CN110225372A - A kind of real time flow medium encryption and decryption key seamless handover method - Google Patents

A kind of real time flow medium encryption and decryption key seamless handover method Download PDF

Info

Publication number
CN110225372A
CN110225372A CN201910376378.4A CN201910376378A CN110225372A CN 110225372 A CN110225372 A CN 110225372A CN 201910376378 A CN201910376378 A CN 201910376378A CN 110225372 A CN110225372 A CN 110225372A
Authority
CN
China
Prior art keywords
key
mark
data
encryption
data flow
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910376378.4A
Other languages
Chinese (zh)
Inventor
张正强
李斌
唐蕾
房林
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CHENGDU 30KAITIAN COMMUNICATION INDUSTRY Co Ltd
Original Assignee
CHENGDU 30KAITIAN COMMUNICATION INDUSTRY Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CHENGDU 30KAITIAN COMMUNICATION INDUSTRY Co Ltd filed Critical CHENGDU 30KAITIAN COMMUNICATION INDUSTRY Co Ltd
Priority to CN201910376378.4A priority Critical patent/CN110225372A/en
Publication of CN110225372A publication Critical patent/CN110225372A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/238Interfacing the downstream path of the transmission network, e.g. adapting the transmission rate of a video stream to network bandwidth; Processing of multiplex streams
    • H04N21/2389Multiplex stream processing, e.g. multiplex stream encrypting
    • H04N21/23895Multiplex stream processing, e.g. multiplex stream encrypting involving multiplex stream encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/438Interfacing the downstream path of the transmission network originating from a server, e.g. retrieving encoded video stream packets from an IP network
    • H04N21/4385Multiplex stream processing, e.g. multiplex stream decrypting
    • H04N21/43853Multiplex stream processing, e.g. multiplex stream decrypting involving multiplex stream decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/633Control signals issued by server directed to the network components or client
    • H04N21/6332Control signals issued by server directed to the network components or client directed to client
    • H04N21/6334Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
    • H04N21/63345Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key by transmitting keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/643Communication protocols
    • H04N21/6437Real-time Transport Protocol [RTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a kind of real time flow medium encryption and decryption key seamless handover methods, including step S1: media stream encryption key identification is divided into mark A and mark B two parts;S2: when the data key encryption key update cycle arrives, data flow obtains the source key new to signal server application;S3: after obtaining new key, the filling new key mark in mark B;S4: being encrypted using old key, and mark A and mark B are included in data flow;S5: after continuing for some time, data deciphering end receives the data flow of tape identification B, inquires the key that mark B is indicated to key management system;S6: by identifying, the key that B is indicated is locally downloading, and after data flow obtains source replacement data key encryption key, the content that A is identified in data flow is traded in identify the content of B;S7: when data deciphering end receives data flow described in step S6, new key is enabled.The present invention can achieve the purpose that seamless switching when Streaming Media encryption and decryption key switches.

Description

A kind of real time flow medium encryption and decryption key seamless handover method
Technical field
The present invention relates to field of information encryption more particularly to a kind of real time flow medium encryption and decryption key seamless handover methods.
Background technique
Compared with text and voice messaging, video information has bigger information content, and safety monitoring is more with its video source crowd More, requirement of real-time height, 7x24, which work long hours, to be accessed with high-capacity and high-speed and has the characteristic different from ordinary video information, Therefore, the protection of video data is badly in need of introducing information security as the weak link in current video monitoring system security protection Relevant technological means and measure Logistics networks HD video data are in video acquisition, transmission, real time inspection, video recording and playback etc. Safety in the process.A kind of existing security video protocol format, including NALU, security parameter collection, payload and test Information is demonstrate,proved, NALU are not done encipherment protection;Its carrying is marked using the encryption_idc in NAL cell parameters Whether RBSP encrypts;Security parameter collection does not do encipherment protection, includes following data: encryption type: distinguishing audio, video data is Do integrity protection or encipherment protection;Secret key cryptographic algorithm type: SM1 or SM4;Data encryption algorithm: SM1 or SM4;Key Encryption key mark: the corresponding unique key identification code of each VKEK;Subsequent key-encrypting key mark: will make below The key identification code of VKEK;Key ciphertext: below by the key identification code of VKEK to be used;Audio-video payload quilt VEK encipherment protection;Verification information is to carry out HMAC operation, obtained validation value to entire data using VEK.In this regard, also needing One kind reaching the method for seamless switching when Streaming Media encryption and decryption key switches.
Summary of the invention
The purpose of the present invention is to overcome the shortcomings of the existing technology, provides a kind of real time flow medium encryption and decryption key without seaming and cutting Method is changed, high speed, real-time encrypted protection are carried out to all data in audio-video, it is ensured that any delivering path before decryption Middle holding privacy, though can not also go back original image by maliciously intercepting, while can when Streaming Media encryption and decryption key switches, Achieve the purpose that seamless switching.
The purpose of the present invention is achieved through the following technical solutions: a kind of real time flow medium encryption and decryption key is without seaming and cutting Method is changed, comprising steps of
S1: being divided into mark A and mark B two parts for media stream encryption key identification, wherein mark A indicates data currently in use Key-encrypting key mark, mark B indicate the data key encryption key mark that will be replaced with;
S2: when the data key encryption key update cycle arrives, data flow obtains the source key new to signal server application;
S3: after obtaining new key, the filling new key mark in mark B;
S4: being encrypted using old key, and mark A and mark B are included in data flow;
S5: after continuing for some time, data deciphering end receives the data flow of tape identification B, inquires mark B table to key management system The key shown;
S6: by identifying, the key that B is indicated is locally downloading, after data flow obtains source replacement data key encryption key, data The content that A is identified in stream is traded in identify the content of B;
S7: when data deciphering end receives data flow described in step S6, new key is enabled.
Further, the data include audio-video.
Further, it includes web camera that the data flow, which obtains source,.
The beneficial effects of the present invention are: carrying out high speed, real-time encrypted protection to all data in audio-video, it is ensured that Privacy is kept in any delivering path before decryption, even if can not also go back original image, while can be in stream matchmaker by maliciously intercepting When body encryption and decryption key switches, achieve the purpose that seamless switching.
Detailed description of the invention
Fig. 1 is flow diagram of the present invention;
Fig. 2 is original video format chart;
Fig. 3 is security video protocol format figure.
Specific embodiment
Technical solution of the present invention is described in further detail with reference to the accompanying drawing, but protection scope of the present invention is not limited to It is as described below.
As shown in Figure 1-3, a kind of real time flow medium encryption and decryption key seamless handover method, comprising steps of
S1: being divided into mark A and mark B two parts for media stream encryption key identification, wherein mark A indicates video currently in use Key-encrypting key mark, mark B indicate the video key-encrypting key that will be replaced with mark;
S2: when the video key-encrypting key update cycle arrives, the web camera key new to signal server application;
S3: after obtaining new key, the filling new key mark in mark B;
S4: being encrypted using old key, and mark A and mark B are included in video flowing;
S5: after continuing for some time, decryption of video end receives the video flowing of tape identification B, inquires mark B table to key management system The key shown;
S6: by identifying, the key that B is indicated is locally downloading, after web camera replaces video key-encrypting key, video flowing The content of middle mark A is traded in identify the content of B;
S7: when decryption of video end receives video flowing described in step S6, new key is enabled.
A kind of real time flow medium encryption and decryption key seamless handover method proposed by the invention, to all numbers in audio-video According to progress high speed, real-time encrypted protection, it is ensured that privacy is kept in any delivering path before decryption, even if by malice section It takes, can not also go back original image, while can achieve the purpose that seamless switching when Streaming Media encryption and decryption key switches.

Claims (3)

1. a kind of real time flow medium encryption and decryption key seamless handover method, which comprises the following steps:
S1: being divided into mark A and mark B two parts for media stream encryption key identification, wherein mark A indicates data currently in use Key-encrypting key mark, mark B indicate the data key encryption key mark that will be replaced with;
S2: when the data key encryption key update cycle arrives, data flow obtains the source key new to signal server application;
S3: after obtaining new key, the filling new key mark in mark B;
S4: being encrypted using old key, and mark A and mark B are included in data flow;
S5: after continuing for some time, data deciphering end receives the data flow of tape identification B, inquires mark B table to key management system The key shown;
S6: by identifying, the key that B is indicated is locally downloading, after data flow obtains source replacement data key encryption key, data The content that A is identified in stream is traded in identify the content of B;
S7: when data deciphering end receives data flow described in step S6, new key is enabled.
2. a kind of real time flow medium encryption and decryption key seamless handover method according to claim 1, which is characterized in that described Data include audio-video.
3. a kind of real time flow medium encryption and decryption key seamless handover method according to claim 1, which is characterized in that described It includes web camera that data flow, which obtains source,.
CN201910376378.4A 2019-05-07 2019-05-07 A kind of real time flow medium encryption and decryption key seamless handover method Pending CN110225372A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910376378.4A CN110225372A (en) 2019-05-07 2019-05-07 A kind of real time flow medium encryption and decryption key seamless handover method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910376378.4A CN110225372A (en) 2019-05-07 2019-05-07 A kind of real time flow medium encryption and decryption key seamless handover method

Publications (1)

Publication Number Publication Date
CN110225372A true CN110225372A (en) 2019-09-10

Family

ID=67820601

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910376378.4A Pending CN110225372A (en) 2019-05-07 2019-05-07 A kind of real time flow medium encryption and decryption key seamless handover method

Country Status (1)

Country Link
CN (1) CN110225372A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110611830A (en) * 2019-09-29 2019-12-24 腾讯科技(深圳)有限公司 Video processing method, device, equipment and medium
CN113905258A (en) * 2021-09-08 2022-01-07 鹏城实验室 Video playing method, network device and storage medium

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101256615A (en) * 2007-02-27 2008-09-03 中国科学院研究生院 Radio frequency recognizing privacy authentication method for dynamic cryptographic key update based on rarefaction tree
CN101483865A (en) * 2009-01-19 2009-07-15 中兴通讯股份有限公司 Cipher key replacing method, system and device
CN102710512A (en) * 2012-05-23 2012-10-03 成都三零凯天通信实业有限公司 Cross-platform stream generator and control method
CN103748825A (en) * 2011-06-21 2014-04-23 尼尔森(美国)有限公司 Methods and apparatus to measure exposure to streaming media
CN103856786A (en) * 2012-12-04 2014-06-11 中山大学深圳研究院 Streaming media video encryption method and device based on H.264
CN108123800A (en) * 2017-12-19 2018-06-05 腾讯科技(深圳)有限公司 Key management method, device, computer equipment and storage medium
CN109429112A (en) * 2017-08-24 2019-03-05 中兴通讯股份有限公司 Media slicing sending method, key switching method and related device and medium
CN109565444A (en) * 2016-08-11 2019-04-02 英特尔公司 Safe public cloud
US10250508B2 (en) * 2014-01-23 2019-04-02 Zte Corporation Load balancing method and system

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101256615A (en) * 2007-02-27 2008-09-03 中国科学院研究生院 Radio frequency recognizing privacy authentication method for dynamic cryptographic key update based on rarefaction tree
CN101483865A (en) * 2009-01-19 2009-07-15 中兴通讯股份有限公司 Cipher key replacing method, system and device
CN103748825A (en) * 2011-06-21 2014-04-23 尼尔森(美国)有限公司 Methods and apparatus to measure exposure to streaming media
CN102710512A (en) * 2012-05-23 2012-10-03 成都三零凯天通信实业有限公司 Cross-platform stream generator and control method
CN103856786A (en) * 2012-12-04 2014-06-11 中山大学深圳研究院 Streaming media video encryption method and device based on H.264
US10250508B2 (en) * 2014-01-23 2019-04-02 Zte Corporation Load balancing method and system
CN109565444A (en) * 2016-08-11 2019-04-02 英特尔公司 Safe public cloud
CN109429112A (en) * 2017-08-24 2019-03-05 中兴通讯股份有限公司 Media slicing sending method, key switching method and related device and medium
CN108123800A (en) * 2017-12-19 2018-06-05 腾讯科技(深圳)有限公司 Key management method, device, computer equipment and storage medium

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110611830A (en) * 2019-09-29 2019-12-24 腾讯科技(深圳)有限公司 Video processing method, device, equipment and medium
CN113905258A (en) * 2021-09-08 2022-01-07 鹏城实验室 Video playing method, network device and storage medium
CN113905258B (en) * 2021-09-08 2023-11-03 鹏城实验室 Video playing method, network device and storage medium

Similar Documents

Publication Publication Date Title
CN100449525C (en) Motion picture file encryption method and digital rights management method using the same
KR100426460B1 (en) Encrypted communication system that limits the damage caused when a secret key has been leaked
CN109218825B (en) Video encryption system
CN1859084B (en) Enciphering and deciphering method for request broadcast stream media data of mocro soft media format
CN100435135C (en) Method of recording and/odr reproducing data under control of domain management system
US7447313B2 (en) Pointers to encrypted data in RTP header
RU2008105041A (en) PROTECTION OF CONTENT ELEMENTARY FLOWS
EP2267936A1 (en) Content transmission device and content reception device
CN109151508B (en) Video encryption method
KR101514840B1 (en) Method for Security Key Distribution in Broadcast Service System and System Therefor
KR20060064469A (en) Apparatus and method for protecting multicast streamed motion picture files
CN110225372A (en) A kind of real time flow medium encryption and decryption key seamless handover method
US20090316911A1 (en) Apparatus and method for transmitting a plurality of key data
CN109561323A (en) MP4 file encryption, decryption method and device
CN108768920B (en) Recorded broadcast data processing method and device
JP2018198438A (en) Transmission device, reception device, and limited reception system
KR20080075850A (en) Method for encrypting and decrypting a conditional access content
CN102196304A (en) Method, system and equipment for generating secrete key in video monitoring
KR101420874B1 (en) Method for storing broadcasting content in open mobile alliance mobile broadcast
CN116680706B (en) Data operation and maintenance management platform based on data encryption
CN105471831B (en) The method and apparatus that a kind of pair of Realtime Transport Protocol data packet is encrypted
CN101331768B (en) Method for transmitting conditional access content
CN111064575B (en) Method for analyzing network packet capturing in domestic cipher encrypted signal system
CN111510916B (en) WAMS data encryption and decryption method, device and system
CN102547201A (en) Information processing device and method, information recording medium manufacturing device and method, and computer program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190910

RJ01 Rejection of invention patent application after publication