CN1234244C - A conditional access processor based on shared storage architecture and access method - Google Patents
A conditional access processor based on shared storage architecture and access method Download PDFInfo
- Publication number
- CN1234244C CN1234244C CN 200410000291 CN200410000291A CN1234244C CN 1234244 C CN1234244 C CN 1234244C CN 200410000291 CN200410000291 CN 200410000291 CN 200410000291 A CN200410000291 A CN 200410000291A CN 1234244 C CN1234244 C CN 1234244C
- Authority
- CN
- China
- Prior art keywords
- coprocessor
- data
- descrambling
- processing module
- condition
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Storage Device Security (AREA)
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
Abstract
The present invention provides a conditional access processor based on a shared storage architecture and an access method thereof. The conditional access processor independent of a receiver is used for finishing complete functions needed by conditional access; after CAP is bound with specific conditional access software, a specific conditional access system is formed; the CAP is connected with the receiver; authorization control information, authorization management information and a scrambling code stream relevant to a program or an encrypted data stream are inputted into the receiver; the conditional access processing of actions, such as decryption, descrambling, etc., is finished by executing the bound conditional access software; a descrambled code stream or a decrypted data stream is generated and outputted into the receiver. The present invention has the advantages of strong function, high safety, high flexibility, high adaptability, low cost and simple manufacture and operation; the present invention fundamentally solves problems in a machine-card separating scheme, and is helpful to the popularization of a digital television and industry development.
Description
Technical field
The invention belongs to the broadband network services field, for example: digital television service, video-on-demand service etc.Particularly provide a kind of, be used for receiver devices such as consumer's terminal top box based on condition receiving processor and the method for reseptance of sharing the module architecture.
Background technology
The release of digital television broadcasting and high definition TV technology and development have welcome new era of TV tech, along with the rapid popularization of computer network, make Digital Video Communication be with a wide range of applications simultaneously in video broadcasting, computer network and INTERNET field.For example in the digital television broadcasting net, by the set-top box received television program and output on the equipment such as television set.
Along with the development of digital video application, people will enjoy programs more high-quality, more services in the face of increasing channel selection.Operator then will buy with other making for the copyright of these programs and pay higher cost, requires that the user is collected certain license fee and uses.Country variant and organize and proposed condition reception (CA) technical standard one after another, for example propose in the DVB standard series based on CA technology of MPEG-2 coded system or the like.
The CA technology mainly comprises the content of two aspects, the one, and to the method for transmission scrambling and descrambling, the 2nd, descrambling control guarantees the normal signal after the user receiving equipment (for example set-top box) that has only process to authorize just can obtain descrambling.The CA system exports control word in the scrambler of transmitting terminal, and guarantees can correctly obtain this control word through the descrambler of authorizing, thereby transmitting data stream is carried out descrambling.The different CA system generations and the method for management control word are different.
The CA system is the system of a more complicated, and its problem of implementation, the especially problem of implementation on user receiving equipment (for example set-top box) are the outstanding problems that hinders the digital video broadcasting application development always, does not still have good solution so far.With the set-top box is example, because CA relevant treatment unit is embedded in the set-top box, makes secret control and the application of set-top box producing and selling and CA be very limited.At present, industry has realized that the separation between machine and card mode is of value to digital television receiver manufacturing enterprise, consumer, CA producer, digital-TV operator, can fundamentally promote the development of Digital Television industry.
The separation between machine and card scheme that has proposed comprises " kilocalorie " scheme and " lesser calorie " scheme, and the two source coding module that all is based in the set-top box realizes.
Fig. 6 is that example shows the architecture based on the set-top box scenario of lesser calorie in the same close mode of DVB standard.Receiver 61 receives the broadcast singal by the transmission channel transmission of for example wired network, computer network, satellite communication network or the like, and is converted into digital signal.The digital signal of 62 pairs of receptions of demodulator is carried out demodulation, to form mpeg 2 transport stream.Demodulation multiplexer 63 extracts EMM and is sent to the lesser calorie 64 that links to each other with set-top box with ECM and by interface from mpeg 2 transport stream.Lesser calorie 64 comprises corresponding authentification of user and deciphering module, can be that validated user produces control word (CW) according to EMM and ECM, and control word CW is returned to descrambler 67 in the set-top box.Descrambler 67 utilizes control word that the code stream of scrambling is carried out descrambling, and non-scrambling code stream is outputed to decoder 65.65 pairs of code streams of decoder are decoded (for example video decode, audio decoder or the like), and decoded signal is sent to output equipment 66 outputs.
The lesser calorie scheme is retained in the independent formation lesser calorie of deciphering module in the receiving equipment and condition is received other relevant functions, and its shortcoming is: require the open part technical scheme of CA manufacturer, unified part algorithm and interface standard; The password transmission bus exposes, and has reduced fail safe; The development and the function expansion of CA technology have been limited to a certain extent; User receiving equipment software and hardware technology Scheme Selection will be considered the requirement of CA, or the like.In a word, fail to realize separation between machine and card completely, therefore, can not terms of settlement receive problem to Digital Television/set-top box producer is brought.
Fig. 7 is that example shows the architecture based on the set-top box scenario of kilocalorie in the how close mode of DVB standard.Receiver 71 receiving broadcast signals, and be converted into digital signal.The digital signal of 72 pairs of receptions of demodulator is carried out demodulation, with the formation mpeg 2 transport stream, and is sent to the kilocalorie 74 that links to each other with set-top box.Kilocalorie 74 comprises demodulation multiplexer, CA module and descrambler, and wherein demodulation multiplexer extracts EMM and ECM from mpeg 2 transport stream, and the CA module is that validated user produces control word (CW) according to EMM and ECM, and descrambler utilizes control word that the code stream of scrambling is carried out descrambling.The code stream of scrambling and process descrambling is not output to decoder 75.75 pairs of code streams of decoder are decoded, and decoded signal is sent to output equipment 76 outputs.
The kilocalorie scheme is with demultiplexing module, and descrambling module and condition receive the relevant all independent formation kilocalorie of all modules, flows to the line data exchange with user receiving equipment by TS.This method has solved the shortcoming of lesser calorie scheme, but brings new problem.Its shortcoming is: require jig to have and be equal to the data bandwidth that TS flows, increased the design and the manufacture difficulty of card and user receiving equipment, the R﹠D cycle is long; Because not only integrated condition receives relevant part in the card, and integrated condition receives irrelevant part, and for example: demultiplexing module has increased scale, power consumption and the cost of card.
It may be noted that to also have especially, another outstanding problem of above-mentioned " lesser calorie " and " kilocalorie " scheme be their homogeneous phases about concrete CA system, can not adapt to different CA systems easily.This implementation has reduced the adaptability of " card ", has influenced the output and the sales volume of " card ", thereby has improved the cost of " card ".
In addition, along with the development of condition receiving system, not only wish to receive with scrambling mode realization condition, and wish data message is received with the cipher mode realization condition looking audio frequency.And the present device that can satisfy such demand that still do not exist.
Therefore, need the problems referred to above that new scheme solves prior art.
With the immediate patent of the present invention be: the patent that 2003-09-25 publishes: WO03079687, exercise question: " CONDITIONAL ACCESS CONTROL ", inventor: DESMICHT ERIC (FR); MUTZ STEPHANE (FR); TISON CHRISTOPHE (FR).This invention is relevant to a private data treatment system, comprising: one is used for handling the descrambling module (DSC) of scrambling code stream, a module (CM) and a processor (CPU) that is used to control DSC and CM work that is used for calculating by the execution calculation procedure scrambler control word (Kp) according to the scrambler control word.Described system also comprises a read-only memory that is used to store key (L).Described calculation procedure comprises the instruction that activates CM, and CM uses described key (L) and the data item that comes from outside the private data treatment system calculates scrambler control word (Kp).Only the descrambling process enables when scrambler control word (Kp) is calculated.
The subject matter that this patented technology exists:
1, this patented technology only is used for the code stream descrambling, and wherein the function of [CM] is to obtain the scrambler control word by decryption method.And the present invention not only supports the descrambling for code stream, and supports the deciphering of data flow.
2, the architecture of this patented technology employing is not suitable for supporting simultaneously code stream descrambling and data flow deciphering.
Summary of the invention
The object of the present invention is to provide a kind of condition receiving processor that is independent of receiver and actual conditions receiving system, the required function of this processor realization condition receiving system, comprise: code stream descrambling with good conditionsi and data flow with good conditionsi deciphering, possess that function is strong, high security, high flexibility and adaptability, low cost, making and characteristic such as simple to operate, fundamentally solve the problem that exists in the above-mentioned separation between machine and card scheme, help digital television universalness and industry development thereof.
The present invention finishes the required repertoire of condition reception with a condition receiving processor (CAP:Conditional AccessProcessor) that is independent of receiver.CAP constitutes a certain conditions receiving system (CAS:Conditional Access System) after binding with the certain conditions receiving software.CAP is connected with receiver, from receiver input Entitlement Control Message (ECM), Entitlement Management Message (EMM) and relevant scrambling code stream (SSS:Special Scrambled/Encryped Stream) or the data stream encrypted (EDS:EncryptedData Stream) of program, by carrying out the condition receiving software of binding, the condition of finishing actions such as comprising deciphering, descrambling receives to be handled, code stream (SDS:Special Descrambled Stream) or deciphering back data flow (DS:Data Stream) output in the receiver behind the generation descrambling.
CAP adopts memory processing architecture (Share Memory Processing) and SOC (system on a chip) (SOC:System On Chip) the realization technology shared.Comprise defined four processing modules of the present invention among the CAP: central processing module (CPM:Central Processing Module), input and output coprocessor (IOCP:Inputand Output Co-Processor), password coprocessor (CryptCP:Crypt Co-Processor), descrambling coprocessor (DescramCP:De-scrambler Co-Processor).Four processing modules are by memory swap data, state and control information.CPM comprises a depositing element, be used to store the specified conditions receiving software, CPM carries out the condition receiving software of this binding, parsing is from ECM, the EMM of receiver input, separate the working key (EWK:Encrypted Working Key) of encryption, and control IOCP, CryptCP, DescramCP finish association and handle action.IOCP finishes the input and output action that receives front/rear processing module with respect to condition under CPM control, input ECM, EMM and SSS/EDS, and output is by the DSD of DescramCP generation or the DS that is produced by CryptCP.CryptCP finishes decryption acts under CPM control, comprising: utilize local private key that EWK is carried out asymmetric cryptographic algorithm to obtain working key (WK:Working Key); Utilize WK to carry out symmetric cryptographic algorithm, produce further WK or add descrambled control words (CW); Finish the deciphering of EDS is deciphered back data flow DS etc. to produce.DescramCP implements the descrambling action according to the CW that determines to SSS under CPM control, produce SDS.Described condition receiving processor comprises with lower member:
A, a shared memory that is used to carry out data, control, state information exchange;
B, a central processing module that is used to resolve control information, commander/control/coordination coprocessor work;
C, one are used for receiving pre-processing module from condition and receive authorization control/management information and data message and finish the input and output coprocessor of specifying output action;
D, one are used for encrypted secret key or data stream encrypted are decrypted the password coprocessor of processing;
E, a descrambling coprocessor that is used for the program associated code stream of scrambling is carried out scramble process.
Shared memory of the present invention comprises: be used between central processing module and each coprocessor, carry out the data sharing storage portions of exchanges data and be used for central processing module sending instruction, each coprocessor to the shared storage portions of the state/instruction of central processing module transmit status to each coprocessor between coprocessor and the coprocessor.
Central processing module of the present invention comprises: a local memory, the program and the data that are used to store bound condition receiving system; A processor is used to carry out described program, sends instruction to each coprocessor, and receives the executing state of each coprocessor.
Input and output coprocessor of the present invention comprises: an instruction set is used for form, the function of the instruction that regulation input and output coprocessor can carry out; A status register is used to show the state that the input and output coprocessor executes instruction; An execution unit is used for deciphering all instructions that the described input and output coprocessor command set of execution closes.
Password coprocessor of the present invention comprises: an instruction set is used for form, the function of the instruction that the regulation password coprocessor can carry out; A status register is used to show the state that password coprocessor executes instruction; An execution unit is used for deciphering all instructions of carrying out described password coprocessor instruction set.
Descrambling coprocessor of the present invention comprises: an instruction set is used for form, the function of the instruction that regulation descrambling coprocessor can carry out; A status register is used to show the state that the descrambling coprocessor executes instruction; An execution unit is used for deciphering all instructions that the described descrambling coprocessor command set of execution closes.
Carry out condition receiving method with condition receiving processor of the present invention and comprise following handling process:
A, authorization control/management information are handled flow process, are used to receive authorization control/management information, carry out processing such as cipher key-extraction, deciphering, produce scrambler control word or traffic encryption key.Authorization control/management information is handled flow process and be may further comprise the steps: authorization control/management information receiving step: receive pre-processing module from condition and receive Entitlement Control Message and Entitlement Management Message, and write described data sharing memory; Key or encryption key extraction step: by carrying out the condition receiving software of binding, from the data sharing memory, read Entitlement Control Message and Entitlement Management Message, extract key or encrypted secret key, and write the data sharing memory; The encryption key decryption step: by carrying out the password coprocessor instruction, the key of reading encrypted from the data sharing memory produces key or scrambler control word after deciphering, and writes the data sharing memory.
B, the relevant code stream scramble process flow process of program utilize described authorization control management information to handle the scrambler control word that flow process produces, and finish the scramble process to the relevant code stream of program.The relevant code stream scramble process flow process of program may further comprise the steps: the data input step: receive pre-processing module from condition and receive by the relevant code stream of the program of scrambling, and write the data sharing memory; The descrambling step:, by carrying out the descrambling coprocessor instruction, from the data sharing memory, read by the relevant code stream of the program of scrambling, the relevant code stream of the program behind the generation descrambling, and write the data sharing memory; Data output step: by carrying out the input and output coprocessor instruction, read from the data sharing memory by the relevant code stream of the program of descrambling, the condition that outputs to receives post-processing module.
C, data flow decryption processing flow process utilize described authorization control management information to handle the traffic encryption key that flow process produces, and finish the decryption processing to data flow.Data flow decryption processing flow process may further comprise the steps: the data flow input step: receive pre-processing module from condition and receive encrypted data flow, and write the data sharing memory; Decryption step: by carrying out the password coprocessor instruction, from the data sharing memory, read encrypted data flow, produce the data flow after deciphering, and write the data sharing memory; Data flow output step: by carrying out the input and output coprocessor instruction, read decrypted data flow from the data sharing memory, the condition that outputs to receives post-processing module.
The invention has the advantages that: the condition receiving processor based on sharing the module architecture that is proposed has produced following effect with its distinctive architecture and implementation method: (1) is owing to support the code stream descrambling of Conditional Access simultaneously and the data flow deciphering of Conditional Access, therefore, function is strong, can be widely used in various condition receiving systems; (2) finish condition reception repertoire because it is independent of receiver, therefore, support the condition of separation between machine and card to receive fully;
(3) owing to adopt SOC (system on a chip) implementation and shared module architecture, therefore, the CAP cost is low; (4) since CAP provide can free binding condition receiving software characteristic, therefore, have high security, high flexibility and adaptability, and further technical foundation be provided and widened the possibility in market for the development of Digital Television industry.
Description of drawings
For basic characteristics of the present invention are described, as an example essential characteristic of the present invention and operation principle are described with the digital TV conditional reception.But the invention is not restricted to digital TV conditional and receive the field.
Fig. 1 is a kind of condition receiving system structure chart of the present invention.
Fig. 2 is a kind of digital television conditional access system structure chart of the present invention.
Fig. 3 is a kind of condition receiving processor structure chart of the present invention.
Fig. 4 is a kind of condition receiving processor data flow diagram of the present invention.
Fig. 5 is a kind of condition receiving processor control flow graph of the present invention.
Fig. 6 is that the same close mode with the DVB standard is that example shows the structure chart based on the set-top box scenario of lesser calorie.
Fig. 7 is that the how close mode with the DVB standard is that example shows the structure chart based on the set-top box scenario of kilocalorie.
Embodiment
Fig. 1~Fig. 7 is the specific embodiment of the present invention.
Fig. 1 is a kind of condition receiving system structure chart of the present invention.Condition receiving processor (CAP) receives relevant Entitlement Control Message and the Entitlement Management Message of initial conditions reception the pre-processing module (CAPreM:Conditional Access Pre-processing Module) from condition, resolve and handle Entitlement Control Message and Entitlement Management Message according to specific protocol, obtain key, accept input SSS or EDS the pre-processing module from condition then, carry out descrambling or decryption processing with described key, produce the code stream after descrambling or the deciphering, and SDS after descrambling or the deciphering or the DS condition that outputs to are received in the post-processing module (CAPostM:Conditional Access Post-processing module).
Fig. 2 is a kind of digital television conditional access system structure chart of the present invention.In digital television conditional access system, CAPreM comprises channel demodulation decoder module and demultiplexing module; CAPostM comprises code stream rebuilding module and source coding module.CAP imports Entitlement Control Message (ECM) and the Entitlement Management Message (EMM) that demultiplexing module is peeled off out from CAPreM; Carry out to realize the condition receiving software of specific CA agreement, resolve ECM and EMM, and call asymmetric cryptographic algorithm or symmetric cryptographic algorithm is decrypted processing to the information among ECM, the EMM, produce CW according to the mode of specific CA agreement regulation; The relevant code stream of specific program from CAPostM input is handled through demultiplexing carries out scramble process with CW, produces the code stream behind the descrambling, and the code stream behind the descrambling is outputed to CAPostM.CAPostM finishes code stream and rebuilds action, hands over the source coding module to carry out decoding processing then.
Fig. 3 is a kind of condition receiving processor structure chart of the present invention.The condition receiving processor adopts shares module architecture and SOC (system on a chip) implementation.Share memory (SM:Shared Memory) and be used to store data, state and the control information that exchanges between each processing module.SM has a plurality of reading-writing port, can support a plurality of processing module parallel accesses.SM by the division of address space and on different memory spaces data definition, realize data sharing, message transmission and synchronization mechanism between the different disposal module.Divide from data function, SM is divided into two parts: memory (SM_ST/CMD) is shared in data sharing memory (SM_DATA) and state/instruction.Input and output coprocessor (IOCP) receives ECM, EMM and the SSS/EDS that receives pre-processing module from condition, and these information are write among the SM; In addition, IOCP writes self working state among the SM, to cooperate other module co-ordinations; IOCP has defined IOCP instruction set (IOCP_IS); IOCP reads IOCP instruction and the execution that CPM writes from SM, thereby finishes SDS/DS receives post-processing module to condition output.Comprise a memory under program in the central processing module (CPM), be used to store the condition receiving software (CASW:ConditionalAccess Software) that the realization specified conditions are accepted agreement; CPM carries out CASW, and its action is: read ECM and EMM from SM, resolve ECM and EMM, obtain initial EWK; Then, call CryptCP by SM and carry out a heavy or multiple deciphering, calculate CW, and write SM; Call DescramCP to the SSS descrambling among the SM by SM, produce SDS, and write SM; Or call CryptCP by SM the EDS among the SM is decrypted, produce DS, and write SM.Decoding coprocessor (CryptCP) has defined CryptCP instruction set (CryptCP_IS); CryptCP reads the CryptCP instruction that CPM writes and treats decrypted data from SM, and decoding is carried out, and execution result and CryptCP state are write SM.Descrambling coprocessor (DescramCP) has defined DescramCP instruction set (DescramCP_IS); DescramCP reads the DescramCP instruction that CPM writes and treats the data of descrambling from SM, and decoding is carried out, and execution result and DescramCP state are write SM.
Fig. 4 is a kind of condition receiving processor data flow diagram of the present invention.The condition receiving processor is realized three data flow, the one, authorization control/management data flow process (CMDF), the 2nd, program stream data flow (PDF), the 3rd, encrypting traffic flow process (EDF).CMDF is: ECM, EMM that IOCP receives from condition reception pre-processing module write SM_DATA (as: 1*); CPM carries out the condition receiving software of binding, reads the information (as: 2*) of ECM, EMM from SM_DATA, separates the working key EWK of encryption, writes SM_DATA (as 3*); CryptCP reads EWK (as: 4*) from SM_DATA, carry out the CryptCP instruction that CPM sends, and EWK is carried out a heavy or multiple deciphering, until obtaining CW, and CW is write SM_DATA (as: 5*).PDF is: IOCP receives pre-processing module from condition and receives SSS, writes SM_DATA (as: 1); DescramCP reads the CW (as: 2) of SSS and the generation of CMDF flow process from SM_DATA, carries out scramble process, produces SDS, and writes SM_DATA (as: 3); IOCP reads SDS (as: 4) from SM_DATA, the condition of exporting to receives post-processing module.EDF:IOCP receives pre-processing module from condition and receives EDS, writes SM_DATA (as: 6*); CryptCP reads the CW (as: 7*) of EDS and the generation of CMDF flow process from SM_DATA, is decrypted processing, produces DS, and writes SM_DATA (as: 8*); IOCP reads DS (as: 9*) from SM_DATA, the condition of exporting to receives post-processing module.
Fig. 5 is a kind of condition receiving processor control flow graph of the present invention.CPM is a main control module in the condition receiving processor, and IOCP, CryptCP, DescramCP are Co-processor Modules.Four modules have the instruction set of oneself respectively, are respectively CPM_IS, IOCP_IS, CryptCP_IS, DescramCP_IS.CPM begins to carry out the program by the CPM_IS definition during system start-up, and sends instruction by SM_ST/CMD to coprocessor when needed.CPM learns the executing state of each coprocessor by reading the state memory cell of SM_ST/CMD.The IOCP coprocessor begins to monitor input port during from system start-up always, receives ECM, the EMM, the information such as SSS, EDS that receive pre-processing module from condition, writes SM_DATA, and by state memory cell notice CPM; IOCP finishes functions such as output SDS, DS from the instruction by the IOCP_IS definition of SM_ST/CMD reception from CPM, and notifies CPM with the state that instruction is finished by the state memory cell.CryptCP is in wait state after system start-up, when CPM utilized SM_ST/CMD to send out the instruction that is defined by CryptCP_IS, CryptCP carried out this instruction, and by state memory cell notice CPM instruction execution result.DescramCP is in wait state after system start-up, when CPM utilized SM_ST/CMD to send out the instruction that is defined by DescramCP_IS, DescramCP carried out this instruction, and by state memory cell notice CPM instruction execution result.
Fig. 6 is that the same close mode with the DVB standard is that example shows the structure chart based on the set-top box scenario of lesser calorie.
Fig. 7 is that the how close mode with the DVB standard is that example shows the structure chart based on the set-top box scenario of kilocalorie.
Claims (7)
1, a kind of based on the condition receiving processor of sharing the module architecture, finish the required repertoire of condition reception with a condition receiving processor CAP who is independent of receiver, condition receiving processor CAP is connected with receiver, from receiver input Entitlement Control Message, Entitlement Management Message and relevant scrambling code stream or the data stream encrypted of program, by carrying out the condition receiving software of binding, the condition of finishing actions such as comprising deciphering, descrambling receives to be handled, code stream or deciphering back data flow output in the receiver behind the generation descrambling; It is characterized in that: condition receiving processor CAP adopts memory processing architecture and the SOC (system on a chip) realization technology shared, comprise defined four processing modules of the present invention among the condition receiving processor CAP: central processing module, the input and output coprocessor, password coprocessor, the descrambling coprocessor; Four processing modules are by memory swap data, state and control information, central processing module CPM comprises a depositing element, be used to store the specified conditions receiving software, central processing module CPM carries out the condition receiving software of this binding, parsing is from central processing module ECM, the Entitlement Management Message EMM of receiver input, separate the working key of encryption, and control input and output coprocessor IOCP, password coprocessor CryptCP, descrambling coprocessor DescramCP finish association and handle action; Input and output coprocessor IOCP is under central processing module CPM control, finish the input and output action that receives front/rear processing module with respect to condition, input central processing module ECM, Entitlement Management Message EMM and scrambling code stream SSS/ data stream encrypted EDS, output is by the DSD of descrambling coprocessor DescramCP generation or the DS that is produced by password coprocessor CryptCP; Password coprocessor CryptCP finishes decryption acts under central processing module CPM control, comprising: utilize local private key that the working key EWK that encrypts is carried out asymmetric cryptographic algorithm to obtain working key; Utilize working key WK to carry out symmetric cryptographic algorithm, produce further working key WK or add descrambled control words CW; Finish the deciphering of EDS to produce deciphering back data flow DS etc., descrambling coprocessor DescramCP implements the descrambling action according to the descrambled control words CW that adds that determines to scrambling code stream SSS under central processing module CPM control, produces code stream SDS behind the descrambling; Described condition receiving processor comprises with lower member:
A, a shared memory that is used to carry out data, control, state information exchange;
B, a central processing module that is used to resolve control information, commander/control/coordination coprocessor work;
C, one are used for receiving pre-processing module from condition and receive authorization control/management information and data message and finish the input and output coprocessor of specifying output action;
D, one are used for encrypted secret key or data stream encrypted are decrypted the password coprocessor of processing;
E, a descrambling coprocessor that is used for the program associated code stream of scrambling is carried out scramble process.
2, condition receiving processor as claimed in claim 1, it is characterized in that: described shared memory comprises: be used between central processing module and each coprocessor, carry out the data sharing storage portions of exchanges data and be used for central processing module sending instruction, each coprocessor to the shared storage portions of the state/instruction of central processing module transmit status to each coprocessor between coprocessor and the coprocessor.
3, condition receiving processor as claimed in claim 1, it is characterized in that: described central processing module comprises: a local memory, the program and the data that are used to store bound condition receiving system; A processor is used to carry out described program, sends instruction to each coprocessor, and receives the executing state of each coprocessor.
4, condition receiving processor as claimed in claim 1 is characterized in that: described input and output coprocessor comprises: an instruction set is used for form, the function of the instruction that regulation input and output coprocessor can carry out; A status register is used to show the state that the input and output coprocessor executes instruction; An execution unit is used for deciphering all instructions that the described input and output coprocessor command set of execution closes.
5, condition receiving processor as claimed in claim 1, it is characterized in that: described password coprocessor comprises: an instruction set is used for form, the function of the instruction that the regulation password coprocessor can carry out; A status register is used to show the state that password coprocessor executes instruction; An execution unit is used for deciphering all instructions of carrying out described password coprocessor instruction set.
6, condition receiving processor as claimed in claim 1 is characterized in that, described descrambling coprocessor comprises: an instruction set is used for form, the function of the instruction that regulation descrambling coprocessor can carry out; A status register is used to show the state that the descrambling coprocessor executes instruction; An execution unit is used for deciphering all instructions that the described descrambling coprocessor command set of execution closes.
7, a kind ofly carry out condition receiving method, it is characterized in that: comprise following handling process with the described condition receiving processor of claim 1:
I, authorization control/management information are handled flow process and be may further comprise the steps: be used to receive authorization control/management information, carry out processing such as cipher key-extraction, deciphering, produce scrambler control word or traffic encryption key; Authorization control/management information receiving step: receive pre-processing module from condition and receive Entitlement Control Message and Entitlement Management Message, and write described data sharing memory; Key or encryption key extraction step: by carrying out the condition receiving software of binding, from the data sharing memory, read Entitlement Control Message and Entitlement Management Message, extract key or encrypted secret key, and write the data sharing memory; The encryption key decryption step: by carrying out the password coprocessor instruction, the key of reading encrypted from the data sharing memory produces key or scrambler control word after deciphering, and writes the data sharing memory;
J, the relevant code stream scramble process flow process of program may further comprise the steps: utilize described authorization control management information to handle the scrambler control word that flow process produces, finish the scramble process to the relevant code stream of program; Data input step: receive pre-processing module from condition and receive, and write the data sharing memory by the relevant code stream of the program of scrambling; The descrambling step: by carrying out the descrambling coprocessor instruction, from the data sharing memory, read by the relevant code stream of the program of scrambling, the relevant code stream of the program behind the generation descrambling, and write the data sharing memory; Data output step: by carrying out the input and output coprocessor instruction, read from the data sharing memory by the relevant code stream of the program of descrambling, the condition that outputs to receives post-processing module;
K, data flow decryption processing flow process may further comprise the steps: utilize described authorization control management information to handle the traffic encryption key that flow process produces, finish the decryption processing to data flow; Data flow input step: receive pre-processing module from condition and receive encrypted data flow, and write the data sharing memory; By carrying out the password coprocessor instruction, from the data sharing memory, read encrypted data flow, produce the data flow after deciphering, and write the data sharing memory; Data flow output step: by carrying out the input and output coprocessor instruction, read decrypted data flow from the data sharing memory, the condition that outputs to receives post-processing module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200410000291 CN1234244C (en) | 2004-01-15 | 2004-01-15 | A conditional access processor based on shared storage architecture and access method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200410000291 CN1234244C (en) | 2004-01-15 | 2004-01-15 | A conditional access processor based on shared storage architecture and access method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1558673A CN1558673A (en) | 2004-12-29 |
| CN1234244C true CN1234244C (en) | 2005-12-28 |
Family
ID=34350404
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200410000291 Expired - Fee Related CN1234244C (en) | 2004-01-15 | 2004-01-15 | A conditional access processor based on shared storage architecture and access method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1234244C (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR100755435B1 (en) | 2005-10-04 | 2007-09-04 | 삼성전자주식회사 | Digital broadcasting conditional access terminal and method thereof |
| EP1784016A1 (en) * | 2005-11-03 | 2007-05-09 | Nagravision S.A. | Security method for transferring data between a multimedia terminal and a security module |
| CN101201811B (en) * | 2006-12-11 | 2010-05-12 | 边立剑 | Encryption-decryption coprocessor for SOC |
| CN102438169B (en) * | 2011-12-06 | 2014-04-02 | 四川长虹电器股份有限公司 | Automatic testing method of integrated machine with set-top box and digital television |
-
2004
- 2004-01-15 CN CN 200410000291 patent/CN1234244C/en not_active Expired - Fee Related
Also Published As
| Publication number | Publication date |
|---|---|
| CN1558673A (en) | 2004-12-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7590242B2 (en) | Selective multimedia data encryption | |
| CN1161999C (en) | Security model for interactive television applications | |
| CA2695096C (en) | Conditional entitlement processing for obtaining a control word | |
| US20060190403A1 (en) | Method and Apparatus for Content Protection and Copyright Management in Digital Video Distribution | |
| CN101719910B (en) | Terminal equipment for realizing content protection and transmission method thereof | |
| US20070098162A1 (en) | Method and apparatus for managing rights of multi-layered multimedia stream by layers | |
| US20080137850A1 (en) | Method and system for a generic key packet for mpeg-2 transport scrambling | |
| CN1343420A (en) | Global copy protection system for digital home networks | |
| KR20160026857A (en) | Methods, information providing system, and reception apparatus for protecting content | |
| CN101080896A (en) | Method for transmission of digital data in a local network | |
| JP2010193449A (en) | Method of securely providing control word from smart card to conditional access module | |
| WO2006091304A2 (en) | System and method for drm regional and timezone key management | |
| US20020170072A1 (en) | Systems for receiving and processing digital data carried by satellite transmissions | |
| CN102957961A (en) | Method and device for sharing encrypted digital television programs and digital television receiver | |
| KR20100044969A (en) | System apparatus and method for conditional broadcast reception without cablecard | |
| CN1835552A (en) | Device and method of realizing expendable machine card separation in digital television system | |
| US20050152545A1 (en) | Conditional access control | |
| CN102164319A (en) | Method and device for safely transmitting transport stream (TS) | |
| CN1234244C (en) | A conditional access processor based on shared storage architecture and access method | |
| JP3754847B2 (en) | Data processing method, data processing apparatus and storage medium thereof | |
| WO2011073287A1 (en) | Method and processing unit for secure processing of access controlled audio/video data | |
| CN1299506C (en) | Condition reception assembled controlling method without addressing authorization | |
| EP2332331B1 (en) | Method for the allocation and management of substcriptions for the reception of broadcast products | |
| CN1642268A (en) | Machine-card separating condition receiving method and system | |
| CN100539680C (en) | Condition receives realization system, digital television receiver and conditional receiving device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Assignee: Beijing Beike-masic Automation Engineering Limited Company Assignor: University of Science and Technology Beijing Contract fulfillment period: 2007.11.20 to 2013.11.20 contract change Contract record no.: 2008990000846 Denomination of invention: A conditional access processor based on shared storage architecture and access method Granted publication date: 20051228 License type: Exclusive license Record date: 20081021 |
|
| LIC | Patent licence contract for exploitation submitted for record |
Free format text: EXCLUSIVE LICENSE; TIME LIMIT OF IMPLEMENTING CONTACT: 2007.11.20 TO 2013.11.20; CHANGE OF CONTRACT Name of requester: BEIJING BEIKE MAISIKE AUTOMATION ENGINEERING TECHN Effective date: 20081021 |
|
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20051228 Termination date: 20100222 |