CN103607645B - A set top box anti-piracy methods and set-top boxes - Google Patents

A set top box anti-piracy methods and set-top boxes Download PDF

Info

Publication number
CN103607645B
CN103607645B CN201310601597.0A CN201310601597A CN103607645B CN 103607645 B CN103607645 B CN 103607645B CN 201310601597 A CN201310601597 A CN 201310601597A CN 103607645 B CN103607645 B CN 103607645B
Authority
CN
China
Prior art keywords
set
top box
data
signature
random number
Prior art date
Application number
CN201310601597.0A
Other languages
Chinese (zh)
Other versions
CN103607645A (en
Inventor
张平
Original Assignee
深圳市九洲电器有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市九洲电器有限公司 filed Critical 深圳市九洲电器有限公司
Priority to CN201310601597.0A priority Critical patent/CN103607645B/en
Publication of CN103607645A publication Critical patent/CN103607645A/en
Application granted granted Critical
Publication of CN103607645B publication Critical patent/CN103607645B/en

Links

Abstract

本发明适用于信息技术领域,尤其涉及一种机顶盒防盗版方法和机顶盒,包括:生成所述机顶盒的密钥;将所述密钥通过预设签名算法签名随机数,得到签名数据;将所述随机数和所述签名数据存入所述机顶盒的指定位置;当所述机顶盒开机时,从所述机顶盒的所述指定位置读取所述随机数和所述签名数据,并读取所述机顶盒的所述硬件标识码;通过所述第一算法计算读取出的硬件标识码,将计算得到的密钥通过所述预设签名算法签名所述随机数,判断得到的结果是否和读取出的签名数据相同;在判断出所述得到的结果和读取出的签名数据相同之后,再启动所述机顶盒。 The present invention is applicable to the field of information technology, particularly to a method and set-top box antipiracy, comprising: generating the key set-top box; the signature key by a predetermined random number signature algorithm, signature data obtained; the random number and the signature data stored in said set top box designated position; when the power set-top box, read the random number and the signature data from the designated position of the set-top box, the set-top box and read the hardware identification code; calculated by said first read hardware identification code algorithm, the calculated key signature algorithm preset by the signature of the random number, and determines whether the result obtained read same signature data; after determining that the obtained result and the same signature data read out, and then start the set-top box. 本发明增大了机顶盒的破解难度,提高了机顶盒的防盗版性。 The present invention increases the difficulty of guessing STBs improves security version of the set-top box.

Description

一种机顶盒防盗版方法和机顶盒 A set top box anti-piracy methods and set-top boxes

技术领域 FIELD

[0001] 本发明属于信息技术领域,尤其涉及一种机顶盒防盗版方法和机顶盒。 [0001] The present invention belongs to the field of information technology, particularly to a method and set-top boxes piracy.

背景技术 Background technique

[0002] 现有的机顶盒技术基本没有防盗版保护措施,只要盗版者取得正规厂家生产的一台机顶盒,复制该机顶盒的电路板,读取闪存中的程序,再购买生产机顶盒所需的元器件, 就可以无限制地生产此类机顶盒,牟取经济利益,同时给正规的机顶盒生产厂家带来极大的经济损失。 [0002] The prior art STB substantially no piracy protection, as long as the pirate to obtain a regular set-top box manufacturers, copy the set-top box board, the program reads the flash memory, and then purchase the required components of the production set-top box , it can indefinitely produce such set-top boxes, and reap the economic benefits, at the same time bring great economic losses to the regular set-top box manufacturers.

[0003] 综上所述,现有的机顶盒防盗版技术防盗性差。 [0003] In summary, the prior art piracy prevention of theft STB poor.

发明内容 SUMMARY

[0004]本发明实施例的目的在于提供一种机顶盒防盗版方法,旨在解决现有的机顶盒防盗版方法防盗性差的问题。 [0004] The object of embodiments of the present invention to provide a set-top box piracy prevention method, to solve the conventional method of piracy prevention STB problem of poor security.

[0005]本发明实施例是这样实现的,一种机顶盒防盗版方法,包括: [0005] Embodiments of the invention are implemented as a set-top box piracy prevention method, comprising:

[0006]生成所述机顶盒的密钥,所述密钥通过第一算法计算所述机顶盒的硬件标识码生成,所述硬件标识码用于唯一标识所述机顶盒中的指定硬件; [0006] The set-top box to generate the key, the key calculation of the set-top box hardware identification code generated by the first algorithm, a hardware identification code for uniquely identifying the specific hardware in the set-top box;

[0007] 将所述密钥通过预设签名算法签名随机数,得到签名数据; [0007] The signature key by a predetermined random number signature algorithm, signature data obtained;

[000S]将所述随机数和所述签名数据存入所述机顶盒的指定位置; [000s] the random number and the signature data into the specified location of the set-top box;

[0009]当所述机顶盒开机时,从所述机顶盒的所述指定位置读取所述随机数和所述签名数据,并读取所述机顶盒的所述硬件标识码; [0009] When the power set-top box, read the random number and the signature data from the designated position of the set-top box, the set-top box hardware and reading the identification code;

[0010] 通过所述第一算法计算读取出的硬件标识码,将计算得到的密钥通过所述预设签名算法签名所述随机数,判断得到的结果是否和读取出的签名数据相同; [0010] calculated by the read hardware identification code of the first algorithm, the computation result obtained by said preset key signature algorithm signature of the random number, and determines whether the obtained signature data read same ;

[0011] 在判断出所述得到的结果和读取出的签名数据相同之后,再启动所述机顶盒。 [0011] After determining that the result obtained and the same signature data read out, and then start the set-top box. [0012]本发明实施例的另一目的在于提供一种机顶盒,包括: [0012] Another object of an embodiment of the present invention to provide a set-top box, comprising:

[0013]密钥生成模块,用于生成所述机顶盒的密钥,所述密钥通过第一算法计算所述机顶盒的硬件标识码生成,所述硬件标识码用于唯一标识所述机顶盒中的指定硬件; [0013] The key generating module, for generating the key set-top box, the set-top box hardware identification code of the key generated by the first calculation algorithm, a hardware identification code for uniquely identifying the set top box specified hardware;

[0014]签名模块,用于将所述密钥通过预设签名算法签名随机数,得到签名数据; [0014] The signature module, the key for signature by a predetermined random number signature algorithm, signature data obtained;

[0015] 数据存储模块,用于将所述随机数和所述签名数据存入所述机顶盒的指定位置; [0015] The data storage module, the random number and the signature data stored in the specified location for the set-top box;

[0016] 数据读取模块,用于当所述机顶盒开机时,从所述机顶盒的所述指定位置读取所述随机数和所述签名数据,并读取所述机顶盒的所述硬件标识码; 、防盗判断模块,用于通过所述第一算法计算读取出的硬件标识码,将计算得到的密钥通过所述预设签名算法签名所述随机数,判断得到的结果是否和读取出的签名数据相同; [0016] The data read module, when the set-top box for power, read from the specified position of the set-top box of the random number and the signature data, the set-top box and reading the hardware identification code ;, determining security module, for calculating the read hardware identification code by said first algorithm, the calculated key signature algorithm preset by the signature of the random number, and the result of the determination whether the reading obtained the same signature data;

[0018]机顶盒启动模块,用于在判断出所述得到的结果和读取出的签名数据相同之后, 再启动所述机顶盒。 [0018] STB start module for, after determining that the obtained result and the same signature data read out, and then start the set-top box.

[0019]本发明实施例通过在机顶盒的生产过程中,生成密钥,将密钥通过预设签名算法签名随机数得到签名数据,将随机数与签名数据存储,再在机顶盒的开机过程中,读取随机数与签名数据,判断能否由预设签名算法得到相同的签名数据,如果得到相同的签名数据再启动机顶盒,从而增大了机顶盒的破解难度,由此提高了机顶盒的防盗性。 [0019] Example embodiments of the set top box through the production process, to generate a key, the key signature data obtained by a predetermined signature algorithm signature random number, the random number and the signature data storage according to the present invention, then during the boot process set top box, reading the signature data and the random number, it determines whether to obtain the same by a predetermined signature algorithm signature data, if signature data obtained restart the same set-top box, thereby increasing the difficulty of guessing a set top box, thereby improving the security of set-top box.

附图说明 BRIEF DESCRIPTION

[0020] 图1是本发明实施例提供的机顶盒防盗版方法的实现流程图; [0020] FIG. 1 is a flow chart for implementing a set top box piracy prevention method according to an embodiment of the present invention;

[0021] 图2是本发明实施例提供的机顶盒防盗版方法步骤s 101中生成所述机顶盒的密钥的具体实现流程图; [0021] FIG 2 is a flowchart illustrating a specific implementation of the set top box to generate the key top box antipiracy method step s 101 provided in the embodiment of the present invention;

[0022] 图3是本发明实施例提供的机顶盒防盗版方法步骤S103的具体实现流程图; [0022] FIG. 3 is a flowchart of a set-top box to achieve piracy prevention method of step S103 particular embodiment of the present invention;

[0023] 图4是本发明实施例提供的机顶盒的结构框图。 [0023] FIG. 4 is a block diagram of a set top box according to an embodiment of the present invention.

具体实施方式 Detailed ways

[0024]为了使本发明的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对本发明进行进一步详细说明。 [0024] To make the objectives, technical solutions and advantages of the present invention will become more apparent hereinafter in conjunction with the accompanying drawings and embodiments of the present invention will be further described in detail. 应当理解,此处所描述的具体实施例仅仅用以解释本发明,并不用于限定本发明。 It should be understood that the specific embodiments described herein are only intended to illustrate the present invention and are not intended to limit the present invention.

[0025] 本发明实施例通过在机顶盒的生产过程中,生成密钥,将密钥通过预设签名算法签名随机数得到签名数据,将随机数与签名数据存储,再在机顶盒的开机过程中,读取随机数与签名数据,判断能否由预设签名算法得到相同的签名数据,如果得到相同的签名数据再启动机顶盒,从而增大了机顶盒的破解难度,由此提高了机顶盒的防盗性。 [0025] Example embodiments of the set top box through the production process, to generate a key, the key signature data obtained by a predetermined signature algorithm signature random number, the random number and the signature data storage according to the present invention, then during the boot process set top box, reading the signature data and the random number, it determines whether to obtain the same by a predetermined signature algorithm signature data, if signature data obtained restart the same set-top box, thereby increasing the difficulty of guessing a set top box, thereby improving the security of set-top box.

[0026]图1示出了本发明实施例提供的机顶盒防盗版方法的实现流程,详述如下: [0026] FIG 1 illustrates a process of the present invention achieves the piracy prevention method for a set top box according to an embodiment, as detailed below:

[0027] 在步骤S101中,生成所述机顶盒的密钥,所述密钥通过第一算法计算所述机顶盒的硬件标识码生成,所述硬件标识码用于唯一标识所述机顶盒中的指定硬件。 [0027] In step S101, the set-top box to generate a key, the key calculation algorithm of the first set-top box hardware identification code generated by the hardware identification code for uniquely identifying the specific hardware in the set-top box .

[0028] 进一步地,步骤S101中生成所述机顶盒的密钥具体为: [0028] Further, in step S101, the set-top box to generate the key is specifically:

[0029] 在步骤S201中,从所述机顶盒的所述指定硬件中读取所述硬件标识码。 [0029] In step S201, the hardware identification code read from the designated hardware of the set top box.

[0030] 在本发明实施例中,硬件标识码是指定硬件固有的标识码,也就是说,指定硬件的硬件标识码具有唯一性。 [0030] In an embodiment of the present invention, the hardware identifiers are unique to a given hardware identification code, i.e., hardware-specific unique hardware identification code.

[0031] 优选地,所述指定硬件包括以下任意一项:闪存、中央处理器CPU或者双倍速率同步动态随机存储器DDR①ouble Data Rate)。 [0031] Preferably, the designated hardware comprises any of the following: a flash memory, the CPU or double data rate synchronous dynamic random access memory DDR①ouble Data Rate).

[0032] 需要说明的是,指定硬件包括只读芯片和可读写芯片两种。 [0032] Incidentally, the specific hardware chips include read-only and read-write two kinds of chips. 在这里,只要机顶盒中的内置芯片具有唯一的硬件标识码且可读取该唯一的硬件标识码,就可以作为指定硬件。 Here, as long as the built-in chip set-top box has a unique hardware identification code and may read the unique hardware identification code, can be specified as hardware. [0033] 在步骤S202中,读取所述指定硬件的生产序列号。 [0033] In step S202, the reading of the hardware-specific production serial number.

[0034] 在这里,指定硬件的生产序列号是在机顶盒的生产过程中由机顶盒原厂家预先存入机顶盒的指定位置中。 [0034] Here, the hardware-specific serial number in the production of set-top box STB production process by the manufacturer of the original stored in advance in a specified position of the set top box. 指定硬件的生产序列号是唯一的。 Specifies the hardware manufacturer's serial number is unique. 例如,机顶盒的flash中烧录的生产序列号是用来标识不同的机顶盒的,也就是说,每个由机顶盒原厂家生产的机顶盒都具有唯一的生产序列号。 For example, flash programming set top box is the manufacturer's serial number are used to identify the set-top box, that is to say, each of the original set-top box STB manufacturers have produced a unique serial number.

[0035] 在步骤S203中,通过所述第一算法,将所述硬件标识码与所述生产序列号组合生成所述机顶盒的密钥。 [0035] In step S203, by the first algorithm, the hardware identification code in combination with the manufacturer's serial number of set-top box to generate the key.

[0036]在这里,不对第一算法的具体算法作限定,机顶盒原厂家可以根据需要对该第一算法进行算法设计。 [0036] Here, the specific algorithm is not limited in the first algorithm, the original set-top box manufacturers can be designed according to the algorithm required for the first algorithm. 由于指定硬件的硬件标识码和指定硬件的生产序列号都是唯一的,因此,由指定硬件的硬件标识码和生产序列号通过第一算法计算生成的密钥也是唯一的。 Since the hardware identification code and hardware-specific hardware-specific production serial number is unique, and therefore, is calculated by the hardware-specific hardware identification code and sequence number produced by the algorithm to generate a first key is unique. [0037] 在步骤S102中,将所述密钥通过预设签名算法签名随机数,得到签名数据。 [0037] In step S102, the signature key by a predetermined random number signature algorithm, signature data obtained.

[0038] 在步骤S103中,将所述随机数和所述签名数据存入所述机顶盒的指定位置。 [0038] In step S103, the random number and the signature data into the specified location of the set-top box.

[0039] 进一步地,步骤S103将所述随机数和所述签名数据存入所述机顶盒的指定位置具体为: [0039] Further, step S103 to the random number and the signature data into the designated position set-top box is specifically:

[0040] 在步骤S301中,将所述随机数分割得到1个以上所述随机数的子数据。 [0040] In step S301, the random number obtained by dividing the random number of the sub data or more.

[0041] 在步骤S302中,将所述签名数据分割得到1个以上所述签名数据的子数据。 [0041] In step S302, the signature data obtained by dividing at least one sub data of the signature data.

[0042] 在步骤S3〇3中,所述随机数的子数据与所述签名数据的子数据通过第二算法计算生成1个以上组合数据。 [0042] In step S3〇3, the sub-data of the sub-data with said random number signature data generated by the combined data over a second algorithm.

[0043] 下面对步骤S103的具体实现进行举例: [0043] Next, the specific implementation of step S103 is taken as an example:

[0044]例一:随机数为数据B,签名数据为数据C,将数据B分割为子数据B1和B2,将数据c 分割为子数据C1和C2,将B1和C1通过第三算法生成组合数据Z1,将B2和C2通过第四算法生成组合数据Z2,将组合数据Z1存入机顶盒前面板的单片机中,将组合数据Z2存入机顶盒的闪存中。 [0044] Example: the random number data B, data is signature data C, and data B is divided into sub-data B1 and B2, the data c is divided into sub-data C1 and C2, the combination of B1 and C1 by a third generation algorithm data Z1, B2 and C2 through the fourth algorithm to generate the combined data Z2, Z1 combined data into single-chip set-top box in the front panel, the combined data is stored in the set top box Z2 flash memory. 在这里,不对第三算法和第四算法的具体算法作限定。 Here, no specific algorithm of the third and fourth algorithms for algorithms defined.

[0045] 例二:随机数为数据B,签名数据为数据C,将数据B分割为子数据B1、B2、B3、B^ B5,将数据C分割为子数据C1、C2、C3和C4,将B1、C2和B3通过第五算法生成组合数据Z1,将C1、B2和C3通过第六算法生成组合数据Z2,将B4、C4和B5通过第七算法生成组合数据Z3,将组合数据Z1和Z3存入机顶盒前面板的单片机中,将组合数据Z2存入机顶盒的闪存中。 [0045] Example II: random number data B, signature data is data C, and data B is divided into sub data B1, B2, B3, B ^ B5, the data C is divided into sub data C1, C2, C3 and C4, the B1, C2 and B3 Z1 generating combined data by a fifth algorithm, C1, B2 and C3 sixth algorithm to generate combined data by Z2, will B4, C4, and B5 combined data generated by the seventh algorithm Z3, Z1, and the combined data Z3 is stored in the set top box front panel microcontroller, the set-top box into the combined data Z2 flash. 在这里,不对第五算法、第六算法和第七算法的具体算法作限定。 Here, the fifth algorithm is not a specific algorithm, sixth, and seventh algorithms for algorithms defined.

[0046] 在步骤S304中,将所述1个以上组合数据存入所述机顶盒的指定位置。 [0046] In step S304, the data stored in one or more combinations of the specified position of the set-top box.

[0047] 进一步地,所述指定位置包括以下至少一项:闪存或者单片机。 [0047] Further, the designated position comprises at least one of: a flash memory or a microcontroller.

[0048] 在实际应用中,指定位置包括机顶盒前面板单片机以及闪存。 [0048] In practical applications, including the location specified box front panel and a microcontroller flash memory.

[0049] 作为本发明的一个实施例,不对1个以上组合数据存入的机顶盒的指定位置作限定。 [0049] As one embodiment of the present invention, does not specify the location of data stored in the set top box is defined as one or more combinations.

[0050] 优选地,1个以上组合数据存入机顶盒的闪存和单片机。 [0050] Preferably, a combination of the above data into the set-top box and Flash microcontrollers.

[0051] 可选地,1个以上组合数据存入机顶盒的闪存。 [0051] Alternatively, a combination of the above data into the set-top box flash.

[0052] 可选地,1个以上组合数据存入机顶盒的单片机。 [0052] Alternatively, a combination of the above data into the set-top box microcontroller.

[0053] 在步骤S104中,当所述机顶盒开机时,从所述机顶盒的所述指定位置读取所述随机数和所述签名数据,并读取所述机顶盒的所述硬件标识码。 [0053] In step S104, when the set top box power, read the random number and the signature data from the specified position of the set-top box, the set-top box and reading the hardware identification code.

[0054] 作为本发明的一个实施例,从所述机顶盒的指定位置读取随机数和签名数据具体为:从机顶盒的指定位置读取1个以上组合数据,由1个以上组合数据生成随机数的子数据和签名数据的子数据,再由随机数的子数据合成随机数,由签名数据的子数据合成签名数据。 [0054] As one embodiment of the present invention, reading from a specified position of the set top box signatures and random number data specifically is: a combination of one or more data read from the specified position of the set top box, a combination of one or more data generating random numbers the sub data and sub data signature data, then the sub-data of the random number nonce synthesis, combined with the signature data generated by signature data sub-data. 与上述例一相对应的:从机顶盒前面板的单片机中读取组合数据z丨,从机顶盒的闪存中读取组合数据Z2,将组合数据Z1通过第三算法的逆算法生成价和^,将组合数据Z2通过第四算法的逆算法生成B2和C2,由B1和B2合成数据B,由C1和C2合成数据C。 The above-described embodiment a corresponding: the microcontroller reading from the set top box front panel z Shu combined data, the combined data is read from the set-top box flash Z2, Z1 combined data by an inverse algorithm to generate a third algorithm and monovalent ^, the Z2 combined data inversion algorithm B2 and fourth generation algorithm C2, B1 and B2 by the synthesized data B, C1 and C2 by the synthesized data through C.

[0055] 在步骤si〇5中,通过所述第一算法计算读取出的硬件标识码,将计算得到的密钥通过所述预设签名算法签名所述随机数,判断得到的结果是否和读取出的签名数据相同。 [0055] In step si〇5 by the first algorithm read hardware identification code, the calculated key signature algorithm preset by the signature of the random number, and whether the result of the determination obtained read the same signature data.

[0056] 作为本发明的一个实施例,通过所述第一算法计算读取出的硬件标识码具体为: 将读取出的硬件标识码与指定硬件的生产序列号通过第一算法计算得到密钥。 [0056] As one embodiment of the present invention, is calculated by the read hardware identification code of the first algorithm is specifically: the read-out hardware identification code and sequence number specified hardware manufacturer to obtain a first cipher algorithm by key.

[0057]在步骤S106中,在判断出所述得到的结果和读取出的签名数据相同之后,再启动所述机顶盒。 [0057] In step S106, after determining that the obtained result and the same signature data read out, and then start the set-top box.

[0058]若通过预设签名算法签名得到的结果与读取的签名数据不同,则该机顶盒为盗版机顶盒,不启动。 [0058] If the result obtained by a predetermined signature algorithm is different from the signature read signature data, the set-top box STB is pirated, does not start.

[0059] 本发明实施例通过在机顶盒的生产过程中,生成密钥,将密钥通过预设签名算法签名随机数得到签名数据,将随机数与签名数据存储,再在机顶盒的开机过程中,读取随机数与签名数据,判断能否由预设签名算法得到相同的签名数据,如果得到相同的签名数据再启动机顶盒,从而增大了机顶盒的破解难度,由此提高了机顶盒的防盗性。 [0059] Example embodiments of the set top box through the production process, to generate a key, the key signature data obtained by a predetermined signature algorithm signature random number, the random number and the signature data storage according to the present invention, then during the boot process set top box, reading the signature data and the random number, it determines whether to obtain the same by a predetermined signature algorithm signature data, if signature data obtained restart the same set-top box, thereby increasing the difficulty of guessing a set top box, thereby improving the security of set-top box.

[0060] 图4示出了本发明实施例提供的机顶盒的结构框图,用于运行本发明图丨至图3实施例所述的机顶盒防盗版方法,为了便于说明,仅示出了与本实施例相关的部分。 [0060] FIG. 4 shows a block diagram of an embodiment of the present invention to provide a set-top box embodiments, set-top boxes for piracy prevention method according to the embodiment of the present invention Shu diagram to FIG. 3, for ease of illustration, only shows the present embodiment Examples relevant parts.

[0061] 参照图4,一种机顶盒,包括: [0061] Referring to FIG. 4 A set-top box, comprising:

[0062]密钥生成模块41,生成所述机顶盒的密钥,所述密钥通过第一算法计算所述机顶盒的硬件标识码生成,所述硬件标识码用于唯一标识所述机顶盒中的指定硬件。 [0062] Key generation module 41 generates a key set-top box, the set-top box by the key calculation algorithm hardware identification code to generate a first, a hardware identification code for uniquely identifying the set top box specified in hardware.

[0063]签名模块42,将所述密钥通过预设签名算法签名随机数,得到签名数据。 [0063] The signature module 42, the key signature by a predetermined random number signature algorithm, signature data obtained.

[0064] 数据存储模块幻,将所述随机数和所述签名数据存入所述机顶盒的指定位置。 [0064] phantom data storage module, the random number and the signature data into the specified location of the set-top box.

[0065] 数据读取模块44,当所述机顶盒开机时,从所述机顶盒的所述指定位置读取所述随机数和所述签名数据,并读取所述机顶盒的所述硬件标识码。 [0065] The data read module 44, when the power-top box, read the random number and the signature data from the specified position of the set-top box, the set-top box and reading the hardware identification code.

[0066] 防盗判断模块妨,通过所述第一算法计算读取出的硬件标识码,将计算得到的密钥通过所述预设签名算法签名所述随机数,判断得到的结果是否和读取出的签名数据相同。 [0066] hinder theft determination module, calculated by the read hardware identification code of the first algorithm, the calculated key signature algorithm preset by the signature of the random number, and the result of the determination whether the reading obtained the same signature data.

[0067] 机顶盒启动模块46,在判断出所述得到的结果和读取出的签名数据相同之后,再启动所述机顶盒。 [0067] STB start module 46, after determining that the obtained result and the same signature data read out, and then start the set-top box.

[°068] 进一步地,所述密钥生成模块41具体用于: [° 068] Further, the key generation module 41 is specifically configured to:

[0069] 从所述机顶盒的所述指定硬件中读取所述硬件标识码; [0069] read from the hardware specified in the set-top box hardware identification code;

[0070] 读取所述指定硬件的生产序列号; [0070] The reading of the hardware-specific production serial number;

[0071]通过所述第一算法,将所述硬件标识码与所述生产序列号组合生成所述机顶盒的密钥。 [0071] through the first algorithm, the hardware identification code and sequence number of the key-producing composition to generate the set-top box.

[0072] 进一步地,所述数据存储模块43具体用于: [0072] Further, the data storage module 43 is specifically configured to:

[0073]将所述随机数分割得到1个以上所述随机数的子数据; [0073] The random number obtained by dividing the random number of the sub data or more;

[0074]将所述签名数据分割得到1个以上所述签名数据的子数据; [0074] The signature data obtained by dividing at least one sub data of the signature data;

[0075]所述随机数的子数据与所述签名数据的子数据通过第二算法计算生成丨个以上组合数据; Sub data sub-data [0075] The random number generating the signature data Shu or more combinations of data calculated by the second algorithm;

[0076] 将所述1个以上组合数据存入所述机顶盒的指定位置。 [0076] The one or more combinations of data stored in the specified location of the set-top box.

[0077] 进一步地,所述指定位置包括以下至少一项:闪存或者单片机。 [0077] Further, the designated position comprises at least one of: a flash memory or a microcontroller.

[0078] 优选地,所述指定硬件包括以下任意一项:闪存、中央处理器CPU或者双倍速率同步动态随机存储器DDR。 [0078] Preferably, the designated hardware comprises any of the following: a flash memory, the CPU or double data rate synchronous dynamic random access memory DDR.

[0079]本发明实施例通过在机顶盒的生产过程中,生成密钥,将密钥通过预设签名算法签名随机数得到签名数据,将随机数与签名数据存储,再在机顶盒的开机过程中,读取随机数与签名数据,判断能否由预设签名算法得到相同的签名数据,如果得到相同的签名数据再启动机顶盒,从而增大了机顶盒的破解难度,由此提高了机顶盒的防盗性。 [0079] Example embodiments of the set top box through the production process, to generate a key, the key signature data obtained by a predetermined signature algorithm signature random number, the random number and the signature data storage according to the present invention, then during the boot process set top box, reading the signature data and the random number, it determines whether to obtain the same by a predetermined signature algorithm signature data, if signature data obtained restart the same set-top box, thereby increasing the difficulty of guessing a set top box, thereby improving the security of set-top box.

[0080]以上所述仅为本发明的较佳实施例而已,并不用以限制本发明,凡在本发明的精神和原则之内所作的任何修改、等同替换和改进等,均应包含在本发明的保护范围之内。 [0080] The foregoing is only preferred embodiments of the present invention but are not intended to limit the present invention, any modifications within the spirit and principle of the present invention, equivalent substitutions and improvements should be included in the present within the scope of the invention.

Claims (8)

1. 一种机顶盒防盗版方法,其特征在于,包括: 生成所述机顶盒的密钥,所述密钥通过第一算法计算所述机顶盒的硬件标识码生成, 所述硬件标识码用于唯一标识所述机顶盒中的指定硬件,所述机顶盒的内置芯片具有唯一的硬件标识码且可读取该唯一的硬件标识码; 将所述密钥通过预设签名算法签名随机数,得到签名数据; 将所述随机数和所述签名数据存入所述机顶盒的指定位置; 当所述机顶盒开机时,从所述机顶盒的所述指定位置读取所述随机数和所述签名数据,并读取所述机顶盒的所述硬件标识码; 通过所述第一算法计算读取出的硬件标识码,将计算得到的密钥通过所述预设签名算法签名所述随机数,判断得到的结果是否和读取出的签名数据相同; 在判断出所述得到的结果和读取出的签名数据相同之后,再启动所述机顶盒,其中, 将所 1. A set top box piracy prevention method, comprising: generating the key set-top box, the set-top box by the key calculation algorithm first generates a hardware identification code, the identification code that uniquely identifies the hardware the specific hardware set-top box, the set-top box with built-in chip can be a unique hardware identification code and the unique hardware identification code read; the signature key by a predetermined random number signature algorithm to obtain signature data; the random number and the signature data stored in said set top box designated position; when the power set-top box, read the random number and the signature data from the specified position of the set-top box, and reads the said set-top box hardware identification code; calculated by said first read hardware identification code algorithm, the calculated key signature algorithm preset by the signature of the random number, and the result of the determination whether the reading obtained same signature extracted data; judged the same result obtained in and read out the data after the signature, and then start the set-top box, wherein, the 随机数和所述签名数据存入所述机顶盒的指定位置具体为: 将所述随机数分割得到1个以上所述随机数的子数据; 将所述签名数据分割得到1个以上所述签名数据的子数据; 所述随机数的子数据与所述签名数据的子数据通过第二算法计算生成i个以上组合数据; 将所述1个以上组合数据存入所述机顶盒的指定位置。 Random number and the signature data into the designated position set-top box is specifically: the random number obtained by dividing the random number of the sub data or more; the signature data obtained by dividing at least one said signature data sub-data; sub-data and the random number data of the sub-i generates signature data by combining two or more data a second algorithm; the combination of one or more of the data stored in the specified location of the set-top box.
2.如权利要求1所述的方法,其特征在于,所述生成所述机顶盒的密钥具体为: 从所述机顶盒的所述指定硬件中读取所述硬件标识码; 读取所述指定硬件的生产序列号; 通过所述第一算法,将所述硬件标识码与所述生产序列号组合生成所述机顶盒的密钥。 2. The method according to claim 1, wherein said set-top box to generate the key is specifically: the hardware identification code read from the hardware specified in the set top box; read the designated hardware production serial number; by the first algorithm, the hardware identification code in combination with the manufacturer's serial number of set-top box to generate the key.
3.如权利要求1和2任一项所述的方法,其特征在于,所述指定位置包括以下至少一项: 闪存或者单片机。 1 and a method according to any of claim 2, wherein the designated position comprises at least one of: a flash memory or a microcontroller.
4.如权利要求1和2任一项所述的方法,其特征在于,所述指定硬件包括以下任意一项: 闪存、中央处理器CHJ或者双倍速率同步动态随机存储器DDR。 And 4. A method according to any one of claim 1, wherein the designated hardware comprises any one of: a flash memory, a central processing CHJ or double data rate synchronous dynamic random access memory DDR.
5.—种机顶盒,其特征在于,包括: 密钥生成模块,用于生成所述机顶盒的密钥,所述密钥通过第一算法计算所述机顶盒的硬件标识码生成,所述硬件标识码用于唯一标识所述机顶盒中的指定硬件,所述机顶盒的内置芯片具有唯一的硬件标识码且可读取该唯一的硬件标识码; 签名模块,用于将所述密钥通过预设签名算法签名随机数,得到签名数据; 数据存储模块,用于将所述随机数和所述签名数据存入所述机顶盒的指定位置; 数据读取模块,用于当所述机顶盒开机时,从所述机顶盒的所述指定位置读取所述随机数和所述签名数据,并读取所述机顶盒的所述硬件标识码; 、防盗判断模块,用于通过所述第一算法计算读取出的硬件标识码,将计算得到的密钥通过所述预设签名算法签名所述随机数,判断得到的结果是否和读取出的签名数据相同; 一 5.- kinds of set-top boxes, characterized in that, comprising: a key generating module, for generating the key set-top box, the set-top box by the key calculation algorithm first generates a hardware identification code, said hardware identification code used to uniquely identify a given hardware in the set-top box, the set-top box with built-in chip can be a unique hardware identification code and read the unique hardware identification code; signature module, through a preset key for the signature algorithm signature random number to obtain signature data; a data storage module, the random number and the signature data stored in the specified location for the set-top box; data reading means for, when the set-top box boot, from the the set-top box to specify the position read the random number and the signature data, the set-top box and reading the hardware identification code;, determining security module, for calculating said first read by the hardware algorithm identification code, the calculated key signature algorithm preset by the signature of the random number, determines whether the result obtained signature data, and read out the same; a 顶盒启动模块,用于在判断出所述得到的结果和读取出的签名数据相同之后,再启动所述机顶盒,其中, 所述数据存储模块具体用于: 将所述随机数分割得到1个以上所述随机数的子数据; 将所述签名数据分割得到1个以上所述签名数据的子数据; 所述随机数的子数据与所述签名数据的子数据通过第二算法计算生成i个以上组合数据; Z 将所述1个以上组合数据存入所述机顶盒的指定位置。 After the same start-top box signature data means for determining that the result obtained in and read out, and then start the set-top box, wherein the data storage module is configured to: the random number obtained by dividing 1 or more of the sub-data of random numbers; the signature data obtained by dividing the sub data at least one signature data; sub-data of the sub-data of the random number calculation signature data generated by the second algorithm i or more combinations of data; the Z combination of the above data into a specified position of the set-top box.
6.如权利要求5所述的机顶盒,其特征在于,所述密钥生成模块具体用于: 从所述机顶盒的所述指定硬件中读取所述硬件标识码; 读取所述指定硬件的生产序列号; 通过所述第一算法,将所述硬件标识码与所述生产序列号组合生成所述机顶盒的密钥。 6. The top box as claimed in claim 5, wherein said key generating module is specifically configured to: read the identification code from the hardware specified in the hardware of the set top box; reading the specific piece of hardware production serial number; by the first algorithm, the hardware identification code in combination with the manufacturer's serial number of set-top box to generate the key.
7. 如权利要求5和6任一项所述的机顶盒,其特征在于,所述指定位置包括以下至少一项:闪存或者单片机。 7. The set-top box according to any one of claims 5 and 6, wherein the designated position comprises at least one of: a flash memory or a microcontroller.
8. 如权利要求5和6任一项所述的机顶盒,其特征在于,所述指定硬件包括以下任意一项:闪存、中央处理器CTO或者双倍速率同步动态随机存储器DDR。 Set-top box 5 and 6 according to any one of claim 8, wherein the designated hardware comprises any of the following: a flash memory, a central processing CTO or double data rate synchronous dynamic random access memory DDR.
CN201310601597.0A 2013-11-22 2013-11-22 A set top box anti-piracy methods and set-top boxes CN103607645B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310601597.0A CN103607645B (en) 2013-11-22 2013-11-22 A set top box anti-piracy methods and set-top boxes

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310601597.0A CN103607645B (en) 2013-11-22 2013-11-22 A set top box anti-piracy methods and set-top boxes

Publications (2)

Publication Number Publication Date
CN103607645A CN103607645A (en) 2014-02-26
CN103607645B true CN103607645B (en) 2017-06-23

Family

ID=50125842

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310601597.0A CN103607645B (en) 2013-11-22 2013-11-22 A set top box anti-piracy methods and set-top boxes

Country Status (1)

Country Link
CN (1) CN103607645B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104683871A (en) * 2015-02-12 2015-06-03 福建新大陆通信科技股份有限公司 FLASH ID-based low-security set-top box encryption control method
CN104796745A (en) * 2015-03-26 2015-07-22 成都市斯达鑫辉视讯科技有限公司 Safety protection method for set top box

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101031068A (en) * 2006-02-27 2007-09-05 美国博通公司 Method and system for secure system-on-a-chip architecture for multimedia data processing
CN101154256A (en) * 2006-09-26 2008-04-02 英特尔公司 Methods and arrangements to launch trusted, co-existing environments
CN101300775A (en) * 2005-10-31 2008-11-05 松下电器产业株式会社 Secure processing device, secure processing method, encrypted confidential information embedding method, program, storage medium, and integrated circuit
CN102196317A (en) * 2011-03-01 2011-09-21 深圳创维数字技术股份有限公司 Set-top box protection method and set-top box

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7391865B2 (en) * 1999-09-20 2008-06-24 Security First Corporation Secure data parser method and system
WO2008054406A2 (en) * 2005-11-18 2008-05-08 Orsini Rick L Secure data parser method and system
CN102082665B (en) * 2009-11-30 2013-10-23 中国移动通信集团公司 Identity authentication method, system and equipment in EAP (Extensible Authentication Protocol) authentication
CN102867138A (en) * 2012-08-23 2013-01-09 深圳市同洲电子股份有限公司 Copyright protection method and device for STB (set top box) middleware

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101300775A (en) * 2005-10-31 2008-11-05 松下电器产业株式会社 Secure processing device, secure processing method, encrypted confidential information embedding method, program, storage medium, and integrated circuit
CN101031068A (en) * 2006-02-27 2007-09-05 美国博通公司 Method and system for secure system-on-a-chip architecture for multimedia data processing
CN101154256A (en) * 2006-09-26 2008-04-02 英特尔公司 Methods and arrangements to launch trusted, co-existing environments
CN102196317A (en) * 2011-03-01 2011-09-21 深圳创维数字技术股份有限公司 Set-top box protection method and set-top box

Also Published As

Publication number Publication date
CN103607645A (en) 2014-02-26

Similar Documents

Publication Publication Date Title
KR100896625B1 (en) System and method for authenticating software using hidden intermediate keys
US9183357B2 (en) Recording/reproducing system, recording medium device, and recording/reproducing device
EP1273996B1 (en) Secure bootloader for securing digital devices
US7237121B2 (en) Secure bootloader for securing digital devices
JP4740157B2 (en) Protect digital data content
US9092598B2 (en) Version-based software product activation
US8438377B2 (en) Information processing apparatus, method and computer-readable storage medium that encrypts and decrypts data using a value calculated from operating-state data
JP4489030B2 (en) Method and apparatus for providing a secure boot sequence in the processor
CN103210396B (en) Including methods and devices for protection of sensitive code and data architectures of
CN101491000B (en) Method and system for cryptographic functions of confusion
CN101908119B (en) Method and device for processing dynamic link library (DLL) file
CN100468438C (en) Encryption and decryption method for realizing hardware and software binding
JP2013110459A5 (en)
CN1234081C (en) Method for realizing computer safety and enciphering based on identity confirmation by using BIOS
CN1505311A (en) Program update method and server
JP2005227995A (en) Information processor, information processing method and computer program
CN101241534A (en) Semiconductor device including encryption section or external interface, and content reproduction method
CN103729597B (en) The method of calibration system startup, the system startup calibration device and the terminal
US8645711B2 (en) Information processor, method for verifying authenticity of computer program, and computer program product
US20090019275A1 (en) Secure Boot Method and Semiconductor Memory System Using the Method
JP4157595B2 (en) Secure processing apparatus, method, program
CN104091135A (en) Safety system and safety storage method of intelligent terminal
JP2013530454A (en) Host device and method for accessing storage device virtual files by bypassing the host device cache
US8650393B2 (en) Authenticator
KR101662616B1 (en) Methods and apparatus to protect memory regions during low-power states

Legal Events

Date Code Title Description
C06 Publication
C10 Entry into substantive examination
GR01
CF01