WO2019062305A1 - 机顶盒无卡条件接收系统的生产方法及系统 - Google Patents

机顶盒无卡条件接收系统的生产方法及系统 Download PDF

Info

Publication number
WO2019062305A1
WO2019062305A1 PCT/CN2018/097005 CN2018097005W WO2019062305A1 WO 2019062305 A1 WO2019062305 A1 WO 2019062305A1 CN 2018097005 W CN2018097005 W CN 2018097005W WO 2019062305 A1 WO2019062305 A1 WO 2019062305A1
Authority
WO
WIPO (PCT)
Prior art keywords
production
smart card
top box
cardless
data
Prior art date
Application number
PCT/CN2018/097005
Other languages
English (en)
French (fr)
Inventor
石雷花
马建忠
Original Assignee
深圳市九洲电器有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市九洲电器有限公司 filed Critical 深圳市九洲电器有限公司
Publication of WO2019062305A1 publication Critical patent/WO2019062305A1/zh

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/418External card to be used in combination with the client device, e.g. for conditional access
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/436Interfacing a local distribution network, e.g. communicating with another STB or one or more peripheral devices inside the home
    • H04N21/4367Establishing a secure communication between the client and a peripheral device or smart card
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/443OS processes, e.g. booting an STB, implementing a Java virtual machine in an STB or power management in an STB
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4623Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]

Definitions

  • the program relates to the field of digital television, and in particular relates to a production method and system for a set-top box cardless condition receiving system.
  • the set-top box conditional access system can no longer rely on smart cards, and the use of some security chips makes the application of the cardless conditional receiving system possible.
  • the set-top box with card condition receiving system some data is stored in the smart card, and is necessary for production, for example, 1.MPK (Main private key), which is built in the smart card to decrypt the management distributed by the set-top box conditional receiving system. Information (such as authorization, anti-authorization, etc.); 2. SMC ID (Smart Card ID), which is built into the smart card and is the unique identifier of the smart card. The ID can be used to authorize and deauthorize the user.
  • the cardless condition receiving system since there is no smart card, the data in the smart card cannot be adapted to the production of the cardless condition receiving system, so that the cardless condition receiving system cannot be realized, and the cardless condition receiving system cannot be produced.
  • the production system of a set-top box cardless condition receiving system comprises: a cardless data management module, a production smart card, a production smart card application, a production application program, and a cardless condition receiving system set top box;
  • the cardless data management module is configured to manage the MPK of the set top box, the production smart card key pair, and the set top box return data;
  • the production smart card has a built-in private key in a smart card key pair
  • the production smart card application is configured to communicate with the production smart card, process the data request of the production application, and simultaneously write the set-top box return data to the specified file after being encrypted by the production smart card;
  • the production application for reading a set top box CHIPID, requesting data from the production smart card application and writing data into the cardless conditional system receiver set top box while being read by the cardless conditional receiving system set top box Retrieving data and sending it to the production smart card;
  • the cardless condition system receiver top box receives data sent by the production application and stores it in a flash for use, and generates a return data to the production application through a setting algorithm.
  • the cardless data management module generates an asymmetric encryption key pair PSMCK, wherein the public key is handed over to the set top box manufacturer, and the private key is built in the production smart card.
  • the cardless data management module generates a required number of VSMC IDs for production, and generates a PD file after the MPK is encrypted by the public key in the PSMCK.
  • the production smart card application imports the PD file into the production smart card and is managed by the production smart card; the production smart card utilizes its own SMC ID, after a hybrid operation, generates an SMC key for use.
  • the production application establishes a connection with the cardless conditional receiving system set top box, reads the set top box CHIPID, and sends the set top box CHIPID to the production smart card through the production smart card application for requesting production data.
  • the production smart card After the production smart card receives the set-top box CHIPID, it performs a hybrid operation to generate a symmetric encrypted key CHIPID Key to be used, and simultaneously utilizes the SMC of the production smart card. ID, select an unused VSMC ID, and the VSMC The ID is marked as used, and the selected VSMC ID, SMC Key, MPK, and production data are encrypted by the CHIPID Key, and then sent to the cardless condition system receiver top box through the production smart card application and the production application.
  • the cardless condition system receiver top box receives and decrypts the production data, and generates return data and encrypts the data using the SMC Key and sends the production smart card to the production smart card through the production application and the production smart card application.
  • the production smart card After the production smart card receives the return data, it is decrypted by the SMC Key, and then encrypted by the private key in the PSMCK, and then written into the RD file by using the production smart card application.
  • the method for producing a set top box cardless condition receiving system provided by the program comprises the following steps:
  • the cardless data management module is configured to manage the MPK of the set top box, the production smart card key pair, and the set top box return data;
  • the production smart card has a built-in private key in a smart card key pair
  • the production smart card application is configured to communicate with the production smart card, process the data request of the production application, and simultaneously write the set-top box return data to the specified file after being encrypted by the production smart card;
  • the production application for reading a set top box CHIPID, requesting data from the production smart card application and writing data into the cardless conditional system receiver set top box while being read by the cardless conditional receiving system set top box Retrieving data and sending it to the production smart card;
  • the cardless condition system receiver top box receives data sent by the production application and stores it in a flash for use, and generates a return data to the production application through a setting algorithm.
  • the production system and method of the card set condition receiving system of the set top box, the cardless data management module, the production smart card, the production smart card application program, the production application program and the cardless condition system receiver top box adopt a production smart card separated from the set top box and corresponding
  • the various modules and applications are configured to complete the production of the set-top box cardless condition receiving system, so that the data in the smart card can be adapted to the production of the cardless condition receiving system, thereby realizing the production of the cardless condition receiving system and capable of producing cardless conditions.
  • the set top box of the receiving system adopt a production smart card separated from the set top box and corresponding
  • Figure 1 is a block diagram showing a production system of a set top box cardless condition receiving system in an embodiment.
  • the production system includes: a cardless data management module 100, a production smart card 200, a production smart card application 300, and production.
  • the cardless data management module 100 is used to manage the MPK of the set top box, the production smart card key pair, and the set top box return data.
  • the smart card 200 is produced, and the private key in the smart card key pair is built.
  • the production smart card application 300 is used to communicate with the production smart card 200, process the data request of the production application 400, and simultaneously write the set-top box return data through the production smart card 200. Enter the specified file.
  • the production application 400 is configured to read the set top box CHIPID (the unique ID of the set top box main chip), request data from the production smart card application 300 and write the data into the cardless condition system receiver set top box 500, and the cardless condition receiving system
  • the return data is read from the set top box 500 and sent to the production smart card 200.
  • the cardless condition system receiver set top box 500 receives the data transmitted by the production application 400 and stores it in the flash for use while generating return data to the production application 400 via the setting algorithm.
  • the cardless data management module 100 when the set top box manufacturer needs to produce a cardless conditional receiving system set top box, the cardless data management module 100 generates an asymmetric encryption key pair PSMCK (Produce). Smart Card Key), where the public key is handed over to the set-top box manufacturer and the private key is built into the production smart card 200.
  • PSMCK Produce. Smart Card Key
  • the cardless data management module 100 generates a VSMC ID (Virtual Smart Card ID) for production and generates a PD file (Produce Data) after the MPK is encrypted by the public key in the PSMCK.
  • the PD file is sent to the set-top box manufacturer.
  • the production smart card application 300 imports the PD file into the production smart card 200 and is managed by the production smart card 200. At the same time, the production smart card 200 generates a SMC key (Smart) through a hybrid operation using its own SMC ID. Card Key) Standby.
  • SMC key Smart
  • the production application 400 establishes a connection (such as serial port or network communication) with the cardless condition receiving system set top box 500, reads the set top box CHIPID, and transmits the set top box CHIPID to the production smart card 200 through the production smart card application 300 for requesting production data.
  • a connection such as serial port or network communication
  • the production smart card 200 After the production smart card 200 receives the set-top box CHIPID, it performs a hybrid operation to generate a symmetrically encrypted key CHIPID Key for use, and utilizes the SMC ID of the production smart card 200, and selects an unused VSMC ID, and identifies the VSMC ID as already After use, the VSMC ID, the SMC Key, the MPK, and the production data are encrypted by the CHIPID Key, and then transmitted to the cardless condition system receiver top box 500 through the production smart card application 300 and the production application 400.
  • the cardless condition system receiver top box 500 is received and stored in the flash.
  • Cardless condition system receiver set-top box 500 decrypts production data and generates return data, using SMC
  • the Key is encrypted and sent to the production smart card 200 through the production application 400 and the production smart card application 300.
  • the returned data contains the VSMC ID, CHIPID, and other necessary data.
  • the production data is encrypted using the set-top box CHIPID, which prevents the production data from being copied and cracked.
  • the production smart card 200 After receiving the return data, the production smart card 200 decrypts by the SMC Key, encrypts it by the private key in the PSMCK, and then writes it into the RD file (Return Data) by using the production smart card application 300, thus completing the set-top box cardless condition receiving system. Production.
  • the solution also provides a production method of a set top box cardless condition receiving system, and the production method comprises the following steps:
  • the cardless data management module is used to manage the MPK of the set top box, the production smart card key pair, and the set top box return data.
  • the production smart card has a built-in private key in the production smart card key pair.
  • the production smart card application is used to communicate with the production smart card to process the data request of the production application, and at the same time, the set-top box return data is encrypted by the production smart card and written into the specified file.
  • Production application for reading the set-top box CHIPID the unique ID of the set-top box's main chip
  • requesting data from the production smart card application and writing the data to the cardless conditional system receiver set-top box, while reading from the cardless conditional receiving system set-top box Take the return data and send it to the production smart card.
  • the cardless condition system receiver top box receives the data sent by the production application and stores it in the flash for use, while generating the return data to the production application through the setting algorithm.
  • the cardless data management module when the set-top box manufacturer needs to produce a cardless conditional receiving system set-top box, the cardless data management module generates an asymmetric encryption key pair PSMCK (Produce Smart Card Key), wherein the public key is handed over to the set-top box manufacturer, and the private key is built in. In the production of smart cards.
  • PSMCK Promote Smart Card Key
  • the cardless data management module generates the required number of VSMC IDs for production (Virtual The Smart Card ID) and the MPK are encrypted by the public key in the PSMCK to generate a PD file (Produce Data). In addition, the PD file is sent to the set-top box manufacturer.
  • the production smart card application imports the PD file into the production smart card and manages it by the production smart card. At the same time, production smart cards use their own SMC ID, after a hybrid operation, generates an SMC key (Smart Card Key) to be used.
  • SMC key Smart Card Key
  • the production application establishes a connection with the cardless conditional receiving system set-top box (such as serial port or network communication), reads the set-top box CHIPID, and sends the set-top box CHIPID to the production smart card through the production smart card application to request production data.
  • the cardless conditional receiving system set-top box such as serial port or network communication
  • the production smart card After the production smart card receives the CHIPID of the set-top box, it performs a hybrid operation to generate a symmetrically encrypted key CHIPID Key for use, while using the SMC that produces the smart card. ID, and select an unused VSMC ID, and the VSMC The ID is marked as used, and the VSMC ID, SMC Key, MPK, and production data are encrypted by the CHIPID Key, and then sent to the cardless condition system receiver set-top box through the production smart card application and the production application.
  • the cardless condition system receiver top box is stored in the flash after receiving it.
  • Cardless condition system receiver top box decrypts production data and generates return data, using SMC After the Key is encrypted, it is sent to the production smart card through the production application and the production smart card application. Where the returned data contains VSMC ID, CHIPID, and other necessary data.
  • the production data is encrypted using the set-top box CHIPID, which prevents the production data from being copied and cracked.
  • the production smart card After the production smart card receives the returned data, it is decrypted by the SMC Key, and then encrypted by the private key in the PSMCK, and then written into the RD file (Return Data) by the production smart card application, thus completing the production of the set-top box cardless condition receiving system. .
  • the production method of the set-top box cardless condition receiving system setting the cardless data management module, the production smart card, the production smart card application program, the production application program and the cardless condition system receiver top box, adopting a production smart card separated from the set top box and correspondingly configured each
  • the module and the application complete the production of the set-top box cardless condition receiving system, so that the data in the smart card can be adapted to the production of the cardless condition receiving system, thereby realizing the production of the cardless condition receiving system and capable of producing the cardless condition receiving system.

Landscapes

  • Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Software Systems (AREA)
  • Storage Device Security (AREA)

Abstract

本方案涉及一种机顶盒无卡条件接收系统的生产系统及方法,设置无卡数据管理模块、生产智能卡、生产智能卡应用程序、生产应用程序以及无卡条件系统接收机顶盒,采用一个与机顶盒分离的生产智能卡及相应配置的各个模块和应用程序来完成机顶盒无卡条件接收系统的生产,使得在智能卡中的数据能够适应到无卡条件接收系统生产中,从而实现无卡条件接收系统的生产,能够生产无卡条件接收系统的机顶盒。

Description

机顶盒无卡条件接收系统的生产方法及系统 技术领域
本方案涉及数字电视领域,尤其涉及一种机顶盒无卡条件接收系统的生产方法及系统。
 背景技术
随着数字电视技术的发展,机顶盒条件接收系统可以不再需要依赖于智能卡,通过一些安全芯片的使用,而使得无卡条件接收系统的应用成为可能。使用无卡条件接收系统有诸多好处:1. 因为没有物理的智能卡,所以避免了一些智能卡的管理问题,如卡片丢失,卡片损坏、老化等。2.具有更加低廉的成本。
在机顶盒有卡条件接收系统中,有些数据是保存在智能卡中,且是生产必须,例如1.MPK(Main private key),该Key内置在智能卡中,用来解密通过机顶盒条件接收系统分发的管理信息(如授权,反授权等);2. SMC ID(Smart Card ID),该ID内置在智能卡中,是智能卡的唯一的标识,可以使用该ID对用户进行授权及反授权控制。而在无卡条件接收系统中,由于没有了智能卡,就使得在智能卡中的数据不能适应到无卡条件接收系统生产中,从而使得无卡条件接收系统不能实现,无法生产无卡条件接收系统的机顶盒。
 技术问题
有鉴于此,有必要针对上述智能卡中的数据不能适应到无卡条件接收系统中,使得无卡条件接收系统不能实现的问题,提供一种机顶盒无卡条件接收系统的生产方法及系统。
 技术解决方案
本方案提供的一种机顶盒无卡条件接收系统的生产系统,包括:无卡数据管理模块、生产智能卡、生产智能卡应用程序、生产应用程序以及无卡条件接收系统机顶盒;
所述无卡数据管理模块用来管理机顶盒的MPK、生产智能卡密钥对以及机顶盒返回数据;
所述生产智能卡,内置生产智能卡密钥对中的私钥;
所述生产智能卡应用程序,用来与所述生产智能卡进行通信,处理所述生产应用程序的数据请求,同时将机顶盒返回数据经过所述生产智能卡加密后写入指定文件;
所述生产应用程序,用来读取机顶盒CHIPID,向所述生产智能卡应用程序请求数据并将数据写入到所述无卡条件系统接收机顶盒中,同时由所述无卡条件接收系统机顶盒中读取返回数据并发送给所述生产智能卡;
所述无卡条件系统接收机顶盒,接收所述生产应用程序发送的数据并存储在flash中待用,通过设定算法产生返回数据给所述生产应用程序。
进一步的,所述无卡数据管理模块生成一个非对称加密密钥对PSMCK,其中公钥交由机顶盒生产商,私钥内置在所述生产智能卡中。
进一步的,所述无卡数据管理模块生成生产所需数量的VSMC ID,并和MPK通过PSMCK中的公钥加密后生成PD文件。
进一步的,所述生产智能卡应用程序将所述PD文件导入到所述生产智能卡中,由所述生产智能卡进行管理;所述生产智能卡利用自身SMC ID,经过混合运算,生成一个SMC key待用。
进一步的,所述生产应用程序与所述无卡条件接收系统机顶盒建立连接,读取机顶盒CHIPID,并通过所述生产智能卡应用程序将机顶盒CHIPID发送给所述生产智能卡,用来请求生产数据。
进一步的,所述生产智能卡收到机顶盒CHIPID后经过混合运算,生成一个对称加密的密钥CHIPID Key待用,同时利用所述生产智能卡的SMC ID,选择一个未使用的VSMC ID,并将该VSMC ID标识为已经使用,将选择的VSMC ID、SMC Key、MPK和生产数据通过CHIPID Key加密后,通过所述生产智能卡应用程序及生产应用程序发送给无卡条件系统接收机顶盒。
进一步的,所述无卡条件系统接收机顶盒接收并解密生产数据,同时生成返回数据并使用SMC Key加密后通过所述生产应用程序、生产智能卡应用程序发给所述生产智能卡。
进一步的,所述生产智能卡收到返回数据后,通过SMC Key解密,再通过PSMCK 中的私钥加密后,利用所述生产智能卡应用程序写入到RD文件中。
本方案提供的一种机顶盒无卡条件接收系统的生产方法,包括如下步骤:
设置无卡数据管理模块,提供生产智能卡、生产智能卡应用程序、生产应用程序以及无卡条件接收系统机顶盒;
所述无卡数据管理模块用来管理机顶盒的MPK、生产智能卡密钥对以及机顶盒返回数据;
所述生产智能卡,内置生产智能卡密钥对中的私钥;
所述生产智能卡应用程序,用来与所述生产智能卡进行通信,处理所述生产应用程序的数据请求,同时将机顶盒返回数据经过所述生产智能卡加密后写入指定文件;
所述生产应用程序,用来读取机顶盒CHIPID,向所述生产智能卡应用程序请求数据并将数据写入到所述无卡条件系统接收机顶盒中,同时由所述无卡条件接收系统机顶盒中读取返回数据并发送给所述生产智能卡;
所述无卡条件系统接收机顶盒,接收所述生产应用程序发送的数据并存储在flash中待用,通过设定算法产生返回数据给所述生产应用程序。
 有益效果
本方案机顶盒无卡条件接收系统的生产系统及方法,设置无卡数据管理模块、生产智能卡、生产智能卡应用程序、生产应用程序以及无卡条件系统接收机顶盒,采用一个与机顶盒分离的生产智能卡及相应配置的各个模块和应用程序来完成机顶盒无卡条件接收系统的生产,使得在智能卡中的数据能够适应到无卡条件接收系统生产中,从而实现无卡条件接收系统的生产,能够生产无卡条件接收系统的机顶盒。
 附图说明
图1是一个实施例中的机顶盒无卡条件接收系统的生产系统的结构图。
 本发明的实施方式
为了使本方案的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对本方案进行进一步详细说明。应当理解,此处所描述的具体实施例仅用以解释本方案,并不用于限定本方案。
图1是一个实施例中的机顶盒无卡条件接收系统的生产系统的结构图,如图1所示,该生产系统包括:无卡数据管理模块100、生产智能卡200、生产智能卡应用程序300、生产应用程序400以及无卡条件系统接收机顶盒500。无卡数据管理模块100用来管理机顶盒的MPK、生产智能卡密钥对以及机顶盒返回数据。生产智能卡200,内置生产智能卡密钥对中的私钥,生产智能卡应用程序300用来与生产智能卡200进行通信,处理生产应用程序400的数据请求,同时将机顶盒返回数据经过生产智能卡200加密后写入指定文件。生产应用程序400,用来读取机顶盒CHIPID(机顶盒主芯片的唯一ID),向生产智能卡应用程序300请求数据并将数据写入到无卡条件系统接收机顶盒500中,同时由无卡条件接收系统机顶盒500中读取返回数据并发送给生产智能卡200。无卡条件系统接收机顶盒500,接收生产应用程序400发送的数据并存储在flash中待用,同时通过设定算法产生返回数据给生产应用程序400。
具体的,在机顶盒生产商需要生产无卡条件接收系统机顶盒时,无卡数据管理模块100生成一个非对称加密密钥对PSMCK(Produce Smart Card Key),其中公钥交由机顶盒生产商,私钥内置在生产智能卡200中。
无卡数据管理模块100生成生产所需数量的VSMC ID(Virtual Smart Card ID)并和MPK通过PSMCK中的公钥加密后生成PD文件(Produce Data)。另外,PD文件发给机顶盒生产商。
生产智能卡应用程序300将PD文件导入到生产智能卡200中,由生产智能卡200进行管理。同时,生产智能卡200利用自身SMC ID,经过混合运算,生成一个SMC key(Smart Card Key)待用。
生产应用程序400与无卡条件接收系统机顶盒500建立连接(如串口或者网络通信),读取机顶盒CHIPID,并通过生产智能卡应用程序300将机顶盒CHIPID发送给生产智能卡200,用来请求生产数据。
生产智能卡200收到机顶盒CHIPID后经过混合运算,生成一个对称加密的密钥CHIPID Key待用,同时利用生产智能卡200的SMC ID,并选择一个未使用的VSMC ID,并将该VSMC ID标识为已经使用,同时将该VSMC ID、SMC Key、MPK和生产数据通过CHIPID Key加密后,通过生产智能卡应用程序300及生产应用程序400发送给无卡条件系统接收机顶盒500。
无卡条件系统接收机顶盒500接收后保存在flash中。无卡条件系统接收机顶盒500解密生产数据,同时生成返回数据,使用SMC Key加密后通过生产应用程序400、生产智能卡应用程序300发给生产智能卡200。其中返回数据中包含了VSMC ID、CHIPID以及其他必要数据。将生产数据使用机顶盒CHIPID加密,可以防止生产数据被拷贝,破解。
生产智能卡200收到返回数据后,通过SMC Key解密,再通过PSMCK 中的私钥加密后,利用生产智能卡应用程序300写入到RD文件(Return Data)中,这样就完成机顶盒无卡条件接收系统的生产。
该机顶盒无卡条件接收系统的生产系统,设置无卡数据管理模块100、生产智能卡200、生产智能卡应用程序300、生产应用程序400以及无卡条件系统接收机顶盒500,采用一个与机顶盒分离的生产智能卡200及相应配置的各个模块和应用程序来完成机顶盒无卡条件接收系统的生产,使得在智能卡中的数据能够适应到无卡条件接收系统生产中,从而实现无卡条件接收系统的生产,能够生产无卡条件接收系统的机顶盒。
同时,本方案还提供一种机顶盒无卡条件接收系统的生产方法,该生产方法包括如下步骤:
设置无卡数据管理模块,提供生产智能卡、生产智能卡应用程序、生产应用程序以及无卡条件系统接收机顶盒;
无卡数据管理模块用来管理机顶盒的MPK、生产智能卡密钥对以及机顶盒返回数据。生产智能卡,内置生产智能卡密钥对中的私钥,生产智能卡应用程序用来与生产智能卡进行通信,处理生产应用程序的数据请求,同时将机顶盒返回数据经过生产智能卡加密后写入指定文件。生产应用程序,用来读取机顶盒CHIPID(机顶盒主芯片的唯一ID),向生产智能卡应用程序请求数据并将数据写入到无卡条件系统接收机顶盒中,同时由无卡条件接收系统机顶盒中读取返回数据并发送给生产智能卡。无卡条件系统接收机顶盒,接收生产应用程序发送的数据并存储在flash中待用,同时通过设定算法产生返回数据给生产应用程序。
具体的,在机顶盒生产商需要生产无卡条件接收系统机顶盒时,无卡数据管理模块生成一个非对称加密密钥对PSMCK(Produce Smart Card Key),其中公钥交由机顶盒生产商,私钥内置在生产智能卡中。
无卡数据管理模块生成生产所需数量的VSMC ID(Virtual Smart Card ID)并和MPK通过PSMCK中的公钥加密后生成PD文件(Produce Data)。另外,PD文件发给机顶盒生产商。
生产智能卡应用程序将PD文件导入到生产智能卡中,由生产智能卡进行管理。同时,生产智能卡利用自身SMC ID,经过混合运算,生成一个SMC key(Smart Card Key)待用。
生产应用程序与无卡条件接收系统机顶盒建立连接(如串口或者网络通信),读取机顶盒CHIPID,并通过生产智能卡应用程序将机顶盒CHIPID发送给生产智能卡,用来请求生产数据。
生产智能卡收到机顶盒CHIPID后经过混合运算,生成一个对称加密的密钥CHIPID Key待用,同时利用生产智能卡的SMC ID,并选择一个未使用的VSMC ID,并将该VSMC ID标识为已经使用,同时将该VSMC ID、SMC Key、MPK和生产数据通过CHIPID Key加密后,通过生产智能卡应用程序及生产应用程序发送给无卡条件系统接收机顶盒。
无卡条件系统接收机顶盒接收后保存在flash中。无卡条件系统接收机顶盒解密生产数据,同时生成返回数据,使用SMC Key加密后通过生产应用程序、生产智能卡应用程序发给生产智能卡。其中返回数据中包含了VSMC ID、CHIPID以及其他必要数据。将生产数据使用机顶盒CHIPID加密,可以防止生产数据被拷贝,破解。
生产智能卡收到返回数据后,通过SMC Key解密,再通过PSMCK 中的私钥加密后,利用生产智能卡应用程序写入到RD文件(Return Data)中,这样就完成机顶盒无卡条件接收系统的生产。
该机顶盒无卡条件接收系统的生产方法,设置无卡数据管理模块、生产智能卡、生产智能卡应用程序、生产应用程序以及无卡条件系统接收机顶盒,采用一个与机顶盒分离的生产智能卡及相应配置的各个模块和应用程序来完成机顶盒无卡条件接收系统的生产,使得在智能卡中的数据能够适应到无卡条件接收系统生产中,从而实现无卡条件接收系统的生产,能够生产无卡条件接收系统的机顶盒。
以上仅为本方案的较佳实施例而已,并不用以限制本方案,凡在本方案的精神和原则之内所作的任何修改、等同替换和改进等,均应包含在本方案的保护范围之内。

Claims (16)

  1. 一种机顶盒无卡条件接收系统的生产系统,其特征在于,包括:无卡数据管理模块、生产智能卡、生产智能卡应用程序、生产应用程序以及无卡条件接收系统机顶盒;
    所述无卡数据管理模块用来管理机顶盒的MPK、生产智能卡密钥对以及机顶盒返回数据;
    所述生产智能卡,内置生产智能卡密钥对中的私钥;
    所述生产智能卡应用程序,用来与所述生产智能卡进行通信,处理所述生产应用程序的数据请求,同时将机顶盒返回数据经过所述生产智能卡加密后写入指定文件;
    所述生产应用程序,用来读取机顶盒CHIPID,向所述生产智能卡应用程序请求数据并将数据写入到所述无卡条件系统接收机顶盒中,同时由所述无卡条件接收系统机顶盒中读取返回数据并发送给所述生产智能卡;
    所述无卡条件系统接收机顶盒,接收所述生产应用程序发送的数据并存储在flash中待用,通过设定算法产生返回数据给所述生产应用程序。
  2. 根据权利要求1所述的机顶盒无卡条件接收系统的生产系统,其特征在于,所述无卡数据管理模块生成一个非对称加密密钥对PSMCK,其中公钥交由机顶盒生产商,私钥内置在所述生产智能卡中。
  3. 根据权利要求2所述的机顶盒无卡条件接收系统的生产系统,其特征在于,所述无卡数据管理模块生成生产所需数量的VSMC ID,并和MPK通过PSMCK中的公钥加密后生成PD文件。
  4. 根据权利要求3所述的机顶盒无卡条件接收系统的生产系统,其特征在于,所述生产智能卡应用程序将所述PD文件导入到所述生产智能卡中,由所述生产智能卡进行管理;所述生产智能卡利用自身SMC ID,经过混合运算,生成一个SMC key待用。
  5. 根据权利要求4所述的机顶盒无卡条件接收系统的生产系统,其特征在于,所述生产应用程序与所述无卡条件接收系统机顶盒建立连接,读取机顶盒CHIPID,并通过所述生产智能卡应用程序将机顶盒CHIPID发送给所述生产智能卡,用来请求生产数据。
  6. 根据权利要求5所述的机顶盒无卡条件接收系统的生产系统,其特征在于,所述生产智能卡收到机顶盒CHIPID后经过混合运算,生成一个对称加密的密钥CHIPID Key待用,同时利用所述生产智能卡的SMC ID,选择一个未使用的VSMC ID,并将该VSMC ID标识为已经使用,将选择的VSMC ID、SMC Key、MPK和生产数据通过CHIPID Key加密后,通过所述生产智能卡应用程序及生产应用程序发送给无卡条件系统接收机顶盒。
  7. 根据权利要求6所述的机顶盒无卡条件接收系统的生产系统,其特征在于,所述无卡条件系统接收机顶盒接收并解密生产数据,同时生成返回数据并使用SMC Key加密后通过所述生产应用程序、生产智能卡应用程序发给所述生产智能卡。
  8. 根据权利要求7所述的机顶盒无卡条件接收系统的生产系统,其特征在于,所述生产智能卡收到返回数据后,通过SMC Key解密,再通过PSMCK 中的私钥加密后,利用所述生产智能卡应用程序写入到RD文件中。
  9. 一种机顶盒无卡条件接收系统的生产方法,其特征在于,包括如下步骤:
    设置无卡数据管理模块,提供生产智能卡、生产智能卡应用程序、生产应用程序以及无卡条件接收系统机顶盒;
    所述无卡数据管理模块用来管理机顶盒的MPK、生产智能卡密钥对以及机顶盒返回数据;
    所述生产智能卡,内置生产智能卡密钥对中的私钥;
    所述生产智能卡应用程序,用来与所述生产智能卡进行通信,处理所述生产应用程序的数据请求,同时将机顶盒返回数据经过所述生产智能卡加密后写入指定文件;
    所述生产应用程序,用来读取机顶盒CHIPID,向所述生产智能卡应用程序请求数据并将数据写入到所述无卡条件系统接收机顶盒中,同时由所述无卡条件接收系统机顶盒中读取返回数据并发送给所述生产智能卡;
    所述无卡条件系统接收机顶盒,接收所述生产应用程序发送的数据并存储在flash中待用,通过设定算法产生返回数据给所述生产应用程序。
  10. 如权利要求9所述的机顶盒无卡条件接收系统的生产方法,其特征在于,在生产无卡条件接收系统机顶盒时,无卡数据管理模块生成一个非对称加密密钥对PSMCK(Produce Smart Card Key),其中公钥交由机顶盒生产商,私钥内置在生产智能卡中。
  11. 如权利要求10所述的机顶盒无卡条件接收系统的生产方法,其特征在于,无卡数据管理模块生成生产所需数量的VSMC ID(Virtual Smart Card ID)并和MPK通过PSMCK中的公钥加密后生成PD文件(Produce Data)。
  12. 如权利要求11所述的机顶盒无卡条件接收系统的生产方法,其特征在于,生产智能卡应用程序将PD文件导入到生产智能卡中,由生产智能卡进行管理。同时,生产智能卡利用自身SMC ID,经过混合运算,生成一个SMC key(Smart Card Key)待用。
  13. 如权利要求12所述的机顶盒无卡条件接收系统的生产方法,其特征在于,生产应用程序与无卡条件接收系统机顶盒建立连接(如串口或者网络通信),读取机顶盒CHIPID,并通过生产智能卡应用程序将机顶盒CHIPID发送给生产智能卡,用来请求生产数据。
  14. 如权利要求13所述的机顶盒无卡条件接收系统的生产方法,其特征在于,生产智能卡收到机顶盒CHIPID后经过混合运算,生成一个对称加密的密钥CHIPID Key待用,同时利用生产智能卡的SMC ID,并选择一个未使用的VSMC ID,并将该VSMC ID标识为已经使用,同时将该VSMC ID、SMC Key、MPK和生产数据通过CHIPID Key加密后,通过生产智能卡应用程序及生产应用程序发送给无卡条件系统接收机顶盒。
  15. 如权利要求14所述的机顶盒无卡条件接收系统的生产方法,其特征在于,无卡条件系统接收机顶盒解密生产数据,同时生成返回数据,使用SMC Key加密后通过生产应用程序、生产智能卡应用程序发给生产智能卡。
  16. 如权利要求15所述的机顶盒无卡条件接收系统的生产方法,其特征在于,生产智能卡收到返回数据后,通过SMC Key解密,再通过PSMCK 中的私钥加密后,利用生产智能卡应用程序写入到RD(Return Data)文件中。
PCT/CN2018/097005 2017-09-30 2018-07-25 机顶盒无卡条件接收系统的生产方法及系统 WO2019062305A1 (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201710940141.5 2017-09-30
CN201710940141.5A CN107645679B (zh) 2017-09-30 2017-09-30 机顶盒无卡条件接收系统的生产方法及系统

Publications (1)

Publication Number Publication Date
WO2019062305A1 true WO2019062305A1 (zh) 2019-04-04

Family

ID=61122852

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/097005 WO2019062305A1 (zh) 2017-09-30 2018-07-25 机顶盒无卡条件接收系统的生产方法及系统

Country Status (2)

Country Link
CN (1) CN107645679B (zh)
WO (1) WO2019062305A1 (zh)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107645679B (zh) * 2017-09-30 2020-02-07 深圳市九洲电器有限公司 机顶盒无卡条件接收系统的生产方法及系统

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101924907A (zh) * 2009-06-12 2010-12-22 北京视博数字电视科技有限公司 实现条件接收的方法、终端设备和前端
US20110055577A1 (en) * 2009-09-01 2011-03-03 Candelore Brant L Location authentication
CN102427559A (zh) * 2011-09-30 2012-04-25 广州数字电视工程技术中心有限公司 一种基于数字电视机卡分离技术的身份认证方法
CN104079994A (zh) * 2014-07-07 2014-10-01 四川金网通电子科技有限公司 基于机顶盒无卡ca的授权系统及方法
CN107645679A (zh) * 2017-09-30 2018-01-30 深圳市九洲电器有限公司 机顶盒无卡条件接收系统的生产方法及系统

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030093812A1 (en) * 2001-11-09 2003-05-15 Sony Corporation System and method for delivering data to an information appliance using the ISO07816
PL370186A1 (pl) * 2004-09-20 2006-04-03 Advanced Digital Broadcast Ltd. System do obsługi systemów dostępu warunkowego i sposób obsługi systemów dostępu warunkowego
CN102111642A (zh) * 2009-12-25 2011-06-29 厦门华侨电子股份有限公司 一种双向一体机实现无卡条件接收加密数字电视的方法
CN102098575B (zh) * 2010-12-31 2012-12-05 青岛海信宽带多媒体技术有限公司 兼容多种条件接收系统移植的方法和条件接收方法
CN102082971B (zh) * 2011-02-10 2013-05-01 武汉天喻信息产业股份有限公司 数字电视机顶盒芯片及其授权接收方法
CN102256170A (zh) * 2011-07-15 2011-11-23 四川长虹电器股份有限公司 基于无卡ca的加密方法及解密方法
CN103607613A (zh) * 2013-11-21 2014-02-26 四川九洲电器集团有限责任公司 一种数字多媒体终端ca模块系统及其工作方法
US20160165279A1 (en) * 2014-12-04 2016-06-09 Electronics And Telecommunications Research Institute Method of transmitting messages between distributed authorization server and conditional access module authentication sub-system in renewable conditional access system, and renewable conditional access system headend

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101924907A (zh) * 2009-06-12 2010-12-22 北京视博数字电视科技有限公司 实现条件接收的方法、终端设备和前端
US20110055577A1 (en) * 2009-09-01 2011-03-03 Candelore Brant L Location authentication
CN102427559A (zh) * 2011-09-30 2012-04-25 广州数字电视工程技术中心有限公司 一种基于数字电视机卡分离技术的身份认证方法
CN104079994A (zh) * 2014-07-07 2014-10-01 四川金网通电子科技有限公司 基于机顶盒无卡ca的授权系统及方法
CN107645679A (zh) * 2017-09-30 2018-01-30 深圳市九洲电器有限公司 机顶盒无卡条件接收系统的生产方法及系统

Also Published As

Publication number Publication date
CN107645679B (zh) 2020-02-07
CN107645679A (zh) 2018-01-30

Similar Documents

Publication Publication Date Title
US11469885B2 (en) Remote grant of access to locked data storage device
US8756415B2 (en) Memory device, host device, and memory system
US8948397B2 (en) Major management apparatus, authorized management apparatus, electronic apparatus for delegated key management, and key management methods thereof
JP6026630B2 (ja) メモリシステム
US10454910B2 (en) Management apparatus, computer program product, system, device, method, information processing apparatus, and server
CN103907308A (zh) 主机设备、半导体存储器设备以及认证方法
CN103782538A (zh) 认证器
CN112019561B (zh) 一种基于区块链技术的数字加密方法及系统
CN104350503A (zh) 存储器设备和存储器系统
CN108881240B (zh) 基于区块链的会员隐私数据保护方法
CN111566989B (zh) 一种密钥处理方法及装置
CN112636916A (zh) 数据处理方法、装置、存储介质及电子设备
CN107749862A (zh) 一种数据加密集中存储方法、服务器、用户终端及系统
US8750522B2 (en) Method and security system for the secure and unequivocal encoding of a security module
US8234501B2 (en) System and method of controlling access to a device
WO2019062305A1 (zh) 机顶盒无卡条件接收系统的生产方法及系统
CN106339621B (zh) 一种usb设备的数据处理方法、及该usb设备
CN103324970A (zh) 一种高效安全的rfid的收发方法及其系统
WO2018054144A1 (zh) 对称密钥动态生成方法、装置、设备及系统
WO2021031087A1 (zh) 一种证书管理方法及装置
CN112861108B (zh) 一种联盟链数据处理方法及系统
CN109684860A (zh) 一种基于业务关系的数据加密方法及装置
CN118015730A (zh) 一种应用蓝牙密码锁的试卷箱及开锁方法
CN105306975A (zh) 无需机卡绑定的控制字安全传输的方法及系统
CN117750360A (zh) 入网鉴权数据的保护方法及装置、存储介质、电子设备

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18861895

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 09.09.2020)

122 Ep: pct application non-entry in european phase

Ref document number: 18861895

Country of ref document: EP

Kind code of ref document: A1