WO2009157800A1 - Système de protection d’informations dans des réseaux d’abonnés - Google Patents

Système de protection d’informations dans des réseaux d’abonnés Download PDF

Info

Publication number
WO2009157800A1
WO2009157800A1 PCT/RU2008/000634 RU2008000634W WO2009157800A1 WO 2009157800 A1 WO2009157800 A1 WO 2009157800A1 RU 2008000634 W RU2008000634 W RU 2008000634W WO 2009157800 A1 WO2009157800 A1 WO 2009157800A1
Authority
WO
WIPO (PCT)
Prior art keywords
control
block
subscriber
dvb
keys
Prior art date
Application number
PCT/RU2008/000634
Other languages
English (en)
Russian (ru)
Inventor
Юрий Михайлович БОЛОВИНЦЕВ
Татьяна Ивановна ЛОБОВА
Елена Евгеньевна ШУМАКОВИЧ
Original Assignee
Федеральное Государственное Унитарное Предприятие Ордена Трудового Красного Знамени Научно-Исследовательский Институт Радио (Фгуп Ниир)
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Федеральное Государственное Унитарное Предприятие Ордена Трудового Красного Знамени Научно-Исследовательский Институт Радио (Фгуп Ниир) filed Critical Федеральное Государственное Унитарное Предприятие Ордена Трудового Красного Знамени Научно-Исследовательский Институт Радио (Фгуп Ниир)
Publication of WO2009157800A1 publication Critical patent/WO2009157800A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/167Systems rendering the television signal unintelligible and subsequently intelligible
    • H04N7/1675Providing digital key or authorisation information for generation or regeneration of the scrambling sequence
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/234Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs
    • H04N21/2347Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs involving video stream encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/26606Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing entitlement messages, e.g. Entitlement Control Message [ECM] or Entitlement Management Message [EMM]

Definitions

  • the proposed technical solution relates to the field of communication, in particular to a DVB data transmission and processing system: DVB-S, DVB-C, DVB-T, MMDS, etc. and is intended for closing DVB channels and other information implemented according to the DVB standard.
  • DVD Digital Video Video Broadcast
  • option “DVB-S” Digital Video Broadcast - satellite) - the first generation of the standard for satellite systems
  • “DVB-C” Digital Video Broadcast - digital) option for a digital cable system
  • DVD-T Digital Video Video Broadcast - Terrestrial
  • MMDS Multi Distributed Distribution System
  • Multichannel Multipoint Distribution System Multichannel Multipoint Distribution System
  • a signal processing device is known from RF patent Ns 2253189, comprising a signal processing channel for processing a digital input signal including a first component of a scrambled signal and a second component of a scrambled signal. It also comprises means for coupling said input signal with a removable smart card assembly, the removable smart card assembly being configured to process the first component of the scrambled signal to obtain a first descrambled signal that is internal to said smart card assembly, the smart card assembly being reacting to the first descrambled signal is configured to process the second component of the scrambled signal for receiving the second descrambled signal and combining the first component of the scrambled signal of the input signal and the second descrambled signal to obtain the output signal, means for receiving the output signal from the node of the smart card and connected to the specified means
  • SUBSTITUTE SHEET (RULE 26) for receiving the output signal from the smart card node, means for processing the second descrambled signal and generating a signal adapted for display.
  • a delay means for the first component of the scrambled signal to obtain a delayed signal having a substantially predetermined synchronization ratio with respect to the second descrambled signal, and means for combining the delayed signal and the second descrambled signal to obtain an output signal.
  • the RF patent Ns 2253189 furthermore describes a signal processing method, according to which a digital input signal is received including a first component of a scrambled signal and a second component of a scrambled signal, characterized in that the input signal is connected to a removable smart card assembly for processing the first component of the scrambled signal and receiving the first descrambled signal, which is internal to the node of the smart card, and for processing when responding to vy descrambled signal to the second scrambled signal component for producing a second descrambled signal and for combining the first component of the scrambled input signal and a second descrambled signal to produce an output signal received from the smart card host output signal and processing the second signal is descrambled to form a signal adapted for display.
  • control signals requires the allocation of additional bandwidth in the overall digital stream.
  • the task is to create an effective system for protecting information in subscriber networks using the appropriate Poccrypt-M system.
  • SUBSTITUTE SHEET (RULE 26) (9), a control code analyzer (10), a descrambling unit (11), and a security processor (12).
  • the system comprises a block for scrambling the selected components and encrypting keys, including an element for generating a control word according to a random law using a set of switchable base keys; , a control code generation unit for each subscriber together with a control word and a password code as part of a personalized control message, and on the subscriber side, a subscriber base key call block in accordance with the received password and recovery of encrypted components using a control word received as a part of a personalized control message .
  • control code generation unit (1) contains a means for dividing a registered control message into a number of control packages and for their end-to-end numbering and with the simultaneous generation of an electronic signature for each package.
  • the scrambling unit for the selected components and key encryption (3) includes basic irreversible encryption elements for implementing an electronic non-volatile key of increased complexity of disclosure.
  • the system "Poccrypt-M” works as follows.
  • a control word is generated using a set of switchable basic keys, it encrypts selected components of the transport stream, a control code for each subscriber is generated, and it is transmitted along with the control word and password code as part of the name control message, and the subscriber base is called on the subscriber side the key in accordance with the accepted password and recover the encrypted components using a control word received as part of a personalized control message.
  • a personalized control message is divided into a number of management packages with the implementation of their end-to-end numbering and with the simultaneous generation of an electronic signature for each package;
  • elements of basic irreversible encryption are used to implement an electronic non-volatile key of increased complexity of disclosure
  • the correction of the values of the basic keys is carried out individually for various components of the same transport stream, or for various transport streams, while the absolute values of the offset codes, and their code expressions, are sent to the receiving side as part of the control packets, based on which, on the receiving side, in real scale time carry out the adjustment to the new resulting values of the base keys and offset keys;
  • the primary conversion of random control codes is carried out during the passage of any packets accompanying the transport stream and the subsequent encryption is used in real time with the issuance of restored components of the transport stream, regardless of their number;
  • the standard cycle of processes is analyzed first of all, on the receiving side, and, if deviations from the standard cycle are detected, external communications are disconnected.
  • the Poccrypt-M transmitting complex is entrusted with the main functions of the system:
  • the input “open” transport stream goes to the TP component allocation block (2) where, in accordance with the identifiers specified by the operator, the components that need to be scrambled are filtered, from the output of block 2, the selected components are sent to the key scrambling and encryption block (3), where, using the keys stored in the memory block of the group of secret keys (5), they are scrambled.
  • SUBSTITUTE SHEET (RULE 26) the network number specified in the control processor (6), according to which the scrambling algorithm for each network changes somewhat relative to the main one, which allows implementing the multi-network scrambling function and makes it possible to use one transmitting complex by various, unrelated telecom operators.
  • the scrambled components go to the output stream former (4), where they are multiplexed by open TP packets from the output of the TP component extraction block (2) and control packets from the output of the control packet generation block (1).
  • the scrambled stream enters the output of the transmitting complex.
  • the input stream enters the input stream demultiplexing unit (8), where scrambled packets that need to be descrambled, as well as auxiliary information: CW key, key number, and control commands for this subscriber are extracted from the entire input stream. From the output of block 8, the scrambled packets are sent to the descrambling block (11), where they are descrambled.
  • This key is selected from the group of keys by the key number allocated from the input stream in block 8;
  • the descrambled packets arrive at the block for generating the output stream (7) (where they are multiplexed with the input stream. From the output of block 7, the restored stream is sent to the output of the receiving part of the system.
  • FIG. 1 shows the implementation of the transmitting side:
  • Figure 2 shows the implementation of the receiving side

Landscapes

  • Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

La présente invention concerne les communications et concerne en particulier des systèmes de traitement et de transmission de données DVB (DVB-S, DVB-C, DVB-T, MMDS, etc.); elle s’utilise pour la fermeture de canaux DVB et d’autres informations mises en oeuvre selon la norme DVB. Elle se présente comme un système de protection d’informations dans des réseaux d’abonnés. Ce système consiste à former un mot de contrôle selon une règle aléatoire en utilisant un ensemble de clés de base commutables puis à chiffrer les composants sélectionnés du flux de trafic, former un code de commande pour chaque abonné et transmettre ledit code conjointement avec le mot de contrôle et un mot de passe en un code un message de contrôle personnalisé. Côté abonné, on effectue la réception de la clé de base d’abonné conformément au mot de passe accepté et on récupère les composants chiffrés au moyen du mot de contrôle reçu dans le message de contrôle personnalisé.
PCT/RU2008/000634 2008-06-25 2008-10-03 Système de protection d’informations dans des réseaux d’abonnés WO2009157800A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
RU2008125467 2008-06-25
RU2008125467 2008-06-25

Publications (1)

Publication Number Publication Date
WO2009157800A1 true WO2009157800A1 (fr) 2009-12-30

Family

ID=41444726

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/RU2008/000634 WO2009157800A1 (fr) 2008-06-25 2008-10-03 Système de protection d’informations dans des réseaux d’abonnés

Country Status (1)

Country Link
WO (1) WO2009157800A1 (fr)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4993066A (en) * 1987-02-26 1991-02-12 Jenkins Henry H Method for television scrambling
WO2001076135A1 (fr) * 2000-04-03 2001-10-11 Canal+ Technologies Societe Anonyme Authentification de donnees transmises dans un systeme de transmission numerique
RU2000111530A (ru) * 1997-10-02 2002-05-27 Каналь+Сосьетэ Аноним Способ и устройство для шифрованной трансляции потока данных
WO2003098919A1 (fr) * 2002-05-21 2003-11-27 Koninklijke Philips Electronics N.V. Systeme a acces conditionnel
WO2005083917A1 (fr) * 2004-02-23 2005-09-09 Logicacmg Uk Limited Ameliorations concernant des communications de radiodiffusion numerique
WO2007001287A1 (fr) * 2005-06-23 2007-01-04 Thomson Licensing Systeme et procede d'enregistrement de dispositif d'acces multimedia

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4993066A (en) * 1987-02-26 1991-02-12 Jenkins Henry H Method for television scrambling
US4993066C1 (en) * 1987-02-26 2001-04-24 Techsearch L L C Method for television scrambling
RU2000111530A (ru) * 1997-10-02 2002-05-27 Каналь+Сосьетэ Аноним Способ и устройство для шифрованной трансляции потока данных
WO2001076135A1 (fr) * 2000-04-03 2001-10-11 Canal+ Technologies Societe Anonyme Authentification de donnees transmises dans un systeme de transmission numerique
WO2003098919A1 (fr) * 2002-05-21 2003-11-27 Koninklijke Philips Electronics N.V. Systeme a acces conditionnel
WO2005083917A1 (fr) * 2004-02-23 2005-09-09 Logicacmg Uk Limited Ameliorations concernant des communications de radiodiffusion numerique
WO2007001287A1 (fr) * 2005-06-23 2007-01-04 Thomson Licensing Systeme et procede d'enregistrement de dispositif d'acces multimedia

Similar Documents

Publication Publication Date Title
CN100366083C (zh) 广播应用的条件访问系统的操作方法
US4887296A (en) Cryptographic system for direct broadcast satellite system
EP1023795B1 (fr) Commande pour des trains de donnees de transport global
US8300812B2 (en) Methods of scrambling and descrambling units of data
RU2433471C2 (ru) Способ и устройство для авторизации санкционированного доступа
KR100810318B1 (ko) 디지털 멀티미디어 방송 제한 서비스 시스템 및 그 방법
CN1822545B (zh) 控制前端系统与多个客户系统之间的通信的方法与系统
US20110238991A1 (en) Content decryption device and encryption system using an additional key layer
JP2007528668A (ja) マルチチャネル許可管理及び制御を介したセキュアなデータ送信
CN101953160B (zh) 减轻解码器处理负荷的受控密码有效期定时
JPH04233345A (ja) 放送設備におけるトランスコントロール方法および装置
US7224806B2 (en) Threshold cryptography scheme for conditional access systems
EP0179612A2 (fr) Système cryptographique pour un réseau de satellite à transmission en direct
US20140115326A1 (en) Apparatus and method for providing network data service, client device for network data service
US20110280399A1 (en) Transmission, reception and identification methods, security processor and information recording medium for said methods
CN1143480C (zh) 信息流防窃用分离的方法、系统和用户设备
RU80297U1 (ru) Система защиты информации в абонентских сетях
WO2009157800A1 (fr) Système de protection d’informations dans des réseaux d’abonnés
Jung et al. Design and implementation of a multi-stream cableCARD with a high-speed DVB-common descrambler
US20040047472A1 (en) Threshold cryptography scheme for conditional access systems
WO2005099206A1 (fr) Codage croise d'informations dans des canaux independants
CN100379288C (zh) 同一户头多个数字电视接收终端ca模块无线连接关联方式
JP4374749B2 (ja) 視聴制御方法
JPH10190646A (ja) デジタルネットワークにおける秘密情報配信方法ならびに受信装置および送信装置
KR20100112264A (ko) 위성/지상파 수신제한시스템에서 해킹방지를 위한 암호화 및 복호화 방법

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08874825

Country of ref document: EP

Kind code of ref document: A1

DPE2 Request for preliminary examination filed before expiration of 19th month from priority date (pct application filed from 20040101)
NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 201100414

Country of ref document: EA

122 Ep: pct application non-entry in european phase

Ref document number: 08874825

Country of ref document: EP

Kind code of ref document: A1