CN112243154A - Set top box safe starting method, equipment and medium - Google Patents

Set top box safe starting method, equipment and medium Download PDF

Info

Publication number
CN112243154A
CN112243154A CN202010678315.7A CN202010678315A CN112243154A CN 112243154 A CN112243154 A CN 112243154A CN 202010678315 A CN202010678315 A CN 202010678315A CN 112243154 A CN112243154 A CN 112243154A
Authority
CN
China
Prior art keywords
top box
key
flash
data
application module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010678315.7A
Other languages
Chinese (zh)
Other versions
CN112243154B (en
Inventor
谢贤钱
袁苇
张宏辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fujian Newland Communication Science Technology Co Ltd
Original Assignee
Fujian Newland Communication Science Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fujian Newland Communication Science Technology Co Ltd filed Critical Fujian Newland Communication Science Technology Co Ltd
Priority to CN202010678315.7A priority Critical patent/CN112243154B/en
Publication of CN112243154A publication Critical patent/CN112243154A/en
Application granted granted Critical
Publication of CN112243154B publication Critical patent/CN112243154B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/443OS processes, e.g. booting an STB, implementing a Java virtual machine in an STB or power management in an STB
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4627Rights management associated to the content

Abstract

The invention provides a set-top box safe starting method, equipment and a medium in the technical field of set-top boxes, wherein the method comprises the following steps: step S10, creating a public key, a private key, pairing data and a secret key, burning the public key and the pairing data into a one-time programming area, and storing the pairing data into a flash; step S20, signing the starting code entry address, the starting code, each application module and the jump execution address thereof by using a private key, and encrypting each application module by using a secret key; step S30, when the set-top box is started, the public key is used for checking the entry address of the starting code and the starting code; step S40, verifying the matched data in the flash and the one-time programming area, and loading the application module into the RAM; step S50, decrypting each encrypted application module by using the key; and step S60, after the public key is used for checking the labels of the application modules and the jump execution addresses thereof, the set top box is safely started. The invention has the advantages that: the security of the set top box is greatly improved.

Description

Set top box safe starting method, equipment and medium
Technical Field
The invention relates to the technical field of set top boxes, in particular to a method, equipment and medium for safely starting a set top box.
Background
With the development of digital broadcasting technology, the content presented by the digital television is more and more abundant, and the interaction mode with the user is more and more diverse. The content presentation and interaction of the digital television can not be separated from the set-top box, the set-top box becomes a standard configuration of more and more families, and the safety of the set-top box is particularly important for ensuring the privacy safety and the right and interest of users.
The traditional security measures of the set top box mainly focus on multi-level encryption of programs, but the traditional security measures are relatively deficient in system level implantation prevention, machine refreshing prevention and software data tampering prevention. In order to meet the increasingly rich audio-visual and interactive requirements of users, the set top box is more and more intelligent, the software system is more and more complex, and meanwhile, the security of the system is also more challenged; an insecure system is easy to implant an illegal program, and further the privacy of a user is stolen through a hardware interface or other modes, or the whole system is changed to realize flash through illegal program tampering, so that the user experience is seriously influenced.
Therefore, how to provide a method, a device and a medium for safely starting a set top box to improve the safety of the set top box becomes a problem to be solved urgently.
Disclosure of Invention
The technical problem to be solved by the invention is to provide a method, equipment and a medium for safely starting a set top box, so that the safety of the set top box is improved.
In a first aspect, the present invention provides a method for securely starting a set-top box, including the steps of:
step S10, creating a pair of public key and private key, a pair of data and a secret key, burning the public key and the pair of data to a one-time programming area of the MCU of the set-top box, and storing the pair of data to the flash of the set-top box;
step S20, after signing the entry address of the start code, each application module and the jump execution address thereof by using the private key, secondarily encrypting each application module by using the secret key, encrypting the secret key to generate encrypted data and storing the encrypted data in a flash;
step S30, when the set-top box is started, the public key is used for carrying out signature verification on the starting code entry address and the starting code, and then the minimized hardware is initialized;
step S40, after matching verification is carried out on the flash and the pairing data stored in the one-time programming area, each encrypted application module in the flash is loaded into an RAM of the set-top box;
step S50, decrypting the encrypted data to obtain a key, and decrypting each encrypted application module by using the key;
and step S60, after the public key is used for checking the labels of the application modules and the jump execution addresses thereof, the set top box is safely started.
Further, in step S10, the pairing data is a random character string.
Further, in the step S20, the encrypting the key to generate encrypted data and storing the encrypted data in the flash specifically includes:
and encrypting the key by using the chip of the MCU of the set-top box and an encryption algorithm to generate encrypted data, storing the encrypted data into the flash, and closing the JTAG interface of the set-top box.
Further, the step S30 is specifically:
when the set-top box is started, checking the starting code entry address and the starting code by using the public key, judging whether the check passes or not, if so, jumping to the starting code from the starting code entry address, initializing the minimized hardware, and entering the step S40; if not, the flow is ended.
Further, the step S40 is specifically:
judging whether the flash is consistent with the pairing data stored in the one-time programming area, and if so, loading each encrypted application module in the flash into an RAM of the set top box by using the starting code; and if not, restarting the set top box.
Further, in step S50, the decrypting the encrypted data to obtain the key specifically includes:
and decrypting the encrypted data by using the chip of the MCU of the set top box and an encryption algorithm to obtain a key.
Further, the application module at least comprises an upgrading module.
Further, the step S60 specifically includes:
step S61, using the public key to check the application modules and the jump execution addresses thereof, judging whether the check label passes, if so, safely starting the set-top box; if not, go to step S62;
step S62, judging whether the jump execution address of each application module and the upgrading module pass verification, if so, reading the upgrading program pre-stored in the flash by the upgrading module for upgrading; if not, the set top box is restarted.
In a second aspect, the present invention provides a set-top box secure boot apparatus, including a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor implements the method according to the first aspect when executing the program.
In a third aspect, the present invention provides a secure boot medium for a set-top box, having a computer program stored thereon, which when executed by a processor, performs the method of the first aspect.
One or more technical solutions provided in the embodiments of the present invention have at least the following technical effects or advantages:
the one-time programming area is set, so that the burnt data cannot be erased and changed; creating a pair of public key and private key, burning the public key into a one-time programming area, and signing and checking a starting code entry address, a starting code, each application module and a jump execution address thereof by using the public key and the private key; after each application module is encrypted for the second time by using the established key, encrypting and storing the key; creating matched data to be respectively stored in a one-time programming area and a flash, and loading an application module only after the matched data passes verification; the set-top box is characterized in that a multi-level safety protection mechanism is set, public keys and pairing data burnt to a one-time programming area cannot be erased and changed, if decryption of an application module fails, signature verification fails or pairing data verification fails, the set-top box fails to start, safety problems caused by implantation of illegal programs and illegal tampering of the programs are greatly avoided, namely, the safety of the set-top box is greatly improved, and user experience is greatly improved.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
The invention will be further described with reference to the following examples with reference to the accompanying drawings.
Fig. 1 is a flowchart of a secure start method of a set-top box according to the present invention.
Fig. 2 is a schematic structural diagram of a set-top box secure boot apparatus according to the present invention.
Fig. 3 is a schematic structural diagram of a set-top box secure boot medium according to the present invention.
Detailed Description
The embodiment of the application realizes the improvement of the safety of the set top box by providing the safe starting method, the equipment and the medium of the set top box.
The technical scheme in the embodiment of the application has the following general idea: the one-time programming area is set, so that the burnt data cannot be erased and changed; creating a pair of public key and private key, burning the public key into a one-time programming area, and signing and checking a starting code entry address, a starting code, each application module and a jump execution address thereof by using the public key and the private key; after each application module is encrypted for the second time by using the established key, encrypting and storing the key; creating matched data to be stored in the one-time programming area and the flash respectively, closing a JTAG interface of the set top box, loading the application module only when the matched data passes verification, and avoiding illegal tampering of the data stored in the flash through the JTAG interface from the outside; namely, a multi-stage safety protection mechanism is arranged to improve the safety of the set top box.
Example one
The embodiment provides a secure starting method of a set top box, as shown in fig. 1, including the following steps:
step S10, creating a pair of public key and private key, a pair of data and a secret key, burning the public key and the pair of data to a one-time programming area of the MCU of the set-top box, and storing the pair of data to the flash of the set-top box; the secret key is a self-defined secret key and can be a symmetric secret key or an asymmetric secret key; data burned in the one-time programming area (OTP) cannot be erased and changed, so that the safety and authority of the data are greatly improved;
step S20, after signing the entry address of the start code, each application module and the jump execution address thereof by using the private key, secondarily encrypting each application module by using the secret key, encrypting the secret key to generate encrypted data and storing the encrypted data in a flash; the starting code entry address is used for jumping to a starting code, and the starting code is used for starting an application module, namely loading the application module into an RAM of the set-top box;
step S30, when the set-top box is started, the public key is used for carrying out signature verification on the starting code entry address and the starting code, and then the minimized hardware is initialized; the minimized hardware initialization is performed, that is, only necessary hardware is initialized, so that the possibility of external attack is reduced as much as possible, for example, only flash, RAM, keys, indicator lights and buses are initialized;
step S40, after matching verification is carried out on the flash and the pairing data stored in the one-time programming area, each encrypted application module in the flash is loaded into an RAM of the set-top box;
step S50, decrypting the encrypted data to obtain a key, and decrypting each encrypted application module by using the key;
and step S60, after the public key is used for checking and signing each application module and the jump execution address thereof, the set top box is safely started, and the application program of the user is jumped to execute.
In the step S10, the pairing data is a random character string, and the pairing data is stored in the one-time programming region and the flash respectively, and since the pairing data stored in the one-time programming region cannot be tampered, it is only necessary to verify whether the two pairing data are consistent to verify whether the flash is invaded, so that the security is greatly improved.
In step S20, the encrypting the key to generate encrypted data and storing the encrypted data in the flash specifically includes:
and encrypting the key by using the chip of the MCU of the set-top box and an encryption algorithm to generate encrypted data, storing the encrypted data into the flash, and closing the JTAG interface of the set-top box. The chip, namely the chip unique ID, inputs an encryption algorithm by using the chip as a random parameter, and then encrypts the key to generate encrypted data, so that the uniqueness of the encrypted data is ensured; the encryption algorithm is used for encrypting the secret key, is not limited to any specific algorithm, and can be a hash algorithm, a symmetric encryption algorithm or an asymmetric encryption algorithm; the JTAG (Joint Test Action group) interface is used for internal Test of the chip, and illegal tampering of data stored in the flash through the JTAG interface is effectively avoided by closing the JTAG interface, so that the safety is greatly improved.
The step S30 specifically includes:
when the set-top box is started, checking the starting code entry address and the starting code by using the public key, judging whether the check passes or not, if so, jumping to the starting code from the starting code entry address, initializing the minimized hardware, and entering the step S40; if not, the flow is ended.
The step S40 specifically includes:
judging whether the pairing data stored in the flash and the one-time programming area are consistent, if so, indicating that the data in the flash is not tampered, and loading each encrypted application module in the flash into an RAM of the set top box by using the starting code; and if not, restarting the set top box.
In step S50, the decrypting the encrypted data to obtain the key specifically includes:
and decrypting the encrypted data by using the chip of the MCU of the set top box and an encryption algorithm to obtain a key.
The application module at least comprises an upgrading module.
The step S60 specifically includes:
step S61, using the public key to check the application modules and the jump execution addresses thereof, judging whether the check label passes, if so, safely starting the set-top box; if not, go to step S62;
step S62, judging whether the jump execution address of each application module and the upgrading module pass verification, if so, reading the upgrading program pre-stored in the flash by the upgrading module for upgrading; if not, the set top box is restarted.
Based on the same inventive concept, the application provides an electronic device embodiment corresponding to the first embodiment, which is detailed in the second embodiment.
Example two
The embodiment provides a set-top box secure boot device, as shown in fig. 2, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, and when the processor executes the computer program, any one of the embodiments may be implemented.
Since the electronic device described in this embodiment is a device used for implementing the method in the first embodiment of the present application, based on the method described in the first embodiment of the present application, a specific implementation of the electronic device in this embodiment and various variations thereof can be understood by those skilled in the art, and therefore, how to implement the method in the first embodiment of the present application by the electronic device is not described in detail herein. The equipment used by those skilled in the art to implement the methods in the embodiments of the present application is within the scope of the present application.
Based on the same inventive concept, the application provides a storage medium corresponding to the third embodiment.
EXAMPLE III
The embodiment provides a set-top box secure boot medium, as shown in fig. 3, on which a computer program is stored, and when the computer program is executed by a processor, any one of the embodiments may be implemented.
The technical scheme provided in the embodiment of the application at least has the following technical effects or advantages:
the one-time programming area is set, so that the burnt data cannot be erased and changed; creating a pair of public key and private key, burning the public key into a one-time programming area, and signing and checking a starting code entry address, a starting code, each application module and a jump execution address thereof by using the public key and the private key; after each application module is encrypted for the second time by using the established key, encrypting and storing the key; creating matched data to be respectively stored in a one-time programming area and a flash, and loading an application module only after the matched data passes verification; the set-top box is characterized in that a multi-level safety protection mechanism is set, public keys and pairing data burnt to a one-time programming area cannot be erased and changed, if decryption of an application module fails, signature verification fails or pairing data verification fails, the set-top box fails to start, safety problems caused by implantation of illegal programs and illegal tampering of the programs are greatly avoided, namely, the safety of the set-top box is greatly improved, and user experience is greatly improved.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Although specific embodiments of the invention have been described above, it will be understood by those skilled in the art that the specific embodiments described are illustrative only and are not limiting upon the scope of the invention, and that equivalent modifications and variations can be made by those skilled in the art without departing from the spirit of the invention, which is to be limited only by the appended claims.

Claims (10)

1. A set top box safe starting method is characterized in that: the method comprises the following steps:
step S10, creating a pair of public key and private key, a pair of data and a secret key, burning the public key and the pair of data to a one-time programming area of the MCU of the set-top box, and storing the pair of data to the flash of the set-top box;
step S20, after signing the entry address of the start code, each application module and the jump execution address thereof by using the private key, secondarily encrypting each application module by using the secret key, encrypting the secret key to generate encrypted data and storing the encrypted data in a flash;
step S30, when the set-top box is started, the public key is used for carrying out signature verification on the starting code entry address and the starting code, and then the minimized hardware is initialized;
step S40, after matching verification is carried out on the flash and the pairing data stored in the one-time programming area, each encrypted application module in the flash is loaded into an RAM of the set-top box;
step S50, decrypting the encrypted data to obtain a key, and decrypting each encrypted application module by using the key;
and step S60, after the public key is used for checking the labels of the application modules and the jump execution addresses thereof, the set top box is safely started.
2. The secure boot method for a set-top box according to claim 1, wherein: in step S10, the pairing data is a random character string.
3. The secure boot method for a set-top box according to claim 1, wherein: in step S20, the encrypting the key to generate encrypted data and storing the encrypted data in the flash specifically includes:
and encrypting the key by using the chip of the MCU of the set-top box and an encryption algorithm to generate encrypted data, storing the encrypted data into the flash, and closing the JTAG interface of the set-top box.
4. The secure boot method for a set-top box according to claim 1, wherein: the step S30 specifically includes:
when the set-top box is started, checking the starting code entry address and the starting code by using the public key, judging whether the check passes or not, if so, jumping to the starting code from the starting code entry address, initializing the minimized hardware, and entering the step S40; if not, the flow is ended.
5. The secure boot method for a set-top box according to claim 1, wherein: the step S40 specifically includes:
judging whether the flash is consistent with the pairing data stored in the one-time programming area, and if so, loading each encrypted application module in the flash into an RAM of the set top box by using the starting code; and if not, restarting the set top box.
6. The secure boot method for a set-top box according to claim 1, wherein: in step S50, the decrypting the encrypted data to obtain the key specifically includes:
and decrypting the encrypted data by using the chip of the MCU of the set top box and an encryption algorithm to obtain a key.
7. The secure boot method for a set-top box according to claim 1, wherein: the application module at least comprises an upgrading module.
8. The secure boot method for a set-top box according to claim 7, wherein: the step S60 specifically includes:
step S61, using the public key to check the application modules and the jump execution addresses thereof, judging whether the check label passes, if so, safely starting the set-top box; if not, go to step S62;
step S62, judging whether the jump execution address of each application module and the upgrading module pass verification, if so, reading the upgrading program pre-stored in the flash by the upgrading module for upgrading; if not, the set top box is restarted.
9. A set-top box secure boot apparatus comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor when executing the program implements the method of any of claims 1 to 8.
10. A set-top box secure boot medium having a computer program stored thereon, wherein the program, when executed by a processor, implements the method of any one of claims 1 to 8.
CN202010678315.7A 2020-07-15 2020-07-15 Set top box safe starting method, equipment and medium Active CN112243154B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010678315.7A CN112243154B (en) 2020-07-15 2020-07-15 Set top box safe starting method, equipment and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010678315.7A CN112243154B (en) 2020-07-15 2020-07-15 Set top box safe starting method, equipment and medium

Publications (2)

Publication Number Publication Date
CN112243154A true CN112243154A (en) 2021-01-19
CN112243154B CN112243154B (en) 2022-08-05

Family

ID=74170705

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010678315.7A Active CN112243154B (en) 2020-07-15 2020-07-15 Set top box safe starting method, equipment and medium

Country Status (1)

Country Link
CN (1) CN112243154B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115297349A (en) * 2022-09-29 2022-11-04 深圳市华曦达科技股份有限公司 Method, device, equipment and medium for safely starting remote starting of set top box

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101072104A (en) * 2006-05-09 2007-11-14 美国博通公司 Method and system for command authentication to achieve a secure interface
US20080086641A1 (en) * 2004-01-30 2008-04-10 Stephane Rodgers Method and system for preventing revocation denial of service attacks
CN103686332A (en) * 2013-12-11 2014-03-26 深圳创维数字技术股份有限公司 Security function starting method and terminal
CN103974122A (en) * 2013-02-04 2014-08-06 澜起科技(上海)有限公司 Set top box chip and digital signature implementation method applied to same
CN104394467A (en) * 2014-12-15 2015-03-04 珠海迈越信息技术有限公司 STB (set top box) application downloading method and STB
US20150229471A1 (en) * 2014-02-11 2015-08-13 Telefonaktiebolaget L M Ericsson (Publ) System and method for securing content keys delivered in manifest files
CN107016290A (en) * 2017-04-26 2017-08-04 贵州省广播电视信息网络股份有限公司 A kind of method of anti-set top box brush machine
CN107566901A (en) * 2017-08-31 2018-01-09 成都市斯达鑫辉视讯科技有限公司 A kind of ciphering startup method of TV set-top box
CN108664776A (en) * 2017-03-31 2018-10-16 深圳市九洲电器有限公司 Set-top box security protection method and system

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080086641A1 (en) * 2004-01-30 2008-04-10 Stephane Rodgers Method and system for preventing revocation denial of service attacks
CN101072104A (en) * 2006-05-09 2007-11-14 美国博通公司 Method and system for command authentication to achieve a secure interface
CN103974122A (en) * 2013-02-04 2014-08-06 澜起科技(上海)有限公司 Set top box chip and digital signature implementation method applied to same
CN103686332A (en) * 2013-12-11 2014-03-26 深圳创维数字技术股份有限公司 Security function starting method and terminal
US20150229471A1 (en) * 2014-02-11 2015-08-13 Telefonaktiebolaget L M Ericsson (Publ) System and method for securing content keys delivered in manifest files
CN104394467A (en) * 2014-12-15 2015-03-04 珠海迈越信息技术有限公司 STB (set top box) application downloading method and STB
CN108664776A (en) * 2017-03-31 2018-10-16 深圳市九洲电器有限公司 Set-top box security protection method and system
CN107016290A (en) * 2017-04-26 2017-08-04 贵州省广播电视信息网络股份有限公司 A kind of method of anti-set top box brush machine
CN107566901A (en) * 2017-08-31 2018-01-09 成都市斯达鑫辉视讯科技有限公司 A kind of ciphering startup method of TV set-top box

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
张卫东等: "基于Android平台的机顶盒数据安全保护方案设计", 《有线电视技术》 *
胡冰松等: "一种安全的智能机顶盒实现方案", 《电信科学》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115297349A (en) * 2022-09-29 2022-11-04 深圳市华曦达科技股份有限公司 Method, device, equipment and medium for safely starting remote starting of set top box
CN115297349B (en) * 2022-09-29 2023-02-21 深圳市华曦达科技股份有限公司 Set top box safe starting remote starting method, device, equipment and medium

Also Published As

Publication number Publication date
CN112243154B (en) 2022-08-05

Similar Documents

Publication Publication Date Title
CN110990084B (en) Chip secure starting method and device, storage medium and terminal
KR100792287B1 (en) Method for security and the security apparatus thereof
CN109840430B (en) Safety processing unit of PLC and bus arbitration method thereof
KR20090007123A (en) Secure boot method and semiconductor memory system for using the method
US20130254906A1 (en) Hardware and Software Association and Authentication
CN107220547B (en) Terminal equipment and starting method thereof
US20050198517A1 (en) System and method for distributed module authentication
CN107809677B (en) System and method for presetting Widevine keys in batches in television
CN1969500A (en) Securing software
CN103593603A (en) Protecting secure software in a multi-security-CPU system
CN104123505A (en) Android intelligent device anti-getroot system and calibration method thereof
TW201443680A (en) Code protection using online authentication and encrypted code execution
JP2007141044A (en) Information processor and program execution control method
CN104715208A (en) Platform integrity checking method based on TPM chip
CN112243154B (en) Set top box safe starting method, equipment and medium
KR20230150409A (en) Secure Programming of Secret Data
CN112241523A (en) Embedded computer starting-up identity authentication method
JP2003256060A (en) Authentication method of program use
KR20080071576A (en) Method and apparatus for securing digital content
CN218068848U (en) Embedded software encryption protection system based on CPLD
CN112733126B (en) Product license authentication method and system
CN111967019A (en) TEE-based Internet of things secure startup implementation method
CN110334524B (en) SOC starting method and system based on secondary key
CN114816549B (en) Method and system for protecting bootloader and environment variable thereof
CN111625871A (en) Method, system and device for ensuring integrity of virtual machine mirror image

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant