CN114040229B - Video encryption and decryption method and device - Google Patents
Video encryption and decryption method and device Download PDFInfo
- Publication number
- CN114040229B CN114040229B CN202111429245.2A CN202111429245A CN114040229B CN 114040229 B CN114040229 B CN 114040229B CN 202111429245 A CN202111429245 A CN 202111429245A CN 114040229 B CN114040229 B CN 114040229B
- Authority
- CN
- China
- Prior art keywords
- key
- encryption
- original
- permutation
- algorithm
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 38
- 238000006243 chemical reaction Methods 0.000 claims description 13
- 238000000605 extraction Methods 0.000 claims description 4
- 238000012163 sequencing technique Methods 0.000 claims description 4
- 238000013478 data encryption standard Methods 0.000 description 35
- 238000010586 diagram Methods 0.000 description 10
- 230000008569 process Effects 0.000 description 8
- 230000005540 biological transmission Effects 0.000 description 4
- 238000005336 cracking Methods 0.000 description 3
- 230000000694 effects Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 238000012549 training Methods 0.000 description 2
- 206010044565 Tremor Diseases 0.000 description 1
- 230000002411 adverse Effects 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000005538 encapsulation Methods 0.000 description 1
- 238000004880 explosion Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 230000007480 spreading Effects 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/266—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/266—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
- H04N21/26613—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing keys in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/44—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs
- H04N21/4405—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs involving video stream decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/44—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs
- H04N21/4408—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs involving video stream encryption, e.g. re-encrypting a decrypted video stream for redistribution in a home network
Abstract
The invention discloses a video encryption and decryption method and a device, wherein the video encryption method comprises the following steps: step S1, randomly generating an original key and randomly generating an encryption algorithm arrangement selection parameter; s2, arranging and combining a plurality of encryption algorithms, sorting the encryption algorithms, selecting a sorting combination mode by utilizing the encryption algorithm arrangement selection parameters, sequentially encrypting the original secret key according to the selected arrangement combination mode, and transmitting a final encryption secret key to a server; and S3, encrypting the m3u8 format video by using the original key.
Description
Technical Field
The invention relates to the technical field of streaming media video processing, in particular to an encryption and decryption method and device for streaming media video based on an HLS protocol.
Background
Based on the rapid spread of the internet, the application of audio-video multimedia is becoming an indispensable part of people's life. The short video live broadcast software such as the tremble tone or the fire explosion of APP programs such as fast handholds greatly expands the use scene of audio and video transmission technology. But the problems of network audio and video piracy and stolen links are also accompanied. For example, taking online video training as an example, a training mechanism transfers offline original copyright courses to an online platform, but a peer competitor or other network audience can easily obtain video content by using various modes and means such as downloading, piracy linking and the like, so that adverse effects are generated on an original creator, and therefore, the problem of how to maximize protection of video copyright, prevention of cracking without copyright authorization, recording and broadcasting and other infringement behaviors is to be solved.
Currently, a processing method for encrypting a transmitted video stream is generally adopted to solve the above problems. Transport protocols for streaming media can be broadly divided into two categories, one based on the UDP/TCP protocol and the other based on the HTTP protocol. The HTTP protocol-based technology has the advantages of easy deployment, self-adaptive code stream adjustment, good firewall penetrability and the like, and is widely applied to various commercial live broadcast and on-demand networks. Among them, techniques supporting streaming video to be transmitted using HTTP protocol are various, and HLS protocol is the most widely used technique among all such protocols, and video streaming media based on HLS protocol currently generally uses M3U8 format (M3U of Unicode version, encoded with UTF-8; both "M3U" and "M3U8" files are the basis of HTTP Live Streaming (HLS) protocol format used by apple corporation, which can be played by devices such as iPhone and Macbook) to transmit video stream, so that further encryption processing is required for video stream based on M3U8 format of HLS protocol currently.
At present, most of encryption methods in the market are video watermarking, authority control and the like, but the methods are easy to be broken, and the security coefficient is not high.
Disclosure of Invention
In order to overcome the defects in the prior art, the invention aims to provide a video encryption and decryption method and device, which are used for encrypting a key (key) in an m3u8 format video stream file, thereby increasing the decryption cost and effectively preventing malicious decryption and propagation of a video to a certain extent.
In order to achieve the above object, the present invention provides a video encryption method, comprising the following steps:
step S1, randomly generating an original KEY (KEY Original, original ) Randomly generating an encryption algorithm arrangement selection parameter;
step S2, arranging and combining a plurality of encryption algorithms, sorting the encryption algorithms, selecting a sorting combination mode by utilizing the encryption algorithm arrangement selection parameters, and sequentially sorting the original KEYs (KEY Original, original ) Encryption is performed and the final encryption KEY (KEY Final result ) Sending to a server;
step S3, using the original KEY (KEY Original, original ) And encrypting the m3u8 format video.
Preferably, in step S1, a 36-ary 16-bit string original KEY (KEY Original, original ) And randomly generating a 4-bit digital encryption algorithm permutation selection parameter.
Preferably, step S2 further comprises:
step S200, arranging and combining an AES algorithm, a DES algorithm and an RC4 algorithm, and determining the sequence of the arrangement and combination;
step S201, performing modular extraction by using the encryption algorithm arrangement selection parameters and the number of arrangement combinations, and obtaining a unique arrangement combination mode according to a modular extraction result;
step S202, generating a hybrid encryption algorithm function according to the permutation and combination mode obtained in step S201, and using the hybrid encryption algorithm function to generate a KEY (KEY Original, original ) Encryption is performed to obtain an encryption key (TEXT).
Preferably, after step S202, the method further includes the following steps:
step S203, splicing the obtained encryption KEY (TEXT) with the encryption algorithm arrangement selection parameters, and performing Base64 coding conversion on the splicing result to obtain the final encryption KEY (KEY) Final result );
Step S204, requesting the server address by the URI parameter in m3u8 format, obtaining the final encryption KEY (KEY Final result ) And sending the data to a server.
Preferably, in step S201, the encryption algorithm permutation selection parameter and the number of permutation and combination are modulo, and the modulo result corresponds to the permutation and combination sequence in step S200, so as to obtain a unique permutation and combination mode.
In order to achieve the above object, the present invention further provides a video encryption apparatus, including:
an original KEY generation unit for randomly generating an original KEY (KEY Original, original ) Randomly generating an encryption algorithm arrangement selection parameter;
the encryption algorithm permutation and combination determination unit is used for permutation and combination of a plurality of encryption algorithms and sequencing, selecting a sequencing combination mode by utilizing the encryption algorithm permutation and selection parameters to obtain a unique permutation and combination mode, and sequentially aiming at the original KEY (KEY Original, original ) Encryption is performed and the final encryption KEY (KEY Final result ) Sending to a server;
video encryption unit forUsing the original KEY (KEY Original, original ) And encrypting the m3u8 format video.
Preferably, the original KEY generation unit randomly generates a 36-ary 16-bit character string original KEY (KEY Original, original ) And randomly generating a four-digit encryption algorithm permutation selection parameter.
Preferably, the encryption algorithm permutation and combination determination unit further includes:
the encryption algorithm permutation and combination module is used for permutation and combination of an AES algorithm, a DES algorithm and an RC4 algorithm and determining the permutation and combination sequence;
the permutation and combination result determining module is used for taking a module by utilizing the encryption algorithm permutation and selection parameter and the number of permutation and combination, and obtaining a unique permutation and combination mode according to the modulus taking result;
an original KEY encryption module for generating a hybrid encryption algorithm function according to the permutation and combination mode obtained by the permutation and combination result determination module, and generating a KEY (KEY) Original, original ) Encrypting to obtain an encryption key (TEXT);
the final encryption KEY generation module is used for splicing the obtained encryption KEY (TEXT) with the encryption algorithm arrangement selection parameters, and performing Base64 coding conversion to obtain a final encryption KEY (KEY) Final result );
A final encryption KEY storage module for requesting the server address through the URI parameter of the m3u8 video file, which will result in a final encryption KEY (KEY) Final result ) And sending the data to a server for storage.
In order to achieve the above purpose, the present invention further provides a video decryption method, which includes the following steps:
step S1, obtaining a video stream in m3u8 format, requesting a server address through URI parameters of the m3u8 file, obtaining a final encryption KEY (KEY) Final result );
Step S2, the obtained final encryption KEY (KEY Final result ) Performing Base64_decoding conversion to obtain a spliced character string, wherein the spliced character string is a character string spliced by an encryption key (TEXT) and encryption algorithm arrangement selection parameters;
s3, intercepting an encryption key (TEXT) and an encryption algorithm arrangement selection parameter from the spliced character string, taking a module of the arrangement combination number of the encryption algorithm arrangement selection parameter and the encryption algorithm, and obtaining an arrangement combination mode of the encryption algorithm according to a module taking result;
step S4, sequentially decrypting the encryption key (TEXT) by using the obtained permutation and combination mode and a corresponding decryption algorithm in the reverse order to obtain an original key;
step S5, using the obtained original KEY (KEY Original, original ) And decrypting the m3u8 video file.
In order to achieve the above object, the present invention further provides a video decryption device, including:
a final encryption KEY obtaining unit for obtaining the video stream in m3u8 format, requesting the server address through the URI parameter of the m3u8 file, obtaining a final encryption KEY (KEY) Final result );
A decoding and converting unit for converting the obtained final encryption KEY (KEY Final result ) Performing Base64_decoding conversion to obtain a spliced character string, wherein the spliced character string is a character string spliced by an encryption key (TEXT) and encryption algorithm arrangement selection parameters;
the permutation and combination determining unit is used for intercepting an encryption key (TEXT) and an encryption algorithm permutation and selection parameter from the spliced character string, taking a module of the permutation and combination number of the encryption algorithm permutation and selection parameter and the encryption algorithm, and obtaining a permutation and combination mode of the encryption algorithm according to a module taking result;
a KEY decryption unit for sequentially decrypting the encryption KEY (TEXT) by using the corresponding decryption algorithm in reverse order to obtain an original KEY (KEY) Original, original );
A video decryption unit for using the obtained original KEY (KEY Original, original ) And decrypting the m3u8 video file.
Compared with the prior art, the video encryption and decryption method and device have the advantages that encryption and encapsulation are carried out on the key (key) in the m3u8 format video stream file through a certain ordering combination by utilizing a plurality of encryption algorithms, so that the cracking cost is increased, and malicious cracking and spreading of videos can be effectively prevented to a certain extent.
Drawings
FIG. 1 is a flow chart showing the steps of a video encryption method according to the present invention;
FIG. 2 is a system configuration diagram of a video encryption device according to the present invention;
FIG. 3 is a flowchart illustrating steps of a video decryption method according to the present invention;
FIG. 4 is a system configuration diagram of a video decryption device according to the present invention;
FIG. 5 is a schematic diagram of an m3u8 format according to an embodiment of the present invention;
FIG. 6 is a parametric illustration of the m3u8 format of FIG. 5;
FIG. 7 is a schematic diagram of an encryption process according to an embodiment of the present invention;
FIG. 8 is a flow chart of the encryption process R to TEXT in accordance with an embodiment of the invention;
fig. 9 is a schematic diagram of a decryption process according to an embodiment of the present invention.
Detailed Description
Other advantages and effects of the present invention will become readily apparent to those skilled in the art from the following disclosure, when considered in light of the accompanying drawings, by describing embodiments of the present invention with specific embodiments thereof. The invention may be practiced or carried out in other embodiments and details within the scope and range of equivalents of the various features and advantages of the invention.
Before explaining the specific content of the present invention, several concepts related to the present invention are introduced:
AES encryption algorithm: the invention is an advanced encryption standard, which is a block encryption standard adopted by the U.S. federal government, and adopts the CBC mode and the CBC encryption principle: the plaintext is exclusive-or with the vector, and then encrypted by the KEY, and the result is used as the initialization vector of the next BLOCK. Decryption principle: and decrypting the ciphertext by using the key, and then xoring the decrypted ciphertext with the initial vector to obtain the plaintext.
DES encryption algorithm: all Data Encryption Standard, data encryption standard, is a block algorithm that uses key encryption. The entry parameters of the algorithm are three: key, data, mode. key is the key used for encryption and decryption, data is the data for encryption and decryption, and mode is the working mode. When the mode is the encryption mode, the plaintext is grouped according to 64 bits to form a plaintext group, the key is used for encrypting the data, and when the mode is the decryption mode, the key is used for decrypting the data. In practical use, the key only uses 56 bits of 64 bits, so that the key has high security.
RC4 (abbreviation from Rivest Cipher 4) encryption algorithm: is a stream encryption algorithm with variable key length. The encryption and decryption of the system uses the same secret key, and therefore, the system also belongs to a symmetric encryption algorithm.
Fig. 1 is a flowchart illustrating steps of a video encryption method according to the present invention. As shown in fig. 1, the video encryption method of the present invention includes the following steps:
step S1, randomly generating an original KEY KEY Original, original And randomly generating a four-digit encryption algorithm arrangement selection parameter.
In the embodiment of the present invention, a 36-system 16-bit character string original KEY (hereinafter referred to as R) is randomly generated, for example, the original KEY is randomly generated Original, original : d5i8ikjnsahv4DOI, and randomly generates a 4-bit digital encryption algorithm permutation selection parameter (hereinafter referred to as N4).
S2, arranging and combining a plurality of encryption algorithms, sorting the encryption algorithms, selecting the encryption algorithms by utilizing the encryption algorithm arrangement selection parameters to obtain a unique arrangement and combination mode, and sequentially arranging the original KEY according to the obtained arrangement and combination mode Original, original (R) encryption.
