CN101527837A - Method for updating digital interface revocation list - Google Patents
Method for updating digital interface revocation list Download PDFInfo
- Publication number
- CN101527837A CN101527837A CN200910301485A CN200910301485A CN101527837A CN 101527837 A CN101527837 A CN 101527837A CN 200910301485 A CN200910301485 A CN 200910301485A CN 200910301485 A CN200910301485 A CN 200910301485A CN 101527837 A CN101527837 A CN 101527837A
- Authority
- CN
- China
- Prior art keywords
- revocation list
- version number
- authentication code
- transmit leg
- local
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention relates to digital television techniques, in particular to a method for updating a digital interface revocation list, discloses the method for updating digital interface revocation list and solves the problems that updating and transmission time is long. The technical proposal has the key aspects which can be summarized in the following way: a sender first sends a version number to a receiver, and the receiver compares the received version number with a local version number; if the local version number is more advanced, then the revocation list is sent to the sender; otherwise, the local version number is updated. The invention has the beneficial effects of improving updating efficiency of the revocation list and being applicable to digital content protection.
Description
Technical field
The present invention relates to digital television techniques, relate in particular to a kind of update method of digital interface revocation list.
Background technology
Along with economic globalization deepen continuously and spread, information digitalization ground rapid expansion, intellectual property protection is converted into more tangible feasible measure by the consciousness of sloganization gradually.Digital content protection becomes the burning hot topic of near period.Be referred to as digital content with data such as the audio frequency and video of digital store and transmission, text, pictures, its " numeral " characteristics when meeting the digital communication requirement more the consumer brought unprecedented high-quality audiovisual experience.Yet its " numeral " characteristics are also provided convenience for the bootlegger, and the bootlegger can intactly copy and the spreading digital content.Digital content all has copyright usually, and the producer sells digital content to obtain interests by certain means.Along with the development of network technology and data compression technique, the illegal use and the copy right piracy of digital content become more and more easier, this must make the producer of digital content suffer enormous economic loss.
The method of at present general protection copyrighted digital content is to issue corresponding certificate to the equipment that participates in the digital content protective system communication; but certificate has certain effective period; therefore need revoke illegal or unsafe equipment in time; this effective enforcement of revoking mode needs corresponding revocation list, and revocation list needs constantly to upgrade.
Existing digital interface content protecting system; as HDCP, DTCP etc.; what realize all is transmitting safely between digital interface and the digital interface; all functional units are all in digital interface chip inside, and the model of its revocation list (revocation list Executive Module) comprises the more New Deal of revocation list signature verification, revocation list, public spoon, private spoon, revocation list, communication protocol.And that the general employing of the signature of revocation list is RSA, ECC etc., algorithm is very complicated, scale is very big, PKI, the shared memory space of private key are also very big, and revocation list is along with participating in increasing of digital content system equipment, and the certificate that authoritative institution issues is also more and more, and corresponding revocation list is also more and more longer, the chip space that takies is also increasing, also can influence the renewal speed of revocation list.
In the prior art, the update scheme of revocation list is: both sides want simultaneously mutual version number and revocation list, and both sides are with the other side's the version number and the comparing of own local storage that receive, if the other side's height upgrades local so then; If the other side is low, then ignore.Along with increasing of revocation list, occupation space can be increasing, so mutual, very time-consuming, is unfavorable for the optimization of system.
Summary of the invention
Technical problem to be solved by this invention is: propose a kind of update method of digital interface revocation list, solve the long problem of transmission time of upgrading.
The technical scheme that the present invention solves the problems of the technologies described above employing is: a kind of update method of digital interface revocation list may further comprise the steps:
C. transmit leg sends to the recipient with version number, message authentication code, the public spoon of its local revocation list;
D. recipient's public spoon that will receive sends this locality to and revokes Executive Module, verifies its legitimacy by revoking Executive Module, if legal then execution in step e sends failed message to transmit leg if conform to rule;
E. verify whether message authentication code is legal, if legal then execution in step f, otherwise, failed message sent to transmit leg;
F. the version number of the version number of more local revocation list and transmit leg, if the version number of local revocation list is higher, then send local revocation list, message authentication code, public spoon to transmit leg, then send solicited message to transmit leg if local revocation list version number is low;
G. if transmit leg receives recipient's solicited message, then send its local revocation list, message authentication code, public spoon to the recipient, and execution in step h; If transmit leg receives recipient's revocation list, message authentication code, public spoon, then, replace local revocation list through after being proved to be successful of message authentication code, public spoon;
H. after the recipient is proved to be successful through message authentication code, public spoon, replace local revocation list with the revocation list that receives.
Further, before execution in step c, also comprise step:
A. divide the revocation list model, be divided into the digital interface module and revoke Executive Module, the digital interface module comprises public spoon, private spoon and interface communication protocol, revokes Executive Module and comprises revocation list checking, revocation list more New Deal, revocation list and public spoon certificate chain;
B. will revoke Executive Module and be integrated in the television set master chip.
The invention has the beneficial effects as follows: the update efficiency that has improved revocation list.
Description of drawings
Fig. 1 is the flow chart of initiator among the embodiment;
Fig. 2 is the flow chart of recipient among the embodiment.
Embodiment
The invention will be further described below in conjunction with drawings and Examples.
The present invention is with respect to prior art, changed the update mode of revocation list, avoided transmitting simultaneously in the prior art interactive mode of version number and revocation list, but adopt earlier by judging the height of version number, be sent to the low side of version number by the high side of version number again, so only need the transmission of a revocation list, improved the realization speed of upgrading revocation list greatly.Further, can also divide the revocation list model of prior art, more New Deal, revocation list and public spoon certificate chain are separated from digital interface with taking the big revocation list checking of memory space, revocation list, and directly be integrated in the television set master chip, improve renewal processing speed to revocation list.
Embodiment:
At first divide the revocation list model, be divided into the digital interface module and revoke Executive Module, the digital interface module comprises public spoon, private spoon and interface communication protocol, revokes Executive Module and comprises revocation list checking, revocation list more New Deal, revocation list and public spoon certificate chain; To revoke Executive Module and be integrated in the television set master chip.
Suppose that A is the initiator of revocation list, B is response side.As shown in Figure 1, initiator A order in two-way revocation list renewal process is carried out following flow process:
(1) version number, message authentication code, the PKI with local revocation list sends to B;
According to the realization situation of system, appropriate stand-by period T is set, wait for receiving the response message that B sends over;
If receive the failed message that B sends in the time, then initiate two-way renewal process (also can disconnect and connecting) again according to actual conditions at T;
If receive the revocation list that B sends in the time at T, illustrate that then the revocation list version of B is higher, need to replace local revocation list; (2) after A received the revocation list that B sends over, at first the PKI with B sent the local Executive Module of revoking to, judges the legitimacy of the PKI of B:
If legal, then continue to carry out the checking of message authentication code; If illegal, then initiate two-way renewal process again or disconnect connection
(3) A verifies the message authentication code that B sends over:
If by checking, then replace local revocation list with the revocation list of B, after replacing it, send success message to B;
If illegal, then initiate two-way renewal process again or disconnect connection according to actual conditions
As shown in Figure 2, B order in two-way revocation list renewal process in the side of response is carried out following flow process:
(1) at first the PKI of A is sent to the local Executive Module of revoking, whether legal by the PKI of revoking Executive Module checking A:
If, then begin the message authentication code of verifying that A sends by checking;
If authentication failed then sends failure to A.
(2) B verifies the message authentication code that A sends over:
If by checking, then begin the version number of the local revocation list of comparison and the version number of A;
If authentication failed then sends failed message to A.
(3) version and the city edition this shop of comparison A if the version number of A is higher, then send a request message to A; If lower, then send local revocation list, message authentication code, PKI to A by the version number that compares A.
After B sends request message, be set the appropriate stand-by period, wait for that A sends revocation list:
If receive the revocation list that A sends at the appointed time, then replace local revocation list with the revocation list of A, after replacement is finished, send success message to A; If overtime, then send failed message to A.
Claims (2)
1. the update method of a digital interface revocation list is characterized in that: may further comprise the steps:
C. transmit leg sends to the recipient with version number, message authentication code, the public spoon of local revocation list;
D. recipient's public spoon that will receive sends this locality to and revokes Executive Module, revokes Executive Module by this locality and verifies its legitimacy, if legal then execution in step e sends failed message to transmit leg if conform to rule;
E. verify whether message authentication code is legal, if legal then execution in step f, otherwise, failed message sent to transmit leg;
F. the version number of the version number of more local revocation list and transmit leg, if the version number of local revocation list is higher, then send local revocation list, message authentication code, public spoon to transmit leg, then send solicited message to transmit leg if local revocation list version number is low;
G. if transmit leg receives recipient's solicited message, then send its local revocation list, message authentication code, public spoon to the recipient, and execution in step h; If transmit leg receives recipient's revocation list, message authentication code, public spoon, then, replace local revocation list through after being proved to be successful of message authentication code, public spoon;
H. after the recipient is proved to be successful through message authentication code, public spoon, replace local revocation list with the revocation list that receives.
2. the update method of a kind of digital interface revocation list as claimed in claim 1 is characterized in that: also comprised step before execution in step c:
A. divide the revocation list model, be divided into the digital interface module and revoke Executive Module, the digital interface module comprises public spoon, private spoon and interface communication protocol, revokes Executive Module and comprises revocation list checking, revocation list more New Deal, revocation list and public spoon certificate chain;
B. will revoke Executive Module and be integrated in the television set master chip.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2009103014857A CN101527837B (en) | 2009-04-10 | 2009-04-10 | Method for updating digital interface revocation list |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2009103014857A CN101527837B (en) | 2009-04-10 | 2009-04-10 | Method for updating digital interface revocation list |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101527837A true CN101527837A (en) | 2009-09-09 |
CN101527837B CN101527837B (en) | 2011-05-11 |
Family
ID=41095498
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2009103014857A Active CN101527837B (en) | 2009-04-10 | 2009-04-10 | Method for updating digital interface revocation list |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN101527837B (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2011006326A1 (en) * | 2009-07-16 | 2011-01-20 | 四川长虹电器股份有限公司 | Content security transmission protection device and system thereof, and content security transmission method |
WO2011076082A1 (en) * | 2009-12-21 | 2011-06-30 | 深圳市同洲电子股份有限公司 | Digital television receiving terminal and method and system for application management thereof |
CN113141257A (en) * | 2021-03-26 | 2021-07-20 | 深圳国实检测技术有限公司 | Revocation list updating method and storage medium |
CN113742787A (en) * | 2021-08-06 | 2021-12-03 | 深圳数字电视国家工程实验室股份有限公司 | Digital certificate revocation list updating method, initiating terminal, responding terminal and system |
-
2009
- 2009-04-10 CN CN2009103014857A patent/CN101527837B/en active Active
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2011006326A1 (en) * | 2009-07-16 | 2011-01-20 | 四川长虹电器股份有限公司 | Content security transmission protection device and system thereof, and content security transmission method |
US8892882B2 (en) | 2009-07-16 | 2014-11-18 | Sichuan Changhong Electric Co., Ltd. | Content transmission security protection device system and method |
WO2011076082A1 (en) * | 2009-12-21 | 2011-06-30 | 深圳市同洲电子股份有限公司 | Digital television receiving terminal and method and system for application management thereof |
CN113141257A (en) * | 2021-03-26 | 2021-07-20 | 深圳国实检测技术有限公司 | Revocation list updating method and storage medium |
CN113141257B (en) * | 2021-03-26 | 2022-06-07 | 深圳国实检测技术有限公司 | Revocation list updating method and storage medium |
CN113742787A (en) * | 2021-08-06 | 2021-12-03 | 深圳数字电视国家工程实验室股份有限公司 | Digital certificate revocation list updating method, initiating terminal, responding terminal and system |
Also Published As
Publication number | Publication date |
---|---|
CN101527837B (en) | 2011-05-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
KR101786177B1 (en) | Method and apparatus for performing secure bluetooth communication | |
EP2776916B1 (en) | Network-based revocation, compliance and keying of copy protection systems | |
US8127367B2 (en) | Refreshing software licenses | |
CN103370944B (en) | Client device and local station with digital rights management and methods for use therewith | |
CN100470575C (en) | Method and system of saftware using license | |
US8601555B2 (en) | System and method of providing domain management for content protection and security | |
US7676042B2 (en) | Terminal apparatus, server apparatus, and digital content distribution system | |
CN101699819B (en) | Method and system for managing digital rights | |
US20090193257A1 (en) | Rights object authentication in anchor point-based digital rights management | |
US20060282391A1 (en) | Method and apparatus for transferring protected content between digital rights management systems | |
WO2013031124A1 (en) | Terminal device, verification device, key distribution device, content playback method, key distribution method, and computer program | |
CN101951318B (en) | Bidirectional mobile streaming media digital copyright protection method and system | |
CN101527837B (en) | Method for updating digital interface revocation list | |
US9430620B2 (en) | System and method for securing the life-cycle of user domain rights objects | |
CN101997878A (en) | Method, device and system for verifying domain name link | |
US10142108B2 (en) | Copy protection scheme for digital audio and video content authenticated HDCP receivers | |
US8307457B2 (en) | Method and terminal for receiving rights object for content on behalf of memory card | |
CN111797367A (en) | Software authentication method and device, processing node and storage medium | |
CN103873257A (en) | Secrete key updating, digital signature and signature verification method and device | |
KR101649528B1 (en) | Method and device for upgrading rights object that was stored in memory card | |
US20140013453A1 (en) | Duplication judgment device and duplication management system | |
CN101977113B (en) | Method for equipment identification in digital copyright management | |
CN103327028A (en) | Method, system, server and clients for sharing services on mobile equipment | |
CN101903875A (en) | Methods and apparatuses for using content, controlling use of content in cluster, and authenticating authorization to access content | |
US20100121966A1 (en) | Repeater and repeating method thereof |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant |