CN106131008B - Video and audio monitoring equipment, security authentication method thereof and video and audio display equipment - Google Patents
Video and audio monitoring equipment, security authentication method thereof and video and audio display equipment Download PDFInfo
- Publication number
- CN106131008B CN106131008B CN201610534999.7A CN201610534999A CN106131008B CN 106131008 B CN106131008 B CN 106131008B CN 201610534999 A CN201610534999 A CN 201610534999A CN 106131008 B CN106131008 B CN 106131008B
- Authority
- CN
- China
- Prior art keywords
- identification
- video
- audio
- public key
- instruction
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/18—Closed-circuit television [CCTV] systems, i.e. systems in which the video signal is not broadcast
Abstract
The invention discloses a video and audio monitoring device, a security authentication method thereof and a video and audio display device, and relates to the technical field of data security.
Description
Technical Field
The invention relates to the technical field of data security, in particular to video and audio monitoring equipment, a security authentication method thereof and video and audio display equipment.
Background
In recent decades, the security and video/audio monitoring industry has been rapidly developed, and particularly in recent years, along with the rapid development of the internet, the networking of the security and security industry, video/audio monitoring systems and products has become a popular trend, and nowadays, video/audio monitoring systems, personal, household intelligent remote monitoring camera systems and products and the like are ubiquitous, widely applied, innovated and continuously increased in demand.
In the existing security industry, various video and audio cameras, a monitoring system control center, monitoring clients (PC end and mobile end APP) of various platforms construct a closed-loop monitoring system through network connection (wired network and wireless network), video and audio contents transmitted through the network are usually transmitted after being encoded by several video and audio encoding algorithms (such as h.264, h.265, MP4, FLV, etc.) and stored in a hard disk storage device or a cloud, and some control instructions and the like between the client, the control center, and the cameras are uploaded and issued through existing communication protocols; the installation and butt joint of each camera and the control center, the installation and the configuration of the client, the control center and the connection between the client and the camera in the prior security industry are basically established by the installation and the configuration of the video camera equipment ID, the user name and the password (PIN code), and the operation and the management are basically realized in the following process.
The camera, the client and the control center are connected through the Internet, reliable safety technology guarantee is not provided, and the monitoring system can not work normally due to the fact that the monitoring system is easily attacked and controlled under the existing Internet environment.
Disclosure of Invention
In view of the above problems, the present invention has been made to provide a security certification invention for a video-audio monitoring apparatus, and a video-audio exhibiting apparatus that overcome or at least partially solve the above problems.
According to a first aspect of the present invention, there is provided a video and audio presentation apparatus comprising:
the public key obtaining unit is used for obtaining a corresponding first identification public key from the identification public key matrix according to the video and audio monitoring equipment identification;
the asymmetric encryption unit is used for performing asymmetric encryption on an instruction plaintext to be transmitted through the first identification public key to obtain an instruction ciphertext;
the ciphertext signature unit is used for signing the instruction ciphertext by adopting a first identification private key of the local equipment;
and the ciphertext sending unit is used for sending the signed instruction ciphertext to the video and audio monitoring equipment so that the video and audio monitoring equipment performs security authentication according to the signed instruction ciphertext.
Optionally, the video and audio display apparatus further comprises:
and the identification receiving unit is used for receiving and storing the video and audio monitoring equipment identification sent by the video and audio monitoring equipment.
According to a second aspect of the present invention, there is provided a security authentication method for a video and audio monitoring apparatus, the method including:
acquiring a corresponding first identification public key from the identification public key matrix according to the identification of the video and audio monitoring equipment;
performing asymmetric encryption on an instruction plaintext to be transmitted through the first identification public key to obtain an instruction ciphertext;
signing the instruction ciphertext by adopting a first identification private key of local equipment;
and sending the signed instruction ciphertext to the video and audio monitoring equipment so that the video and audio monitoring equipment performs security authentication according to the signed instruction ciphertext.
Optionally, before the obtaining the corresponding first identifier public key from the identifier public key matrix according to the identifier of the video/audio monitoring device, the method further includes:
and receiving and storing the video and audio monitoring equipment identification sent by the video and audio monitoring equipment.
According to a third aspect of the present invention, there is provided a video-audio monitoring apparatus, comprising:
the ciphertext receiving unit is used for receiving the instruction ciphertext sent by the video and audio display equipment;
the public key obtaining unit is used for obtaining a corresponding second identification public key from the identification public key matrix according to the video and audio display equipment identification;
the signature verification unit is used for verifying the signature of the instruction ciphertext through the second identification public key;
and the ciphertext decryption unit is used for decrypting the instruction ciphertext by adopting a second identification private key of the local equipment when the verification is passed, so as to obtain an instruction plaintext and realize safety authentication.
Optionally, the video and audio monitoring apparatus further includes:
and the identification receiving unit is used for receiving and storing the video and audio display equipment identification sent by the video and audio display equipment.
Optionally, the video and audio monitoring apparatus further includes:
and the instruction execution unit is used for executing the instruction according to the instruction plaintext.
According to a fourth aspect of the present invention, there is provided a security authentication method for a video and audio monitoring apparatus, the method including:
receiving an instruction ciphertext sent by the video and audio display equipment;
acquiring a corresponding second identification public key from the identification public key matrix according to the identification of the video and audio display equipment;
verifying the signature of the instruction ciphertext through the second identification public key;
and when the verification is passed, decrypting the instruction ciphertext by using a second identification private key of the local equipment to obtain an instruction plaintext so as to realize safety authentication.
Optionally, before receiving the instruction ciphertext sent by the video and audio display device, the method further includes:
and receiving and storing the video and audio display equipment identification sent by the video and audio display equipment.
Optionally, the method further comprises:
and executing the instruction according to the instruction plaintext.
According to the invention, a corresponding first identification public key is obtained from an identification public key matrix according to the identification of the video and audio monitoring equipment, an instruction plaintext to be transmitted is asymmetrically encrypted through the first identification public key to obtain an instruction ciphertext, the instruction ciphertext is signed by adopting a first identification private key of local equipment, and the signed instruction ciphertext is transmitted to the video and audio monitoring equipment, so that the video and audio monitoring equipment performs security authentication according to the signed instruction ciphertext, the attack, the control and the like under the internet environment can be prevented, and the monitoring system can be ensured to normally work.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
FIG. 1 is a flow chart of a security authentication method of a video and audio monitoring device according to an embodiment of the invention;
FIG. 2 is a schematic flow diagram of key production;
FIG. 3 is a flow chart of a security authentication method for a video and audio monitoring device according to another embodiment of the invention;
FIG. 4 is a flowchart of a security authentication method for a video and audio monitoring device according to another embodiment of the present invention;
FIG. 5 is a flowchart of a security authentication method for a video/audio monitoring device according to a further embodiment of the present invention;
FIG. 6 is a diagram illustrating security authentication and video/audio data encryption of a video/audio monitoring device according to an embodiment of the present invention;
FIG. 7 is a diagram illustrating security authentication and video/audio data decryption of a video/audio monitoring device according to an embodiment of the present invention;
FIG. 8 is a block diagram of a video and audio display apparatus according to the present invention;
fig. 9 is a block diagram of a video/audio monitoring apparatus according to the present invention.
Detailed Description
The following detailed description of embodiments of the present invention is provided in connection with the accompanying drawings and examples. The following examples are intended to illustrate the invention but are not intended to limit the scope of the invention.
FIG. 1 is a flow chart of a security authentication method of a video and audio monitoring device according to an embodiment of the invention; referring to fig. 1, the method includes:
s101: acquiring a corresponding first identification public key from the identification public key matrix according to the identification of the video and audio monitoring equipment;
it should be noted that the main execution body of the method of this embodiment is a video and audio display device, where the video and audio display device is a device capable of displaying video and audio, and may be a server with a video and audio display function or a user device with a video and audio display function, and of course, other devices may also be used, which is not limited in this embodiment.
In a specific implementation, the user equipment may be a PC, a notebook computer, a tablet computer, or a smart phone, which is not limited in this embodiment.
Understandably, the video and audio display device is provided with a product or user digital certificate, and the digital certificate comprises: a first identification private key identifying the local device and the public key matrix.
In order to generate the digital certificate, in this embodiment, referring to fig. 2, a private identification key matrix and a public identification key matrix may be produced in advance by a specially developed key production system, a product or user identification (i.e., an identification used for reflecting a product identity or an identification used for reflecting a user identity) is used as an identification of the video and audio display device, a first identification private key of the local device is generated by performing modulo N integer operation on the HASH to the private identification key matrix, and then the product or user digital certificate is generated together with the public identification key matrix.
In this embodiment, the local device is referred to as a video/audio display device.
Of course, the product or user digital certificate can be directly written into the product for use in a secret software data form, or written into the identification USBKEY and issued to the user for use.
The identification USBKEY comprises but is not limited to TF card KEY and SIM card KEY, and is formed by further developing and producing a special security chip (such as HS08K, HS32U2, Z8D64, Z8168 or Z32) which accords with national password authentication and permission, and completing digital signature and encryption of information such as product or user identification and data, instructions and the like in the application process of products and users.
The digital certificate or the identification key conforms to the ITU-T X.509 international standard, conforms to the certificate specification of a combined public key cryptosystem and conforms to the CA certificate specification.
S102: performing asymmetric encryption on an instruction plaintext to be transmitted through the first identification public key to obtain an instruction ciphertext;
it can be understood that the first identification public key is an identification public key corresponding to the video and audio monitoring device identification, that is, there is a one-to-one correspondence between the first identification public key and the video and audio monitoring device identification.
It should be noted that, by asymmetrically encrypting the instruction plaintext to be transmitted through the first identification public key, an instruction ciphertext can be obtained, that is, the instruction ciphertext is a file obtained by asymmetrically encrypting the instruction plaintext.
S103: signing the instruction ciphertext by adopting a first identification private key of local equipment;
because the first identification private key of the local device is generated according to the product or user identification, a one-to-one correspondence exists between the first identification private key and the product or user identification, that is, the first identification private key of the local device can reflect the identity of the product or user identification.
It will be appreciated that signing the instruction cryptogram is typically an encryption of a digital digest of the instruction cryptogram using a first identifying private key of the local device.
S104: and sending the signed instruction ciphertext to the video and audio monitoring equipment so that the video and audio monitoring equipment performs security authentication according to the signed instruction ciphertext.
According to the embodiment, the corresponding first identification public key is obtained from the identification public key matrix according to the identification of the video and audio monitoring equipment, the instruction plaintext to be transmitted is asymmetrically encrypted through the first identification public key to obtain the instruction ciphertext, the instruction ciphertext is signed through the first identification private key of the local equipment, and the signed instruction ciphertext is sent to the video and audio monitoring equipment, so that the video and audio monitoring equipment performs security authentication according to the signed instruction ciphertext, can be prevented from being attacked, controlled and the like in the internet environment, and can ensure that the monitoring system can normally work.
And because the first identification private key of the local device is adopted to sign the instruction ciphertext and the first identification private key of the local device can reflect the identity of the product or the user identification, only one-way authentication is needed during security authentication, and two-way authentication is not needed.
FIG. 3 is a flow chart of a security authentication method for a video and audio monitoring device according to another embodiment of the invention; referring to fig. 3, the method includes:
s300: receiving and storing the video and audio monitoring equipment identification sent by the video and audio monitoring equipment;
it should be noted that the main execution body of the method of the present embodiment is also a video/audio display device.
It can be understood that after the video and audio monitoring device is safely turned on, the video and audio monitoring device needs to be registered in the video and audio display device, that is, the video and audio monitoring device sends a video and audio monitoring device identifier to the video and audio display device, and the video and audio display device receives and stores the video and audio monitoring device identifier sent by the video and audio monitoring device.
Naturally, the video and audio display device also sends a video and audio display device identifier to the video and audio monitoring device, and the video and audio monitoring device receives and stores the video and audio display device identifier.
S301: acquiring a corresponding first identification public key from the identification public key matrix according to the identification of the video and audio monitoring equipment;
s302: performing asymmetric encryption on an instruction plaintext to be transmitted through the first identification public key to obtain an instruction ciphertext;
s303: signing the instruction ciphertext by adopting a first identification private key of local equipment;
s304: and sending the signed instruction ciphertext to the video and audio monitoring equipment so that the video and audio monitoring equipment performs security authentication according to the signed instruction ciphertext.
Steps S301 to S304 are the same as steps S101 to S104 of the embodiment shown in fig. 1, and are not described again here.
FIG. 4 is a flowchart of a security authentication method for a video and audio monitoring device according to another embodiment of the present invention; referring to fig. 4, the method includes:
s401: receiving an instruction ciphertext sent by the video and audio display equipment;
it should be noted that the main execution body of the method of this embodiment is a video/audio monitoring device, and the video/audio monitoring device is a device capable of acquiring video and audio, and may be a camera having a video/audio acquisition function, or an image sensor, and of course, may also be another device, which is not limited in this embodiment.
S402: acquiring a corresponding second identification public key from the identification public key matrix according to the identification of the video and audio display equipment;
it can be understood that, the video and audio monitoring device is also provided with a product or user digital certificate, and the digital certificate comprises: a second identification private key identifying the local device and the public key matrix.
In order to generate the digital certificate, in this embodiment, a private identification key matrix and a public identification key matrix may be produced in advance through a specially developed key production system, a product or user identification (i.e., an identification for reflecting a product identity or an identification for reflecting a user identity) is used as an identification of the audio/video monitoring device, a second private identification key of the local device is generated through modulo N integer operation from HASH to the private identification key matrix, and then the product or user digital certificate is generated together with the public identification key matrix.
In this embodiment, the local device is referred to as a video/audio display device.
Of course, the product or user digital certificate can be directly written into the product for use in a secret software data form, or written into the identification USBKEY and issued to the user for use.
The identification USBKEY comprises but is not limited to TF card KEY and SIM card KEY, and is formed by further developing and producing a special security chip (such as HS08K, HS32U2, Z8D64, Z8168 or Z32) which accords with national password authentication and permission, and completing digital signature and encryption of information such as product or user identification and data, instructions and the like in the application process of products and users.
The digital certificate or the identification key conforms to the ITU-T X.509 international standard, conforms to the certificate specification of a combined public key cryptosystem and conforms to the CA certificate specification.
S403: verifying the signature of the instruction ciphertext through the second identification public key;
it can be understood that, because the instruction ciphertext is signed by the video and audio display device by using the first identification private key, the first identification private key is generated according to the video and audio display device identification, and the second identification public key is obtained from the identification public key matrix according to the video and audio display device identification, the first identification private key and the second identification public key have a corresponding relationship and can be mutually encrypted and decrypted.
Therefore, when the video and audio display device encrypts the digital abstract of the instruction ciphertext by adopting the first identification private key, the digital abstract can be decrypted by the second identification public key, the decrypted digital abstract is matched with the instruction ciphertext, and if the matching is successful, the verification is determined to be passed, so that the condition that only one-way authentication is needed and two-way authentication is not needed during safety authentication is ensured.
S404: and when the verification is passed, decrypting the instruction ciphertext by using a second identification private key of the local equipment to obtain an instruction plaintext so as to realize safety authentication.
It can be understood that, because the instruction plaintext is encrypted by the video and audio display device by using the first identification public key, the first identification public key is obtained from the identification public key matrix according to the video and audio monitoring device identification, and the second identification private key is generated according to the video and audio monitoring device identification, the first identification public key and the second identification private key have a corresponding relationship and can be mutually encrypted and decrypted.
It should be noted that, the second identification private key of the local device is used to decrypt the instruction ciphertext, and after decryption is successful, the secure authentication can be understood to be achieved.
FIG. 5 is a flowchart of a security authentication method for a video/audio monitoring device according to a further embodiment of the present invention; referring to fig. 5, the method includes:
s500: receiving and storing the video and audio display equipment identification sent by the video and audio display equipment;
the main execution body of the method of the present embodiment is also a video/audio monitoring device.
S501: receiving an instruction ciphertext sent by the video and audio display equipment;
s502: acquiring a corresponding second identification public key from the identification public key matrix according to the identification of the video and audio display equipment;
s503: verifying the signature of the instruction ciphertext through the second identification public key;
s504: and when the verification is passed, decrypting the instruction ciphertext by using a second identification private key of the local equipment to obtain an instruction plaintext so as to realize safety authentication.
Steps S501 to S504 are the same as steps S401 to S404 of the embodiment shown in fig. 4, and are not described again here.
S505: and executing the instruction according to the instruction plaintext.
It can be understood that the instruction plaintext may be a trigger instruction for enabling the video and audio monitoring device to start monitoring, or may be an adjustment instruction for adjusting a video and audio acquisition or encoding parameter of the video and audio monitoring device, and of course, other instructions may also be used, which is not limited in this embodiment.
Referring to fig. 6, after the video and audio monitoring device a performs security authentication, it may configure the video and audio acquisition and encoding parameters according to preset video and audio acquisition and encoding parameters, or received adjustment instructions, to realize video and audio acquisition, and after performing video and audio encoding on the acquired video and audio information data, perform symmetric encryption, and output a secret video and audio file;
the symmetric encryption is that a random number is generated by a random number generator and used as a symmetric password, the symmetric password is adopted to symmetrically encrypt the coded video and audio data, and an A-secret video and audio file is output;
it can be understood that, because the video and audio monitoring device a stores the video and audio display device X identifier, the X identifier public key (corresponding to the above-mentioned "second identifier public key") is calculated by the identifier public key matrix according to the video and audio display device X identifier, the symmetric password is encrypted by the X identifier public key to obtain an a key file, and then the a key file is signed by the a identifier private key (corresponding to the above-mentioned "second identifier private key");
and fusing the signed A key file and the A secret audio and video file through a private protocol algorithm, packaging to form a secret data file, and outputting to the audio and video display equipment through a wired network, a wireless network, a cloud or an internet platform.
Correspondingly, the video and audio display device X stores the secret data files of the video and audio monitoring devices in the video and audio data storage array, and performs the following processing on the secret data files of each video and audio monitoring device:
with reference to fig. 7, firstly, performing data unpacking on a secret data file according to a reversible process of a private protocol algorithm for packing the secret data to obtain a secret audio file a and a key file a, calculating an identification public key a (corresponding to the first identification public key) through an identification public key matrix according to an identification of the video and audio monitoring device a, verifying a signature of the key file a through the identification public key a, decrypting the key file a through an identification private key X (corresponding to the first private key) when the verification is passed to obtain a symmetric password, and then symmetrically decrypting the secret audio file a through the symmetric password to obtain video and audio data, and outputting the video and audio data to a monitor for decoding and playing.
Compared with the prior art, the embodiments have at least one of the following advantages:
1. the Pin code verification and the identification key double-factor identity verification are adopted, so that the security level is improved;
2. random numbers are adopted to generate symmetric ciphers for video data encryption, and one-time ciphering can be achieved;
3. the asymmetric algorithm is used for encrypting the symmetric password, so that the safety of the symmetric password is improved.
4. The encrypted file is digitally signed by using the identification private key of the encryptor again, so that the safety of the data in the transmission process is ensured, and the data is prevented from being tampered.
5. The key file and the ciphertext data are combined, so that the file transfer is facilitated.
6. And after receiving the secret data, decomposing to obtain a secret video and a secret key file. The identity of the key file is verified, the symmetric password is decrypted, and then the encrypted video is directly decrypted, so that the application is greatly facilitated, and the safety is improved.
7. The command plaintext is encrypted and signed, and the command plaintext is used by signature verification and decryption during use, so that the safety, reliability and non-repudiation of the command plaintext transmission are ensured.
8. And at each equipment terminal, the corresponding identification public key is extracted based on the identification through the digital certificate of the equipment terminal, so that local key exchange in an off-line mode is realized, and great convenience is brought to system application and high-strength safety guarantee.
9. The information data of the whole video and audio monitoring system is constructed, and the instruction is a full-secret transmission and interaction system under any platform and mode.
Method embodiments are described as a series of acts or combinations for simplicity of explanation, but it should be understood by those skilled in the art that the present invention is not limited by the order of acts or acts described, as some steps may occur in other orders or concurrently with other steps in accordance with the embodiments of the invention. Furthermore, those skilled in the art will appreciate that the embodiments described in the specification are presently preferred and that no particular act is required to implement the invention.
FIG. 8 is a block diagram of a video and audio display apparatus according to the present invention; referring to fig. 8, the audio/video presentation apparatus includes:
a public key obtaining unit 801, configured to obtain a corresponding first identifier public key from the identifier public key matrix according to the identifier of the video/audio monitoring device;
the asymmetric encryption unit 802 is configured to perform asymmetric encryption on an instruction plaintext to be transmitted through the first identification public key to obtain an instruction ciphertext;
a ciphertext signature unit 803, configured to sign the instruction ciphertext with a first identification private key of the local device;
and the ciphertext sending unit 804 is configured to send the signed instruction ciphertext to the video and audio monitoring device, so that the video and audio monitoring device performs security authentication according to the signed instruction ciphertext.
In an optional embodiment of the present invention, the audio/video presentation apparatus further comprises:
and the identification receiving unit is used for receiving and storing the video and audio monitoring equipment identification sent by the video and audio monitoring equipment.
FIG. 9 is a block diagram of a video and audio monitoring apparatus according to the present invention; referring to fig. 9, the video and audio monitoring apparatus includes:
a ciphertext receiving unit 901, configured to receive an instruction ciphertext sent by the video and audio display apparatus;
a public key obtaining unit 902, configured to obtain a corresponding second identifier public key from the identifier public key matrix according to the identifier of the video/audio display apparatus;
a signature verification unit 903, configured to verify a signature of the instruction ciphertext through the second identification public key;
and a ciphertext decryption unit 904, configured to decrypt the instruction ciphertext by using the second identification private key of the local device when the verification passes, to obtain an instruction plaintext, so as to implement security authentication.
In an optional embodiment of the present invention, the audio-visual monitoring apparatus further comprises:
and the identification receiving unit is used for receiving and storing the video and audio display equipment identification sent by the video and audio display equipment.
In an optional embodiment of the present invention, the audio-visual monitoring apparatus further comprises:
and the instruction execution unit is used for executing the instruction according to the instruction plaintext.
As for the apparatus embodiment, since it is basically similar to the method embodiment, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
It should be noted that, in the respective components of the apparatus of the present invention, the components therein are logically divided according to the functions to be implemented thereof, but the present invention is not limited thereto, and the respective components may be newly divided or combined as necessary.
Various component embodiments of the invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. In the device, the PC remotely controls the equipment or the device through the Internet, and accurately controls each operation step of the equipment or the device. The present invention may also be embodied as apparatus or device programs (e.g., computer programs and computer program products) for performing a portion or all of the methods described herein. The program for realizing the invention can be stored on a computer readable medium, and the file or document generated by the program has statistics, generates a data report and a cpk report, and the like, and can carry out batch test and statistics on the power amplifier. It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word "comprising" does not exclude the presence of elements or steps not listed in a claim. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. The invention may be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means may be embodied by one and the same item of hardware. The usage of the words first, second and third, etcetera do not indicate any ordering. These words may be interpreted as names.
The above embodiments are only for illustrating the invention and are not to be construed as limiting the invention, and those skilled in the art can make various changes and modifications without departing from the spirit and scope of the invention, therefore, all equivalent technical solutions also belong to the scope of the invention, and the scope of the invention is defined by the claims.
Claims (10)
1. A video and audio presentation apparatus, comprising:
the public key obtaining unit is used for obtaining a corresponding first identification public key from the identification public key matrix according to the video and audio monitoring equipment identification;
the video and audio display equipment is internally provided with a product or user digital certificate, and the digital certificate comprises: identifying a public key matrix and a first identification private key of a local device; the method for generating the digital certificate comprises the following steps: pre-producing an identification private key matrix and an identification public key matrix, taking a product or user identification as an identification of a video and audio display device, generating a first identification private key of a local device through modulo N integer operation from HASH to the identification private key matrix, and then generating a product or user digital certificate together with the identification public key matrix;
the asymmetric encryption unit is used for performing asymmetric encryption on an instruction plaintext to be transmitted through the first identification public key to obtain an instruction ciphertext;
the ciphertext signature unit is used for signing the instruction ciphertext by adopting a first identification private key of the local equipment;
and the ciphertext sending unit is used for sending the signed instruction ciphertext to the video and audio monitoring equipment so that the video and audio monitoring equipment performs security authentication according to the signed instruction ciphertext.
2. The audio-visual presentation device of claim 1, wherein the audio-visual presentation device further comprises:
and the identification receiving unit is used for receiving and storing the video and audio monitoring equipment identification sent by the video and audio monitoring equipment.
3. A security authentication method of a video and audio monitoring device is characterized by comprising the following steps:
acquiring a corresponding first identification public key from the identification public key matrix according to the identification of the video and audio monitoring equipment;
the video and audio display equipment is internally provided with a product or user digital certificate, and the digital certificate comprises: identifying a public key matrix and a first identification private key of a local device; the method for generating the digital certificate comprises the following steps: pre-producing an identification private key matrix and an identification public key matrix, taking a product or user identification as a video and audio display equipment identification, generating a first identification private key of local equipment through modulo N integer operation from HASH to the identification private key matrix, and then generating a product or user digital certificate together with the identification public key matrix
Performing asymmetric encryption on an instruction plaintext to be transmitted through the first identification public key to obtain an instruction ciphertext;
signing the instruction ciphertext by adopting a first identification private key of local equipment;
and sending the signed instruction ciphertext to the video and audio monitoring equipment so that the video and audio monitoring equipment performs security authentication according to the signed instruction ciphertext.
4. The method as claimed in claim 3, wherein before the obtaining of the corresponding first identification public key from the identification public key matrix according to the identification of the video/audio monitoring device, the method further comprises:
and receiving and storing the video and audio monitoring equipment identification sent by the video and audio monitoring equipment.
5. A video and audio monitoring apparatus, comprising:
the ciphertext receiving unit is used for receiving the instruction ciphertext sent by the video and audio display equipment;
the public key obtaining unit is used for obtaining a corresponding second identification public key from the identification public key matrix according to the video and audio display equipment identification;
the video and audio monitoring equipment is provided with a product or user digital certificate, and the digital certificate comprises: identifying the public key matrix and a second identification private key of the local device; the method for generating the digital certificate comprises the following steps: pre-producing an identification private key matrix and an identification public key matrix, taking a product or user identification as an identification of the video and audio monitoring equipment, generating a second identification private key of the local equipment through modulo N integer operation from HASH to the identification private key matrix, and then generating a product or user digital certificate together with the identification public key matrix;
the signature verification unit is used for verifying the signature of the instruction ciphertext through the second identification public key;
and the ciphertext decryption unit is used for decrypting the instruction ciphertext by adopting a second identification private key of the local equipment when the verification is passed, so as to obtain an instruction plaintext and realize safety authentication.
6. The audio-visual monitoring device of claim 5, further comprising:
and the identification receiving unit is used for receiving and storing the video and audio display equipment identification sent by the video and audio display equipment.
7. The audio-visual monitoring device of claim 5 or 6, further comprising:
and the instruction execution unit is used for executing the instruction according to the instruction plaintext.
8. A security authentication method of a video and audio monitoring device is characterized by comprising the following steps:
receiving an instruction ciphertext sent by the video and audio display equipment;
acquiring a corresponding second identification public key from the identification public key matrix according to the identification of the video and audio display equipment;
the video and audio monitoring equipment is provided with a product or user digital certificate, and the digital certificate comprises: identifying the public key matrix and a second identification private key of the local device; the method for generating the digital certificate comprises the following steps: pre-producing an identification private key matrix and an identification public key matrix, taking a product or user identification as an identification of the video and audio monitoring equipment, generating a second identification private key of the local equipment through modulo N integer operation from HASH to the identification private key matrix, and then generating a product or user digital certificate together with the identification public key matrix;
verifying the signature of the instruction ciphertext through the second identification public key;
and when the verification is passed, decrypting the instruction ciphertext by using a second identification private key of the local equipment to obtain an instruction plaintext so as to realize safety authentication.
9. The method of claim 8, wherein before receiving the command cryptogram sent by the audio-visual presentation device, the method further comprises:
and receiving and storing the video and audio display equipment identification sent by the video and audio display equipment.
10. The method of claim 8, wherein the method further comprises:
and executing the instruction according to the instruction plaintext.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610534999.7A CN106131008B (en) | 2016-07-07 | 2016-07-07 | Video and audio monitoring equipment, security authentication method thereof and video and audio display equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610534999.7A CN106131008B (en) | 2016-07-07 | 2016-07-07 | Video and audio monitoring equipment, security authentication method thereof and video and audio display equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106131008A CN106131008A (en) | 2016-11-16 |
| CN106131008B true CN106131008B (en) | 2020-05-05 |
Family
ID=57282454
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610534999.7A Active CN106131008B (en) | 2016-07-07 | 2016-07-07 | Video and audio monitoring equipment, security authentication method thereof and video and audio display equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106131008B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106604023B (en) * | 2016-11-29 | 2019-02-22 | 北京航天爱威电子技术有限公司 | A kind of video flowing authenticity verification methods and system |
| CN110022282B (en) * | 2018-01-08 | 2020-10-23 | 比亚迪股份有限公司 | Safety command interaction method of rail transit signal system |
| CN110460448A (en) * | 2019-08-20 | 2019-11-15 | 丹东瑞银科技有限公司 | A kind of CPK file encrypting method, encryption equipment, cryptographic communication system and storage medium |
| CN111669382A (en) * | 2020-05-28 | 2020-09-15 | 北京瑞华赢科技发展有限公司 | Encryption method and system suitable for roadside unit of Internet of things of intelligence board |
| CN117240998A (en) * | 2023-11-15 | 2023-12-15 | 山东高速千方国际科技有限公司 | Monitoring system and method for expressway |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101421974A (en) * | 2003-12-18 | 2009-04-29 | 提维股份有限公司 | Secure multimedia transfer system |
| CN101729854A (en) * | 2009-12-24 | 2010-06-09 | 公安部第一研究所 | Method for distributing code stream encrypting and decrypting keys in SIP video monitoring system |
| CN101978378A (en) * | 2008-03-25 | 2011-02-16 | 罗伯特·博世有限公司 | Method for verifying the certification of a recording apparatus |
| CN102170357A (en) * | 2011-05-31 | 2011-08-31 | 北京虎符科技有限公司 | Combined secret key dynamic security management system |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110099591A1 (en) * | 2009-10-28 | 2011-04-28 | Men Long | Secure wireless pairing of digital tv short-range transmitter and receiver |
-
2016
- 2016-07-07 CN CN201610534999.7A patent/CN106131008B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101421974A (en) * | 2003-12-18 | 2009-04-29 | 提维股份有限公司 | Secure multimedia transfer system |
| CN101978378A (en) * | 2008-03-25 | 2011-02-16 | 罗伯特·博世有限公司 | Method for verifying the certification of a recording apparatus |
| CN101729854A (en) * | 2009-12-24 | 2010-06-09 | 公安部第一研究所 | Method for distributing code stream encrypting and decrypting keys in SIP video monitoring system |
| CN102170357A (en) * | 2011-05-31 | 2011-08-31 | 北京虎符科技有限公司 | Combined secret key dynamic security management system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106131008A (en) | 2016-11-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110380852B (en) | Bidirectional authentication method and communication system | |
| EP3324572B1 (en) | Information transmission method and mobile device | |
| CN106131008B (en) | Video and audio monitoring equipment, security authentication method thereof and video and audio display equipment | |
| CN107358441B (en) | Payment verification method and system, mobile device and security authentication device | |
| CN109218825B (en) | Video encryption system | |
| US9716591B2 (en) | Method for setting up a secure connection between clients | |
| CN103731756A (en) | Smart home remote security access control implementation method based on smart cloud television gateway | |
| CN107959688B (en) | Security authentication method and system for mutual authentication of terminal and camera equipment | |
| CN109151508B (en) | Video encryption method | |
| CN105245341A (en) | Remote identity authentication method and system and remote account opening method and system | |
| KR20150079489A (en) | Instant messaging method and system | |
| EP3476078B1 (en) | Systems and methods for authenticating communications using a single message exchange and symmetric key | |
| CN106059757A (en) | Audio and video monitoring device, data encryption and decryption method, and audio and video display device | |
| CN103685323A (en) | Method for realizing intelligent home security networking based on intelligent cloud television gateway | |
| CN105282168B (en) | Data interactive method and device based on CHAP agreement | |
| CN110198295A (en) | Safety certifying method and device and storage medium | |
| CN111181723B (en) | Method and device for offline security authentication between Internet of things devices | |
| CN113572743B (en) | Data encryption and decryption methods and devices, computer equipment and storage medium | |
| CN104113409A (en) | Secret key managing method and system of SIP (session initiation protocol) video monitoring networking system | |
| CN105119891B (en) | A kind of data interactive method, set-top box and server | |
| CN104735484A (en) | Method and device for playing video | |
| KR101424972B1 (en) | Method for using contents with a mobile card, host device, and mobile card | |
| CN105191332B (en) | For the method and apparatus of the embedded watermark in unpressed video data | |
| CN109922022A (en) | Internet of Things communication means, platform, terminal and system | |
| CN111865761B (en) | Social chat information evidence storing method based on block chain intelligent contracts |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20170807 Address after: 100190, room 5, building 5165, Shen Chang building, 51 Zhichun Road, Beijing, Haidian District Applicant after: BEIJING RENXINZHENG TECHNOLOGY CO.,LTD. Address before: Beijing city Pinggu District 101212 South River Central School dule Road No. 19 Applicant before: BEIJING XINCHANGCHENG TECHNOLOGY RESEARCH INSTITUTE |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20211230 Address after: No. 302, floor 3, building 4, No. 9, Zhongguancun Street, Haidian District, Beijing 100080 Patentee after: BEIJING RENXINZHENG TECHNOLOGY CO.,LTD. Patentee after: Shanghai lvduan Technology Co.,Ltd. Address before: 100190 room 5165, 5 / F, Shenchang building, 51 Zhichun Road, Haidian District, Beijing Patentee before: BEIJING RENXINZHENG TECHNOLOGY CO.,LTD. |
|
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: 100086 A1501, Floor 15, No. 22, Zhongguancun Street, Haidian District, Beijing Patentee after: Beijing xinchangcheng Technology Development Co.,Ltd. Patentee after: Shanghai lvduan Technology Co.,Ltd. Address before: No. 302, floor 3, building 4, No. 9, Zhongguancun Street, Haidian District, Beijing 100080 Patentee before: BEIJING RENXINZHENG TECHNOLOGY CO.,LTD. Patentee before: Shanghai lvduan Technology Co.,Ltd. |