CN106454435A - Conational access method, related device, and system - Google Patents
Conational access method, related device, and system Download PDFInfo
- Publication number
- CN106454435A CN106454435A CN201510483860.XA CN201510483860A CN106454435A CN 106454435 A CN106454435 A CN 106454435A CN 201510483860 A CN201510483860 A CN 201510483860A CN 106454435 A CN106454435 A CN 106454435A
- Authority
- CN
- China
- Prior art keywords
- key
- root key
- terminal unit
- new
- new root
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/266—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
- H04N21/26613—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing keys in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/45—Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
- H04N21/462—Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
- H04N21/4623—Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/63—Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
- H04N21/633—Control signals issued by server directed to the network components or client
- H04N21/6332—Control signals issued by server directed to the network components or client directed to client
- H04N21/6334—Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
Abstract
The invention discloses a conational access method, a related device, and a system. A terminal device is used to generate a new root key according to a root key generating parameter in key update information issued by a television emission center and a set key generating algorithm stored locally in the terminal device, and is used to acquire a descrambling key according to the new root key, and is used to descramble a program issued by the television emission center according to the acquired descrambling key to acquire a program clearing stream. A problem of a prior art that long time is required to update the device key to realize the program descrambling, when a user receives the program by using a conventional CA system is solved, and therefore the receiving efficiency of the CA system is improved, and the application experience of the user is improved.
Description
Technical field
The application is related to digital TV Broadcasting Techniques field, a kind of more particularly, to CA (Conational Access,
Condition reception) method and relevant device and system.
Background technology
CA system refers to for controlling user (Subscriber) that broadcast service or program are received
System, that is, user can only watch through mandate broadcast service or program.CA system is to realize personalization
The key of service, its basic object is in television station's television system, user to be carried out with authorization control and authorizes pipe
Reason, thus realize the paid service of Radio Data System.
Specifically, as shown in figure 1, it is the ultimate principle configuration diagram of existing CA system.By Fig. 1
Understand, CA system adopts three layers of encryption method:Adopt Ks (descramble key) right in TV programme sender
Program scrambling, and transmit during Ks pass through Kw (working key) encryption transmission, and the transmission of Kw further through
Kd (root key) encrypts;In television programme reception side, user decrypts Kw by Kd, then adopts
Kw decrypts Ks, finally by Ks, TV programme is descrambled for clear stream.
Wherein, Ks, Kw can by ECM (Entitlement Control Message, Entitlement Control Message),
EMM (Entitlement Management Message, Entitlement Management Message) and TV programme stream one rise
(specifically, Ks can be sent to user by ECM, and Kw can be sent to use by EMM to give user
Family), and Kd does not transmit in the air.Specifically, Kd is only capable of by secure fashion warrant distributing, by secret
Close mode updates.As, at terminal unit, Kd typically passes through the special of setting by terminal unit manufacturer
Equipment writes in corresponding IC-card it is impossible to dynamic change.
That is, current CA system uses the mode of fixing equipment key, device keyses are (e.g.,
Kd) it is saved in IC-card, cannot dynamically change, when device keyses (e.g., Kd) are stolen or are cracked
When, device keyses (e.g., Kd) can only be completed by way of changing IC-card or changes terminal equipment
Updating, thus leading to user when carrying out receiving using corresponding CA system, needing cost longer
Time carries out the descrambling updating to realize program of device keyses, reduces the receiving efficiency of CA system,
Make Consumer's Experience poor.
Content of the invention
The embodiment of the present application provides a kind of condition receiving method and relevant device and system, existing in order to solve
The more low problem of receiving efficiency existing for CA system.
Specifically, the embodiment of the present application provides a kind of condition receiving method, including:
Terminal unit receives the key of the root key generation parameter including setting that transmission of television center issues
Fresh information;
Generated according to the key of described root key generation parameter and the local setting preserving of described terminal unit
Algorithm generates new root key;
Descramble key is obtained according to described new root key, and according to the descramble key getting to described TV
The program stream that launching centre issues is descrambled, and obtains program clear stream.
Correspondingly, the embodiment of the present application additionally provides a kind of terminal unit, including:
Receiver module, for receiving the root key generation parameter including setting that transmission of television center issues
Key updating information;
Update module, for setting of locally being preserved according to described root key generation parameter and described terminal unit
Fixed key schedule generates new root key;
Descrambling module, for obtaining descramble key according to described new root key, and according to the descrambling getting
The program stream that key issues to described transmission of television center descrambles, and obtains program clear stream.
Further, the embodiment of the present application additionally provides a kind of condition receiving system, including transmission of television center
And terminal unit, wherein:
Described terminal unit, for receiving the root key life including setting that described transmission of television center issues
Become the key updating information of parameter;And locally protected according to described root key generation parameter and described terminal unit
The key schedule of the setting deposited generates new root key;And, solution is obtained according to described new root key
Disturb key, and solved according to the program stream that the descramble key getting issues to described transmission of television center
Disturb, obtain program clear stream.
The application has the beneficial effect that:
The embodiment of the present application provides a kind of condition receiving method and relevant device and system, and terminal unit can root
According to the root key generation parameter in the key updating information that transmission of television center issues and described terminal unit
The key schedule of the local setting preserving generates new root key, and is obtained according to described new root key
Descramble key, and, flow to according to the program that the descramble key getting issues to described transmission of television center
Row descrambling, obtains program clear stream, thus solving user when carrying out receiving using existing CA system,
Need to spend longer time to carry out the problem updating to realize the descrambling of program of device keyses, improve
The receiving efficiency of CA system, improves the application experience of user.
Brief description
For the technical scheme being illustrated more clearly that in the embodiment of the present application, below will be to institute in embodiment description
Need the accompanying drawing using to briefly introduce it should be apparent that, drawings in the following description are only the application
Some embodiments, for those of ordinary skill in the art, on the premise of not paying creative work,
Other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 show the ultimate principle configuration diagram of existing CA system;
Fig. 2 show the schematic flow sheet of the condition receiving method described in the embodiment of the present application one;
Fig. 3 show a kind of possible structural representation of the terminal unit described in the embodiment of the present application two;
Fig. 4 show a kind of possible structural representation of the condition receiving system described in the embodiment of the present application three
Figure.
Specific embodiment
In order that the purpose of the application, technical scheme and advantage are clearer, below in conjunction with accompanying drawing to this Shen
Please be described in further detail it is clear that described embodiment is only some embodiments of the present application,
Rather than whole embodiments.Based on the embodiment in the application, those of ordinary skill in the art are not doing
The all other embodiment being obtained under the premise of going out creative work, broadly falls into the scope of the application protection.
Embodiment one:
The embodiment of the present application one provides a kind of condition receiving method, as shown in Fig. 2 it is implemented for the application
The schematic flow sheet of condition receiving method described in example one, described condition receiving method may include following steps:
Step 201:Terminal unit receives the root key generation ginseng including setting that transmission of television center issues
The key updating information of number.
Alternatively, what described terminal unit can receive that transmission of television center issues in the following manner includes
The key updating information of the root key generation parameter setting:
Receive the EMM information that described transmission of television center issues;
Original device mark using described terminal unit finds and described terminal from described EMM information
The information of equipment itself correlation, and the original root key based on described terminal unit is to finding and described end
The information of end equipment itself correlation is decrypted, and obtains including the key of the root key generation parameter of setting more
Fresh information.
That is, described key updating information is typically described transmission of television being handed down to centrally through EMM
Described terminal unit, the embodiment of the present application does not repeat to this.
Further, described root key generation parameter (i.e. Kd generation parameter can be designated Kr) is typically
Security server (is issued to terminal unit as determined to authorize when determining and device keyses need to be updated
When the device keyses such as Kd are stolen or are cracked), it is handed down in transmission of television via KMC
The heart and then described terminal unit is issued to by transmission of television center.
Alternatively, described root key generation parameter is in security server, KMC, transmission of television
Transmittance process between center and terminal unit can be as described below:
Security server determine device keyses need to be updated when, based on set key schedule with
And the root key generation parameter setting generates new root key, and will comprise described root key generation parameter and
The first key fresh information of described new root key is sent to key pipe by the safe tool for transmitting setting
Reason center;
KMC after receiving described first key fresh information, according to described first key more
Fresh information updates key database, and will comprise described root key generation parameter but do not comprise described new
Second key updating information of root key sends to transmission of television center;
Transmission of television center, after receiving described second key updating information, will comprise described root key life
The 3rd key updating information becoming parameter but not comprising described new root key is issued to corresponding terminal and sets
Standby, described root key generation parameter is handed down to corresponding terminal unit.
That is, in the transmittance process of root key generation parameter, security server can be using setting
The point-to-point root key new accordingly to KMC's transmission of safe tool for transmitting and root key generate ginseng
Number, i.e. key transmission is limited between security server and KMC, in case key and key
The leakage of generation parameter, improves the safety of device keyses;Wherein, the safe tool for transmitting of described setting
Can be generally that KMC provides, the embodiment of the present application does not repeat to this.
Further, it should be noted that security server is when carrying out the generation of new root key, institute
The key schedule of the described setting of foundation can be set in advance in by corresponding device fabrication side
(i.e. this key schedule operates in the peace of safety precaution to privately owned secret algorithm in described security server
On all computer), by this key schedule, can be according to specific root key generation parameter (i.e. Kd
Generation parameter, can be designated Kr) generate a new Kd.So, Kd generation parameter can pass in the air
Passing, even if being intercepted and captured by third party, due to there is no corresponding key schedule, also cannot generate corresponding
Kd is it is ensured that the safety of device keyses.
In addition, it is necessary to explanation, security server when carrying out the generation of new root key, institute's foundation
Described setting root key generation parameter (i.e. Kd generation parameter) be usually a M position (bit) random
Number (described M is any positive integer), and, this Kd generation parameter generally need to meet following condition:According to
This Kd generation parameter well-determined can generate corresponding Kd, generates ginseng including the Kd based on the history generation
The Kd of number uniquely generated correspondence generation.
Alternatively, in herein described embodiment, with the random number that Kd generation parameter is one 32 it is
Example, security service implement body can come in the following manner based on the key schedule setting and setting
Root key generation parameter generates new root key:
According to the shifting algorithm setting, shifting processing is carried out to this 32 random number, obtain Y individual new
The random number of 32;For example, this random number ring shift left of 32 8 can be obtained 3 new 32
The random number of position;
The Y obtaining a new random number of 32 is combined with the random number of initial 32, obtains
(Y+1) random number of * 32;For example, the random number of 4 32 obtained by merging above-mentioned steps,
Obtain the random number of 128 (16Byte);
Based on the matrix algorithm setting, conversion process is carried out to described (Y+1) * 32 random number, obtains
To new (Y+1) random number of * 32 and described new (Y+1) obtaining * 32 is random
Number is as the new root key generating;
Wherein, described Y is positive integer, and, described setting similar with the key schedule setting
Matrix algorithm can be specifically to be set in advance in described security server by corresponding device fabrication side
Privately owned secret algorithm, the embodiment of the present application does not repeat to this.
Step 202:Terminal unit locally preserves according to described root key generation parameter and described terminal unit
The key schedule of setting generate new root key.
Wherein, described terminal unit is carrying out the life of new root key according to the root key generation parameter getting
Cheng Shi, the key schedule of described setting of institute's foundation and security server carry out the generation of new root key
When the key schedule that used be same algorithm, and can be generally by related to described terminal unit
Device fabrication side is set in advance in the privately owned guarantor in the secure storage section (Trust zone) of described terminal unit
Close algorithm, i.e. key schedule does not transmit in the air, but be embedded in terminal unit, to ensure
The safety of device keyses.
Alternatively, the process of new root key in herein described embodiment, is generated with security server
Similar, terminal unit specifically can be in the following manner taking the random number that Kd generation parameter is one 32 as a example
To generate new root key:
According to the shifting algorithm setting, shifting processing is carried out to this 32 random number, obtain Y individual new
The random number of 32;For example, this random number ring shift left of 32 8 can be obtained 3 new 32
The random number of position;
The Y obtaining a new random number of 32 is combined with the random number of initial 32, obtains
(Y+1) random number of * 32;For example, the random number of 4 32 obtained by merging above-mentioned steps,
Obtain the random number of 128 (16Byte);
Based on the matrix algorithm setting, conversion process is carried out to described (Y+1) * 32 random number, obtains
To new (Y+1) random number of * 32 and described new (Y+1) obtaining * 32 is random
Number is as the new root key generating;
Wherein, described Y is positive integer;And, described setting similar with the key schedule setting
Matrix algorithm can be specifically the private being set in advance in described terminal unit by corresponding device fabrication side
There is secret algorithm, the embodiment of the present application does not repeat to this.
Step 203:Terminal unit obtains descramble key according to described new root key, and according to getting
The program stream that descramble key issues to described transmission of television center descrambles, and obtains program clear stream.
It should be noted that after being updated due to Kd, (work is close to there is the Kw of corresponding corresponding relation to it
Key) it is also required to be updated, i.e. KMC is after the renewal receiving security server transmission
In addition it is also necessary to generate Kw (Kw after updating) new accordingly using the Kd after this renewal after Kd,
And via transmission of television center, this new Kw is sent to terminal unit, and (specifically, transmission of television center can
New Kw after encryption obtained by being encrypted using the Kd after this renewal is carried in key updating letter
It is sent to terminal unit in breath), thus, correspondingly, descramble key is obtained according to described new root key,
May include:
It is decrypted according to the working key after the renewal to encryption for the described new root key, updated
Working key afterwards;
Carry according in the ECM that the working key after described renewal issues to described transmission of television center
The descramble key of encryption is decrypted, and obtains descramble key.
That is, in herein described embodiment, terminal unit can issue according to transmission of television center
Key updating information in root key generation parameter and the local setting preserving of described terminal unit close
Key generating algorithm generates new root key, and obtains descramble key according to described new root key, and,
Descrambled according to the program stream that the descramble key getting issues to described transmission of television center, saved
Mesh clear stream, thus solving user when carrying out receiving using existing CA system, needs cost longer
Time carry out the problem to realize the descrambling of program for the renewal of device keyses, improve connecing of CA system
Produce effects rate, improve the application experience of user.
Further, it should be noted that due to security server based on set key schedule
And after the root key generation parameter setting generates new root key, also can be according to described new root key
History be sequentially generated new root key generation number (generation number after updating), and by corresponding terminal equipment
Original device mark (original device ID) low N position replace with described new root key generation number, shape
(device identification after updating, wherein, for positive integer and its value is usual for described N for the device identification of Cheng Xin
Not less than digit shared by root key generation number), and, by described new root key generation number via key pipe
Transmission of television center is handed down at reason center, is carried described new root key generation number by transmission of television center
It is issued to corresponding terminal unit in key updating information;Thus, in herein described embodiment,
Terminal unit after receiving the key updating information that transmission of television center issues, also can wrap by methods described
Include following steps:
According to the new root key generation number carrying in described key updating information, described terminal unit is former
The low N position of beginning device identification replaces with described new root key generation number, forms new device identification;Wherein,
For positive integer and its value is not less than digit shared by root key generation number to described N.
Wherein it is desired to explanation, because the span of root key generation number generally can be 0~255, that is,
8 unitss (bit) generally can be accounted for, thus, the low N position of the original device mark of terminal unit is replaced with
Described new root key generation number, forms new device identification, can be embodied as:Terminal unit is former
The least-significant byte of beginning device identification replaces with described new root key generation number, forms new device identification.In addition,
It should be noted that device identification (the setting after including original device mark and updating of described terminal unit
Standby mark) generally can account for 64 unitss (bit), the embodiment of the present application does not repeat to this.
Correspondingly, as shown in the above, described root key generation parameter is in security server, key pipe
Transmittance process between reason center, transmission of television center and terminal unit specifically also can be as described below:
Security server determine device keyses need to be updated when, based on set key schedule with
And the root key generation parameter setting generates new root key, and the history order according to described new root key
Generate new root key generation number, and the low N position of the original device mark of corresponding terminal equipment is replaced with institute
State new root key generation number, form new device identification, and, will comprise described root key generation parameter,
Described new root key, the first key fresh information of described new root key generation number pass through the safety setting
Tool for transmitting is sent to KMC;
KMC after receiving described first key fresh information, according to described first key more
Fresh information updates key database, and will comprise described root key generation parameter and described new root key
Generation number but the second key updating information of not comprising described new root key send to transmission of television
The heart;
Transmission of television center, after receiving described second key updating information, will comprise described root key life
Become parameter and described new root key generation number but do not comprise the 3rd key of described new root key more
Fresh information is issued to corresponding terminal unit.
For example, root key generation parameter is in security server, key management taking an instantiation as a example
Transmittance process between the heart, transmission of television center and terminal unit specifically can be as described below:
User is issued to once authorizing due to Kd, user needs to ensure that it is not leaked, if Kd lets out accidentally
Leak or (this situation generally cannot avoid) is stolen by hacker, then corresponding device fabrication can be by corresponding
Security server generates new Kd fresh information, including:{ (root key generates for the generation number after renewal, Kr
Parameter), update after root key Kd, update after device id, and above-mentioned Kd fresh information is passed through
Safe tool for transmitting is sent to KMC (i.e. RMP center);RMP center is by above-mentioned Kd more
The data base of fresh information typing unified management, and removing all information after Kd, including { after renewal
Generation number, Kr, the device id after renewal } issue each transmission of television center, will be connect by transmission of television center
The data base of the corresponding information typing unified management receiving, and after setting duration (as two days), pass through
{ generation number after renewal, Kr } is handed down to the terminal unit of user by EMM information;Terminal unit is receiving
To after corresponding information, can be parsed by original device ID and original Kd and decipher EMM information, obtain phase
The Kd fresh information { generation number after renewal, Kr } answered, and according to the Kd fresh information obtaining { after renewal
Generation number, Kr, start end side Kd more new technological process, realize the renewal of device keyses.
It should be noted that due to Kd update after, to its exist the Kw of corresponding corresponding relation be also required to into
Row updates, thus, KMC, after the Kd after the renewal receiving security server transmission, goes back
Need to generate new accordingly Kw (Kw after updating) using this Kd, and this new Kw and more
Generation number after new, Kr, device id after renewal etc. send jointly to transmission of television center, are sent out by TV
Hit the heart and this new Kw and Kr is sent jointly to terminal unit so that terminal unit is according to corresponding
After Kr generates the Kd after updating, obtain this new Kw using the Kd after this renewal, and and then according to this
New Kw obtains descramble key Ks, and realizes the descrambling of program according to the Ks getting.
Further, in herein described embodiment, terminal unit is generating root key new accordingly
And after new device identification, methods described may also include:
The new root key generating and new device identification are saved in the safety storage of described terminal unit
In region.That is, can be using secure storage section encrypted memory device key it is ensured that the safety of device keyses
Property.
Alternatively, the new root key generating and new device identification are saved in described terminal unit
In secure storage section, it may include:
Using described new root key generation number as index, in the secure storage section of described terminal unit
Generate a new file for preserving described new root key and described new device identification;And,
Described new root key and described new device identification are saved within this new file, and by institute
State new root key and after described new device identification is saved within described new file, will be described new
The attribute of file be set to only to read (read only) (i.e. all renewals be to add and update it is impossible to replace
Change).
That is, in herein described embodiment, can be by creating the SFS (peace with generation number for index
Whole file system) file, complete the additional renewal to Kd, i.e. can be all using updating generation number management
Device keyses update.Correspondingly, also can be by searching the SFS file with generation number for index, it is right to complete
The retrieval of Kd, the embodiment of the present application does not all repeat to this.
Further, it should be noted that due to root key generation number and root key exist corresponding one by one
Corresponding relation, thus, described terminal unit is receiving the key updating information that transmission of television center issues
Afterwards, can first determine whether whether the root key generation number in this key updating information is stored in terminal equipment side,
If the determination result is YES, then can obtain and this root from terminal equipment side directly according to this root key generation number
The corresponding root key of key generation number, and need not execute again according to the root in described key updating information
The key schedule of cipher generating parameter and the local setting preserving generates the operation of new root key,
To reduce processing delay and the processing pressure of system, the embodiment of the present application does not also repeat to this.
The embodiment of the present application one provides a kind of condition receiving method, and terminal unit can be according to transmission of television center
Root key generation parameter in the key updating information issuing and the local setting preserving of described terminal unit
Key schedule generate new root key, and descramble key is obtained according to described new root key, and,
Descrambled according to the program stream that the descramble key getting issues to described transmission of television center, obtain program
Clear stream, thus solving user when carrying out receiving using existing CA system, needs cost longer
Time carries out the problem updating to realize the descrambling of program of device keyses, improves the reception of CA system
Efficiency, improves the application experience of user.
Embodiment two:
Based on same inventive concept, the embodiment of the present application two provides a kind of terminal unit, this terminal unit
It is embodied as can be found in the associated description in said method embodiment one, repeats no more in place of repetition, such as Fig. 3
Shown, this terminal unit mainly may include:
Receiver module 31, can be used for receiving the root key generation ginseng including setting that transmission of television center issues
The key updating information of number;
Update module 32, can be used for locally being preserved according to described root key generation parameter and described terminal unit
The key schedule of setting generate new root key;Wherein, the key schedule of described setting be by
The device fabrication side related to described terminal unit is set in advance in the secure storage section of described terminal unit
Interior privately owned secret algorithm;Described root key generation parameter is the random number of a M position, and described M is any
Positive integer, and, corresponding root key well-determined can be generated according to described root key generation parameter;
Descrambling module 33, can be used for obtaining descramble key according to described new root key, and according to getting
The program stream that descramble key issues to described transmission of television center descrambles, and obtains program clear stream.
Further, going back portability in described key updating information has the work after the renewal of encryption close
Key;
Described descrambling module 33, is particularly used in the renewal to described encryption according to described new root key
Working key afterwards is decrypted, the working key after being updated, and according to the work after described renewal
The descramble key of the encryption carrying in the ECM that key issues to described transmission of television center is decrypted,
Obtain descramble key.
Further, going back portability in described key updating information has new root key generation number;
Described update module 32, it may also be used for according to described new root key generation number by described terminal unit
The low N position of original device mark replace with described new root key generation number, form new equipment mark
Know;Wherein, for positive integer and its value is not less than digit shared by root key generation number to described N.
Further, described terminal unit may also include memory module 34:
Described memory module 34, can be used for being saved in the new root key generating and new device identification
In the secure storage section of described terminal unit.
Alternatively, described memory module 34 is particularly used in using described new root key generation number as index,
Generate in the secure storage section of described terminal unit one new for preserve described new root key and
The file of described new device identification;And, described new root key and described new device identification are protected
Exist within described file, and described being saved in described new root key and described new device identification
After within file, the attribute of described file is set to only read.
In addition, it is necessary to illustrate, described memory module 34 can be additionally used in storing the former of described terminal unit
The parameter such as beginning device identification and original root key;And, specifically, can described terminal unit original generation
Code name is index, stores the parameters such as the original device mark of described terminal unit and original root key, this Shen
This please not repeated embodiment.
Further, it should be noted that due to the root key generation parameter that includes setting key more
Fresh information is typically transmission of television and is sent to described terminal unit centrally through EMM information, thus, institute
State receiver module 31 be particularly used in receive described transmission of television center issue carry described key updating
The EMM information of information, and identified from described EMM information using the original device of described terminal unit
Find the information related to itself, and, the original root key based on described terminal unit is to finding
The information related to itself be decrypted, obtain including the key of the root key generation parameter of setting more
Fresh information.
In addition, it is necessary to illustrate, described receiver module 31 can be additionally used in reception transmission of television center and issues
ECM, and receive program stream of issuing of transmission of television center etc., the embodiment of the present application is not gone to live in the household of one's in-laws on getting married to this
State.
Based on same inventive concept, the embodiment of the present application two additionally provides a kind of condition receiving system, this condition
Reception system be embodied as can be found in the associated description in said method embodiment one, no longer superfluous in place of repetition
State, as shown in figure 4, this condition receiving system mainly may include transmission of television center 41 and terminal unit
42, wherein:
Described transmission of television center 41, can be used for issuing the key of the root key generation parameter including setting more
Fresh information gives described terminal unit 42;
Described terminal unit 42, can be used for receiving that described transmission of television center 41 issues includes setting
The key updating information of root key generation parameter;And set according to described root key generation parameter and described terminal
The key schedule of the setting of standby 42 local preservations generates new root key;And, according to described new
Root key obtains descramble key, and according to the descramble key getting, described transmission of television center 41 is issued
Program stream descrambled, obtain program clear stream.
Further, it should be noted that in described condition receiving system except include transmission of television center 41
And outside terminal unit 42, may also include the equipment such as security server 43, KMC 44, its
In:Described security server 43 can be used for when determination need to be updated to device keyses, based on set
The root key generation parameter of key schedule and setting generates new root key, and described root key is given birth to
Parameter is become to be handed down to described KMC 44;Described KMC 44 can be used for described safety
The root key generation parameter that server 43 issues is handed down to transmission of television center 41, and the embodiment of the present application is to this
Do not repeat.
It will be understood by those skilled in the art that embodiments herein can be provided as method, device (equipment),
Or computer program.Therefore, the application can using complete hardware embodiment, complete software embodiment,
Or combine the form of the embodiment of software and hardware aspect.And, the application can using one or more its
In include computer-usable storage medium (the including but not limited to disk storage of computer usable program code
Device, CD-ROM, optical memory etc.) the upper computer program implemented form.
The application is with reference to according to the method for the embodiment of the present application, device (equipment) and computer program
Flow chart and/or block diagram describing.It should be understood that can by computer program instructions flowchart and/or
Each flow process in block diagram and/or the flow process in square frame and flow chart and/or block diagram and/or square frame
In conjunction with.These computer program instructions can be provided to general purpose computer, special-purpose computer, Embedded Processor
Or the processor of other programmable data processing device with produce a machine so that by computer or other
The instruction of the computing device of programmable data processing device produce for realizing in one flow process of flow chart or
The device of the function of specifying in multiple flow processs and/or one square frame of block diagram or multiple square frame.
These computer program instructions may be alternatively stored in and computer or other programmable datas can be guided to process and set
So that being stored in this computer-readable memory in the standby computer-readable memory working in a specific way
Instruction produce and include the manufacture of command device, the realization of this command device is in one flow process or multiple of flow chart
The function of specifying in flow process and/or one square frame of block diagram or multiple square frame.
These computer program instructions also can be loaded in computer or other programmable data processing device, makes
Obtain and series of operation steps is executed on computer or other programmable devices to produce computer implemented place
Reason, thus the instruction of execution is provided for realizing in flow chart one on computer or other programmable devices
The step of the function of specifying in flow process or multiple flow process and/or one square frame of block diagram or multiple square frame.
Although having been described for the preferred embodiment of the application, those skilled in the art once know base
This creative concept, then can make other change and modification to these embodiments.So, appended right will
Ask and be intended to be construed to including preferred embodiment and fall into being had altered and changing of the application scope.
Obviously, those skilled in the art can carry out various changes and modification without deviating from this Shen to the application
Spirit and scope please.So, if the application these modification and modification belong to the application claim and
Within the scope of its equivalent technologies, then the application is also intended to comprise these changes and modification.
Claims (16)
1. a kind of condition receiving method is it is characterised in that include:
Terminal unit receives the key of the root key generation parameter including setting that transmission of television center issues
Fresh information;
Generated according to the key of described root key generation parameter and the local setting preserving of described terminal unit
Algorithm generates new root key;
Descramble key is obtained according to described new root key, and according to the descramble key getting to described TV
The program stream that launching centre issues is descrambled, and obtains program clear stream.
2. the method for claim 1 is it is characterised in that described key updating information is described electricity
Depending on launching centre, described terminal unit is handed down to by Entitlement Management Message EMM.
3. method as claimed in claim 1 or 2 is it is characterised in that go back in described key updating information
Carry the working key after the renewal of encryption;Then descramble key is obtained according to described new root key,
Including:
It is decrypted according to the working key after the renewal to described encryption for the described new root key, obtain
Working key after renewal;
The Entitlement Control Message described transmission of television center being issued according to the working key after described renewal
The descramble key of the encryption carrying in ECM is decrypted, and obtains descramble key.
4. method as claimed in claim 1 or 2 is it is characterised in that go back in described key updating information
Carry new root key generation number;Methods described also includes:
According to described new root key generation number, the low N position of the original device mark of described terminal unit is replaced
It is changed to described new root key generation number, form new device identification;Wherein, described N be positive integer and its
Value is not less than digit shared by root key generation number.
5. method as claimed in claim 4 is it is characterised in that methods described also includes:
The new root key generating and new device identification are saved in the safety storage of described terminal unit
In region.
6. method as claimed in claim 5 is it is characterised in that by the new root key generating and new
Device identification be saved in the secure storage section of described terminal unit, including:
Using described new root key generation number as index, in the secure storage section of described terminal unit
Generate a new file for preserving described new root key and described new device identification;And,
Described new root key and described new device identification are saved within described file, and will be described
After new root key and described new device identification are saved within described file, by the genus of described file
Property is set to only read.
7. method as claimed in claim 1 or 2 is it is characterised in that the key of described setting generates and calculates
Method is to be deposited by the safety that the device fabrication side related to described terminal unit is set in advance in described terminal unit
Privately owned secret algorithm in storage area domain.
8. the method for claim 1 is it is characterised in that described root key generation parameter is a M
The random number of position, described M is any positive integer;And, can be unique according to described root key generation parameter
The generation determining corresponds to root key.
9. a kind of terminal unit is it is characterised in that include:
Receiver module, for receiving the root key generation parameter including setting that transmission of television center issues
Key updating information;
Update module, for setting of locally being preserved according to described root key generation parameter and described terminal unit
Fixed key schedule generates new root key;
Descrambling module, for obtaining descramble key according to described new root key, and according to the descrambling getting
The program stream that key issues to described transmission of television center descrambles, and obtains program clear stream.
10. terminal unit as claimed in claim 9 is it is characterised in that go back in described key updating information
Carry the working key after the renewal of encryption;
Described descrambling module, after according to the renewal to described encryption for the described new root key
Working key is decrypted, the working key after being updated, and according to the working key after described renewal
The descramble key of the encryption carrying in the Entitlement Control Message ECM that described transmission of television center is issued enters
Row deciphering, obtains descramble key.
11. terminal units as claimed in claim 9 are it is characterised in that go back in described key updating information
Carry new root key generation number;
Described update module, is additionally operable to according to described new root key generation number, described terminal unit is former
The low N position of beginning device identification replaces with described new root key generation number, forms new device identification;Its
In, for positive integer and its value is not less than digit shared by root key generation number to described N.
12. terminal units as claimed in claim 11 are it is characterised in that described terminal unit also includes
Memory module:
Described memory module, described for being saved in the new root key generating and new device identification
In the secure storage section of terminal unit.
13. terminal units as claimed in claim 12 it is characterised in that
Described memory module, specifically for using described new root key generation number as index, at described end
Generate in the secure storage section of end equipment one new for preserving described new root key and described new
The file of device identification;And, described new root key and described new device identification are saved in institute
State within file, and described new root key and described new device identification are being saved in described file
Within after, the attribute of described file is set to only read.
14. terminal units as claimed in claim 9 are it is characterised in that the key of described setting generates and calculates
Method is to be deposited by the safety that the device fabrication side related to described terminal unit is set in advance in described terminal unit
Privately owned secret algorithm in storage area domain.
15. terminal units as claimed in claim 9 are it is characterised in that described root key generation parameter is
The random number of one M position, described M is any positive integer;And, can according to described root key generation parameter
Well-determined generation corresponds to root key.
A kind of 16. condition receiving systems it is characterised in that including transmission of television center and terminal unit,
Wherein:
Described terminal unit, for receiving the root key life including setting that described transmission of television center issues
Become the key updating information of parameter;And locally protected according to described root key generation parameter and described terminal unit
The key schedule of the setting deposited generates new root key;And, solution is obtained according to described new root key
Disturb key, and solved according to the program stream that the descramble key getting issues to described transmission of television center
Disturb, obtain program clear stream.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510483860.XA CN106454435B (en) | 2015-08-07 | 2015-08-07 | Conditional access method and related equipment and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510483860.XA CN106454435B (en) | 2015-08-07 | 2015-08-07 | Conditional access method and related equipment and system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106454435A true CN106454435A (en) | 2017-02-22 |
CN106454435B CN106454435B (en) | 2020-01-24 |
Family
ID=58092421
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510483860.XA Active CN106454435B (en) | 2015-08-07 | 2015-08-07 | Conditional access method and related equipment and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106454435B (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108156494A (en) * | 2017-12-27 | 2018-06-12 | 青岛海信电器股份有限公司 | The method, apparatus and digital TV terminal of digital television program descrambling |
CN114531237A (en) * | 2022-04-21 | 2022-05-24 | 八维通科技有限公司 | Root key upgrading method of integrated gateway based on embedded platform |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040236959A1 (en) * | 2003-05-23 | 2004-11-25 | Henri Kudelski | Security key generation method |
CN201127083Y (en) * | 2007-09-19 | 2008-10-01 | 中兴通讯股份有限公司 | Equipment for implementing multimedia broadcast safety |
CN102752635A (en) * | 2012-02-23 | 2012-10-24 | 中央电视台 | Downloadable and replaceable condition receiving system |
CN102752662A (en) * | 2012-02-23 | 2012-10-24 | 中央电视台 | Root key generation method, module and chip of conditional access system receiving terminal and receiving terminal |
-
2015
- 2015-08-07 CN CN201510483860.XA patent/CN106454435B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040236959A1 (en) * | 2003-05-23 | 2004-11-25 | Henri Kudelski | Security key generation method |
CN201127083Y (en) * | 2007-09-19 | 2008-10-01 | 中兴通讯股份有限公司 | Equipment for implementing multimedia broadcast safety |
CN102752635A (en) * | 2012-02-23 | 2012-10-24 | 中央电视台 | Downloadable and replaceable condition receiving system |
CN102752662A (en) * | 2012-02-23 | 2012-10-24 | 中央电视台 | Root key generation method, module and chip of conditional access system receiving terminal and receiving terminal |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108156494A (en) * | 2017-12-27 | 2018-06-12 | 青岛海信电器股份有限公司 | The method, apparatus and digital TV terminal of digital television program descrambling |
CN108156494B (en) * | 2017-12-27 | 2020-12-22 | 海信视像科技股份有限公司 | Method and device for descrambling digital television program and digital television terminal |
CN114531237A (en) * | 2022-04-21 | 2022-05-24 | 八维通科技有限公司 | Root key upgrading method of integrated gateway based on embedded platform |
CN114531237B (en) * | 2022-04-21 | 2022-07-19 | 八维通科技有限公司 | Root key upgrading method of integrated gateway based on embedded platform |
Also Published As
Publication number | Publication date |
---|---|
CN106454435B (en) | 2020-01-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA3041664C (en) | Data transmission method, apparatus and system | |
CN105260668A (en) | File encryption method and electronic device | |
CN105162772A (en) | IoT equipment authentication and key agreement method and device | |
CN105450620A (en) | Information processing method and device | |
CN101018320A (en) | A digital TV condition receiving system and its encryption method | |
CN106571915A (en) | Terminal master key setting method and apparatus | |
CN106452770A (en) | Data encryption method and apparatus, data decryption method and apparatus, and system | |
CN107707562B (en) | Method and device for encrypting and decrypting algorithm of asymmetric dynamic token | |
CN103067166A (en) | Grading mixing encryption method and device of intelligent family system | |
CN101562520B (en) | Method and system for distributing service secret keys | |
CN113326518B (en) | Data processing method and device | |
CN106454435A (en) | Conational access method, related device, and system | |
CN114244493A (en) | Block chain-based key management method capable of being updated inadvertently with threshold | |
CN101399662B (en) | Method, system, conditional receiving module and customer terminal for obtaining service key | |
CN109428712A (en) | Data Encrypt and Decrypt method and data Encrypt and Decrypt system | |
CN108134777A (en) | A kind of communication encryption system based on timestamp | |
CN107872312B (en) | Method, device, equipment and system for dynamically generating symmetric key | |
CN105978876B (en) | A kind of instruction encryption method applied in broadcast communication | |
US9735956B2 (en) | Key ladder apparatus and method | |
CN114401148A (en) | Communication data encryption and decryption optimization method | |
CN114866312A (en) | Common data determination method and device for protecting data privacy | |
CN114710693A (en) | Video stream distributed transmission method and device | |
CN106357390A (en) | Dynamic encryption method and device | |
CN109426727A (en) | Data ciphering method, decryption method, encryption system and decryption system | |
EP2668737A1 (en) | Controlled security domains |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 1233405 Country of ref document: HK |
|
GR01 | Patent grant | ||
GR01 | Patent grant |