Specifically, step S2 further includes:
step S200, the AES algorithm, the DES algorithm and the RC4 algorithm are arranged and combined, and the order of the arrangement and the combination is determined.
In the specific embodiment of the invention, three encryption algorithms of an AES algorithm, a DES algorithm and an RC4 algorithm are adopted, AES, DES, RC is arranged and combined to obtain 6 arrangement and combination modes, and the arrangement and combination modes are fixedly ordered:
([[AES,DES,RC4],[AES,RC4,DES],[DES,AES,RC4],[DES,RC4,AES],[RC4,AES,DES],[RC4,DES,AES]])。
step S201, the encryption algorithm is utilized to arrange the selection parameters and the number of the arrangement combinations to perform modulus, and a unique arrangement combination mode is obtained according to the modulus result.
Specifically, the encryption algorithm arrangement selection parameters N4 and 6 (the number of the three encryption algorithm arrangement combinations is 6) are modulo, and a total of 6 results of 0,1,2,3,4 and 5 are in one-to-one correspondence with the above arrangement combinations, so that a unique arrangement combination mode can be obtained.
Step S202, generating a hybrid encryption algorithm function (HENC) according to the permutation and combination mode obtained in step S201, and generating a KEY for the original KEY Original, original (R) encrypting to obtain an encryption key (TEXT).
Specifically, three symmetric encryption algorithms AES, DES, RC4 are mixed according to the obtained permutation and combination mode in order to generate a mixed encryption algorithm function (HENC), and then the original KEY is generated by the mixed encryption algorithm function (HENC) Original, original (R) encrypting to obtain an encryption key (TEXT).
Preferably, after step S202, the method further comprises the following steps:
step S203, performing Base64 encoding transformation on the obtained encryption KEY (TEXT) and the encryption algorithm arrangement selection parameter N4 to obtain a final encryption KEY KEY Final result 。
Specifically, the obtained encryption KEY (TEXT) is spliced with the encryption algorithm arrangement selection parameter N4, and then Base64 coding conversion is performed to obtain the final encryption KEY Final result 。
Step S204, requesting the server address by URI parameter of EXT-X-KEY tag of m3u8 video file, and obtaining final encryption KEY KEY Final result And sending the data to a server.
Step S3, utilizing the original KEY Original, original (R) encrypting the m3u8 format video.
That is, in the present invention, the original KEY Original, original (R) is only responsible for encrypting m3u8 format files, not for network transmission (prohibiting plaintext transmission)) Using the final encryption KEY Final result Parameters for server side and client side transmissions.
Based on the above encryption method, the present invention also provides a video encryption device, and fig. 2 is a schematic structural diagram of a video encryption device according to the present invention. As shown in fig. 2, a video encryption apparatus of the present invention includes:
an original KEY generation unit 201 for randomly generating an original KEY Original, original And randomly generating a four-digit encryption algorithm arrangement selection parameter.
In the embodiment of the present invention, the original KEY generation unit 201 randomly generates a 36-system 16-bit character string original KEY Original, original (hereinafter, R), for example, the original KEY is randomly generated: d5i8ikjnsahv4DOI, and randomly generates a 4-bit digital encryption algorithm permutation selection parameter (hereinafter referred to as N4).
An encryption algorithm permutation and combination determination unit 202, configured to permutation and combination several encryption algorithms and order the encryption algorithms, select the encryption algorithm permutation and combination by using the encryption algorithm permutation and selection parameters to obtain a unique permutation and combination mode, and sequentially pair the original KEY according to the obtained permutation and combination mode Original, original (R) encryption.
Specifically, the encryption algorithm arrangement combination determination unit 202 further includes:
the encryption algorithm permutation and combination module is used for permutation and combination of an AES algorithm, a DES algorithm and an RC4 algorithm and determining the permutation and combination sequence.
In the specific embodiment of the invention, the encryption algorithm permutation and combination module adopts three encryption algorithms of an AES algorithm, a DES algorithm and an RC4 algorithm, and the AES, DES, RC is permuted and combined to obtain 6 permutation and combination modes, and the permutation and combination modes are fixedly ordered:
([[AES,DES,RC4],[AES,RC4,DES],[DES,AES,RC4],[DES,RC4,AES],[RC4,AES,DES],[RC4,DES,AES]])。
and the permutation and combination result determining module is used for taking the modulus by utilizing the encryption algorithm permutation and selection parameter and the number of permutation and combination, and obtaining a unique permutation and combination mode according to the modulus taking result.
Specifically, the encryption algorithm arrangement selection parameters N4 and 6 (the number of the three encryption algorithm arrangement combinations is 6) are modulo, and a total of 6 results of 0,1,2,3,4 and 5 are in one-to-one correspondence with the above arrangement combinations, so that a unique arrangement combination mode can be obtained.
The original KEY encryption module is used for generating a hybrid encryption algorithm function (HENC) according to the permutation and combination mode obtained by the permutation and combination result determination module, and encrypting the original KEY KEY (R) to obtain an encryption KEY (TEXT).
Specifically, according to the obtained permutation and combination mode, three symmetric encryption algorithms AES, DES, RC4 are mixed according to the permutation and combination sequence to generate a mixed encryption algorithm function (HENC), and the original KEY is generated by using the mixed encryption algorithm function (HENC) Original, original (R) encrypting to obtain an encryption key (TEXT).
Preferably, the encryption algorithm permutation and combination determination unit 202 further includes:
a final encryption KEY generation module for generating a final encryption KEY by performing Base64 encoding conversion on the obtained encryption KEY (TEXT) and encryption algorithm arrangement selection parameter N4 Final result ,
Specifically, the encryption KEY obtained by the final encryption KEY generation module is spliced with the encryption algorithm arrangement selection parameter N4, and then Base64 coding conversion is carried out to obtain the final encryption KEY Final result
A final encryption KEY storage module for requesting a server address through URI parameters of EXT-X-KEY tags of m3u8 video files, and obtaining a final encryption KEY KEY Final result And sending the data to a server for storage.
A video encryption unit 203, configured to encrypt the m3u8 format video with the original encryption key R.
Fig. 3 is a flowchart illustrating steps of a video decryption method according to the present invention. As shown in fig. 3, the video decryption method of the present invention includes the following steps:
step S1, obtaining a video stream in m3u8 format, requesting a server address through URI parameters of EXT-X-KEY tags of m3u8 files, and obtaining a final encryption KEY KEY Final result 。
Step S2, for the obtained final encryption KEY KEY Final result And performing Base64_decoding conversion to obtain a spliced character string, wherein the spliced character string is a character string spliced by an encryption key (TEXT) and an encryption algorithm arrangement selection parameter N4.
And S3, intercepting an encryption key (TEXT) and an encryption algorithm arrangement selection parameter from the spliced character string, taking a module of the arrangement selection parameter of the encryption algorithm and the number of the arrangement combinations of the encryption algorithm, and obtaining an arrangement combination mode of the encryption algorithm according to a module taking result.
In the specific embodiment of the invention, the encryption algorithm arrangement selection parameters are intercepted for the spliced character strings according to the bit numbers of the encryption algorithm arrangement selection parameters, then the encryption algorithm arrangement selection parameters are subjected to modulo 6, and the arrangement combination mode during encryption is determined according to the modulo result.
Step S4, utilizing the obtained permutation and combination mode, utilizing the corresponding decryption algorithm to sequentially decrypt the encryption KEY (TEXT) in the reverse order to obtain the original KEY KEY Original, original (R)。
Step S5, the original KEY obtained by decryption is utilized Original, original (R) decrypting the m3u8 video file.
Based on the video decryption method, the invention further provides a video decryption method. Fig. 4 is a schematic structural diagram of a video decryption device according to the present invention. As shown in fig. 4, a video decryption apparatus of the present invention includes:
a final encryption KEY obtaining unit 401, configured to obtain a video stream in m3u8 format, request a server address through URI parameters of EXT-X-KEY tags of the m3u8 file, and obtain a final encryption KEY Final result 。
A decoding and converting unit 402 for obtaining a final encryption KEY Final result And performing Base64_decoding conversion to obtain a spliced character string, wherein the spliced character string is a character string spliced by an encryption key (TEXT) and an encryption algorithm arrangement selection parameter N4.
The permutation and combination determination unit 403 is configured to intercept an encryption key (TEXT) and an encryption algorithm permutation and selection parameter for the concatenation character string, modulo the permutation and combination number of the encryption algorithm permutation and selection parameter and the encryption algorithm, and obtain a permutation and combination mode of the encryption algorithm according to the modulo result.
In the embodiment of the present invention, the encryption permutation and combination determining unit 403 intercepts the encryption algorithm permutation and selection parameter from the concatenation string according to the number of bits of the encryption algorithm permutation and selection parameter, and then modulo 6, and determines the permutation and combination mode during encryption according to the modulo result.
A KEY decryption unit 404, which sequentially decrypts the encrypted KEY (TEXT) by using the corresponding decryption algorithm in reverse order to obtain the original KEY by using the obtained permutation and combination Original, original (R)。
A video decryption unit 405 for using the original KEY Original, original (R) decrypting the video.
Examples
Fig. 5 is a schematic diagram of the m3u8 format in the embodiment of the present invention, and fig. 6 is a parameter description of the m3u8 format in fig. 5. Fig. 7 is a schematic diagram of an encryption process according to an embodiment of the present invention, and fig. 8 is a flowchart of encryption processes R to TEXT according to an embodiment of the present invention. In this embodiment, the encryption process is as follows:
step 1: randomly generating 36-ary 16-bit character string original KEY Original, original (abbreviated as R) (e.g., D5I8IKJNSAH 4 DOI), and then randomly generating a 4-bit number (abbreviated as N4).
Step 2: AES, DES, RC4 is arranged and combined, 6 arrangement and combination modes are provided, and the arrangement and the combination modes are fixedly ordered:
([[AES,DES,RC4],[AES,RC4,DES],[DES,AES,RC4],[DES,RC4,AES],[RC4,AES,DES],[RC4,DES,AES]])
(abbreviated as L6).
Taking the modulus of N4 and 6, totally adding 6 results of 0,1,2,3,4 and 5, and arranging and combining the results in one-to-one correspondence to obtain a unique arrangement and combination mode. For example, N4 and 6 are modulo 3, and a unique permutation and combination mode [ DES, RC4, AES ] is obtained.
Step 3: using the permutation and combination (such as DES, RC4, AES) obtained in step 2 to encrypt R to obtain encryption key (TEXT), splicing N4, and splicingThe character string is converted by Base64 coding to obtain a final encryption KEY KEY Final result And the obtained final encryption KEY KEY Final result And sending the data to a server side.
Step 4: finally, the original secret key R is used as m3u8-key to encrypt the video in m3u8 format.
Fig. 9 is a schematic diagram of a decryption process according to an embodiment of the present invention. In the embodiment of the invention, the decryption process is as follows:
step 1: requesting the server address to obtain the final encryption KEY obtained in step 3 through URI parameters of EXT-X-KEY tag of m3u8 file Final result And converting the encrypted key into Base64_Decode to obtain a character string of the encryption key (TEXT) +N4.
Step 2: n4 is cut off, a result is obtained through modulo arithmetic, and a corresponding encryption ordering mode (such as DES, RC4 and AES) is obtained through L6.
Step 3, sequentially decrypting according to the sequence reverse to the encryption ordering mode to obtain the original KEY Original, original (R) with the original Key KEY Original, original (R) decrypting the video.
The above embodiments are merely illustrative of the principles of the present invention and its effectiveness, and are not intended to limit the invention. Modifications and variations may be made to the above-described embodiments by those skilled in the art without departing from the spirit and scope of the invention. Accordingly, the scope of the invention is to be indicated by the appended claims.
Claims (10)
1. A video encryption method comprising the steps of:
step S1, randomly generating an original secret keyKEY Original, original ) Randomly generating an encryption algorithm arrangement selection parameter;
s2, arranging and combining a plurality of encryption algorithms, sorting, selecting a sorting combination mode by utilizing the encryption algorithm arrangement selection parameters, and sequentially sorting the original secret keys according to the encryption algorithm in the selected arrangement combination modeKEY Original, original ) Encrypting and obtaining the final encryption key #KEY Final result ) Sending to a server;
step S3, utilizing the original secret key @KEY Original, original ) And encrypting the m3u8 format video.
2. A video encryption method according to claim 1, wherein: in step S1, a 36-system 16-bit character string original key is randomly generatedKEY Original, original ) And randomly generating a 4-bit digital encryption algorithm permutation selection parameter.
3. The video encryption method according to claim 1, wherein step S2 further comprises:
step S200, arranging and combining an AES algorithm, a DES algorithm and an RC4 algorithm, and determining the sequence of the arrangement and combination;
step S201, performing modular extraction by using the encryption algorithm arrangement selection parameters and the number of arrangement combinations, and obtaining a unique arrangement combination mode according to a modular extraction result;
step S202, generating a mixed encryption algorithm function according to the arrangement and combination mode obtained in the step S201, and utilizing the mixed encryption algorithm function to perform the key generation on the original keyKEY Original, original ) Encryption is performed to obtain an encryption key (TEXT).
4. A video encryption method according to claim 3, further comprising, after step S202, the steps of:
step S203, splicing the obtained encryption key (TEXT) with the encryption algorithm arrangement selection parameters, and performing Base64 coding conversion on the splicing result to obtain the final encryption key [ (]KEY Final result );
Step S204, requesting server address through URI parameter in m3u8 format, obtaining final encryption key #KEY Final result ) And sending the data to a server.
5. A video encryption method according to claim 3, wherein in step S201, the number of the encryption algorithm permutation selection parameters and permutation and combination is modulo, and the modulo result corresponds to the permutation and combination sequence of step S200, so as to obtain a unique permutation and combination mode.
6. A video encryption device comprising:
an original key generation unit for randomly generating original keyKEY Original, original ) Randomly generating an encryption algorithm arrangement selection parameter;
the encryption algorithm permutation and combination determination unit is used for permutation and combination of a plurality of encryption algorithms and sequencing, selecting a sequencing and combination mode by utilizing the encryption algorithm permutation and selection parameters to obtain a unique permutation and combination mode, and sequentially aiming at the original secret key according to the encryption algorithm in the obtained permutation and combination modeKEY Original, original ) Encrypting and obtaining the final encryption key #KEY Final result ) Sending to a server;
video encryption unit for using original keyKEY Original, original ) And encrypting the m3u8 format video.
7. A video encryption apparatus according to claim 6, wherein: the original key generating unit randomly generates a 36-system 16-bit character string original key #KEY Original, original ) And randomly generating a four-digit encryption algorithm permutation selection parameter.
8. A video encryption apparatus according to claim 6, wherein: the encryption algorithm permutation and combination determination unit further includes:
the encryption algorithm permutation and combination module is used for permutation and combination of an AES algorithm, a DES algorithm and an RC4 algorithm and determining the permutation and combination sequence;
the permutation and combination result determining module is used for taking a module by utilizing the encryption algorithm permutation and selection parameter and the number of permutation and combination, and obtaining a unique permutation and combination mode according to the modulus taking result;
the original key encryption module is used for generating a mixed encryption algorithm function according to the permutation and combination mode obtained by the permutation and combination result determination module, and for the original key #KEY Original, original ) Encrypting to obtain an encryption key (TEXT);
the final encryption key generation module is used for splicing the obtained encryption key (TEXT) with the encryption algorithm arrangement selection parameters, and performing Base64 coding conversion to obtain a final encryption key [ ]KEY Final result );
The final encryption key storage module is used for requesting the server address through the URI parameter of the m3u8 video file, and obtaining the final encryption key [ ]KEY Final result ) And sending the data to a server for storage.
9. A video decryption method comprising the steps of:
step S1, obtaining a video stream in an m3u8 format, requesting a server address through a URI parameter of an m3u8 file, and obtaining a final encryption key [ (time-domain name)KEY Final result );
Step S2, obtaining the final encryption keyKEY Final result ) Performing Base64 decoding conversion to obtain a spliced character string, wherein the spliced character string is a character string spliced by an encryption key (TEXT) and encryption algorithm arrangement selection parameters;
s3, intercepting an encryption key (TEXT) and an encryption algorithm arrangement selection parameter from the spliced character string, taking a module of the arrangement combination number of the encryption algorithm arrangement selection parameter and the encryption algorithm, and obtaining an arrangement combination mode of the encryption algorithm according to a module taking result;
step S4, sequentially decrypting the encryption key (TEXT) by using the obtained permutation and combination mode and a corresponding decryption algorithm in the reverse order to obtain an original key;
s5, utilizing the obtained original secret keyKEY Original, original ) And decrypting the m3u8 video file.
10. A video decryption device comprising:
a final encryption key obtaining unit, configured to obtain a video stream in m3u8 format, request a server address through URI parameters of the m3u8 file, and obtain a final encryption key @KEY Final result );
Decoding and converting unit for obtaining final encryption keyKEY Final result ) Performing Base64 decoding conversion to obtain a spliced character string, wherein the spliced character string is a character string spliced by an encryption key (TEXT) and encryption algorithm arrangement selection parameters;
the permutation and combination determining unit is used for intercepting an encryption key (TEXT) and an encryption algorithm permutation and selection parameter from the spliced character string, taking a module of the permutation and combination number of the encryption algorithm permutation and selection parameter and the encryption algorithm, and obtaining a permutation and combination mode of the encryption algorithm according to a module taking result;
the key decryption unit sequentially decrypts the encrypted key (TEXT) by using the corresponding decryption algorithm in the reverse order to obtain the original key [ ] by using the obtained permutation and combination modeKEY Original, original );
Video decryption unit for using the obtained original keyKEY Original, original ) And decrypting the m3u8 video file.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111429245.2A CN114040229B (en) | 2021-11-29 | 2021-11-29 | Video encryption and decryption method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111429245.2A CN114040229B (en) | 2021-11-29 | 2021-11-29 | Video encryption and decryption method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114040229A CN114040229A (en) | 2022-02-11 |
| CN114040229B true CN114040229B (en) | 2024-02-06 |
Family
ID=80139035
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111429245.2A Active CN114040229B (en) | 2021-11-29 | 2021-11-29 | Video encryption and decryption method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114040229B (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101882993A (en) * | 2009-05-04 | 2010-11-10 | 联发科技(新加坡)私人有限公司 | Cryptographic system and cryptographic methods |
| CN104410616A (en) * | 2014-11-20 | 2015-03-11 | 广州日滨科技发展有限公司 | Method and system for encrypting, decrypting and transmitting data |
| CN105871827A (en) * | 2016-03-28 | 2016-08-17 | 乐视控股(北京)有限公司 | Anti-leech method and system |
| CN109150867A (en) * | 2018-08-09 | 2019-01-04 | 丹东瑞银科技有限公司 | Network information transfer enciphering/deciphering device and method for encryption/decryption |
| CN109446757A (en) * | 2018-10-25 | 2019-03-08 | 石生花微电子(南京)有限公司 | A method of for general MCU programmed protection |
| CN113301431A (en) * | 2021-01-22 | 2021-08-24 | 阿里巴巴集团控股有限公司 | Video data encryption and decryption method and device, electronic equipment and system |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP6285536B2 (en) * | 2013-04-18 | 2018-02-28 | リソフトデブ,インコーポレイテッド | System and method for encrypting data |
-
2021
- 2021-11-29 CN CN202111429245.2A patent/CN114040229B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101882993A (en) * | 2009-05-04 | 2010-11-10 | 联发科技(新加坡)私人有限公司 | Cryptographic system and cryptographic methods |
| CN104410616A (en) * | 2014-11-20 | 2015-03-11 | 广州日滨科技发展有限公司 | Method and system for encrypting, decrypting and transmitting data |
| CN105871827A (en) * | 2016-03-28 | 2016-08-17 | 乐视控股(北京)有限公司 | Anti-leech method and system |
| CN109150867A (en) * | 2018-08-09 | 2019-01-04 | 丹东瑞银科技有限公司 | Network information transfer enciphering/deciphering device and method for encryption/decryption |
| CN109446757A (en) * | 2018-10-25 | 2019-03-08 | 石生花微电子(南京)有限公司 | A method of for general MCU programmed protection |
| CN113301431A (en) * | 2021-01-22 | 2021-08-24 | 阿里巴巴集团控股有限公司 | Video data encryption and decryption method and device, electronic equipment and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114040229A (en) | 2022-02-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7260215B2 (en) | Method for encryption in an un-trusted environment | |
| RU2427898C2 (en) | Protection of digital multimedia with various types of content | |
| KR101203266B1 (en) | Carrying protected content using a control protocol for streaming and a transport protocol | |
| KR100957121B1 (en) | Key distribution method and authentication server | |
| TWI376131B (en) | Methods of broadcasting and receiving a scrambled multimedia programme, content,headend, terminal, receiver and security rpocessor for such methods | |
| US9124418B2 (en) | Method and system for encryption of blocks of data | |
| US20120063597A1 (en) | Apparatus and associated methodology for managing content control keys | |
| EP3476078B1 (en) | Systems and methods for authenticating communications using a single message exchange and symmetric key | |
| JP2007133400A (en) | Methods of scrambling and descrambling unit of data | |
| CN101640785B (en) | Encrypting/decrypting system and encrypting/decrypting method for interactive network television | |
| JP4193380B2 (en) | Electronic signature system for stream transfer | |
| US9219606B2 (en) | Method and device for digital data blocks encryption and decryption | |
| JP2005244534A (en) | Device and method for cipher communication | |
| EP2071801B1 (en) | Method and apparatus for securing content using client and session specific encryption with embedded key in content | |
| CN114040229B (en) | Video encryption and decryption method and device | |
| JP2008124935A (en) | Transmitter, receiver, and information communication system | |
| CN101500146A (en) | Digital television receiving control method and apparatus based on bi-directional network | |
| KR101934899B1 (en) | Authenticated encryption device and method thereof | |
| WO2012175021A1 (en) | Method and device for processing streaming media content | |
| CN101500147B (en) | Digital television receiving control method and apparatus based on bi-directional network | |
| Huang et al. | Research of H. 264 video transmission encryption technology based on blowfish algorithm | |
| JP2001211159A (en) | Method and device for decipehring contents information | |
| CN117857852A (en) | Method and device for preventing video downloading | |
| CN114760501A (en) | Digital copyright protection method, system, server, module, player and medium | |
| JP2006129535A (en) | Scramble broadcasting system of stream media data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |