An encryption method, device and storage medium based on a multi-party communication protocol ECDH algorithm

Abstract

The application provides an encryption method, device and storage medium based on an ECDH algorithm multi-party communication protocol, the method comprising: based on the ECDH algorithm, exchanging keys two by two in a communication group, and obtaining a final shared key through n-1 times of key exchange, the key exchange comprising the following steps: each node in the communication selecting a base point; calculating a node private key; calculating each node public key and sending to each sub-node; and each node synthesizing a final shared key, the application uses the key exchange idea in the ECDH algorithm to realize decentralized multi-party communication encryption in the two-by-two key exchange mode in the communication group, is safer, and can help multi-party communication software get rid of the original two-end communication encryption mode, adopt a safer, more reliable and stable decentralized mode, and better ensure that communication information is not stolen, tampered with, damaged and the like in an untrusted network.

Description

Technical Field

[0001] This application relates to the field of computer technology, and in particular to a method, device and storage medium for encryption of a multi-party communication protocol based on the ECDH algorithm. Background Technology

[0002] The internet has been widely used in this new era of social development. While bringing convenience to people's lives and work, its open nature has also given rise to many security risks. Therefore, in the internet environment, information exchange also faces the risk of information leakage.

[0003] The risks of information leakage can be mainly classified into the following categories: content theft (such as the leakage of private personal or group information); content tampering (such as the distortion of information exchanged); and content forgery (such as using another person's identity to publish information).

[0004] Common information theft and sabotage attack methods include: Trojan horse transplantation, application forgery, network packet capture, man-in-the-middle attack (DNS hijacking), and vulnerability discovery.

[0005] In the process of exchanging information on the network, cryptography can ensure information security through encryption (preventing bad actors from obtaining private data), authentication (preventing bad actors from modifying private data without being detected), and authorization (preventing bad actors from impersonating private individuals). Therefore, communication protocols that use more secure encryption algorithms are indispensable in network information exchange.

[0006] Multi-party communication refers to the exchange of information among groups within a network, such as... Figure 1 As shown, information transmission is typically handled by a centralized node. Currently known encrypted communication tools include cross-platform instant messaging software (Telegram), whose communication protocol is primarily based on one-on-one encryption. In untrusted networks, if only a central node is responsible for transmitting key information, the central node becomes a weak link in network security. Once it is attacked or malfunctions, the security of the entire key transmission system will be severely threatened, resulting in poor security.

[0007] In a public-private key encryption system, each entity has a private key. Information encrypted with the private key can be decrypted with the public key, while information encrypted with the public key can only be decrypted with the private key. This is why public-private key signature verification exists. The ECDH protocol is mostly used for encryption of two-end communication and cannot perform multi-end encryption. It cannot guarantee that communication information will not be stolen, tampered with, or destroyed in untrusted networks. Summary of the Invention

[0008] This application discloses a method, device, and storage medium for encrypting a multi-party communication protocol based on the ECDH algorithm.

[0009] In a first aspect, this application discloses a method, device, and storage medium for encrypting a multi-party communication protocol based on the ECDH algorithm, the method comprising:

[0010] Based on the ECDH algorithm, key exchanges are performed pairwise within the communication group, and the final shared key is obtained after n-1 key exchanges.

[0011] The key exchange includes the following steps:

[0012] Each node in the communication selects a base point G;

[0013] Compute node private key;

[0014] Calculate the public key of each node and send it to the other child nodes;

[0015] The nodes synthesize the final shared key.

[0016] According to the method of the first aspect of this application, the node public key is composed of the node private key and the base point, and the shared key is composed of the node private key and a plurality of other node public keys.

[0017] According to the method of the first aspect of this application, the base points of the plurality of nodes are on the same finite field of the same line.

[0018] According to the method of the first aspect of this application, the curve selected in the instant messaging system based on the ECDH algorithm is secp256k1.

[0019] According to the method of the first aspect of this application, when a key exchange is conducted in a communication group, the session between the exchanging parties generates a session identifier so that the two parties to the key exchange can identify and track the session.

[0020] According to the method of the first aspect of this application, inter-group communication is performed by the server.

[0021] According to the method of the first aspect of this application, in an instant messaging system, there are multiple clients participating in the key exchange.

[0022] According to the method of the first aspect of this application, a member is randomly selected from the group to initiate the session.

[0023] In a second aspect, this application discloses an electronic device comprising: a processor; and a memory for storing processor-executable instructions; wherein the processor is configured to perform the method as described in any of the preceding aspects.

[0024] Thirdly, this application discloses a non-transitory computer-readable storage medium that, when the instructions in the storage medium are executed by a processor of an electronic device, enables the electronic device to perform the methods described in any of the preceding aspects.

[0025] The technical solution provided in this application may include the following beneficial effects:

[0026] (1) ECDH is essentially a DH key exchange algorithm based on ECC. Compared with RSA, ECDH has the advantage of using shorter keys to achieve security comparable to or higher than RSA.

[0027] (2) Most multi-party communication software on the market uses two-end encryption or the key is controlled by a third party. This application borrows the idea of ​​key exchange in the ECDH algorithm to achieve decentralized multi-party communication encryption by exchanging keys in pairs in the communication group, which is more secure.

[0028] (3) This application can help multi-party communication software get rid of the original two-end communication encryption mode and adopt a more secure, reliable and stable decentralized mode, which can better ensure that communication information is not stolen, tampered with or destroyed in untrusted networks. Attached Figure Description

[0029] Figure 1 This is a multi-party communication diagram in an untrusted network as described in this application.

[0030] Figure 2 This is a flowchart illustrating the steps of a multi-party communication protocol encryption method based on the ECDH algorithm, as described in this application.

[0031] Figure 3 This is a verification diagram of a multi-party communication protocol encryption method based on the ECDH algorithm of this application.

[0032] Figure 4 This is the flowchart of the DH algorithm.

[0033] Figure 5 This is the flowchart of the ECDH algorithm.

[0034] Figure 6 This is a block diagram of an electronic device according to this application.

[0035] Figure 7 This is a block diagram of a computer-readable storage medium according to this application. Detailed Implementation

[0036] The technical solutions of the embodiments of this application will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of this application, not all embodiments. Based on the embodiments of this application, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of this application.

[0037] Before introducing the encryption method for multi-party communication protocols based on the ECDH algorithm provided in this application, the ECDH algorithm involved in this application will be explained.

[0038] The ECC elliptic curve cryptosystem was proposed by Koblitz and Miller in 1985 and has received high attention from the fields of data, cryptography and computer science worldwide since its inception.

[0039] ECC is a public-key cryptosystem whose security is based on the intractability of discrete logarithms. ECC's advantages include low bandwidth requirements, small storage footprint, and the ability to provide a comparable or higher level of security with a smaller key.

[0040] The commonly used elliptic curve key exchange algorithm (ECDH) and elliptic curve digital signature algorithm (ECDSA) are both based on ECC.

[0041] ECDSA combines public-key cryptography and hash functions to verify the integrity and authenticity of messages. It leverages the difficulty of the discrete logarithm problem on elliptic curves to ensure the security of signatures.

[0042] In ECDSA, the key generation process includes selecting an elliptic curve and base points, and generating a private and public key. The specific steps are as follows:

[0043] First, select an elliptic curve that meets specific mathematical requirements and a base point.

[0044] Second, randomly select a private key, which is a random integer and should be kept secret.

[0045] Third, the public key is calculated using the private key and the base point. The public key is the result of multiplying the private key by the base point and can be exchanged publicly.

[0046] The ECDSA signature generation process involves the following steps:

[0047] 1. Calculate the hash value of the message: Use a secure hash function (such as SHA-256) to hash the message and obtain a message digest.

[0048] 2. Select a random number k: This random number is different for each signature to ensure the uniqueness and security of the signature.

[0049] 3. Calculate the signature value: Use the private key and a random number k to calculate a point R on the elliptic curve, and take the result of the x-coordinate of point R modulo n as r. Then calculate the s value, which is obtained through complex calculations based on r, the message digest, the private key, and the random number k.

[0050] 4. Signature result: The signature pair (r,s) is the final digital signature, which is sent to the recipient along with the original message.

[0051] ECDSA's signature verification process involves the following steps:

[0052] 1. After receiving the message and signature, the recipient uses the sender's public key to verify the signature.

[0053] 2. Hash the received message using the same hash function as the signer to obtain a message digest.

[0054] 3. Check whether the signature pair (r,s) meets certain range conditions.

[0055] 4. Calculate the point R' on the elliptic curve using the public key and the value in the signature pair.

[0056] 5. Verify that the x-coordinate of R' is equal to the r value in the signature. If the verification is successful, it means that the signature is valid, the message has not been tampered with, and the source is genuine; if the verification fails, it means that the signature is invalid.

[0057] ECDH is a variant of the DH algorithm and is essentially a key exchange protocol based on ECC. The decentralized multi-party communication encryption protocol proposed in this application is based on ECDH. A brief description of DH and ECDH is given below.

[0058] The Diffie-Hellman (DH) algorithm is a publicly available public-key algorithm. It is based on a key negotiation mechanism.

[0059] like Figure 4 As shown, instead of generating a single key and encrypting it for the receiver, the sender and receiver jointly generate a private key. This key is shared by both parties. To compute the negotiated key, the sender combines its private key with the receiver's public key. The receiver combines its private key with the sender's public key.

[0060] The DH public key is often referred to as a share because it is the share that one party holds in key negotiation.

[0061] DH uses modular exponentiation, but the modulus is a large prime number (usually referred to as p). This modulus is well-known and must be shared between the sender and the receiver. The sender and the receiver must also share another number called the generator (g). g is chosen such that for any value of Z < P, there exists a w such that g w mod p = Z. Thus, it can "generate" all the numbers from 1 to p - 1. To generate a key, a random number (X) smaller than p is generated, and Y is calculated as Y = g w mod p, where X is the private key and Y is the public key. We will use Xs and Ys to refer to the sender's keys and Xr and Yr to refer to the receiver's keys.

[0062] When calculating the shared key (Z), the sender and the receiver respectively rely on:

[0063] Z = Yr Xs mod p = (g Xr ) Xs mod p = g Xr*Xs mod p

[0064] Z = Ys Xr mod p = (g Xs ) Xr mod p = g Xs*Xr mod p

[0065] To obtain the encryption key.

[0066] ECDH is a DH (Diffie - Hellman) key exchange algorithm based on ECC (elliptic curve crypto - systems). The two parties in the exchange can negotiate a key without sharing any secrets. ECC is a cryptographic system based on the discrete logarithm problem on elliptic curves. Given a point P on an elliptic curve and an integer k, it is easy to solve Q = kP; given points P and Q, finding the integer k such that Q = kP is a difficult problem.

[0067] The key generation process is as follows:

[0068] Suppose the two parties for key exchange are Alice and Bob, and they have shared curve parameters (elliptic curve E, order N, and base point G)

[0069] Alice generates an integer a through a random algorithm, calculates A = a * G, obtaining the ciphertext a on Alice's side. Similarly, Bob generates a random number b and calculates B = b * G to obtain the ciphertext B on Bob's side.

[0070] (2) Alice sends the calculated value of A to Bob. Assuming A is obtained by the enemy, since solving the correspondence between two points given their coordinates is difficult in the elliptic curve discrete logarithm problem, it is impossible to obtain a from A and G. Similarly, Bob sends the calculated value of B to Alice.

[0071] (3) Bob receives A from Alice and calculates Q = b * A.

[0072] (4) Alice receives B from Bob and calculates Q. ′ =a*B, Alice and Bob then obtain Q = b*A = b*(a*G) = (b*a)*G = (a*b)*G,

[0073] Q ′ =a*B=a*(b*G)=(a*b)*G

[0074] It can be seen that Q = Q ′ (Commutative and Associative Laws), meaning that both parties agree on a key Q through negotiation.

[0075] Note that the multiplication in the above algorithm is not algebraic multiplication, but rather a modulo operation based on elliptic curve cryptography. For the specific process, please refer to [reference needed]. Figure 5 .

[0076] As an important component of the ECC public-key cryptosystem, the ECDH algorithm has advantages such as short key length, low computational cost, and strong resistance to attacks, and has been widely used in various scenarios. Versions of the Java Development Kit (JDK) from 1.7 onwards support the ECDH signature algorithm, and many open-source cryptographic libraries also provide excellent support for ECDH.

[0077] Reference Figure 1 The diagram illustrates a flowchart of a multi-party communication protocol encryption method based on the ECDH algorithm of this application. This method can be applied to electronic devices. Specifically, the method may include: exchanging keys in pairs within a communication group based on the ECDH algorithm, and obtaining the final shared key after n-1 key exchanges.

[0078] The key exchange includes the following steps:

[0079] In step S101, each node in the communication selects a base point G;

[0080] In step S102, the node's private key is calculated;

[0081] In step S103, the public key of each node is calculated and sent to the other child nodes;

[0082] In step S104, each node synthesizes the final shared key.

[0083] Imagine there is such a group, which we can consider as a set.

[0084] group = {p1, p2, ..., p n}

[0085] In order to enable the transmission of a message within this group without a centralized node, this application adopts a method of randomly selecting a member from the group to decrypt the messages for secure information transmission.

[0086] To achieve multi-terminal encryption, this application uses ECDH to perform n-1 key exchanges to obtain a shared key S for group chat encryption.

[0087] The proof is as follows:

[0088] For any large integer

[0089] {x1,x2,…,x n}

[0090] exist

[0091]

[0092] That is, the final shared key S is obtained after n-1 key exchanges.

[0093] If three parties need to establish an encrypted channel, the key negotiation process can be simplified to the following steps:

[0094] The first step is to denote k1, k2, and k3 as their respective nodes, and to stipulate that each node selects a common base point G on the same finite field of the same line.

[0095] The second step is to calculate the node's private key.

[0096] The private key of node k1 is d1.

[0097] The private key of node k2 is d2.

[0098] The private key of node k3 is d3.

[0099] The third step is to calculate the public key of each node and send it to the other child nodes.

[0100] The public key of node k1 is H1 = d1G.

[0101] The public key of node k2 is H2 = d2G.

[0102] The public key of node k3 is H3 = d3G.

[0103] The fourth step is for each node to synthesize the final shared key S.

[0104] S=d1H2H3=d2H1H3=d3H1H2

[0105] Example

[0106] like Figure 2 As shown. Assume three users are A, B, and C, and their public-private key pairs are (Pri-a, Pub-a), (Pri-b, Pub-b), and (Pri-c, Pub-c), respectively.

[0107] Step 1: Assume that user A initiates a secret chat, generates a base point G and a session identifier sign, calculates user A's initial private key d1, calculates the public key to obtain H1 = d1G, and sends it to other users.

[0108] Step Two:

[0109] (1) User B receives the base point G and session identifier sign sent by A, user A's initial private key d1, calculates user B's initial private key d2, calculates the public key H2 = d2G, ​​and calculates the shared key S. 12 =d1H2.

[0110] (2) User C receives the base point G and session identifier sign sent by A, user A's initial private key d1, calculates user C's initial private key d3, calculates the public key H3 = d3G, and calculates the shared key S. 13 =d1H3.

[0111] Step 3: User B receives H3 and S sent by C. 13 And the session identifier sign, calculate the shared key S 23 =d2H3 and S=d2S 13 =d1d2H3.

[0112] Step 4: User A receives S sent by B. 23 And the session identifier sign, calculate the shared key S = d1S 23 =d1d2H3.

[0113] Step 5: User C receives S sent by B. 13 And the session identifier sign, calculate the shared key S = d3S 12 =d1d3H2.

[0114] Note: All the communication described above is handled by the server.

[0115] For the aforementioned protocol, the ECDH algorithm selects the secp256k1 curve (the secp256k1 curve is the parameter of the Elliptic Curve Digital Signature Algorithm (ECDSA) used in Bitcoin), implementing a simple instant messaging (IM) system, such as... Figure 3 The image shows the result of 4 client verifications. Theoretically, up to n clients can be enabled. That is, as long as the server's computing resources and network bandwidth allow, any number of clients can exchange keys and communicate.

[0116] The application scenario for this application is:

[0117] 1. IoT communication encryption for blockchain.

[0118] 2. Encryption of network communication in multi-party communication software.

[0119] 3. Encryption of network communication in the AIoT field.

[0120] The embodiments of this application include the following beneficial effects:

[0121] (1) ECDH is essentially a DH key exchange algorithm based on ECC. Compared with RSA, ECDH has the advantage of using shorter keys to achieve security comparable to or higher than RSA.

[0122] (2) Most multi-party communication software on the market uses two-end encryption or the key is controlled by a third party. This application borrows the idea of ​​key exchange in the ECDH algorithm to achieve decentralized multi-party communication encryption by exchanging keys in pairs in the communication group, which is more secure.

[0123] (3) This application can help multi-party communication software get rid of the original two-end communication encryption mode and adopt a more secure, reliable and stable decentralized mode, which can better ensure that communication information is not stolen, tampered with or destroyed in untrusted networks.

[0124] It should be noted that, for the sake of simplicity, the method embodiments are all described as a series of actions. However, those skilled in the art should understand that this application is not limited to the described order of actions, because according to this application, some steps can be performed in other orders or simultaneously. Secondly, those skilled in the art should also understand that the embodiments described in the specification are all optional embodiments, and the actions involved are not necessarily required by this application.

[0125] Optionally, this application also provides an electronic device, including: a processor, a memory, and a computer program stored in the memory and executable on the processor. When the computer program is executed by the processor, it implements the various processes of the above method embodiments and achieves the same technical effect. To avoid repetition, it will not be described again here.

[0126] This application also provides a computer-readable storage medium storing a computer program. When the computer program is executed by a processor, it implements the various processes of the above-described method embodiments and achieves the same technical effects. To avoid repetition, it will not be described again here. The computer-readable storage medium may be a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, etc.

[0127] Figure 6 This is a block diagram illustrating an electronic device 800. For example, the electronic device 800 may be a mobile phone, computer, digital broadcasting terminal, messaging device, game console, tablet device, medical device, fitness equipment, personal digital assistant, etc.

[0128] Reference Figure 6 The electronic device 800 may include one or more of the following components: a processing component 802, a memory 804, a power supply component 806, a multimedia component 808, an audio component 810, an input / output (I / O) interface 812, a sensor component 814, and a communication component 816.

[0129] Processing component 802 typically controls the overall operation of electronic device 800, such as operations associated with display, telephone calls, data communication, camera operation, and recording operations. Processing component 802 may include one or more processors 820 to execute instructions to complete all or part of the steps of the methods described above. Furthermore, processing component 802 may include one or more modules to facilitate interaction between processing component 802 and other components. For example, processing component 802 may include a multimedia module to facilitate interaction between multimedia component 808 and processing component 802.

[0130] Memory 804 is configured to store various types of data to support the operation of device 800. Examples of this data include instructions for any application or method operating on electronic device 800, contact data, phonebook data, messages, images, videos, etc. Memory 804 can be implemented by any type of volatile or non-volatile storage device or a combination thereof, such as static random access memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic storage, flash memory, magnetic disk, or optical disk.

[0131] Power supply component 806 provides power to various components of electronic device 800. Power supply component 806 may include a power management system, one or more power supplies, and other components associated with generating, managing, and distributing power to electronic device 800.

[0132] Multimedia component 808 includes a screen that provides an output interface between the electronic device 800 and the user. In some embodiments, the screen may include a liquid crystal display (LCD) and a touch panel (TP). If the screen includes a touch panel, the screen may be implemented as a touchscreen to receive input signals from the user. The touch panel includes one or more touch sensors to sense touches, swipes, and gestures on the touch panel. The touch sensors may sense not only the boundaries of the touch or swipe action but also the duration and pressure associated with the touch or swipe operation. In some embodiments, multimedia component 808 includes a front-facing camera and / or a rear-facing camera. When the device 800 is in an operating mode, such as a shooting mode or a video mode, the front-facing camera and / or the rear-facing camera may receive external multimedia data. Each front-facing camera and rear-facing camera may be a fixed optical lens system or have focal length and optical zoom capabilities.

[0133] Audio component 810 is configured to output and / or input audio signals. For example, audio component 810 includes a microphone (MIC) configured to receive external audio signals when electronic device 800 is in an operating mode, such as call mode, recording mode, and voice recognition mode. The received audio signals may be further stored in memory 804 or transmitted via communication component 816. In some embodiments, audio component 810 also includes a speaker for outputting audio signals.

[0134] I / O interface 812 provides an interface between processing component 802 and peripheral interface modules, such as keyboards, click wheels, buttons, etc. These buttons may include, but are not limited to, home buttons, volume buttons, power buttons, and lock buttons.

[0135] Sensor assembly 814 includes one or more sensors for providing state assessments of various aspects of electronic device 800. For example, sensor assembly 814 may detect the on / off state of device 800, the relative positioning of components such as the display and keypad of electronic device 800, changes in position of electronic device 800 or a component of electronic device 800, the presence or absence of user contact with electronic device 800, orientation or acceleration / deceleration of electronic device 800, and temperature changes of electronic device 800. Sensor assembly 814 may include a proximity sensor configured to detect the presence of nearby objects without any physical contact. Sensor assembly 814 may also include a light sensor, such as a CMOS or CCD image sensor, for use in imaging applications. In some embodiments, sensor assembly 814 may also include an accelerometer, gyroscope, magnetometer, pressure sensor, or temperature sensor.

[0136] Communication component 816 is configured to facilitate wired or wireless communication between electronic device 800 and other devices. Electronic device 800 can access wireless networks based on communication standards, such as WiFi, carrier networks (such as 2G, 3G, 4G, or 5G), or combinations thereof. In one exemplary embodiment, communication component 816 receives broadcast signals or broadcast operation information from an external broadcast management system via a broadcast channel. In one exemplary embodiment, communication component 816 also includes a near-field communication (NFC) module to facilitate short-range communication. For example, the NFC module may be implemented based on radio frequency identification (RFID) technology, Infrared Data Association (IrDA) technology, ultra-wideband (UWB) technology, Bluetooth (BT) technology, and other technologies.

[0137] In an exemplary embodiment, the electronic device 800 may be implemented by one or more application-specific integrated circuits (ASICs), digital signal processors (DSPs), digital signal processing devices (DSPDs), programmable logic devices (PLDs), field-programmable gate arrays (FPGAs), controllers, microcontrollers, microprocessors, or other electronic components to perform the methods described above.

[0138] In an exemplary embodiment, a non-transitory computer-readable storage medium including instructions is also provided, such as a memory 804 including instructions, which can be executed by a processor 820 of an electronic device 800 to perform the above-described method. For example, the non-transitory computer-readable storage medium may be a ROM, random access memory (RAM), CD-ROM, magnetic tape, floppy disk, and optical data storage device, etc.

[0139] Figure 7This is a block diagram illustrating a computer-readable storage medium 1900. For example, the computer-readable storage medium 1900 can be provided as a server.

[0140] Reference Figure 7 The computer-readable storage medium 1900 includes a processing component 1922, which further includes one or more processors, and a memory resource represented by memory 1932 for storing instructions executable by the processing component 1922, such as an application program. The application program stored in memory 1932 may include one or more modules, each corresponding to a set of instructions. Furthermore, the processing component 1922 is configured to execute instructions to perform the methods described above.

[0141] The computer-readable storage medium 1900 may also include a power supply component 1926 configured to perform power management of the computer-readable storage medium 1900, a wired or wireless network interface 1950 configured to connect the computer-readable storage medium 1900 to a network, and an input / output (I / O) interface 1958. The computer-readable storage medium 1900 can operate on an operating system stored in memory 1932, such as Windows Server™, Mac OS X™, Unix™, Linux™, FreeBSD™, or similar.

[0142] It should be noted that, in this document, the terms "comprising," "including," or any other variations thereof are intended to cover non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements includes not only those elements but also other elements not expressly listed, or elements inherent to such a process, method, article, or apparatus. Unless otherwise specified, an element defined by the phrase "comprising one..." does not exclude the presence of other identical elements in the process, method, article, or apparatus that includes that element.

[0143] Through the above description of the embodiments, those skilled in the art can clearly understand that the methods of the above embodiments can be implemented by means of software plus necessary general-purpose hardware platforms. Of course, they can also be implemented by hardware, but in many cases the former is a better implementation method. Based on this understanding, the technical solution of this application, in essence, or the part that contributes to the prior art, can be embodied in the form of a software product. This computer software product is stored in a storage medium (such as ROM / RAM, magnetic disk, optical disk) and includes several instructions to cause a terminal (which may be a mobile phone, computer, server, air conditioner, or network device, etc.) to execute the methods described in the various embodiments of this application.

[0144] The embodiments of this application have been described above with reference to the accompanying drawings. However, this application is not limited to the specific embodiments described above. The specific embodiments described above are merely illustrative and not restrictive. Those skilled in the art can make many other forms under the guidance of this application without departing from the spirit and scope of the claims, and all of these forms are within the protection scope of this application.

[0145] Those skilled in the art will recognize that the units and algorithm steps of the various examples described in conjunction with the embodiments disclosed in this application can be implemented in electronic hardware, or a combination of computer software and electronic hardware. Whether these functions are implemented in hardware or software depends on the specific application and design constraints of the technical solution. Those skilled in the art can use different methods to implement the described functions for each specific application, but such implementation should not be considered beyond the scope of this application.

[0146] Those skilled in the art will understand that, for the sake of convenience and brevity, the specific working processes of the systems, devices, and units described above can be referred to the corresponding processes in the foregoing method embodiments, and will not be repeated here.

[0147] In the embodiments provided in this application, it should be understood that the disclosed apparatus and methods can be implemented in other ways. For example, the apparatus embodiments described above are merely illustrative. For instance, the division of units is only a logical functional division, and in actual implementation, there may be other division methods. For example, multiple units or components may be combined or integrated into another system, or some features may be ignored or not executed. Furthermore, the coupling or direct coupling or communication connection shown or discussed may be through some interfaces; the indirect coupling or communication connection between apparatuses or units may be electrical, mechanical, or other forms.

[0148] The units described as separate components may or may not be physically separate. The components shown as units may or may not be physical units; that is, they may be located in one place or distributed across multiple network units. Some or all of the units can be selected to achieve the purpose of this embodiment according to actual needs.

[0149] In addition, the functional units in the various embodiments of this application can be integrated into one processing unit, or each unit can exist physically separately, or two or more units can be integrated into one unit.

[0150] If the aforementioned functions are implemented as software functional units and sold or used as independent products, they can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of this application, in essence, or the part that contributes to the prior art, or a portion of the technical solution, can be embodied in the form of a software product. This computer software product is stored in a storage medium and includes several instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of this application. The aforementioned storage medium includes various media capable of storing program code, such as USB flash drives, portable hard drives, ROM, RAM, magnetic disks, or optical disks.

[0151] The above description is merely a specific embodiment of this application, but the scope of protection of this application is not limited thereto. Any variations or substitutions that can be easily conceived by those skilled in the art within the technical scope disclosed in this application should be included within the scope of protection of this application. Therefore, the scope of protection of this application should be determined by the scope of the claims.

Claims

1. A method for encrypting a multi-party communication protocol based on the ECDH algorithm, characterized in that, The method includes: Based on the ECDH algorithm, key exchanges are performed pairwise within the communication group, and the final shared key is obtained after n-1 key exchanges; The key exchange includes the following steps: Each node in the communication selects a base point; Compute node private key; Calculate the public key of each node and send it to the other child nodes; The nodes synthesize the final shared key; When keys are exchanged in a communication group, the session between the two parties generates a session identifier so that the two parties can identify and track the session. The second user receives the first base point G and the first session identifier sent by the first user, the first user's initial first private key d1, calculates the second user's second initial key d2, calculates the public key H2 = d2G, ​​and calculates the shared key S12 = d1H2; The third user receives the first base point G and the first session identifier sent by the first user, as well as the first user's initial first private key d1; calculates the third user's third initial private key d3, calculates the public key H3 = d3G, and calculates the shared key S13 = d1H3; The second user receives H3, S13 and the third session identifier sent by the third user, and calculates the shared key S23 = d2 H3 and S = d2 S13 = d1 d2 H3; The first user receives S23 and the second session identifier sent by the second user and calculates the shared key S = d1S23 = d1d2H3; The third user receives S12 and the third session identifier sent by the second user, and calculates the shared key S = d3S12 = d1d3H2.

2. The encryption method for multi-party communication protocol based on the ECDH algorithm according to claim 1, characterized in that, The node public key is composed of the node private key and the base point, and the shared key is composed of the node private key and multiple other node public keys.

3. The encryption method for multi-party communication protocol based on the ECDH algorithm according to claim 1, characterized in that, The base points of multiple nodes lie on the same finite field along the same line.

4. The encryption method for multi-party communication protocol based on the ECDH algorithm according to claim 1, characterized in that, The curve selected in the instant messaging system based on the ECDH algorithm is secp256k1.

5. The encryption method for multi-party communication protocol based on the ECDH algorithm according to claim 1, characterized in that, Inter-group communication is handled by the server.

6. The encryption method for multi-party communication protocol based on the ECDH algorithm according to claim 4, characterized in that, In an instant messaging system, there are multiple clients participating in the key exchange.

7. The encryption method for multi-party communication protocol based on the ECDH algorithm according to claim 5, characterized in that, The session is initiated by randomly selecting a member from the group.

8. An electronic device, characterized in that, include: A processor, a memory, and a computer program stored in the memory and executable on the processor, wherein the computer program, when executed by the processor, implements the method as described in any one of claims 1 to 7.

9. A computer-readable storage medium, characterized in that, The computer-readable storage medium stores a computer program that, when executed by a processor, implements the method as described in any one of claims 1 to 7.

Images