CN100477785C - CATV signal receiving and processing method - Google Patents
CATV signal receiving and processing method Download PDFInfo
- Publication number
- CN100477785C CN100477785C CNB2004100838941A CN200410083894A CN100477785C CN 100477785 C CN100477785 C CN 100477785C CN B2004100838941 A CNB2004100838941 A CN B2004100838941A CN 200410083894 A CN200410083894 A CN 200410083894A CN 100477785 C CN100477785 C CN 100477785C
- Authority
- CN
- China
- Prior art keywords
- smart card
- top box
- descrambling
- card
- emm
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/45—Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
- H04N21/462—Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
- H04N21/4623—Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/41—Structure of client; Structure of client peripherals
- H04N21/418—External card to be used in combination with the client device, e.g. for conditional access
- H04N21/4181—External card to be used in combination with the client device, e.g. for conditional access for conditional access
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/442—Monitoring of processes or resources, e.g. detecting the failure of a recording device, monitoring the downstream bandwidth, the number of times a movie has been viewed, the storage space available from the internal hard disk
- H04N21/44231—Monitoring of peripheral device or external card, e.g. to detect processing problems in a handheld device or the failure of an external recording device
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/16—Analogue secrecy systems; Analogue subscription systems
- H04N7/162—Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing
- H04N7/163—Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing by receiver means only
Abstract
The invention uses smart card and STB to descramble and decipher the data flow, which comprises: arranging EMM process unit, ECM process unit and descramble unit on the card; A. identifying the STB and card; B. the card finds out EMM according to PID in PSI sent by decoder, deciphers the EMM, and obtains SK; C. the card deciphers the ECM by SK to obtain CW; D. the card descrambles by CW and sends descrambled data to STB; E. the STB sends data to terminal for display. This invention separates the STB and smart card well, accords to CI standard of DVB, improves security, and fit to paying cable TV system.
Description
Technical field
The present invention relates to the communications field, be applied to the pay-TV domain conditional access system.Relate in particular to a kind of employing and on smart card, carry out the method for cable TV signal descrambling, deciphering.
Technical background
Conditional Access (Conditional Access) system is the core technology of carrying out pay TV, the user's (being referred to as to authorize) who guarantees charges paid exactly can receive TV programme and service business that he has subscribed, then can't obtain this kind business to the unpaid expense family.The pay TV Conditional Access is that descrambling and reception control (data and deciphering) are formed by two separate key components, and wherein descrambling, deciphering are undoubtedly an information process very high to security requirement.
Conditional Access (CA) has experienced the development in two generations, and the feature of the first generation is based on equipment, generally is used for analogue system.Many years ago,, analog signal is carried out scrambling, general television set can't be watched, have only the user that descrambler has been installed normally to watch at front end in order to realize effective charge of cable TV.Such system can control the descrambler switch of unique user by the addressing of front end.System can realize full frequency band scrambling and channel scrambling, and technology such as the method for realization normally adopts the video paraphase, horizontal synchronization is overlapping, vertical synchronization is overlapping, the shake of digital random video line can produce loss to signal usually.
Second generation basic principle is to adopt the method for scrambling control word CW encrypted transmission, and user side utilizes the IC-card deciphering.Because what adopt is digital technology, and signal is not had loss, the confidentiality of system, reliability all improve greatly.To the scrambling of transport stream, DVB has standard; Cryptographic algorithm to control word generally adopts RSA and 3DES algorithm; To encryption system, the different system difference is very big, and its technology has two kinds substantially: a kind of is liking that the German system of enlightening is the password circulation system of representative, and another kind is to be that the proprietary algorithm of utilizing of representative is protected with the NDS system.
In first generation conditional access system,, compare easy crack and duplicate because the key code system of system depends on equipment and descrambler.In the second generation, owing to encryption system, key code system are what to separate with equipment, the safety that its relies on IC-card to provide the fail safe of encryption and decryption to come safeguards system has improved and has cracked difficulty.
There are two common weakness in the such scheme that adopts at present; the one, set-top box has been attached the descrambling function; can not well realize the large-scale production of set-top box; another aspect IC-card is monitored with the data flow possibility of the descrambler communication interface that separates, thereby enforcement is reset or the attack of pseudo-card mode.Therefore one aspect of the present invention is from the angle of fail safe, and the method for carrying out cable TV signal descrambling, deciphering on smart card has solved the weakness that the data flow of general intelligence card and descrambler interface can be monitored, prevents that the playback and the pseudo-card that cause thus from attacking.Another benefit is that descrambler is become is universal, is convenient to mass production.
Summary of the invention
Purpose of the present invention proposes a kind of CATV signal receiving and processing method exactly, to strengthen the easily monitored problem of available data fluid capacitance, also solves the problem that set-top box can not finely be accomplished scale production in the prior art simultaneously.
For this reason, the present invention adopts following technical scheme:
A kind of CATV signal receiving and processing method, utilize smart card and set-top box to carry out data flow descrambling, decryption processing, it is characterized in that: Entitlement Management Message (EMM) processing unit, Entitlement Control Message (ECM) processing unit and descrambling unit are set on smart card, when received signal, may further comprise the steps:
Authenticate between A, set-top box and the smart card;
Transmission comes Packet Identifier (PID) in the Program Specific Information (PSI) according to decoding device for B, smart card, finds EMM, and EMM is decrypted processing, obtains business cipher key (SK);
C, smart card utilize SK that ECM is decrypted, controlled word (CW);
D, smart card utilize CW to carry out scramble process by the descrambling unit, and the data flow behind the descrambling is sent to set-top box;
E, the set-top box data flow after with descrambling sends to video terminal and is play.
Described CW produces at random.
Described SK is what set in advance.
Described smart card is by carrying out data interaction between USB interface and the set-top box.
Described steps A is the two-way authentication of carrying out between set-top box and the smart card.
Described method is to specify authentication in advance between set-top box and smart card, authenticates by the corresponding relation between certificate issuance MM top box and the smart card.
Described steps A is by preserving the root certificate in set-top box and smart card, authenticating by authentication root certificate.
In the described smart card, can preserve a plurality of certificates.
Among the described step B, also comprise whether the have the right step of receiving data stream of checking user, if, then enter step C, if not, then show the Insufficient privilege information indicating.
Among the described step C, comprise also whether checking finishes the step of specifying the number payment, if finish, then enters step D,, then show not payment information prompting if do not finish.
The present invention has well realized separating of set-top box and smart card, meets the relevant CI standard of DVB, and is further enhanced from fail safe, is widely used in the pay cable TV system.
Description of drawings
Data flow is moved towards schematic diagram between Fig. 1 smart card of the present invention and the set-top box;
Fig. 2 is that the smart card pin that uses in the embodiment of the invention is provided with schematic diagram;
Fig. 3 is the schematic flow sheet of the present invention to Data Stream Processing.
Embodiment
Below in conjunction with Figure of description the specific embodiment of the present invention is described.
The relevant design content of smart card used in the present invention at first is described, the present invention carries out the method for cable TV signal descrambling, deciphering on smart card, use the contact C4, the C8 that keep to realize the transmission of descrambling data, use former data I/O to realize the transmission of encryption and decryption data.Use the data-interface of USB interface realization and set-top box.Thereby realize with descrambling and the complete modular implementation of decipher function the function on smart card.Therefore, the present invention is provided with EMM processing module, ECM processing module and descrambling processing module on smart card, handle accordingly.
Advantage of the present invention is seperator top box and condition receiving function, finishes the function that condition receives by smart card, and the data processing between the various piece is seen Fig. 1, and as shown in Figure 1, the interface between smart card and the set-top box is a USB interface.Because smart card is a descrambling, deciphering module design as set-top box, thus according to set-top box be main, smart card for from mode design USB interface.
As shown in Figure 1, data flow 1 and data flow 2 are respectively before the descrambling and the video data stream behind the descrambling, can satisfy the rate requirement of the MPEG2 data flow of using generally speaking in the present invention.
The pin assignment of smart card of the present invention and USB interface explanation are as shown in Figure 2, be according among the ISO/IEC7816-2, aligning method about 8 pins of integrated circuit IC-card, can be provided with as follows: 8 pins are lined up two row, 4 of every row, each pin yardstick 2 * 17mm, column pitch 5.62mm, pin fore-and-aft distance 1.7mm.The numbering of these 8 pins is respectively C1, C2, C3, C4, C5, C6, C7, C8, and wherein, C1 is a supply voltage, C2 is a reset signal, and C3 is a clock signal, and C5 is ground, C6 program voltage, C7 are input and output, and C4, C8 are defined as the input and output of descrambling video flowing.This pin realizes that by USB interface data transmit, and USB is the interface between set-top box and the smart card.
As shown in Figure 3, be that the present invention carries out the schematic flow sheet that data flow receives processing, as seen from the figure, the present invention mainly may further comprise the steps:
When smart card inserts set-top box, at first do external authentication, realize authentication to the legitimacy of set-top box and smart card, on the one-way transmission network, authentication is carried out between set-top box and smart card.According to service needed, select authentication mode, a kind of is the authentication of appointment between set-top box and smart card, by the corresponding relation between certificate issuance MM top box and the smart card, the smart card of realizing appointment can only use on the set-top box of appointment, another kind is the authentication in the same condition receiving system service range, realizes that by preserving the root certificate in set-top box and smart card, authenticating smart card of restriction can use in same service-domain.Smart card is merely able to be linked in the set-top box device of appointment, reaches the purpose of protection smart card.If realize the authentication function that a smart card uses in a plurality of condition receiving systems, need in smart card, preserve a plurality of certificates, different root certificates is selected by corresponding different like this systems.
After authentication was passed through, the Packet Identifier (PID) in the Program Specific Information that smart card passes over according to decoding device (PSI) found EMM.
Smart card uses user key, to the EMM deciphering, obtains SK.
Here also to do the judgement of receiving data stream of whether having the right of this intelligent card subscriber of checking, if can receive, the processing below then continuing, if cannot receive, the information of then doing Insufficient privilege shows.
The ECM processing unit of smart card utilizes SK that ECM is decrypted and obtains CW, and verifies whether this user has paid the expense of the required appointment of receiving data stream.If checking is not passed through, then point out not payment information, wait for that the user pays correlative charges, if the verification passes, then carry out following processing.
CW is delivered to the descrambling unit, and the video flowing that descrambling unit receiving set up box is sent here sends it back set-top box behind the descrambling.Pass to user's terminal video device through set-top box, can watch content corresponding.
TS layer (Transport Stream) descrambling is mainly supported in descrambling of the present invention unit.When to the TS scrambling, all adopt same control word (CW) to carry out scrambling to looking audio frequency and data, CW transmission in the ECM of identical PID stream.Adopt the mode of built-in 3DES chip that the high speed decryption mechanisms is provided.
Decryption method of the present invention is mainly supported the symmetry and the rivest, shamir, adelman of all application at present.To ECM and EMM deciphering, obtain CW and SK.Smart card can provide the protection mechanism of hardware-level, the fail safe of protection key.
CW control word of the present invention produces at random, frequent updating (every 5-20S upgrades once), preset mode is generally adopted in management to SK, the method of prefabricated SK, directly utilize SK that ECM is decrypted, this scheme can be taked some variations in the design of descrambling chip, as can support voice and the cipher mode of separation of images etc., support cryptographic algorithm faster.
The general security algorithm that uses of smart card comprises 3DES, RSA and discusss the close algorithm of doing promulgation at present.It is generally acknowledged that wherein the RSA Algorithm more than 1024 has the safe enough of CA system applies; Therefore the 3DES algorithm is the algorithm that present viewing card mainly uses, and can think that the fail safe of algorithm itself can satisfy the needs of general business television platform.
The making of smart card of the present invention is the process that user oriented is made card, and authorized user message and cipher key initialization if take the method for prefabricated SK, need to be provided with a SK in the card distribution process.
The present invention finishes initialized work when the smart card insertion machine top box first time, comprises the initialization of the root certificate of place CA, determines the corresponding relation of smart card and set-top box.Be tightening security property, also can when set-top box is sold, carry out initialization.
In actual use, the scrambled data streams of word ECM to be controlled enters smart card, after smart card receives ECM, checks the validity of current SK by the authentication code of effect ECM, by after solve CW and from public wallet, reduce the toll amount of indicating among the ECM simultaneously.CW is delivered to the descrambling module, utilizes CW to carry out descrambling, the data flow behind the descrambling sends back set-top box.
The above; it only is better embodiment of the present invention; but protection scope of the present invention is not limited in this; any people who is familiar with this technology is in the present invention discloses the ground technical scope; the variation that can expect easily or alternative; all be encompassed within protection scope of the present invention, protection scope of the present invention is as the criterion with claims.
Claims (10)
1, a kind of CATV signal receiving and processing method, utilize smart card and set-top box to carry out data flow descrambling, decryption processing, it is characterized in that: Entitlement Management Message EMM processing unit, Entitlement Control Message ECM processing unit and descrambling unit are set on smart card, when received signal, may further comprise the steps:
Authenticate between A, set-top box and the smart card;
Transmission comes Packet Identifier PID among the Program Specific Information PSI according to decoding device for B, smart card, finds EMM, and EMM is decrypted processing, obtains business cipher key SK;
C, smart card utilize SK that ECM is decrypted, controlled word CW;
D, smart card utilize CW to carry out scramble process by the descrambling unit, and the data flow behind the descrambling is sent to set-top box;
E, the set-top box data flow after with descrambling sends to video terminal and is play.
2, the method for claim 1 is characterized in that described CW produces at random.
3, the method for claim 1 is characterized in that described SK is what set in advance.
4, the method for claim 1 is characterized in that described smart card is by carrying out data interaction between USB interface and the set-top box.
5, the method for claim 1 is characterized in that described steps A, is the two-way authentication of carrying out between set-top box and the smart card.
6, method as claimed in claim 5 is characterized in that it being to specify authentication in advance between set-top box and smart card, authenticates by the corresponding relation between certificate issuance MM top box and the smart card.
7, method as claimed in claim 5 is characterized in that described steps A, is by preserving the root certificate in set-top box and smart card, authenticating by authentication root certificate.
8, method as claimed in claim 7 is characterized in that can preserving a plurality of certificates in the described smart card.
9, the method for claim 1 is characterized in that among the described step B, also comprises whether the have the right step of receiving data stream of checking user, if, then enter step C, if not, then show the Insufficient privilege information indicating.
10, the method for claim 1 is characterized in that among the described step C, comprises also whether checking finishes the step of specifying the number payment, if finish, then enters step D, if do not finish, then shows not payment information prompting.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2004100838941A CN100477785C (en) | 2004-10-22 | 2004-10-22 | CATV signal receiving and processing method |
| PCT/CN2005/001718 WO2006042467A1 (en) | 2004-10-22 | 2005-10-20 | A processing method in accessing catv signal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2004100838941A CN100477785C (en) | 2004-10-22 | 2004-10-22 | CATV signal receiving and processing method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1764268A CN1764268A (en) | 2006-04-26 |
| CN100477785C true CN100477785C (en) | 2009-04-08 |
Family
ID=36202677
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2004100838941A Expired - Fee Related CN100477785C (en) | 2004-10-22 | 2004-10-22 | CATV signal receiving and processing method |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN100477785C (en) |
| WO (1) | WO2006042467A1 (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR100744340B1 (en) | 2005-10-13 | 2007-07-30 | 삼성전자주식회사 | Digital broadcasting conditional access system and method thereof |
| CN101399662B (en) * | 2008-09-27 | 2011-02-16 | 北京创毅视讯科技有限公司 | Method, system, conditional receiving module and customer terminal for obtaining service key |
| CN101616301B (en) * | 2009-07-28 | 2012-10-03 | 北京惠信博思技术有限公司 | Digital copyright management method and terminal |
| CN102404629B (en) * | 2010-09-17 | 2014-08-06 | 中国移动通信有限公司 | Method and device for processing television program data |
| CN102457774B (en) * | 2010-10-20 | 2014-03-12 | 中国移动通信有限公司 | Method, device and system for processing television program data |
| CN102523484B (en) * | 2011-12-27 | 2013-12-25 | 山东泰信电子股份有限公司 | System and method for scrambling digital television data |
| CN105554539B (en) * | 2015-12-09 | 2019-01-01 | 深圳市纽格力科技有限公司 | Device for processing digital video, digital program system and its matching process |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0987893A1 (en) * | 1998-09-16 | 2000-03-22 | CANAL+ Société Anonyme | Management of data in a receiver/decoder |
| US6697489B1 (en) * | 1999-03-30 | 2004-02-24 | Sony Corporation | Method and apparatus for securing control words |
| AU2001251008A1 (en) * | 2000-03-29 | 2001-10-08 | Sony Electronics Inc. | Removable smart card interface for set top box |
-
2004
- 2004-10-22 CN CNB2004100838941A patent/CN100477785C/en not_active Expired - Fee Related
-
2005
- 2005-10-20 WO PCT/CN2005/001718 patent/WO2006042467A1/en active Application Filing
Non-Patent Citations (4)
| Title |
|---|
| "机卡分离"是发展我国有线数字电视的重要举措. 白为民.电子产品世界,第11期. 2004 |
| "机卡分离"是发展我国有线数字电视的重要举措. 白为民.电子产品世界,第11期. 2004 * |
| 数字机顶盒技术讲座第四讲有条件接收技术. 刘修文.中国有线电视,第12期. 2004 |
| 数字机顶盒技术讲座第四讲有条件接收技术. 刘修文.中国有线电视,第12期. 2004 * |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2006042467A1 (en) | 2006-04-27 |
| CN1764268A (en) | 2006-04-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7305555B2 (en) | Smart card mating protocol | |
| US8060902B2 (en) | System for receiving broadcast digital data comprising a master digital terminal, and at least one slave digital terminal | |
| US8205243B2 (en) | Control of enhanced application features via a conditional access system | |
| US8160248B2 (en) | Authenticated mode control | |
| KR101449478B1 (en) | Digital tv conditional access system and receiving method thereof | |
| JP2003518843A (en) | How to operate a conditional access system to the broadcasting sector | |
| JP2005518035A (en) | Method and system for conditional access | |
| IL188334A (en) | Method and device for controlling access to encrypted data | |
| US8782417B2 (en) | Method and processing unit for secure processing of access controlled audio/video data | |
| WO2006042467A1 (en) | A processing method in accessing catv signal | |
| KR20100044969A (en) | System apparatus and method for conditional broadcast reception without cablecard | |
| CN102111642A (en) | Method for bidirectional AIO to receive encrypted digital television without using cards | |
| US20050071866A1 (en) | System for receiving broadcast digital data comprising a master digital terminal, and at least one slave digital terminal | |
| CN101247508B (en) | Method for terminal implementing service authorization in conditioned receiving system | |
| JP4521392B2 (en) | Pay television systems associated with decoders and smart cards, rights revocation methods in such systems, and messages sent to such decoders | |
| KR20100069373A (en) | Conditional access system and method exchanging randon value | |
| EP2514215B1 (en) | Method and processing unit for secure processing of access controlled audio/video data | |
| CN103988513B (en) | For method, encryption system and the security module of the content packet for descrambling digital transport stream | |
| TW201203991A (en) | Protection method, decrypting method, recording medium and terminal for this protection method | |
| CN101442659B (en) | Shared digital television condition receiving system capable of preventing CW diffusion and the method | |
| KR101138152B1 (en) | Conditional storing system and method for iptv | |
| KR100681637B1 (en) | Broadcasting conditional access system and method | |
| KR101045490B1 (en) | Broadcast conditional access system with impulse purchase capability in a two way network | |
| KR101138126B1 (en) | Cas system and method for iptv | |
| JP2007036380A (en) | Receiver, cas module and distribution method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090408 Termination date: 20131022 |