CN117272327B - Set top box encryption upgrading method and set top box - Google Patents
Set top box encryption upgrading method and set top box Download PDFInfo
- Publication number
- CN117272327B CN117272327B CN202311425046.3A CN202311425046A CN117272327B CN 117272327 B CN117272327 B CN 117272327B CN 202311425046 A CN202311425046 A CN 202311425046A CN 117272327 B CN117272327 B CN 117272327B
- Authority
- CN
- China
- Prior art keywords
- top box
- set top
- upgrading
- ciphertext
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 52
- 230000006854 communication Effects 0.000 claims description 21
- 230000001360 synchronised effect Effects 0.000 claims description 21
- 238000004891 communication Methods 0.000 claims description 20
- 230000002452 interceptive effect Effects 0.000 claims description 6
- 238000012360 testing method Methods 0.000 claims description 6
- 238000012790 confirmation Methods 0.000 claims description 4
- 238000007781 pre-processing Methods 0.000 claims description 4
- 238000004364 calculation method Methods 0.000 claims description 3
- 230000003993 interaction Effects 0.000 claims description 3
- 238000012423 maintenance Methods 0.000 abstract description 3
- 230000006978 adaptation Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 239000008689 wuhua Substances 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/443—OS processes, e.g. booting an STB, implementing a Java virtual machine in an STB or power management in an STB
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Databases & Information Systems (AREA)
- Multimedia (AREA)
- Signal Processing (AREA)
- Stored Programmes (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the relevant field of upgrading of software products, and discloses a set top box encryption upgrading method and a set top box, wherein the set top box encryption upgrading method comprises the steps of judging whether an equipment upgrading environment is safe or not by carrying out information matching on the set top box and carrying out encryption upgrading based on double-end synchronization of random ciphertext; the method is used for remote software upgrading of equipment such as a set top box and the like, and data security maintenance is carried out during encryption upgrading in a double-end symmetric encryption key mode, so that account information, sensitive data content and the like in a non-security protection state in the software upgrading process can be effectively avoided and hijacked and read by third party equipment, and the security of user privacy data in the encryption process is ensured.
Description
Technical Field
The invention relates to the related field of upgrading of software products, in particular to a set top box encryption upgrading method and a set top box.
Background
Along with the rapid iterative updating of intelligent products, the products and brands of the wuhua eight doors provide more different choices for users, and in order to keep own user groups for a long time, brands need to continuously support and update own products so as to provide better use experience for the users.
In the remote product updating and upgrading in the prior art, the problem of upgrading safety exists, in the software upgrading process of the user equipment, the local user information and related sensitive data of the equipment are under weaker safety protection, and are easily damaged or acquired by a third party in the encryption upgrading process, so that the information leakage or equipment damage and other conditions occur.
Disclosure of Invention
The invention aims to provide a set top box encryption upgrading method and a set top box, which are used for solving the problems in the background technology.
In order to achieve the above purpose, the present invention provides the following technical solutions:
a set top box encryption upgrade method comprising:
Initializing an encryption upgrading program, and acquiring equipment matching information of a set top box to be encrypted and upgraded, wherein the equipment matching information comprises an equipment serial number and a software serial number;
Based on a preset equipment information base and the equipment matching information, carrying out information matching on the set top box, judging whether the set top box equipment and the software are authorized objects or not and whether the software needs to be safely upgraded or not through the serial numbers;
Based on the equipment serial number and a preset encryption method, correspondingly establishing an upgrading ciphertext and synchronizing the upgrading ciphertext with the set top box, and carrying out encryption pretreatment on security data of set top box software through the upgrading ciphertext, wherein the security data represents sensitive data content containing user information and account information;
And acquiring a software upgrading file encrypted through the upgrading ciphertext and forwarding the software upgrading file to the set top box, and encrypting and upgrading the set top box software based on the software upgrading file.
As a further aspect of the invention: the upgrading ciphertext comprises a random ciphertext and a matching ciphertext, the random ciphertext is a plurality of sequentially arranged random numbers which are randomly generated through an encryption upgrading program, and the random ciphertext is forwarded to the set top box to be synchronized;
the matching ciphertext is a ciphertext sequence preset at the two ends of the upgrading service equipment and the set top box, and each equipment serial number corresponds to a plurality of groups of matching ciphertexts.
As still further aspects of the invention: the matching ciphertext corresponds to an interactive confirmation step, wherein the interactive confirmation step specifically comprises the following steps:
Executing a time synchronization program, and synchronizing time axis information between the set top box and the upgrade service equipment through the time synchronization program;
Randomly generating a time offset by a set top box terminal, offsetting the time axis information synchronized by the set top box terminal based on the time offset, establishing an offset time axis and feeding back to the upgrade service equipment;
And carrying out matching search on a plurality of groups of matching ciphertext based on the time offset to obtain corresponding matching ciphertext, wherein the plurality of groups of matching ciphertext are respectively provided with different time offsets in a one-to-one correspondence manner, and the set top box and the upgrading service equipment carry out symmetrical synchronous acquisition of ciphertext through the time offsets.
As still further aspects of the invention: the method also comprises the steps of:
Acquiring a local use log of the set top box, and counting the local use log based on a circulation period to acquire the distribution condition of the use time period of the set top box in the circulation period;
The method comprises the steps that communication rate testing is conducted on a communication channel between upgrade service equipment and a set top box, and upgrade time required by current encryption upgrade is calculated and obtained based on the communication rate, wherein the upgrade time comprises time for forwarding a software upgrade file and time for encryption upgrade, and file forwarding and encryption upgrade can be independently executed;
and matching the circulation period of the set top box based on the upgrading time to determine a forwarding time period and an encryption upgrading time period in a non-use time period of the set top box.
As still further aspects of the invention: when executing the step of encrypting and upgrading the set top box software based on the software upgrading file, the method further comprises the following steps:
And invalidating an external data input/output interface of the set top box, and executing interrupt operation on a data read-write task, wherein the data read-write task is used for representing a data exchange task between the three-party equipment and the set top box.
The embodiment of the invention aims to provide a set top box, which comprises:
The device comprises an initialization module, a set top box encryption module and a software serial number generation module, wherein the initialization module is used for initializing an encryption upgrading program and acquiring device matching information of the set top box to be encrypted and upgraded, and the device matching information comprises the device serial number and the software serial number;
The object checking module is used for carrying out information matching on the set top box based on a preset equipment information base and the equipment matching information, judging whether the set top box equipment and the software are authorized objects or not and whether the software needs to be safely upgraded or not through the serial numbers;
The ciphertext interaction module is used for correspondingly establishing an upgrading ciphertext and synchronizing the upgrading ciphertext with the set top box based on the equipment serial number and a preset encryption method, and carrying out encryption pretreatment on security data of set top box software through the upgrading ciphertext, wherein the security data represents sensitive data content comprising user information and account information;
The encryption upgrading module is used for acquiring a software upgrading file encrypted through an upgrading ciphertext and forwarding the software upgrading file to the set top box, and the software upgrading file is used for replacing and upgrading the set top box software.
As a further aspect of the invention: the upgrading ciphertext comprises a random ciphertext and a matching ciphertext, the random ciphertext is a plurality of sequentially arranged random numbers which are randomly generated through an encryption upgrading program, and the random ciphertext is forwarded to the set top box to be synchronized;
the matching ciphertext is a ciphertext sequence preset at the two ends of the upgrading service equipment and the set top box, and each equipment serial number corresponds to a plurality of groups of matching ciphertexts.
As still further aspects of the invention: the method comprises a matching key module, and specifically comprises the following steps:
The synchronous preprocessing unit is used for executing a time synchronization program and synchronizing time axis information between the set top box and the upgrade service equipment through the time synchronization program;
The offset synchronization unit is used for randomly generating a time offset by the set top box terminal, offsetting the time axis information synchronized by the set top box terminal based on the time offset, establishing an offset time axis and feeding back to the upgrade service equipment;
the key synchronization unit is used for carrying out matching search on a plurality of groups of matching ciphertext based on the time offset, obtaining corresponding matching ciphertext, wherein the plurality of groups of matching ciphertext are respectively provided with different time offsets in a one-to-one correspondence manner, and the set top box and the upgrading service equipment carry out symmetrical synchronous obtaining of ciphertext through the time offset.
As still further aspects of the invention: the system also comprises an idle judging module, which specifically comprises:
The record acquisition unit is used for acquiring a local use log of the set top box, counting the local use log based on a circulation period, and acquiring the distribution condition of the use time period of the set top box in the circulation period;
The device comprises a demand judging unit, a set top box and a service equipment, wherein the demand judging unit is used for carrying out communication rate test on a communication channel between the upgrade service equipment and the set top box, and obtaining the upgrade time required by the current encryption upgrade based on communication rate calculation, the upgrade time comprises the time of forwarding a software upgrade file and the time of encryption upgrade, and the file forwarding and the encryption upgrade can be independently executed;
And the idle distribution unit is used for matching the circulation period of the set top box based on the upgrading time so as to determine a forwarding time period and an encryption upgrading time period in the non-use time period of the set top box.
As still further aspects of the invention: the encryption upgrading module comprises:
and the safety limiting unit is used for invalidating the external data input/output interface of the set top box and executing interrupt operation on the data read-write task, wherein the data read-write task is used for representing the data exchange task between the three-party equipment and the set top box.
Compared with the prior art, the invention has the beneficial effects that: the method is used for remote software upgrading of equipment such as a set top box and the like, and data security maintenance is carried out during encryption upgrading in a double-end symmetric encryption key mode, so that account information, sensitive data content and the like in a non-security protection state in the software upgrading process can be effectively avoided and hijacked and read by three-party equipment, and the security of private data of a user in the encryption process is ensured.
Drawings
Fig. 1 is a flow chart of a set top box encryption upgrade method.
Fig. 2 is a schematic diagram of the composition of an upgrade ciphertext in a set-top box encryption upgrade method.
Fig. 3 is a flowchart of a method for synchronizing a matching ciphertext in a set-top encryption upgrade method.
Fig. 4 is a functional block diagram of a set top box.
Description of the embodiments
The present invention will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present invention more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
Specific implementations of the invention are described in detail below in connection with specific embodiments.
As shown in fig. 1, the encryption upgrading method for a set top box and the set top box provided by an embodiment of the invention include the following steps:
S10, initializing an encryption upgrading program, and acquiring equipment matching information of the set top box to be encrypted and upgraded, wherein the equipment matching information comprises an equipment serial number and a software serial number.
And S20, carrying out information matching on the set top box based on a preset equipment information base and the equipment matching information, and judging whether the set top box equipment and the software are authorized objects or not and whether the software needs to be safely upgraded or not through the serial numbers.
S30, correspondingly establishing an upgrade ciphertext based on the equipment serial number and a preset encryption method, synchronizing the upgrade ciphertext with the set top box, and carrying out encryption pretreatment on security data of the set top box software through the upgrade ciphertext, wherein the security data represents sensitive data content containing user information and account information.
S40, acquiring a software upgrading file encrypted through an upgrading ciphertext and forwarding the software upgrading file to the set top box, and encrypting and upgrading the set top box software based on the software upgrading file.
In the embodiment, the set top box encryption upgrading method is used for upgrading remote software of equipment such as a set top box, and data security maintenance is carried out in the encryption upgrading process by adopting a double-end symmetric encryption key mode, so that account information, sensitive data content and the like in a non-security protection state in the software upgrading process can be effectively avoided and hijacked and read by three-party equipment, and the security of private data of a user in the encryption process is ensured; in particular, for the software upgrade of the set top box, the local upgrade and the remote upgrade can be included, in the prior art, in order to better provide services for users, the remote upgrade mode is mostly adopted, when the upgrade is executed, the upgrade content is pushed through remote connection, after the corresponding content is acquired, the set top box executes an upgrade program, in the upgrade process, account information of the user, various account-based sensitive data content and the like are in a state that cannot be effectively protected before the update of new system software is completed, therefore, in the execution of the application, the software upgrade file and related content of the set top box are encrypted in a mode of randomly generating and synchronizing upgrade ciphertext, when the upgrade is performed, the security of the data content can be effectively protected, even if the data is acquired by a third party, the effective ciphertext content cannot be acquired, wherein in step S20, a judging process for encrypting the upgrade requirement of the set top box is performed, and the judging process including whether the equipment and the hardware are proper equipment can be safely upgraded or not is ensured, if the equipment cannot be encrypted or not is encrypted in the process, and whether the encryption of the equipment cannot be effectively upgraded is ensured.
As shown in fig. 2, as another preferred embodiment of the present invention, the upgrade ciphertext includes a random ciphertext and a matching ciphertext, where the random ciphertext is a plurality of sequentially arranged random numbers randomly generated by an encryption upgrade program, and the random ciphertext is forwarded to the set top box for synchronization;
the matching ciphertext is a ciphertext sequence preset at the two ends of the upgrading service equipment and the set top box, and each equipment serial number corresponds to a plurality of groups of matching ciphertexts.
In this embodiment, a further scheme is designed for the upgrade ciphertext, in the prior art, after random generation, the upgrade ciphertext still needs to be synchronized by the two-end communication device, so that the receiving end can be ensured to be interpreted after the encrypted software upgrade file is acquired, therefore, a possibility of interception and acquisition may exist in the data communication process, and a certain security risk exists.
As shown in fig. 3, as another preferred embodiment of the present invention, the matching ciphertext includes an interactive verification step, where the interactive verification step specifically includes:
S51, executing a time synchronization program, and synchronizing time axis information between the set top box and the upgrade service equipment through the time synchronization program.
S52, randomly generating a time offset by the set top box terminal, offsetting the time axis information synchronized by the set top box terminal based on the time offset, establishing an offset time axis and feeding back to the upgrade service equipment.
And S53, carrying out matching search on a plurality of groups of matching ciphertext based on the time offset, obtaining corresponding matching ciphertext, wherein the plurality of groups of matching ciphertext are respectively provided with different time offsets in a one-to-one correspondence manner, and the set top box and the upgrading service equipment carry out symmetrical synchronous obtaining of ciphertext through the time offset.
In this embodiment, the generation of double-end matching of the matching ciphertext is described, where the method is selected by matching through a time offset axis, the upgrade device sends a check time to synchronize the time information of the double ends, then the set top box randomly selects one group of multiple groups of matching ciphers and obtains a corresponding time offset, after the time offset modifies the time axis, the upgrade service device can obtain the corresponding time offset, and then the matching ciphertext can be selected through the corresponding serial number of the set top box (the time offset is used for information feedback of a combination mode of two groups of ciphertexts), and direct communication of the ciphertexts can be avoided based on the feedback mode of the time offset, so that leakage of ciphertext information can be effectively avoided.
As another preferred embodiment of the present invention, further comprising the steps of:
And acquiring a local use log of the set top box, and counting the local use log based on the circulation period to acquire the distribution condition of the use time period of the set top box in the circulation period.
And performing communication rate test on a communication channel between the upgrade service equipment and the set top box, and calculating and acquiring the upgrade time required by the current encryption upgrade based on the communication rate, wherein the upgrade time comprises the time of forwarding a software upgrade file and the time of encryption upgrade, and the file forwarding and the encryption upgrade can be independently executed.
And matching the circulation period of the set top box based on the upgrading time to determine a forwarding time period and an encryption upgrading time period in a non-use time period of the set top box.
In this embodiment, the problem of selecting a set top box encryption upgrade time period is solved, and in different time periods, the user is judged based on the preference of the user for use, so that the execution of the encryption upgrade process of the user is selected in a cycle period (here, the work and rest cycle period of the user, that is, one day) in a time period when a plurality of set top boxes are in an idle state.
As another preferred embodiment of the present invention, when performing the step of cryptographically upgrading the set-top box software based on the software upgrade file, the method further comprises:
And invalidating an external data input/output interface of the set top box, and executing interrupt operation on a data read-write task, wherein the data read-write task is used for representing a data exchange task between the three-party equipment and the set top box.
In this embodiment, a security management step during encryption upgrade is supplemented, and after the set top box has completely acquired the software upgrade file and begins encryption upgrade, all external devices and signal interfaces of the set top box are invalidated, so that the set top box in the encryption upgrade process is ensured to be in a completely independent device, not only can the effect of data protection be achieved, but also device software and hardware damage possibly caused by improper operation of a user in the encryption upgrade process can be effectively avoided.
As shown in fig. 4, the present invention further provides a set top box, which includes:
the initialization module 100 is configured to initialize an encryption upgrade program, and obtain device matching information of a set top box to be encrypted and upgraded, where the device matching information includes a device serial number and a software serial number.
The object checking module 200 is configured to perform information matching on the set top box based on a preset device information base and the device matching information, and determine whether the set top box device and the software are authorized objects and whether the software needs to be safely upgraded according to the serial number.
The ciphertext interaction module 300 is configured to correspondingly establish an upgrade ciphertext and synchronize with the set top box based on the equipment serial number and a preset encryption method, and perform encryption preprocessing on security data of the set top box software through the upgrade ciphertext, where the security data represents sensitive data content including user information and account information.
The encryption upgrade module 400 is configured to obtain a software upgrade file encrypted by an upgrade ciphertext and forward the software upgrade file to the set top box, where the software upgrade file is used to replace and upgrade set top box software.
As another preferred embodiment of the present invention, the upgrade ciphertext includes a random ciphertext and a matching ciphertext, where the random ciphertext is a plurality of sequentially arranged random numbers randomly generated by an encryption upgrade program, and the random ciphertext is forwarded to the set top box for synchronization;
the matching ciphertext is a ciphertext sequence preset at the two ends of the upgrading service equipment and the set top box, and each equipment serial number corresponds to a plurality of groups of matching ciphertexts.
As another preferred embodiment of the present invention, the matching key module comprises:
and the synchronization preprocessing unit is used for executing a time synchronization program and synchronizing time axis information between the set top box and the upgrade service equipment through the time synchronization program.
The offset synchronization unit is used for randomly generating a time offset by the set top box terminal, offsetting the time axis information synchronized by the set top box terminal based on the time offset, establishing an offset time axis and feeding back to the upgrade service equipment.
The key synchronization unit is used for carrying out matching search on a plurality of groups of matching ciphertext based on the time offset, obtaining corresponding matching ciphertext, wherein the plurality of groups of matching ciphertext are respectively provided with different time offsets in a one-to-one correspondence manner, and the set top box and the upgrading service equipment carry out symmetrical synchronous obtaining of ciphertext through the time offset.
As another preferred embodiment of the present invention, the system further comprises an idle judging module, specifically comprising:
the record acquisition unit is used for acquiring the local use log of the set top box, counting the local use log based on the circulation period, and acquiring the distribution condition of the use time period of the set top box in the circulation period.
The device comprises a requirement judging unit, a set top box and a service equipment, wherein the requirement judging unit is used for carrying out communication rate test on a communication channel between the upgrade service equipment and the set top box, and obtaining the upgrade time required by the current encryption upgrade based on communication rate calculation, the upgrade time comprises the time of software upgrade file forwarding and the time of encryption upgrade, and the file forwarding and the encryption upgrade can be independently executed.
And the idle distribution unit is used for matching the circulation period of the set top box based on the upgrading time so as to determine a forwarding time period and an encryption upgrading time period in the non-use time period of the set top box.
As another preferred embodiment of the present invention, the encryption upgrade module includes:
and the safety limiting unit is used for invalidating the external data input/output interface of the set top box and executing interrupt operation on the data read-write task, wherein the data read-write task is used for representing the data exchange task between the three-party equipment and the set top box.
Those skilled in the art will appreciate that all or part of the processes in the methods of the above embodiments may be implemented by a computer program for instructing relevant hardware, where the program may be stored in a non-volatile computer readable storage medium, and where the program, when executed, may include processes in the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in embodiments provided herein may include non-volatile and/or volatile memory. The nonvolatile memory can include Read Only Memory (ROM), programmable ROM (PROM), electrically Programmable ROM (EPROM), electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double Data Rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous link (SYNCHLINK) DRAM (SLDRAM), memory bus (Rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM), among others.
Other embodiments of the present disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure. This application is intended to cover any adaptations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It is to be understood that the present disclosure is not limited to the precise arrangements and instrumentalities shown in the drawings, and that various modifications and changes may be effected without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.
Claims (4)
1. The encryption upgrading method for the set top box is characterized by comprising the following steps of:
Initializing an encryption upgrading program, and acquiring equipment matching information of a set top box to be encrypted and upgraded, wherein the equipment matching information comprises an equipment serial number and a software serial number;
Based on a preset equipment information base and the equipment matching information, carrying out information matching on the set top box, judging whether the set top box equipment and the software are authorized objects or not and whether the software needs to be safely upgraded or not through the serial numbers;
Based on the equipment serial number and a preset encryption method, correspondingly establishing an upgrading ciphertext and synchronizing the upgrading ciphertext with the set top box, and carrying out encryption pretreatment on security data of set top box software through the upgrading ciphertext, wherein the security data represents sensitive data content containing user information and account information;
acquiring a software upgrading file encrypted by an upgrading ciphertext and forwarding the software upgrading file to a set top box, and encrypting and upgrading the set top box software based on the software upgrading file;
The upgrading ciphertext comprises a random ciphertext and a matching ciphertext, the random ciphertext is a plurality of sequentially arranged random numbers which are randomly generated through an encryption upgrading program, and the random ciphertext is forwarded to the set top box to be synchronized;
the matching ciphertext is a ciphertext sequence preset at the two ends of the upgrading service equipment and the set top box, and each equipment serial number corresponds to a plurality of groups of matching ciphertext;
the matching ciphertext corresponds to an interactive confirmation step, wherein the interactive confirmation step specifically comprises the following steps:
Executing a time synchronization program, and synchronizing time axis information between the set top box and the upgrade service equipment through the time synchronization program;
Randomly generating a time offset by a set top box terminal, offsetting the time axis information synchronized by the set top box terminal based on the time offset, establishing an offset time axis and feeding back to the upgrade service equipment;
Performing matching search on a plurality of groups of matching ciphertext based on the time offset to obtain corresponding matching ciphertext, wherein the plurality of groups of matching ciphertext are respectively provided with different time offsets in a one-to-one correspondence manner, and the set top box and the upgrade service equipment perform symmetrical synchronous acquisition of ciphertext through the time offsets;
The method also comprises the steps of:
Acquiring a local use log of the set top box, and counting the local use log based on a circulation period to acquire the distribution condition of the use time period of the set top box in the circulation period;
The method comprises the steps that communication rate testing is conducted on a communication channel between upgrade service equipment and a set top box, and upgrade time required by current encryption upgrade is calculated and obtained based on the communication rate, wherein the upgrade time comprises time for forwarding a software upgrade file and time for encryption upgrade, and file forwarding and encryption upgrade can be independently executed;
and matching the circulation period of the set top box based on the upgrading time to determine a forwarding time period and an encryption upgrading time period in a non-use time period of the set top box.
2. The method of claim 1, wherein when performing the step of cryptographically upgrading set top box software based on the software upgrade file, further comprising:
And invalidating an external data input/output interface of the set top box, and executing interrupt operation on a data read-write task, wherein the data read-write task is used for representing a data exchange task between the three-party equipment and the set top box.
3. A set top box comprising:
The device comprises an initialization module, a set top box encryption module and a software serial number generation module, wherein the initialization module is used for initializing an encryption upgrading program and acquiring device matching information of the set top box to be encrypted and upgraded, and the device matching information comprises the device serial number and the software serial number;
The object checking module is used for carrying out information matching on the set top box based on a preset equipment information base and the equipment matching information, judging whether the set top box equipment and the software are authorized objects or not and whether the software needs to be safely upgraded or not through the serial numbers;
The ciphertext interaction module is used for correspondingly establishing an upgrading ciphertext and synchronizing the upgrading ciphertext with the set top box based on the equipment serial number and a preset encryption method, and carrying out encryption pretreatment on security data of set top box software through the upgrading ciphertext, wherein the security data represents sensitive data content comprising user information and account information;
The encryption upgrading module is used for acquiring a software upgrading file encrypted through an upgrading ciphertext and forwarding the software upgrading file to the set top box, wherein the software upgrading file is used for replacing and upgrading the set top box software;
The upgrading ciphertext comprises a random ciphertext and a matching ciphertext, the random ciphertext is a plurality of sequentially arranged random numbers which are randomly generated through an encryption upgrading program, and the random ciphertext is forwarded to the set top box to be synchronized;
the matching ciphertext is a ciphertext sequence preset at the two ends of the upgrading service equipment and the set top box, and each equipment serial number corresponds to a plurality of groups of matching ciphertext;
the method comprises a matching key module, and specifically comprises the following steps:
The synchronous preprocessing unit is used for executing a time synchronization program and synchronizing time axis information between the set top box and the upgrade service equipment through the time synchronization program;
The offset synchronization unit is used for randomly generating a time offset by the set top box terminal, offsetting the time axis information synchronized by the set top box terminal based on the time offset, establishing an offset time axis and feeding back to the upgrade service equipment;
The key synchronization unit is used for carrying out matching search on a plurality of groups of matching ciphertext based on the time offset to obtain corresponding matching ciphertext, the plurality of groups of matching ciphertext are respectively provided with different time offsets in a one-to-one correspondence manner, and the set top box and the upgrading service equipment carry out symmetrical and synchronous acquisition of ciphertext through the time offset;
The system also comprises an idle judging module, which specifically comprises:
The record acquisition unit is used for acquiring a local use log of the set top box, counting the local use log based on a circulation period, and acquiring the distribution condition of the use time period of the set top box in the circulation period;
The device comprises a demand judging unit, a set top box and a service equipment, wherein the demand judging unit is used for carrying out communication rate test on a communication channel between the upgrade service equipment and the set top box, and obtaining the upgrade time required by the current encryption upgrade based on communication rate calculation, the upgrade time comprises the time of forwarding a software upgrade file and the time of encryption upgrade, and the file forwarding and the encryption upgrade can be independently executed;
And the idle distribution unit is used for matching the circulation period of the set top box based on the upgrading time so as to determine a forwarding time period and an encryption upgrading time period in the non-use time period of the set top box.
4. A set top box according to claim 3 wherein the encryption upgrade module comprises:
and the safety limiting unit is used for invalidating the external data input/output interface of the set top box and executing interrupt operation on the data read-write task, wherein the data read-write task is used for representing the data exchange task between the three-party equipment and the set top box.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311425046.3A CN117272327B (en) | 2023-10-31 | 2023-10-31 | Set top box encryption upgrading method and set top box |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311425046.3A CN117272327B (en) | 2023-10-31 | 2023-10-31 | Set top box encryption upgrading method and set top box |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117272327A CN117272327A (en) | 2023-12-22 |
| CN117272327B true CN117272327B (en) | 2024-05-03 |
Family
ID=89208236
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311425046.3A Active CN117272327B (en) | 2023-10-31 | 2023-10-31 | Set top box encryption upgrading method and set top box |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117272327B (en) |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101470411A (en) * | 2007-12-28 | 2009-07-01 | 联合汽车电子有限公司 | System and method for safely updating ECU data |
| CN102111654A (en) * | 2009-12-23 | 2011-06-29 | 康佳集团股份有限公司 | Set-top box software upgrading method and set-top box |
| CN103279372A (en) * | 2013-05-23 | 2013-09-04 | 青岛海信宽带多媒体技术有限公司 | Set top box software upgrading method and set top box |
| CN107085525A (en) * | 2017-03-17 | 2017-08-22 | 深圳市战音科技有限公司 | Method for upgrading software and device based on Bluetooth electronic devices |
| US10015015B1 (en) * | 2014-09-30 | 2018-07-03 | EMC IP Holding Company LLC | Method and apparatus for verifying system log integrity |
| CN109104724A (en) * | 2018-06-30 | 2018-12-28 | 江苏恒宝智能系统技术有限公司 | A kind of data ciphering method and device for device upgrade |
| CN112702654A (en) * | 2019-10-22 | 2021-04-23 | 深圳市茁壮网络股份有限公司 | Software upgrading method and device and set top box |
| CN114567552A (en) * | 2022-03-01 | 2022-05-31 | 深圳市金溢科技股份有限公司 | Vehicle-mounted V2X equipment upgrading method and device, computer equipment and storage medium |
| CN116233551A (en) * | 2022-12-29 | 2023-06-06 | 深圳市玥芯通科技有限公司 | Set top box synchronous upgrading method, equipment and storage medium |
| CN116419217A (en) * | 2023-06-09 | 2023-07-11 | 广州万协通信息技术有限公司 | OTA data upgrading method, system, equipment and storage medium |
| CN116827898A (en) * | 2023-06-26 | 2023-09-29 | 赛力斯汽车有限公司 | OTA upgrade message pushing method and device, computer equipment and storage medium |
| CN116894269A (en) * | 2023-07-24 | 2023-10-17 | 山石网科通信技术股份有限公司 | File system encryption method and device, storage medium and electronic equipment |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP3547195B1 (en) * | 2016-12-29 | 2020-11-25 | Huawei Technologies Co., Ltd. | System-on-chip and method for switching secure operating systems |
-
2023
- 2023-10-31 CN CN202311425046.3A patent/CN117272327B/en active Active
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101470411A (en) * | 2007-12-28 | 2009-07-01 | 联合汽车电子有限公司 | System and method for safely updating ECU data |
| CN102111654A (en) * | 2009-12-23 | 2011-06-29 | 康佳集团股份有限公司 | Set-top box software upgrading method and set-top box |
| CN103279372A (en) * | 2013-05-23 | 2013-09-04 | 青岛海信宽带多媒体技术有限公司 | Set top box software upgrading method and set top box |
| US10015015B1 (en) * | 2014-09-30 | 2018-07-03 | EMC IP Holding Company LLC | Method and apparatus for verifying system log integrity |
| CN107085525A (en) * | 2017-03-17 | 2017-08-22 | 深圳市战音科技有限公司 | Method for upgrading software and device based on Bluetooth electronic devices |
| CN109104724A (en) * | 2018-06-30 | 2018-12-28 | 江苏恒宝智能系统技术有限公司 | A kind of data ciphering method and device for device upgrade |
| CN112702654A (en) * | 2019-10-22 | 2021-04-23 | 深圳市茁壮网络股份有限公司 | Software upgrading method and device and set top box |
| CN114567552A (en) * | 2022-03-01 | 2022-05-31 | 深圳市金溢科技股份有限公司 | Vehicle-mounted V2X equipment upgrading method and device, computer equipment and storage medium |
| CN116233551A (en) * | 2022-12-29 | 2023-06-06 | 深圳市玥芯通科技有限公司 | Set top box synchronous upgrading method, equipment and storage medium |
| CN116419217A (en) * | 2023-06-09 | 2023-07-11 | 广州万协通信息技术有限公司 | OTA data upgrading method, system, equipment and storage medium |
| CN116827898A (en) * | 2023-06-26 | 2023-09-29 | 赛力斯汽车有限公司 | OTA upgrade message pushing method and device, computer equipment and storage medium |
| CN116894269A (en) * | 2023-07-24 | 2023-10-17 | 山石网科通信技术股份有限公司 | File system encryption method and device, storage medium and electronic equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117272327A (en) | 2023-12-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100380274C (en) | Method and system for backup and restore of a context encryption key | |
| US20140235207A1 (en) | Method for cryptographically verifiable identification of a physical unit in a public, wireless telecommunications network | |
| CN105577379A (en) | Information processing method and apparatus thereof | |
| CN111104691A (en) | Sensitive information processing method and device, storage medium and equipment | |
| CN105450620A (en) | Information processing method and device | |
| CN111107073A (en) | Application automatic login method and device, computer equipment and storage medium | |
| CN107749854B (en) | Single sign-on method and system based on client | |
| US20170200020A1 (en) | Data management system, program recording medium, communication terminal, and data management server | |
| CN108881256B (en) | Secret key exchange method and device, hydroelectric pile and network equipment | |
| CN117272327B (en) | Set top box encryption upgrading method and set top box | |
| CN112528268B (en) | Cross-channel applet login management method and device and related equipment | |
| CN112564901A (en) | Key generation method and system, storage medium and electronic device | |
| CN111917711A (en) | Data access method and device, computer equipment and storage medium | |
| CN116226940B (en) | PCIE-based data security processing method and data security processing system | |
| CN110225511B (en) | Method, device and system for acquiring IMEI number of terminal and computer equipment | |
| CN115208666A (en) | Safety data security encryption method and system | |
| CN105100030B (en) | Access control method, system and device | |
| CN108173824B (en) | Data service platform and access method, device and storage medium thereof | |
| CN116827560B (en) | Dynamic password authentication method and system based on asynchronous password | |
| CN114598466B (en) | Production data processing method and device, computer equipment and storage medium | |
| CN114449514B (en) | Key generation method, device, equipment and medium | |
| CN111737747B (en) | Database confidentiality method, device, equipment and computer storage medium | |
| CN110972141B (en) | Information verification method and device, electronic equipment and readable storage medium | |
| CN116633542B (en) | Data encryption method and system | |
| CN116032472A (en) | Method and device for generating quantum security key and authentication parameter and root key center |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |