CN110225372A - A kind of real time flow medium encryption and decryption key seamless handover method - Google Patents
A kind of real time flow medium encryption and decryption key seamless handover method Download PDFInfo
- Publication number
- CN110225372A CN110225372A CN201910376378.4A CN201910376378A CN110225372A CN 110225372 A CN110225372 A CN 110225372A CN 201910376378 A CN201910376378 A CN 201910376378A CN 110225372 A CN110225372 A CN 110225372A
- Authority
- CN
- China
- Prior art keywords
- key
- mark
- data
- encryption
- data flow
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 14
- 238000012544 monitoring process Methods 0.000 description 2
- 238000004826 seaming Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/23—Processing of content or additional data; Elementary server operations; Server middleware
- H04N21/238—Interfacing the downstream path of the transmission network, e.g. adapting the transmission rate of a video stream to network bandwidth; Processing of multiplex streams
- H04N21/2389—Multiplex stream processing, e.g. multiplex stream encrypting
- H04N21/23895—Multiplex stream processing, e.g. multiplex stream encrypting involving multiplex stream encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/438—Interfacing the downstream path of the transmission network originating from a server, e.g. retrieving encoded video stream packets from an IP network
- H04N21/4385—Multiplex stream processing, e.g. multiplex stream decrypting
- H04N21/43853—Multiplex stream processing, e.g. multiplex stream decrypting involving multiplex stream decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/63—Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
- H04N21/633—Control signals issued by server directed to the network components or client
- H04N21/6332—Control signals issued by server directed to the network components or client directed to client
- H04N21/6334—Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
- H04N21/63345—Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key by transmitting keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/63—Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
- H04N21/643—Communication protocols
- H04N21/6437—Real-time Transport Protocol [RTP]
Landscapes
- Engineering & Computer Science (AREA)
- Multimedia (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a kind of real time flow medium encryption and decryption key seamless handover methods, including step S1: media stream encryption key identification is divided into mark A and mark B two parts;S2: when the data key encryption key update cycle arrives, data flow obtains the source key new to signal server application;S3: after obtaining new key, the filling new key mark in mark B;S4: being encrypted using old key, and mark A and mark B are included in data flow;S5: after continuing for some time, data deciphering end receives the data flow of tape identification B, inquires the key that mark B is indicated to key management system;S6: by identifying, the key that B is indicated is locally downloading, and after data flow obtains source replacement data key encryption key, the content that A is identified in data flow is traded in identify the content of B;S7: when data deciphering end receives data flow described in step S6, new key is enabled.The present invention can achieve the purpose that seamless switching when Streaming Media encryption and decryption key switches.
Description
Technical field
The present invention relates to field of information encryption more particularly to a kind of real time flow medium encryption and decryption key seamless handover methods.
Background technique
Compared with text and voice messaging, video information has bigger information content, and safety monitoring is more with its video source crowd
More, requirement of real-time height, 7x24, which work long hours, to be accessed with high-capacity and high-speed and has the characteristic different from ordinary video information,
Therefore, the protection of video data is badly in need of introducing information security as the weak link in current video monitoring system security protection
Relevant technological means and measure Logistics networks HD video data are in video acquisition, transmission, real time inspection, video recording and playback etc.
Safety in the process.A kind of existing security video protocol format, including NALU, security parameter collection, payload and test
Information is demonstrate,proved, NALU are not done encipherment protection;Its carrying is marked using the encryption_idc in NAL cell parameters
Whether RBSP encrypts;Security parameter collection does not do encipherment protection, includes following data: encryption type: distinguishing audio, video data is
Do integrity protection or encipherment protection;Secret key cryptographic algorithm type: SM1 or SM4;Data encryption algorithm: SM1 or SM4;Key
Encryption key mark: the corresponding unique key identification code of each VKEK;Subsequent key-encrypting key mark: will make below
The key identification code of VKEK;Key ciphertext: below by the key identification code of VKEK to be used;Audio-video payload quilt
VEK encipherment protection;Verification information is to carry out HMAC operation, obtained validation value to entire data using VEK.In this regard, also needing
One kind reaching the method for seamless switching when Streaming Media encryption and decryption key switches.
Summary of the invention
The purpose of the present invention is to overcome the shortcomings of the existing technology, provides a kind of real time flow medium encryption and decryption key without seaming and cutting
Method is changed, high speed, real-time encrypted protection are carried out to all data in audio-video, it is ensured that any delivering path before decryption
Middle holding privacy, though can not also go back original image by maliciously intercepting, while can when Streaming Media encryption and decryption key switches,
Achieve the purpose that seamless switching.
The purpose of the present invention is achieved through the following technical solutions: a kind of real time flow medium encryption and decryption key is without seaming and cutting
Method is changed, comprising steps of
S1: being divided into mark A and mark B two parts for media stream encryption key identification, wherein mark A indicates data currently in use
Key-encrypting key mark, mark B indicate the data key encryption key mark that will be replaced with;
S2: when the data key encryption key update cycle arrives, data flow obtains the source key new to signal server application;
S3: after obtaining new key, the filling new key mark in mark B;
S4: being encrypted using old key, and mark A and mark B are included in data flow;
S5: after continuing for some time, data deciphering end receives the data flow of tape identification B, inquires mark B table to key management system
The key shown;
S6: by identifying, the key that B is indicated is locally downloading, after data flow obtains source replacement data key encryption key, data
The content that A is identified in stream is traded in identify the content of B;
S7: when data deciphering end receives data flow described in step S6, new key is enabled.
Further, the data include audio-video.
Further, it includes web camera that the data flow, which obtains source,.
The beneficial effects of the present invention are: carrying out high speed, real-time encrypted protection to all data in audio-video, it is ensured that
Privacy is kept in any delivering path before decryption, even if can not also go back original image, while can be in stream matchmaker by maliciously intercepting
When body encryption and decryption key switches, achieve the purpose that seamless switching.
Detailed description of the invention
Fig. 1 is flow diagram of the present invention;
Fig. 2 is original video format chart;
Fig. 3 is security video protocol format figure.
Specific embodiment
Technical solution of the present invention is described in further detail with reference to the accompanying drawing, but protection scope of the present invention is not limited to
It is as described below.
As shown in Figure 1-3, a kind of real time flow medium encryption and decryption key seamless handover method, comprising steps of
S1: being divided into mark A and mark B two parts for media stream encryption key identification, wherein mark A indicates video currently in use
Key-encrypting key mark, mark B indicate the video key-encrypting key that will be replaced with mark;
S2: when the video key-encrypting key update cycle arrives, the web camera key new to signal server application;
S3: after obtaining new key, the filling new key mark in mark B;
S4: being encrypted using old key, and mark A and mark B are included in video flowing;
S5: after continuing for some time, decryption of video end receives the video flowing of tape identification B, inquires mark B table to key management system
The key shown;
S6: by identifying, the key that B is indicated is locally downloading, after web camera replaces video key-encrypting key, video flowing
The content of middle mark A is traded in identify the content of B;
S7: when decryption of video end receives video flowing described in step S6, new key is enabled.
A kind of real time flow medium encryption and decryption key seamless handover method proposed by the invention, to all numbers in audio-video
According to progress high speed, real-time encrypted protection, it is ensured that privacy is kept in any delivering path before decryption, even if by malice section
It takes, can not also go back original image, while can achieve the purpose that seamless switching when Streaming Media encryption and decryption key switches.
Claims (3)
1. a kind of real time flow medium encryption and decryption key seamless handover method, which comprises the following steps:
S1: being divided into mark A and mark B two parts for media stream encryption key identification, wherein mark A indicates data currently in use
Key-encrypting key mark, mark B indicate the data key encryption key mark that will be replaced with;
S2: when the data key encryption key update cycle arrives, data flow obtains the source key new to signal server application;
S3: after obtaining new key, the filling new key mark in mark B;
S4: being encrypted using old key, and mark A and mark B are included in data flow;
S5: after continuing for some time, data deciphering end receives the data flow of tape identification B, inquires mark B table to key management system
The key shown;
S6: by identifying, the key that B is indicated is locally downloading, after data flow obtains source replacement data key encryption key, data
The content that A is identified in stream is traded in identify the content of B;
S7: when data deciphering end receives data flow described in step S6, new key is enabled.
2. a kind of real time flow medium encryption and decryption key seamless handover method according to claim 1, which is characterized in that described
Data include audio-video.
3. a kind of real time flow medium encryption and decryption key seamless handover method according to claim 1, which is characterized in that described
It includes web camera that data flow, which obtains source,.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910376378.4A CN110225372A (en) | 2019-05-07 | 2019-05-07 | A kind of real time flow medium encryption and decryption key seamless handover method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910376378.4A CN110225372A (en) | 2019-05-07 | 2019-05-07 | A kind of real time flow medium encryption and decryption key seamless handover method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110225372A true CN110225372A (en) | 2019-09-10 |
Family
ID=67820601
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910376378.4A Pending CN110225372A (en) | 2019-05-07 | 2019-05-07 | A kind of real time flow medium encryption and decryption key seamless handover method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110225372A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110611830A (en) * | 2019-09-29 | 2019-12-24 | 腾讯科技(深圳)有限公司 | Video processing method, device, equipment and medium |
CN113905258A (en) * | 2021-09-08 | 2022-01-07 | 鹏城实验室 | Video playing method, network device and storage medium |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101256615A (en) * | 2007-02-27 | 2008-09-03 | 中国科学院研究生院 | Radio frequency recognizing privacy authentication method for dynamic cryptographic key update based on rarefaction tree |
CN101483865A (en) * | 2009-01-19 | 2009-07-15 | 中兴通讯股份有限公司 | Cipher key replacing method, system and device |
CN102710512A (en) * | 2012-05-23 | 2012-10-03 | 成都三零凯天通信实业有限公司 | Cross-platform stream generator and control method |
CN103748825A (en) * | 2011-06-21 | 2014-04-23 | 尼尔森(美国)有限公司 | Methods and apparatus to measure exposure to streaming media |
CN103856786A (en) * | 2012-12-04 | 2014-06-11 | 中山大学深圳研究院 | Streaming media video encryption method and device based on H.264 |
CN108123800A (en) * | 2017-12-19 | 2018-06-05 | 腾讯科技(深圳)有限公司 | Key management method, device, computer equipment and storage medium |
CN109429112A (en) * | 2017-08-24 | 2019-03-05 | 中兴通讯股份有限公司 | Media slicing sending method, key switching method and related device and medium |
CN109565444A (en) * | 2016-08-11 | 2019-04-02 | 英特尔公司 | Safe public cloud |
US10250508B2 (en) * | 2014-01-23 | 2019-04-02 | Zte Corporation | Load balancing method and system |
-
2019
- 2019-05-07 CN CN201910376378.4A patent/CN110225372A/en active Pending
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101256615A (en) * | 2007-02-27 | 2008-09-03 | 中国科学院研究生院 | Radio frequency recognizing privacy authentication method for dynamic cryptographic key update based on rarefaction tree |
CN101483865A (en) * | 2009-01-19 | 2009-07-15 | 中兴通讯股份有限公司 | Cipher key replacing method, system and device |
CN103748825A (en) * | 2011-06-21 | 2014-04-23 | 尼尔森(美国)有限公司 | Methods and apparatus to measure exposure to streaming media |
CN102710512A (en) * | 2012-05-23 | 2012-10-03 | 成都三零凯天通信实业有限公司 | Cross-platform stream generator and control method |
CN103856786A (en) * | 2012-12-04 | 2014-06-11 | 中山大学深圳研究院 | Streaming media video encryption method and device based on H.264 |
US10250508B2 (en) * | 2014-01-23 | 2019-04-02 | Zte Corporation | Load balancing method and system |
CN109565444A (en) * | 2016-08-11 | 2019-04-02 | 英特尔公司 | Safe public cloud |
CN109429112A (en) * | 2017-08-24 | 2019-03-05 | 中兴通讯股份有限公司 | Media slicing sending method, key switching method and related device and medium |
CN108123800A (en) * | 2017-12-19 | 2018-06-05 | 腾讯科技(深圳)有限公司 | Key management method, device, computer equipment and storage medium |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110611830A (en) * | 2019-09-29 | 2019-12-24 | 腾讯科技(深圳)有限公司 | Video processing method, device, equipment and medium |
CN113905258A (en) * | 2021-09-08 | 2022-01-07 | 鹏城实验室 | Video playing method, network device and storage medium |
CN113905258B (en) * | 2021-09-08 | 2023-11-03 | 鹏城实验室 | Video playing method, network device and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN100449525C (en) | Motion picture file encryption method and digital rights management method using the same | |
KR100426460B1 (en) | Encrypted communication system that limits the damage caused when a secret key has been leaked | |
CN109218825B (en) | Video encryption system | |
CN1859084B (en) | Enciphering and deciphering method for request broadcast stream media data of mocro soft media format | |
CN100435135C (en) | Method of recording and/odr reproducing data under control of domain management system | |
US7447313B2 (en) | Pointers to encrypted data in RTP header | |
RU2008105041A (en) | PROTECTION OF CONTENT ELEMENTARY FLOWS | |
EP2267936A1 (en) | Content transmission device and content reception device | |
CN109151508B (en) | Video encryption method | |
KR101514840B1 (en) | Method for Security Key Distribution in Broadcast Service System and System Therefor | |
KR20060064469A (en) | Apparatus and method for protecting multicast streamed motion picture files | |
CN110225372A (en) | A kind of real time flow medium encryption and decryption key seamless handover method | |
US20090316911A1 (en) | Apparatus and method for transmitting a plurality of key data | |
CN109561323A (en) | MP4 file encryption, decryption method and device | |
CN108768920B (en) | Recorded broadcast data processing method and device | |
JP2018198438A (en) | Transmission device, reception device, and limited reception system | |
KR20080075850A (en) | Method for encrypting and decrypting a conditional access content | |
CN102196304A (en) | Method, system and equipment for generating secrete key in video monitoring | |
KR101420874B1 (en) | Method for storing broadcasting content in open mobile alliance mobile broadcast | |
CN116680706B (en) | Data operation and maintenance management platform based on data encryption | |
CN105471831B (en) | The method and apparatus that a kind of pair of Realtime Transport Protocol data packet is encrypted | |
CN101331768B (en) | Method for transmitting conditional access content | |
CN111064575B (en) | Method for analyzing network packet capturing in domestic cipher encrypted signal system | |
CN111510916B (en) | WAMS data encryption and decryption method, device and system | |
CN102547201A (en) | Information processing device and method, information recording medium manufacturing device and method, and computer program |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190910 |
|
RJ01 | Rejection of invention patent application after publication |