KR101703489B1 - Broadcast scrambling system based on file - Google Patents

Broadcast scrambling system based on file Download PDF

Info

Publication number
KR101703489B1
KR101703489B1 KR1020150103541A KR20150103541A KR101703489B1 KR 101703489 B1 KR101703489 B1 KR 101703489B1 KR 1020150103541 A KR1020150103541 A KR 1020150103541A KR 20150103541 A KR20150103541 A KR 20150103541A KR 101703489 B1 KR101703489 B1 KR 101703489B1
Authority
KR
South Korea
Prior art keywords
encryption
broadcast
file
unit
protection system
Prior art date
Application number
KR1020150103541A
Other languages
Korean (ko)
Other versions
KR20170011251A (en
Inventor
오성흔
Original Assignee
주식회사 디지캡
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 디지캡 filed Critical 주식회사 디지캡
Priority to KR1020150103541A priority Critical patent/KR101703489B1/en
Publication of KR20170011251A publication Critical patent/KR20170011251A/en
Application granted granted Critical
Publication of KR101703489B1 publication Critical patent/KR101703489B1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/235Processing of additional data, e.g. scrambling of additional data or processing content descriptors
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/235Processing of additional data, e.g. scrambling of additional data or processing content descriptors
    • H04N21/2351Processing of additional data, e.g. scrambling of additional data or processing content descriptors involving encryption of additional data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/167Systems rendering the television signal unintelligible and subsequently intelligible

Abstract

The present invention relates to a file-based broadcast scrambling system, which encrypts a broadcast file including a plurality of encryption targets, and inserts a broadcast file protection system message received through interworking with one or more broadcast file protection systems into an encrypted broadcast file Based broadcast scrambling system.
A file-based broadcast scrambling system of the present invention includes a file input unit for receiving a broadcast file to be encrypted and delivering the broadcast file to an encryption unit, an encryption scheme setting information providing unit for transmitting encryption scheme setting information for a broadcast file to an encryption key generating unit and an encryption unit, An encryption key generation unit for generating an encryption key necessary for encryption and transmitting the encryption key and the key identifier information to the encryption unit and the broadcasting file protection system interworking unit; and an encryption unit for generating an encrypted broadcast file using the encryption key and the key identifier information, And a broadcast file protection system interworking part for delivering the encryption key and key identifier information to the broadcast file protection system and receiving the broadcast file protection system message from the broadcast file protection system and delivering it to the broadcast file protection system message insertion part. A broadcast file protection system message inserting unit for inserting one or more broadcast file protection system messages into the encrypted broadcast file generated by the encryption unit, and a file output unit for outputting an encrypted broadcast file in which a broadcast file protection system message is inserted .

Figure R1020150103541

Description

[0001] Broadcast scrambling system based on file [

The present invention relates to a file-based broadcast scrambling system, which encrypts a broadcast file including a plurality of encryption targets, and inserts a broadcast file protection system message received through interworking with one or more broadcast file protection systems into an encrypted broadcast file Based broadcast scrambling system.

In a paid broadcast service environment, in order to control access to a broadcast service illegally, generally, a broadcast content is scrambled and scrambled using a method of scrambling (scrambling) the broadcast content, The decoding key is provided only to the broadcasting receiver having the broadcasting viewing right, and the decoding key is not transmitted to the broadcasting receiver which is not qualified to view, so that it can not be viewed normally.

For this purpose, a broadcasting file protection system (for example, a broadcasting scrambling system and a conditional access system) is operated on the broadcasting server side. In order to simultaneously operate a plurality of conditional access systems, The concept of SimulCrypt is introduced. In the common scrambling system, an encryption key is generated to encrypt broadcasting contents, and the encryption key is securely transmitted from a server side of each conditional reception system to a broadcasting receiver installed with a client of the conditional reception system .

Meanwhile, broadcast contents are transmitted through various packet-based protocols such as MPEG-2 Transport Stream (TS) packets or Real Time Protocol (RTP) packets based on User Datagram Protocol (UDP). In the case of an MPEG-2 TS packet, the scrambling is performed in units of one TS packet. Encryption is performed only on the payload portion without encrypting the header of the packet. Using the transport scrambling control bits of FIG. In the case of the RTP packet, scrambling is performed in units of one RTP packet. Encryption is performed only on the RTP payload portion without encrypting the RTP header.

In recent broadcasting system environments, broadcasting contents transmission method through a file-based protocol has been introduced in addition to broadcasting contents transmission method through the packet-based protocol. For example, a Segment-based streaming protocol such as HLS (HTTP Live Streaming) and MPEG DASH (Dynamic Adaptive Streaming over HTTP) supports not only packet transmission but also file transmission.

In the case of MPEG DASH, not only file transmission composed of MPEG-2 TS packets, but also file transfer of ISO base Media File Format is supported. Such file segment based MPEG DASH technology has heretofore been used as a VoD service ) And real-time TV streaming service, but recently it has been expanded to a new transmission method that replaces the existing MPEG-2 TS packet transmission method in a unidirectional broadcast environment (terrestrial broadcast, etc.).

A "device and method for processing an encrypted data stream" of the prior art Korean Patent Application Publication No. 10-2008-0006628 discloses a device for processing an encrypted data stream, wherein the decryption messages decrypt each segment of the encrypted data stream And wherein each decryption message comprises a plurality of decryption elements, the device comprising: a detection unit for detecting the number of decryption elements per decryption message; and a decryption unit for decrypting the decryption message associated with the series of segments based on the detected number, And a determination unit for determining a location to provide the messages.

Segment files in the ISO base Media File Format standard can be composed of one or more tracks (e.g., video tracks, audio tracks), and each track can be composed of one or more samples (e.g., video samples, audio samples) have. Therefore, unlike the MPEG-2 TS packet or the RTP packet composed of one header and one media payload, the segment file is an object-oriented box structure in which a header box and a plurality of samples are mixed in one file When encrypting a segment file of such a complicated structure, the target to be encrypted is identified at the sample unit level of each track (for example, the start position and size of each sample), and a header portion associated with the encrypted sample And identify the encryption and the encryption key identification information used.

In the conventional scrambling system using an MPEG-2 TS packet or an RTP packet as an input unit consisting of one header and one payload, only one payload needs to be encrypted once, but a plurality of encryption targets (for example, ) And a segment file having a payload, it is difficult to scramble the header.

SUMMARY OF THE INVENTION The present invention has been made in order to solve the above-mentioned problems of the related art, and it is an object of the present invention to encrypt a file-based broadcast content by each sample unit constituting a file.

It is another object of the present invention to display, in the encryption of each sample, the encryption information for each sample and the identifier information for the encryption key in a header part related to the sample.

It is another object of the present invention to interoperate with one or more broadcast file protection systems to provide a decryption key to a broadcast receiver with viewing qualifications.

It is another object of the present invention to transmit a message of a broadcast file protection system provided in cooperation with a broadcast file protection system together with an encrypted encrypted broadcast file.

According to another aspect of the present invention, there is provided a file-based broadcast scrambling system, comprising: a file input unit receiving a broadcast file to be encrypted and delivering the received broadcast file to an encryption unit; An encryption scheme setting information provision unit for transmitting the encryption scheme setting information for the broadcast file to the encryption key generating unit and the encryption unit; An encryption key generation unit for generating an encryption key necessary for encryption and transmitting the encryption key and the key identifier information to the encryption unit and the broadcasting file protection system interworking unit; An encryption unit for generating an encrypted broadcast file using the encryption key and the key identifier information; A broadcast file protection system interworking unit for delivering the encryption key and the key identifier information to a broadcast file protection system, receiving a broadcast file protection system message from the broadcast file protection system and delivering the broadcast file protection system message to a broadcast file protection system message insertion unit; A broadcasting file protection system message inserter for inserting one or more broadcasting file protection system messages into the encrypted broadcasting file generated by the encryption unit; And a file output unit for outputting the encrypted broadcast file in which the broadcast file protection system message is inserted.

Therefore, the file-based broadcast scrambling system of the present invention has an effect of encrypting file-based broadcast contents in units of samples constituting a file.

In addition, the present invention has another effect of encrypting each sample and displaying the encryption information and the identifier information of the encryption key for each sample in a header part related to the sample.

The invention also has other effects for interfacing with one or more broadcast file protection systems to provide a decryption key to a broadcast receiver that is qualified to view.

In addition, the present invention has another effect of transmitting a message of a broadcast file protection system provided in cooperation with a broadcast file protection system together with an encrypted broadcast file.

FIG. 1 is a block diagram of a file-based broadcast scrambling system according to the present invention.

The terms and words used in the present specification and claims should not be construed as limited to ordinary or dictionary terms and the inventor may appropriately define the concept of the term in order to best describe its invention It should be construed as meaning and concept consistent with the technical idea of the present invention.

Therefore, the embodiments described in this specification and the configurations shown in the drawings are merely the most preferred embodiments of the present invention and do not represent all the technical ideas of the present invention. Therefore, It is to be understood that equivalents and modifications are possible.

Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings.

FIG. 1 is a block diagram of a file-based broadcast scrambling system according to the present invention. 1, the file-based broadcast scrambling system 100 of the present invention includes a file input unit 110, an encryption scheme setting information providing unit 120, an encryption key generating unit 130, an encryption unit 140, A broadcast file protection system interworking unit 150, a broadcast file protection system message inserting unit 160, and a file output unit 170.

The file input unit 110 receives the broadcast file 10 to be encrypted and transmits the received broadcast file 10 to the encryption unit 140. At this time, the file input unit 110 can be connected to an output side of a video / audio encoder that provides a file based output.

The encryption scheme setting information providing unit 120 transmits the encryption scheme setting information for the broadcast file 10 to the encryption key generating unit 130 and the encryption unit 140, Identification information on the data part to be encrypted in the broadcast file 10, encryption algorithm identification information, and encryption key change cycle information.

For example, if the broadcast file is an ISO base media file format, the identification information for the data part to be encrypted may be an identifier for the media track, which is to be encrypted, and the encryption algorithm identification information is AES 128 bits CBC scheme, and DVB Common Scrambling Algorithm. An example of the encryption key change period information may be information specifying a time period during which the encryption key is changed during sample encryption on a specific media track.

The setting of the encryption method can be set by an operator through the GUI of the broadcast scrambling system or in conjunction with a specific database system. The encryption method setting information in the present invention is not limited to a specific setting procedure or setting format.

The encryption key generation unit 130 generates an encryption key necessary for encryption and transmits the encryption key and the key identifier information to the encryption unit 140 and the broadcast file protection system interface unit 150, The encryption key setting unit 120 may periodically change the encryption key according to the encryption scheme setting information received from the scheme setting information providing unit 120. [

The encryption unit 140 generates an encrypted broadcast file using the encryption key and the key identifier information received from the encryption key generation unit 130. The generated encrypted broadcast file is inserted into the broadcast file protection system message insertion (160).

Searches for a media track to be encrypted according to the cipher scheme setting information received from the cipher scheme setting information providing unit 120 to search for a data part to be encrypted, and searches for the location of each of the samples belonging to the track to perform encryption.

For example, when the broadcast file 10 is the ISO base media file format, the encryption of the broadcast file 10 may be performed by encrypting each of the constituent media tracks (for example, a video track and an audio track) You can encrypt the samples that belong to one media track with the same encryption key, or with different encryption keys (for example, in combination with an initialization vector). have.

On the other hand, the encryption algorithm used for encryption may be a simple bit operation or a more complex AES (Advanced Encryption Standard) encryption algorithm.

The present invention does not limit a specific method such as a specific encryption algorithm for encrypting a track or a sample of the broadcast file 10 or a range of data to be encrypted.

On the other hand, after encrypting the samples, it is determined whether or not the data portion to be encrypted is encrypted and an encryption key identifier related to which encryption key (or a combination of the encryption key and the initialization value) To be displayed in the relevant header box part.

Accordingly, it is possible to determine whether or not each sample in the media track is encrypted in the broadcast receiver in the future, and to inform which decryption key should be decrypted using a certain encryption key (or a combination of the encryption key and the initialization vector).

The encryption method and the encryption key identifier information may be displayed in various ways, and the present invention is not limited to such a display method.

The broadcast file protection system interlocking unit 150 may operate simultaneously with one or more broadcast file protection systems 20. The broadcast file protection system interlock unit 150 may transmit the encryption key and the key identifier information received from the encryption key generation unit 130, The broadcast file protection system 20 generates a broadcast file protection system message for securely transmitting the received encryption key and the key identifier information to the broadcast file protection system interlock unit 150 And the received one or more broadcast file protection system messages are transmitted to the broadcast file protection system message inserting unit 160 again.

Meanwhile, the encryption of the broadcast file itself is performed in the broadcast scrambling system. However, it is not possible to safely transmit the decryption key so as to decrypt the encrypted broadcast file in the broadcast receiver having the viewing qualification. And an example of the broadcast file protection system 20 may be a conditional access system.

In the broadcast file protection system message, the encryption key and the key identifier may be protected through a security mechanism peculiar to the broadcast file protection system 20. For example, the broadcast file protection system message may include, There may be an ECM (Entitlement Control Message) to be generated.

The broadcast file protection system message inserting unit 160 inserts one or more broadcast file protection system messages into the encrypted broadcast file generated by the encryption unit 140. For example, when the broadcast file is an ISO base media file format The broadcast file protection system message may be inserted into the media track corresponding to the encrypted data in the form of one box, and the inserted broadcast file protection system message may be transmitted to the file output unit 170).

The file output unit 170 may be connected to the input side of the broadcast file transmission system 30 and finally outputs the encrypted broadcast file in which the broadcast file protection system message is inserted to the broadcast file transmission system 30.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is clearly understood that the same is by way of illustration and example only and is not to be taken by way of limitation, Various changes and modifications will be possible.

110: file input unit 120: encryption mode setting information providing unit
130: Encryption key generation unit 140:
150: Broadcast file protection system interworking part
160: Broadcast File Protection System Message Insertion Unit
170: File output section

Claims (6)

In a file-based broadcast scrambling system,
A file input unit for receiving a broadcast file to be encrypted and transmitting the received broadcast file to an encryption unit;
A cipher key setting unit configured to transmit cipher key setting information including at least one of identification information of the data part to be encrypted in the broadcast file, encryption algorithm identification information, ;
Generating a necessary encryption key according to the encryption scheme setting information received from the encryption scheme setting information providing unit, periodically changing the encryption key, and transmitting the encryption key and the key identifier information to the encryption unit and the broadcast file protection system linking unit An encryption key generating unit for transmitting the encryption key;
Searching for a media track to be encrypted according to the encryption scheme setting information received from the encryption scheme setting information providing unit, searching for a position of each sample belonging to the track, encrypting the sample in units of samples, encrypting the samples, An encrypting unit for displaying an encryption key and an encryption key identifier information for each sample in a header box part related to the sample, and generating an encrypted broadcast file using the encryption key and the key identifier information;
And transmits the encryption key and the key identifier information to the broadcast file protection system. The broadcast file protection system message is received from the broadcast file protection system and is transmitted to the broadcast file protection system message insertion unit. Interworking Broadcast File Protection System Interworking Division;
A broadcasting file protection system message inserter for inserting one or more broadcasting file protection system messages into the encrypted broadcasting file generated by the encryption unit; And
And a file output unit for outputting the encrypted broadcast file in which the broadcast file protection system message is inserted.

delete delete delete delete delete
KR1020150103541A 2015-07-22 2015-07-22 Broadcast scrambling system based on file KR101703489B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150103541A KR101703489B1 (en) 2015-07-22 2015-07-22 Broadcast scrambling system based on file

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150103541A KR101703489B1 (en) 2015-07-22 2015-07-22 Broadcast scrambling system based on file

Publications (2)

Publication Number Publication Date
KR20170011251A KR20170011251A (en) 2017-02-02
KR101703489B1 true KR101703489B1 (en) 2017-02-08

Family

ID=58151447

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150103541A KR101703489B1 (en) 2015-07-22 2015-07-22 Broadcast scrambling system based on file

Country Status (1)

Country Link
KR (1) KR101703489B1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190246148A1 (en) * 2018-02-05 2019-08-08 Digicap Co., Ltd. Method and system for scrambling broadcast with low latency

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100635128B1 (en) * 2005-11-17 2006-10-18 한국전자통신연구원 Apparatus for generating encrypted motion-picture file with iso base media format and apparatus for reconstructing encrypted motion-picture, and method for reconstructing the same

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1695242A2 (en) * 2003-12-17 2006-08-30 Matsushita Electric Industries Co., Ltd. Content distribution server, key assignment method, content output apparatus, and key issuing center
US8904191B2 (en) * 2009-01-21 2014-12-02 Microsoft Corporation Multiple content protection systems in a file
KR101694976B1 (en) * 2012-08-21 2017-01-10 한국전자통신연구원 Method and apparatus for transmitting conditional access message in DMB system

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100635128B1 (en) * 2005-11-17 2006-10-18 한국전자통신연구원 Apparatus for generating encrypted motion-picture file with iso base media format and apparatus for reconstructing encrypted motion-picture, and method for reconstructing the same

Also Published As

Publication number Publication date
KR20170011251A (en) 2017-02-02

Similar Documents

Publication Publication Date Title
US8281128B2 (en) Method and apparatus for encrypting transport stream of multimedia content, and method and apparatus for decrypting transport stream of multimedia content
KR101364463B1 (en) Method of providing an encrypted data stream
US7912217B2 (en) Customized advertisement splicing in encrypted entertainment sources
US20110238991A1 (en) Content decryption device and encryption system using an additional key layer
JP2009505516A (en) Protect elementary stream content
KR20080033387A (en) Protecting elementary stream content
WO2011120901A1 (en) Secure descrambling of an audio / video data stream
US20190246148A1 (en) Method and system for scrambling broadcast with low latency
JP2011210262A (en) Tracing unauthorized use of secure module
KR101925653B1 (en) Method to identify the origin of a security module in pay-tv decoder system
KR101703489B1 (en) Broadcast scrambling system based on file
KR101803974B1 (en) A method and apparatus for decrypting encrypted content
KR101005844B1 (en) Conditional access system for ts packet processing based on memory card
EP2829072B1 (en) Encryption-resistant watermarking
US9294788B2 (en) Method, cryptographic system and security module for descrambling content packets of a digital transport stream
JP2008294707A (en) Digital broadcast receiving apparatus
US20200275142A1 (en) A method for delivering digital content to at least one client device
CN107409240B (en) System for secure redistribution of conditional access content within a hospitality network
JP5132651B2 (en) License information transmitting apparatus and license information transmitting program
JP2005020218A (en) License information transmission apparatus, license information transmission program, license information transmission method and license information receiver, license information reception program, and license information reception method
JP6752124B2 (en) Channel determination device, channel determination method, and its program
KR101806006B1 (en) Stored and streaming media contents access control system and its operation method
KR101743928B1 (en) Operating system of broadcast contents protection technologies and its operating method in broadcast receiver environment
JP5391315B2 (en) License information receiving apparatus, license information receiving program, and license information receiving method
KR20130050715A (en) Method and apparatus for encryption of entitlement control message

Legal Events

Date Code Title Description
A201 Request for examination
GRNT Written decision to grant