CN1358024A - Conditioned narrow-band reception scheme in wide-band data broadcast - Google Patents
Conditioned narrow-band reception scheme in wide-band data broadcast Download PDFInfo
- Publication number
- CN1358024A CN1358024A CN 00127913 CN00127913A CN1358024A CN 1358024 A CN1358024 A CN 1358024A CN 00127913 CN00127913 CN 00127913 CN 00127913 A CN00127913 A CN 00127913A CN 1358024 A CN1358024 A CN 1358024A
- Authority
- CN
- China
- Prior art keywords
- cipher key
- business cipher
- key
- control word
- encryption equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000001143 conditioned effect Effects 0.000 title 1
- 238000013475 authorization Methods 0.000 claims description 10
- 230000005540 biological transmission Effects 0.000 claims description 9
- 238000012856 packing Methods 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 2
- 238000000034 method Methods 0.000 description 2
- 238000004891 communication Methods 0.000 description 1
- 238000012937 correction Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Images
Landscapes
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
Abstract
The present invention combines the srvice encrypting key i.e. using the same service encrypting key for different programs to increase the independent grant information at data transmitting end. The client grant system creates two lines of information, of which one is service encrypting key and the other is program grant information which is independent out to use the same encrypting key for different program grant with adding "Allowable/non-allowable" to control the output of control word. At the data receiving end the card encrypting key (private key) will be used to decrypt the grant encrypting information to obtain the service encrypting key which are used to decrypt the grant control information and control word information via decipher and to judge whether the grant situation is allowable or not. If it is allowable the control word will be obtained to solve the interference by using the interference solution series created from the control word.
Description
Narrowband condition reception programme in a kind of broadband data broadcasting belongs to communication technical field.
Condition in the data broadcasting receives, and generally is made up of two separate parts, promptly adds descrambling and receive to control (claiming data encryption usually), wherein each part special information process all.
Scrambling, be of the operation of CA system than bottom, method in common is to control scrambling by scramble sequence, scramble sequence is produced by pseudo-random generator, under the known situation of initial condition, can infer the scramble sequence that pseudo-random generator produces, initial condition is controlled by a distinctive signal that is initial word.At receiving terminal a same pseudo-random generator is arranged also, if initial word is sent to this pseudo-random generator, so just can obtain scrambling sequence, and then recover primary signal with scrambling sequence.For realizing maintaining secrecy, can will recover initial word for information about according to the authorization that is adopted, in addition secret form sends; Initial word is made up of control word and initial correction symbol, and the core of CA safety guarantee, it is exactly the safe transmission of phase related control information, in the digital video signal environment, the scrambling operation is controlled by the scrambling control word to finish, this control word is exactly a key, has had it just can recover the employed random sequence of scrambling synchronously the scrambling vision signal is carried out descrambling.
The safety of control word transmits and depends on business cipher key, and the data after business cipher key is encrypted back and scrambling together send, and decipher controlled word with business cipher key in user's receiving course, are decrypted by control word generation scrambling sequence.The condition that Entitlement Control Message ECM obtains after to be business cipher key to control word and Control Parameter encrypt receives information, and the descrambler of user side could controlled word only after obtaining business cipher key prevailing for the time being in force, thereby realizes the data descrambling.
The transmission of business cipher key can be to be solidificated in by modes such as smart cards to transmit in the chip, also can add crammed safety channel with distributing key by authoring system and pass to the user, and EMM realizes by Entitlement Control Message; The back is a kind of often uses in the system high to security requirement; The condition reception information that SAS Subscriber Authorization System obtains after with distributing key business cipher key being encrypted is called Entitlement Management Message EMM; At receiving terminal, decoder at first will obtain business cipher key with distributing key to Entitlement Management Message EMM deciphering, with business cipher key control word information ECM is deciphered controlled word and Control Parameter then, could be to the data descrambling.
Be solidificated in the mode of transmitting in the chip according to business cipher key by modes such as smart cards, the core of its cryptographic algorithm is an algorithm,, in case algorithm is cracked, just can carries out large-scale puppet and emit.
And another kind adds the scheme that crammed safety channel passes to the user by authoring system with distributing key, though the last a kind of scheme height of its fail safe, but taken too much bandwidth, its authoring system carries out the mandate of user and program is put together, therefore need take the bandwidth of number of users * number of programs * business cipher key length, this too much occupied bandwidth causes prolonging the user and waits for time of reception.
The objective of the invention is to design and a kind ofly encrypt narrowband condition reception programme in the broadband data broadcasting that does not take too much bandwidth after safe channel sends the user to distributing key by authoring system.
The solution of the present invention is to realize like this, transmitting terminal in the data transmission, merge business cipher key, (be different program with identical business cipher key, and existing other ways are different programs different business keys), increase independent authorization message, SAS Subscriber Authorization System produces two-way information, one the tunnel is business cipher key, another road is independent program authorization message, to the mandate of different programs with same business cipher key, but increase the output that " allow/not allowing " controls control word, business cipher key enters three encryption equipments, and the program authorization conditions enters one of them encryption equipment, business cipher key after card key (PKI) is encrypted, becomes and authorizes enciphered message EKM in another encryption equipment; With business cipher key the program authorization conditions is encrypted in an encryption equipment therein, form Entitlement Management Message EMM; Simultaneously, business cipher key is encrypted control word in one of them encryption equipment, forms control word information ECM, and all information comprise EKM, ECM, EMM packing back and miscellaneous service information multiplexing transmission together; At data receiver, a decipher is deciphered authorizing enciphered message EKM with card key (private key), obtain business cipher key, respectively Entitlement Management Message EMM and control word information ECM are deciphered by other two decoders with business cipher key, whether judge the program authorization conditions " permission ", if allow, then controlled word produces scrambling sequence by control word and carries out descrambling; An encryption equipment of transmitting terminal transmits data with 1: 1 ratio; This programme is a kind of system scheme, adopts which kind of algorithm irrelevant with three deciphers of three encryption equipments and receiving terminal.
Advantage of the present invention is:
1, anti-attack ability is strong
Utilization two-stage encryption system, the cryptographic algorithm core is key rather than algorithm, this scheme can often be changed business cipher key, therefore, with respect to the fixed service cipher key scheme, business cipher key need not be very strong to the cryptographic algorithm of control word, but safer reliable, for example, be used in the data broadcasting, though every block algorithm card algorithm is identical, key is all different, branch folds a card can only be counterfeit one, two cards of counterfeit younger brother will divide folding again; If just in case a certain card is cracked, we can find immediately and notify the user to change, compare with other business transferring key modes, owing to merged business cipher key, reduced the frequency that distributing key is separated business cipher key, therefore, under identical performance requirement, can strengthen the intensity of distributing key, and suitably elongate distributing key length, improve the system safety reliability with this to business cipher key.
2, save bandwidth
Different with general subscriber authorisation, we merge business cipher key (is different program with identical business cipher key, and existing other ways are different programs different business keys), increase independent authorization message, like this, user's authoring system produces two-way information, and one the tunnel is business cipher key, promptly user validation is authorized, shared bandwidth is: number of users * business cipher key is long; Another road is exactly independent program authorization message, to the mandate of different programs with same business cipher key, but increase the output that " allow/not allowing " controls control word, occupied bandwidth is: number of users * number of programs * 2bit, occupied bandwidth is altogether: number of users * business cipher key length+number of users * number of programs * 2bit, much smaller than general occupied bandwidth number: number of users * number of programs * business cipher key is long, has shortened the time that the user waits for mandate greatly.
The present invention has following accompanying drawing:
Accompanying drawing 1 is a data sending terminal functional-block diagram of the present invention.
Accompanying drawing 2 is data receiver functional-block diagrams of the present invention.
Narrate embodiments of the invention below in conjunction with accompanying drawing:
See also accompanying drawing 1,2, transmitting terminal in the data transmission, merge professional close (be different program with identical business cipher key, and existing other ways are different programs different business keys), increase independent authorization message, like this, user's authoring system produces two-way information, one the tunnel is business cipher key, another road is independent program authorization message, to the mandate of different programs with same business cipher key, but increase the output that " allow/not allowing " controls control word, business cipher key enters encryption equipment 1, encryption equipment 2 and encryption equipment 3, the program authorization conditions enters encryption equipment 2, business cipher key after card key (PKI) is encrypted, becomes and authorizes enciphered message EKM in encryption equipment 1; In encryption equipment 2, the joint authorization conditions is encrypted with business cipher key, form Entitlement Management Message EMM, ratio Data transmission with 1: 1, simultaneously, business cipher key is encrypted control word in the encryption equipment 1, form control word information ECM, all information comprise EKM, ECM, EMM packing back and miscellaneous service information multiplexing transmission together; At data receiver, decipher 1 usefulness card key (private key) is to authorizing enciphered message EKM deciphering, obtain business cipher key, respectively Entitlement Management Message EMM and control word information ECM are deciphered by decoder 2 and decoder 3 with business cipher key, whether judge the program authorization conditions " permission ", if allow, then export control word, produce scrambling sequence by control word and carry out descrambling.
Claims (3)
1, narrowband condition reception programme in a kind of broadband data broadcasting, it is characterized in that: at the transmitting terminal of data transmission, merge business cipher key, increase independent authorization message, SAS Subscriber Authorization System produces two-way information, one the tunnel is business cipher key, another road is independent program authorization message, and the mandate of different programs with same business cipher key, but is increased the output that " allow/not allowing " controls control word, business cipher key enters encryption equipment (1), encryption equipment (2) and encryption equipment (3), the program authorization conditions enters encryption equipment (2), and business cipher key after card key (PKI) is encrypted, becomes and authorizes enciphered message EKM in encryption equipment (1); In encryption equipment (2), the program authorization conditions is encrypted, form Entitlement Management Message EMM with business cipher key; Simultaneously, business cipher key is encrypted control word in the encryption equipment (1), forms control word information ECM, and all information comprise EKM, ECM, EMM packing back and miscellaneous service information multiplexing transmission together; At data receiver, decipher is deciphered authorizing enciphered message EKM with card key (private key), obtain business cipher key, respectively Entitlement Management Message EMM and control word information ECM are deciphered by decoder (2) and decoder (3) with business cipher key, whether judge the program authorization conditions " permission ", if allow, then controlled word produces scrambling sequence by control word and carries out descrambling.
2, by narrowband condition reception programme in the described broadband data broadcasting of claim 1, it is characterized in that: the encryption equipment of transmitting terminal (2) transmits data with 1: 1 ratio.
3, by narrowband condition reception programme in the described broadband data broadcasting of claim 1, it is characterized in that: it is a kind of system scheme, and with encryption equipment (1), (2), (3), which kind of algorithm decipher (1), (2), (3) adopt irrelevant.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 00127913 CN1111335C (en) | 2000-12-15 | 2000-12-15 | Conditioned narrow-band reception scheme in wide-band data broadcast |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 00127913 CN1111335C (en) | 2000-12-15 | 2000-12-15 | Conditioned narrow-band reception scheme in wide-band data broadcast |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1358024A true CN1358024A (en) | 2002-07-10 |
| CN1111335C CN1111335C (en) | 2003-06-11 |
Family
ID=4592823
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 00127913 Expired - Fee Related CN1111335C (en) | 2000-12-15 | 2000-12-15 | Conditioned narrow-band reception scheme in wide-band data broadcast |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1111335C (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100346648C (en) * | 2004-01-13 | 2007-10-31 | 北京中视联数字系统有限公司 | General user management system for digital television set and interface communication method of authorization management system |
| CN100438617C (en) * | 2003-02-04 | 2008-11-26 | 卡纳尔技术公司 | Pay television, method of revoking rights in such a system, associated decoder and smart card |
| CN100539679C (en) * | 2003-10-06 | 2009-09-09 | 卡纳尔技术公司 | Portable Security Module Pairing |
| CN1845599B (en) * | 2006-05-17 | 2010-09-01 | 中国移动通信集团公司 | Method for obtaining and updating service key in mobile television service |
| CN1949862B (en) * | 2005-10-13 | 2010-09-29 | 三星电子株式会社 | Digital broadcast conditional access system and method |
| CN101019425B (en) * | 2005-07-15 | 2011-09-07 | 无线电技术研究学院有限公司 | Method and device for retransferring and/or for processing and/or reproducing and/or storing sound and/or image content, and device for processing and/or reproducing and/or storing sound and/or image |
| CN101212642B (en) * | 2006-12-25 | 2012-06-27 | 北京握奇数据系统有限公司 | Broadcast signal processing method, system, and receiver |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2006055853A2 (en) * | 2004-11-17 | 2006-05-26 | General Instrument Corporation | System and method for providing authorized access to digital content |
-
2000
- 2000-12-15 CN CN 00127913 patent/CN1111335C/en not_active Expired - Fee Related
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100438617C (en) * | 2003-02-04 | 2008-11-26 | 卡纳尔技术公司 | Pay television, method of revoking rights in such a system, associated decoder and smart card |
| CN100539679C (en) * | 2003-10-06 | 2009-09-09 | 卡纳尔技术公司 | Portable Security Module Pairing |
| CN100346648C (en) * | 2004-01-13 | 2007-10-31 | 北京中视联数字系统有限公司 | General user management system for digital television set and interface communication method of authorization management system |
| CN101019425B (en) * | 2005-07-15 | 2011-09-07 | 无线电技术研究学院有限公司 | Method and device for retransferring and/or for processing and/or reproducing and/or storing sound and/or image content, and device for processing and/or reproducing and/or storing sound and/or image |
| CN1949862B (en) * | 2005-10-13 | 2010-09-29 | 三星电子株式会社 | Digital broadcast conditional access system and method |
| CN1845599B (en) * | 2006-05-17 | 2010-09-01 | 中国移动通信集团公司 | Method for obtaining and updating service key in mobile television service |
| CN101212642B (en) * | 2006-12-25 | 2012-06-27 | 北京握奇数据系统有限公司 | Broadcast signal processing method, system, and receiver |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1111335C (en) | 2003-06-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1237803C (en) | Transmission method of secrete data | |
| JP4633202B2 (en) | Method for providing secure communication between two devices and application of this method | |
| EP0658054B1 (en) | Apparatus and method for securing communication systems | |
| JP3015175B2 (en) | Terminal function updating method and device for maintaining secure communication network | |
| CN101076109B (en) | Digital TV two-way CA system and program subscription/cancellation method based on the system | |
| JP5106845B2 (en) | How to descramble a scrambled content data object | |
| CN101018320A (en) | A digital TV condition receiving system and its encryption method | |
| HK1047842A1 (en) | Method for operating a conditional access system for broadcast applications | |
| JPH10164053A (en) | Verification method/system for data by scrambling | |
| RU2000111530A (en) | METHOD AND DEVICE FOR ENCRYPTED DATA STREAM TRANSLATION | |
| CN110224821A (en) | A kind of communication encrypting method of unmanned mobile platform | |
| JP4691244B2 (en) | Limited reception device and security module of limited reception system, limited reception system, limited reception device authentication method, and encryption communication method | |
| CN100442839C (en) | An information transmission method and device for an interactive digital broadcast television system | |
| KR20110096056A (en) | Content decryption device and encryption system using additional key layers | |
| JPS61107376A (en) | Encryption device and encryption method | |
| CN1111335C (en) | Conditioned narrow-band reception scheme in wide-band data broadcast | |
| CN100539679C (en) | Portable Security Module Pairing | |
| CN100547955C (en) | A kind of method of protecting mobile multimedia service, system and equipment | |
| CN101119170A (en) | A User Management Method Based on FM Subcarrier | |
| JPH11249558A (en) | Encryption device | |
| CN102263995A (en) | Simulcrypt-technology-based conditional access method and system | |
| JPS6348930A (en) | Data protection system for radio tdma data communication path | |
| CN101409822A (en) | System and method for tracking user smart card | |
| HK1012811B (en) | Apparatus and method for securing communication systems | |
| TH40488A3 (en) | Mechanisms for matching between receiver and safety module |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C06 | Publication | ||
| PB01 | Publication | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C19 | Lapse of patent right due to non-payment of the annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |