CN100461199C - Method and device for encrypting and de-encrypting digital content - Google Patents
Method and device for encrypting and de-encrypting digital content Download PDFInfo
- Publication number
- CN100461199C CN100461199C CNB2006100077244A CN200610007724A CN100461199C CN 100461199 C CN100461199 C CN 100461199C CN B2006100077244 A CNB2006100077244 A CN B2006100077244A CN 200610007724 A CN200610007724 A CN 200610007724A CN 100461199 C CN100461199 C CN 100461199C
- Authority
- CN
- China
- Prior art keywords
- cryptographic algorithm
- encryption
- unit
- content
- sent
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 84
- 230000005540 biological transmission Effects 0.000 claims description 5
- 238000010586 diagram Methods 0.000 description 14
- 238000012423 maintenance Methods 0.000 description 2
- 230000009977 dual effect Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
Images
Abstract
This invention discloses a method and a system for ciphering and deciphering digital contents, in which, said system includes: a cipher trigger system, multiple cipher algorithm plugs and any kind of terminals, the method includes: keeping the ciphered algorithm of different kinds of terminals in their plugs to set up the corresponding relation of the plug identifications and terminal kinds, the plugs utilize ciphered algorithm kept in their own to cipher the digital contents sent by the ciphered trigger system and sends their own identification and ciphered digital contents to the ciphered trigger system, which sends the ciphered digital contents to the terminal of a corresponding kind, which deciphers the digital contents based on the decipherring algorithm.
Description
Technical field
The present invention relates to digital copyright management (DRM) technology, particularly relate to a kind of method and system of digital content being carried out encryption and decryption.
Background technology
The DRM technology be along with Streaming Media on the internet wide-scale distribution and a kind of new technology of growing up.The purpose of DRM technology is the copyright of protection digital content, improves pirate technical threshold and cost technically, guarantees to have only the user who buys copyright enjoying digital content in accordance with under the condition of copyright rule.
Fig. 1 is a synoptic diagram of realizing encryption and decryption when the DRM system adopts opening architecture in the prior art.Fig. 2 is a process flow diagram of realizing encryption and decryption when the DRM system adopts opening architecture in the prior art.Referring to Fig. 1 and Fig. 2, in the prior art, when DRM system (comprising contents decryption system and copyright management system) adopted opening architecture, the process of digital program being carried out encryption and decryption may further comprise the steps:
Step 201: after receiving the digital program that content source sends, content encryption system produces contents encryption key (CEK), and uses this CEK and the cryptographic algorithm of preserving in self is encrypted digital program.
Step 202: content encryption system is sent to copyright management system with the CEK that is produced and preserves.
Step 203: after copyright management system receives the authority request of terminal, CEK is encrypted, and the CEK after will encrypting is carried at and is sent to terminal in the right objects according to the certificate of preserving in self.
Step 204: terminal is to content service system request digital program, and this content service system is to content encryption system request digital program.
Step 205: the digital program after content encryption system will be encrypted is sent to content service system, and the digital program after content service system will be encrypted is sent to dissimilar terminals.
Here, described different types of terminals is meant the different terminals that different manufacturers is produced, or the terminal of the different editions of same manufacturer production.
Step 206: all types of terminals is decrypted the CEK in the right objects according to the certificate of preserving in self, utilizes CEK and the decipherment algorithm in self after deciphering that the digital program after encrypting is decrypted then, obtains original digital program.
Referring to Fig. 1 and Fig. 2, when the DRM system adopts opening architecture, the decipherment algorithm that uses when cryptographic algorithm of using when content encryption system is encrypted digital program and terminal are deciphered digital program is disclosed algorithm, that is to say that the terminal of any one DRM system and any one type all can obtain and the respective algorithms when using encryption and decryption when following architecture shown in Figure 1.And the security of DRM system is based on the security of cryptographic algorithm, uses disclosed cryptographic algorithm to be easy to cause digital program to be stolen, and has greatly reduced the security of encrypting.For terminal, use disclosed decipherment algorithm also to be easy to make the disabled user steal digital program, thereby greatly reduced the security of deciphering by terminal.
Fig. 3 is a synoptic diagram of realizing encryption and decryption when the DRM system adopts the closed system structure in the prior art.Referring to Fig. 3, in the prior art, when the DRM system adopts the closed system structure, the process of digital program being carried out encryption and decryption mainly comprises: content source is sent to digital program respectively in the sub-DRM system corresponding to the different terminals type, adopt cryptographic algorithm separately that digital program is encrypted respectively corresponding to the sub-DRM of each of different terminals type system, and the digital program after will encrypting respectively the content service system by separately be sent to separately corresponding to dissimilar terminals, each finally decrypts digital program according to separately decipherment algorithm respectively corresponding to dissimilar terminals.
Referring to Fig. 3, when the DRM system adopts the closed system structure, because terminal at each type, the DRM system and the content service system that all have a kind of correspondence, like this, the interface of its use also is respectively at the interface of terminal type separately, rather than general interface, accordingly, the dissimilar terminals and the server of system side also are the equipment of private type, therefore, greatly reduced the versatility of system, for integrated, the maintenance of equipment in the system and upgrading etc. bring great difficulty.
Summary of the invention
In view of this, fundamental purpose of the present invention is to provide a kind of digital content is carried out method of encrypting and system, thereby improve security to encrypt digital content, another object of the present invention is to provide a kind of method and system that digital content is carried out encryption and decryption, thereby improve security encrypt digital content and deciphering.
In order to achieve the above object, technical scheme of the present invention is achieved in that
A kind of digital content is carried out method of encrypting, this method comprises: the cryptographic algorithm of different types of terminals is kept in the different cryptographic algorithm plug-in units, and this method also comprises:
A, encryption triggering system are sent to the cryptographic algorithm plug-in unit with digital content;
B, cryptographic algorithm plug-in unit utilize the cryptographic algorithm of preserving in self that the digital content that receives is encrypted, and the digital content after will encrypting is sent to the encryption triggering system.
Described encryption triggering system is: content encryption system, or copyright management system, or this both combination.
Described encryption triggering system is a content encryption system;
Described digital content is a digital program;
Described cryptographic algorithm is the cryptographic algorithm at digital program.
Content encryption system is carried out described steps A when the original digital program that receives that content source sends;
Described steps A comprises: content encryption system is sent to each coupled cryptographic algorithm plug-in unit with digital program;
In step B, carry out the step of described encryption and transmission respectively by described each cryptographic algorithm plug-in unit.
This method further comprises: according to the cryptographic algorithm of preserving in the cryptographic algorithm plug-in unit, set up first corresponding relation of each cryptographic algorithm plug-in unit sign and terminal type;
Further comprise after step B: content encryption system receives the digital program request of carrying this terminal type information that one type terminal is sent; Content encryption system is according to first corresponding relation of being set up, from each cryptographic algorithm plug-in unit sign that each cryptographic algorithm plug-in unit is sent, obtain with the digital program request in the corresponding cryptographic algorithm plug-in unit sign of terminal type of carrying; Content encryption system is by content service system, will have the terminal that digital program after that the cryptographic algorithm plug-in unit of the institute's cryptographic algorithm plug-in unit that obtains sign is sent, the encryption is sent to corresponding types.
This method further comprises: according to the cryptographic algorithm of preserving in the cryptographic algorithm plug-in unit, set up first corresponding relation of each cryptographic algorithm plug-in unit sign and terminal type;
Content encryption system receive one type terminal by content service system send carry the digital program request of this terminal type information the time, carry out described steps A;
Described steps A comprises: content encryption system is according to the terminal type information of carrying in the received digital program request, and first corresponding relation of being set up, and the digital program that content source is sent is sent to corresponding cryptographic algorithm plug-in unit;
In step B, carry out the step of described encryption and transmission by this corresponding cryptographic algorithm plug-in unit.
Further comprise after step B: content encryption system is according to the sign of received cryptographic algorithm plug-in unit and first corresponding relation of being set up, and is sent to the terminal of corresponding types by the digital content of content service system after with received encryption.
In step B, the step of described encryption comprises: the cryptographic algorithm plug-in unit produces contents encryption key; The cryptographic algorithm plug-in unit uses contents encryption key that is produced and the cryptographic algorithm at digital program of preserving in self that the digital program that receives is encrypted.
Described step B further comprises: the cryptographic algorithm plug-in unit is sent to content encryption system with self identification and the contents encryption key that is produced;
Further comprise after step B: content encryption system is set up contents encryption key and is sent second corresponding relation between the sign of cryptographic algorithm plug-in unit of this contents encryption key, and this second corresponding relation is sent to copyright management system; Copyright management system receives the copyright request of carrying this terminal type information that one type terminal is sent, according to entrained terminal type information in first corresponding relation of cryptographic algorithm plug-in unit sign and terminal type and the copyright request, in described first corresponding relation, search with the copyright request in the entrained corresponding cryptographic algorithm plug-in unit sign of terminal type; Copyright management system is carried at the terminal that is sent to corresponding types in the right objects with the corresponding contents encryption key of finding cryptographic algorithm plug-in unit sign; The digital program of the terminal of described corresponding types after according to the encryption of content encryption system being sent at the contents encryption key that carries in the decipherment algorithm of digital program and the right objects of preserving in self is decrypted.
This method further comprises: according to the cryptographic algorithm of preserving in the cryptographic algorithm plug-in unit, set up first corresponding relation of each cryptographic algorithm plug-in unit sign and terminal type;
Described encryption triggering system is a copyright management system;
Further comprised before steps A: copyright management system receives the digital content of carried terminal type information and obtains request;
Described steps A comprises: copyright management system obtains terminal type information of carrying in the request and first corresponding relation of being set up according to digital content, and digital content is sent to corresponding cryptographic algorithm plug-in unit.
In step B, described cryptographic algorithm plug-in unit is the cryptographic algorithm plug connector that receives the described correspondence of digital content.
Described step B further comprises: described cryptographic algorithm plug-in unit is sent to copyright management system with self identification;
Further comprise after step B: copyright management system is according to the sign of received cryptographic algorithm plug-in unit and first corresponding relation of being set up, and the digital content after the encryption that the cryptographic algorithm plug-in unit is sent is sent to the terminal of corresponding types; The terminal of described corresponding types is according to being decrypted at the decipherment algorithm of this digital content digital content after to the encryption that receives of preserving in self.
Described digital content is a certificate; Described cryptographic algorithm is the cryptographic algorithm at certificate.
Described digital content is a right objects; Described cryptographic algorithm is the cryptographic algorithm at right objects.
Described encryption triggering system is the combination of content encryption system and copyright management system;
Described steps A comprises: content encryption system is sent to the cryptographic algorithm plug-in unit with digital program, and copyright management system is sent to the cryptographic algorithm plug-in unit with certificate or right objects;
Described step B comprises: the cryptographic algorithm plug-in unit utilizes the cryptographic algorithm at digital program of preserving in self that the digital program that receives is encrypted, and the digital program after will encrypting is sent to content encryption system; The cryptographic algorithm plug-in unit utilizes the cryptographic algorithm at certificate or right objects of preserving in self that the certificate or the right objects that receive are encrypted, and the certificate after will encrypting or right objects are sent to copyright management system.
Described each cryptographic algorithm plug-in unit links to each other with encryption triggering system in the system for numeral copyright management by disclosed interface.
A kind of method of digital content being carried out encryption and decryption, the cryptographic algorithm of different types of terminals is kept in the different cryptographic algorithm plug-in units, and, set up the corresponding relation of each cryptographic algorithm plug-in unit sign and terminal type according to the cryptographic algorithm of preserving in the cryptographic algorithm plug-in unit, this method also comprises:
A, encryption triggering system are sent to the cryptographic algorithm plug-in unit with digital content;
B, cryptographic algorithm plug-in unit utilize the cryptographic algorithm of preserving in self that the digital content that receives is encrypted, and the digital content after self identification and the encryption is sent to the encryption triggering system;
C, encryption triggering system are sent to the digital content after encrypting the terminal of corresponding types according to the sign of the cryptographic algorithm plug-in unit that receives and the corresponding relation of being set up;
The terminal of d, described corresponding types is decrypted according to the digital content of the decipherment algorithm of preserving in self after to the encryption that receives.
Described encryption triggering system is a content encryption system;
Described digital content is a digital program;
Described cryptographic algorithm is the cryptographic algorithm at digital program;
Described decipherment algorithm is the decipherment algorithm at digital program.
Described encryption triggering system is a copyright management system;
Described digital content is a certificate;
Described cryptographic algorithm is the cryptographic algorithm at certificate;
Described decipherment algorithm is the decipherment algorithm at certificate.
Described encryption triggering system is a copyright management system;
Described digital content is a right objects;
Described cryptographic algorithm is the cryptographic algorithm at right objects;
Described decipherment algorithm is the decipherment algorithm at right objects.
Described encryption triggering system is content encryption system and copyright management system;
Described step a comprises: content encryption system is sent to the cryptographic algorithm plug-in unit with digital program, and copyright management system is sent to the cryptographic algorithm plug-in unit with certificate or right objects;
Described step b comprises: the cryptographic algorithm plug-in unit utilizes the cryptographic algorithm at digital program of preserving in self that the digital program that receives is encrypted, and the digital program after self identification and the encryption is sent to content encryption system; The cryptographic algorithm plug-in unit utilizes the cryptographic algorithm at certificate or right objects of preserving in self that the certificate or the right objects that receive are encrypted, and certificate or right objects after self identification and the encryption are sent to copyright management system;
Described step c comprises: content encryption system is according to the sign of the cryptographic algorithm plug-in unit that receives and the corresponding relation of being set up, digital program after encrypting is sent to the terminal of corresponding types, copyright management system is according to the sign of the cryptographic algorithm plug-in unit that receives and the corresponding relation of being set up, the terminal that the certificate after encrypting or right objects are sent to corresponding types;
Described steps d comprises: the terminal of described corresponding types is decrypted certificate or right objects according to the decipherment algorithm of preserving in self at certificate or right objects, according to being decrypted at the decipherment algorithm of the digital program digital program after to the encryption that receives of preserving in self.
A kind of system that digital content is encrypted, this system comprises: the encryption triggering system in the system for numeral copyright management and more than one cryptographic algorithm plug-in unit, wherein,
Encrypt triggering system, be used to preserve the corresponding relation of cryptographic algorithm plug-in unit sign and terminal type, digital content is sent to the cryptographic algorithm plug-in unit, and receive this cryptographic algorithm plug-in unit sign that the cryptographic algorithm plug-in unit sends and encrypt after digital content after, according to the corresponding relation of being preserved, the digital content after this encryption is sent to the terminal of outside corresponding types;
Any one cryptographic algorithm plug-in unit, be used to preserve the cryptographic algorithm of self institute's corresponding types terminal, and receive encrypt the digital content that triggering system sends after, according to this cryptographic algorithm of being preserved in self digital content that receives is encrypted, and the digital content after self identification and the encryption is sent to the encryption triggering system.
Described encryption triggering system is a content encryption system, be used for digital program is sent to the cryptographic algorithm plug-in unit, and the digital program after the encryption that will receive is sent to the terminal of outside corresponding types;
Described cryptographic algorithm plug-in unit is used for basis and at the cryptographic algorithm of digital program the digital program that receives is encrypted, and the digital program after will encrypting is sent to content encryption system.
Described encryption triggering system is a copyright management system, be used for certificate or right objects are sent to the cryptographic algorithm plug-in unit, and the certificate after the encryption that will receive or right objects is sent to the terminal of outside corresponding types;
Described cryptographic algorithm plug-in unit is used for according at the cryptographic algorithm of certificate or right objects the certificate or the right objects that receive being encrypted, and the certificate after will encrypting or right objects are delivered to copyright management system.
Described encryption triggering system is content encryption system and copyright management system,
Described content encryption system be used for digital program is sent to the cryptographic algorithm plug-in unit, and the digital program after the encryption that will receive is sent to the terminal of outside corresponding types;
Described copyright management system is used for certificate or right objects are sent to the cryptographic algorithm plug-in unit, and the certificate after the encryption that will receive or right objects are sent to the terminal of outside corresponding types;
Described cryptographic algorithm plug-in unit, be used for according to the digital program that receives being encrypted at the cryptographic algorithm of digital program, and the certificate or the right objects that receive are encrypted according to cryptographic algorithm at certificate or right objects, and the digital program after will encrypting is sent to content encryption system, and certificate or right objects after encrypting are delivered to copyright management system.
Described any one cryptographic algorithm plug-in unit links to each other with encryption triggering system in the described system for numeral copyright management by disclosed interface.
A kind of system that digital content is carried out encryption and decryption, this system comprises: the encryption triggering system in the system for numeral copyright management, more than one cryptographic algorithm plug-in unit and dissimilar terminals, wherein,
Encrypt triggering system, be used to preserve the corresponding relation of cryptographic algorithm plug-in unit sign and terminal type, digital content is sent to the cryptographic algorithm plug-in unit, and receive this cryptographic algorithm plug-in unit sign that the cryptographic algorithm plug-in unit sends and encrypt after digital content after, according to the corresponding relation of being preserved, the digital content after this encryption is sent to the terminal of corresponding types;
Any one cryptographic algorithm plug-in unit, be used to preserve the cryptographic algorithm of self institute's corresponding types terminal, and receive encrypt the digital content that triggering system sends after, according to the cryptographic algorithm of being preserved in self digital content that receives is encrypted, and the digital content after self identification and the encryption is sent to the encryption triggering system;
The terminal of any one type is used to preserve the decipherment algorithm of the type terminal, during digital content after receiving encryption, according to the decipherment algorithm of self preserving the digital content after encrypting is decrypted.
Encryption triggering system in the described system for numeral copyright management links to each other by the terminal of disclosed interface with described any one cryptographic algorithm plug-in unit and any one type respectively.
This system further comprises: content service system;
Described encryption triggering system is a content encryption system, and this content encryption system is used for according to the corresponding relation of being preserved, and the terminal iidentification of corresponding types is carried in the digital program after the encryption is sent to content service system;
Content service system, the digital program after the terminal iidentification that is used for the corresponding types of carrying according to digital program will be encrypted is sent to the terminal of corresponding types;
The terminal of any one type, what be used for preserving according to self is decrypted at the decipherment algorithm of the digital program digital program after to the encryption that receives.
This system further comprises: content service system;
Described encryption triggering system is content encryption system and copyright management system,
Content encryption system is used for according to the corresponding relation of being preserved, and the terminal iidentification of corresponding types is carried in the digital program after the encryption is sent to content service system;
Content service system, the digital program after the terminal iidentification that is used for the corresponding types of carrying according to digital program will be encrypted is sent to the terminal of corresponding types;
Copyright management system is used for the terminal that the certificate after encrypting or right objects are sent to corresponding types;
The terminal of any one type, what be used for preserving according to self is decrypted at the decipherment algorithm of the digital program digital program after to the encryption that receives, and according to being decrypted at the decipherment algorithm of certificate or right objects certificate or the right objects after to the encryption that receives.
Described encryption triggering system is a copyright management system, and this copyright management system is used for terminal that the certificate after encrypting or right objects are sent to corresponding types;
The terminal of any one type, what be used for preserving according to self is decrypted at the decipherment algorithm of certificate or right objects certificate or the right objects after to the encryption that receives.
This shows, in the present invention, be provided with different cryptographic algorithm plug-in units corresponding to different types of terminals, in the terminal of each type, preserve the decipherment algorithm of the type, and in the cryptographic algorithm plug-in unit of corresponding the type terminal, preserve the cryptographic algorithm of the type, like this, ciphering process only needs to be finished by the cryptographic algorithm plug-in unit, and need not to finish by the DRM system, because cryptographic algorithm and decipherment algorithm are the privately owned algorithm of all types of terminals, and ciphering process is also finished in all types of privately owned equipment, therefore, has improved the security of encryption and decryption process greatly.
Further, in the present invention, content encryption system in cryptographic algorithm plug-in unit, content service system and the DRM system of all types of terminals and correspondence thereof can all link to each other by open interface with copyright management system, like this, the terminal of any one DRM system, content service system and any one type all can realize the encryption and decryption process to digital content when following architecture of the present invention, therefore, improved the versatility of system greatly, for integrated, the maintenance of equipment in the system and upgrading etc. bring great convenience.
Description of drawings
Fig. 1 is a synoptic diagram of realizing encryption and decryption when the DRM system adopts opening architecture in the prior art.
Fig. 2 is a process flow diagram of realizing encryption and decryption when the DRM system adopts opening architecture in the prior art.
Fig. 3 is a synoptic diagram of realizing encryption and decryption when the DRM system adopts the closed system structure in the prior art.
Fig. 4 is a basic structure synoptic diagram of realizing system that digital content is encrypted in the present invention.
Fig. 5 A is a structural representation of realizing system that digital content is encrypted in the present invention when encrypting triggering system for content encryption system.
Fig. 5 B is a structural representation of realizing system that digital content is encrypted in the present invention when encrypting triggering system for copyright management system.
Fig. 5 C is in the present invention when encrypting the structural representation of realizing system that digital content is encrypted when triggering system is content encryption system and copyright management system.
Fig. 6 A is a structural representation of realizing digital content is carried out the system of encryption and decryption in the present invention when encrypting triggering system for content encryption system.
Fig. 6 B is a structural representation of realizing digital content is carried out the system of encryption and decryption in the present invention when encrypting triggering system for copyright management system.
Fig. 6 C is in the present invention when encrypting the structural representation of realizing digital content is carried out the system of encryption and decryption when triggering system is content encryption system and copyright management system.
Fig. 7 is a process flow diagram of realizing embodiments of the invention 1.
Fig. 8 is a process flow diagram of realizing embodiments of the invention 2.
Fig. 9 is a process flow diagram of realizing embodiments of the invention 3.
Embodiment
In order when improving security, to increase the versatility of system, the present invention proposes and a kind of digital content is carried out method of encrypting, its core concept is: the cryptographic algorithm of different types of terminals is kept in the different cryptographic algorithm plug-in units, and according to the cryptographic algorithm of preserving in the cryptographic algorithm plug-in unit, set up the corresponding relation of each cryptographic algorithm plug-in unit sign and terminal type, and each cryptographic algorithm plug-in unit is linked to each other with the encryption triggering system; Encrypt triggering system digital content is sent to the cryptographic algorithm plug-in unit; The cryptographic algorithm plug-in unit utilizes the cryptographic algorithm of preserving in self that the digital content that receives is encrypted, and the digital content after self identification and the encryption is sent to the encryption triggering system; Encrypt triggering system according to the sign of the cryptographic algorithm plug-in unit that receives and the corresponding relation of being set up, the digital content after encrypting is sent to the terminal of corresponding types.
The present invention has correspondingly also proposed a kind of method that digital content is carried out encryption and decryption, after the processing of digital content being encrypted according to the invention described above, receives the terminal of encrypting the back digital content and is decrypted according to the decipherment algorithm of preserving in self.
Fig. 4 is a basic structure synoptic diagram of realizing system that digital content is encrypted in the present invention.Referring to Fig. 4, this system comprises: the encryption triggering system in the DRM system and more than one cryptographic algorithm plug-in unit, wherein,
Encryption triggering system in the DRM system, be used to preserve the corresponding relation of cryptographic algorithm plug-in unit sign and terminal type, digital content is sent to the cryptographic algorithm plug-in unit, and receive this cryptographic algorithm plug-in unit sign that the cryptographic algorithm plug-in unit sends and encrypt after digital content after, according to the corresponding relation of being preserved, the digital content after this encryption is sent to the terminal of outside corresponding types;
Any one cryptographic algorithm plug-in unit, be used to preserve the cryptographic algorithm of self institute's corresponding types terminal, and receive encrypt the digital content that triggering system sends after, according to the cryptographic algorithm of being preserved in self digital content that receives is encrypted, and the digital content after self identification and the encryption is sent to the encryption triggering system.
Based on the system that digital content is encrypted shown in Fig. 5 A to Fig. 5 C, the present invention has correspondingly proposed the system that digital content is carried out encryption and decryption shown in Fig. 6 A to Fig. 6 C, realize digital content is carried out in the system of encryption and decryption in the present invention, the terminal of any one type is used to preserve the decipherment algorithm of the type terminal, and during the digital content after receiving encryption, the digital content after encrypting is decrypted according to the decipherment algorithm of self preserving.
Referring to Fig. 5 A and Fig. 6 A, the encryption triggering system in the system of the present invention can be the content encryption system in the DRM system, and at this moment, described digital content is the original digital program that content source is issued content encryption system.Referring to Fig. 5 B and Fig. 6 B, the encryption triggering system in the system of the present invention can be the copyright management system in the DRM system, and at this moment, described digital content is right objects and/or certificate.Referring to Fig. 5 C and Fig. 6 C, encryption triggering system in the system of the present invention can be content encryption system and the copyright management system in the DRM system simultaneously, at this moment, described digital content is the original digital program that content source is issued content encryption system, and right objects and/or certificate.
Referring to Fig. 6 A and Fig. 6 C, realize digital content is carried out in the system of encryption and decryption in the present invention, when encrypting triggering system when comprising content encryption system, this realization carries out digital content further comprising content service system in the system of encryption and decryption, wherein,
This content encryption system is according to the corresponding relation of being preserved, the terminal iidentification of corresponding types is carried in the digital program after the encryption is sent to content service system, the digital program after this content service system will be encrypted according to the terminal iidentification of the corresponding types of carrying in the digital program is sent to the terminal of corresponding types.
For making the purpose, technical solutions and advantages of the present invention clearer, the present invention is described in further detail below in conjunction with drawings and the specific embodiments.
Embodiment 1:
Fig. 7 is a process flow diagram of digital program being realized encryption and decryption in embodiments of the present invention when the encryption triggering system is content encryption system.Referring to Fig. 5 A, Fig. 6 A and Fig. 7, in the present embodiment, to encrypt triggering system is that content encryption system in the DRM system is an example, at this moment, described digital content is the original digital program that content source is issued content encryption system, like this, the present invention realizes that to digital program the process of encryption and decryption specifically may further comprise the steps:
Step 701: the cryptographic algorithm at digital program with different types of terminals is kept in the different cryptographic algorithm plug-in units in advance, and sets up the corresponding relation of each cryptographic algorithm plug-in unit sign and terminal type.
Here, such as, there is 5 types terminal, first kind terminal to the five Terminal Types, preserve decipherment algorithm 1 in the first kind terminal at digital program, preserve decipherment algorithm 2 in second Terminal Type at digital program, the rest may be inferred, in the 5th Terminal Type, preserve decipherment algorithm 5 at digital program, and at the decipherment algorithm 1 of digital program to the corresponding respectively cryptographic algorithm 1 at digital program of decipherment algorithm 5 to cryptographic algorithm 5, so, in this step, then according to the cryptographic algorithm at digital program of preserving in the cryptographic algorithm plug-in unit, the corresponding relation at cryptographic algorithm plug-in unit sign with the different terminals type of the different cryptographic algorithm of digital program is preserved in foundation.Such as, cryptographic algorithm plug-in unit 1 is preserved cryptographic algorithm 1 at digital program to the cryptographic algorithm plug-in unit 5 respectively to cryptographic algorithm 5, like this, then set up the sign of cryptographic algorithm plug-in unit 1 and the corresponding relation of first kind terminal type, set up the corresponding relation of the sign and the second Terminal Type type of cryptographic algorithm plug-in unit 2, the rest may be inferred, until the corresponding relation of the sign of setting up cryptographic algorithm plug-in unit 5 and the 5th Terminal Type type.
Step 702: described each cryptographic algorithm plug-in unit is linked to each other with content encryption system in the DRM system.
Here, each cryptographic algorithm plug-in unit links to each other with content encryption system by disclosed interface.
Step 703: the original digital program that content encryption system is sent content source is sent to the cryptographic algorithm plug-in unit.
Here, the specific implementation process of this step comprises following dual mode:
Mode one, content encryption system are carried out the process of this step immediately when the original digital program that receives that content source sends.At this moment, content encryption system is that received original digital program is sent to each coupled cryptographic algorithm plug-in unit respectively.
Mode two, content encryption system are when the original digital program that receives that content source sends, at first do not carry out the process of this step, but after the digital program request of carrying this terminal type information that the terminal that receives a type is sent by content service system, carry out the process of this step, at this moment, in this step, content encryption system is that the digital program that content source is sent is sent to corresponding cryptographic algorithm plug-in unit according to the terminal type information of carrying in the digital program request and the cryptographic algorithm plug-in unit sign that sets in advance and the corresponding relation of terminal type.
Such as, first kind terminal is sent to content encryption system by the digital program request that content service system will carry self type identification, in the sign of first kind terminal and the corresponding relation that sets in advance, the sign of cryptographic algorithm plug-in unit 1 is corresponding with first kind terminal, and the digital program that content encryption system is then sent content source is sent to cryptographic algorithm plug-in unit 1.
Step 704: the cryptographic algorithm plug-in unit that receives the original figure program produces CEK, and uses CEK that is produced and the cryptographic algorithm at digital program of preserving in self that received original digital program is encrypted.
Here, if step 703 employing mode one realize, then in this step, be to carry out the generation CEK described in this step respectively and carry out encrypted process by each cryptographic algorithm plug-in unit.If step 703 employing mode two realizes, then in this step, is the cryptographic algorithm plug-in unit by correspondence, carry out the generation CEK described in this step and carry out encrypted process such as above-mentioned cryptographic algorithm plug-in unit 1.
Step 705: the cryptographic algorithm plug-in unit is sent to content encryption system with self identification, the CEK that is produced with in the digital program after encrypting.
Here, if step 703 employing mode one realizes, then in this step, is the process of being carried out the transmission described in this step by each cryptographic algorithm plug-in unit respectively, that is to say that content encryption system receives the many parts of digital programs after different cryptographic algorithm plug-in unit sign, CEK and the encryptions.
If step 703 employing mode two realizes, then in this step, it is cryptographic algorithm plug-in unit by correspondence, carry out the process of transmitting described in this step such as above-mentioned cryptographic algorithm plug-in unit 1, that is to say that content encryption system receives the digital program after a cryptographic algorithm plug-in unit sign, CEK and the encryption.
Step 706: content encryption system is set up received CEK and is sent corresponding relation between the sign of cryptographic algorithm plug-in unit of this CEK.
Step 707: content encryption system is sent to copyright management system with the corresponding relation between the sign of the CEK that set up and cryptographic algorithm plug-in unit.
Need to prove that no matter employing mode one still is that mode two realizes in above-mentioned steps 703, the process of above-mentioned steps 706 and step 707 all is suitable for.
Step 708: copyright management system receives the copyright request of carrying this terminal type information that one type terminal is sent.
Step 709: copyright management system is according to entrained terminal type information in the corresponding relation of cryptographic algorithm plug-in unit sign and terminal type and the copyright request, search in the corresponding relation between the sign of CEK and cryptographic algorithm plug-in unit with the copyright request in the corresponding cryptographic algorithm plug-in unit of entrained terminal type identify.
Step 710: copyright management system uses certificate that the corresponding CEK of finding cryptographic algorithm plug-in unit sign is encrypted, and the CEK after will encrypting is carried at the terminal that is sent to corresponding types in the right objects.
Step 711: this terminal utilizes the certificate of self preserving that the CEK after encrypting is decrypted.
Step 712: content encryption system is according to the sign of received cryptographic algorithm plug-in unit and the corresponding relation of being set up, and is sent to the terminal of corresponding types by the digital content of content service system after with received encryption.
Here, if step 703 employing mode one realizes, then content encryption system receive that one type terminal sends carry the digital program request of this terminal type information the time, carry out the process of this step, and, the specific implementation process of this step comprises: content encryption system is according to the corresponding relation of the cryptographic algorithm plug-in unit sign of setting up in advance with terminal type, from each cryptographic algorithm plug-in unit sign that each cryptographic algorithm plug-in unit is sent, obtain with the digital program request in the corresponding cryptographic algorithm plug-in unit sign of terminal type of carrying; With the terminal type information of carrying in the digital program request be carried at have in the digital program after the encryption of being sent of the cryptographic algorithm plug-in unit of the cryptographic algorithm plug-in unit that obtains sign, and be sent to content service system; Digital program after this content service system will be encrypted according to the end message of the corresponding types of carrying in the digital program that receives is sent to the terminal of corresponding types.
If step 703 employing mode two realizes, when then content encryption system can be a digital program after receiving the encryption that the cryptographic algorithm plug-in unit sends, carry out the process of this step, and, the specific implementation process of this step comprises: content encryption system is carried at the terminal type information of carrying in the digital program request in the digital program after the encryption that the cryptographic algorithm plug-in unit sent, and is sent to content service system; Digital program after this content service system will be encrypted according to the end message of the corresponding types of carrying in the digital program that receives is sent to the terminal of corresponding types.
Step 713: receive the terminal of encrypting the back digital program and use CEK after the deciphering and the decipherment algorithm of preserving in self that the digital program after encrypting is decrypted, obtain original digital program at digital program.
Embodiment 2:
Fig. 8 is a process flow diagram of certificate being realized encryption and decryption in embodiments of the present invention when the encryption triggering system is copyright management system.Referring to Fig. 5 B, Fig. 6 B and Fig. 8, in the present embodiment, be copyright management system in the DRM system, and described digital content is that certificate is an example to encrypt triggering system, the present invention realizes that to digital content the process of encryption and decryption specifically may further comprise the steps:
Step 801: the cryptographic algorithm at certificate with different types of terminals is kept in the different cryptographic algorithm plug-in units in advance, and sets up the corresponding relation of each cryptographic algorithm plug-in unit sign and terminal type.
Here, such as, there is 5 types terminal, first kind terminal to the five Terminal Types, preserve decipherment algorithm A in the first kind terminal at certificate, preserve decipherment algorithm B in second Terminal Type at certificate, the rest may be inferred, in the 5th Terminal Type, preserve decipherment algorithm E at certificate, and at the decipherment algorithm A of certificate to the corresponding respectively cryptographic algorithm A at certificate of decipherment algorithm E to cryptographic algorithm E, so, in this step, then, set up the corresponding relation of different cryptographic algorithm plug-in unit signs and different terminals type according to the cryptographic algorithm at certificate of preserving in the cryptographic algorithm plug-in unit.Such as, cryptographic algorithm plug-in unit 1 is preserved cryptographic algorithm A at certificate to the cryptographic algorithm plug-in unit 5 respectively to cryptographic algorithm E, like this, then set up the sign of cryptographic algorithm plug-in unit 1 and the corresponding relation of first kind terminal type, set up the corresponding relation of the sign and the second Terminal Type type of cryptographic algorithm plug-in unit 2, the rest may be inferred, until the corresponding relation of the sign of setting up cryptographic algorithm plug-in unit 5 and the 5th Terminal Type type.
Step 802: described each cryptographic algorithm plug-in unit is linked to each other with copyright management system in the DRM system.
Here, each set cryptographic algorithm plug-in unit links to each other with copyright management system by disclosed interface.
Step 803: the certificate acquisition request that copyright management system receives that one type terminal sends carries self type information.
Step 804: copyright management system is sent to corresponding cryptographic algorithm plug-in unit according to the terminal type in the received certificate acquisition request and the cryptographic algorithm plug-in unit sign that sets in advance and the corresponding relation of terminal type with certificate.
Such as, the certificate acquisition request that first kind terminal will be carried self type identification is sent to copyright management system, in the sign of first kind terminal and the corresponding relation that sets in advance, the sign of cryptographic algorithm plug-in unit 1 is corresponding with first kind terminal, and copyright management system then is sent to certificate cryptographic algorithm plug-in unit 1.
Step 805: the cryptographic algorithm plug-in unit that receives certificate uses the cryptographic algorithm at certificate of preserving in self that certificate is encrypted, and the certificate after will encrypting is sent to copyright management system.
Step 806: the certificate after copyright management system will be encrypted is sent to the terminal of sending the certificate acquisition request.
Step 807: receive the terminal of encrypting the back certificate and use the decipherment algorithm of preserving in self that the certificate after encrypting is decrypted, obtain the original contents of certificate at certificate.
Embodiment 3:
Fig. 9 is a process flow diagram of right objects being realized encryption and decryption in embodiments of the present invention when the encryption triggering system is copyright management system.Referring to Fig. 5 B, Fig. 6 B and Fig. 9, in the present embodiment, be copyright management system in the DRM system, and described digital content is that right objects is an example to encrypt triggering system, the present invention realizes that to right objects the process of encryption and decryption specifically may further comprise the steps:
Step 901: the cryptographic algorithm at right objects with different types of terminals is kept in the different cryptographic algorithm plug-in units in advance, and sets up the corresponding relation of each cryptographic algorithm plug-in unit sign and terminal type.
Here, such as, there is 5 types terminal, first kind terminal to the five Terminal Types, preserve decipherment algorithm A ' in the first kind terminal at right objects, preserve decipherment algorithm B ' in second Terminal Type at right objects, the rest may be inferred, in the 5th Terminal Type, preserve decipherment algorithm E ' at right objects, and at the decipherment algorithm A ' of right objects to the corresponding respectively cryptographic algorithm A ' at right objects of decipherment algorithm E ' to cryptographic algorithm E ', so, in this step, then, set up the corresponding relation of different cryptographic algorithm plug-in unit signs and different terminals type according to the cryptographic algorithm at right objects of preserving in the cryptographic algorithm plug-in unit.Such as, cryptographic algorithm plug-in unit 1 is preserved cryptographic algorithm A ' at right objects to the cryptographic algorithm plug-in unit 5 respectively to cryptographic algorithm E ', like this, then set up the sign of cryptographic algorithm plug-in unit 1 and the corresponding relation of first kind terminal type, set up the corresponding relation of the sign and the second Terminal Type type of cryptographic algorithm plug-in unit 2, the rest may be inferred, until the corresponding relation of the sign of setting up cryptographic algorithm plug-in unit 5 and the 5th Terminal Type type.
Step 902: described each cryptographic algorithm plug-in unit is linked to each other with copyright management system in the DRM system.
Here, each set cryptographic algorithm plug-in unit links to each other with copyright management system by disclosed interface.
Step 903: the copyright request that copyright management system receives that one type terminal sends carries self type information.
Step 904: copyright management system generates right objects.
Here, comprise authority information and the CEK that is obtained in the right objects that copyright management system generated.
Step 905: copyright management system is sent to corresponding cryptographic algorithm plug-in unit according to the terminal type in the received copyright request and the cryptographic algorithm plug-in unit sign that sets in advance and the corresponding relation of terminal type with the right objects that is generated.
Such as, the copyright request that first kind terminal will be carried self type identification is sent to copyright management system, in the sign of first kind terminal and the corresponding relation that sets in advance, the sign of cryptographic algorithm plug-in unit 1 is corresponding with first kind terminal, and copyright management system then is sent to cryptographic algorithm plug-in unit 1 with the right objects that is generated.
Step 906: the cryptographic algorithm plug-in unit that receives right objects uses the cryptographic algorithm at right objects of preserving in self that right objects is encrypted, and the right objects after will encrypting is sent to copyright management system.
Step 907: the right objects after copyright management system will be encrypted is sent to the terminal of sending the copyright request.
Step 908: receive the terminal of encrypting the back right objects and use the decipherment algorithm of preserving in self that the right objects after encrypting is decrypted, obtain the original contents of right objects at right objects.
Above-mentioned 3 embodiment are content encryption system and digital content when being digital program at encrypting triggering system respectively, encrypt triggering system is copyright management system and digital content when being certificate and to encrypt triggering system be copyright management system and digital content when being right objects, and the present invention realizes that the process of encryption and decryption is illustrated.Wherein, described at digital program cryptographic algorithm and decipherment algorithm, at the cryptographic algorithm of certificate and decipherment algorithm and at the cryptographic algorithm and the decipherment algorithm of right objects, can also can be different cryptographic algorithm and decipherment algorithm with decipherment algorithm for identical cryptographic algorithm.
Need to prove, the process of above-mentioned 3 embodiment also can make up in twos, that is to say, in the present invention, encrypt triggering system and can comprise content encryption system and copyright management system simultaneously, at this moment, the present invention can adopt the process of the foregoing description 1 and embodiment 2 to realize to digital program and to the process of the encryption and decryption of certificate; Perhaps, encrypt triggering system and can comprise content encryption system and copyright management system simultaneously, at this moment, the present invention can adopt the process of the foregoing description 1 and embodiment 3 to realize to digital program and to the process of the encryption and decryption of right objects; Perhaps, the encryption triggering system is a copyright management system, and at this moment, the present invention can adopt the process of the foregoing description 2 and embodiment 3 to realize to certificate and to the process of the encryption and decryption of right objects.And the process of above-mentioned 3 embodiment also can make up simultaneously.Referring to Fig. 5 C and Fig. 6 C, when encrypting triggering system when comprising content encryption system and copyright management system simultaneously, the present invention can adopt the process of the foregoing description 1, embodiment 2 and embodiment 3 to realize process to the encryption and decryption of digital program, certificate and right objects simultaneously.
Also need to prove, in the present invention, all link to each other between each related physical entity, that is to say, finish the process of interacting message among the present invention by disclosed interface by disclosed interface.Such as, the cryptographic algorithm plug-in unit links to each other with content encryption system and/or copyright management system by disclosed interface, and content encryption system and/or copyright management system link to each other with the terminal of any one type by disclosed interface etc.
In a word, the above is preferred embodiment of the present invention only, is not to be used to limit protection scope of the present invention.Within the spirit and principles in the present invention all, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (30)
1. one kind is carried out method of encrypting to digital content, it is characterized in that, the cryptographic algorithm of different types of terminals is kept in the different cryptographic algorithm plug-in units, and this method also comprises:
A, encryption triggering system are sent to the cryptographic algorithm plug-in unit with digital content;
B, cryptographic algorithm plug-in unit utilize the cryptographic algorithm of preserving in self that the digital content that receives is encrypted, and the digital content after will encrypting is sent to the encryption triggering system.
2. method according to claim 1 is characterized in that, described encryption triggering system is: content encryption system, or copyright management system, or this both combination.
3. method according to claim 2 is characterized in that, described encryption triggering system is a content encryption system;
Described digital content is a digital program;
Described cryptographic algorithm is the cryptographic algorithm at digital program.
4. method according to claim 3 is characterized in that, content encryption system is carried out described steps A when the original digital program that receives that content source sends;
Described steps A comprises: content encryption system is sent to each coupled cryptographic algorithm plug-in unit with digital program;
In step B, carry out the step of described encryption and transmission respectively by described each cryptographic algorithm plug-in unit.
5. method according to claim 4 is characterized in that, this method further comprises: according to the cryptographic algorithm of preserving in the cryptographic algorithm plug-in unit, set up first corresponding relation of each cryptographic algorithm plug-in unit sign and terminal type;
Further comprise after step B: content encryption system receives the digital program request of carrying this terminal type information that one type terminal is sent; Content encryption system is according to first corresponding relation of being set up, from each cryptographic algorithm plug-in unit sign that each cryptographic algorithm plug-in unit is sent, obtain with the digital program request in the corresponding cryptographic algorithm plug-in unit sign of terminal type of carrying; Content encryption system is by content service system, will have the terminal that digital program after that the cryptographic algorithm plug-in unit of the institute's cryptographic algorithm plug-in unit that obtains sign is sent, the encryption is sent to corresponding types.
6. method according to claim 3 is characterized in that, this method further comprises: according to the cryptographic algorithm of preserving in the cryptographic algorithm plug-in unit, set up first corresponding relation of each cryptographic algorithm plug-in unit sign and terminal type;
Content encryption system receive one type terminal by content service system send carry the digital program request of this terminal type information the time, carry out described steps A;
Described steps A comprises: content encryption system is according to the terminal type information of carrying in the received digital program request, and first corresponding relation of being set up, and the digital program that content source is sent is sent to corresponding cryptographic algorithm plug-in unit;
In step B, carry out the step of described encryption and transmission by this corresponding cryptographic algorithm plug-in unit.
7. method according to claim 6, it is characterized in that, further comprise after step B: content encryption system is according to the sign of received cryptographic algorithm plug-in unit and first corresponding relation of being set up, and is sent to the terminal of corresponding types by the digital content of content service system after with received encryption.
8. method according to claim 3 is characterized in that, in step B, the step of described encryption comprises: the cryptographic algorithm plug-in unit produces contents encryption key; The cryptographic algorithm plug-in unit uses contents encryption key that is produced and the cryptographic algorithm at digital program of preserving in self that the digital program that receives is encrypted.
9. method according to claim 8 is characterized in that, described step B further comprises: the cryptographic algorithm plug-in unit is sent to content encryption system with self identification and the contents encryption key that is produced;
Further comprise after step B: content encryption system is set up contents encryption key and is sent second corresponding relation between the sign of cryptographic algorithm plug-in unit of this contents encryption key, and this second corresponding relation is sent to copyright management system; Copyright management system receives the copyright request of carrying this terminal type information that one type terminal is sent, according to entrained terminal type information in first corresponding relation of cryptographic algorithm plug-in unit sign and terminal type and the copyright request, in described first corresponding relation, search with the copyright request in the entrained corresponding cryptographic algorithm plug-in unit sign of terminal type; Copyright management system is carried at the terminal that is sent to corresponding types in the right objects with the corresponding contents encryption key of finding cryptographic algorithm plug-in unit sign; The digital program of the terminal of described corresponding types after according to the encryption of content encryption system being sent at the contents encryption key that carries in the decipherment algorithm of digital program and the right objects of preserving in self is decrypted.
10. method according to claim 2 is characterized in that, this method further comprises: according to the cryptographic algorithm of preserving in the cryptographic algorithm plug-in unit, set up first corresponding relation of each cryptographic algorithm plug-in unit sign and terminal type;
Described encryption triggering system is a copyright management system;
Further comprised before steps A: copyright management system receives the digital content of carried terminal type information and obtains request;
Described steps A comprises: copyright management system obtains terminal type information of carrying in the request and first corresponding relation of being set up according to digital content, and digital content is sent to corresponding cryptographic algorithm plug-in unit.
In step B, described cryptographic algorithm plug-in unit is the cryptographic algorithm plug connector that receives the described correspondence of digital content.
11. method according to claim 10 is characterized in that,
Described step B further comprises: described cryptographic algorithm plug-in unit is sent to copyright management system with self identification;
Further comprise after step B: copyright management system is according to the sign of received cryptographic algorithm plug-in unit and first corresponding relation of being set up, and the digital content after the encryption that the cryptographic algorithm plug-in unit is sent is sent to the terminal of corresponding types; The terminal of described corresponding types is according to being decrypted at the decipherment algorithm of this digital content digital content after to the encryption that receives of preserving in self.
12., it is characterized in that described digital content is a certificate according to claim 10 or 11 described methods; Described cryptographic algorithm is the cryptographic algorithm at certificate.
13., it is characterized in that described digital content is a right objects according to claim 10 or 11 described methods; Described cryptographic algorithm is the cryptographic algorithm at right objects.
14. method according to claim 2 is characterized in that, described encryption triggering system is the combination of content encryption system and copyright management system;
Described steps A comprises: content encryption system is sent to the cryptographic algorithm plug-in unit with digital program, and copyright management system is sent to the cryptographic algorithm plug-in unit with certificate or right objects;
Described step B comprises: the cryptographic algorithm plug-in unit utilizes the cryptographic algorithm at digital program of preserving in self that the digital program that receives is encrypted, and the digital program after will encrypting is sent to content encryption system; The cryptographic algorithm plug-in unit utilizes the cryptographic algorithm at certificate or right objects of preserving in self that the certificate or the right objects that receive are encrypted, and the certificate after will encrypting or right objects are sent to copyright management system.
15. method according to claim 1 is characterized in that, described each cryptographic algorithm plug-in unit links to each other with encryption triggering system in the system for numeral copyright management by disclosed interface.
16. method of digital content being carried out encryption and decryption, it is characterized in that, the cryptographic algorithm of different types of terminals is kept in the different cryptographic algorithm plug-in units, and according to the cryptographic algorithm of preserving in the cryptographic algorithm plug-in unit, set up the corresponding relation of each cryptographic algorithm plug-in unit sign and terminal type, this method also comprises:
A, encryption triggering system are sent to the cryptographic algorithm plug-in unit with digital content;
B, cryptographic algorithm plug-in unit utilize the cryptographic algorithm of preserving in self that the digital content that receives is encrypted, and the digital content after self identification and the encryption is sent to the encryption triggering system;
C, encryption triggering system are sent to the digital content after encrypting the terminal of corresponding types according to the sign of the cryptographic algorithm plug-in unit that receives and the corresponding relation of being set up;
The terminal of d, described corresponding types is decrypted according to the digital content of the decipherment algorithm of preserving in self after to the encryption that receives.
17. method according to claim 16 is characterized in that, described encryption triggering system is a content encryption system;
Described digital content is a digital program;
Described cryptographic algorithm is the cryptographic algorithm at digital program;
Described decipherment algorithm is the decipherment algorithm at digital program.
18. method according to claim 16 is characterized in that, described encryption triggering system is a copyright management system;
Described digital content is a certificate;
Described cryptographic algorithm is the cryptographic algorithm at certificate;
Described decipherment algorithm is the decipherment algorithm at certificate.
19. method according to claim 16 is characterized in that, described encryption triggering system is a copyright management system;
Described digital content is a right objects;
Described cryptographic algorithm is the cryptographic algorithm at right objects;
Described decipherment algorithm is the decipherment algorithm at right objects.
20. method according to claim 16 is characterized in that, described encryption triggering system is content encryption system and copyright management system;
Described step a comprises: content encryption system is sent to the cryptographic algorithm plug-in unit with digital program, and copyright management system is sent to the cryptographic algorithm plug-in unit with certificate or right objects;
Described step b comprises: the cryptographic algorithm plug-in unit utilizes the cryptographic algorithm at digital program of preserving in self that the digital program that receives is encrypted, and the digital program after self identification and the encryption is sent to content encryption system; The cryptographic algorithm plug-in unit utilizes the cryptographic algorithm at certificate or right objects of preserving in self that the certificate or the right objects that receive are encrypted, and certificate or right objects after self identification and the encryption are sent to copyright management system;
Described step c comprises: content encryption system is according to the sign of the cryptographic algorithm plug-in unit that receives and the corresponding relation of being set up, digital program after encrypting is sent to the terminal of corresponding types, copyright management system is according to the sign of the cryptographic algorithm plug-in unit that receives and the corresponding relation of being set up, the terminal that the certificate after encrypting or right objects are sent to corresponding types;
Described steps d comprises: the terminal of described corresponding types is decrypted certificate or right objects according to the decipherment algorithm of preserving in self at certificate or right objects, according to being decrypted at the decipherment algorithm of the digital program digital program after to the encryption that receives of preserving in self.
21. the system that digital content is encrypted is characterized in that, this system comprises: the encryption triggering system in the system for numeral copyright management and more than one cryptographic algorithm plug-in unit, wherein,
Encrypt triggering system, be used to preserve the corresponding relation of cryptographic algorithm plug-in unit sign and terminal type, digital content is sent to the cryptographic algorithm plug-in unit, and receive this cryptographic algorithm plug-in unit sign that the cryptographic algorithm plug-in unit sends and encrypt after digital content after, according to the corresponding relation of being preserved, the digital content after this encryption is sent to the terminal of outside corresponding types;
Any one cryptographic algorithm plug-in unit, be used to preserve the cryptographic algorithm of self institute's corresponding types terminal, and receive encrypt the digital content that triggering system sends after, according to this cryptographic algorithm of being preserved in self digital content that receives is encrypted, and the digital content after self identification and the encryption is sent to the encryption triggering system.
22. system according to claim 21 is characterized in that, described encryption triggering system is a content encryption system, be used for digital program is sent to the cryptographic algorithm plug-in unit, and the digital program after the encryption that will receive is sent to the terminal of outside corresponding types;
Described cryptographic algorithm plug-in unit is used for basis and at the cryptographic algorithm of digital program the digital program that receives is encrypted, and the digital program after will encrypting is sent to content encryption system.
23. system according to claim 21, it is characterized in that, described encryption triggering system is a copyright management system, be used for certificate or right objects are sent to the cryptographic algorithm plug-in unit, and the certificate after the encryption that will receive or right objects is sent to the terminal of outside corresponding types;
Described cryptographic algorithm plug-in unit is used for according at the cryptographic algorithm of certificate or right objects the certificate or the right objects that receive being encrypted, and the certificate after will encrypting or right objects are delivered to copyright management system.
24. system according to claim 21 is characterized in that, described encryption triggering system is content encryption system and copyright management system,
Described content encryption system be used for digital program is sent to the cryptographic algorithm plug-in unit, and the digital program after the encryption that will receive is sent to the terminal of outside corresponding types;
Described copyright management system is used for certificate or right objects are sent to the cryptographic algorithm plug-in unit, and the certificate after the encryption that will receive or right objects are sent to the terminal of outside corresponding types;
Described cryptographic algorithm plug-in unit, be used for according to the digital program that receives being encrypted at the cryptographic algorithm of digital program, and the certificate or the right objects that receive are encrypted according to cryptographic algorithm at certificate or right objects, and the digital program after will encrypting is sent to content encryption system, and certificate or right objects after encrypting are delivered to copyright management system.
25. system according to claim 21 is characterized in that, described any one cryptographic algorithm plug-in unit links to each other with encryption triggering system in the described system for numeral copyright management by disclosed interface.
26. the system that digital content is carried out encryption and decryption is characterized in that, this system comprises: the encryption triggering system in the system for numeral copyright management, more than one cryptographic algorithm plug-in unit and dissimilar terminals, wherein,
Encrypt triggering system, be used to preserve the corresponding relation of cryptographic algorithm plug-in unit sign and terminal type, digital content is sent to the cryptographic algorithm plug-in unit, and receive this cryptographic algorithm plug-in unit sign that the cryptographic algorithm plug-in unit sends and encrypt after digital content after, according to the corresponding relation of being preserved, the digital content after this encryption is sent to the terminal of corresponding types;
Any one cryptographic algorithm plug-in unit, be used to preserve the cryptographic algorithm of self institute's corresponding types terminal, and receive encrypt the digital content that triggering system sends after, according to the cryptographic algorithm of being preserved in self digital content that receives is encrypted, and the digital content after self identification and the encryption is sent to the encryption triggering system;
The terminal of any one type is used to preserve the decipherment algorithm of the type terminal, during digital content after receiving encryption, according to the decipherment algorithm of self preserving the digital content after encrypting is decrypted.
27. system according to claim 26 is characterized in that, the encryption triggering system in the described system for numeral copyright management links to each other by the terminal of disclosed interface with described any one cryptographic algorithm plug-in unit and any one type respectively.
28. system according to claim 26 is characterized in that, this system further comprises: content service system;
Described encryption triggering system is a content encryption system, and this content encryption system is used for according to the corresponding relation of being preserved, and the terminal iidentification of corresponding types is carried in the digital program after the encryption is sent to content service system;
Content service system, the digital program after the terminal iidentification that is used for the corresponding types of carrying according to digital program will be encrypted is sent to the terminal of corresponding types;
The terminal of any one type, what be used for preserving according to self is decrypted at the decipherment algorithm of the digital program digital program after to the encryption that receives.
29. system according to claim 26 is characterized in that, this system further comprises: content service system;
Described encryption triggering system is content encryption system and copyright management system,
Content encryption system is used for according to the corresponding relation of being preserved, and the terminal iidentification of corresponding types is carried in the digital program after the encryption is sent to content service system;
Content service system, the digital program after the terminal iidentification that is used for the corresponding types of carrying according to digital program will be encrypted is sent to the terminal of corresponding types;
Copyright management system is used for the terminal that the certificate after encrypting or right objects are sent to corresponding types;
The terminal of any one type, what be used for preserving according to self is decrypted at the decipherment algorithm of the digital program digital program after to the encryption that receives, and according to being decrypted at the decipherment algorithm of certificate or right objects certificate or the right objects after to the encryption that receives.
30. system according to claim 26 is characterized in that, described encryption triggering system is a copyright management system, and this copyright management system is used for terminal that the certificate after encrypting or right objects are sent to corresponding types;
The terminal of any one type, what be used for preserving according to self is decrypted at the decipherment algorithm of certificate or right objects certificate or the right objects after to the encryption that receives.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100077244A CN100461199C (en) | 2006-02-14 | 2006-02-14 | Method and device for encrypting and de-encrypting digital content |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100077244A CN100461199C (en) | 2006-02-14 | 2006-02-14 | Method and device for encrypting and de-encrypting digital content |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1858768A CN1858768A (en) | 2006-11-08 |
| CN100461199C true CN100461199C (en) | 2009-02-11 |
Family
ID=37297676
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2006100077244A Expired - Fee Related CN100461199C (en) | 2006-02-14 | 2006-02-14 | Method and device for encrypting and de-encrypting digital content |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100461199C (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102571790B (en) * | 2011-12-31 | 2015-11-25 | 上海聚力传媒技术有限公司 | A kind of method and apparatus of the encrypted transmission for realize target file |
| CN103874060B (en) * | 2012-12-13 | 2019-04-30 | 深圳市中兴微电子技术有限公司 | The method for encryption/decryption and device of data |
| CN105959281B (en) * | 2016-04-29 | 2020-12-22 | 腾讯科技(深圳)有限公司 | File encryption transmission method and device |
| CN108197485B (en) * | 2018-01-29 | 2020-08-18 | 世纪龙信息网络有限责任公司 | Terminal data encryption method and system and terminal data decryption method and system |
| CN108718313A (en) * | 2018-05-31 | 2018-10-30 | 深圳市文鼎创数据科技有限公司 | Application of software data uses method, terminal device and server safely |
| CN109255246A (en) * | 2018-08-14 | 2019-01-22 | 平安普惠企业管理有限公司 | Interface parameters encryption method, device, computer equipment and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030126086A1 (en) * | 2001-12-31 | 2003-07-03 | General Instrument Corporation | Methods and apparatus for digital rights management |
| EP1486850A2 (en) * | 2003-06-06 | 2004-12-15 | Sony Ericsson Mobile Communications AB | Allowing conversion of one digital rights management scheme to another |
| US20050192904A1 (en) * | 2002-09-09 | 2005-09-01 | Candelore Brant L. | Selective encryption with coverage encryption |
| CN1682486A (en) * | 2002-09-09 | 2005-10-12 | 索尼电子有限公司 | Content distribution for multiple digital rights management |
-
2006
- 2006-02-14 CN CNB2006100077244A patent/CN100461199C/en not_active Expired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030126086A1 (en) * | 2001-12-31 | 2003-07-03 | General Instrument Corporation | Methods and apparatus for digital rights management |
| US20050192904A1 (en) * | 2002-09-09 | 2005-09-01 | Candelore Brant L. | Selective encryption with coverage encryption |
| CN1682486A (en) * | 2002-09-09 | 2005-10-12 | 索尼电子有限公司 | Content distribution for multiple digital rights management |
| EP1486850A2 (en) * | 2003-06-06 | 2004-12-15 | Sony Ericsson Mobile Communications AB | Allowing conversion of one digital rights management scheme to another |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1858768A (en) | 2006-11-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101491078B (en) | Method, apparatus and system for secure distribution of content | |
| US8712041B2 (en) | Content protection apparatus and content encryption and decryption apparatus using white-box encryption table | |
| CN109218825B (en) | Video encryption system | |
| CN109151508B (en) | Video encryption method | |
| CN1812416B (en) | Method for managing consumption of digital contents within a client domain and devices implementing this method | |
| CN102333236A (en) | Video content encryption and decryption system | |
| WO2008085917A2 (en) | Token passing technique for media playback devices | |
| US20130275755A1 (en) | Systems, methods and apparatuses for the secure transmission of media content | |
| CN101977190A (en) | Digital content encryption transmission method and server side | |
| CN103237010B (en) | The server end of digital content is cryptographically provided | |
| CN101719205A (en) | Digital copyright management method and system | |
| CN103841469A (en) | Digital film copyright protection method and device | |
| US8699706B2 (en) | Method for generating rights object and device to perform the method, method for transmitting rights object and device to perform the method, and method for receiving rights object and device to perform the method | |
| CN100426718C (en) | A secure transmission method for media content | |
| US8417937B2 (en) | System and method for securely transfering content from set-top box to personal media player | |
| CN100401769C (en) | Method for enciphering and deciphering living-broadcasting flow-medium data | |
| CN100461199C (en) | Method and device for encrypting and de-encrypting digital content | |
| CN100354788C (en) | Digital copyright protection system and method | |
| CN101539977B (en) | Method for protecting computer software | |
| CN112507296B (en) | User login verification method and system based on blockchain | |
| CN107306254B (en) | Digital copyright protection method and system based on double-layer encryption | |
| CN103237011B (en) | Digital content encryption transmission method and server end | |
| WO2018157724A1 (en) | Method for protecting encrypted control word, hardware security module, main chip and terminal | |
| CN105191332B (en) | For the method and apparatus of the embedded watermark in unpressed video data | |
| CN105635759A (en) | Output content protection method and condition receiving module |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090211 |