CN106488321B - Television decryption method and system - Google Patents

Television decryption method and system Download PDF

Info

Publication number
CN106488321B
CN106488321B CN201611201847.1A CN201611201847A CN106488321B CN 106488321 B CN106488321 B CN 106488321B CN 201611201847 A CN201611201847 A CN 201611201847A CN 106488321 B CN106488321 B CN 106488321B
Authority
CN
China
Prior art keywords
transport stream
private key
authorization
user
key algorithm
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201611201847.1A
Other languages
Chinese (zh)
Other versions
CN106488321A (en
Inventor
万旭
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen TCL Digital Technology Co Ltd
Original Assignee
Shenzhen TCL Digital Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen TCL Digital Technology Co Ltd filed Critical Shenzhen TCL Digital Technology Co Ltd
Priority to CN201611201847.1A priority Critical patent/CN106488321B/en
Publication of CN106488321A publication Critical patent/CN106488321A/en
Application granted granted Critical
Publication of CN106488321B publication Critical patent/CN106488321B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4623Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/435Processing of additional data, e.g. decrypting of additional data, reconstructing software from modules extracted from the transport stream
    • H04N21/4353Processing of additional data, e.g. decrypting of additional data, reconstructing software from modules extracted from the transport stream involving decryption of additional data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/44Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs
    • H04N21/4405Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving video stream decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4622Retrieving content or additional data from different sources, e.g. from a broadcast channel and the Internet

Landscapes

  • Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Multimedia (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

The invention discloses a television decryption method, which comprises the following steps: when a transport stream sent by a server is received, downloading a corresponding user private key algorithm according to a user private key algorithm identifier in the transport stream; calculating according to the user private key algorithm and a preset root key to obtain a corresponding user personal key, and decrypting the authorization management information in the transport stream according to the user personal key to obtain a corresponding service key; and decrypting the authorization control information in the transport stream according to the service key to acquire a corresponding control word, and descrambling the transport stream according to the control word to acquire corresponding video data. The invention also discloses a television decryption system. The invention can enable the digital television terminal to decrypt the transmission streams sent by different operators and can use the television services provided by different television operators.

Description

Television decryption method and system
Technical Field
The invention relates to the technical field of televisions, in particular to a television decryption method and system.
Background
At present, there are many encryption authorization modes for a user terminal by a conditional access system of a digital television, such as manual authorization, magnetic card authorization, IC card authorization, and smart card authorization, and the smart card authorization mode is the mainstream encryption authorization mode.
When the smart card is used for authorization, a user personal key is stored in the smart card, the user personal key can be obtained only by an operator producing the smart card, other operators can not obtain the user personal key, the operator and the user terminal are bound by the smart card, so that the user terminal can only use services provided by the bound operator, but can not use the services provided by other operators, and the operation cost of the operator can be increased by using the smart card.
Therefore, when the encryption authorization is performed by adopting the smart card authorization mode, the digital television terminal can only decrypt the transport stream sent by the binding operator by using the user personal key in the smart card, and cannot decrypt the transport stream sent by other operators.
Disclosure of Invention
The invention mainly aims to provide a television decryption method and a television decryption system, and aims to solve the technical problem that a digital television terminal can only decrypt transmission streams sent by a binding operator and cannot decrypt transmission streams sent by other operators.
In order to achieve the above object, the present invention provides a television decryption method, which includes the following steps:
when a transport stream sent by a server is received, downloading a corresponding user private key algorithm according to a user private key algorithm identifier in the transport stream;
calculating according to the user private key algorithm and a preset root key to obtain a corresponding user personal key, and decrypting the authorization management information in the transport stream according to the user personal key to obtain a corresponding service key;
and decrypting the authorization control information in the transport stream according to the service key to acquire a corresponding control word, and descrambling the transport stream according to the control word to acquire corresponding video data.
Optionally, before the step of downloading the corresponding user private key algorithm according to the user private key algorithm identifier in the transport stream, the television decryption method further includes:
when a transport stream sent by a server is received, judging whether a user private key algorithm identifier in a current user terminal is the same as a user private key algorithm identifier in the transport stream;
when the user private key algorithm identification in the current user terminal is the same as the user private key algorithm identification in the transport stream, acquiring a corresponding user private key algorithm according to the user private key algorithm identification in the current user terminal;
and when the user private key algorithm identification in the current user terminal is different from the user private key algorithm identification in the transport stream, executing a step of downloading the corresponding user private key algorithm according to the user private key algorithm identification in the transport stream.
Optionally, the step of decrypting the authorization management information in the transport stream according to the user personal key to obtain a corresponding service key includes:
acquiring corresponding authorization management information according to the authorization management information identifier in the transport stream;
and decrypting the authorization management information according to the user personal key to obtain a corresponding service key and user authorization information.
Optionally, before the step of decrypting the entitlement control message in the transport stream according to the service key to obtain the corresponding control word, the television decryption method further includes:
judging whether the current user terminal has the authorization authority of the program in the transport stream or not according to the user authorization information;
when the current user terminal has the authorization right of the program in the transport stream, executing the step of decrypting the authorization control information in the transport stream according to the service key to obtain the corresponding control word;
and stopping decryption when the authorization right of the program in the transport stream does not exist in the current user terminal.
Optionally, the step of decrypting the entitlement control message in the transport stream according to the service key to obtain a corresponding control word includes:
acquiring corresponding authorization control information according to the authorization control information identifier in the transport stream;
and decrypting the authorization control information according to the service key to obtain a corresponding control word.
In addition, to achieve the above object, the present invention further provides a television decryption system, including:
the download module is used for downloading a corresponding user private key algorithm according to the user private key algorithm identification in the transport stream when receiving the transport stream sent by the server;
the calculation decryption module is used for calculating to obtain a corresponding user personal key according to the user private key algorithm and a preset root key, and decrypting the authorization management information in the transport stream according to the user personal key to obtain a corresponding service key;
and the decryption descrambling module is used for decrypting the authorization control information in the transport stream according to the service key to obtain a corresponding control word and descrambling the transport stream according to the control word to obtain corresponding video data.
Optionally, the television decryption system further includes:
the first judgment module is used for judging whether a user private key algorithm identifier in a current user terminal is the same as a user private key algorithm identifier in a transport stream when the transport stream sent by a server is received;
the acquisition module is used for acquiring a corresponding user private key algorithm according to the user private key algorithm identification in the current user terminal when the user private key algorithm identification in the current user terminal is the same as the user private key algorithm identification in the transport stream;
and the downloading module is also used for downloading the corresponding user private key algorithm according to the user private key algorithm identification in the transport stream when the user private key algorithm identification in the current user terminal is different from the user private key algorithm identification in the transport stream.
Optionally, the calculation decryption module includes:
a first obtaining unit, configured to obtain corresponding authorization management information according to an authorization management information identifier in the transport stream;
and the first decryption unit is used for decrypting the authorization management information according to the user personal key so as to obtain a corresponding service key and user authorization information.
Optionally, the television decryption system further includes:
the second judging module is used for judging whether the current user terminal has the authorization authority of the program in the transmission stream according to the user authorization information;
the decryption module is further configured to decrypt, when the current user terminal has the authorization right of the program in the transport stream, the authorization control information in the transport stream according to the service key to obtain a corresponding control word;
and the stopping module is used for stopping decryption when the authorization right of the program in the transmission stream does not exist in the current user terminal.
Optionally, the decryption descrambling module includes:
the second acquisition unit is used for acquiring corresponding authorization control information according to the authorization control information identifier in the transport stream;
and the second decryption unit is used for decrypting the authorization control information according to the service key so as to obtain a corresponding control word.
The digital television terminal downloads the corresponding user private key algorithm according to the user private key algorithm identification in the transmission stream when receiving the transmission stream sent by the server, and calculates and obtains the corresponding user personal key according to the user private key algorithm and the preset root key, then according to the user personal key, the authorization management information in the transmission stream is decrypted to obtain the corresponding service key, and according to the service key, the authorization control information in the transport stream is decrypted to obtain a corresponding control word, and finally, the decrypted transport stream is descrambled according to the control word to obtain corresponding video data, the scheme obtains a corresponding user private key algorithm through different user private key algorithm identifications, the method can decrypt and descramble the transport streams sent by different television operators, can be separated from the binding of the smart card, and can flexibly obtain the services of different television operators.
Drawings
FIG. 1 is a flowchart illustrating a first embodiment of a television decryption method according to the present invention;
fig. 2 is a schematic diagram illustrating a detailed flow of the step of decrypting the authorization management information in the transport stream according to the user personal key to obtain the corresponding service key in fig. 1;
fig. 3 is a schematic diagram illustrating a detailed flow of the step of decrypting the entitlement control message in the transport stream according to the service key to obtain the corresponding control word in fig. 1;
FIG. 4 is a flowchart illustrating a second embodiment of a television decryption method according to the present invention;
FIG. 5 is a flowchart illustrating a television decryption method according to a third embodiment of the present invention;
FIG. 6 is a functional block diagram of a television decryption system according to a first embodiment of the present invention;
FIG. 7 is a block diagram of a refinement function of the compute decrypt module shown in FIG. 6;
figure 8 is a schematic diagram of a detailed functional block of the decryption descrambling module in figure 6;
fig. 9 is a functional block diagram of a television decryption system according to a second embodiment of the present invention;
fig. 10 is a functional block diagram of a television decryption system according to a third embodiment of the present invention.
The implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The invention provides a television decryption method.
Referring to fig. 1, fig. 1 is a flowchart illustrating a television decryption method according to a first embodiment of the present invention.
In this embodiment, the television decryption method includes:
step S10, when receiving the transmission stream sent by the server, downloading the corresponding user private key algorithm according to the user private key algorithm identification in the transmission stream;
the television decryption method is applied to televisions, including digital televisions, intelligent televisions, network televisions and the like. In this embodiment, the television is installed with android software provided by a conditional access system service provider, and the television can download a user private key algorithm, a decryption algorithm, and the like through the android software. The user private key algorithm and the decryption algorithm are scalable, namely the user private key algorithm and the decryption algorithm are variable, and the safety of television services can be effectively improved.
The root key is a digital television terminal main chip serial number, is unique and unchangeable, and the server stores the digital television terminal main chip serial number, namely stores the unique root key of the digital television terminal. A control word generator in an operator server generates control words, scrambles audio and video and data code streams according to the control words, encrypts the control words according to a service key and an encryption algorithm, and writes the encrypted control words into authorization control information; the method comprises the steps of obtaining a root key of a corresponding digital television, calculating according to the root key and a user private key algorithm to obtain a corresponding user individual key, encrypting a service key according to the user individual key, writing the encrypted service key into corresponding authorization management information, and finally sending a transport stream containing the authorization management information, authorization control information and a user private key algorithm identifier to a digital television terminal. The identifiers of the private key algorithms of the users of different operators are different, and the identifiers of the operators can be used as the identifiers of the private key algorithms of the corresponding users, that is, the identifiers of the operators and the identifiers of the private key algorithms of the users are the same and have corresponding relations with the private key algorithms of the users.
When the digital television terminal receives the transport stream sent by the operator server, the user private key algorithm identification in the transport stream is obtained, and the corresponding user private key algorithm provided by the system service provider is received through the installed android software downloading condition according to the user private key algorithm identification, wherein the user private key algorithm is scalable.
Step S20, calculating according to the user private key algorithm and a preset root key to obtain a corresponding user personal key, and decrypting the authorization management information in the transport stream according to the user personal key to obtain a corresponding service key;
after the downloading of the user private key algorithm is completed, the digital television terminal calculates and obtains a corresponding user personal key according to the user private key algorithm and the unique serial number of the digital television terminal, namely a root key, and decrypts the authorization management information in the transport stream according to the user personal key to obtain a corresponding service key.
Specifically, referring to fig. 2, fig. 2 is a detailed flowchart of step S20 in fig. 1, where the step S20 includes:
step S21, obtaining corresponding authorization management information according to the authorization management information mark in the transmission stream;
step S22, decrypting the authorization management information according to the user personal key to obtain the corresponding service key and the user authorization information.
The transport stream includes Program Specific Information (PSI), such as a Program Association Table (PAT), a Program Map Table (PMT), Network Information (NIT), and a Conditional Access Table (CAT). The digital television terminal acquires the conditional access table and the program association table from the transport stream, acquires an authorization management information identifier (EMM _ PID) from the conditional access table, acquires corresponding authorization management information according to the authorization management information identifier, and then decrypts the authorization management information according to the user personal key and the decryption algorithm to acquire the corresponding service key and the user authorization information. The user authorization information is used for verifying whether the digital television terminal has the authority of playing the program in the transport stream, and when the digital television terminal has the authority of playing the program, the authorization control information is decrypted.
Step S30, decrypting the authorization control information in the transport stream according to the service key to obtain a corresponding control word, and descrambling the transport stream according to the control word to obtain corresponding video data.
After the digital television terminal obtains the personal key of the user through decryption, the authorized control information in the transmission stream is decrypted according to the personal key of the user to obtain the corresponding control word, and the transmission stream is descrambled according to the control word to obtain the corresponding video data.
Specifically, referring to fig. 3, fig. 3 is a detailed flowchart of step S30 in fig. 1, where the step S30 includes:
step S31, obtaining corresponding authorization control information according to the authorization control information identification in the transport stream;
step S32, decrypting the authorization control information according to the service key to obtain a corresponding control word.
The digital television terminal obtains a conditional access table and a program association table from the transport stream, obtains an authorization control information identifier (ECM _ PID) from the program association table, obtains corresponding authorization control information according to the authorization control information identifier when the digital television terminal has an authorization limit for playing the program, decrypts the authorization control information according to the service key to obtain a corresponding control word, descrambles the decrypted transport stream according to the control word, and decodes the decrypted transport stream to obtain corresponding video data.
In this embodiment, when receiving a transport stream sent by a server, the digital television terminal of the present invention downloads a corresponding user private key algorithm according to a user private key algorithm identifier in the transport stream, and calculates and obtains a corresponding user personal key according to the user private key algorithm and a preset root key, then decrypts the authorization management information in the transport stream according to the user personal key to obtain a corresponding service key, and decrypts the authorization control information in the transport stream according to the service key to obtain a corresponding control word, and finally descrambles the decrypted transport stream according to the control word to obtain corresponding video data, and according to the scheme, the corresponding user private key algorithm is obtained through different user private key algorithm identifiers, so that program streams sent by different television operators can be decrypted and descrambled, and binding of smart cards can be disengaged, and services of different television operators can be flexibly obtained, and the cost of producing the smart card can be saved, and the integration burden of the conditional access system is reduced.
Further, referring to fig. 4, based on the first embodiment, in a second embodiment of the television decryption method according to the present invention, before the step S10, the television decryption method further includes:
step S40, when receiving the transmission stream sent by the server, judging whether the user private key algorithm identification in the current user terminal is the same as the user private key algorithm identification in the transmission stream;
step S50, when the user private key algorithm identification in the current user terminal is the same as the user private key algorithm identification in the transport stream, acquiring the corresponding user private key algorithm according to the user private key algorithm identification in the current user terminal;
and when the user private key algorithm identification in the current user terminal is different from the user private key algorithm identification in the transport stream, executing step S10, namely downloading the corresponding user private key algorithm according to the user private key algorithm identification in the transport stream.
When the digital television terminal receives a transport stream sent by a server, whether a user private key algorithm identifier in the current digital television terminal is the same as a user private key algorithm identifier in the transport stream is judged, when the user private key algorithm identifier in the current digital television terminal is the same as the user private key algorithm identifier in the transport stream, a corresponding user private key algorithm is obtained according to the user private key algorithm identifier in the current user terminal, and when the user private key algorithm identifier in the current user terminal is different from the user private key algorithm identifier in the transport stream, the corresponding user private key algorithm is downloaded according to the user private key algorithm identifier in the transport stream.
In this embodiment, when the preset user private key algorithm identifier is the same as the user private key algorithm identifier in the transport stream, the digital television terminal does not download the user private key algorithm, but directly calls the preset user private key algorithm, so that the download time can be saved, and the user experience can be improved.
Further, referring to fig. 5, based on the first or second embodiment, in a third embodiment of the television decryption method according to the present invention, before the step S30, the television decryption method further includes:
step S60, judging whether the current user terminal has the authorization authority of the program in the transmission stream according to the user authorization information;
when the current user terminal has the authorization right of the program in the transport stream, executing step S30, that is, decrypting the authorization control information in the transport stream according to the service key to obtain the corresponding control word;
and step S70, stopping decryption when the authorization authority of the program in the transport stream does not exist in the current user terminal.
The digital television terminal decrypts the authorization management information according to the personal key and the decryption algorithm of the user to obtain the authorization information of the user, judges whether the authorization authority of the program in the transport stream exists in the current user terminal according to the authorization information of the user, decrypts the authorization control information in the transport stream according to the service key to obtain the corresponding control word when the authorization authority of the program in the transport stream exists in the current user terminal, and stops decryption when the authorization authority of the program in the transport stream does not exist in the current user terminal.
In this embodiment, the present invention determines the next operation, that is, whether to decrypt the authorization control information or to stop decryption, by verifying whether the digital television terminal has the authorization right to play the program in the transport stream, so that an operator can conveniently perform authorization management on the program.
The invention further provides a television decryption system.
Referring to fig. 6, fig. 6 is a functional block diagram of a television decryption system according to a first embodiment of the present invention.
In this embodiment, the television decryption system includes:
the downloading module 10 is configured to, when receiving a transport stream sent by a server, download a corresponding user private key algorithm according to a user private key algorithm identifier in the transport stream;
the television decryption system is applied to televisions, including digital televisions, intelligent televisions, network televisions and the like. In this embodiment, the television is installed with android software provided by a conditional access system service provider, and the television can download a user private key algorithm, a decryption algorithm, and the like through the android software. The user private key algorithm and the decryption algorithm are scalable, namely the user private key algorithm and the decryption algorithm are variable, and the safety of television services can be effectively improved.
The root key is a digital television terminal main chip serial number, is unique and unchangeable, and the server stores the digital television terminal main chip serial number, namely stores the unique root key of the digital television terminal. A control word generator in an operator server generates control words, scrambles audio and video and data code streams according to the control words, encrypts the control words according to a service key and an encryption algorithm, and writes the encrypted control words into authorization control information; the method comprises the steps of obtaining a root key of a corresponding digital television, calculating according to the root key and a user private key algorithm to obtain a corresponding user individual key, encrypting a service key according to the user individual key, writing the encrypted service key into corresponding authorization management information, and finally sending a transport stream containing the authorization management information, authorization control information and a user private key algorithm identifier to a digital television terminal. The identifiers of the private key algorithms of the users of different operators are different, and the identifiers of the operators can be used as the identifiers of the private key algorithms of the corresponding users, that is, the identifiers of the operators and the identifiers of the private key algorithms of the users are the same and have corresponding relations with the private key algorithms of the users.
When the digital television terminal receives the transport stream sent by the operator server, the user private key algorithm identification in the transport stream is obtained, and the corresponding user private key algorithm provided by the system service provider is received through the installed android software downloading condition according to the user private key algorithm identification, wherein the user private key algorithm is scalable.
A calculation decryption module 20, configured to calculate a decryption module, configured to obtain a corresponding user personal key according to the user private key algorithm and a preset root key, and decrypt, according to the user personal key, the authorization management information in the transport stream to obtain a corresponding service key;
after the downloading of the user private key algorithm is completed, the digital television terminal calculates and obtains a corresponding user personal key according to the user private key algorithm and the unique serial number of the digital television terminal, namely a root key, and decrypts the authorization management information in the transport stream according to the user personal key to obtain a corresponding service key.
Specifically, referring to fig. 7, fig. 7 is a schematic diagram of a detailed functional module of the calculation decryption module 20 in fig. 6, where the calculation decryption module 20 includes:
a first obtaining unit 21, configured to obtain corresponding authorization management information according to an authorization management information identifier in the transport stream;
and the first decryption unit 22 is configured to decrypt the authorization management information according to the user personal key to obtain a corresponding service key and user authorization information.
The transport stream includes Program Specific Information (PSI), such as a Program Association Table (PAT), a Program Map Table (PMT), Network Information (NIT), and a Conditional Access Table (CAT). The digital television terminal acquires the conditional access table and the program association table from the transport stream, acquires an authorization management information identifier (EMM _ PID) from the conditional access table, acquires corresponding authorization management information according to the authorization management information identifier, and then decrypts the authorization management information according to the user personal key and the decryption algorithm to acquire the corresponding service key and the user authorization information. The user authorization information is used for verifying whether the digital television terminal has the authority of playing the program in the transport stream, and when the digital television terminal has the authority of playing the program, the authorization control information is decrypted.
And the decryption descrambling module 30 is configured to decrypt the authorization control information in the transport stream according to the service key to obtain a corresponding control word, and descramble the transport stream according to the control word to obtain corresponding video data.
After the digital television terminal obtains the personal key of the user through decryption, the authorized control information in the transmission stream is decrypted according to the personal key of the user to obtain the corresponding control word, and the transmission stream is descrambled according to the control word to obtain the corresponding video data.
Specifically, referring to fig. 8, fig. 8 is a schematic diagram of a detailed functional module of the decryption descrambling module 30 in fig. 6, where the decryption descrambling module 30 includes:
a second obtaining unit 31, configured to obtain corresponding entitlement control information according to the entitlement control information identifier in the transport stream;
and the second decryption unit 32 is configured to decrypt the authorization control information according to the service key to obtain a corresponding control word.
The digital television terminal obtains a conditional access table and a program association table from the transport stream, obtains an authorization control information identifier (ECM _ PID) from the program association table, obtains corresponding authorization control information according to the authorization control information identifier when the digital television terminal has an authorization limit for playing the program, decrypts the authorization control information according to the service key to obtain a corresponding control word, descrambles the decrypted transport stream according to the control word, and decodes the decrypted transport stream to obtain corresponding video data.
In this embodiment, when receiving a transport stream sent by a server, the digital television terminal of the present invention downloads a corresponding user private key algorithm according to a user private key algorithm identifier in the transport stream, and calculates and obtains a corresponding user personal key according to the user private key algorithm and a preset root key, then decrypts the authorization management information in the transport stream according to the user personal key to obtain a corresponding service key, and decrypts the authorization control information in the transport stream according to the service key to obtain a corresponding control word, and finally descrambles the decrypted transport stream according to the control word to obtain corresponding video data, and according to the scheme, the corresponding user private key algorithm is obtained through different user private key algorithm identifiers, so that program streams sent by different television operators can be decrypted and descrambled, and binding of smart cards can be disengaged, and services of different television operators can be flexibly obtained, and the cost of producing the smart card can be saved, and the integration burden of the conditional access system is reduced.
Further, referring to fig. 9, based on the first embodiment, in a second embodiment of the television decryption system of the present invention, the television decryption system further includes:
the first judging module 40 is configured to, when receiving a transport stream sent by a server, judge whether a user private key algorithm identifier in a current user terminal is the same as a user private key algorithm identifier in the transport stream;
an obtaining module 50, configured to obtain, when a user private key algorithm identifier in the current user terminal is the same as the user private key algorithm identifier in the transport stream, a corresponding user private key algorithm according to the user private key algorithm identifier in the current user terminal;
the downloading module 10 is further configured to download, when the user private key algorithm identifier in the current user terminal is different from the user private key algorithm identifier in the transport stream, the corresponding user private key algorithm according to the user private key algorithm identifier in the transport stream.
When the digital television terminal receives a transport stream sent by a server, whether a user private key algorithm identifier in the current digital television terminal is the same as a user private key algorithm identifier in the transport stream is judged, when the user private key algorithm identifier in the current digital television terminal is the same as the user private key algorithm identifier in the transport stream, a corresponding user private key algorithm is obtained according to the user private key algorithm identifier in the current user terminal, and when the user private key algorithm identifier in the current user terminal is different from the user private key algorithm identifier in the transport stream, the corresponding user private key algorithm is downloaded according to the user private key algorithm identifier in the transport stream.
In this embodiment, when the preset user private key algorithm identifier is the same as the user private key algorithm identifier in the transport stream, the digital television terminal does not download the user private key algorithm, but directly calls the preset user private key algorithm, so that the download time can be saved, and the user experience can be improved.
Further, referring to fig. 10, based on the first or second embodiment, in a third embodiment of the television decryption system of the present invention, the television decryption system further includes:
a second judging module 60, configured to judge whether the current user terminal has the authorization permission of the program in the transport stream according to the user authorization information;
the decryption descrambling module is further configured to decrypt, when the authorization right of the program in the transport stream exists in the current user terminal, the authorization control information in the transport stream according to the service key to obtain a corresponding control word;
a stopping module 70, configured to stop decryption when the current user terminal does not have the authorization right of the program in the transport stream.
The digital television terminal decrypts the authorization management information according to the personal key and the decryption algorithm of the user to obtain the authorization information of the user, judges whether the authorization authority of the program in the transport stream exists in the current user terminal according to the authorization information of the user, decrypts the authorization control information in the transport stream according to the service key to obtain the corresponding control word when the authorization authority of the program in the transport stream exists in the current user terminal, and stops decryption when the authorization authority of the program in the transport stream does not exist in the current user terminal.
In this embodiment, the present invention determines the next operation, that is, whether to decrypt the authorization control information or to stop decryption, by verifying whether the digital television terminal has the authorization right to play the program in the transport stream, so that an operator can conveniently perform authorization management on the program.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.

Claims (8)

1. A television decryption method, characterized in that the television decryption method comprises the steps of:
when a transport stream sent by a server is received, downloading a corresponding user private key algorithm according to a user private key algorithm identifier in the transport stream;
calculating according to the user private key algorithm and a preset root key to obtain a corresponding user personal key, and obtaining corresponding authorization management information according to an authorization management information identifier in the transport stream;
decrypting the authorization management information according to the user personal key to obtain a corresponding service key and user authorization information;
and decrypting the authorization control information in the transport stream according to the service key to acquire a corresponding control word, and descrambling the transport stream according to the control word to acquire corresponding video data, wherein the transport stream comprises a program association table, a program mapping table, network information and a conditional access table.
2. The television decryption method of claim 1, wherein prior to the step of downloading the corresponding user private key algorithm based on the user private key algorithm identification in the transport stream, the television decryption method further comprises:
when a transport stream sent by a server is received, judging whether a user private key algorithm identifier in a current user terminal is the same as a user private key algorithm identifier in the transport stream;
when the user private key algorithm identification in the current user terminal is the same as the user private key algorithm identification in the transport stream, acquiring a corresponding user private key algorithm according to the user private key algorithm identification in the current user terminal;
and when the user private key algorithm identification in the current user terminal is different from the user private key algorithm identification in the transport stream, executing a step of downloading the corresponding user private key algorithm according to the user private key algorithm identification in the transport stream.
3. The television decryption method of claim 2, wherein before the step of decrypting the entitlement control messages in the transport stream based on the service key to obtain the corresponding control word, the television decryption method further comprises:
judging whether the current user terminal has the authorization authority of the program in the transport stream or not according to the user authorization information;
when the current user terminal has the authorization right of the program in the transport stream, executing the step of decrypting the authorization control information in the transport stream according to the service key to obtain the corresponding control word;
and stopping decryption when the authorization right of the program in the transport stream does not exist in the current user terminal.
4. A television decryption method according to any one of claims 1 to 3, wherein the step of decrypting entitlement control messages in the transport stream in dependence upon the service key to obtain the corresponding control word comprises:
acquiring corresponding authorization control information according to the authorization control information identifier in the transport stream;
and decrypting the authorization control information according to the service key to obtain a corresponding control word.
5. A television decryption system, the television decryption system comprising:
the download module is used for downloading a corresponding user private key algorithm according to the user private key algorithm identification in the transport stream when receiving the transport stream sent by the server;
the calculation decryption module is used for calculating to obtain a corresponding user personal key according to the user private key algorithm and a preset root key, and decrypting the authorization management information in the transport stream according to the user personal key to obtain a corresponding service key;
the decryption descrambling module is used for decrypting the authorization control information in the transport stream according to the service key to obtain a corresponding control word and descrambling the transport stream according to the control word to obtain corresponding video data;
wherein the calculation decryption module comprises:
a first obtaining unit, configured to obtain corresponding authorization management information according to an authorization management information identifier in the transport stream, where the transport stream includes a program association table, a program mapping table, network information, and a conditional access table;
and the first decryption unit is used for decrypting the authorization management information according to the user personal key so as to obtain a corresponding service key and user authorization information.
6. The television decryption system of claim 5, wherein the television decryption system further comprises:
the first judgment module is used for judging whether a user private key algorithm identifier in a current user terminal is the same as a user private key algorithm identifier in a transport stream when the transport stream sent by a server is received;
the acquisition module is used for acquiring a corresponding user private key algorithm according to the user private key algorithm identification in the current user terminal when the user private key algorithm identification in the current user terminal is the same as the user private key algorithm identification in the transport stream;
and the downloading module is also used for downloading the corresponding user private key algorithm according to the user private key algorithm identification in the transport stream when the user private key algorithm identification in the current user terminal is different from the user private key algorithm identification in the transport stream.
7. The television decryption system of claim 6, wherein the television decryption system further comprises:
the second judging module is used for judging whether the current user terminal has the authorization authority of the program in the transmission stream according to the user authorization information;
the decryption module is further configured to decrypt, when the current user terminal has the authorization right of the program in the transport stream, the authorization control information in the transport stream according to the service key to obtain a corresponding control word;
and the stopping module is used for stopping decryption when the authorization right of the program in the transmission stream does not exist in the current user terminal.
8. The television decryption system of any one of claims 5 to 7, wherein the decryption descrambling module comprises:
the second acquisition unit is used for acquiring corresponding authorization control information according to the authorization control information identifier in the transport stream;
and the second decryption unit is used for decrypting the authorization control information according to the service key so as to obtain a corresponding control word.
CN201611201847.1A 2016-12-22 2016-12-22 Television decryption method and system Active CN106488321B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611201847.1A CN106488321B (en) 2016-12-22 2016-12-22 Television decryption method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611201847.1A CN106488321B (en) 2016-12-22 2016-12-22 Television decryption method and system

Publications (2)

Publication Number Publication Date
CN106488321A CN106488321A (en) 2017-03-08
CN106488321B true CN106488321B (en) 2020-03-17

Family

ID=58285721

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611201847.1A Active CN106488321B (en) 2016-12-22 2016-12-22 Television decryption method and system

Country Status (1)

Country Link
CN (1) CN106488321B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111741268B (en) * 2020-06-30 2022-07-05 中国建设银行股份有限公司 Video transmission method, device, server, equipment and medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101924907A (en) * 2009-06-12 2010-12-22 北京视博数字电视科技有限公司 Method for realizing condition receiving, terminal equipment and front end thereof
CN103607613A (en) * 2013-11-21 2014-02-26 四川九洲电器集团有限责任公司 Digital multimedia terminal CA module system and work method thereof
CN105791954A (en) * 2014-12-23 2016-07-20 深圳Tcl新技术有限公司 Digital television terminal conditional access method and system and terminal
CN105959738A (en) * 2016-06-22 2016-09-21 北京数字太和科技有限责任公司 Bidirectional conditional access system and method

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090183000A1 (en) * 2008-01-16 2009-07-16 Scott Krig Method And System For Dynamically Granting A DRM License Using A URL

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101924907A (en) * 2009-06-12 2010-12-22 北京视博数字电视科技有限公司 Method for realizing condition receiving, terminal equipment and front end thereof
CN103607613A (en) * 2013-11-21 2014-02-26 四川九洲电器集团有限责任公司 Digital multimedia terminal CA module system and work method thereof
CN105791954A (en) * 2014-12-23 2016-07-20 深圳Tcl新技术有限公司 Digital television terminal conditional access method and system and terminal
CN105959738A (en) * 2016-06-22 2016-09-21 北京数字太和科技有限责任公司 Bidirectional conditional access system and method

Also Published As

Publication number Publication date
CN106488321A (en) 2017-03-08

Similar Documents

Publication Publication Date Title
US8589685B2 (en) Apparatus and method for dynamic update of software-based IPTV conditional access system
US7568111B2 (en) System and method for using DRM to control conditional access to DVB content
US8205243B2 (en) Control of enhanced application features via a conditional access system
KR101465263B1 (en) Method for security key distrubution in broadcast system and the system therefor
WO2018064955A1 (en) Method and system for recording and playing back program
US8218772B2 (en) Secure multicast content delivery
EP2724546B1 (en) Receiver software protection
JP2013070247A (en) Digital broadcast transmitter, digital broadcast receiver and digital broadcast system
CN104298896A (en) Method and system for managing and distributing digital rights
KR20110004332A (en) Processing recordable content in a stream
US11308242B2 (en) Method for protecting encrypted control word, hardware security module, main chip and terminal
CN103283176B (en) For transmitting the method with receiving multimedia content
KR20090090332A (en) Method of controlling the access to a scrambled digital content
CN102752635A (en) Downloadable and replaceable condition receiving system
JP6350548B2 (en) Receiving apparatus and receiving method
CN106488321B (en) Television decryption method and system
US20070203843A1 (en) System and method for efficient encryption and decryption of drm rights objects
JP5676946B2 (en) Digital broadcast transmitter and digital broadcast receiver
EP2597883A1 (en) Method, cryptographic system and security module for descrambling content packets of a digital transport stream
JP6440302B2 (en) Receiving apparatus, broadcasting system, receiving method and program
KR101000787B1 (en) Conditional access software system and the method thereof
JP2016063538A (en) Transmitter and receiver
JP6186096B1 (en) Digital broadcast transmitter and digital broadcast receiver
JP6101379B2 (en) Digital broadcast transmitter and digital broadcast receiver
JP6211164B2 (en) Digital broadcast transmitter and digital broadcast receiver

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant