,該已註冊子裝置產生一驗證使用者介面(UI),或透過對該已註冊子裝置及/或該雲端伺服器的設定,該已註冊子裝置可在收到該驗證訊息時自動授權。 The electronic device as described in claim 1, wherein, when the cloud server sends the verification message to the registered sub-device, the registered sub-device generates a verification user interface (UI), or through the registered sub-device The sub-device and/or the setting of the cloud server, the registered sub-device can be automatically authorized when receiving the verification message. 如請求項1所述之電子裝置,其中,該加密通訊更包括:該未註冊子裝置以該第二私密金鑰及該第一公開金鑰對該AES鑰匙進行解密; 該未註冊子裝置以該AES鑰匙對已接收的該資料進行解密。 The electronic device as described in Claim 1, wherein the encrypted communication further includes: the unregistered sub-device uses the second private key and the first public key to decrypt the AES key; The unregistered sub-device decrypts the received data with the AES key. 如請求項1所述之電子裝置,其中,當該已註冊子裝置與該未註冊子裝置進行該加密通訊的持續時間大於一閾值,則該雲端伺服器切斷該加密通訊。 The electronic device according to claim 1, wherein when the encrypted communication between the registered sub-device and the unregistered sub-device lasts longer than a threshold, the cloud server cuts off the encrypted communication. 一種加密通訊的方法,適用於透過一雲端伺服器進行一加密通訊的一已註冊子裝置及一未註冊子裝置,包括:該已註冊子裝置執行一應用程式,使得該已註冊子裝置得以與該雲端伺服器建立一通訊通道;該雲端伺服器傳送一網址予該已註冊子裝置;該已註冊子裝置傳送該網址予該未註冊子裝置;當該未註冊子裝置透過該網址而與該雲端伺服器相連線,使得該雲端伺服器允許該未註冊子裝置的註冊,該雲端伺服器傳送一驗證訊息予該已註冊子裝置,使得該已註冊子裝置得以對該未註冊子裝置執行一身分驗證;當該已註冊子裝置核准該未註冊子裝置的該身分驗證,該雲端伺服器建立與該未註冊子裝置之間的該通訊通道,使得該已註冊子裝置可透過該雲端伺服器與該未註冊子裝置進行該加密通訊;該已註冊子裝置執行該應用程式而產生一第一公開金鑰及一第一私密金鑰,並且透過該通訊通道將該第一公開金鑰傳送予該雲端伺服器;當該未註冊子裝置透過該網址而與該雲端伺服器相連線 時,該未註冊子裝置產生一第二公開金鑰及一第二私密金鑰,並且將該第二公開金鑰傳送予該雲端伺服器;該加密通訊包括:該已註冊子裝置以該第一私密金鑰及該第二公開金鑰對欲傳送的一資料進行加密;該未註冊子裝置以該第二私密金鑰及該第一公開金鑰對欲傳送的該資料進行解密;該已註冊子裝置產生一進階加密標準(advance encryption standard:AES)鑰匙;該已註冊子裝置以該AES鑰匙對欲傳送的一資料進行加密;該已註冊子裝置以該第一私密金鑰及該第二公開金鑰產生一共享密鑰(shared secret),並且以該共享密鑰對該AES鑰匙進行加密。 A method of encrypted communication, applicable to a registered sub-device and an unregistered sub-device performing an encrypted communication through a cloud server, comprising: the registered sub-device executes an application program, so that the registered sub-device can communicate with the registered sub-device The cloud server establishes a communication channel; the cloud server sends a URL to the registered sub-device; the registered sub-device sends the URL to the unregistered sub-device; when the unregistered sub-device communicates with the sub-device through the web address The cloud server is connected to the line so that the cloud server allows the registration of the unregistered sub-device, and the cloud server sends a verification message to the registered sub-device so that the registered sub-device can execute the unregistered sub-device an identity verification; when the registered sub-device approves the identity verification of the unregistered sub-device, the cloud server establishes the communication channel with the unregistered sub-device, so that the registered sub-device can pass through the cloud server The device performs the encrypted communication with the unregistered sub-device; the registered sub-device executes the application program to generate a first public key and a first private key, and transmits the first public key through the communication channel to the cloud server; when the unregistered child device is connected to the cloud server through the URL , the unregistered sub-device generates a second public key and a second private key, and transmits the second public key to the cloud server; the encrypted communication includes: the registered sub-device uses the first A private key and the second public key encrypt a data to be transmitted; the unregistered sub-device uses the second private key and the first public key to decrypt the data to be transmitted; The registered sub-device generates an advanced encryption standard (AES) key; the registered sub-device encrypts a data to be transmitted with the AES key; the registered sub-device uses the first private key and the The second public key generates a shared secret, and encrypts the AES key with the shared secret.
TW109134109A 2020-09-30 2020-09-30 Electronic device and method for encrypted communication TWI789635B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW109134109A TWI789635B (en) 2020-09-30 2020-09-30 Electronic device and method for encrypted communication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW109134109A TWI789635B (en) 2020-09-30 2020-09-30 Electronic device and method for encrypted communication

Publications (2)

Publication Number Publication Date
TW202215813A TW202215813A (en) 2022-04-16
TWI789635B true TWI789635B (en) 2023-01-11

Family

ID=82197280

Family Applications (1)

Application Number Title Priority Date Filing Date
TW109134109A TWI789635B (en) 2020-09-30 2020-09-30 Electronic device and method for encrypted communication

Country Status (1)

Country Link
TW (1) TWI789635B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110028126A1 (en) * 2009-07-31 2011-02-03 Samsung Electronics Co., Ltd. System for managing unregistered terminals with shared authentication information and method thereof
US20140256285A1 (en) * 2013-03-05 2014-09-11 Kt Corporation Providing m2m data to unregistered terminal
US9755825B2 (en) * 2006-12-21 2017-09-05 Bce Inc. Device authentication and secure channel management for peer-to-peer initiated communications

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9755825B2 (en) * 2006-12-21 2017-09-05 Bce Inc. Device authentication and secure channel management for peer-to-peer initiated communications
US20110028126A1 (en) * 2009-07-31 2011-02-03 Samsung Electronics Co., Ltd. System for managing unregistered terminals with shared authentication information and method thereof
US20140256285A1 (en) * 2013-03-05 2014-09-11 Kt Corporation Providing m2m data to unregistered terminal

Also Published As

Publication number Publication date
TW202215813A (en) 2022-04-16

Similar Documents

Publication Publication Date Title
US10554420B2 (en) Wireless connections to a wireless access point
AU2011309758B2 (en) Mobile handset identification and communication authentication
EP2316097B1 (en) Protocol for device to station association
TWI465932B (en) Method of establishing a trust relationship between mobile devices, vehicle system, and cloud services and the mobile device and computer-readable media thereof
WO2016177052A1 (en) User authentication method and apparatus
JP2011530957A (en) Mobile device association
TWI581599B (en) Key generation system, data signature and encryption system and method
CA2829233C (en) Method and system for hypertext transfer protocol digest authentication
US12041452B2 (en) Non-3GPP device access to core network
TW201814547A (en) Electronic device, server, communication system and communication method
JP7564919B2 (en) NON-3GPP DEVICE ACCESS TO CORE NETWORK - Patent application
WO2024139616A1 (en) Signature authentication method and apparatus
TWI789635B (en) Electronic device and method for encrypted communication
KR101660261B1 (en) Method for configuring access point connection information and terminal device for the same
JP2017103710A (en) Program for terminal device authentication, terminal device authentication method, server device and authentication system
KR20150114923A (en) Method for configuring access point connection information and terminal device for the same
JP5940745B2 (en) Mobile instant messaging service method utilizing personal computer
JP6334275B2 (en) Authentication device, authentication method, authentication program, and authentication system
TW202411865A (en) Method for requesting and signing certificate, certificate system and computer-readable medium thereof
TWM640772U (en) Certificate system
Hallsteinsen A study of user authentication using mobile phone