CN112887800B - Method for PVR encryption protection of set top box - Google Patents

Method for PVR encryption protection of set top box Download PDF

Info

Publication number
CN112887800B
CN112887800B CN202110263100.3A CN202110263100A CN112887800B CN 112887800 B CN112887800 B CN 112887800B CN 202110263100 A CN202110263100 A CN 202110263100A CN 112887800 B CN112887800 B CN 112887800B
Authority
CN
China
Prior art keywords
pvr
aes
video
encryption
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110263100.3A
Other languages
Chinese (zh)
Other versions
CN112887800A (en
Inventor
郝桥
邹春友
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Smart Core S&t Co ltd
Original Assignee
Shenzhen Smart Core S&t Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Smart Core S&t Co ltd filed Critical Shenzhen Smart Core S&t Co ltd
Priority to CN202110263100.3A priority Critical patent/CN112887800B/en
Publication of CN112887800A publication Critical patent/CN112887800A/en
Application granted granted Critical
Publication of CN112887800B publication Critical patent/CN112887800B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4623Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/426Internal components of the client ; Characteristics thereof
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Multimedia (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the technical field of encryption, in particular to a method for PVR encryption protection of a set top box, which comprises the steps that firstly, a user operates and sends out a PVR video recording instruction; encrypting the current recorded video by setting a random key through an AES encryption algorithm; then writing ciphertext data obtained after the AES encryption function processing into a buffer 2; decrypting the PVR video through an AES decryption algorithm when the PVR video is played, and closing the file after the PVR video is decrypted and played; and finally, deleting the original key used in the system after the PVR video is decrypted. The invention adopts the secret key formed by FLASH ID and random data, not only can meet the requirement that the secret key can not be played on a computer, a mobile phone or other terminal peripheral equipment, but also has stronger limitation on decryption playing on a set top box, so that the security is further improved. The security, flexibility, efficiency and other aspects of the AES encryption and decryption algorithm are superior to those of the traditional data encryption algorithm.

Description

Method for PVR encryption protection of set top box
Technical Field
The invention relates to the technical field of encryption, in particular to a method for PVR encryption protection of a set top box.
Background
The set top box PVR encryption refers to the process of encrypting and decrypting the video stream recorded on the set top box. The purpose of PVR encryption is to ensure that the encrypted video can only be played on the set-top box that is currently recording the video stream, but not on other external devices or terminals. The conventional PVR video encryption is simply an operation of encrypting and decrypting the recorded PVR video by using a traditional encryption method, and has the following defects:
1. the traditional encryption method has lower security and lower encryption and decryption efficiency.
2. The encryption and decryption keys are fixed keys preset in advance, are not random keys, do not exclude the possibility of key leakage, and cannot guarantee the security of the keys.
3. The encrypted PVR video is decrypted and played, and then the original set of keys is not deleted, so that the keys may be used secondarily, and the uniqueness of the keys cannot be guaranteed.
4. Under the condition of no key, the encrypted PVR video can still be played on other set top boxes, and the uniqueness that the encrypted video is only played on the set top box for recording the PVR video at present cannot be achieved, so that absolute security of the encrypted video of the PVR cannot be truly achieved.
The principle of the AES encryption algorithm is briefly described, and the AES is a disclosed advanced encryption algorithm and has the advantages of strong security, high performance, high efficiency, high encryption speed, low requirement on memory and the like. The principle of the AES encryption algorithm is that plaintext data and an expanded secret key are subjected to exclusive-or operation and then subjected to multiple rounds of byte substitution, row displacement, column mixing and exclusive-or operation with the expanded secret key to output ciphertext, and decryption is that ciphertext is output after the ciphertext and the expanded secret key are subjected to exclusive-or operation and then subjected to multiple rounds of inverse byte substitution, inverse displacement, inverse column mixing and exclusive-or operation to output plaintext.
Disclosure of Invention
Accordingly, the present invention is directed to a method for PVR encryption protection of a set-top box, which solves the problems in the prior art.
The invention relates to a method for encrypting and protecting a PVR of a set top box, which specifically comprises the following steps:
S 1 user operation and PVR video recording instruction are sent out; and acquiring a random key set by the system, namely an original key, wherein the random key consists of FLASH ID and a group of random data.
S 2 Encrypting the current recorded video by setting a random key through an AES encryption algorithm;
S 2.1 reading the recorded TS stream data to be processed to a buffer memory 1;
S 2.2 the data with fixed size is fetched from the buffer memory each time, and is processed together with the original secret key through an AES encryption function and expanded through an AES secret key expansion function.
S 3 Writing ciphertext data obtained after the AES encryption function processing into a buffer 2;
S 3.1 when the last data in the buffer memory 1 is read, storing the whole content in the buffer memory 2 into a hard disk;
S 3.2 and (3) ending the recording of the TS stream, completing the video encryption of the recording PVR, and closing the file.
S 4 Decrypting the PVR video through an AES decryption algorithm when playing the PVR video;
S 4.1 after receiving the playing instruction, reading PVR video ciphertext data to be processed to a buffer 1, and obtaining a system original secret key;
S 4.2 taking out data with fixed size from the buffer memory each time, and processing the data with the original secret key through an AES decryption function;
S 4.3 the decrypted plaintext data is stored in the buffer 2 for playback.
S 5 After the PVR video is decrypted and played, closing the file;
S 6 and deleting the original key used in the system after the PVR video is decrypted.
Further, the AES encryption function includes four operation steps of byte substitution, row shifting, column confusion, and round key plus encryption, wherein the byte substitution AES of AES defines one S-box and one inverse S-box. From the multiplication of the matrix, during column aliasing, the value corresponding to each byte has a relationship with only 4 values for that column.
(1) Multiplying the value corresponding to a certain byte by 2 results in shifting the binary bit of the value one bit to the left, and if the highest bit of the value is 1 (indicating that the value is not less than 128), the shifted result needs to be xored 00011011.
(2) Multiplication satisfies the allocation rate for addition, for example: 07·s0, 0= (01 × 02 × 04) ·s0, 0=s0, 0 × (02·s0, 0) (04·s0, 0).
(3) The matrix multiplication here differs from the multiplication of a matrix in the general sense in that each value is added using modulo-2 addition (exclusive or operation).
Further, the function of the row shift is to implement a permutation between bytes within a 4x4 matrix, specifically the first row of the matrix remains unchanged, the second row is cyclically shifted left by one byte, the third row is cyclically shifted left by 2 bytes, the fourth row is cyclically shifted left by 3 bytes, and the input of each round of round keys is xored with the round keys once. The AES encryption process involves 4 operations, byte substitution, row shifting, column confusion, and round key addition, respectively. The decryption process is the corresponding inverse operation. Since each operation is reversible, decryption is performed in reverse order to recover the plaintext. The key of each round in encryption and decryption is obtained by expanding the initial key. The plaintext, ciphertext and round key of 16 bytes in the algorithm are all represented by a 4x4 matrix.
The method for the PVR encryption protection of the set top box has the beneficial effects that: the invention comprises the following steps:
1. the secret key formed by FLASH ID and random data can not only meet the requirement that the secret key can not be played on a computer, a mobile phone or other terminal peripheral equipment, but also has stronger limitation on decryption playing on a set top box, so that the security is further improved.
2. The security, flexibility, efficiency and other aspects of the AES encryption and decryption algorithm are superior to those of the traditional data encryption algorithm.
3. And after the PVR video is decrypted, the used secret key is deleted, so that the secret key is prevented from being secondarily used, and the safety is improved.
Drawings
FIG. 1 is a system block diagram of the present invention;
FIG. 2 is an S-box of the AES of the present invention;
FIG. 3 is an inverted S-box of the AES of the present invention;
Detailed Description
The present invention will be described in detail below with reference to the attached drawings and specific embodiments, and it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments, and all other embodiments obtained by persons of ordinary skill in the art without making creative efforts based on the embodiments in the present application are within the scope of protection of the present application.
In this embodiment, a method for PVR encryption protection of a set-top box according to the present invention is shown in fig. 1-3, and specifically includes the following steps:
S 1 user operation and PVR video recording instruction are sent out; and acquiring a random key set by the system, namely an original key, wherein the random key consists of FLASH ID and a group of random data.
S 2 Encrypting the current recorded video by setting a random key through an AES encryption algorithm;
S 2.1 readingTaking recorded TS stream data to be processed to a buffer memory 1;
S 2.2 the data with fixed size is fetched from the buffer memory each time, and is processed together with the original secret key through an AES encryption function and expanded through an AES secret key expansion function.
S 3 Writing ciphertext data obtained after the AES encryption function processing into a buffer 2;
S 3.1 when the last data in the buffer memory 1 is read, storing the whole content in the buffer memory 2 into a hard disk;
S 3.2 and (3) ending the recording of the TS stream, completing the video encryption of the recording PVR, and closing the file.
S 4 Decrypting the PVR video through an AES decryption algorithm when playing the PVR video;
S 4.1 after receiving the playing instruction, reading PVR video ciphertext data to be processed to a buffer 1, and obtaining a system original secret key;
S 4.2 taking out data with fixed size from the buffer memory each time, and processing the data with the original secret key through an AES decryption function;
S 4.3 the decrypted plaintext data is stored in the buffer 2 for playback.
S 5 After the PVR video is decrypted and played, closing the file;
S 6 and deleting the original key used in the system after the PVR video is decrypted.
In this embodiment, the AES encryption function includes four operation steps of byte substitution, row shifting, column confusion, and round key addition to encrypt, where the byte substitution AES of AES defines an S-box and an inverse S-box. From the multiplication of the matrix, during column aliasing, the value corresponding to each byte has a relationship with only 4 values for that column.
(1) Multiplying the value corresponding to a byte by 2, as a result of which the binary bit of the value is shifted one bit to the left, and if the highest bit of the value is 1 (indicating that the value is not less than 128), the shifted result is also required to be exclusive-ored 00011011
(2) Multiplication satisfies the allocation rate for addition, for example: 07·s0, 0= (01 × 02 × 04) ·s0, 0=s0, 0 × (02·s0, 0) (04·s0, 0).
(3) The matrix multiplication here differs from the multiplication of a matrix in the general sense in that each value is added using modulo-2 addition (exclusive or operation).
In this embodiment, the function of the row shift is to implement the permutation between the bytes in a 4x4 matrix, specifically, the first row of the matrix is kept unchanged, the second row is circularly shifted left by one byte, the third row is circularly shifted left by 2 bytes, the fourth row is circularly shifted left by 3 bytes, and the input of the round key is xored with the round key once. The AES encryption process involves 4 operations, byte substitution, row shifting, column confusion, and round key addition, respectively. The decryption process is the corresponding inverse operation. Since each operation is reversible, decryption is performed in reverse order to recover the plaintext. The key of each round in encryption and decryption is obtained by expanding the initial key. The plaintext, ciphertext and round key of 16 bytes in the algorithm are all represented by a 4x4 matrix.
The above embodiments are only for illustrating the technical solution of the present invention and not for limiting the same, and although the present invention has been described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications and equivalents may be made thereto without departing from the spirit and scope of the technical solution of the present invention, which is intended to be covered by the scope of the claims of the present invention. The technology, shape, and construction parts of the present invention, which are not described in detail, are known in the art.

Claims (3)

1. A method for the PVR encryption protection of a set-top box, which is specifically implemented by the following steps:
S 1 user operation and PVR video recording instruction are sent out; acquiring a random key set by a system, namely an original key, wherein the random key consists of FLASHID and a group of random data;
S 2 encrypting the current recorded video by setting a random key through an AES encryption algorithm;
S 2.1 reading the recorded TS stream data to be processed to a buffer memory 1;
S 2.2 taking out data with fixed size from the buffer memory each time, processing the data with the original secret key through an AES encryption function, and expanding the original secret key through an AES secret key expansion function;
S 3 writing ciphertext data obtained after the AES encryption function processing into a buffer 2;
S 3.1 when the last data in the buffer memory 1 is read, storing the whole content in the buffer memory 2 into a hard disk;
S 3.2 recording the PVR video after the TS stream is recorded, and closing the file;
S 4 decrypting the PVR video through an AES decryption algorithm when playing the PVR video;
S 4.1 after receiving the playing instruction, reading PVR video ciphertext data to be processed to a buffer 1, and obtaining a system original secret key;
S 4.2 taking out data with fixed size from the buffer memory each time, and processing the data with the original secret key through an AES decryption function;
S 4.3 storing the decrypted plaintext data into a buffer memory 2 for playing;
S 5 after the PVR video is decrypted and played, closing the file;
S 6 and deleting the original key used in the system after the PVR video is decrypted.
2. A method for PVR encryption protection in a set-top box as claimed in claim 1 wherein said AES encryption function comprises four operation steps of byte substitution, row shifting, column confusion and round key plus encryption, wherein the byte substitution AES of AES defines an S-box and an inverse S-box.
3. A method for PVR encryption protection of a set-top box according to claim 2, wherein the function of the row shift is to implement a permutation between the inner bytes of a 4x4 matrix, in particular the first row of the matrix is left-shifted by one byte, the third row is left-shifted by 2 bytes, the fourth row is left-shifted by 3 bytes, the input of each round of round keys is xored with the round keys once.
CN202110263100.3A 2021-03-11 2021-03-11 Method for PVR encryption protection of set top box Active CN112887800B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110263100.3A CN112887800B (en) 2021-03-11 2021-03-11 Method for PVR encryption protection of set top box

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110263100.3A CN112887800B (en) 2021-03-11 2021-03-11 Method for PVR encryption protection of set top box

Publications (2)

Publication Number Publication Date
CN112887800A CN112887800A (en) 2021-06-01
CN112887800B true CN112887800B (en) 2023-07-21

Family

ID=76054271

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110263100.3A Active CN112887800B (en) 2021-03-11 2021-03-11 Method for PVR encryption protection of set top box

Country Status (1)

Country Link
CN (1) CN112887800B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114286129B (en) * 2021-12-02 2023-07-25 赛轮集团股份有限公司 Audio and video data encryption and decryption method and device

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102158759B (en) * 2011-04-22 2013-11-06 深圳创维数字技术股份有限公司 Program recording method, playback method of recorded program and set top box
US9473736B2 (en) * 2013-10-24 2016-10-18 Arris Enterprises, Inc. Mediaword compression for network digital media recorder applications
CN105263047B (en) * 2015-10-15 2018-10-02 高斯贝尔数码科技股份有限公司 A kind of digital television program encrypting shooting method for thering is mobile device to participate in

Also Published As

Publication number Publication date
CN112887800A (en) 2021-06-01

Similar Documents

Publication Publication Date Title
US8054967B2 (en) Computer system and computer program executing encryption or decryption
TWI402675B (en) Low latency block cipher
RU2257677C2 (en) Encryption method, encryption device, decryption method and decryption device
US8290148B2 (en) Encryption processing apparatus, encryption processing method, and computer program
US8015224B1 (en) Entropy source for random number generation
US20120269340A1 (en) Hierarchical encryption/decryption device and method thereof
US8635452B2 (en) Method for generating a cipher-based message authentication code
KR102397579B1 (en) Method and apparatus for white-box cryptography for protecting against side channel analysis
Kawle et al. Modified advanced encryption standard
US11258579B2 (en) Method and circuit for implementing a substitution table
CN110035319B (en) Audio and video data encryption and decryption methods and devices and playing equipment
US20090013183A1 (en) Confidential Information Processing Method, Confidential Information Processor, and Content Data Playback System
Saraswathi et al. A block cipher algorithm for multimedia content protection with random substitution using binary tree traversal
CN112887800B (en) Method for PVR encryption protection of set top box
JP3769804B2 (en) Decoding method and electronic device
CN116894273B (en) File encryption method, decryption method, equipment and medium based on exclusive or sum remainder
TW595183B (en) Crypto-system with an inverse key evaluation circuit
JP2002042424A (en) Method for block-enciphering and recording information, and recording medium for supporting it
CN109450614B (en) Encryption and decryption method suitable for high-speed data transmission path
CN105959106A (en) Low-complexity digital encryption method
US20120321079A1 (en) System and method for generating round keys
CN111954035A (en) Method and device for encrypting video-audio signal stream
CN110071927B (en) Information encryption method, system and related components
JP2013098722A (en) Ciphering device of stream cipher, deciphering device of stream cipher, ciphering method of stream cipher, deciphering method of stream cipher, and program
CN114598470B (en) Encryption method, decryption method, device, and computer-readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant