CN111866554A - Multimedia safe playing method and system - Google Patents

Multimedia safe playing method and system Download PDF

Info

Publication number
CN111866554A
CN111866554A CN202010656301.5A CN202010656301A CN111866554A CN 111866554 A CN111866554 A CN 111866554A CN 202010656301 A CN202010656301 A CN 202010656301A CN 111866554 A CN111866554 A CN 111866554A
Authority
CN
China
Prior art keywords
multimedia
data
value
multimedia data
cloud platform
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010656301.5A
Other languages
Chinese (zh)
Other versions
CN111866554B (en
Inventor
李鑫
魏巍
李顶占
刘涛
陶留丹
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhengzhou Xinda Jiean Information Technology Co Ltd
Original Assignee
Zhengzhou Xinda Jiean Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhengzhou Xinda Jiean Information Technology Co Ltd filed Critical Zhengzhou Xinda Jiean Information Technology Co Ltd
Priority to CN202010656301.5A priority Critical patent/CN111866554B/en
Publication of CN111866554A publication Critical patent/CN111866554A/en
Application granted granted Critical
Publication of CN111866554B publication Critical patent/CN111866554B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/26613Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing keys in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/254Management at additional data server, e.g. shopping server, rights management server
    • H04N21/2541Rights Management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/258Client or end-user data management, e.g. managing client capabilities, user preferences or demographics, processing of multiple end-users preferences to derive collaborative data
    • H04N21/25866Management of end-user data
    • H04N21/25875Management of end-user data involving end-user authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/414Specialised client platforms, e.g. receiver in car or embedded in a mobile appliance
    • H04N21/41415Specialised client platforms, e.g. receiver in car or embedded in a mobile appliance involving a public display, viewable by several users in a public space outside their home, e.g. movie theatre, information kiosk
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/414Specialised client platforms, e.g. receiver in car or embedded in a mobile appliance
    • H04N21/41422Specialised client platforms, e.g. receiver in car or embedded in a mobile appliance located in transportation means, e.g. personal vehicle
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/436Interfacing a local distribution network, e.g. communicating with another STB or one or more peripheral devices inside the home
    • H04N21/4367Establishing a secure communication between the client and a peripheral device or smart card
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4627Rights management associated to the content

Landscapes

  • Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Graphics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a multimedia safe playing method and a multimedia safe playing system.A full abstract value needs to be calculated for all data of multimedia data when the multimedia data is received by a multimedia terminal for the first time, a second full abstract value obtained by calculation is compared with a first full abstract value received, if the second full abstract value is consistent with the first full abstract value, the multimedia data is not falsified, otherwise, the multimedia data is falsified; after the multimedia data is received for the first time and before the multimedia data is played for each time, the hash verification is needed to be carried out on the multimedia data.

Description

Multimedia safe playing method and system
Technical Field
The invention relates to the technical field of multimedia playing management, in particular to a multimedia safe playing method and system.
Background
At present, advertisement media systems are more and more widely used, and advertisement playing devices (such as LED screens) are more and more used in places such as buses, buildings, elevators, outdoors and the like, and the advertisement playing devices play different information every day. However, with the rapid expansion of the market, the influence of the security threat caused by the market is more and more extensive, once the played media information is maliciously interfered, tampered or even replaced, the played media information will have bad influence on the media of public audiences, and even the social stability will be influenced. Meanwhile, whether the content played by the advertisement playing equipment is legal and ordered or not is judged, and whether the content can be falsified by external illegal personnel to play illegal contents or not is judged; whether a person who is in charge of the periodical utilizes the work to play video files which violate the interests of the company and the national laws or not because the person is dissatisfied with the society and the company. These possible risks are also unbearable to the advertising media companies.
Therefore, the security of the media file is very important, and the development of the advertising media company is the first major issue, and it is necessary to develop a strict playing system to prevent the occurrence of malicious interference, tampering, replacement, and the like.
Disclosure of Invention
In view of the foregoing, there is a need to provide a method and a system for playing multimedia data safely, which can effectively prevent the multimedia data from being illegally blocked, tampered and forged in the process of issuing the multimedia data, and ensure the safety of the whole process of issuing the multimedia data.
The first aspect of the present invention provides a method for safely playing multimedia, where the method includes:
the cloud platform calculates a full abstract value of the received multimedia data to obtain a first full abstract value, extracts small segments of data from the multimedia data according to a data extraction rule for calculating a simple abstract value agreed with a multimedia terminal, combines the small segments of data to form a first data set, and calculates a simple abstract of the first data set to obtain a first simple abstract value;
the cloud platform packs the multimedia data, the first full abstract value and the first simple abstract value to form a network data packet, signs the network data packet through a private key of the cloud platform to form a network data packet signature file, and then transmits the network data packet signature file to the multimedia terminal;
after the multimedia terminal adopts the public key of the cloud platform to check the signature of the network data packet signature file, performing full abstract value calculation on the received multimedia data to obtain a second full abstract value;
Comparing whether the second full abstract value is consistent with the received first full abstract value or not, and if so, performing local association storage on the multimedia data and the first simple abstract value;
before the multimedia terminal plays the multimedia data each time, extracting small segments of data from the multimedia data according to the data extraction rule, combining to form a second data collection set, and then performing summary calculation on the second data collection set to obtain a second summary value;
and comparing the second summary value with the associated first summary value, if the second summary value is consistent with the associated first summary value, playing the multimedia data, and if the second summary value is inconsistent with the associated first summary value, prohibiting the multimedia data from being played.
Based on the above, the current multimedia data a played by the multimedia terminal is calculatediIs left for a time tiWait for time tiWhen the preset threshold value T is reached, the next multimedia data a to be played is searched according to the play listi+1
Based on the above, the preset threshold value T is greater than the next multimedia data a to be playedi+1The length of time for which the summary value is calculated.
Based on the above, the data extraction rule is characterized by: presetting byte size range [ k ] of m intervals1,k2][k2,k3][k3,k4]…[km,km+1]Each interval range is respectively corresponding to a segmentation rule; and when the byte size of the multimedia data falls into any interval range, segmenting according to the corresponding segmentation rule, and combining the data extracted by each segment to form a data collection set.
Based on the above, the segmentation rule is: presetting the size of multimedia data a as w bytes, segmenting the multimedia data a according to fixed bytes R, respectively extracting the p-th byte to the q-th byte in each segment, and combining the extracted data of each segment to form a data aggregate.
Based on the above, when the multimedia terminal stores the multimedia data and the first summary value in a local association manner, after a preset key is adopted to encrypt the first summary value to obtain a first summary value ciphertext, the first summary value ciphertext and the multimedia data are stored in a local association manner; before comparing the second summary value with the associated first summary value, searching the associated first summary value ciphertext according to the multimedia data, decrypting the first summary value ciphertext by using a preset key to obtain the first summary value, and then comparing the second summary value with the decrypted first summary value.
Based on the above, the cloud platform and the multimedia terminal perform key agreement to obtain a shared key; before the cloud platform signs the network data packet, encrypting the network data packet through a shared key to obtain a network data packet ciphertext, and then signing the network data packet ciphertext by using a private key of the cloud platform to form a network data packet ciphertext signature file; and after the multimedia terminal verifies the network data packet ciphertext signature file, decrypting the network data packet ciphertext by using the shared key to obtain the multimedia data, and then calculating the full digest value of the multimedia data.
The second aspect of the present invention provides a multimedia secure playing system, which includes: the cloud platform and the multimedia terminal are in network communication connection, and the multimedia safe playing method is executed.
Based on the above, the cloud platform is provided with a first security module, and the first security module is used for calculating a full digest value and a simple digest value of the multimedia data and performing signature operation on the first full digest value and the first simple digest value along with the multimedia data; the multimedia terminal is provided with a second security module and a storage module, wherein the second security module is used for checking the signature of the received network data packet signature file and verifying the full abstract value and the simple abstract value of the multimedia data after the signature passes; the storage module is used for storing the multimedia data and the corresponding first summary data in an associated mode.
The multimedia safe playing method and the multimedia safe playing system can effectively prevent the multimedia data from being illegally blocked, tampered and forged in the releasing process, and realize the credible playing of the multimedia data.
Additional aspects and advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.
Drawings
The above and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
FIG. 1 is a flow chart illustrating a method for secure multimedia playback according to the present invention;
fig. 2 shows a block diagram of the multimedia secure playing system of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It will be understood that when an element is referred to as being "connected" to another element, it can be directly connected to the other element or intervening elements may also be present.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. The terminology used in the description of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention.
Example 1
As shown in fig. 1, the present embodiment provides a multimedia secure playing method, which includes:
step 1, appointing a data extraction rule for the multimedia data to be used for calculating a simple summary value by a cloud platform and a multimedia terminal;
step 2, the cloud platform receives the uploaded multimedia data;
step 3, the cloud platform calculates the full abstract value of the multimedia data to obtain a first full abstract value, simultaneously extracts each small segment of data from the multimedia data according to the data extraction rule, combines the small segments of data to form a data union, and then calculates the simple abstract value of the data union to obtain a first simple abstract value;
step 4, the cloud platform packs the multimedia data, the first full digest value and the first simple digest value to form a network data packet, and signs the network data packet through a private key of the cloud platform to form a network data packet signature file;
step 5, the cloud platform transmits the network data packet signature file to the multimedia terminal;
step 6, the multimedia terminal adopts the public key of the cloud platform to check the signature of the network data packet signature file;
step 7, after the signature is checked, the multimedia terminal calculates a full abstract value of the received multimedia data to obtain a second full abstract value, then compares whether the second full abstract value is consistent with the received first full abstract value, and if so, performs local association storage on the multimedia data and the first simple abstract value;
And 8, before the multimedia terminal plays the multimedia data each time, extracting each small segment of data from the multimedia data according to a data extraction rule, combining the small segments of data to form a data set, then performing summary calculation on the data set to obtain a second summary value, then comparing the second summary value with the associated first summary value, if the second summary value is consistent with the associated first summary value, playing the data, and if the second summary value is inconsistent with the associated first summary value, prohibiting playing the data.
It can be understood that the multimedia terminal may receive a plurality of multimedia data issued by the cloud platform, and when receiving the multimedia data, the multimedia terminal may also receive a play control file formulated by the cloud platform for the multimedia data, and the multimedia terminal plays the corresponding multimedia data according to the play control file.
Further, before step 8, the method further comprises: calculating the current multimedia data a played by the multimedia terminaliIs left for a time tiWait for time tiWhen the preset threshold value T is reached, the next multimedia data a is searched according to the play listi+1(ii) a Extracting multimedia data a according to data extraction rulei+1Extracting each small segment of data, combining to form a data collection, and performing summary calculation on the data collection to obtain a second summary value B i+1Then the second simplified digest value B is addedi+1And a pre-stored first summary value bi+1Comparing, if the comparison is consistent, waiting for the multimedia data aiAfter the playing is finished, the multimedia data a can be playedi+1If not, the simple summary value comparison is carried out on the subsequent multimedia data until the comparison is consistent, and the corresponding multimedia data can be played.
Further, the preset threshold T is at least larger than the next multimedia data ai+1The length of time for which the summary value is calculated. Preferably, the multimedia terminal may initiate verification of the digest value of the next multimedia data when 1 minute remains for playing the previous multimedia data. But not limited toHere, the process is repeated.
It can be understood that, when the playing of the previous multimedia data is not finished, the integrity verification is performed on the next multimedia data to be played in advance, and the time length of the integrity verification is limited to be less than the remaining playing time of the previous multimedia data, so that the influence of the integrity verification process on the playing of the multimedia terminal can be effectively avoided, and the multimedia terminal can be further ensured to continuously play a plurality of multimedia data without pause.
Further, the data extraction rule is characterized in that:
presetting byte size range [ k ] of m intervals 1,k2][k2,k3][k3,k4]…[km,km+1]Each interval range is respectively corresponding to a segmentation rule; and when the byte size of the multimedia data falls into any interval range, segmenting according to the corresponding segmentation rule, and combining the data extracted by each segment to form a data collection set.
Preferably, the segmentation rule is:
presetting the size of multimedia data a as w bytes, segmenting the multimedia data a according to fixed bytes R, respectively extracting the p-th byte to the q-th byte in each segment, and combining the extracted data of each segment to form a data aggregate.
It can be understood that if w is not an integer multiple of R, the last segment of the segmented multimedia data a is less than R bytes, at this time, the portion of the less R bytes needs to be complemented by 0, when the last segment of data is extracted, the p-th byte to the q-th byte are still normally extracted, and the extracted data of each segment are combined to form a data set.
It is understood that the fixed byte R is used for any multimedia data aiOn the basis of segmentation, each interval range in m intervals corresponds to a matched Ri、pi、qi. If the multimedia data aiThe larger the matching fixed byte R can be increasedi,pi、qiRespectively counting the initial byte bits in each segment.
Further, after the step 7, the method further includes:
the multimedia terminal encrypts the first brief summary value by adopting a preset key to obtain a first brief summary value ciphertext;
the multimedia terminal performs local associated storage on the first summary digest value ciphertext and the multimedia data;
before the multimedia terminal plays the multimedia data each time, performing summary value calculation on the multimedia data to obtain a second summary value;
and searching a first brief abstract value ciphertext related to the multimedia data according to the multimedia data, decrypting the first brief abstract value ciphertext by adopting a preset key to obtain a first brief abstract value, comparing a second brief abstract value with the first brief abstract value, and if the first brief abstract value and the second brief abstract value are consistent, playing the multimedia data, or else, prohibiting playing the multimedia data.
It can be understood that, when the multimedia terminal of the present invention receives the multimedia data and the first digest value, the first digest value needs to be encrypted first and stored in a ciphertext manner. Even if others tamper with the multimedia data in the middle, the first digest value associated therewith cannot be tampered without the key. The invention stores the multimedia data in plain text and stores the first simplified summary value in cipher text, thus effectively preventing the possibility of tampering of the multimedia data and not influencing the normal playing of the multimedia terminal.
Specifically, the invention can adopt a built-in secret key of the security chip and adopt a state secret SM1 algorithm to encrypt the first simple digest value to form a first simple digest value ciphertext and store the first simple digest value ciphertext. When the first simplified digest value is used, the stored first simplified digest value ciphertext is decrypted by using the computing capability of the security chip, the decrypted result (the plaintext of the first simplified digest value) only exists in the memory, and the decrypted result (the plaintext of the first simplified digest value) can be cleared after the comparison of the simplified digest values is completed, so that the situation that the decrypted result exists in the form of the plaintext for a long time is avoided. Because the secret key and the SM1 cryptographic algorithm are both in the security chip, and the SM1 cryptographic algorithm is not public, the complexity of algorithm cracking is increased, and the secure storage of the first summary data is realized.
It can be understood that there may be a plurality of multimedia terminals, the plurality of multimedia terminals will receive the same multimedia data issued by the cloud platform, each multimedia terminal is provided with a corresponding security chip, and because the built-in keys of different security chips are different, and then different security chips encrypt the same first simple digest value to obtain different first simple digest value ciphertexts, only the security chip of the multimedia terminal itself can decrypt the locally stored first simple digest value ciphertexts, but cannot decrypt the locally stored first simple digest value ciphertexts of other multimedia terminals, thereby further improving the security and reliability of the first simple digest value storage.
Further, before the step 4, the method further includes:
and issuing a digital certificate to the cloud platform, and presetting a public key of the cloud platform digital certificate in the multimedia terminal.
Further, after the step 3, the method further includes:
the cloud platform and the multimedia terminal perform key agreement to obtain a shared key;
the cloud platform packs the multimedia data, the first full digest value and the first simple digest value to form a network data packet, encrypts the network data packet through a shared key to obtain a network data packet ciphertext, and signs the network data packet ciphertext by adopting a private key of the cloud platform to form a network data packet ciphertext signature file;
transmitting the network data packet ciphertext signature file to the multimedia terminal by the cloud platform;
the multimedia terminal adopts the public key of the cloud platform to check the network data packet ciphertext signature file;
and after the signature to be checked passes, the multimedia terminal decrypts the network data packet ciphertext by adopting the shared key to obtain the multimedia data, the first full digest value and the first simple digest value.
According to the invention, the multimedia data is transmitted between the cloud platform and the multimedia terminal in a ciphertext mode, so that the security and confidentiality of multimedia data transmission can be improved, and the situation that the multimedia data is stolen by a third party is effectively avoided.
Example 2
As shown in fig. 2, the present embodiment provides a multimedia secure playing system, which includes: the cloud platform and the multimedia terminal are in network communication connection; the cloud platform and the multimedia terminal agree on a data extraction rule for the multimedia data to be used for calculating the simple summary value;
the cloud platform is used for receiving the uploaded multimedia data, performing full abstract value calculation on the multimedia data to obtain a first full abstract value, simultaneously extracting each small segment of data from the multimedia data according to the data extraction rule, combining the small segments of data to form a data set, and performing simple abstract calculation on the data set to obtain a first simple abstract value; the multimedia terminal is also used for packaging the multimedia data, the first full abstract value and the first brief abstract value to form a network data packet, signing the network data packet through a private key of the network data packet to form a network data packet signature file and transmitting the network data packet signature file to the multimedia terminal;
The multimedia terminal adopts the public key of the cloud platform to verify the signature of the received network data packet signature file; after the verification is passed, performing full abstract value calculation on the multimedia data to obtain a second full abstract value, and comparing whether the second full abstract value is consistent with the received first full abstract value or not; extracting each small segment of data from the multimedia data according to a data extraction rule, combining to form a data set, carrying out brief summary calculation on the data set to obtain a second brief summary value, comparing the second brief summary value with the first brief summary value, and playing when the comparison is consistent.
Further, the cloud platform is provided with a first security module, and the first security module is used for calculating a full digest value and a simple digest value of the multimedia data and performing signature operation on the first full digest value and the first simple digest value along with the multimedia data;
the multimedia terminal is provided with a second security module and a storage module, wherein the second security module is used for checking the signature of the received network data packet signature file and verifying the full abstract value and the simple abstract value of the multimedia data after the signature passes; the storage module is used for storing the multimedia data and the corresponding first summary data in an associated mode.
In this embodiment, the first security module and the second security module may respectively support encryption and decryption, signature verification, and digest algorithms, where the encryption and decryption algorithms may be one or more of SM4, DES, 3DES, and AES; the abstract algorithm can be one or more algorithms of SM3, MD5, SHA-256 and SHA-512. But is not limited thereto.
In this embodiment, the multimedia secure playing system further includes a U-key, an operator securely accesses the cloud platform through the U-key, the cloud platform calls an identity authentication interface based on the accessed U-key to request an authentication server (not shown) to perform identity authentication on the cloud platform, and after the identity authentication is completed, the operator can upload multimedia data to the cloud platform.
Specifically, an operator can plug the U-key into a PC and log in the cloud platform by inputting a correct PIN code. And a digital certificate is preset in the U-key, and the identity authentication of the authentication server to the operator is realized according to the digital certificate of the U-key. The validity of the multimedia information source can be effectively ensured through the double verification mode of the PIN code and the U-key digital certificate.
According to the embodiment of the invention, the multimedia secure playing system may further include an operation and maintenance terminal, the operation and maintenance terminal is connected to the cloud platform through a remote network and can perform near field communication with the multimedia terminal, and the operation and maintenance terminal receives a signed network data packet (including multimedia data, a first full digest value and a first simple digest value) from the cloud platform and transmits the network data packet to the multimedia terminal through near field communication. Specifically, the near field communication may be bluetooth, Wi-Fi, NFC, but is not limited thereto.
When multimedia data is received by a multimedia terminal for the first time, calculating a full abstract value of all data of the multimedia data, comparing a second full abstract value obtained by calculation with a first full abstract value received, if the second full abstract value is consistent with the first full abstract value, indicating that the multimedia data is not tampered, otherwise, indicating that the multimedia data is tampered; after the multimedia data is received for the first time and before the multimedia data is played each time, the hash verification is required to be carried out on the multimedia data, but as the volume of the multimedia data may be larger, if the hash verification is carried out through the full abstract value each time, a large amount of early-stage preparation time is consumed for calculating the abstract values of all the data, and the multimedia data is not convenient to play quickly.
The multimedia data of the embodiment may be specifically video, voice, and the like.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (8)

1. A method for secure multimedia playback, the method comprising:
the cloud platform calculates a full abstract value of the received multimedia data to obtain a first full abstract value, extracts small segments of data from the multimedia data according to a data extraction rule for calculating a simple abstract value agreed with a multimedia terminal, combines the small segments of data to form a first data set, and calculates a simple abstract of the first data set to obtain a first simple abstract value;
the cloud platform packs the multimedia data, the first full abstract value and the first simple abstract value to form a network data packet, signs the network data packet through a private key of the cloud platform to form a network data packet signature file, and then transmits the network data packet signature file to the multimedia terminal;
after the multimedia terminal adopts the public key of the cloud platform to check the signature of the network data packet signature file, performing full abstract value calculation on the received multimedia data to obtain a second full abstract value;
Comparing whether the second full abstract value is consistent with the received first full abstract value or not, and if so, performing local association storage on the multimedia data and the first simple abstract value;
before the multimedia terminal plays the multimedia data each time, extracting small segments of data from the multimedia data according to the data extraction rule, combining to form a second data collection set, and then performing summary calculation on the second data collection set to obtain a second summary value;
and comparing the second summary value with the associated first summary value, if the second summary value is consistent with the associated first summary value, playing the multimedia data, and if the second summary value is inconsistent with the associated first summary value, prohibiting the multimedia data from being played.
2. The method for safely playing multimedia according to claim 1, wherein: calculating the current multimedia data a played by the multimedia terminaliIs left for a time tiWait for time tiWhen the preset threshold value T is reached, the next multimedia data a to be played is searched according to the play listi+1The preset threshold value T is larger than the next multimedia data a to be playedi+1The length of time for which the summary value is calculated.
3. The method for secure multimedia playback of claim 1, wherein the data extraction rule is characterized by:
Presetting byte size range [ k ] of m intervals1,k2][k2,k3][k3,k4]…[km,km+1]Each interval range is respectively corresponding to a segmentation rule; and when the byte size of the multimedia data falls into any interval range, segmenting according to the corresponding segmentation rule, and combining the data extracted by each segment to form a data collection set.
4. The method for safely playing multimedia according to claim 3, wherein the segmentation rule is:
presetting the size of multimedia data a as w bytes, segmenting the multimedia data a according to fixed bytes R, respectively extracting the p-th byte to the q-th byte in each segment, and combining the extracted data of each segment to form a data aggregate.
5. The method for safely playing multimedia according to claim 1, wherein:
when the multimedia terminal stores the multimedia data and the first brief summary value in a local association manner, after a preset key is adopted to encrypt the first brief summary value to obtain a first brief summary value ciphertext, the first brief summary value ciphertext and the multimedia data are stored in a local association manner;
before comparing the second summary value with the associated first summary value, searching the associated first summary value ciphertext according to the multimedia data, decrypting the first summary value ciphertext by using a preset key to obtain the first summary value, and then comparing the second summary value with the decrypted first summary value.
6. The method for safely playing multimedia according to claim 1, wherein: the cloud platform and the multimedia terminal perform key agreement to obtain a shared key;
before the cloud platform signs the network data packet, encrypting the network data packet through a shared key to obtain a network data packet ciphertext, and then signing the network data packet ciphertext by using a private key of the cloud platform to form a network data packet ciphertext signature file;
and after the multimedia terminal verifies the network data packet ciphertext signature file, decrypting the network data packet ciphertext by using the shared key to obtain the multimedia data, and then calculating the full digest value of the multimedia data.
7. A multimedia secure playback system, comprising: the system comprises a cloud platform and a multimedia terminal, wherein the cloud platform and the multimedia terminal are connected in a network communication mode and execute the multimedia safe playing method of any one of claims 1-6.
8. The system for safely playing the multimedia as claimed in claim 7, wherein the cloud platform is provided with a first security module, the first security module is used for calculating a full digest value and a simple digest value of the multimedia data, and performing a signature operation on the first full digest value and the first simple digest value together with the multimedia data;
The multimedia terminal is provided with a second security module and a storage module, wherein the second security module is used for checking the signature of the received network data packet signature file and verifying the full abstract value and the simple abstract value of the multimedia data after the signature passes; the storage module is used for storing the multimedia data and the corresponding first summary data in an associated mode.
CN202010656301.5A 2020-07-09 2020-07-09 Multimedia safe playing method and system Active CN111866554B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010656301.5A CN111866554B (en) 2020-07-09 2020-07-09 Multimedia safe playing method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010656301.5A CN111866554B (en) 2020-07-09 2020-07-09 Multimedia safe playing method and system

Publications (2)

Publication Number Publication Date
CN111866554A true CN111866554A (en) 2020-10-30
CN111866554B CN111866554B (en) 2022-05-17

Family

ID=73152014

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010656301.5A Active CN111866554B (en) 2020-07-09 2020-07-09 Multimedia safe playing method and system

Country Status (1)

Country Link
CN (1) CN111866554B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5454000A (en) * 1992-07-13 1995-09-26 International Business Machines Corporation Method and system for authenticating files
CN1977262A (en) * 2004-04-23 2007-06-06 皇家飞利浦电子股份有限公司 Method and apparatus to catch up with a running broadcast or stored content
CN101443774A (en) * 2006-03-15 2009-05-27 苹果公司 Optimized integrity verification procedures
CN101466031A (en) * 2007-12-18 2009-06-24 北京华星广视数码技术服务有限公司 Method, device and system for playing and controlling stream medium
CN101520832A (en) * 2008-12-22 2009-09-02 康佳集团股份有限公司 System and method for verifying file code signature

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5454000A (en) * 1992-07-13 1995-09-26 International Business Machines Corporation Method and system for authenticating files
CN1977262A (en) * 2004-04-23 2007-06-06 皇家飞利浦电子股份有限公司 Method and apparatus to catch up with a running broadcast or stored content
CN101443774A (en) * 2006-03-15 2009-05-27 苹果公司 Optimized integrity verification procedures
CN101466031A (en) * 2007-12-18 2009-06-24 北京华星广视数码技术服务有限公司 Method, device and system for playing and controlling stream medium
CN101520832A (en) * 2008-12-22 2009-09-02 康佳集团股份有限公司 System and method for verifying file code signature

Also Published As

Publication number Publication date
CN111866554B (en) 2022-05-17

Similar Documents

Publication Publication Date Title
CN102024123B (en) Method and device for importing mirror image of virtual machine in cloud calculation
CN106571951B (en) Audit log obtaining method, system and device
KR101753859B1 (en) Server and method for managing smart home environment thereby, method for joining smart home environment and method for connecting communication session with smart device
CN102802036B (en) System and method for identifying digital television
CN110990827A (en) Identity information verification method, server and storage medium
CN112150147A (en) Data security storage system based on block chain
CN110891061B (en) Data encryption and decryption method and device, storage medium and encrypted file
KR101078546B1 (en) Apparatus for coding and decoding of security data file based on data storage unit idedtification, system for electronic signature using the same
CN108323230B (en) Method for transmitting key, receiving terminal and distributing terminal
US20100058047A1 (en) Encrypting a unique cryptographic entity
CN108809936B (en) Intelligent mobile terminal identity verification method based on hybrid encryption algorithm and implementation system thereof
CN103544453A (en) USB (universal serial bus) KEY based virtual desktop file protection method and device
CN111583482A (en) Access control system based on two-dimensional code and control method thereof
CN110445782B (en) Multimedia safe broadcast control system and method
CN115955310B (en) Information source encryption multimedia data export security protection method, device and equipment
CN102594772B (en) A kind of safe control method for playing back of digital signage
CN111866554B (en) Multimedia safe playing method and system
CN102025743A (en) Method and device for exporting mirror image of virtual machine in cloud computing
CN112968774B (en) Method, device storage medium and equipment for encrypting and decrypting configuration file
CN111541708B (en) Identity authentication method based on power distribution
CN114553557A (en) Key calling method, key calling device, computer equipment and storage medium
CN114282189A (en) Data security storage method, system, client and server
CN108323231B (en) Method for transmitting key, receiving terminal and distributing terminal
WO2019136736A1 (en) Software encryption terminal, payment terminal, and software package encryption and decryption method and system
CN114095156B (en) Data protection method for rail transit mobile terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
PE01 Entry into force of the registration of the contract for pledge of patent right

Denomination of invention: Multimedia secure playback methods and systems

Effective date of registration: 20230412

Granted publication date: 20220517

Pledgee: China Construction Bank Corporation Zhengzhou Jinshui sub branch

Pledgor: ZHENGZHOU XINDA JIEAN INFORMATION TECHNOLOGY Co.,Ltd.

Registration number: Y2023980037751

PE01 Entry into force of the registration of the contract for pledge of patent right