CN101729253A - Multimedia broadcasting system and method - Google Patents
Multimedia broadcasting system and method Download PDFInfo
- Publication number
- CN101729253A CN101729253A CN 200810173629 CN200810173629A CN101729253A CN 101729253 A CN101729253 A CN 101729253A CN 200810173629 CN200810173629 CN 200810173629 CN 200810173629 A CN200810173629 A CN 200810173629A CN 101729253 A CN101729253 A CN 101729253A
- Authority
- CN
- China
- Prior art keywords
- information
- signature
- characteristic
- secure broadcast
- business tine
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
Abstract
The invention provides a multimedia broadcasting system and method and in particular relates to a method for providing safe broadcasting information in multimedia broadcasting information. The method comprises the following steps: extracting broadcast channel control information and service content characteristic from the multimedia broadcasting information; generating service content characteristic signature information according to the service content characteristic; generating safe broadcasting signature information according to the broadcast channel control information and the service content characteristic signature information; and generating safe broadcasting information according to the safe broadcasting signature information and the service content characteristic signature information, wherein the safe broadcasting information is inserted into the multimedia broadcasting information based on certain rules. The invention only needs to carry out digital signature on the characteristic information of the broadcasting contents, thereby effectively reducing the data calculation amount of data signature.
Description
Technical field
The present invention relates to digital television techniques, relate in particular to a kind of digital television broadcasting system and method.
Background technology
Along with science and technology development, digital television techniques has advantages such as transmission quality height, scope is wide, speed is fast because of it, and is widely used gradually.Yet, how be accompanied by problem that digital television techniques occurs and be fail safe, integrality and the real-time of guarantee information.
Digital signature is the technology that Information Security is strengthened in comparatively common being used at present.Digital signature technology is meant message is carried out mathematic(al) manipulation, produces one group of particular data.When this group data and message transmitted together, the recipient can verify sender of the message's identity, reaches the effect of signing on the similar traditional sense.Common digital signature technology general using asymmetric cryptographic algorithm is realized.Asymmetric cryptographic algorithm is meant that encrypting messages uses different keys with decrypt.Digital signature technology has utilized these characteristics: signer uses secret encryption key that message or the characteristic information are encrypted, and the ciphertext that obtains sends together as digital signature and message itself.Signer openly offers recipient's use with decruption key simultaneously.During certifying signature, if the result that decrypted signature obtains is consistent with message, attestation-signatures is really produced by the signer of grasping encryption key so; If inconsistent, then attestation-signatures is not from the signer that is known as.
This asymmetrical characteristics of digital signature are generally based on a unidirectional mathematics difficult problem.Because the difficulty of these mathematical problems can't recover encryption key by decruption key or other public informations, therefore when lacking encryption key, can't forge digital signature to the message that process is distorted.So digital signature can also guarantee the integrality of message except traditional proof of identification function.
In multi-media broadcasting system, differentiate broadcasted content if desired, the transmitting terminal of broadcast system (or front end) can be to broadcasted content, for example video flowing, audio stream carry out digital signature, again digital signature and broadcasted content are sent to user terminal after multiplexing, user terminal can the normal play broadcasted content behind certifying digital signature.But because radio data system has very high requirement for real-time, if broadcasted content is carried out digital signature, must use high performance treatment facility to finish mass data computing in the digital signature procedure so, thereby make the cost of whole multimedia broadcast system higher, stability reduces.Moreover, because digital signature is very responsive to error code, when using the higher wireless broadcast channel transmitting multimedia contents of the error rate, because of causing terminal, can't play the normal channel error code easily.
Given this, being necessary to provide a kind of can reduce the amount of calculation of digital signature and the insensitive multimedia broadcasting of error code is differentiated protection system.
Summary of the invention
For addressing the above problem, the invention provides a kind of multi-media broadcasting system and method, it is more insensitive and do not need to carry out the data signature computing of big data quantity to error code.
A kind of method that secure broadcast information is provided in multimedia broadcasting information, it comprises: extract broadcast channel control information and professional content characteristic in multimedia broadcasting information; Content characteristic according to described business produces business tine characteristic signature information; Produce the secure broadcast signing messages according to described broadcast channel control information and described business tine characteristic signature information; And producing described secure broadcast information according to described secure broadcast signing messages and described business tine characteristic signature information, wherein said secure broadcast information will be inserted in the described multimedia broadcasting information with certain rule.
The present invention provides a kind of equipment that is used for providing at multi-media broadcasting system secure broadcast again, and it comprises: secure broadcast signing messages generation module is used for the broadcast channel control information that receives is applied signature to produce the secure broadcast signing messages; Business tine characteristic signature information-generation module is used for extracting the business tine feature from the multimedia broadcasting information that receives, and described business tine feature is applied signature to produce business tine characteristic signature information; And secure broadcast information combination module, be used for producing described secure broadcast information according to described secure broadcast signing messages and described business tine characteristic signature information.
The present invention only need carry out digital signature to the characteristic information of broadcasted content, effectively reduces the data computation amount of data signature, helps reducing the sensitivity of identification system to the broadcast channel error code, and the computation complexity that reduces front terminal system and terminal.
Description of drawings
What Fig. 1 showed is the transmission frame-form schematic diagram of one embodiment of the invention;
What Fig. 2 showed is the multiplexed sub frame structural representation of one embodiment of the invention;
What Fig. 3 showed is the form schematic diagram of the timestamp of one embodiment of the invention;
What Fig. 4 showed is the flow chart that produces secure broadcast information according to one embodiment of the invention;
Fig. 5 shows is to extract and the flow chart of authenticating security broadcast message according to one embodiment of the invention;
Fig. 6 shows is the schematic block diagram of front terminal system of the multi-media broadcasting system of one embodiment of the invention; And
Fig. 7 shows that one is the schematic block diagram of terminal of the multi-media broadcasting system of one embodiment of the invention.
Embodiment
For above-mentioned and other purposes, feature and advantage of the present invention can be become apparent, cited below particularlyly go out preferred embodiment, and cooperate appended graphicly, be described in detail as follows.
The front terminal system of the multi-media broadcasting system of one embodiment of the invention carries out digital signature by the content characteristic to business and obtains business tine characteristic signature information.On the other hand, the front terminal system also can sign to obtain a secure broadcast signing messages to the control information of broadcast channel.This secure broadcast signing messages and business tine characteristic signature information are inserted in the transmission frame of broadcast channel according to certain rules by the front terminal system.Terminal at multi-media broadcasting system is provided with corresponding extraction and inspection machine, with legitimacy and the integrality by secure broadcast signing messages and business tine characteristic signature Information Authentication broadcasted content.Because the present invention only needs the computing of signing of the control information of channel and the professional content characteristic that changes, but not business tine itself (for example video, audio frequency or data itself), thereby can lower operand and error code susceptibility.
What Fig. 1 showed is a kind of structure that is used for the transmission frame TF of bearing multimedia broadcast content.Transmission is detectd TF and can be comprised a plurality of multiplexed frame MF0 to MFn, each multiplexed frame MF0-MFn includes multiplex frame head MFH, multiplexed frame payload MFP and filler cells MF S, as: multiplexed frame MF0 comprises multiplex frame head MFH 0, multiplexed frame payload MFP 0 and filler cells MFS 0, multiplexed frame MFi comprises multiplex frame head MFH i, multiplexed frame payload MFP i and filler cells MFS i, and the structure of all the other multiplexed frames by that analogy.
The control information of multimedia broadcast contents, for example broadcast channel control information generally is stored among the control information table CIT0 to CITk-1 of multiplexed frame MF0, and concrete broadcasted content (business tine) then is placed in all the other multiplexed frames (also can be called traffic frame).For instance, the control information table of this enforcement can comprise network information table, continues period service duplexing configuration list, continue service allocation list, short-period service duplexing configuration list and short time service allocation table.Understand as persons skilled in the art, the channel of broadcast channel and multiplexing control information have been comprised in the above-mentioned control information table, terminal is if need the normal play broadcasted content, the broadcast message that must use channel in the control information table and multiplexing control information to come rectification and the transmission of demultiplexing front terminal system.The secure broadcast information that the present invention produced, can be used as a kind of special control information table transmits in multiplexed frame MF0, as be placed among h the control information table CITh, also can transmit, as be placed among the multiplexed sub frame SMFi of multiplexed frame payload MFPi by other multiplexed frames.
Because the multiplexed frame among the transmission frame TF except that multiplexed frame MF0 (structure that is multiplexed frame MF1~MFn) is all identical, thus following be the example explanation only with multiplexed frame MFi.Multiplexed frame MFi is made of multiplex frame head MFHi, the quiet lotus MFPi of multiplexed frame and filling MFSi, and the quiet lotus MFPi of multiplexed frame includes a plurality of multiplexed sub frames, for example multiplexed sub frame SMF0~SMFn.Figure 2 shows that the structural representation of the multiplexed sub frame of one embodiment of the invention.With multiplexed sub frame SMFn shown in Figure 1 is example, and multiplexed sub frame SMFn comprises a subframe ZZH, video-data fragment ZZV, audio data section ZZA and data segment ZZD.Wherein a subframe ZZH can comprise fields such as initial reproduction time, video-frequency band indication, audio section indication, data segment indication and CRC.Video-frequency band indication, audio section indication and data segment indication are respectively applied for this multiplexed sub frame of sign and whether comprise video information, audio-frequency information or clear data information.Video-data fragment ZZV is made of the video unit VD of video paragraph header VH and carrying video data, audio data section ZZA is made up of the audio unit AD of audio frequency paragraph header AH and carrying voice data, and data segment ZZD then comprises the data cell DD of data segment header DH and carrying clear data content (for example condition reception information).Video unit VD, audio unit AD and data cell DD all might be made of a plurality of subelements.For instance, video unit VD can include video subelement VD0~VDn.Furthermore, video paragraph header VH comprises video-frequency band length VH0, the V parameter H1 and CRC (cyclic redundancy check (CRC) code) the field VH2 of video unit of the length of sign video paragraph header.At least include the V parameter H11 that the video unit length VH10 of length value of sign video unit VD and other are used to identify the attribute of video unit among the V parameter H1 of video unit.Audio frequency paragraph header AH includes and is used for the audio frequency subelement of number of the subelement that identification audio unit AD comprised and counts the parameter A H1 and the crc field AH2 of AH0, audio unit.Wherein, the parameter A H1 of audio unit comprises audio unit length A H10 at least and is used for other parameter A H11 of other attributes of description audio section AH1.AH is similar with the audio frequency paragraph header, and data segment header DH includes parameter DH1 and the crc field DH2 that the data subelement is counted DH0, data cell.The parameter DH1 of data cell includes data unit length DH10 and other parameters DH11.
In present embodiment, the multiplexed sub frame that transmission frame TF is comprised can be respectively applied for the corresponding service of carrying broadcasted content.For instance, multiplexed sub frame SMF0~SMF2 of multiplexed frame MFi is respectively applied for the business 0~2 in the carrying broadcasted content, for example the TV programme of CCTV1, CCTV2 and CCTV3.Therefore, the business that each of the transmission frame TF of present embodiment is used for carrying broadcasted content can have a corresponding business content characteristic signing messages, these business tine characteristic signature information can disperse to be placed in the corresponding multiplexed sub frame, also a plurality of business tine characteristic signature ensemble of communication corresponding to the multiplexed sub frame of same multiplexed frame can be monopolized a multiplexed sub frame as a particular service together, or all business tine characteristic signature ensembles of communication are placed in the secure broadcast information together transmit.The particular location of business tine characteristic signature information can define in the control information table, or can come clear and definite standard by standard or industry standard, makes terminal to extract to assigned address according to standard and waits to broadcast professional business tine characteristic signature information.Because placing business tine characteristic signature information according to above-mentioned variety of way is known with respect to persons skilled in the art, therefore no longer is described in detail.Need to prove no matter whether business tine characteristic signature information puts together with the secure broadcast signing messages, secure broadcast information can logically be interpreted as and comprise business tine characteristic signature information and secure broadcast signing messages.
In one embodiment of the invention; extract and checking business tine characteristic signature for making things convenient for terminal; the business tine characteristic signature information of front terminal system in combination business to be producing broadcasted content feature protection information, and this broadcasted content feature protection information is placed in the extra data segment of secure broadcast information and transmits.To carry out exemplary explanation to secure broadcast information, broadcasted content feature protection information and the business tine characteristic signature object of one embodiment of the invention below, with better understanding technology contents of the present invention.
In one embodiment of the invention, secure broadcast information comprises secure broadcast signing messages and the extra data segment of being made up of timestamp, secure broadcast configuration information, extra data segment attribute information and secure broadcast signature.
Wherein, timestamp is used to identify the generation time of secure broadcast data, and concrete structure as shown in Figure 3.Wherein, the time calculated since 2000; The order of same second interior timestamp of sequence number sign, terminal can use this timestamp to prevent Replay Attack.
The secure broadcast configuration information is used to describe the attribute and the control information of this secure broadcast information, for example can comprise: sign is used to identify secure broadcast information; Version number is used to identify the version number of secure broadcast information data structure; Network information table protection sign, expression should comprise network information table when calculating digital signature, if be 0, then expression does not comprise; Continue period service duplexing configuration list protection sign, if this parameter is 1, expression should comprise lasting period service duplexing configuration list when calculating digital signature, if be 0, then expression does not comprise; Continue service allocation list protection sign, if this parameter is 1, expression should comprise lasting service allocation list when calculating digital signature, if be 0, then expression does not comprise; Short-period service duplexing configuration list protection sign, if this parameter is 1, expression should comprise short-period service duplexing configuration list when calculating digital signature, if be 0, then expression does not comprise; Short time service allocation table protection sign, if this parameter is 1, expression should comprise short time service allocation table when calculating digital signature, if be 0, then expression does not comprise.
Extra data segment is usually located at the last part of secure broadcast information, is used for carrying other information except that secure broadcast configuration information and timestamp, for example broadcasted content feature protection information.The extra data segment attribute information can comprise the additional information hop count amount of the sum that is used to refer to the additional information section, the additional information segment identification of type that is used for identifying the additional information section and the additional information segment length that is used to refer to the length of additional information section.
The secure broadcast signature is the result to control information table, secure broadcast configuration information, timestamp and extra data segment attribute information signature.Specifically need sign and to come concrete regulation by the secure broadcast configuration information which control information table; for example only need sign to network information table, lasting period service duplexing configuration list; then the protection of the network information table in secure broadcast configuration information sign and lasting service protection are designated 1, and the protection of other three allocation lists is designated 0.
In one embodiment of the invention, the broadcasted content feature protection information that includes a plurality of business tine characteristic signature information is to put into secure broadcast information as an extra data segment to transmit.Specifically, see also shown in the table 1, broadcasted content feature protection information can be made up of system protection configuration information, service protection configuration information and business tine characteristic signature.Wherein, service protection configuration information and business tine characteristic signature constitute business tine characteristic signature information jointly.In present embodiment, the system protection configuration information comprises: transmission frame postpones, identify this broadcasted content feature protection pairing transmission frame of business tine characteristic signature information that message segment comprised, for example, if be 1, then identify the feature that this message segment is last transmission frame, the value that this transmission frame postpones can be set in control information by configuration server; And number of services, represent the number of described transmission frame institute loaded service, this information can obtain in the control information table by multiplexed frame MF0.The service protection configuration information then is used for describing respectively corresponding professional attribute information, and it can comprise: service identification, sign thereafter the described information of each field corresponding to which business; Initial reproduction time is represented the initial reproduction time of the multiplexed sub frame of this business correspondence; Do not comprise initial reproduction time as the multiplexed sub frame frame head, this field should be 0, and this field is used for synchronized broadcasting content and professional content characteristic information; Whether video protection sign, sign comprise the tabulation of video unit length when calculating corresponding to this professional business tine characteristic signature, 1 expression comprises that 0 expression does not comprise; And audio frequency protection sign, whether sign comprises the tabulation of audio unit length when calculating corresponding to this professional business tine characteristic signature, 1 expression comprises that 0 expression does not comprise.Table 1 is depicted as the composition of the broadcasted content feature protection information of one embodiment of the invention.
Table 1 broadcasted content feature protection information
The business tine characteristic signature is to be used for verifying in terminal the data integrity of corresponding business tine feature.In one embodiment of the invention; as shown in table 2, the object of professional business tine characteristic signature can comprise: be used for the timestamp, system protection configuration information, service protection configuration information of synchronous safety broadcast message and broadcasted content characteristic signature and content characteristic that should business.For instance, the system protection configuration information comprises transmission frame and postpones and number of services, and the service protection configuration information comprises service identification, initial reproduction time, video protection sign and audio frequency protection sign.Professional content characteristic should be the information of the attribute that can embody this professional content real-time change, the length of for example initial reproduction time, specific fields or the content of specific fields etc., and concrete the selection to which attribute information signed and can be set as required.In present embodiment, professional content characteristic includes: video subelement quantity, the sum of video subelement in the multiplexed sub frame of expression service identification correspondence; Audio frequency subelement quantity, the sum of the multiplexed sub frame sound intermediate frequency subelement of expression service identification correspondence; Video unit length, the length of expression video unit, unit is a byte; And audio unit length, the length of expression audio unit, unit is a byte.As shown in Figure 2, the video paragraph header of the multiplexed sub frame that above-mentioned every information can be by reading this business correspondence, the audio frequency paragraph header obtains or carrying out simple operation according to the information of video paragraph header and audio frequency paragraph header can obtain.Table 2 is depicted as the signature object of the business tine characteristic signature of one embodiment of the invention.
Table 2 business tine characteristic signature object
Need to prove; the description of above-mentioned relevant secure broadcast information, broadcasted content feature protection information and business tine characteristic signature object is exemplary; in the application of reality, can be according to using situation to reconfigure or do adaptive increase or deleting.For instance, business tine characteristic signature object can not comprise initial reproduction time, timestamp, also can add the information that the content characteristic that corresponding service constantly changes could be represented or reflect to data subelement number and audio unit length etc.On the other hand, if each professional business tine characteristic signature information is all placed apart in corresponding multiplexed sub frame, then can comprises the system protection configuration information in the business tine characteristic signature information and also can not comprise the system protection configuration information.If do not comprise, then the system protection configuration information can be placed in the extra data segment of secure broadcast information or be placed in the control information table.
Illustrate that below with reference to Fig. 4 and Fig. 5 one embodiment of the invention produces and the flow process of authenticating security broadcast message.
