201023647 九、發明說明: 【發明所屬之技術領域】 本發明係關於網路電視服務的條件式接取機制,更詳而言之,是 -種應用於P2P系統架構之上的條件式接取機制,使用p2p串流技術 讓眾多的用戶能更有效率同時下載取得視頻,減輕網路電視服務業者 伺服器的負荷,並且能確實控管用戶的收視權限。 【先前技術】 網路電視是一種新興的網路應用服j^,可以分為直播視頻(UveTV) 的廣播服務與隨選視訊(Video on Demand, V0D)點播服務,視頻是利 用網路串流技術傳送至用戶,用戶的軟體組成包括一個串流引擎 (Streaming Engine)和一個媒體播放器(Media Player) ’串流引擎負 責接收視頻的片段(Chunk)並將其依序組合,組成足夠的連續視頻片段 即傳至媒體播放器的緩衝區進行播放。然而,如此的運作機制必須能 保護視頻内容免於被非法複製與散播,基本上要確保用戶使用的是數 位產權執行軟體(或硬體)’具有不可竄改(Tamper-Proof)的特性,數 位内容不外流,才能保障網路電視服務業者收益。 我們知道「條件式接取(Conditional Access, CA)」是付費電視 運作的重要關鍵,只有合法授權用戶才能收看電視節目,以保護系統 業者提供網路電視服務的收益,所以網路電視之運作也同樣需要有條 件式接取機制存在。基本上,網路電視服務業者播送出來的訊號必須 進行加擾(Scramble)與加密(Encrypt),只有合法授權的用戶才能解擾 (Descramble)與解密(Decrypt),付費視頻才不致被盜看,控管用戶的 201023647 收視權限,達到客製化服務與收費之目的,確保消費者及業者雙方的 權益。 條料接取並未魏-賴準,但練纽鱗議設計是ITU81〇 的二層金鑰架構,第-層金鑰是隨機產生的「控制字①〇ntr〇1 w〇rd)」, 做為訊號加擾及解擾之用,而且要驗制字可能被破解的風險降低, 每隔5-2G秒變更-次。每次變更是由頭端發出「授權控制訊息 (Entitlement Control Message)」,用戶必須有「授權金鑰 • (Authorization Κπ)」才能解出變更的控制字,但是授權金鑰也會定 期更換’通常是每月缴費期限過後做更換,如此即能控管用戶的繳費。 砂每肢娜金酬是时法肖戶的「主錢(似浙㈣咖 Key)」加密為「授權管理訊息(Entitlement此哪随t ι^)」, 以確保能女全傳輸給繳費的合法用戶。不過,網路電視服務業者播送 的視頻有兩類:-種是直播視頻、另一種是隨選視訊,如何設計出可 一致適用兩種服務模式的條件式接取機制是相當重要的議題。 藝以往有一些探討如何在網際網路進行直播視頻服務的設計,重點 是把加入的用戶依據訂閱頻道做分群,探討如何對不同群的用戶分配 金鑰。細,這些都是在傳統域式姆τ所提㈣設計,網路電視 服務業者的頻寬不狀會在料用戶同時下載視师訊時出現嚴重的 傳輸瓶頸。 要解決傳輸效能的問題,有越來越多的網路電視服務(像是 PPLive、PPStream、SOPCast、TVants、Tvkoo、Gridmedia)採用點對 點(Peer-to-Peer,P2P)傳輸為解決方案,也就是要傳輸的視頻分成許 多片段(Chunk) ’每次傳輸以一個片段為單位,已經下載擁有某些片段 7 201023647 的節點會分享提供給其他節點下載,每個節點在下載視頻的某些部分 時,也在傳出自己已有的部分給其它節點,因此同時間在交換同一個 視頻的使用者愈多則完成下載的時間就愈快。 我們所探討的網路電視服務之條件式接取機制,就是在p2p架構 下设計出可行的安全傳輸機制,提出用戶申請服務、授權金鑰取得、 視頻加擾與授權控制訊息產生、視頻散佈、視頻播放等階段的可行設 計,符合整個系統架構運作的安全機制。 Φ 【發明内容】 本發明之目的即在提出一種用於P2P系統架構之網路電視服務的 . 條件式接取機制,該條件式接取機制是安全的、合理的、以及有效率 的0 本發明之目的即在提出一種用於P2P系統架構之網路電視服務的 條件式接取機制’整個機制可實施在既有嶋網路環境,減輕網路電 視服務業者的伺服器負荷。 本發明之目的即在提出一種用於P2P系統架構之網路電視服務的 條件式接取鋪’鋪料接取鋪棚彳_請贿、鋪金錄取得、 視頻加擾、授權控制訊息產生、視頻散佈、視頻播放等各運作架構中 均具備安全細,該安全機编細路電概務業者戦其所傳送 已加擾及加密的視頻訊號曝露於被破解的風險中;該安全機制保護授 權用戶’避免其合法取得的金輪被盜用;該安全機制保證網路電視服 務業者提供視頻服務的收纟,確實控管用彳的收視權⑯,碟保消費者 及業者雙方的權益。 201023647 可達成上述發明目的之—種用於P2p系統架構之網路電視服務的 條件式接取鋪,其架構包含至少-網路電概務業者、複數個用戶 節點至V超級節點,並將系統運作流程劃分為用戶申請服務階段、 授權金鑰取得階段、視頻加擾與授權控舰息產生階段、視頻散佈階 段、視頻播放階段;透過ITU—810三層金鑰雜、公開金錄系、統架構、 低運算量的加擾與解擾等手段,而達成—種用於Ρ2Ρ系統架構之網路 電視服務的條件式接轉制。藉由本發縣可確保_電視服務的訊 Φ 號私密性'金鑰安全性及系統實用性,達成保護網路電視服務業者提 供視頻服務的收益,並確實控管用戶的收視權限’確保消費者及業者 雙方的權益。 【實施方式】 本發明一種用於P2P系統架構之網路電視服務的條件式接取機 制,參與角色與系統運作流程請參考第一圖,實施架構至少包括: 一網路電視服務業者,提供直播視頻與隨選視訊服務,無論是直 φ 播視頻或隨選視訊,在播送之前都會先將視頻分成多個片段,以不同 的控制字加擾,只有合法用戶才能解擾。 複數個用戶節點,具有支援網路電視服務的數位產權執行軟體 (DRM-enableApplication),基本假設是不可竄改(Tamper-Pr00f)的、 解出的視頻内容不外流。 至少一超級節點,被網路電視服務業者伺服器指定分擔P2P傳輸 之協調工作,負責記錄視頻的分享狀況,各個節點可以透過超級節點 找到擁有所需部分的其他節點,彼此交換傳輸。 9 201023647 本發明之一種用於P2P系統架構之網路電視服務的條件式接取機 制’系統運作流程可分為:⑴用戶申請服務階段、⑺授權金鑰取得階 段、(3)視頻加擾與授權控制訊息產生階段、⑷視頻散佈階段、⑸視頻 ‘ 播放階段。以下為本發明所用到的符號: P ••一個大質數 发:模指數運算的原根 Μ :用戶節點/’而#7/^則特別是指網路電視服務業者的伺服器也會 φ 在P2P傳輸過程中扮演著節點的角色 :用戶節點/的帳號 尤:用戶節點ί的數位產權執行軟體被指定之私鑰,而則特別 是指網路電視服務業者的私鑰201023647 IX. Description of the invention: [Technical field of invention] The present invention relates to a conditional access mechanism for a network television service, and more specifically, a conditional access mechanism applied to a P2P system architecture. The use of p2p streaming technology allows many users to download and obtain video more efficiently, reduce the load on the server of the network TV service provider, and can effectively control the viewing rights of users. [Prior Art] Internet TV is an emerging network application service. It can be divided into live video (UveTV) broadcast service and video on demand (VOD) on-demand service. Video is using network streaming. The technology is delivered to the user. The user's software consists of a Streaming Engine and a Media Player. The Streaming Engine is responsible for receiving the video's clips and combining them in sequence to form enough continuity. The video clip is passed to the buffer of the media player for playback. However, such an operation mechanism must protect video content from illegal copying and distribution. Basically, it is necessary to ensure that users use digital property enforcement software (or hardware) with Tamper-Proof features, digital content. It is only necessary to prevent the benefits of Internet TV service providers. We know that Conditional Access (CA) is an important key to pay TV operation. Only legitimate authorized users can watch TV programs to protect system operators from the benefits of Internet TV services. Therefore, the operation of Internet TV is also There is also a need for a conditional access mechanism. Basically, the signals broadcast by IPTV service providers must be scrambled and encrypted (Encrypt). Only legitimate authorized users can Descramble and Decrypt, and paid videos are not stolen. Control users' 201023647 viewing rights, to achieve the purpose of customized services and charges, to ensure the rights of both consumers and businesses. The strip access is not Wei-Lai, but the design of the Newton is the ITU81〇 two-layer key structure, and the first-level key is a randomly generated “control word 1〇ntr〇1 w〇rd”, As a signal scrambling and descrambling, and the risk of cracking the test word may be reduced, it changes every 5-2G seconds. Each change is issued by the headend "Entitlement Control Message", the user must have "Authorization • (Authorization Κ π)" to solve the changed control word, but the authorization key will be replaced regularly 'usually It is the replacement after the monthly payment deadline, so that the user's payment can be controlled. In the case of sand, each body’s gold reward is the “master money (like Zhejiang (4) coffee key)” of the law, and it is encrypted as “authorized management message (Entitlement with t ι^)” to ensure that all women can be transferred to the legal payment. user. However, there are two types of videos broadcast by Internet TV service providers: one is live video and the other is on-demand video. How to design a conditional access mechanism that can consistently apply the two service modes is a very important issue. In the past, there were some discussions on how to design live video services over the Internet. The focus was on grouping users based on subscription channels and discussing how to assign keys to users of different groups. Fine, these are all designed in the traditional domain type τ (4), the bandwidth of the Internet TV service providers will cause serious transmission bottlenecks when the users download the visual information at the same time. To solve the problem of transmission performance, more and more Internet TV services (such as PPLive, PPStream, SOPCast, TVants, Tvkoo, Gridmedia) use Peer-to-Peer (P2P) transmission as a solution, that is, The video to be transferred is divided into a number of clips (Chunk) 'Each transfer is in units of one clip. Nodes that have downloaded some clips 7 201023647 are shared and provided to other nodes for download. Each node downloads some parts of the video. It also sends out its own parts to other nodes, so the more users who exchange the same video at the same time, the faster the download will be completed. The conditional access mechanism of the Internet TV service we explored is to design a feasible secure transmission mechanism under the p2p architecture, and propose user application service, authorization key acquisition, video scrambling and authorization control message generation, and video distribution. The feasible design of the stage of video playback, in line with the security mechanism of the entire system architecture operation. Φ [Summary of the Invention] The object of the present invention is to provide a conditional access mechanism for a network television service of a P2P system architecture. The conditional access mechanism is safe, reasonable, and efficient. The purpose of the invention is to propose a conditional access mechanism for a network television service for a P2P system architecture. The entire mechanism can be implemented in an existing network environment to alleviate the server load of the network television service provider. The object of the present invention is to propose a conditional access shop for a network television service for a P2P system architecture, and to request a bribe, a request for a bribe, a video capture, a video scrambling, and an authorization control message generation. Video transmission, video playback and other operational architectures are all secure. The security machine is exposed to the risk of being cracked and encrypted. The security mechanism protects the authorization. The user 'avoids the legally acquired Golden Wheel from being stolen; the security mechanism ensures that the Internet TV service provider provides the video service, and it does control the use of the viewing rights, and protects the rights of both consumers and operators. 201023647 A conditional access shop for a network television service for a P2p system architecture, the architecture of which includes at least a network electrical service provider, a plurality of user nodes to a V super node, and a system The operation process is divided into user application service phase, authorization key acquisition phase, video scrambling and authorization control ship generation phase, video distribution phase, and video playback phase; through ITU-810 three-layer key miscellaneous, public gold system, system The architecture, low-computation scrambling and descrambling, etc., achieve a conditional switching system for Internet TV services for the Ρ2Ρ system architecture. With this county, we can ensure the privacy of the _TV service, the security of the key and the practicality of the system, to achieve the benefits of protecting the video service provided by the Internet TV service providers, and to control the viewing rights of users. The rights of both parties. [Embodiment] The present invention provides a conditional access mechanism for a network television service of a P2P system architecture. For the role and system operation process, please refer to the first figure. The implementation framework includes at least: a network television service provider providing live broadcast Video and on-demand video services, whether it is direct video or on-demand video, will be divided into multiple segments before the broadcast, scrambled with different control words, only legitimate users can descramble. A plurality of user nodes have a digital rights execution software (DRM-enableApplication) supporting network television services. The basic assumption is that the video content that cannot be falsified (Tamper-Pr00f) is not outflowed. At least one super node is assigned by the network TV service provider to share the coordination of P2P transmission, and is responsible for recording the sharing status of the video. Each node can find other nodes having the required part through the super node and exchange transmissions with each other. 9 201023647 The conditional access mechanism of the network television service for the P2P system architecture of the present invention can be divided into: (1) user application service phase, (7) authorization key acquisition phase, (3) video scrambling and Authorization control message generation phase, (4) video distribution phase, (5) video 'playback phase. The following are the symbols used in the present invention: P •• A large prime number: the original root of the modulus index operation: User node/'and #7/^ especially refers to the network TV service provider's server will also be The P2P transmission plays the role of a node: the user node/account account: the user node ί's digital property enforcement software is assigned a private key, and especially the private key of the Internet TV service provider.
Yi :用戶節點ζ·的數位產權執行軟體之公鑰,茗A mod/7,而 則特別是指網路電視服務業者的公鑰 I :每個月直播視頻服務或每個隨選視訊節目都有不同的授權金鑰 z :對直播視頻服務來說’每個月授權金鑰變動是基植於網路電視 ® 服務業者設定的一個2值;而對隨選視訊服務來說,每個視頻 的授權金鑰不同,也是基植於網路電視服務業者對於每個視頻 設定的z值之不同 五MM;:給用戶節點丨的授權管理訊息,用戶節點『·能依此訊息計算出 授權金鎗 CWc :無論是直播視頻或是隨選視訊,在播送前都會先將視頻分成 多個片段,第c個片段會以控制字cwc加擾,而用戶節點也 必須以相同的控制字解擾 201023647 SCc ••第c個片段會以控制字CR加擾後,以此符號双:c代表第c 個加擾片段 ECMc :第C個視頻片段的授權控制訊息 SN :節目代碼 兹將上述系統運作的五個階段詳述如下: (一) 用戶申請服務階段 申請使用網路電視服務前,需先下載支援該服務的數位產權執行 軟體’然後向網路電視服務業者申請帳號,由網路電視服務業者為該 用戶節點產生一組公鑰與私鑰,以SSL安全傳輸至該用戶節點的數位 產權執行軟體並安全保存。參與角色與系統運作流程請參考第二圖, 詳細步驟如下: [步驟1]用戶節點事先下載支援網路電視服務的數位產權執行軟體。 [步驟2]用戶節點向網路電視服務業者提出以帳號申請使用服務。 [步驟3]網路電視服務業者接受用戶節點的申請,即記錄其帳號仍〆 並為該用戶節點指定其私餘,計算出對應的公錄' ; YR = gXR mod p 網路電視服務業者將此公鑰與私鑰記錄起來,然後以SSL安 全傳輸至該用戶節點的數位產權執行軟體並安全保存。 (二) 授權金鑰取得階段 用戶節點需要取得授權金錄的情況有兩種:若是收看直播視頻, 這類服務通常是每個月更換一次授權金鑰’所以用戶節點在每個月第一 11 201023647 次收看時’賴絲行程序轉當㈣直舰舰務之授權金餘; 若是點播某輯選視訊,賴每個視頻賴權金轉關所以用戶節 點每次點播都必須執行這個程序取得該視頻的授權金输。當然,用戶節 點要取得卿麵必須先付費朗意費料人當服單。不論是前述哪 種情況’在我們的設計中都以狀符號代表授權金鑰,以簡化整個程序 的描述並有其-致性。而整個程序計,就是讓好節點能以其收到 的授權S理Λ息之參數計算得出授權金錄。參與角色與系統運作流程請 參考第二圖,詳細步驟如下: [步驟1]用戶節點以其帳號/2¾完成登入,要求網路電視服務業者提供 當月直播視頻服務的授權管理訊息(或告知點播之節目代碼 _以要求網路電視服務業者提供隨選視訊服務的授權管理 訊息)。 [步驟2]對直魏舰絲說,每则_權麵變蚊基植於網路 電視服務業者設定的-個Z值:而對隨選視訊服務來說,每個 視頻的授權金鑰不同,也是基植於網路電視服務業者對於每 個視頻設定的Z值之不同。所以,網路電視服務業者依據用戶 節點要申請授權的是直播視頻服務或隨選視訊服務,以其設 疋的z值’配合其公錄y;p7y與用戶公輪κ計算出下列的〜值; aR = (^z)/(F/i>7yz)mod p 並計算; >^ = ^zmod p 將心與夕封裝成授權管理訊息,傳送給用戶節點; 12 201023647 [步驟3]用戶節點的數位產權執行軟體收到授權管理訊息似^,就 能以其私鑰尤ί計算得出授權金鑰乂^ ; AK = aR /(^XR)mod p =、gXR”Y1PTV2Vig:XR、m〇dp ~ ^jpjy ixiod p (三)視頻加擾與授權控制訊息產生階段 無論是直播視頻或是隨選視訊,在播送之前會先將視頻分成多個 片段’每個片段以不同的控制字加擾,每個片段的控制字要一併安全 傳送到用戶,這些加擾片段與授權控制訊息是以p2p方式在用戶節點 彼此交換傳輸,相關參與角色與系統運作請參考第四圖。 將視頻分成多個片段後以不同的控制字加擾,所以整個視頻 變成多個加擾片段SCc。為了要讓合法用戶節點可以解擾各個片段每 個片段的控制字C7Fc要能一併安全傳送到用戶節點,而這個用來保護 控制字C%的訊息就是所謂的授權控制訊息丑; ECMc = CWc · YIPTVZ mod ρ , 〇~ 1~η 另外,在下一階段的視頻散佈過程中,必須能確認以Ρ2ρ傳輪交 換的資訊不被竄改’所以在此也先計算出每個加擾片段5>Cc與其授權控 制訊息五(:从(;的雜湊值κ ; yc = h(SCc IIECMc), c=l~n 如此,即可進行下一階段的視頻散佈,將每個加擾片段連同 其授權控制訊息£671/(:及雜湊值/c在網路上透過各個用戶節點進行 P2P傳輸。 13 201023647 (四)視頻散佈階段 用戶節點登入網路電視服務業者伺服器’選擇要收看的直播視頻 頻道或點播的隨選視訊節目後,制戶節點會被導到合適的超級節 點’在超級節點的協助下,取得可下載該視頻的加擾片段及授權控制 訊心的各個節點’以P2P方式交換傳輸。參與角色與系統運作流程請 參考第五圖,詳細步驟如下: [步驟1]用戶節點以其帳號取完成登入,選擇要收看的直播視頻或點 播的隨選視訊(代碼5^)。 [步驟2]鱗魏服贿棚㈣要指派合適的舰冑祕調後續的 P2P傳輸於是將刻戶節點%及其要收看的節目代碼 抓連同雜凑值rc(c = 1〜„)傳送給超級節點; [步驟3]超級節點在線上_應網路電視服務業者舰器接手協調 被心派管理的節點。超級節職代碼麟該節目是否尚未 有管理。己錄’若是則建立第一筆記錄就是僅有節點#·(即網 2視服務f者魏器)可參與傳輸交換^後,將這個記錄 清早連同雜湊值心=1〜„)傳給用戶節點乂。 ,]肖戶冑歸^清單巾麵顧’肖其崎齡藏出建立伙 伴關係。 [步驟5]其他節點接受用戶節點乂建立伙伴關係,就會將其緩衝映象 表傳送給用戶節點。 ']用戶軌#«歡伴_的緩衝喊表可崎知其擁有的加援 201023647Yi: the public key of the digital property enforcement software of the user node, 茗A mod/7, and especially the public key of the Internet TV service provider I: monthly video service or each video on demand There are different license keys z: For live video services, 'every month of license key change is based on a 2-value set by the Internet TV® service provider; for on-demand video services, each video The authorization key is different, and it is also based on the difference of the z value set by the network TV service provider for each video; the authorization management message for the user node, the user node can calculate the authorization fund according to the message Gun CWc: Whether it is live video or video on demand, the video will be divided into multiple segments before the broadcast, the c segment will be scrambled with the control word cwc, and the user node must also descramble the 201023647 SCc with the same control word. • The cth segment will be scrambled with the control word CR, with this symbol double: c for the cth scrambled segment ECMc: the authorization control message for the Cth video segment SN: the program code will operate the above five systems Detailed stages such as : (1) Before applying for the service phase, the user must first download the digital property rights execution software that supports the service, and then apply for an account to the Internet TV service provider. The Internet TV service provider generates a user account for the user node. The group public key and the private key are securely transmitted to the user node's digital property execution software by SSL and stored securely. Please refer to the second figure for participating in the role and system operation process. The detailed steps are as follows: [Step 1] The user node downloads the digital property rights execution software supporting the network TV service in advance. [Step 2] The user node proposes to the Internet TV service provider to apply for the service by using the account. [Step 3] The IPTV service provider accepts the application of the user node, that is, records that its account is still 〆 and assigns its private space to the user node, and calculates the corresponding public record'; YR = gXR mod p Internet TV service provider will This public key is recorded with the private key and then securely transmitted to the user node's digital property execution software via SSL and stored securely. (2) Authorization key acquisition stage There are two situations in which the user node needs to obtain the authorization record: if watching live video, such service usually replaces the authorization key every month' so the user node is the first 11 in each month. 201023647 times when watching 'Lai Sixing program transfer (4) direct ship shipping authorization; if it is on-demand a series of video, relying on each video rights transfer, so the user node must perform this procedure every time you order this The video's authorization fee is lost. Of course, in order for a user's node to obtain a clear face, it must first pay a fee to pay attention to the person to be served. Regardless of the situation described above, the authorization key is represented by a symbol in our design to simplify the description of the entire program and its consistency. The whole program is to let the good node calculate the authorization record with the parameters of the authorization information it receives. For the role and system operation process, please refer to the second figure. The detailed steps are as follows: [Step 1] The user node completes the login with its account number/23⁄4, and asks the Internet TV service provider to provide the authorization management message of