CN100484233C - Safety certification device for digital TV signal, and TV equipment with the device - Google Patents
Safety certification device for digital TV signal, and TV equipment with the device Download PDFInfo
- Publication number
- CN100484233C CN100484233C CN 200510074887 CN200510074887A CN100484233C CN 100484233 C CN100484233 C CN 100484233C CN 200510074887 CN200510074887 CN 200510074887 CN 200510074887 A CN200510074887 A CN 200510074887A CN 100484233 C CN100484233 C CN 100484233C
- Authority
- CN
- China
- Prior art keywords
- video flowing
- digital
- digital signature
- unit
- certificate
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
Abstract
The invention comprises: a digital signature extracting unit, a license extracting and examining unit, a digital signature examining unit, a data stream dividing unit and a controlling unit. The invention can prevent the illegal programs inserted into the digital programs by illegal user, and improve the security of digital TV broadcast.
Description
Technical field
The present invention relates to digital television techniques, the television equipment that is specifically related to the digital television signal safety certification device and has this safety certification device.
Background technology
Along with science and technology development, digital television techniques arises at the historic moment.Because digital television techniques has advantages such as transmission quality height, scope is wide, the user is many, speed is fast, will replace traditional simulated television gradually, thereby has boundless market prospects.
Fig. 1 shows the basic structure of existing digital television broadcasting system.As can be seen from Figure 1, a digital television broadcasting system 100 comprises that TV programme provides subsystem 101, TV signal broadcast subsystem 102, network transmit subsystem 103 and terminal plays subsystem 104.Wherein television programming provider provides subsystem 101 to provide the digital television program video flowing to TV signal broadcast subsystem 102 by TV programme; Network transmit subsystem 103 will be provided by the video flowing that TV programme provides subsystem 101 to provide TV signal broadcast subsystem 102; The video flowing that network transmit subsystem 103 will be received from TV signal broadcast subsystem 102 is sent to terminal plays subsystem 104 by wired or satellite transmits mode; Terminal plays subsystem 104, but the digital television in the user family or have the simulated television of the set-top box of receiving digital signals just, then receive the video flowing of automatic network transmit subsystem 103, and play, thereby the digital television program that makes the user can watch television programming provider to provide by the mode that video shows.
Above-mentioned digital television broadcasting system is as a kind of new application model, and its fail safe also has the new characteristics that are different from simulated television.Specifically, present digital television broadcasting system mainly faces following safety problem:
(1) how realization condition receives, and just has only the paying customer to receive, and non-paying customer then can not receive;
(2) how to realize copyright protection, thereby guarantee the interests of television programming provider effectively;
(3) how to prevent that television programming provider from broadcasting illegal TV programme signal, for example broadcast laws such as relating to undue violence and forbid the content broadcasted;
(4) how to prevent that unauthorized person from transmitting the illegal TV programme of network insertion by controlling wired or satellite etc.
In order to solve first and second problems; require digital television broadcasting system to have confidentiality; just protect the fail safe of digital television signal; the person deciphers information encrypted to prevent not have the key; guarantee to have only the paying customer just can watch digital television program like this, but not the paying customer can not watch then.Simultaneously,, also guaranteed the copyright of digital television program conscientiously, and thereby guaranteed the interests of television programming provider because other user except the paying customer can not arbitrarily watch.
In the prior art, first and second problems have obtained solution to a certain extent, but third and fourth problem but never has practical solution, thereby have reduced the fail safe of whole digital television broadcasting system.
Summary of the invention
In view of this, the present invention is devoted to the television equipment that a kind of digital television signal safety certification device is provided and has this safety certification device, by with the cooperation of digital television broadcasting system transmitting terminal, to prevent that effectively television programming provider from broadcasting illegal TV programme signal and preventing that unauthorized person from transmitting the illegal TV programme of network insertion by controlling wired or satellite etc.
According to an aspect of the present invention, a kind of digital television signal safety certification device comprises:
The digital signature extraction unit, be used for extracting digital signature result and digital permission certificate and sending certificate extraction and authentication unit, the video flowing that removes digital signature result and digital permission certificate is sent to dividing cell from the video flowing that is superimposed with digital signature result and digital permission certificate;
Certificate extracts and authentication unit, be used for extracting the digital permission certificate from digital signature result and digital permission certificate, and whether the digital permission certificate that higher level's certification authentication of utilization oneself preservation is extracted is legal, under legal situation, digital signature result and the PKI that is included in the digital permission certificate are sent to the digital signature authentication unit, abandon this video flowing at the illegal situation control unit that sends a notice;
Dividing cell, the video flowing that is used for removing digital signature result and digital permission certificate is divided into two-way, and one road video flowing is sent to control unit, and another road video flowing is sent to the digital signature authentication unit;
The digital signature authentication unit, be used for verifying according to the video flowing that is received from dividing cell whether the digital signature result that is received from certificate extraction and authentication unit is correct, export this video flowing at the correct situation control unit that gives an order, the ELSE instruction control unit abandons this video flowing; With
Control unit is used for according to the instruction that receives video flowing being exported processing or discard processing.
According to a further aspect in the invention, a kind of digital television signal safety certification device comprises:
The digital signature extraction unit, be used for extracting the digital signature result and the digital permission certificate of process error correction coding and sending decoding unit, the video flowing that removes digital signature result and digital permission certificate is sent to dividing cell from being superimposed with through the digital signature result of error correction coding and the video flowing of digital permission certificate;
Decoding unit is used for digital signature result and digital permission certificate through error correction coding are decoded, and decoded digital signature result and digital permission certificate are sent to certificate extraction and authentication unit;
Certificate extracts and authentication unit, be used for extracting the digital permission certificate from digital signature result and digital permission certificate, and whether the digital permission certificate that higher level's certification authentication of utilization oneself preservation is extracted is legal, under legal situation, digital signature result and the PKI that is included in the digital permission certificate are sent to the digital signature authentication unit, abandon this video flowing at the illegal situation control unit that sends a notice;
Dividing cell, the video flowing that is used for removing digital signature result and digital permission certificate is divided into two-way, and one road video flowing is sent to control unit, and another road video flowing is sent to the digital signature authentication unit;
The digital signature authentication unit, be used for according to video flowing that is received from dividing cell and the PKI that is received from certificate extraction and authentication unit, judge whether the digital signature result that is received from certificate extraction and authentication unit is the correct digit signature result of the private key of described PKI correspondence at institute's receiver, video stream, if then instruction control unit is exported this video flowing, the ELSE instruction control unit abandons this video flowing; With
Control unit is used for according to the instruction that receives from the digital signature authentication unit or from the notice that certificate extracts and authentication unit receives, and the video flowing that receives from dividing cell is exported handled or discard processing.
In the digital television signal safety certification device aspect above-mentioned two, this digital signature authentication unit comprises:
The PKI decrypting device is used to use the PKI that is received from certificate extraction and authentication unit that digital signature result is decrypted, and the Hash calculation end value after the deciphering is sent to comparing unit;
The Hash calculation unit is used for the video flowing that is received from dividing cell is carried out Hash calculation, obtains the Hash calculation end value;
Comparing unit is used for being received from more respectively the Hash calculation end value of PKI decrypting device and Hash calculation unit, exports this video flowing at the situation of two the values couplings control unit that gives an order, and the ELSE instruction control unit abandons this video flowing.
Preferably, the digital signature result that superposes in the video flowing that described digital signature extraction unit receives is that the video flowing to segmentation carries out the digital signature result that obtains after the digital signature respectively, comprise this segment information in the video flowing, the video flowing that dividing cell will comprise segment information sends to the Hash calculation unit, the video flowing that removes segment information is sent to control unit, described Hash calculation unit carries out Hash calculation according to this segment information respectively to each section video flowing that receives, two Hash calculation end values of the more same video-frequency band of described comparing unit, export this segmentation video flowing at the situation of two values coupling control unit that gives an order, the ELSE instruction control unit abandons this segmentation video flowing.
The digital television signal safety certification device can form independent chip, also can be integrated on the existing chip of television equipment.
A kind of television equipment comprises according to digital television signal safety certification device of the present invention.Described television equipment comprises digital demodulation unit and audio/video decoder, the digital television signal safety certification device is installed between this digital demodulation unit and the audio/video decoder, reception is from the video flowing of digital demodulation unit, and will output to this audio/video decoder through the video flowing of safety certification.
In the present invention, owing to issue a digital license passport for each television programming provider at the digital broadcast television transmitter side, television programming provider need carry out digital signature to video flowing when TV programme is provided, and the digital permission certificate of digital signature result and oneself is added to together is sent to end side in this video flowing, extract the digital permission certificate by a brand-new digital television signal safety certification device and it is verified in end side like this, extract digital signature result and it is verified, and under the situation that any one checking is not passed through, abandon this video flowing, only under the situation that two checkings are all passed through, television equipment is just play the TV programme of this video flowing correspondence.
If unauthorized person transmits the illegal TV programme of network insertion by controlling wired or satellite etc. like this, because unauthorized person does not have the digital permission certificate of program provider, therefore the illegal TV programme of being inserted can be dropped in the checking of end side, even unauthorized person has obtained the digital permission certificate by various means, can be because he does not have private key yet can not be by the checking of digital signature result, thereby make the illegal TV programme of inserting be dropped.Therefore, the present invention can prevent effectively that unauthorized person from transmitting the illegal TV programme of network insertion by controlling wired or satellite etc.
Simultaneously, video flowing sends to end side because television programming provider must be added to the digital permission certificate of oneself, and can extract this digital permission certificate in the digital television signal safety certification device.If therefore legal television programming provider has been play illegal TV programme, can find the source of this illegal TV programme so at an easy rate by the digital permission certificate of following this illegal TV programme, just be which television programming provider provides this illegal programs.Be aided with other criminal or economic punishment measures then and punish, other program provider of preparing to play illegal programs is caused fright, thereby prevented that from the source television programming provider from broadcasting illegal TV programme signal.
To sum up, the present invention has greatly improved the fail safe of digital television broadcasting.
In addition, the present invention also has good compatibility, just as long as a safety certification device is installed on existing television equipment, this safety certification device can not influence the structure and the work of existing television equipment, thereby realization and existing equipment is seamless integrated.
Description of drawings
Fig. 1 is the schematic diagram according to the digital television broadcasting system of prior art.
Fig. 2 is the schematic diagram according to digital television broadcasting system of the present invention.
Fig. 3 is the general structure schematic diagram of safety certification device according to an embodiment of the invention.
Fig. 4 is the concrete structure schematic diagram of safety certification device according to an embodiment of the invention.
Fig. 5 is the general structure schematic diagram of safety certification device in accordance with another embodiment of the present invention.
Fig. 6 is the concrete structure schematic diagram of safety certification device in accordance with another embodiment of the present invention.
Fig. 7 is the structural representation that has the digital television devices of safety certification device.
Embodiment
The present invention is described in detail below in conjunction with the drawings and specific embodiments.
Fig. 2 shows the schematic diagram according to digital television broadcasting system of the present invention.As shown in Figure 2, digital television broadcasting system 200 according to the present invention provides subsystem 201, TV signal broadcast subsystem 202, network transmit subsystem 203 and the terminal plays subsystem 204 except comprising TV programme, comprises further that also the digital permission certificate issues system 205.The digital permission certificate is issued system 205 and is used for providing subsystem 201 to issue the digital permission certificate to TV programme, and sends this certificate to TV programme subsystem 201 is provided, and uses for subsequent operation.
For different TV programme provides subsystem 201, mutually different digital permission certificate can be provided, that is to say that the digital permission certificate is unique, two TV programme can not occur provides subsystem 201 to have the situation of same numbers license passport.Here TV programme subsystem 201 and television programming provider can be one-to-one relationships, also can be that a television programming provider has a plurality of TV programme subsystems 201, for example can there be a plurality of channels or a plurality of making department in TV station, and each channel or each making department can have a digital license passport independently like this.Digital license is issued system 205 and is actually system of a certificate verification mechanism (CA).
When specifically issuing the digital permission certificate, it is right to need TV programme subsystem 201 at first to generate a public and private key, TV programme subsystem 201 uses PKI wherein to issue system's 205 application digital permission certificates to the digital permission certificate then, the digital permission certificate is issued system 205 and is generated a digital license passport for this TV programme provides subsystem 201, wherein comprises the PKI of this public and private key centering.Then, the digital permission certificate is issued digital permission certificate that system 205 will comprise PKI and is sent to TV programme subsystem 201 is provided.
TV programme of the present invention provides subsystem 201 further to comprise TV programme digital signature device 211.Digital signature device 211 uses the private key of the public and private key centering of own generation that television program video is flow to the line number word signature, and digital signature result and digital permission certificate are added to sends in the video flowing of network transmit subsystem 203 then.
In the present invention preferably to video flowing, generally be moving picture expert group 2 (MEPG2) or digital audio/video encoding and decoding technique standard operation group (AVS) video flowing, carry out segmentation, for example 10M byte (just tens seconds) is one section, respectively each section being carried out Hash (hash) then calculates, use private key to carry out digital signature to result of calculation, for example carry out the RSA signature operation.Here specifically how carrying out Hash calculation and how carrying out the digital signature operation is known to those skilled in the art, therefore no longer describes in detail.
Above-mentionedly video flowing is carried out segmentation respectively each section to be carried out digital signature then be for the program that can in time find in each relatively short time cycle and corrigendum is distorted, thereby do not influence the fluency of playing programs, guaranteeing normally watching of TV programme to a greater extent when running into security attack in system.
Digital signature device 211 is added to digital signature result and digital permission certificate in the original video flowing, and along with this video flowing together is sent to end side through TV signal broadcast subsystem 202 and network transmit subsystem 203.The stack is here adopted and is thanksed for your hospitality mode, for example the digital signature result of about 6K bit directly is inserted into the back of former last frame of MPEG2 video stream data section.
At terminal plays subsystem 204 of the present invention, just digital television or for example set-top box can receiving digital signals similar device in, digital television signal safety certification device 213 further is installed, safety certification device stores and is used to verify that TV programme provides higher level's certificate of the certificate of subsystem 201, whether be used for the digital permission certificate that superposes according to this higher level's certification authentication video flowing legal, and whether the digital signature result of checking video flowing is correct, only under situation by described two judgements, terminal plays subsystem 204 is play this video flowing, otherwise abandons this video flowing.
Specify the structure and the operation principle of safety certification device 213 according to an embodiment of the invention below with reference to Fig. 3 and Fig. 4.
As shown in Figure 3, safety certification device 213 comprises that digital signature extraction unit 301, certificate extract and authentication unit 303, digital signature authentication unit 304, dividing cell 305 and control unit 306.After the video flowing that is superimposed with digital signature enters terminal plays subsystem 204, through entering the digital signature extraction unit 301 of safety certification device 213 after the processing of a series of prior aries.Digital signature extraction unit 301 extracts digital signature result and digital permission certificate from this video flowing, the digital signature result and the digital permission certificate that extract are sent to digital signature authentication unit 304, the video flowing that will remove digital signature but comprise segment information sends to dividing cell 305, dividing cell 305 is divided into two-way with this video flowing then, to wherein one the tunnel already remove digital signature and also removed the video flowing of segment information and send to control unit 306, the video flowing that another road has been removed digital signature but comprised segment information sends to digital signature authentication unit 304, and this two-path video stream is identical.The segment information here can be the symbol that inserts later at one section video flowing, and with different at interval video flowing sections, segment information just is included in the video flowing when carrying out segmentation, and along with video flowing is input to digital signature extraction unit 301.In other words, send in the video flowing that is superimposed with digital signature result and digital permission certificate of digital signature extraction unit 301, also comprise this segment information.It can be directly to extract this segment information that dividing cell is removed segment information, thereby remaining video flowing is the video flowing that has removed segment information.
Certificate extracts and authentication unit 303 stores higher level's certificate of the digital permission certificate that is used to verify program provider, after receiving digital signature and certificate, therefrom extract digital certificate, the digital certificate right and wrong of higher level's certification authentication extraction of use oneself are legal then, if the PKI that comprises in digital signature and the certificate is sent to digital signature authentication unit 304; ELSE instruction control unit 306 abandons this video flowing.
Whether digital signature authentication unit 304 is correct according to the digital signature result that the video flowing checking that is received from dividing cell 305 is received from certificate extraction and authentication unit 303, at correct situation these video flowings of control unit 306 output that give an order, ELSE instruction control unit 306 abandons this video flowing.
With reference to figure 4, digital signature authentication unit 304 can specifically comprise PKI decrypting device 313, Hash calculation unit 314 and comparing unit 315.In this case, certificate extraction and authentication unit 303 send to PKI decrypting device 313 with the PKI that comprises in digital signature and the certificate after authentication certificate is legal.PKI decrypting device 313 utilizes the PKI that comprises in the digital certificate that digital signature result is decrypted, thereby obtains the Hash calculation end value, and this Hash calculation end value is sent to comparing unit 315.Simultaneously, Hash calculation unit 314 carries out Hash calculation according to segment information to the segmentation of the video flowing that removes digital signature, then the Hash calculation result who obtains is sent to comparing unit 315.
Comparing unit 315 relatively is received from the Hash calculation end value after the deciphering of PKI decrypting device 313 and is received from the Hash calculation end value of the new calculating of Hash calculation unit 314, if two value couplings, for example equate, then indicate control unit 306 checkings to pass through, the video flowing that digital signature has been removed in control unit 306 outputs is for subsequent treatment and broadcast, and the user just can see the digital television program that program provider provides like this; On the contrary, if two values do not match, comparing unit 315 indication control units 306 abandon this section video flowing, and control unit 306 is carried out this section video flowing according to the indication of comparing unit 315 and abandoned operation, and the user just can not see illegal TV programme like this.
For prevent that digital signature result and digital permission certificate from being decayed in transmission course, the influence of clutter, interference etc. and making can not normally be received at receiving terminal, can in digital signature device 211, carry out error correction coding to digital signature result and digital permission certificate, just in digital signature result and digital permission certificate, insert redundant code, for example can use Reed-Solomon error correction coding mode with error correcting capability.Like this, digital signature result that superposes in the video flowing that the digital signature extraction unit in the digital television signal safety certification device 213 301 receives and digital permission certificate are through error correction coding.In order to adapt to this situation, the present invention proposes second embodiment as shown in Figure 5 and Figure 6.The difference of second embodiment and first embodiment is to have increased decoding unit 302, and the 26S Proteasome Structure and Function of other unit is identical, has therefore used identical Reference numeral.
As shown in Figure 5, after the video flowing of digital signature result that is superimposed with the process error correction coding and digital permission certificate enters terminal plays subsystem 204, through entering the digital signature extraction unit 301 of safety certification device 213 after the processing of a series of prior aries.Digital signature extraction unit 301 extracts digital signature result and the digital permission certificate through error correction coding from this video flowing, the digital signature result and the digital permission certificate that extract are sent to decoding unit 302, the video flowing that will remove digital signature but comprise segment information sends to dividing cell 305, dividing cell 305 is divided into two-way with this video flowing then, to wherein one the tunnel already remove digital signature and also removed the video flowing of segment information and send to control unit 306, the video flowing that another road has been removed digital signature but comprised segment information sends to digital signature authentication unit 304, and this two-path video stream is identical.The segment information here is identical with a last embodiment, repeats no more.
302 pairs of digital signature of decoding unit and certificate are decoded, and will send to certificate extraction and authentication unit 303 through decoded digital signature and certificate then.The decode operation here is corresponding with the encoding operation of transmitting terminal, because error correction coding/decoding is to well known to a person skilled in the art technology, therefore no longer describes in detail here.
Certificate extracts and authentication unit 303 stores higher level's certificate of the digital permission certificate that is used to verify program provider, after receiving digital signature and certificate, therefrom extract digital certificate, the digital certificate right and wrong of higher level's certification authentication extraction of use oneself are legal then, if the PKI that comprises in digital signature and the certificate is sent to digital signature authentication unit 304; ELSE instruction control unit 306 abandons this video flowing.
Whether digital signature authentication unit 304 is correct according to the digital signature result that the video flowing checking that is received from dividing cell 305 is received from certificate extraction and authentication unit 303, at correct situation these video flowings of control unit 306 output that give an order, ELSE instruction control unit 306 abandons this video flowing.
With reference to figure 6, digital signature authentication unit 304 can specifically comprise PKI decrypting device 313, Hash calculation unit 314 and comparing unit 315.In this case, certificate extraction and authentication unit 303 send to PKI decrypting device 313 with the PKI that comprises in digital signature and the certificate after authentication certificate is legal.PKI decrypting device 313 utilizes the PKI that comprises in the digital certificate that digital signature result is decrypted, thereby obtains the Hash calculation end value, and this Hash calculation end value is sent to comparing unit 315.Simultaneously, Hash calculation unit 314 carries out Hash calculation according to segment information to the segmentation of the video flowing that removes digital signature, then the Hash calculation result who obtains is sent to comparing unit 315.
Comparing unit 315 relatively is received from the Hash calculation end value after the deciphering of PKI decrypting device 313 and is received from the Hash calculation end value of the new calculating of Hash calculation unit 314, if two value couplings, for example equate, then indicate control unit 306 checkings to pass through, the video flowing that digital signature has been removed in control unit 306 outputs is for subsequent treatment and broadcast, and the user just can see the digital television program that program provider provides like this; On the contrary, if two values do not match, comparing unit 315 indication control units 306 abandon this section video flowing, and control unit 306 is carried out this section video flowing according to the indication of comparing unit 315 and abandoned operation, and the user just can not see illegal TV programme like this.
Fig. 7 shows a structural representation that is equipped with according to the television equipment of digital television signal safety certification device of the present invention, and the digital television signal safety certification device here is installed in this television equipment with the form of an independent safety chip.Safety chip is installed between digital demodulation unit and the audio/video decoder, receives the video flowing from digital demodulation unit, and will output to this audio/video decoder through the video flowing of safety certification.
Specifically, the tuned cell in this television equipment is responsible for radio frequency reception, frequency conversion, filtering and automatic gain control etc., and will handle signal interference problem well, common disturbs, faces problem such as channel interference as image signal.The A/D unit becomes digital signal with analog signal conversion, digital demodulation unit is used to form base band TS stream, digital television signal video flowing through above-mentioned processing promptly enters according to safety chip of the present invention, if safety certification success, just successfully by above-mentioned checking to digital license passport and digital signature result, video flowing promptly outputs to audio/video decoder from safety chip, carry out to pass through display and audio amplifier difference playing image and sound after the Voice ﹠ Video decoding, thereby make the user can see digital television program.Therefore other unit in this television equipment describe in detail here no longer one by one owing to be the existing unit that does not have direct relation with the present invention all.
In the present embodiment, video flowing is carried out segmentation, then each section is carried out Hash calculation and digital signature, certainly can understand, also can be undertaken, as long as can in video flowing, superpose digital signature result and digital permission certificate by other modes.
Digital television signal safety certification device of the present invention can form an independent chip, then this chip is integrated in digital television or the set-top box.In addition, safety certification device also can be integrated on the existing chip, for example on the decoder chip.
Be that example has illustrated the present invention with digital TV video frequency stream above, thought of the present invention can also be applied among the IPTV, like this a safety certification device can be installed in the router of IP network, thereby the video flowing that transmits in the IP network is authenticated.
Therefore being appreciated that above-mentioned only is displaying to spirit of the present invention, rather than restriction.
Claims (10)
1, a kind of digital television signal safety certification device is characterized in that, this device comprises:
Digital signature extraction unit (301), be used for extracting digital signature result and digital permission certificate and sending certificate extraction and authentication unit (303), the video flowing that removes digital signature result and digital permission certificate is sent to dividing cell (305) from the video flowing that is superimposed with digital signature result and digital permission certificate;
Certificate extracts and authentication unit (303), be used for extracting the digital permission certificate from digital signature result and digital permission certificate, and whether the digital permission certificate that higher level's certification authentication of utilization oneself preservation is extracted is legal, under legal situation, digital signature result and the PKI that is included in the digital permission certificate are sent to digital signature authentication unit (304), abandon this video flowing at the illegal situation control unit (306) that sends a notice;
Dividing cell (305), the video flowing that is used for removing digital signature result and digital permission certificate is divided into two-way, and one road video flowing is sent to control unit (306), and another road video flowing is sent to digital signature authentication unit (304);
Digital signature authentication unit (304), be used for according to video flowing that is received from dividing cell (305) and the PKI that is received from certificate extraction and authentication unit (303), judge whether the digital signature result that is received from certificate extraction and authentication unit (303) is the correct digit signature result of the private key of described PKI correspondence at institute's receiver, video stream, if then instruction control unit (306) is exported this video flowing, ELSE instruction control unit (306) abandons this video flowing; With
Control unit (306) is used for according to the instruction that receives from the digital signature authentication unit or from the notice that certificate extracts and authentication unit receives, and the video flowing that receives from dividing cell is exported handled or discard processing.
According to the device of claim 1, it is characterized in that 2, this digital signature authentication unit (304) comprising:
PKI decrypting device (313) is used for using the PKI that is received from certificate extraction and authentication unit (303) that digital signature result is decrypted, and the Hash calculation end value after the deciphering is sent to comparing unit (315);
Hash calculation unit (314) is used for the video flowing that is received from dividing cell (305) is carried out Hash calculation, obtains the Hash calculation end value;
Comparing unit (315), be used for being received from more respectively the Hash calculation end value of PKI decrypting device (313) and Hash calculation unit (314), export this video flowing at the situation of two values coupling control unit (306) that gives an order, ELSE instruction control unit (306) abandons this video flowing.
3, device according to claim 2, it is characterized in that, the digital signature result that superposes in the video flowing that described digital signature extraction unit (301) receives is that the video flowing to segmentation carries out the digital signature result that obtains after the digital signature respectively, comprise this segment information in the video flowing, the video flowing that dividing cell (305) will comprise segment information sends to Hash calculation unit (314), the video flowing that removes segment information is sent to control unit (306), described Hash calculation unit (314) carries out Hash calculation according to this segment information respectively to each section video flowing that receives, two Hash calculation end values of the more same video-frequency band of described comparing unit (315), export this segmentation video flowing at the situation of two values coupling control unit (306) that gives an order, ELSE instruction control unit (306) abandons this segmentation video flowing.
According to the device of claim 1, it is characterized in that 4, described device forms independent chip, perhaps be integrated on the existing chip of television equipment.
5, a kind of digital television signal safety certification device is characterized in that, this device comprises:
Digital signature extraction unit (301), be used for extracting the digital signature result and the digital permission certificate of process error correction coding and sending decoding unit (302), the video flowing that removes digital signature result and digital permission certificate is sent to dividing cell (305) from being superimposed with through the digital signature result of error correction coding and the video flowing of digital permission certificate;
Decoding unit (302) is used for digital signature result and digital permission certificate through error correction coding are decoded, and decoded digital signature result and digital permission certificate are sent to certificate extraction and authentication unit (303);
Certificate extracts and authentication unit (303), be used for extracting the digital permission certificate from digital signature result and digital permission certificate, and whether the digital permission certificate that higher level's certification authentication of utilization oneself preservation is extracted is legal, under legal situation, digital signature result and the PKI that is included in the digital permission certificate are sent to digital signature authentication unit (304), abandon this video flowing at the illegal situation control unit (306) that sends a notice;
Dividing cell (305), the video flowing that is used for removing digital signature result and digital permission certificate is divided into two-way, and one road video flowing is sent to control unit (306), and another road video flowing is sent to digital signature authentication unit (304);
Digital signature authentication unit (304), be used for according to video flowing that is received from dividing cell (305) and the PKI that is received from certificate extraction and authentication unit (303), judge whether the digital signature result that is received from certificate extraction and authentication unit (303) is the correct digit signature result of the private key of described PKI correspondence at institute's receiver, video stream, if then instruction control unit (306) is exported this video flowing, ELSE instruction control unit (306) abandons this video flowing; With
Control unit (306) is used for according to the instruction that receives from the digital signature authentication unit or from the notice that certificate extracts and authentication unit receives, and the video flowing that receives from dividing cell is exported handled or discard processing.
According to the device of claim 5, it is characterized in that 6, this digital signature authentication unit (304) comprising:
PKI decrypting device (313) is used for using the PKI that is received from certificate extraction and authentication unit (303) that digital signature result is decrypted, and the Hash calculation end value after the deciphering is sent to comparing unit (315);
Hash calculation unit (314) is used for the video flowing that is received from dividing cell (305) is carried out Hash calculation, obtains the Hash calculation end value;
Comparing unit (315), be used for being received from more respectively the Hash calculation end value of PKI decrypting device (313) and Hash calculation unit (314), export this video flowing at the situation of two values coupling control unit (306) that gives an order, ELSE instruction control unit (306) abandons this video flowing.
7, device according to claim 6, it is characterized in that, the digital signature result that superposes in the video flowing that described digital signature extraction unit (301) receives is that the video flowing to segmentation carries out the digital signature result that obtains after the digital signature respectively, comprise this segment information in the video flowing, the video flowing that dividing cell (305) will comprise segment information sends to Hash calculation unit (314), the video flowing that removes segment information is sent to control unit (306), described Hash calculation unit (314) carries out Hash calculation according to this segment information respectively to each section video flowing that receives, two Hash calculation end values of the more same video-frequency band of described comparing unit (315), export this segmentation video flowing at the situation of two values coupling control unit (306) that gives an order, ELSE instruction control unit (306) abandons this segmentation video flowing.
According to the device of claim 5, it is characterized in that 8, described device forms independent chip, perhaps be integrated on the existing chip of television equipment.
9, a kind of television equipment is characterized in that, comprises according to any described digital television signal safety certification device in the claim 1 to 8.
10, according to the television equipment of claim 9, it is characterized in that, described television equipment comprises digital demodulation unit and audio/video decoder, the digital television signal safety certification device is installed between this digital demodulation unit and the audio/video decoder, reception is from the video flowing of digital demodulation unit, and will output to this audio/video decoder through the video flowing of safety certification.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200510074887 CN100484233C (en) | 2005-06-03 | 2005-06-03 | Safety certification device for digital TV signal, and TV equipment with the device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200510074887 CN100484233C (en) | 2005-06-03 | 2005-06-03 | Safety certification device for digital TV signal, and TV equipment with the device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1874487A CN1874487A (en) | 2006-12-06 |
| CN100484233C true CN100484233C (en) | 2009-04-29 |
Family
ID=37484709
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200510074887 Expired - Fee Related CN100484233C (en) | 2005-06-03 | 2005-06-03 | Safety certification device for digital TV signal, and TV equipment with the device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100484233C (en) |
Families Citing this family (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102821307A (en) * | 2012-09-07 | 2012-12-12 | 北京理工大学 | Video coding system of real-time authentication broadcast data source |
| WO2015058397A1 (en) | 2013-10-25 | 2015-04-30 | Microsoft Technology Licensing, Llc | Representing blocks with hash values in video and image coding and decoding |
| KR20160075705A (en) | 2013-10-25 | 2016-06-29 | 마이크로소프트 테크놀로지 라이센싱, 엘엘씨 | Hash-based block matching in video and image coding |
| US10368092B2 (en) | 2014-03-04 | 2019-07-30 | Microsoft Technology Licensing, Llc | Encoder-side decisions for block flipping and skip mode in intra block copy prediction |
| US10567754B2 (en) | 2014-03-04 | 2020-02-18 | Microsoft Technology Licensing, Llc | Hash table construction and availability checking for hash-based block matching |
| KR102287779B1 (en) * | 2014-06-23 | 2021-08-06 | 마이크로소프트 테크놀로지 라이센싱, 엘엘씨 | Encoder decisions based on results of hash-based block matching |
| KR102490706B1 (en) | 2014-09-30 | 2023-01-19 | 마이크로소프트 테크놀로지 라이센싱, 엘엘씨 | Hash-based encoder decisions for video coding |
| CN105224875B (en) * | 2015-11-13 | 2018-04-06 | 上海斐讯数据通信技术有限公司 | The secure startup system and method for a kind of terminal |
| US10390039B2 (en) | 2016-08-31 | 2019-08-20 | Microsoft Technology Licensing, Llc | Motion estimation for screen remoting scenarios |
| US11095877B2 (en) | 2016-11-30 | 2021-08-17 | Microsoft Technology Licensing, Llc | Local hash-based motion estimation for screen remoting scenarios |
| CN109005450B (en) * | 2018-07-16 | 2021-05-18 | 广州辉群智能科技有限公司 | Broadcast control method and device of broadcast equipment |
| US11202085B1 (en) | 2020-06-12 | 2021-12-14 | Microsoft Technology Licensing, Llc | Low-cost hash table construction and hash-based block matching for variable-size blocks |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1259260A (en) * | 1997-06-06 | 2000-07-05 | 汤姆森消费电子有限公司 | Conditional access system for set-top boxes |
| CN1265807A (en) * | 1997-06-06 | 2000-09-06 | 汤姆森消费电子有限公司 | Global conditioner access system for broadcast services |
| CN1307420A (en) * | 2000-01-27 | 2001-08-08 | 中国长城计算机深圳股份有限公司 | Sectional enciphering technology of great-capacity decument |
| CN1421814A (en) * | 2001-11-30 | 2003-06-04 | 温天 | Digital anti-fake method |
| CN1494313A (en) * | 2002-10-30 | 2004-05-05 | 中国科学院计算技术研究所 | Digital video frequency water mark method based on error correcting code |
| CN1522069A (en) * | 2003-02-14 | 2004-08-18 | 清华大学 | A method for preventing illegal broadcasting in cable digital TV broadcasting |
| CN1595880A (en) * | 2003-09-11 | 2005-03-16 | 华为技术有限公司 | Method of information integrity protection in multicast/broadcast |
-
2005
- 2005-06-03 CN CN 200510074887 patent/CN100484233C/en not_active Expired - Fee Related
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1259260A (en) * | 1997-06-06 | 2000-07-05 | 汤姆森消费电子有限公司 | Conditional access system for set-top boxes |
| CN1265807A (en) * | 1997-06-06 | 2000-09-06 | 汤姆森消费电子有限公司 | Global conditioner access system for broadcast services |
| CN1307420A (en) * | 2000-01-27 | 2001-08-08 | 中国长城计算机深圳股份有限公司 | Sectional enciphering technology of great-capacity decument |
| CN1421814A (en) * | 2001-11-30 | 2003-06-04 | 温天 | Digital anti-fake method |
| CN1494313A (en) * | 2002-10-30 | 2004-05-05 | 中国科学院计算技术研究所 | Digital video frequency water mark method based on error correcting code |
| CN1522069A (en) * | 2003-02-14 | 2004-08-18 | 清华大学 | A method for preventing illegal broadcasting in cable digital TV broadcasting |
| CN1595880A (en) * | 2003-09-11 | 2005-03-16 | 华为技术有限公司 | Method of information integrity protection in multicast/broadcast |
Non-Patent Citations (2)
| Title |
|---|
| DVB条件接收及其应用. 马正先.中国有线电视,第03卷第04期. 2004 * |
| 数字电视广播中的条件接收技术. 王镔,周祖成.电视广播与传输,第229期. 2001 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1874487A (en) | 2006-12-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100484233C (en) | Safety certification device for digital TV signal, and TV equipment with the device | |
| CN100484232C (en) | Digital TV broadcast system and method | |
| CN100584008C (en) | Scrambling non-scrambling transmission flow real-time authenticating device and television device with same | |
| CN101719910B (en) | Terminal equipment for realizing content protection and transmission method thereof | |
| CN100505865C (en) | Video copyright protecting and monitoring system in digital television | |
| CN101051906B (en) | Method for transmitting and receiving stream type media and certifying system for stream type media | |
| US8014525B2 (en) | Digital broadcasting transmitting system for conditional access and method thereof, and digital broadcasting receiving terminal and method thereof | |
| EP2802152B1 (en) | Method for secure processing a stream of encrypted digital audio / video data | |
| CN101902477B (en) | Transmission system, reception system, the recognition methods of media stream and system | |
| CN102075812B (en) | Data receiving method and system of digital television | |
| CN103686333A (en) | Audio video protecting method and audio video terminal | |
| US8300821B2 (en) | Digital broadcasting system and method of processing data in digital broadcasting system | |
| RU2605923C2 (en) | Secure transmission method and apparatus for transport stream | |
| KR100739487B1 (en) | A conditional access system for each transmitter in digital multimedia broadcasting system and method thereof | |
| CN1972433B (en) | Real-time authentication apparatus for digital TV transmission stream and television device with same | |
| CN101409818A (en) | System for managing digital television copyright based on digital watermarking and condition-receiving technology | |
| CN101500156A (en) | Information ciphering, deciphering method and apparatus and information ciphering and deciphering system | |
| CN103237245A (en) | Vehicle-mounted DVB (Digital Video Broadcasting) conditional access system for identifying set-top-box identity | |
| CN108650549B (en) | Digital television data management method and system | |
| JP4127778B2 (en) | Broadcast transmission / reception method, broadcast reception method | |
| CN202455480U (en) | Digital watermark system for verifying digital television copyright | |
| JP4607941B2 (en) | Broadcast transmission / reception method, broadcast reception method | |
| CN101729501A (en) | Multimedia broadcasting system and method | |
| KR101138152B1 (en) | Conditional storing system and method for iptv | |
| KR101138126B1 (en) | Cas system and method for iptv |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| C56 | Change in the name or address of the patentee | ||
| CP03 | Change of name, title or address |
Address after: 100049 No. 19, Yuquanlu Road, Beijing, Shijingshan District Patentee after: University OF CHINESE ACADEMY OF SCIENCES Address before: 100039 Graduate University of Chinese Academy of Sciences, Beijing, Yuquanlu Road, 19 Patentee before: GRADUATE University OF CHINESE ACADEMY OF SCIENCES |
|
| TR01 | Transfer of patent right |
Effective date of registration: 20151120 Address after: 100195 Beijing city Haidian District minzhuang Road No. 87 C Patentee after: INSTITUTE OF INFORMATION ENGINEERING, CHINESE ACADEMY OF SCIENCES Address before: 100049 No. 19, Yuquanlu Road, Beijing, Shijingshan District Patentee before: University of Chinese Academy of Sciences |
|
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090429 Termination date: 20190603 |