Content of the invention
For solving the above problems, the present invention provides a kind of content piracy prevention method of digital signage.
The present invention provides in a kind of application in digital signage, by the control playing content and management, preventing in broadcasting
Hold the method bootlegging broadcasting such as be ravesdropping, copy.Play content to include broadcasting control information, play content material information etc..
The application scenario of the present invention includes server and playback terminal.Server calculates secure data according to playing content
Structure;Server is encrypted conversion to playing content;Playback terminal, according to oneself private key and secured data structure, deciphers warp
Cross the broadcasting content after enciphering transformation, to prevent broadcasting content to be ravesdropping or to copy.
The present invention provides a kind of key management framework, for issuing, depositing required key or certificate.Key management frame
Frame includes option A and option b:
In option A, playback terminal preserves the private key certificate of oneself, and server also preserves all broadcastings being attached thereto eventually
The public key certificate at end.
In option b, using the distributed key management system on the basis of symmetric cryptographic algorithm.Playback terminal preserves oneself
Private key, server preserves the diffusion source key of all terminal secret key, and this diffusion source key is equivalent to the public key of playback terminal.
The storage of involved key and using all in secure hardware module in the present invention, and adopt off-line application, installation
With the mode updating it is ensured that the safety of key storage and use.
The present invention adopts the cipher mode of one-time pad.Server, when being encrypted broadcasting content, randomly generates and adds
Key, to be encrypted after the completion of, the public key of this encryption key playback terminal is encrypted, obtains single encryption key
Ciphertext, then together sends the ciphertext of the broadcasting content after enciphering transformation and single encryption key to playback terminal.Broadcast
Put terminal and first encryption key is decrypted according to oneself private key, then recycle single encryption key, decrypt broadcasting content.
The present invention provides a kind of encryption method randomly selecting pass point.All broadcasting contents are encrypted to be needed to expend
Greatly operand and operation time.For playing content, server randomly selects several points first, to the number on random point
According to being encrypted, then the public key of random point Information Pull playback terminal is encrypted, obtains the ciphertext of random point information,
Afterwards the broadcasting content after enciphering transformation, the ciphertext of single encryption key are sent to broadcasting eventually together with the ciphertext of random point information
End.Playback terminal is after decrypting random point with the private key of oneself, then carries out follow-up decryption oprerations.
The present invention provides a kind of terminal system playing content of multimedia.This terminal system includes:Cipher key storage block, with
Machine point deciphering module, single encryption key decryption module and broadcasting content decryption module.Random point deciphering module using terminal
Private key, the random point information ciphertext in deciphering secured data structure, obtain the plaintext of random point information;Single encryption key decryption
The private key of module using terminal decrypts single encryption key ciphertext, obtains single encryption key;Playing content decryption module makes
Use single encryption key, the broadcasting content after enciphering transformation is deciphered according to random point information.
The present invention passes through data encryption, prevents broadcasting content to be ravesdropping or illegally copy.
Specific embodiment
Be to allow the above-mentioned of the present invention and its objects, features and advantages can become apparent, cited below particularly go out preferred embodiment,
And coordinate accompanying drawing, describe in detail as follows.
In the application in digital signage proposed by the present invention, using to broadcasting content (list file, media file etc. are broadcast in inclusion)
The processing mode being encrypted, produces including broadcasting content ciphertext, random point information ciphertext, single encryption key ciphertext etc.
Corresponding security information bag, this bag is transferred to playback terminal.Playback terminal be provided with corresponding extract and deciphering module so that
Illegal terminal is unable to played file content, thus preventing media content by illegal wiretapping or copy.
Fig. 1 shows the key management framework of the present invention.Key management framework includes option A and option b.In option A,
Playback terminal preserves the private key certificate of oneself, and server preserves the public key certificate of all playback terminals being attached thereto.In option b
In, using the distributed key management system on the basis of symmetric cryptographic algorithm.Content server adopts public-key cryptography management system, broadcasts
Put terminal and preserve the private key of oneself, server preserves the key before the diffusion of all terminal secret key.Above-mentioned key all leaves in specially
In hardware device, the granting of key and renewal are all using offline mode.
Server includes several steps as follows to the complete procedure playing content-encrypt:
1. the size according to pending content, generates random point information by random number generation module, random point has multiple fixed
Right way of conduct formula, Fig. 2 shows a kind of random point message structure, the figure illustrates 10 random points, each random point original position
To define with size;
2. random number generation module produces a random number as the key of single file encryption;
3., according to single file encryption key and random point information, carry out adding to playing content by playing content-encrypt module
Close:
3.1, according to random point, extract, from played file, the clear data that will encrypt in plain text;
3.2 adopt symmetric key algorithm, are encrypted conversion using single file encryption key to clear data, obtain close
Civilian data;
Ciphertext data is replaced corresponding clear data in played file by 3.3, finally gives broadcasting after enciphering transformation
Put content ciphertext;
4. utilize the public key of terminal, " single file encryption key " is encrypted, obtains the ciphertext of single encryption key;
5. utilize the public key of terminal, " random point information " is encrypted, obtains the ciphertext of random point information, whole encryption
Process terminates.
After said process, the result that obtains is to play the ciphertext of content and the ciphertext by random point, single add respectively
The secured data structure of the compositions such as the ciphertext of key.Play the generating process of ciphertext of content as shown in Figure 3 a, random point
As shown in Figure 3 b, the generating process of the ciphertext of single encryption key is as shown in Figure 3 c for the generating process of ciphertext.
Playback terminal is sent to, the medium of transmission can be light together with ciphertext and secured data structure of content etc. being play
The wireless communication such as the wire message way such as cable, coaxial cable, netting twine or mobile communication, satellite communication, bluetooth, WLAN
Road, and move the external equipments such as storage.
The complete procedure of playback terminal deciphering includes several steps as follows:
1. extract the ciphertext of random point information from secured data structure, using terminal secret key, by random point deciphering module
According to random point ciphertext, decrypt random point information, such as Fig. 4 a;
2. extract the ciphertext of single encryption key from secured data structure, using terminal secret key, encrypted by single close
Key deciphering module, according to single encryption key ciphertext, decrypts single encryption key, such as Fig. 4 b;
3., according to random point information, the deciphering of content ciphertext, such as Fig. 4 c will be play by playing content decryption module:
3.1, according to random point, extract, from played file, the ciphertext data that will decipher in plain text;
3.2 adopt symmetric key algorithm, are decrypted conversion using single file encryption key to clear data, obtain bright
Civilian data;
Clear data is replaced corresponding ciphertext data in played file by 3.3, finally gives the plaintext of played file, entirely
Decrypting process terminates.
The foregoing is only present pre-ferred embodiments, so it is not limited to the scope of the present invention, any be familiar with basis
The personnel of top technology, without departing from the spirit and scope of the present invention, can further be improved on this basis and be changed, because
This protection scope of the present invention is defined when the scope being defined by claims hereof specification.