The first embodiment is as follows:
a first embodiment of the present application provides a conditional access method, as shown in fig. 2, which is a schematic flow chart of the conditional access method in the first embodiment of the present application, where the conditional access method may include the following steps:
step 201: and the terminal equipment receives key updating information which is issued by the television transmission center and contains the set root key generation parameters.
Optionally, the terminal device may receive, through the following manner, key update information that includes the set root key generation parameter and is issued by the television transmission center:
receiving EMM information transmitted by the television transmitting center;
and searching the information related to the terminal equipment from the EMM information by using the original equipment identifier of the terminal equipment, and decrypting the searched information related to the terminal equipment on the basis of the original root key of the terminal equipment to obtain the key updating information containing the set root key generation parameter.
That is to say, the key update information is usually issued to the terminal device by the television transmission center through an EMM, which is not described in detail in this embodiment of the present application.
Further, the root key generation parameter (i.e. Kd generation parameter, which may be identified as Kr) is generally issued to the television transmission center via the key management center and then issued to the terminal device by the television transmission center when the security server determines that the device key needs to be updated (e.g. when it determines that the device key such as Kd authorized to be issued to the terminal device is stolen or broken).
Optionally, the process of transferring the root key generation parameter between the security server, the key management center, the television transmission center, and the terminal device may be as follows:
when determining that the device key needs to be updated, the security server generates a new root key based on a set key generation algorithm and a set root key generation parameter, and sends first key update information containing the root key generation parameter and the new root key to a key management center through a set security transmission tool;
after receiving the first key updating information, the key management center updates a key database according to the first key updating information, and sends second key updating information which contains the root key generation parameters but does not contain the new root key to a television emission center;
and after receiving the second key updating information, the television transmitting center issues third key updating information which contains the root key generation parameter but does not contain the new root key to corresponding terminal equipment so as to issue the root key generation parameter to the corresponding terminal equipment.
That is to say, in the transmission process of the root key generation parameter, the security server can adopt a set security transmission tool to transmit a corresponding new root key and the root key generation parameter to the key management center point to point, that is, the key transmission is limited between the security server and the key management center, so as to prevent the key and the key generation parameter from being leaked, and improve the security of the device key; the set secure delivery tool may be provided by a key management center, which is not described in detail in this embodiment of the present application.
Further, when the secure server generates a new root key, the set key generation algorithm according to which the secure server generates a new root key may be a private secret algorithm that is preset in the secure server by a corresponding device manufacturer (that is, the key generation algorithm is run on a secure computer with security), and a new Kd may be generated by the key generation algorithm based on a specific root key generation parameter (that is, a Kd generation parameter, which may be identified as Kr). Therefore, the Kd generation parameter can be transmitted in the air, and even if the Kd generation parameter is intercepted by a third party, the corresponding Kd cannot be generated due to the fact that a corresponding key generation algorithm does not exist, and the safety of the device key is guaranteed.
Note that, when the secure server generates a new root key, the set root key generation parameter (i.e., Kd generation parameter) on which the secure server is based is usually a random number of one M bit (bit) (M is an arbitrary positive integer), and the Kd generation parameter usually satisfies the following condition: generating a corresponding Kd that can be uniquely determined from the Kd generation parameter includes uniquely generating a Kd for a corresponding generation based on Kd generation parameters of historical generations.
Optionally, in the embodiment described in this application, taking a random number with a Kd generation parameter of 32 bits as an example, the security server may specifically generate a new root key based on the set key generation algorithm and the set root key generation parameter by:
shifting the 32-bit random number according to a set shifting algorithm to obtain Y new 32-bit random numbers; for example, the 32-bit random number may be circularly left-shifted by 8 bits to obtain 3 new 32-bit random numbers;
combining the obtained Y new 32-bit random numbers with the initial 32-bit random number to obtain (Y +1) × 32-bit random numbers; for example, combining the 4 random numbers with 32 bits obtained in the above steps to obtain a random number with 128 bits (16 bytes);
based on a set matrix algorithm, carrying out transformation processing on the (Y +1) × 32-bit random number to obtain a new (Y +1) × 32-bit random number, and taking the obtained new (Y +1) × 32-bit random number as a generated new root key;
the Y is a positive integer, and is similar to a set key generation algorithm, and the set matrix algorithm may be a private security algorithm preset in the security server by a corresponding device manufacturer, which is not described in detail in this embodiment of the present application.
Step 202: and the terminal equipment generates a new root key according to the root key generation parameter and a set key generation algorithm locally stored by the terminal equipment.
When the terminal device generates a new root key according to the acquired root key generation parameter, the set key generation algorithm according to which the terminal device generates the new root key is the same as a key generation algorithm used when the security server generates the new root key, and the set key generation algorithm may be a private secret algorithm that is preset in a secure storage area (Trust zone) of the terminal device by a device manufacturer related to the terminal device, that is, the key generation algorithm is not transferred over the air but embedded in the terminal device, so as to ensure the security of the device key.
Optionally, in the embodiment described in this application, similar to the process of generating the new root key by the security server, taking a random number with a Kd generation parameter of one 32 bits as an example, the terminal device may specifically generate the new root key by:
shifting the 32-bit random number according to a set shifting algorithm to obtain Y new 32-bit random numbers; for example, the 32-bit random number may be circularly left-shifted by 8 bits to obtain 3 new 32-bit random numbers;
combining the obtained Y new 32-bit random numbers with the initial 32-bit random number to obtain (Y +1) × 32-bit random numbers; for example, combining the 4 random numbers with 32 bits obtained in the above steps to obtain a random number with 128 bits (16 bytes);
based on a set matrix algorithm, carrying out transformation processing on the (Y +1) × 32-bit random number to obtain a new (Y +1) × 32-bit random number, and taking the obtained new (Y +1) × 32-bit random number as a generated new root key;
wherein Y is a positive integer; moreover, similar to the set key generation algorithm, the set matrix algorithm may be a private encryption algorithm preset in the terminal device by the corresponding device manufacturer, which is not described in detail in the embodiments of the present application.
Step 203: and the terminal equipment acquires a descrambling key according to the new root key and descrambles the program stream issued by the television transmission center according to the acquired descrambling key to obtain the program clear stream.
It should be noted that, after the Kd is updated, the Kw (work key) corresponding to the Kd also needs to be updated, that is, after the key management center receives the updated Kd sent by the security server, the key management center needs to generate a corresponding new Kw (i.e., updated Kw) by using the updated Kd, and send the new Kw to the terminal device via the television transmission center (specifically, the television transmission center may carry the encrypted new Kw obtained by encrypting with the updated Kd in the key update information and send the key update information to the terminal device), and accordingly, obtaining the descrambling key according to the new root key may include:
decrypting the encrypted updated working key according to the new root key to obtain an updated working key;
and decrypting the encrypted descrambling key carried in the ECM issued by the television transmission center according to the updated working key to obtain the descrambling key.
That is to say, in the embodiment of the present application, the terminal device may generate a new root key according to a root key generation parameter in the key update information issued by the television transmission center and a set key generation algorithm locally stored by the terminal device, acquire the descrambling key according to the new root key, and descramble the program stream issued by the television transmission center according to the acquired descrambling key to obtain the program clear stream, so as to solve the problem that a user needs to spend a long time to update the device key to descramble the program when receiving the program by using the existing CA system, improve the receiving efficiency of the CA system, and improve the application experience of the user.
Further, it should be noted that, after generating a new root key based on a set key generation algorithm and a set root key generation parameter, the security server may further generate a new root key generation number (i.e., an updated generation number) according to a history sequence of the new root key, and replace a lower N bit of an original device identifier (original device ID) of the corresponding terminal device with the new root key generation number to form a new device identifier (i.e., an updated device identifier, where N is a positive integer and a value thereof is usually not less than a number of bits occupied by the root key generation number), and issue the new root key generation number to the television transmission center via the key management center, and the television transmission center issues the new root key generation number to the corresponding terminal device by carrying the new root key generation number in the key update information; therefore, in the embodiment of the present application, after the terminal device receives the key update information issued by the television transmission center, the method may further include the following steps:
replacing the low N bit of the original equipment identifier of the terminal equipment with the new root key generation number according to the new root key generation number carried in the key updating information to form a new equipment identifier; and N is a positive integer, and the value of N is not less than the number of bits occupied by the generation number of the root key.
It should be noted that, because the value range of the root key generation number may be generally 0 to 255, that is, the root key generation number may generally occupy 8 digits (bit), the low N bit of the original device identifier of the terminal device is replaced with the new root key generation number to form a new device identifier, which may be specifically implemented as: and replacing the lower 8 bits of the original equipment identifier of the terminal equipment with the new root key generation number to form a new equipment identifier. In addition, it should be noted that the device identifier of the terminal device (including the original device identifier and the updated device identifier) may generally occupy 64 digits (bit), which is not described in this embodiment of the present application.
Accordingly, as can be seen from the above, the process of transferring the root key generation parameter among the security server, the key management center, the television transmission center, and the terminal device may be specifically as follows:
when the device key is determined to be updated, the security server generates a new root key based on a set key generation algorithm and a set root key generation parameter, generates a new root key generation number according to the historical sequence of the new root key, replaces the lower N bit of the original device identifier of the corresponding terminal device with the new root key generation number to form a new device identifier, and sends first key update information containing the root key generation parameter, the new root key and the new root key generation number to a key management center through a set security transmission tool;
after receiving the first key updating information, the key management center updates a key database according to the first key updating information, and sends second key updating information which contains the root key generation parameter and the new root key generation number but does not contain the new root key to a television emission center;
and after receiving the second key updating information, the television transmitting center issues third key updating information which contains the root key generation parameter and the new root key generation number but does not contain the new root key to corresponding terminal equipment.
For example, taking a specific example as an example, the process of transferring the root key generation parameter between the security server, the key management center, the television transmission center, and the terminal device may specifically be as follows:
since Kd once issued to a user upon authorization, the user needs to be guaranteed that it is not compromised, if Kd is inadvertently compromised or stolen by a hacker (which is often unavoidable), the corresponding device manufacturer can generate new Kd update information via the corresponding secure server, including: { updated generation number, Kr (root key generation parameter), updated root key Kd, updated device ID }, and transmits the Kd update information to the key management center (i.e., RMP center) via the secure transmission tool; the RMP center inputs the Kd updating information into a database of unified management, and sends all information without Kd, including { updated generation number, Kr and updated equipment ID } to each television transmitting center, the television transmitting center inputs the received corresponding information into the database of unified management, and after a set time (such as two days), the { updated generation number, Kr } is sent to the terminal equipment of the user through EMM information; after receiving the corresponding information, the terminal equipment can analyze and decrypt the EMM information through the original equipment ID and the original Kd to obtain corresponding Kd update information { updated generation number, Kr }, and starts a Kd update flow at the terminal side according to the obtained Kd update information { updated generation number, Kr }, so as to realize the update of the equipment key.
It should be noted that, after the Kd is updated, the Kw corresponding to the Kd also needs to be updated, so that the key management center needs to generate a new Kw (i.e., updated Kw) using the Kd after receiving the updated Kd transmitted by the security server, transmit the new Kw to the television transmission center together with the updated generation number, Kr, updated device ID, and the like, and transmit the new Kw and Kr to the terminal device by the television transmission center, so that the terminal device generates an updated Kd from the corresponding Kr, then acquires the new Kw using the updated Kd, further acquires the descrambling key Ks from the new Kw, and descrambles the program according to the acquired Ks.
Further, in the embodiment of the present application, after the terminal device generates a corresponding new root key and a new device identifier, the method may further include:
and storing the generated new root key and the new device identification in a secure storage area of the terminal device. Namely, the device key can be stored in the secure storage area in an encrypted manner, so that the security of the device key is ensured.
Optionally, storing the generated new root key and the new device identifier in a secure storage area of the terminal device may include:
generating a new file for storing the new root key and the new device identification in a secure storage area of the terminal device by taking the new root key generation number as an index; and storing the new root key and the new device identifier in the new file, and after the new root key and the new device identifier are stored in the new file, setting the attribute of the new file to be read only (i.e. all updates are additional updates and cannot be replaced).
That is, in the embodiment described in the present application, additional update of Kd can be done by creating an SFS (secure file system) file indexed by generation number, i.e., all device key updates can be managed with the updated generation number. Correspondingly, the retrieval of Kd can be completed by searching for SFS files indexed by the generation number, which is not described in detail in the embodiments of the present application.
Further, it should be noted that, because the root key generation number and the root key have a corresponding one-to-one correspondence relationship, after the terminal device receives the key update information issued by the television transmission center, it may first determine whether the root key generation number in the key update information is stored at the terminal device side, and if the determination result is yes, the root key corresponding to the root key generation number may be directly obtained from the terminal device side according to the root key generation number, without performing the operation of generating a new root key again according to the root key generation parameter in the key update information and the locally stored set key generation algorithm, so as to reduce the processing delay and the processing pressure of the system, which is also not described in detail in this embodiment of the present application.
The first embodiment of the present application provides a conditional access method, where a terminal device may generate a new root key according to a root key generation parameter in key update information issued by a television transmission center and a set key generation algorithm locally stored by the terminal device, acquire a descrambling key according to the new root key, and descramble a program stream issued by the television transmission center according to the acquired descrambling key to obtain a program clear stream, so as to solve the problem that a user needs to spend a long time to update a device key to descramble a program when the user receives the program by using an existing CA system, improve the reception efficiency of the CA system, and improve the application experience of the user.
Example two:
based on the same inventive concept, a second embodiment of the present application provides a terminal device, and specific implementation of the terminal device may refer to related description in the first embodiment of the method, and repeated parts are not described again, as shown in fig. 3, the terminal device may mainly include:
the receiving module 31 is configured to receive key update information including a set root key generation parameter and sent by a television transmission center;
an updating module 32, configured to generate a new root key according to the root key generation parameter and a set key generation algorithm locally stored in the terminal device; wherein the set key generation algorithm is a private secret algorithm preset in a secure storage area of the terminal device by a device manufacturer associated with the terminal device; the root key generation parameter is an M-bit random number, M is any positive integer, and a corresponding root key can be uniquely determined according to the root key generation parameter;
and the descrambling module 33 is configured to obtain a descrambling key according to the new root key, and descramble the program stream delivered by the television transmission center according to the obtained descrambling key to obtain a program clear stream.
Furthermore, the key updating information can also carry an encrypted updated working key;
the descrambling module 33 is specifically configured to decrypt the encrypted updated working key according to the new root key to obtain an updated working key, and decrypt the encrypted descrambling key carried in the ECM issued by the television transmission center according to the updated working key to obtain a descrambling key.
Further, the key update information may also carry a new root key generation number;
the updating module 32 is further configured to replace the lower N bits of the original device identifier of the terminal device with the new root key generation number according to the new root key generation number, so as to form a new device identifier; and N is a positive integer, and the value of N is not less than the number of bits occupied by the generation number of the root key.
Further, the terminal device may further include a storage module 34:
the storage module 34 is configured to store the generated new root key and the new device identifier in a secure storage area of the terminal device.
Optionally, the storage module 34 is specifically configured to generate a new file for storing the new root key and the new device identifier in the secure storage area of the terminal device, with the new root key generation number as an index; and storing the new root key and the new device identifier in the file, and setting the attribute of the file to be read only after the new root key and the new device identifier are stored in the file.
In addition, it should be noted that the storage module 34 may also be configured to store parameters such as an original device identifier and an original root key of the terminal device; specifically, the original generation number of the terminal device may be used as an index, and the parameters of the original device identifier of the terminal device, the original root key, and the like are stored.
Further, it should be noted that, since the key update information containing the set root key generation parameter is usually sent to the terminal device by the television transmission center through the EMM information, the receiving module 31 may be specifically configured to receive the EMM information carrying the key update information sent by the television transmission center, search the information related to the terminal device from the EMM information by using the original device identifier of the terminal device, and decrypt the searched information related to the terminal device based on the original root key of the terminal device, so as to obtain the key update information containing the set root key generation parameter.
In addition, it should be noted that the receiving module 31 may also be configured to receive an ECM issued by a television transmitting center, and receive a program stream issued by the television transmitting center, and the like, which is not described in detail in this embodiment of the application.
Based on the same inventive concept, a conditional access system is further provided in the second embodiment of the present application, and for specific implementation of the conditional access system, reference may be made to related descriptions in the first embodiment of the method, and repeated descriptions are omitted, as shown in fig. 4, the conditional access system mainly includes a television transmission center 41 and a terminal device 42, where:
the television transmission center 41 is configured to send key update information including a set root key generation parameter to the terminal device 42;
the terminal device 42 is configured to receive key update information that includes a set root key generation parameter and is issued by the television transmission center 41; generating a new root key according to the root key generation parameter and a set key generation algorithm locally stored by the terminal device 42; and acquiring a descrambling key according to the new root key, and descrambling the program stream issued by the television transmission center 41 according to the acquired descrambling key to obtain a program clear stream.
Further, it should be noted that, in addition to the television transmission center 41 and the terminal device 42, the conditional access system may further include a security server 43, a key management center 44, and the like, where: the secure server 43 may be configured to generate a new root key based on a set key generation algorithm and a set root key generation parameter when it is determined that the device key needs to be updated, and send the root key generation parameter to the key management center 44; the key management center 44 may be configured to issue the root key generation parameter issued by the security server 43 to the television transmission center 41, which is not described in detail in this embodiment of the application.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, apparatus (device), or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (devices) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While the preferred embodiments of the present application have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all alterations and modifications as fall within the scope of the application.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present application without departing from the spirit and scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.