the live video service of the current month (or inform the on-demand broadcast). Program code_ to request Internet TV service providers to provide authorization management messages for on-demand video services). [Step 2] For Zhiwei Ships, each _ 面 变 植 植 植 植 植 植 植 植 植 网路 网路 网路 网路 网路 网路 网路 网路 网路 网路 网路 网路 网路 网路 网路 网路 网路 网路 网路 网路 网路 网路 网路 网路 网路 网路 网路 网路 网路 网路 网路It is also based on the difference in Z values set by the Internet TV service provider for each video. Therefore, the Internet TV service provider according to the user node to apply for authorization is a live video service or an on-demand video service, with its set z value 'with its public record y; p7y and user public round κ calculate the following ~ value aR = (^z)/(F/i>7yz)mod p and calculate; >^ = ^zmod p encapsulates the heart and the evening into an authorization management message, which is transmitted to the user node; 12 201023647 [Step 3] User node The digital property rights execution software receives the authorization management message, and can calculate the authorization key 以^ with its private key; AK = aR /(^XR)mod p =, gXR"Y1PTV2Vig:XR,m〇 Dp ~ ^jpjy ixiod p (3) Video scrambling and authorization control message generation stage Whether it is live video or video on demand, the video will be divided into multiple segments before the broadcast. Each segment is scrambled with different control words. The control words of each segment are transmitted to the user securely. These scrambled segments and authorization control messages are exchanged and transmitted at the user nodes in p2p mode. For related participating roles and system operations, please refer to the fourth figure. After the fragments are scrambled with different control words, The entire video becomes a plurality of scrambled segments SCc. In order for the legitimate user node to descramble the control words C7Fc of each segment of each segment, it can be safely transmitted to the user node, and this message for protecting the control word C% It is the so-called authorization control message ugly; ECMc = CWc · YIPTVZ mod ρ , 〇~ 1~η In addition, in the next stage of video distribution, it must be confirmed that the information exchanged by Ρ2ρ is not tampered with. First calculate each scrambling segment 5 > Cc and its authorization control message five (: from (; the hash value κ ; yc = h (SCc IIECMc), c = l ~ n so that the next stage of video distribution Each scrambled segment is P2P transmitted through the user nodes along with its authorization control message £671/(: and hash value/c on the network. 13 201023647 (4) Video distribution stage User node login Internet TV service provider servo After selecting the live video channel to watch or the on-demand video program on demand, the customer node will be directed to the appropriate super node. With the help of the super node, the scrambled segment that can download the video is obtained. And each node that authorizes the control of the message is exchanged in P2P mode. For the participation role and system operation process, please refer to the fifth figure. The detailed steps are as follows: [Step 1] The user node completes the login with his account and selects the live video to watch. Or on-demand video on demand (code 5^). [Step 2] Scale Wei Wei Ban (4) To assign the appropriate ship's secret to the subsequent P2P transmission, then the engraved node % and the program code to be watched The value rc (c = 1 ~ „) is transmitted to the super node; [Step 3] The super node is online _ should be the network TV service provider to take over the coordinated management of the node. Super Qiao code Lin whether the program is not yet managed. If you have recorded the first record, only the node #· (that is, the network 2 depends on the service provider Wei) can participate in the transmission exchange ^, and then pass this record to the user early in the morning with the hash value = 1~„) Node 乂. ,] Xiaohu 胄 ^ 清单 清单 清单 清单 清单 清单 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖 肖Node. '] User track #«欢伴_'s buffer shouting table can be known to its own support 201023647
片段,即 其中第C ’即可向各個節點提出 下載不同加擾片段之請求。假設, 其中第c個片段是向用戶節點%提出請求。The fragment, that is, the Cth', can request each node to download a different scrambled segment. Assume that the c-th segment is a request to the user node %.
將其擁有的第C個加擾片段連同 孪送給用戶節點乂。 [步驟8]用戶節點#J 算其雜凑值, 段的正確性; 將取得的加擾片段5Ce與授權控制訊息£CMc計 與先别從超級節點得到的^比對即可驗證該片 7c=KSCc\\ECMc) 用戶節點ΛΓλ也會持續向超㈣點喃麟求取得最新的記 錄清單’以機動調整與更多節點建立伙伴關係(步驟4、5), 求取最佳的P2P傳輸交換效能(步驟6、7)。 (五)視頻播放階段 無論是直播視頻或是隨選視訊’視頻的每個片段都是以控制字 <^%進行加擾,並以授權控制訊息^CMc來保護控制字(?%。而合法 用戶節點的數位產權執行軟體要解擾各個片段,必須先拿到授權管理 3凡息並計算出授權金輪這部分在前面的授權金瑜取得階段 有詳細說明)’於是便能從視頻散佈階段取得的授權控制訊息計 算出各個片段加擾的控制字CWc ; 五CMc ·从 mod /?,(c = 1 〜w) =CWc · ΥΙΡτνζ · Υ]Ρτν'ζ mod p = CWc 用戶節點的數位產權執行軟體取得控制字,即可對加擾片段及^ 進行解擾,在合法數位產權執行軟體具有不可竄改的基本假設下,解 15 201023647 出的視頻不外流。 本發明係關於一種用於P2P系統架構之網路電視服務的條件式接 取機制,在此對於整個機制的安全性與實用性做討論分析。 整個系統設計重點,可以從三個層面做分析,第一是視頻加擾及 解擾是有效又安全的,第二是整個過程中所使用的金鑰都不可能被破 解,第三是在網路電視環境下達成合理又有效率的條件式接取架構。 所以,接下來就對於視頻私密性與正確性、金鑰安全性及系統實用性 參 進行分析。 一、視頻私密性與正確性 我們是依循ITU-810三層金鎗架構概念設計,第一層金輪是隨機 產生的控制字,做視頻加擾及解擾之用,而且不同的視頻片段是 以不同的控制字做加擾,也就是整個視頻的解擾過程需要使用不同的 控制字解擾不同的片段,這部分的設計目標是必須產生出能夠安全保 護控制字OTc的授權控制訊息五CMc,但合法用戶節點能以簡單的運 Ο 算從對應每個片段的授權控制訊息解得控制字,兼顧效能考量的安全 設計確保控制字被破解的風險降到最低,也就是降低加擾視頻被破解 的風險。而依ITU-810的建議’第二層的授權金輸狀必須能保護控制 字並控㈣戶收視’我_設計是結合了用戶節_公制將授權金錄 加密成授權管理訊息五(假設用户付費才會進入授權金鑰取得階 段),如此確保僅限於缴費的用戶節點才能取得當月直播涵服務或某 -個隨選視訊節目的授權金鑰。第三層的用戶節點私糾,是每個合法 用戶節點可推算出授權金鑰的關鍵,用戶節點在申請網路電視服務時 即以SSL安全傳輸指定的私綸至其數位產權執行軟體,而合法數位產 16 201023647 權執灯軟體騎不會將轉外絲彳轉,直減頻織選視訊不 致被盜看,保證網路電視服務業者提供視頻服務的收益。 用戶節點取得的視頻加擾片段是以P2P方式交換傳輸,各個片段 可能來自於任何節點’為了雜傳輸交換㈣訊不被纽,在視頻散 佈階段負責協_超級節點會將加擾片段K與其難控制訊息 议:从,的雜秦值rc(c = 1〜n)傳給節點,節點即可將取得的加優片段 SCc與授權控制訊息五CMc計算其雜湊值,與從超級節點得到的^比對 來驗證片段的性。 二、金鑰安全性 要能確保前述的視頻私密性,當然關鍵就在於三層金錄的安全 性,接下來我們就做進一步分析。 1·用戶節點私餘尤之安全性 用戶節點鱗{的安全轉,紐於合法触產職行軟體 具有不可纽的雜,當用戶節點_賴路電視服務時,被指 疋的私鎗疋以SSL安全傳輸至用戶節點的數位產權執行軟體 並安全縣起來’任何人是無絲得盜用。 2.授權金餘Αί:之安全性 授權金鑰狀的安全,是在前述用戶節點私瑜安全的基礎上, 做到確保僅限於有繳費的用戶節點才能取得當月的直播視頻 服務之授·賊__舰狀鄕錢。錢們的設計 中,每则直減舰務的_錄賴是紐綱路電視服 17 201023647 務業者設定的Z值,而每個隨選視訊服務則是設定不同的z 值,當用戶節點申請授權時,就會以對應的2值配合網路電視 服務業者公鑰與用戶節點公鑰Y計算出授權管理訊息之 α,值與p值; a, = (WOWDmod ρ P = gz mod p 用戶節點的數位產權執行軟體接收到的授權管理訊息,其中的 α,值只有該用戶節點合法數位產權執行軟體的私鑰疋才能計 算得出授權金鑰Αί:; AK = at Ι{βχ,)ναοά ρ ~is ' IYiptv ) mod/? =YIPTV'2 mod p 用戶節點的數位產權執行軟體並不會將自己的私鑰外流,不知 私鑰的情況下要解出授權金鑰,依設計的方程式運算等同於解 離散對數的困難度。 3_控制字(:%之安全性 控制字C『c的安全,是在前述授權金餘安全的基礎上。既然 沒有繳費的用戶節點就無法取得當月授權金鑰狀,只知 個視頻片段的授權控制訊息是無法推導出 CWc=ECMc.AKmodp。 工 三、系統實用性 網路電視服務業者要能解決傳輸效能的問題,若僅架設傳統主從 式的服務平台,在衫用戶同時下載視織崎將有嚴重的傳輸瓶頸 201023647 問題’而我們設計出適合P2P傳輸模式的解決方案,在視頻散佈階段, 用戶節點選擇魏相直播視頻頻道或關的賴視謂目後,該用 戶節點會被導到合適的超級節點,在超級節點的協助下,用戶節點可 與其他節點建立伙伴關係,已經下載擁有某些片段的節點會分享提供 給其他節點下載,每個節點在下載視頻的某些部分時,也在傳出自己 已有的部分給其它節點’因此同咖在錢同—個視頻的使用者愈多 則完成下載的時間就愈快。 • 當然,如此的運作機制必須能保護視頻内容免於被非法複製與散 播’才能保障網路電視服務業者收益。我們的設計概念是依循最被重 視的ITU-810三層金鑰架構,第一層金餘(控制字^」做為訊號加擾及 ㈣之用’當合法用戶節闕數位絲執行軟體要纖各個片段時, 要先從授權控制訊息£CMc計算出控制字,這部分的運算僅一次的模乘 法運算’如此可以很有效率進行訊號的解援。用戶節點要解出第二層 授權金鑰必伽自己的私鑰{騎數運算,不過献有在每個月 參 第―次要取得當月的直播視頻服務或是點播某個隨選視訊賴始,才 需要做此運算,這對目前的電腦來說並不是太大的負擔。至於第三層 的用戶節點私生’是進行模指數運算,而這只有在每個用戶節點 最初申魏務時需純行—次,對於網路電視服務業者的舰器來說 也不算是太大的負擔。 我們的設計不只是著重在金鎗分配管理,從用戶申請服務、每個 月的金餘更新、到視頻散佈與播放的效率考量,設計崎合整個系統 架構運作的安全機制,適用於P2P系統架構之網路電視服務的條件式 接取機制》 201023647 雖然本案是以一個最佳實施例做說明,但精於此技藝者能在不脫離本 案精神與範疇下做各種不同形式的改變。以上所舉實施例僅用以說明本案 而已,非用以限制本案之範圍。舉凡不違本案精神所從事的種種修改或變 化’俱屬本案申請專利範圍。 【圖式簡單說明】 第一圖為本發明條件式接取機制之示意圖。 鲁 第二圖為本發明條件件式接取機制運作中的用戶申請服務階段之示意圖。 第三圖為本發明條件式接取機制運作中的授權金鑰取得階段之示意圖。 第四®為本個條件式接取侧運作中的視頻加擾與_㈣訊息產生階 段之示意圖。 第五圖為本發明條件式接取機制運作中的視頻散佈階段之示意圖。 【主要元件符號說明】 無 20Send the Cth scrambling segment it owns to the user node. [Step 8] User node #J calculates its hash value, the correctness of the segment; and compares the obtained scrambled segment 5Ce with the authorization control message £CMc and the ^ obtained from the super node to verify the slice 7c =KSCc\\ECMc) The user node ΛΓλ will also continue to obtain the latest list of records from the super (four) point to make a partnership with more nodes (steps 4 and 5) to obtain the best P2P transmission exchange. Performance (steps 6, 7). (5) During the video playback phase, whether it is a live video or an on-demand video, each segment of the video is scrambled with the control word <^%, and the control word ^CMc is used to protect the control word (?%. The digital property rights execution software of the legitimate user node must descramble the pieces, and must first obtain the authorization management and calculate the authorization gold wheel. This part is explained in detail in the previous authorization Jinyu acquisition stage.] Then the video distribution stage can be obtained. The obtained authorization control message calculates the control word CWc for each segment scrambling; five CMC · from mod /?, (c = 1 ~ w) = CWc · ΥΙΡτνζ · Υ] Ρτν'ζ mod p = CWc User node digital property rights The execution software obtains the control word, and then the scrambling segment and ^ can be descrambled. Under the basic assumption that the legal digital property execution software has no tampering, the video of 201023647 is not outflowed. The present invention relates to a conditional access mechanism for a network television service of a P2P system architecture, where the security and practicability of the entire mechanism are discussed and analyzed. The whole system design focus can be analyzed from three levels. The first is that video scrambling and descrambling are effective and safe. The second is that the key used in the whole process cannot be cracked. The third is in the network. A reasonable and efficient conditional access architecture is achieved in the road TV environment. So, the next step is to analyze the video privacy and correctness, key security and system usability. 1. Video privacy and correctness We follow the ITU-810 three-layer golden gun architecture concept design. The first layer of gold wheels is a randomly generated control word for video scrambling and descrambling, and different video segments are Different control words are scrambled, that is, the descrambling process of the entire video needs to use different control words to descramble different segments. The design goal of this part is to generate an authorization control message CMc that can securely protect the control word OTc, but The legitimate user node can solve the control word from the authorization control message corresponding to each segment with a simple operation, and the security design considering the performance consideration ensures that the risk of the control word being cracked is minimized, that is, the scrambled video is cracked. risk. According to ITU-810's recommendation, 'the second layer of authorization gold output must be able to protect the control word and control (four) household ratings 'I _ design is combined with the user's section _ metric to encrypt the authorization record into the authorization management message five (assuming the user The payment will enter the authorization key acquisition phase), so that the user node limited to the payment can obtain the authorization key of the live broadcast service or a certain on-demand video program. The third layer of the user node privately corrects, which is the key for each legitimate user node to derive the authorization key. When the user node applies for the network television service, the user securely transmits the specified private link to its digital property execution software. Legal digital production 16 201023647 The license light software ride will not turn around, and the video will not be stolen, ensuring the benefits of video service provided by Internet TV service providers. The video scrambling segment obtained by the user node is exchanged in P2P mode, and each segment may come from any node. For the heterogeneous transmission exchange (four), the communication is not responsible for the message, and the super node will be responsible for the scrambling segment K. Control message: From the hash value rc (c = 1~n) to the node, the node can calculate the hash value of the obtained winning segment SCc and the authorization control message five CMC, and the ^ obtained from the super node Compare to verify the sex of the fragment. Second, the key security To ensure the privacy of the aforementioned video, of course, the key lies in the security of the three-tiered gold record, then we will do further analysis. 1. User node private, especially security user node scales {safe transfer, new to legal touch production line software has non-news, when the user node _ Lai TV service, the alleged private gun SSL is securely transmitted to the user node's digital property enforcement software and safely counted up. 'Anyone is not misappropriated. 2. Authorization Jin Yuyu ί: The security authorization key security is based on the security of the aforementioned user nodes, so as to ensure that only the user nodes with payment can obtain the live video service of the month. __ Ship-like money. In the design of the money, the _ record of each direct reduction of the ship is the Z value set by the operator of the New Zealand Road TV service 17 201023647, and each on-demand video service sets a different z value when the user node applies When authorized, the alpha, value and p value of the authorization management message are calculated with the corresponding value of 2 and the network TV service provider public key and the user node public key Y; a, = (WOWDmod ρ P = gz mod p user node The authorization management message received by the digital property enforcement software, wherein the value of α is only the private key of the legal digits of the user node, and the authorization key can be calculated Αί:; AK = at Ι{βχ,)ναοά ρ ~is ' IYiptv ) mod/? =YIPTV'2 mod p The user property's digital property execution software does not outflow its own private key. If the private key is not known, the authorization key should be solved, which is equivalent to the designed equation. The difficulty of solving discrete logarithms. 3_ control word (% security of the security control word C 『c is based on the security of the aforementioned authorization. Since the user node without payment can not obtain the authorization key of the current month, only know the video clip The authorization control message cannot be derived from CWc=ECMc.AKmodp. Third, the system practical Internet TV service providers should be able to solve the transmission performance problem. If only the traditional master-slave service platform is set up, the shirt users can download the video weaving at the same time. Saki will have a serious transmission bottleneck 201023647 problem' and we have designed a solution suitable for P2P transmission mode. In the video distribution phase, after the user node selects the Weixiang live video channel or the closed video, the user node will be guided. To the appropriate super node, with the assistance of the super node, the user node can establish a partnership with other nodes. The nodes that have downloaded some fragments will be shared and provided to other nodes for download. Each node downloads some parts of the video. , and also send out the existing parts to other nodes. So the more users with the same video, the more users complete the download. The faster the time. • Of course, such a mechanism must protect video content from being illegally copied and distributed to ensure the benefits of Internet TV service providers. Our design concept is to follow the most important ITU-810 three-tier gold. Key structure, the first layer of gold (control word ^) as signal scrambling and (four) use 'When the legitimate user thrifty digits execute the software fiber segment, first calculate the control word from the authorization control message £CMc This part of the operation only once the modular multiplication operation 'so can be very efficient to solve the signal. The user node to solve the second layer of authorization key must be their own private key {ride count operation, but dedicated in each It takes only a month to participate in the live video service of the month or to order an on-demand video. This is not a big burden for the current computer. As for the third-tier users. Node illegitimate' is a modular exponential operation, and this only requires a pure line-time when each user node initially applies for Wei, which is not a big burden for the network TV service provider's ship. Our design is not only focused on the distribution management of gold guns, from user application services, monthly updates, to video distribution and playback efficiency considerations, designing the security mechanism of the entire system architecture operation, suitable for P2P system architecture Conditional access mechanism for Internet TV services 201023647 Although this case is illustrated by a preferred embodiment, it is true that those skilled in the art can make various forms of changes without departing from the spirit and scope of the case. The examples are only used to illustrate the case and are not intended to limit the scope of the case. All modifications or changes that are not in violation of the spirit of the case are the scope of patent application in this case. [Simplified illustration] The first picture is the condition of the present invention. Schematic diagram of the access mechanism. The second diagram is a schematic diagram of the user application service phase in the operation of the conditional access mechanism of the present invention. The third figure is the authorization key acquisition phase in the operation of the conditional access mechanism of the present invention. schematic diagram. The fourth® is a schematic diagram of the video scrambling and _(iv) message generation stages in the conditional access side operation. The fifth figure is a schematic diagram of the video distribution stage in the operation of the conditional access mechanism of the present invention. [Main component symbol description] None 20