WO2006024234A1 - Procede et appareil permettant de proteger un contenu video ou audio a large bande radiodiffuse - Google Patents

Procede et appareil permettant de proteger un contenu video ou audio a large bande radiodiffuse Download PDF

Info

Publication number
WO2006024234A1
WO2006024234A1 PCT/CN2005/001379 CN2005001379W WO2006024234A1 WO 2006024234 A1 WO2006024234 A1 WO 2006024234A1 CN 2005001379 W CN2005001379 W CN 2005001379W WO 2006024234 A1 WO2006024234 A1 WO 2006024234A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
packet
content
index
scrambled
Prior art date
Application number
PCT/CN2005/001379
Other languages
English (en)
Chinese (zh)
Inventor
Jun Li
Original Assignee
Huawei Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co., Ltd. filed Critical Huawei Technologies Co., Ltd.
Publication of WO2006024234A1 publication Critical patent/WO2006024234A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/238Interfacing the downstream path of the transmission network, e.g. adapting the transmission rate of a video stream to network bandwidth; Processing of multiplex streams
    • H04N21/2389Multiplex stream processing, e.g. multiplex stream encrypting
    • H04N21/23895Multiplex stream processing, e.g. multiplex stream encrypting involving multiplex stream encryption
    • H04N21/23897Multiplex stream processing, e.g. multiplex stream encrypting involving multiplex stream encryption by partially encrypting, e.g. encrypting only the ending portion of a movie
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/26613Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing keys in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/438Interfacing the downstream path of the transmission network originating from a server, e.g. retrieving encoded video stream packets from an IP network
    • H04N21/4385Multiplex stream processing, e.g. multiplex stream decrypting
    • H04N21/43853Multiplex stream processing, e.g. multiplex stream decrypting involving multiplex stream decryption
    • H04N21/43856Multiplex stream processing, e.g. multiplex stream decrypting involving multiplex stream decryption by partial decryption, e.g. decrypting a multiplex stream that has been partially encrypted
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/643Communication protocols
    • H04N21/64322IP
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network

Definitions

  • the present invention relates to broadband video and audio technologies in telecommunication networks, and more particularly to a method and apparatus for protecting broadband video and audio broadcast content. Background of the invention
  • the video and audio streams are encrypted or scrambled before being broadcast to the network, and then the video and audio streams are transmitted to the user over the network, and the user terminal obtains the key from the network and completes the decryption or descrambling of the video and audio streams.
  • the key is broadcast to all user terminals. In order to ensure that the key is not easily cracked, complex key management and encryption algorithms are required, and the key needs to be updated frequently in real time. Therefore, this method has the following disadvantages:
  • the encryption or scrambling algorithm is related to a specific video and audio coding format, and the adaptability is poor.
  • the broadband access technology represented by Digital Subscriber Loop can not only provide data services such as Internet access, but also provide video and audio services including broadband TV services, audio broadcasting services, and on-demand services.
  • the video and audio services are usually based on a set-top box or a computer. After the set-top box or computer accesses the network, the video and audio content from the video/audio broadcast source or the video-on-demand server can be obtained through the network; usually, the on-demand service is carried by the unicast stream, the television class and The audio broadcast service is carried by the multicast stream, and its network model is shown in Figure 1.
  • the present invention provides a method and apparatus for protecting broadband video and audio broadcast content to solve the problem of poor security of broadband video and audio broadcast content in the prior art.
  • the present invention provides the following technical solutions:
  • a method for protecting broadband audio and video broadcast content comprising the following steps:
  • step B Obtain a key locally from the transmitting side according to the index information calculated in step A, and use the key and the scrambled location information calculated in step A to specify a segment of the IP packet that does not include the content of the beginning portion. Content is scrambled;
  • the key is obtained locally from the receiving side according to the index information calculated in step D, and the scrambling segment of the IP packet is descrambled by using the key and the scrambled location information calculated in step D.
  • the local key seed library is set on the sending side or the receiving side respectively, and the index information calculated in step A and step D is key seed index information, and the key seed is obtained from the key seed database by using the key seed index information. And generating a key based on the key seed;
  • the local key pool is set on the sending side or the receiving side respectively, and the index information calculated in steps A and D is key index information, and the key is directly obtained from the key pool by using the key index information.
  • the content of the beginning portion refers to content that changes as the content of the IP message changes, and the length of the extracted content can be set.
  • Wide f video and audio broadcasting systems include:
  • a scrambler (202), receiving video and audio broadcast content output by the video and audio broadcast source, and performing scrambling and transmitting to the broadband network (203);
  • the user terminal (205) descrambles the scrambled video and audio broadcast content.
  • the scrambler (202) includes:
  • the message receiving unit (301) is configured to: after receiving the IP packet, extract the content of the beginning part of the IP packet payload and the payload scrambling segment, and send the content of the payload start part and the IP packet to the packet.
  • Text processing unit (302) is configured to: after receiving the IP packet, extract the content of the beginning part of the IP packet payload and the payload scrambling segment, and send the content of the payload start part and the IP packet to the packet.
  • the message processing unit (302) is configured to calculate the scrambled location information and the index information by using the content of the payload start portion, obtain the key by using the index information, and use the key and the scrambled location information to perform the IP packet.
  • the scrambling process is performed, and the scrambled IP packet is sent to the message sending unit (303);
  • the message sending unit (303) is configured to send the scrambled IP packet to the broadband access device through the broadband network.
  • the processing unit (302) includes:
  • a key seed library (401) for storing a key seed for generating a key
  • the key seed index generating module (402) After receiving the content of the payload start portion of the IP packet from the packet receiving unit (301), the key seed index generating module (402) uses the key seed index generation algorithm to generate a key by using the content of the payload start portion. a seed index, and sending the key seed index to the key generation module (403);
  • a key generation module (403), obtaining a key seed from the key seed pool (401) according to the index, and generating a key by using a key generation algorithm;
  • the scramble location generating module (404) after receiving the content of the payload start portion of the IP packet from the packet receiving unit (301), adopts a scrambling location generation algorithm and utilizes the payload start portion of the IP packet The content of the generated message scrambles the location information;
  • the scrambling module (405) after receiving the scrambled location information and the key, scrambles the IP packet from the message receiving unit (301) by using a scrambling algorithm according to the key and the scrambled location information. And sending the scrambled IP packet to the message sending unit (303);
  • the user terminal further includes:
  • a key seed library (601) for storing a key seed for generating a key
  • the key seed index generating module (602) is configured to extract the content of the beginning part of the message payload from the received IP packet and generate a key seed index, and send the index to the key generation module (603);
  • the key generation module (603) obtains a key seed from the key seed library (601) according to the index and generates a key;
  • the scrambling location generating module (604) is configured to extract the content of the payload starting portion from the IP packet, and generate scrambling location information by using the content of the payload starting portion;
  • the descrambling module (605) performs descrambling processing on the scrambling segment in the IP packet by using the generated key and the start and end location information of the scrambling segment.
  • the message processing unit (302) includes:
  • the key index generation module (502) after receiving the content of the payload start portion of the IP packet from the message receiving unit (301), generates a key index using the content of the payload start portion, and utilizes the secret The key index obtains a key from the keystore;
  • the scramble location generating module (503) is configured to generate scrambled location information by using the content of the payload start portion after receiving the content of the payload start portion of the IP packet from the packet receiving unit (301);
  • the scrambling module (504) performs scrambling on the IP packet from the packet receiving unit (301) by using the obtained key and the scrambled location information, and sends the scrambled IP packet to the packet.
  • the user terminal further includes:
  • a keystore (701) for storing a key
  • the key index generating module (702) is configured to extract a content of a start portion of the message payload from the received IP packet to generate a key index, and obtain a key from the key pool by using the key index. ;
  • the scrambling location generating module (703) is configured to extract, from the received IP packet, the content of the beginning part of the message payload and generate start and end location information of the message scrambling segment;
  • the descrambling module (704) performs descrambling processing on the scrambled segment of the message by using the captured key and the scrambled location information.
  • a scrambler includes:
  • the message receiving unit (301) is configured to: after receiving the IP packet, extract the content of the beginning part of the IP packet payload and the payload scrambling segment, and send the content of the payload start part and the IP packet to the packet.
  • a message processing unit (302) configured to calculate a scrambled bit by using content of a payload start portion
  • the information and the index information are used to obtain a key, and the IP packet is scrambled by using the key and the scrambled location information, and the scrambled IP packet is sent to the packet sending unit ( 303);
  • the message sending unit (303) is configured to send the scrambled IP packet to the broadband network.
  • the message processing unit (302) includes:
  • a key seed library (401) for storing a key seed for generating a key
  • the key seed index generating module (402) generates a secret by using a key seed index generation algorithm after receiving the content of the payload start portion of the IP packet from the message receiving unit (301). Key seed index, and send the key seed index to the key generation module (403);
  • the key generation module (403) obtains a key seed from the key seed pool (401) according to the index, and generates a key by using a key generation algorithm;
  • the scramble location generating module (404) after receiving the content of the payload start portion of the IP packet from the packet receiving unit (301), adopts a scrambling location generation algorithm and utilizes the payload start portion of the IP packet The content of the generated message scrambles the location information;
  • the scrambling module (405) after receiving the scrambled location information and the key, performs scrambling on the IP packet from the packet receiving unit (301) by using a scrambling algorithm according to the key and the scrambled location information.
  • the scrambled IP packet is sent to the message sending unit (303).
  • the message processing unit (302) includes:
  • the key seed index generating module (602) is configured to extract the content of the beginning part of the message payload from the received TP message and generate a key seed index, and send the index to the key generation module (603) ;
  • the key generation module (603) obtains a key seed from the key seed library (601) according to the index and generates a key;
  • a scrambling location generating module (604), configured to extract a payload starting part from the IP packet And generating the scrambled location information by using the content of the beginning portion of the payload;
  • the descrambling module (605) performs descrambling processing on the IP packet by using the generated key and the scrambled location information.
  • a user terminal further includes:
  • a key seed library (601) for storing a key seed for generating a key
  • a key seed index generating module (602), configured to extract a content of a payload start part from the received IP packet and generate a key seed index;
  • the key generation module (603) obtains a key seed from the key seed library according to the index and generates a key
  • a scrambling location generating module (604), configured to: extract content of the payload starting part extracted from the received IP packet and generate message scrambling location information;
  • the descrambling module (605) performs descrambling processing on the IP packet by using the generated key and the scrambled location information.
  • a user terminal further includes:
  • the key index generating module (702) is configured to extract a content of a start portion of the message payload from the received IP packet to generate a key index, and obtain a key from the keystore by using the key index. .
  • the scrambling location generating module (703) is configured to extract the content of the beginning part of the message payload from the received IP packet and generate message scrambling location information.
  • the descrambling module (704) performs descrambling processing on the scrambled segment of the message by using the acquired key and the scrambled location information.
  • the invention utilizes digital scrambling technology, and the video and audio streams are transmitted in a scrambled manner to ensure that only legitimate terminals can decode and view, and the user cannot directly obtain digital copies of the video and audio streams for viewing by other general terminals.
  • digital scrambling technology By using this digital scrambling technology, the key can be avoided on the network, the risk of the key being cracked, and the additional network bandwidth usage can be reduced.
  • the video frequency coding technology has nothing to do, and directly scrambles the payload of the IP packet, which can be applied to different video and audio coding technologies; does not require complicated key management technology and encryption algorithm, and does not increase the difficulty and cost of the implementation of the terminal set-top box, Reduce the cost of the central office; In addition, if the scrambling algorithm is compromised, the central office and terminal algorithm/key can be remediated in a timely manner through the network.
  • FIG. 1 is a schematic diagram of networking of a broadband video and audio application in the prior art
  • FIG. 2 is a schematic diagram of networking for implementing content protection of broadband video and audio broadcasting according to the present invention
  • FIG. 3 is a schematic structural diagram of a specific embodiment of a scrambler according to the present invention.
  • FIG. 4 is a schematic structural diagram of a specific embodiment of a packet processing unit in a scrambler
  • FIG. 5 is a schematic structural diagram of a second embodiment of a packet processing unit in a scrambler
  • FIG. 6 is a schematic diagram of a descrambling portion of a user terminal.
  • FIG. 7 is a schematic structural diagram of a second embodiment of a descrambling portion of a user terminal
  • FIG. 8 is a schematic flow chart of performing scrambling and descrambling according to the present invention. Mode for carrying out the invention
  • the system of the present invention includes: an audio and video broadcast source 201, a scrambler 202, a broadband network 203, a broadband access device 204, and a user terminal 205.
  • the video and audio broadcast source 201 is configured to generate video and audio broadcast content of each channel, and package the generated video and audio broadcast content into an IP packet for output to the scrambler 202.
  • the scrambler 202 is configured to receive the video.
  • the audio broadcast source 201 outputs an IP packet containing the audio and video broadcast content, and the IP packet is scrambled and transmitted to the broadband network 203; the broadband network 203 transmits the broadcast content output by the video and audio broadcast source; The broadband access device 204 multicasts broadcast content of each channel transmitted by the broadband network 203 to the user terminal; the user terminal 205 is configured to receive video and audio broadcast content of one or more channels, and scramble the content The IP packet is descrambled.
  • User terminal The 205 can be a computer or a set top box.
  • the beginning of the payload of the IP packet may be used to convey certain protocol information, without adding the scrambling side and descrambling side settings.
  • the scrambling segment that scrambles the IP packet mentioned below is a portion of the payload other than the payload start portion, or a portion or portions of the payload other than the payload start portion.
  • the scrambler 202 includes a message receiving unit 301, a message processing unit 302, and a message transmitting unit 303.
  • the message receiving unit 301 extracts the content of the payload start portion of the IP packet, and sends the content of the payload start portion and the IP to the packet processing unit 302.
  • the message processing unit 302 calculates the scrambled location information and the index information by using the content of the payload start portion, obtains the key from the local key pool by using the index information, and uses the key and the scrambled location information to the IP packet.
  • the scrambling process is performed, and the scrambled IP packet is sent to the message sending unit 303.
  • the message sending unit 303 transmits the scrambled IP packet to the broadband access device 304 through the broadband network 203.
  • the message processing unit 302 may include: a key seed library 40], a key seed index generating module 402, a key generating module 403, a scrambling location generating module 404, and a scrambling module 405.
  • the key seed library 401 is configured to save a key seed for generating a key.
  • the key seed index generating module 402 is configured to generate a key seed by using a key seed index generation algorithm by using the content of the payload start part after receiving the content of the payload start part of the IP packet from the message receiving unit 301. Indexing, and sending the key seed index to the key generation module 403.
  • the algorithm can use a proprietary algorithm, such as the Haval+MD5 combination algorithm.
  • the key generation module 403. acquires a key seed from the key seed pool 401 according to the index, and generates a key by using a key generation algorithm.
  • the algorithm can use a proprietary algorithm, such as the Haval+MD5 combination algorithm.
  • the scramble location generating module 404 after receiving the content of the payload start portion of the IP packet from the packet receiving unit 301, uses the scramble location generation algorithm and generates a report by using the content of the payload start portion of the IP packet.
  • the text scrambles the location information, that is, the start and end location information of the scrambling segment.
  • the algorithm can use a proprietary algorithm, such as XOR, HASH and other algorithms combined algorithm.
  • the scrambling module 405 receives the IP packet from the message processing unit 301, the scrambled location information from the scrambled location generating module 404, and the key from the key generation module 403, according to the key and scrambling
  • the location information is scrambled by the scrambling algorithm to the IP packet from the packet receiving unit 301, and the scrambled TP packet is sent to the packet sending unit 303.
  • the scrambling algorithm can use algorithms such as DES, 3DES or AES.
  • the message processing unit 302 may further include: a keystore 501, a key index generation module 502, a scramble location generation module 503, and a scrambling module 504.
  • Key store 501 used to save the key.
  • the key index generating module 502 after receiving the content of the payload start portion of the IP packet from the message receiving unit 301, generates a key index by using the content of the payload start portion, and uses the key index to extract from the The keystore obtains the key.
  • the scramble location generating module 503 is configured to generate a scrambled location by using the content of the payload start portion after receiving the content of the payload start portion of the IP packet from the packet receiving unit 301.
  • Information that is, the start and end position information of the scrambled segment.
  • the scrambling module 504 performs scrambling on the payload scrambling segment of the IP packet from the packet receiving unit 301 by using the extracted key and the start and end position information of the scrambling segment, and scrambles the scrambled segment.
  • the IP packet is sent to the message sending unit 303.
  • the difference between the packet processing unit shown in FIG. 4 and FIG. 5 is that the manner of acquiring the key is different.
  • the message processing unit shown in Fig. 4 uses the index information to first obtain the key seed from the library, and then generates the key, and Fig. 5 uses the index information to directly obtain the key from the library.
  • the present invention is to add an interference handling function on the basis of an existing user terminal that does not support descrambling, and since the user terminal itself already includes a message receiving and video decoding subsystem, the solution in the user terminal in the present invention
  • the scrambler obtains ciphertext message information from the packet receiving subsystem of the user terminal for analysis, and performs descrambling processing on the ciphertext message according to the analysis result, and delivers the processed plaintext message to the video decoding of the user terminal. Subsystem processing.
  • the structure corresponds to the structure of the message processing unit shown in FIG. 4.
  • the user terminal further includes:
  • the key seed store 601 which is the same as the key seed store in the scrambler shown in Fig. 4, is used to store the key seed for generating the key.
  • the key seed index generating module 602 is configured to extract content of the beginning portion of the message payload from the received IP packet, and generate a key seed by using the same algorithm as in the key seed index 402 shown in FIG. The index is sent to the key generation module 603.
  • the key generation module 603 extracts a key seed from the key seed library 601 according to the index and generates a key.
  • the scrambling location generating module 604 is configured to extract the content of the payload start portion from the IP packet, and generate the message scrambling location information, that is, the start and end location information of the scrambling segment, by using the content of the payload start portion.
  • a descrambling module 605 using the generated key and the scrambled location information, that is, scrambling on The start and end position information is used to descramble the received IP packet.
  • the structure corresponds to the scrambling structure shown in FIG. 5.
  • the user terminal includes:
  • the keystore 701 which is the same as the keystore in the scrambler shown in Fig. 5, is used to hold the key.
  • the key index generating module 702 is configured to extract the content of the beginning part of the message payload from the received IP packet to generate a key index, and obtain the key from the key pool by using the key index.
  • the scrambling location generating module 703 is configured to extract the content of the beginning part of the message payload from the received IP packet and generate scrambling location information, that is, start and end location information of the scrambling segment.
  • the descrambling module 704 performs descrambling processing on the scrambled segment of the message by using the acquired key and the scrambling segment location information.
  • the same key seed library is saved by the scrambler and the user terminal as an example.
  • the specific processing procedure of adding 4 is as follows:
  • the scrambler extracts some content of the content of the beginning portion of the IP packet payload by the scramble location generation algorithm and the key seed index generation algorithm. These are content that changes as the content of the package changes, rather than fixed content.
  • the corresponding scrambling location information is calculated by the scrambling location generation algorithm, that is, the start and end positions of the message scrambling segment, and the key seed index is generated by the key seed index generation algorithm.
  • the scrambler queries the corresponding key seed from the local key seed repository according to the key seed index.
  • the scrambler calculates the key by the key generation algorithm according to the key seed.
  • the scrambler performs a scrambling process on the specified segment of the IP packet according to the generated key and the scrambled location information by using a predetermined scrambling algorithm.
  • the specific processing of descrambling is as follows: (1) On the receiving side, after receiving the scrambled message, the user terminal extracts some content of the beginning part of the IP packet payload by using the same scrambling location generation algorithm and key seed index generation algorithm as the scrambler. These are the same as those in the scrambling step (1).
  • the corresponding scrambling location information is calculated by the scrambling location generation algorithm, that is, the start and end positions of the message scrambling segment, and the key seed index is generated by the key seed index generation algorithm.
  • the user terminal finds a corresponding key seed in the local key seed library according to the key seed index.
  • the user terminal calculates the key by the key generation algorithm according to the key seed.
  • the user terminal descrambles the designated scrambling segment according to the key and the scrambled location information by using a predetermined descrambling algorithm.
  • the key index generation algorithm is used instead of the key index seed generation algorithm to generate the key index, and then the key index is directly used to obtain the key from the key pool.
  • the disturbance or descrambling process is the same as above.
  • the algorithm and key seed can be implemented by upgrading the terminal software online.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Multimedia (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

L'invention concerne un procédé et un appareil permettant de protéger un contenu vidéo ou audio à large bande radiodiffusé afin de résoudre le problème posé par la faible sécurité des contenus vidéo ou audio à large bande radiodiffusés de la technique antérieure. Ce procédé consiste : à extraire, du côté de l'expéditeur, le contenu de la partie au début de la charge utile du message IP et à calculer les informations de la position brouillée et des informations d'indice ; à obtenir la clé de l'ordinateur domestique au moyen des informations d'indice et à établir un processus au moyen de la clé et des informations de la position brouillée afin de brouiller le contenu du clip spécifique qui ne contient pas ledit contenu au début dans le message IP ; à extraire, du côté du destinataire, le contenu de la partie au début de la charge utile du message IP non brouillé et à calculer les informations de la position brouillée et des informations d'indice en se servant de l'algorithme comme moyen de brouillage ; à obtenir la clé de l'ordinateur domestique, du côté du destinataire, au moyen des informations d'indice et à établir un processus au moyen de la clé et des informations de la position brouillée afin de désembrouiller les clips brouillés du message IP.
PCT/CN2005/001379 2004-09-01 2005-09-01 Procede et appareil permettant de proteger un contenu video ou audio a large bande radiodiffuse WO2006024234A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200410075345.X 2004-09-01
CNB200410075345XA CN100356789C (zh) 2004-09-01 2004-09-01 一种保护宽带视音频广播内容的方法及装置

Publications (1)

Publication Number Publication Date
WO2006024234A1 true WO2006024234A1 (fr) 2006-03-09

Family

ID=35999710

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2005/001379 WO2006024234A1 (fr) 2004-09-01 2005-09-01 Procede et appareil permettant de proteger un contenu video ou audio a large bande radiodiffuse

Country Status (2)

Country Link
CN (1) CN100356789C (fr)
WO (1) WO2006024234A1 (fr)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5173151B2 (ja) * 2006-05-16 2013-03-27 京セラ株式会社 アドレス生成方法および放送受信装置
CN101924595B (zh) * 2009-06-12 2012-09-12 北京视博数字电视科技有限公司 音频加扰方法、解扰方法及其装置
CN107733639B (zh) * 2017-08-24 2020-08-04 深圳壹账通智能科技有限公司 密钥管理方法、装置及可读存储介质
CN108881022B (zh) * 2018-05-30 2020-11-10 中国人民解放军战略支援部队信息工程大学 一种数据报加扰查表转发的网络节点装置和方法

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000004549A2 (fr) * 1998-07-14 2000-01-27 Koninklijke Philips Electronics N.V. Protection contre la copie par chiffrement de ticket
CN1250994A (zh) * 1998-09-14 2000-04-19 朗迅科技公司 宽带数据消息的安全传输
WO2002009430A2 (fr) * 2000-07-21 2002-01-31 General Instrument Corporation Systeme et procede permettant de faciliter l'acces d'un abonne a des services disponibles en ligne

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2002520682A (ja) * 1998-07-14 2002-07-09 コーニンクレッカ フィリップス エレクトロニクス エヌ ヴィ チケット暗号化による複製保護

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000004549A2 (fr) * 1998-07-14 2000-01-27 Koninklijke Philips Electronics N.V. Protection contre la copie par chiffrement de ticket
CN1250994A (zh) * 1998-09-14 2000-04-19 朗迅科技公司 宽带数据消息的安全传输
WO2002009430A2 (fr) * 2000-07-21 2002-01-31 General Instrument Corporation Systeme et procede permettant de faciliter l'acces d'un abonne a des services disponibles en ligne

Also Published As

Publication number Publication date
CN100356789C (zh) 2007-12-19
CN1744707A (zh) 2006-03-08

Similar Documents

Publication Publication Date Title
US20080063195A1 (en) Method and system for encrypting or decrypting wmv streaming media
US8452008B2 (en) Content distributing method, apparatus and system
US7480385B2 (en) Hierarchical encryption key system for securing digital media
US20070204290A1 (en) Method for Protecting Contents of Broadband Video/Audio Broadcast
US20060190403A1 (en) Method and Apparatus for Content Protection and Copyright Management in Digital Video Distribution
US8385545B2 (en) Secure content key distribution using multiple distinct methods
US20110093883A1 (en) System, protection method and server for implementing the virtual channel service
US20030018917A1 (en) Method and apparatus for delivering digital media using packetized encryption data
AU2005258137A1 (en) Validating client-receivers
JP2007184929A (ja) スクランブルされたコンテンツデータオブジェクトをデスクランブルする方法
WO2007076652A1 (fr) Procede d'autorisation utilisateur pour systeme d'acces conditionnel a la television numerique
WO2007109999A1 (fr) Procédé, système, matériel d'abonné et serveur multimédia pour la protection numérique des droits d'auteur
US20060047976A1 (en) Method and apparatus for generating a decrpytion content key
WO2011120901A1 (fr) Désembrouillage sécurisé d'un flux de données audio/vidéo
WO2006024234A1 (fr) Procede et appareil permettant de proteger un contenu video ou audio a large bande radiodiffuse
US20050047449A1 (en) Individual video encryption system and method
WO2016189105A1 (fr) Gestion de récepteurs de données multimédias numériques chiffrées diffusées
US20070011735A1 (en) Open standard conditional access system
WO2008025197A1 (fr) Système et procédé permettant de réaliser un embrouillage en temps réel de données multimédia
US20060233368A1 (en) Method for conditional access in a DMTS/DOCSIS enabled set top box environment
EP1175781A1 (fr) Procede et appareil de controle d'acces de services televisuels a la carte pre-cryptes
JP2005020218A (ja) ライセンス情報送信装置、ライセンス情報送信プログラム、ライセンス情報送信方法およびライセンス情報受信装置、ライセンス情報受信プログラム、ライセンス情報受信方法
WO2009106007A1 (fr) Procédé, système et équipement de réalisation de sécurité multimédia d'un service de multidiffusion d'iptv
EP1499062B1 (fr) Système et méthode de criptage video individuel
Yang et al. The Simplified and Secure Conditional Access for Interactive TV service in Converged Network

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KM KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NG NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU LV MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 05781846

Country of ref document: EP

Kind code of ref document: A1