CN101626484A - Method for protecting control word in condition access system, front end and terminal - Google Patents
Method for protecting control word in condition access system, front end and terminal Download PDFInfo
- Publication number
- CN101626484A CN101626484A CN200810116199.9A CN200810116199A CN101626484A CN 101626484 A CN101626484 A CN 101626484A CN 200810116199 A CN200810116199 A CN 200810116199A CN 101626484 A CN101626484 A CN 101626484A
- Authority
- CN
- China
- Prior art keywords
- control word
- key
- top box
- terminal
- security chip
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 41
- 238000013475 authorization Methods 0.000 claims description 67
- 230000008901 benefit Effects 0.000 description 6
- 238000010586 diagram Methods 0.000 description 5
- 230000005540 biological transmission Effects 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000010276 construction Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000008676 import Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention provides a method for protecting a control word in a condition access system, a front end and a terminal. The method comprises the following steps that: a terminal security device judges whether to encrypt a scrambling control word or not; if the scrambling control word is to be encrypted, the terminal security device generates an agreement key and uses a prestored security chip key to encrypt the agreement key and the agreement key to encrypt the obtained scrambling control word; and the terminal security device transmits the encrypted agreement key and the scrambling control word to a set-top box. The method uses the security chip key to encrypt and decrypt the agreement key and the control word transmitted between an intelligent card and the set-top box, thereby effectively preventing malicious embezzlement of the control word and effectively protecting the vital interests of program operators.
Description
Technical Field
The present invention relates to a digital television conditional access technology, and in particular, to a method for protecting a control word of a digital television conditional access system, a front end of the conditional access system, and a terminal.
Background
As is well known, the conditional access system CAS is a system for controlling the reception of a broadcast service by a user, and the paid service of the broadcast system is generally implemented through an authorization management.
The conditional access system controls the broadcast service by scrambling broadcast data and encrypting the scrambled control information. The secure transmission of the control word CW depends on the product key, which is encrypted and transmitted together with the scrambled broadcast data.
As shown in fig. 1, the user orders the program through the head end, and the head end encrypts the Control word CW with the product key and transmits the encrypted Control word CW in the Entitlement Control Message (ECM). The front end encrypts the product key by using the user key, and sends the encrypted product key to the terminal set-top box through the EMM data packet.
The set-top box filters the EMM data packets according to the serial numbers of the smart card, the filtered EMM data packets are sent to the smart card, the smart card decrypts the encrypted product key by using the pre-embedded user key, and the decrypted product key is stored in the smart card.
And the set-top box filters the ECM packet of the current channel according to the identification number of the ECM packet and sends the ECM packet to the intelligent card, the intelligent card decrypts the encrypted control word CW by using the decrypted product key, and the decrypted control word CW is returned to the set-top box for descrambling the program. After the digital program is descrambled, the user can watch the authorized product through the display unit of the terminal.
Generally, the control word CW is transmitted between the smart card and the set-top box in a plaintext manner, such a transmission manner is very insecure, some illegal hackers may maliciously intercept the plaintext control word CW during the transmission of the control word CW, and descramble the scrambled program stream by using the intercepted control word CW to watch the program, thereby seriously damaging the vital interests of the operator.
Disclosure of Invention
The invention aims to provide a method for protecting control words, which utilizes a security chip key to encrypt/decrypt a negotiation key and control words transmitted between an intelligent card and a set-top box, effectively prevents the control words from being stolen maliciously and greatly protects the vital interests of program operators.
The invention aims to provide a program descrambling method of a conditional access system, which utilizes a security chip to encrypt/decrypt a control word transmitted between an intelligent card and a set-top box, effectively prevents the control word from being stolen maliciously and greatly protects the vital interests of program operators.
The invention also aims to provide a conditional access system front end, which sends a security chip key corresponding to the set-top box to a terminal, so that the terminal can obtain the security chip key and encrypt and decrypt the security chip key, thereby preventing the control word from being stolen maliciously.
The invention also aims to provide a set-top box, which can negotiate with a terminal security device to decrypt the scrambled control words encrypted by the security device, thereby effectively preventing the control words from being stolen maliciously.
The invention also aims to provide a safety device which encrypts the scrambling control words and effectively prevents the control words from being stolen maliciously.
In order to achieve the above object, the present invention provides a method for protecting a control word in a conditional access system, wherein after a terminal security device acquires a scrambled control word, the method comprises: the terminal safety device judges whether to encrypt the scrambling control word; if the judgment result is yes, generating a negotiation key; encrypting the negotiation key by using the security chip key, and encrypting the obtained scrambling control word by using the negotiation key; and transmitting the encrypted negotiation key and the encrypted scrambling control word to the set top box.
In order to achieve the above object, the present invention further provides a program descrambling method for a conditional access system, wherein after a terminal security device acquires a scrambling control word, the method comprises:
the terminal security device judges whether to encrypt the scrambling control word;
if the judgment result is that the key exists, generating a negotiation key;
encrypting the negotiation key by using the security chip key, encrypting the obtained scrambling control word by using the negotiation key, and transmitting the encrypted negotiation key and the scrambling control word to the set-top box;
the set-top box decrypts the encrypted scrambling control word and the negotiation key to acquire the scrambling control word;
and descrambling the received program by using the scrambling control word.
To achieve the above object, the present invention further provides a conditional access system front end, including:
an authorization management information generation unit for generating authorization management information; the authorization management information comprises a security chip key corresponding to the terminal security device and a corresponding set top box number;
a sending unit, configured to send the authorization management information to the terminal.
To achieve the above object, the present invention also provides a safety device, including:
a judging unit for judging whether to encrypt the scrambling control word;
a key generation unit that generates a negotiation key when the judgment result of the judgment unit is yes;
and the encryption unit is used for encrypting the negotiation key by utilizing a pre-stored security chip key, encrypting the obtained scrambling control word by utilizing the negotiation key, and transmitting the encrypted negotiation key and the scrambling control word to the set top box.
In order to achieve the above object, the present invention further provides a set top box, including:
the security chip stores the security chip key;
a decryption unit, configured to receive the encrypted scrambled control word and the negotiation key transmitted by the security device, and decrypt the encrypted negotiation key with the security chip key to obtain the negotiation key; and decrypting the encrypted scrambling control word by using the acquired negotiation key to acquire the scrambling control word.
The embodiment of the invention has the advantages that the control words transmitted between the intelligent card and the set-top box are encrypted/decrypted by using the security chip key, thereby effectively preventing the control words from being stolen maliciously and greatly protecting the vital interests of program operators.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the principles of the invention. In the drawings:
fig. 1 is a flow chart of scrambling/descrambling in a conditional access system in the related art;
FIG. 2 is a schematic diagram of the front end of the conditional access system according to the present invention;
FIG. 3 is a schematic diagram of a terminal configuration of the conditional access system of the present invention;
fig. 4 is a schematic diagram of the set-top box of fig. 3;
FIG. 5 is a schematic view of the safety device of FIG. 3;
FIG. 6 is a flow diagram of a method of protecting a control word according to an embodiment of the invention;
fig. 7 is a flow chart of set-top box decryption in an embodiment of the invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail with reference to the following embodiments and accompanying drawings. The exemplary embodiments and descriptions of the present invention are provided to explain the present invention, but not to limit the present invention.
Implementation mode one
The invention provides a conditional access system front end, as shown in fig. 2, the front end comprises an authorization management information generating unit 201 and a sending unit 202; wherein,
the authorization management information generation unit 201 is configured to generate authorization management information; the authorization management information comprises a security chip key corresponding to the terminal security device and a corresponding set top box number; the sending unit 202 is configured to send the authorization management information to the conditional access system terminal.
Therefore, the front end sends the security chip key and the corresponding set top box number to the terminal, so that the terminal security device obtains the security chip key and encrypts and decrypts the security chip key, and the phenomenon of malicious control word stealing is prevented.
In this embodiment, the authorization management information generating unit 201 may adopt an EMMG, which packages a security chip key (DSK) and a set-top box number (STBID) into an EMM packet and transmits the EMM packet to a terminal through the transmitting unit 202.
In addition, the front end further includes an editing unit 203 and a storage unit 204; wherein,
the editing unit 203 is configured to edit the security chip key and the corresponding set-top box number; the storage unit 204 is used for storing the edited security chip key and the corresponding set-top box number.
As shown in fig. 2, the front end further includes an entitlement control message generating unit 205, which is used to generate entitlement control messages (ECM packets) carrying the scrambled control words CW, and transmit the generated entitlement control messages (ECM packets) to the terminal through the transmitting unit 202.
In this embodiment, the authorization control information generating unit 205 may be an ECMG.
As can be seen from the above, the front end first imports a set-top box number (STBID) and a secure chip key (DSK) list through the editing unit 203 and stores them in the storage unit 204. Thus, the front end can send the set-top box number and the security chip key to each security device, such as a smart card, that is, the EMMG201 makes the set-top box number STBID and the security chip key DSK specified by the front end into a common authorization packet, and then invokes the sending unit 202 to send the EMM packet to the terminal.
In the present embodiment, the format of the EMM packet to be transmitted is shown in table 1.
TABLE 1
| Grammar for grammar | Note |
| EMMData(){ | |
| CardSN | Card number of intelligent card |
| OperatorID | Operator number |
| ... | |
| STBID | Set-top box numbering |
| DSK | Security chip key corresponding to set top box |
| ... | |
| } |
Second embodiment
The invention also provides a conditional access system terminal, as shown in fig. 3, the terminal comprises a security device 302 and a set-top box 301; wherein,
after the secure device 302 obtains the scrambled control word CW, the secure device 302 determines whether to encrypt the scrambled control word CW; if the judgment result is yes, generating a negotiation key DCK; then, the secure chip key DSK is used for encrypting the negotiation key DCK, and the negotiation key DCK is used for encrypting the obtained scrambling control word CW; the encrypted negotiation key DCK 'and the scrambling control word CW' are transmitted to the set-top box 301.
Therefore, the terminal encrypts and decrypts the scrambling control word by using the pre-stored security chip key (DSK) and the generated negotiation key (DCK), thereby effectively preventing the control word from being stolen maliciously and greatly protecting the vital interests of program operators.
Fig. 4 is a schematic diagram of the set-top box in fig. 3. As shown in fig. 4, the set-top box 301 includes a decryption unit 402 and a secure chip 403; the decryption unit 402 is configured to receive the encrypted scrambled control word CW ' and the negotiation key DCK ' transmitted by the secure device 301, and decrypt the encrypted negotiation key DCK ' by using the secure chip key (DSK) to obtain the negotiation key DCK; decrypting the encrypted scrambled control word CW' by using the obtained negotiation key DCK to obtain the scrambled control word CW; the security chip 403 is used to store the security chip key (DSK).
As shown in fig. 4, the set-top box 301 further comprises a descrambling unit 404, wherein the descrambling unit 404 descrambles the program by using the decrypted scrambled control word CW. Therefore, the set-top box 301 can descramble the program by the decrypted scrambled control word CW, so that the end user can watch the descrambled program through the playing unit 405.
As shown in fig. 4, the set-top box 301 further includes a receiving unit 401, where the receiving unit 401 is configured to receive authorization management information sent by a front end, and transmit the authorization management information to the security device 302, where the authorization management information carries a security chip key DSK and a corresponding set-top box number. In this embodiment, the entitlement management message may be an EMM packet.
The receiving unit 401 is further configured to receive authorization control information sent by a front end, and transmit the authorization control information to the secure device 302, where the authorization control information includes a scrambled control word CW. In this embodiment, the ECM packet may be the entitlement control message. In addition, the program stream transmitted by the front end can also be received, and the program stream is transmitted to the descrambling unit 404 for descrambling by using CW, and then transmitted to the playing unit 405 for playing.
Fig. 5 is a schematic view showing the construction of the safety device of fig. 3. As shown in fig. 5, the secure device 302 includes a judgment unit 501, a key generation unit 502, and an encryption unit 503; wherein,
the judging unit 501 judges whether or not to encrypt the scramble control word CW; if the determination result is yes, the key generation unit 502 generates a negotiation key DCK; the encryption unit 503 then encrypts the negotiation key DCK using the secure chip key DSK, encrypts the obtained scrambled control word CW using the negotiation key DCK, and transmits the encrypted negotiation key DCK 'and the scrambled control word CW' to the set-top box 301.
Thus, the terminal security device 302 can encrypt the CW transmitted between the set-top box 301 and the security device 302 by using the security chip key DSK, the set-top box 301 obtains the CW after decryption, and the program is descrambled by using the CW, so that the phenomenon of malicious stealing of control words is effectively prevented, and the vital interests of program operators are greatly protected.
As shown in fig. 5, the secure device 302 further includes an authorization management information parsing unit 504 and a storage unit 505; the authorization management information analyzing unit 504 is configured to receive authorization management information from the set top box 301, and analyze the authorization management information to obtain the security chip key DSK and the set top box number STBID; wherein, the authorization management information carries the security chip key DSK and the corresponding STB serial number STBID; the storage unit 505 is used to store a list of the secure chip key DSK and the set-top box number STBID.
In this way, the security device 302 determines whether to encrypt the scrambled control word CW by: the security device 302 looks up the DSK and STBID lists according to the set-top box number; judging whether the serial number of the terminal set-top box exists in the list or not; if the determination result is that the scrambling control word CW exists, the secure device 302 encrypts the scrambling control word CW.
In this embodiment, the authorization management information parsing unit 504 is an EMM parsing unit, and the authorization management information is an EMM packet. Thus, the EMM parsing unit 504 of the security device parses the EMM data packet sent by the front end to obtain the security chip key DSK and the set-top box number STBID therein, and stores the security chip key DSK and the set-top box number STBID in the storage unit 505 for the encryption unit 503 and the judgment unit 501 to use when encrypting.
As shown in fig. 5, the secure device 302 further includes an authorization control information parsing unit 506, where the authorization control information parsing unit 506 is configured to parse the received authorization control information to obtain a scrambled control word CW, and transmit the scrambled control word CW to the encryption unit 503 for encryption.
In this embodiment, the ECM parsing unit 506 is an ECM parsing unit, and the ECM packet is an entitlement control message.
As can be seen from the above, the terminal security device 302 encrypts the scrambled control word by using the pre-stored security chip key (DSK) and the generated negotiation key (DCK), so as to effectively prevent the control word from being stolen maliciously, and greatly protect the benefit of the program operator.
EXAMPLE III
The present invention also provides a method for protecting control words in a conditional access system, as shown in fig. 3 and 6, after a terminal security device 302 parses a received ECM packet to obtain scrambled control words CW (see step 600), the method includes:
The order of the encryption process of step 603 and step 604 is not limited and may be interchanged.
In addition, in step 602, if the determination result is negative, the security device 302 returns an error message to the set-top box 301, i.e. an error is reported, and the control word CW cannot be transmitted in the clear (see step 606).
As can be seen from the above, the terminal security device 302 encrypts the scrambled control word by using the pre-stored security chip key (DSK) and the generated negotiation key (DCK), so as to effectively prevent the control word from being stolen maliciously, and greatly protect the benefit of the program operator.
In this embodiment, after the secure device 302 transmits CW 'and DCK' to the set-top box 302, as shown in fig. 7, the method further includes:
and step 703, decrypting CW' by using the obtained negotiation key DCK to obtain the scrambling control word CW. In this way, the descrambling unit 404 of the set-top box 301 may descramble the program using the CW.
In this embodiment, the method further comprises: the front end of the conditional access system edits the security chip key DSK and the corresponding STB serial number STBID; and storing the edited security chip key DSK and the corresponding set-top box number STBID.
Then, the front end of the conditional access system generates authorization management information, such as an EMM data packet, according to a security chip key DSK corresponding to the pre-stored security device and a corresponding set top box number; the head end transmits the EMM packet to the terminal.
In this embodiment, the method further comprises:
the terminal receives authorization management information sent by the front end, such as an EMM data packet, wherein the EMM data packet carries the security chip key DSK and a corresponding set top box number;
the EMM parsing unit 504 of the security device parses the EMM packet to obtain the security chip key DSK and the set-top box number; the security chip key DSK and the set-top box number are then stored in the DSK and STBID list in the storage unit 505.
Thus, in step 601, the secure device 302 determines whether to encrypt the scrambled control word CW, as follows: the security device 302 looks up the DSK and STBID lists according to the set-top box number; judging whether the serial number of the terminal set-top box exists in the list or not; if the determination result is that the scrambling control word CW exists, the secure device 302 encrypts the scrambling control word CW. The set-top box number according to which the security device 302 is based can be automatically obtained when the security device 302 is inserted into a set-top box, and stored in the storage unit 505.
Furthermore, the secure device 302 acquires a scrambled control word CW comprising:
the terminal receives authorization control information sent by the front end, such as an ECM data packet, wherein the ECM data packet comprises a scrambling control word CW; the terminal security means 302 parses the received ECM packet to obtain the scrambled control word CW.
Example four
The present invention provides a program descrambling method for a conditional access system, and referring to fig. 6 and fig. 7, after a terminal security device 302 acquires a scrambled control word CW, the method comprises:
the terminal security device 302 determines whether to encrypt the scrambled control word CW; if the judgment result is yes, encrypting the negotiation key by using a pre-stored security chip key, encrypting the obtained scrambling control word by using the negotiation key, and transmitting the encrypted negotiation key and the scrambling control word to the set-top box; the set-top box 301 decrypts the encrypted scrambled control word and the negotiation key to obtain the scrambled control word; descrambling the received program by using the scrambling control word. In this way, the end user can view the descrambled digital program through the playback unit 405.
In addition, in this embodiment, the process of acquiring the CW, acquiring the EMM packet and the ECM packet and analyzing the EMM packet and the ECM packet by the security device 302 is as in the third embodiment, and is not described here again. In addition, the process of the front end editing and importing the security chip key and the set-top box number and generating the EMM data packet is as described in the third embodiment, and is not described here again.
As can be seen from the above, the set-top box 301 decrypts the CW 'and DCK' encrypted by the security device 302, so as to effectively prevent the control word from being stolen maliciously, thereby greatly protecting the benefit of the program operator.
The above-mentioned embodiments are intended to illustrate the objects, technical solutions and advantages of the present invention in further detail, and it should be understood that the above-mentioned embodiments are merely exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.
Claims (22)
1. A method for protecting a control word in a conditional access system, wherein after a terminal security device acquires a scrambled control word, the method comprises:
the terminal safety device judges whether to encrypt the scrambling control word;
if the judgment result is yes, generating a negotiation key;
encrypting the negotiation key by using the security chip key, and encrypting the obtained scrambling control word by using the negotiation key;
and transmitting the encrypted negotiation key and the encrypted scrambling control word to the set top box.
2. The method of claim 1, further comprising:
the set top box receives the encrypted negotiation key and the encrypted scrambling control word;
decrypting the encrypted negotiation key by using the security chip key to obtain the negotiation key;
and decrypting the encrypted scrambling control word by using the acquired negotiation key to acquire the scrambling control word.
3. The method of claim 1, further comprising:
the terminal receives authorization management information sent by a front end, wherein the authorization management information carries the security chip key and a corresponding set top box number;
the terminal security device analyzes the authorization management information to obtain the security chip key and the serial number of the set top box;
and storing the security chip key and the set-top box number into a list.
4. The method of claim 3, wherein the terminal security device determining whether to encrypt the scrambled control word comprises:
the safety device searches a list of the serial numbers of the set top box and the corresponding safety chip keys according to the serial numbers of the set top box;
judging whether the set top box number exists in the list or not;
and if the judgment result is that the control word exists, determining to encrypt the scrambling control word.
5. The method according to claim 3, wherein before the terminal receives the authorization control information sent by the front end, the method further comprises:
the front end generates authorization management information according to the security chip key corresponding to the pre-stored security device and the corresponding set top box number;
and transmitting the authorization management information to the terminal.
6. The method of claim 5, wherein prior to generating the authorization management information, the method further comprises:
editing the security chip key and the corresponding set top box number;
and storing the edited security chip key and the corresponding set-top box number.
7. The method of claim 1, wherein the terminal security device obtains the scrambling control word, comprising:
a terminal receives authorization control information sent by a front end, wherein the authorization control information comprises a scrambling control word;
and the terminal safety device analyzes the received authorization control information to obtain the scrambling control word.
8. A program descrambling method for a conditional access system, wherein after a terminal security device acquires a scrambling control word, the method comprises:
the terminal security device judges whether to encrypt the scrambling control word
If the judgment result is yes, generating a negotiation key;
encrypting the negotiation key by using the security chip key, encrypting the obtained scrambling control word by using the negotiation key, and transmitting the encrypted negotiation key and the scrambling control word to the set-top box;
the set-top box decrypts the encrypted scrambling control word and the negotiation key to acquire the scrambling control word;
and descrambling the received program by using the scrambling control word.
9. The method of claim 8, wherein the set top box decrypts the encrypted scrambled control word and the negotiation key, comprising:
decrypting the encrypted negotiation key by using the security chip key to obtain the negotiation key;
and decrypting the encrypted scrambling control word by using the acquired negotiation key to acquire the scrambling control word.
10. The method of claim 8, further comprising:
the terminal receives authorization management information sent by a front end, wherein the authorization management information carries the security chip key and a corresponding set top box number;
the terminal security device analyzes the authorization management information to obtain the security chip key and the serial number of the set top box;
and storing the security chip key and the set-top box number into a list.
11. The method of claim 10, wherein the terminal security device determining whether to encrypt the scrambled control word comprises:
the safety device searches a list of the serial numbers of the set top box and the corresponding safety chip keys according to the serial numbers of the set top box;
judging whether the set top box number exists in the list or not;
and if the judgment result is that the control word exists, determining to encrypt the scrambling control word.
12. The method according to claim 10, wherein before the terminal receives the authorization control information sent by the front end, the method further comprises:
editing the security chip key and the corresponding set top box number;
storing the edited security chip key and the corresponding set top box number;
the front end generates authorization management information according to the security chip key corresponding to the pre-stored security device and the corresponding set top box number;
and transmitting the authorization management information to the terminal.
13. The method of claim 8, wherein the terminal security device obtains the scrambling control word, comprising:
a terminal receives authorization control information sent by a front end, wherein the authorization control information comprises a scrambling control word;
and the terminal safety device analyzes the received authorization control information to obtain the scrambling control word.
14. A conditional access system front-end, the front-end comprising:
an authorization management information generation unit for generating authorization management information; the authorization management information comprises a security chip key corresponding to the terminal security device and a corresponding set top box number;
a sending unit, configured to send the authorization management information to the terminal.
15. The front end of claim 14, further comprising:
the editing unit is used for editing the security chip key and the corresponding set top box number;
and the storage unit is used for storing the edited security chip key and the corresponding set-top box number.
16. The front-end according to claim 14, further comprising an entitlement control message generation unit configured to generate entitlement control messages and transmit the generated entitlement control messages to the terminal, wherein the entitlement control messages carry the scrambled control words.
17. A security device, characterized in that the security device comprises:
a judging unit for judging whether to encrypt the scrambling control word;
a key generation unit that generates a negotiation key when the judgment result of the judgment unit is yes;
and the encryption unit is used for encrypting the negotiation key by utilizing a pre-stored security chip key, encrypting the obtained scrambling control word by utilizing the negotiation key, and transmitting the encrypted negotiation key and the scrambling control word to the set top box.
18. The security device of claim 17, further comprising:
the authorization management information analysis unit is used for receiving authorization management information from the set top box and analyzing the authorization management information to acquire the security chip key and the set top box number; the authorization management information carries the security chip key and the corresponding set top box number;
and the storage unit is used for storing the security chip key and the set-top box number.
19. The security device of claim 18, further comprising:
and the authorization control information analysis unit is used for analyzing the authorization control information to acquire the scrambling control word and transmitting the scrambling control word to the encryption unit.
20. A set top box, comprising:
the security chip stores the security chip key;
a decryption unit, configured to receive the encrypted scrambled control word and the negotiation key transmitted by the security device, and decrypt the encrypted negotiation key with the security chip key to obtain the negotiation key; and decrypting the encrypted scrambling control word by using the acquired negotiation key to acquire the scrambling control word.
21. The set-top box of claim 20, further comprising a descrambling unit that descrambles the program using the scrambling control word.
22. The set-top box according to claim 20, further comprising:
the receiving unit is used for receiving authorization management information sent by a front end and transmitting the authorization management information to the safety device, wherein the authorization management information carries the safety chip key and the corresponding set top box number;
and the device is also used for receiving authorization control information sent by the front end and transmitting the authorization control information to the safety device, wherein the authorization control information comprises a scrambling control word.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810116199.9A CN101626484A (en) | 2008-07-07 | 2008-07-07 | Method for protecting control word in condition access system, front end and terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810116199.9A CN101626484A (en) | 2008-07-07 | 2008-07-07 | Method for protecting control word in condition access system, front end and terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101626484A true CN101626484A (en) | 2010-01-13 |
Family
ID=41522129
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200810116199.9A Pending CN101626484A (en) | 2008-07-07 | 2008-07-07 | Method for protecting control word in condition access system, front end and terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101626484A (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102752636A (en) * | 2012-02-23 | 2012-10-24 | 中央电视台 | Root key generation method for conditional access system sending end |
| CN102752635A (en) * | 2012-02-23 | 2012-10-24 | 中央电视台 | Downloadable replaceable condition receiving system |
| CN103024476A (en) * | 2013-01-08 | 2013-04-03 | 北京视博数字电视科技有限公司 | Digital television gateway device and content safeguard method |
| CN103402129A (en) * | 2013-07-29 | 2013-11-20 | 深圳创维数字技术股份有限公司 | Condition receiving method, condition receiving equipment and condition receiving system |
| CN103929659A (en) * | 2014-04-28 | 2014-07-16 | 四川金网通电子科技有限公司 | Method for controlling CA authorization prompts from basic frequency point and system thereof |
| CN103974122A (en) * | 2013-02-04 | 2014-08-06 | 澜起科技(上海)有限公司 | Set top box chip and digital signature implementation method applied to same |
| CN107734389A (en) * | 2017-10-31 | 2018-02-23 | 成都德芯数字科技股份有限公司 | Information processing method and digital reception device |
| CN111277802A (en) * | 2020-03-03 | 2020-06-12 | 浙江宇视科技有限公司 | Video code stream processing method, device, equipment and storage medium |
-
2008
- 2008-07-07 CN CN200810116199.9A patent/CN101626484A/en active Pending
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102752635A (en) * | 2012-02-23 | 2012-10-24 | 中央电视台 | Downloadable replaceable condition receiving system |
| CN102752636A (en) * | 2012-02-23 | 2012-10-24 | 中央电视台 | Root key generation method for conditional access system sending end |
| CN102752636B (en) * | 2012-02-23 | 2015-01-21 | 中央电视台 | Root key generation method for conditional access system sending end |
| CN102752635B (en) * | 2012-02-23 | 2015-03-18 | 中央电视台 | Downloadable replaceable condition receiving system |
| CN103024476A (en) * | 2013-01-08 | 2013-04-03 | 北京视博数字电视科技有限公司 | Digital television gateway device and content safeguard method |
| CN103024476B (en) * | 2013-01-08 | 2018-08-03 | 北京视博数字电视科技有限公司 | DTV gateway equipment and the method for content safety protection |
| CN103974122B (en) * | 2013-02-04 | 2018-04-24 | 上海澜至半导体有限公司 | Set-top-box chip and apply the digital signature implementation method in set-top-box chip |
| CN103974122A (en) * | 2013-02-04 | 2014-08-06 | 澜起科技(上海)有限公司 | Set top box chip and digital signature implementation method applied to same |
| CN103402129A (en) * | 2013-07-29 | 2013-11-20 | 深圳创维数字技术股份有限公司 | Condition receiving method, condition receiving equipment and condition receiving system |
| CN103402129B (en) * | 2013-07-29 | 2016-06-01 | 深圳创维数字技术有限公司 | The method of a kind of condition reception, equipment and system |
| CN103929659B (en) * | 2014-04-28 | 2017-10-27 | 四川金网通电子科技有限公司 | CA is controlled to authorize the method and its system pointed out from dominant frequency point |
| CN103929659A (en) * | 2014-04-28 | 2014-07-16 | 四川金网通电子科技有限公司 | Method for controlling CA authorization prompts from basic frequency point and system thereof |
| CN107734389A (en) * | 2017-10-31 | 2018-02-23 | 成都德芯数字科技股份有限公司 | Information processing method and digital reception device |
| CN111277802A (en) * | 2020-03-03 | 2020-06-12 | 浙江宇视科技有限公司 | Video code stream processing method, device, equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9479825B2 (en) | Terminal based on conditional access technology | |
| KR101081160B1 (en) | Method and apparatus for protecting the transfer of data | |
| US7466826B2 (en) | Method of secure transmission of digital data from a source to a receiver | |
| US20130262869A1 (en) | Control word protection | |
| US8619983B2 (en) | Digital TV conditional access system and method of using the same for transmitting and receiving digital data | |
| CN101626484A (en) | Method for protecting control word in condition access system, front end and terminal | |
| CN102075812B (en) | Data receiving method and system of digital television | |
| JP2010193449A (en) | Method of securely providing control word from smart card to conditional access module | |
| JP4691244B2 (en) | Limited reception device and security module of limited reception system, limited reception system, limited reception device authentication method, and encryption communication method | |
| JP2012510743A (en) | Content decryption apparatus and encryption system using additional key layer | |
| JP2010519827A (en) | Conditional access system | |
| CN101335579A (en) | Method implementing conditional reception and conditional receiving apparatus | |
| US8205243B2 (en) | Control of enhanced application features via a conditional access system | |
| CN102256170A (en) | Encryption method and decryption method based on no-card CA (Certificate Authority) | |
| CN201515456U (en) | Safe device, set-top box and receiving terminal for digital television receiving terminals | |
| US20040250274A1 (en) | Conditional access system and copy protection | |
| CN100440884C (en) | Local digital network, methods for installing new devices and data broadcast and reception methods in such a network | |
| US20090190762A1 (en) | Method and system for preventing generation of decryption keys via sample gathering | |
| US10411900B2 (en) | Control word protection method for conditional access system | |
| TWI510045B (en) | Protection method, decrypting method, recording medium and terminal for this protection method | |
| CN101790073A (en) | Method for establishing safety communication channel and communication device thereof | |
| EP1222819B1 (en) | System and method of verifying authorization for communicating protected content | |
| CN101998163A (en) | Entitlement management method, terminal equipment and front end | |
| CN103402129A (en) | Condition receiving method, condition receiving equipment and condition receiving system | |
| KR100696823B1 (en) | Pseudo scrambling method in digital broadcasting system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20100113 |