Fig. 4 inserts the flow chart of the step of secure broadcast information in broadcast service content for explanation front terminal system.At first, in step S401, the front terminal system produces timestamp shown in Figure 3 according to system's real-time clock, with the generation time of sign secure broadcast data.Then, in step S402, the front terminal system receives broadcast channel control information (being the above-mentioned control information table that is carried among the multiplexed frame MF0).Subsequently, in step S403, timestamp and broadcast channel control information are signed computing to produce the secure broadcast signature according to the first front end private key that is stored in the front terminal system.Certainly, the secure broadcast signature object also can include the secure broadcast configuration information, for example the protection of sign, version number and corresponding control information table sign.If adopt the computing of signing of variable front end private key, then the secure broadcast configuration information also should comprise the front end PKI index of the PKI that marking terminal should use when authenticating security broadcasting signature, and the front end PKI normally is transferred to terminal with the form of front-end certificate.In present embodiment, front-end certificate can be carried on and transfer to terminal in the extra data segment.Owing to also need composite service content characteristic signature when in the subsequent step of present embodiment, producing secure broadcast information, thereby the secure broadcast signature object can also comprise the attribute information of extra data segment, for example extra data segment quantity, additional data segment length and additional data segment identification.Moreover, if business tine characteristic signature information and secure broadcast signing messages are placed apart, then the secure broadcast signature object can comprise and represent whether business tine characteristic signature information is packaged in existence sign in the extra data segment and the field of representing business tine characteristic information length.After obtaining the secure broadcast signature, execution in step S404, the front terminal system extracts each professional content characteristic in broadcast service content, video subelement quantity, audio frequency subelement quantity, video unit length and audio unit length that for example should business.Then, in step S405, respectively each professional content characteristic is signed computing to produce a plurality of business tine characteristic signatures according to the second front end private key that is stored in the front terminal system.In fact; as previously mentioned; the signature object of business tine characteristic signature can also comprise timestamp, the system protection configuration information that produces among the step S401 except that the content characteristic of business; for example transmission frame delay and number of services and service protection configuration information, for example service identification, initial reproduction time, video protection sign, video protection sign etc.After step S405, the execution in step S406 of front terminal system, assembly time stamp, secure broadcast signing messages and business tine characteristic signature information are to produce secure broadcast information.For persons skilled in the art; readily understand if the signature object when step S403 and step S405 generation secure broadcast signature and business tine characteristic signature includes extra data segment attribute information and configuration information; be secure broadcast configuration information, system protection configuration information and service protection configuration information; then when producing secure broadcast information, also should make up above-mentioned configuration information, so that terminal can authenticating security broadcasting signature and business tine characteristic signature.After step S406, the execution in step S407 of front terminal system, multiplexing and emission control information, secure broadcast information and broadcast service content.
See also Fig. 5, Fig. 5 is the flow chart of the step of extraction of explanation terminal and authenticating security broadcast message.
At first, in step S501, the channel code stream that end-on is received carries out de-multiplex operation, to extract broadcast channel control information (step S502) and secure broadcast information (S503).Certainly, the broadcast channel control information might not be often to change, thereby can be preset at terminal or the broadcast channel control information of first transmission frame that will receive after startup stores, and need not extract from the channel code stream once more.Then, terminal execution in step S504 judges whether secure broadcast information exists and legal.In present embodiment, terminal can judge whether the secure broadcast signing messages exists and legal from the following aspects: whether the frequency point information the multiplexed frame is consistent with the actual reception frequency; Whether secure broadcast information exists and correct format; Whether the timestamp in the secure broadcast information is later than the timestamp that has received; The time of reception of twice timestamp is consistent at interval with timestamp itself at interval; Timestamp and terminal system time is not than mistake; And the secure broadcast signature is correct.If above-mentioned any one verification failure thinks that then secure broadcast information is by verification.When whether verification secure broadcast signature was correct, whether terminal can utilize first front-end certificate that includes the first front end PKI to come authenticating security broadcasting signature to be complementary with secure broadcast signature object (being broadcast channel control information and the secure broadcast information extracted).Specifically how to come authenticating security broadcasting signature, belong to the common practise of persons skilled in the art, no longer describe in detail herein by above-mentioned three information.If judge that secure broadcast information exists and legal by above-mentioned several verifications, execution in step S505 then, on the contrary then execution in step S513 stops to play broadcasted content.In step S505, terminal extracts business tine characteristic signature information in secure broadcast information or other message segments.In step S506, the business tine characteristic signature information that terminal judges extracts is (if comprise a plurality of business/programs, business tine characteristic signature information that then should these are professional all extracts) whether comprise the business tine characteristic signature information of business to be played (program), promptly judge whether remain in the business tine characteristic signature information play service service identification and with the corresponding business tine characteristic signature of this service identification.If the business tine characteristic signature packets of information that extracts contains the business tine characteristic signature information of business to be played, execution in step S507 then, otherwise execution in step S513 stops broadcast program.In step S507, terminal extracts the content characteristic of program to be broadcast in the broadcast service content that receives, for example front terminal systems such as video subelement quantity, audio frequency subelement quantity, video unit length and audio unit length also need the content characteristic that extracts when producing the business tine characteristic signature.Subsequently, terminal execution in step S508, S512 and S509 are with the business tine characteristic signature information of checking corresponding to program to be broadcast.Specifically, terminal is in step S508, content characteristic corresponding to this program to be broadcast is carried out CRC check, promptly multiplexed sub frame head, video paragraph header, audio frequency paragraph header and data segment header are carried out CRC check whether there to be transmission error code in the content characteristic of judging program to be broadcast.If the CRC check mistake, then think to have transmission error code in this professional content characteristic, and execution in step S512, continue to judge whether to occur the error code of continuous certain hour (for example 3 seconds), if then execution in step S513 stops broadcast program.If in step S512, execution in step S511 then, normal play program the error code of continuous certain hour do not appear as yet.If in step S508; there is not transmission error code in the content characteristic of the business to be played that terminal receives; execution in step S509 then; utilization is stored in second front-end certificate that includes the second front end PKI, business tine characteristic signature and the business tine characteristic signature object (promptly wait to broadcast the content characteristic, system protection configuration information of program and corresponding to the service protection configuration information of waiting to broadcast program) of terminal and judges that whether the business tine characteristic signature is by checking; if then broadcast program (step S511) is passed through in checking, otherwise stops broadcast program (step S513).Need to prove that the described terminal of one embodiment of the invention can not show or play any content from broadcast message when stopping broadcast program.
The front terminal system of multi-media broadcasting system of one embodiment of the invention and the structured flowchart of terminal are described below with reference to Fig. 6 and Fig. 7.
In present embodiment, multi-media broadcasting system 100 is made up of front terminal system 600, channel (not shown) and the terminal 700 that is coupled to channel.As shown in Figure 6, the front terminal system 600 of one embodiment of the invention comprises secure broadcast signing messages generation module 610, business tine characteristic signature information-generation module 620, certificate control module 630, secure broadcast information combination module 640 and Multiplexing Unit 650.
Secure broadcast signing messages generation module 610 is made up of timestamp generation unit 612, secure broadcast signature generation unit 614 and the first private key memory cell 616.Timestamp generation unit 612 produces a timestamp according to real-time clock, and this timestamp is sent to secure broadcast signature generation unit 614.The form of timestamp and in preceding narration, thereby omits as shown in Figure 3 herein.Secure broadcast signature generation unit 614 not only time of reception stabs the timestamp that generation unit 612 is sent, also need to receive the first front end private key that the first private key memory cell 616 sends and other the secure broadcast signature object outside the timestamp, for example broadcast channel control information (being the foregoing control information table that is carried among the multiplexed frame MF0), the secure broadcast configuration information, certificate control module 630 send first, the business tine characteristic signature information that second front-end certificate and certificate control information and business tine characteristic signature information-generation module 620 are sent is to produce the secure broadcast signing messages.
Business tine characteristic signature information-generation module 620 includes the second private key memory cell 622, characteristic signature information generation unit 624 and content characteristic extraction unit 626.The second private key memory cell 622 is used for storage and exports the second front end private key and give characteristic signature information generation unit 624.Content characteristic extraction unit 626 is used for extracting from the broadcast service content that receives the content characteristic that can show the fast-changing attribute of content of each business (program), for example video subelement quantity, audio frequency subelement quantity, video unit length, audio unit length or the like.Characteristic signature information generation unit 624 is used for according to the second front end private key business tine characteristic signature object being signed computing producing the business tine characteristic signature of corresponding service, and makes up these business tine characteristic signatures and the characteristic information protection is configured to produce business tine characteristic signature information.In present embodiment, business tine characteristic signature object is business tine feature and characteristic information protection configuration.Characteristic information protection configuration is above-mentioned system protection configuration information; as transmission frame delay, number of services; and correspond to each professional service protection configuration information, as information such as service identification, initial reproduction time, video protection sign, audio frequency protection signs.Number of services also can be obtained in broadcast service content by content characteristic extraction unit 626.
Certificate, secure broadcast signing messages and business tine characteristic signature information combination that secure broadcast information combination module 640 is used for receiving are secure broadcast information, and wherein business tine characteristic signature information and certificate place the extra data segment of secure broadcast information.
Figure 7 shows that the schematic block diagram of the receiving terminal of one embodiment of the invention.As shown in Figure 7, terminal 700 comprises demultiplexing unit 710 and verification module 720.Demultiplexing unit 710 is used for the channel code stream of self-channel receiving front-end subsystem 600 emissions, and extracts each professional business tine characteristic signature information, secure broadcast information and broadcast service content in the self-channel code stream.Verification module 720 is used for verification business tine characteristic signature information and secure broadcast information, and whether plays broadcast service content according to the check results decision.
The above only is preferred embodiment of the present invention; so it is not in order to limit scope of the present invention; any personnel that are familiar with this technology; without departing from the spirit and scope of the present invention; can do further improvement and variation on this basis, so the scope that claims were defined that protection scope of the present invention is worked as with the application is as the criterion.
Claims (13)
1. the method that secure broadcast information is provided in multimedia broadcasting information is characterized in that, comprising:
In multimedia broadcasting information, extract broadcast channel control information and professional content characteristic;
Content characteristic according to described business produces business tine characteristic signature information;
Produce the secure broadcast signing messages according to described broadcast channel control information and described business tine characteristic signature information; And
Produce described secure broadcast information according to described secure broadcast signing messages and described business tine characteristic signature information, wherein said secure broadcast information will be inserted in the described multimedia broadcasting information with certain rule.
2. the method that secure broadcast information is provided in multimedia broadcasting information according to claim 1, it is characterized in that, the content characteristic of described business comprise in initial reproduction time, video subelement quantity, audio frequency subelement quantity, video unit length and the audio unit length of described business any one or a plurality of.
3. the method that secure broadcast information is provided in multimedia broadcasting information according to claim 2 is characterized in that, the step that the content characteristic of the described business of foundation produces this business tine characteristic signature information further comprises:
Receive the characteristic information protection configuration of described business;
Described characteristic information protection configuration and described business tine feature are applied digital signature to produce the business tine characteristic signature; And
Make up the protection of described business tine characteristic signature and described characteristic information and be configured to produce described business tine characteristic signature information.
4. the method that secure broadcast information is provided in multimedia broadcasting information according to claim 3, it is characterized in that, the signature object of described business tine characteristic signature also comprises timestamp, be used to identify the time that described business tine characteristic signature produces, wherein said timestamp is contained in the described secure broadcast signing messages.
5. the method that secure broadcast information is provided in multimedia broadcasting information according to claim 3 is characterized in that, the characteristic information of described business protection configuration comprises one or more in following:
Transmission frame postpones, and is used to identify the pairing transmission frame of business tine characteristic signature information that described secure broadcast information is comprised;
Number of services is used to represent the number of described transmission frame institute loaded service;
Service identification is used to identify the pairing business of described business tine characteristic signature;
Video protection sign is used to be identified at whether comprise the video unit length information when calculating described business tine characteristic signature; And
Audio frequency protection sign is used to be identified at whether comprise the audio unit length information when calculating described business tine characteristic signature.
6. the method that secure broadcast information is provided in multimedia broadcasting information according to claim 1, it is characterized in that the step that produces the secure broadcast signing messages according to described broadcast channel control information and described business tine characteristic signature information further comprises:
Stab according to the real-time clock generation time, be used to identify the time that described secure broadcast information produces;
Receive the secure broadcast configuration information;
Obtain the length of described business tine characteristic signature information;
The length of described broadcast channel control information, timestamp, secure broadcast configuration information and business tine characteristic signature information is signed computing to produce the secure broadcast signature; And
The length of the described secure broadcast signature of foundation, timestamp, secure broadcast configuration information and business tine characteristic signature information is to produce described secure broadcast signing messages.
7. the method that secure broadcast information is provided in multimedia broadcasting information according to claim 6 is characterized in that, described secure broadcast configuration information comprises one or more in following:
Sign is used to identify described secure broadcast information;
Version number is used to identify the version number of described secure broadcast information;
Control information table protection sign is used to be identified at the broadcast channel control information that should comprise when the described secure broadcast of calculating is signed.
8. an equipment that is used for providing at multi-media broadcasting system secure broadcast is characterized in that, comprising:
Secure broadcast signing messages generation module is used for the broadcast channel control information that receives is applied signature to produce the secure broadcast signing messages;
Business tine characteristic signature information-generation module is used for extracting the business tine feature from the multimedia broadcasting information that receives, and described business tine feature is applied signature to produce business tine characteristic signature information; And
Secure broadcast information combination module is used for producing described secure broadcast information according to described secure broadcast signing messages and described business tine characteristic signature information.
9. the equipment that is used for providing secure broadcast according to claim 8 at multi-media broadcasting system, it is characterized in that, described business tine feature comprise in initial reproduction time, video subelement quantity, audio frequency subelement quantity, video unit length and the audio unit length of described business any one or a plurality of.
10. the equipment that is used for providing at multi-media broadcasting system secure broadcast according to claim 8 is characterized in that, described business tine characteristic signature information-generation module comprises:
The content characteristic extraction unit is used for extracting described business tine feature from described multimedia broadcasting information; And
Characteristic signature information generation unit is used to receive characteristic information protection configuration, and utilizes the second front end private key that described characteristic information protection configuration and described business tine feature are applied signature with generation business tine characteristic signature,
Wherein, described characteristic signature information generation unit makes up the protection of described business tine characteristic signature and described characteristic information and is configured to obtain described business tine characteristic signature information.
11. the equipment that is used for providing at multi-media broadcasting system secure broadcast according to claim 10 is characterized in that, the characteristic information of described business protection configuration comprises one or more in following:
Transmission frame postpones, and is used to identify the pairing transmission frame of business tine characteristic signature information that described secure broadcast information is comprised;
Number of services is used to represent the number of described transmission frame institute loaded service;
Service identification is used to identify the pairing business of described business tine characteristic signature;
Video protection sign is used to be identified at whether comprise the video unit length information when calculating described business tine characteristic signature; And
Audio frequency protection sign is used to be identified at whether comprise the audio unit length information when calculating described business tine characteristic signature.
12. the equipment that is used for providing at multi-media broadcasting system secure broadcast according to claim 8 is characterized in that, described secure broadcast signing messages generation module comprises:
The timestamp generation unit is used for stabbing according to the real-time clock generation time, and described timestamp is used for identifying the time that described secure broadcast information produces; And
Secure broadcast signature generation unit, be used to receive described broadcast channel control information and secure broadcast signature configuration information, and utilize the first front end private key that the length of described timestamp, broadcast channel control information, secure broadcast signature configuration information and business tine characteristic signature information is applied signature to produce the secure broadcast signature
Wherein, described secure broadcast signature generation unit makes up the length of described secure broadcast signature, timestamp, secure broadcast configuration information and business tine characteristic signature information to produce described secure broadcast signing messages.
13. the equipment that is used for providing secure broadcast according to claim 8 at multi-media broadcasting system, it is characterized in that, also comprise the Multiplexing Unit that is coupled to described secure broadcast signing messages generation module, business tine characteristic signature information-generation module and secure broadcast information combination module, be used for described secure broadcast signing messages and business tine feature are inserted described multimedia broadcasting information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810173629.0A CN101729253B (en) | 2008-11-03 | 2008-11-03 | Multimedia broadcasting system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810173629.0A CN101729253B (en) | 2008-11-03 | 2008-11-03 | Multimedia broadcasting system and method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101729253A true CN101729253A (en) | 2010-06-09 |
| CN101729253B CN101729253B (en) | 2015-05-06 |
Family
ID=42449533
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200810173629.0A Active CN101729253B (en) | 2008-11-03 | 2008-11-03 | Multimedia broadcasting system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101729253B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104509027A (en) * | 2012-05-29 | 2015-04-08 | 罗伯特·博世有限公司 | System and method for message verification in broadcast and multicast networks|using homomorphic signatures |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100588246C (en) * | 2007-04-05 | 2010-02-03 | 国家广播电影电视总局广播科学研究院 | Identity identification method for digital TV broadcast signal |
-
2008
- 2008-11-03 CN CN200810173629.0A patent/CN101729253B/en active Active
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104509027A (en) * | 2012-05-29 | 2015-04-08 | 罗伯特·博世有限公司 | System and method for message verification in broadcast and multicast networks|using homomorphic signatures |
| CN104509027B (en) * | 2012-05-29 | 2018-09-07 | 罗伯特·博世有限公司 | Signed using homomorphism | broadcasting the system and method with information authentication is carried out in multicast network |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101729253B (en) | 2015-05-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104506503B (en) | A kind of security certification system based on broadcasting and TV one-way transport network | |
| US20040049681A1 (en) | Time stamping and time stamp validity verification system, method and device in a digital broadcasting environment | |
| US7464266B2 (en) | Cheap signatures for synchronous broadcast communication | |
| CN101902477B (en) | Transmission system, reception system, the recognition methods of media stream and system | |
| CN106357396A (en) | Digital signature method, digital signature system and quantum key card | |
| US20080273702A1 (en) | Method, system and program product for attaching a title key to encrypted content for synchronized transmission to a recipient | |
| US20040162980A1 (en) | Security devices and processes for protecting and identifying messages | |
| EP1764974A1 (en) | Inter-entity coupling method, apparatus and system for content protection | |
| US8892882B2 (en) | Content transmission security protection device system and method | |
| WO2013056622A1 (en) | Method for verifying access identity of set top box and authentication server | |
| KR20070112091A (en) | Method for managing metadata | |
| US20100100737A1 (en) | System and method for generating a non-repudiatable record of a data stream | |
| US9351022B2 (en) | Realization method, device, and system for broadcast service grouping | |
| CN106941629A (en) | Real-time live broadcast method based on SIP+RTP Yu RTMP protocol interconnections | |
| CN100525293C (en) | Method for the anonymous authentication of a data transmitter | |
| EP2161930A1 (en) | A method and a system for transmitting encrypted control message based on the mobile multimedia broadcast | |
| AU2016293023A1 (en) | Authentication of digital broadcast data | |
| CN101729501A (en) | Multimedia broadcasting system and method | |
| CN101729254B (en) | Multimedia broadcasting system and method | |
| CN101651507B (en) | Method and system for securely playing multimedia broadcast content and multimedia broadcast system | |
| CN101729253B (en) | Multimedia broadcasting system and method | |
| CN114244532A (en) | Charging method and charging device of terminal | |
| CN1972433B (en) | Real-time authentication apparatus for digital TV transmission stream and television device with same | |
| CN101651509A (en) | Terminal and method for securely playing multimedia broadcast content | |
| JP5096826B2 (en) | Transmitter, receiver, verification information embedding method and program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |