CN1394082A - Secure unit for encrypted signal transmission process - Google Patents

A decryption unit security system for use in secure transport services is disclosed in which decryption keys are stored to a portable storage device such as a smart card. The decryption unit and the storage device are loaded with the same matching key that must be matched before the decryption unit can run. The originator of the transmission service can change the matching key remotely at any time by sending a new matching key. In a preferred embodiment, two additional matching keys are used, one randomly generated by the decryption unit and can be changed locally, and the other is a static key generated when the decryption unit and code are initialized. These keys may be combined and compared together for matching purposes. Furthermore, the decryption key itself may also be used as a matching key that can be changed remotely.

用于加密信号传输过程的安全单元Secure unit for encrypted signal transmission process

发明领域field of invention

本发明涉及安全传输系统，更具体地说本发明涉及这种系统中的解密单元或解扰单元的安全性。本发明的一个应用是用户电视系统，无论是无线电视、有线电视还是卫星电视。然而，本发明还可以应用于远程系统与本地系统之间的安全传输系统，其中本地系统利用存储在安全便携式媒体(例如：智能卡)内的密钥对传输进行解密。The present invention relates to secure transmission systems, and more particularly the invention relates to the security of decryption or descrambling units in such systems. One application of the invention is in consumer television systems, whether over-the-air, cable, or satellite. However, the invention can also be applied to a secure transmission system between a remote system and a local system, where the local system decrypts the transmission using a key stored on a secure portable medium such as a smart card.

背景技术Background technique

在付费电视系统中，发送的信号被加密或加扰，这样就只有广播业务用户可以接收此信号。图1示出这样一种系统，在图1中，“远程系统”为DVB广播前端设备，“本地系统”为电视接收机机顶盒解码器。远程系统利用待广播的信号对此信号进行加密或加扰，而机顶盒(STB)在用户接收机利用存储在STB的“固定密钥”对此信号进行解密。此固定密钥与在远程系统进行加密所使用的密钥相同。其中信号包括数据，而不包括视频信息，本地系统具有存储数据的设备。此现有技术的安全性差，因为容易非法进入本地系统并复制此固定密钥。In pay-TV systems, the transmitted signal is encrypted or scrambled so that only subscribers of the broadcasting service can receive it. Fig. 1 shows such a system. In Fig. 1, the "remote system" is a DVB broadcast head-end device, and the "local system" is a TV receiver set-top box decoder. The remote system encrypts or scrambles the signal to be broadcast, and the set-top box (STB) decrypts the signal at the subscriber's receiver using a "fixed key" stored at the STB. This fixed key is the same key used for encryption on the remote system. Where the signal includes data, but not video information, the local system has facilities for storing the data. This prior art has poor security because it is easy to illegally enter the local system and copy this fixed key.

图2示出上述系统的一种变换系统。在此系统中，使用智能卡存储密钥和数据(如果能使用)并且必须在本地系统联合操作时插入。此系统同样不安全，因为本地系统与智能卡之间的信道不安全。黑客可以监视本地系统与智能卡之间的协议，然后伪造智能卡。Figure 2 shows a conversion system of the above system. In this system, a smart card is used to store keys and data (if available) and must be inserted when the local system is operating in conjunction. This system is also insecure because the channel between the local system and the smart card is not secure. Hackers can monitor the agreement between the local system and the smart card, and then forge the smart card.

图3(也是现有技术)示出一种改进系统，其中本地系统与特定智能卡匹配。利用在本地系统与智能卡之间进行配对处理后产生的成对密钥实现这种匹配关系。因为各本地系统—智能卡对是唯一的，所以即使成对密钥被攻击，被攻击的智能卡仍不能用于其它本地系统。在进行TV广播情况下，不会破坏本地系统—智能卡对而产生严重安全风险。然而，在电子商务应用中，一个本地系统—智能卡对也不希望被破坏，因为在这种情况下，智能卡可以用于各种用途，包括更改存储值。Figure 3 (also prior art) shows an improved system where the local system is matched to a specific smart card. This matching relationship is realized by using the pairwise key generated after the pairing process between the local system and the smart card. Because each local system-smart card pair is unique, even if the pair key is compromised, the compromised smart card cannot be used with other local systems. In the case of TV broadcasting, the local system-smart card pair will not be damaged to cause serious security risks. However, in e-commerce applications, a local system-smart card pair also does not want to be compromised, because in this case, the smart card can be used for various purposes, including changing the stored value.

发明内容Contents of the invention

本发明目的就是提供一种在各种安全传输系统中使用的安全解密单元。The purpose of the present invention is to provide a secure decryption unit used in various secure transmission systems.

因此，在第一个方面，本发明包括在发送端与一个或多个接收端之间的安全信号传输业务中所使用解密单元的安全系统，该发送端对信号进行加密，该接收端对其信号解密密钥或其一部分被存储在可装卸的存储设备内的这种类型的信号进行解密，该安全系统包括：Thus, in a first aspect, the invention comprises a security system of a decryption unit for use in a secure signal transmission service between a sender encrypting a signal and one or more receivers A signal decryption key or a portion thereof is decrypted by a signal of this type stored in a removable storage device, the security system comprising:

存储器，位于所述解密单元内，用于存储第一匹配密钥；a memory, located in the decryption unit, for storing the first matching key;

用于将所述第一匹配密钥复制到所述可装卸存储设备的装置；means for copying the first matching key to the removable storage device;

位于所述解密单元内，用于将可装卸存储设备内的第一匹配密钥与存储在所述存储器内的第一匹配密钥进行比较的装置；means, located in the decryption unit, for comparing a first matching key in the removable storage device with a first matching key stored in the memory;

只有当两个第一匹配密钥一致时，利用解密单元对信号进行解密的装置；位于发送端用于周期性产生新第一匹配密钥并将该密钥发送到至少一个解密单元的装置；means for decrypting the signal using the decryption unit only when the two first matching keys are consistent; means at the sending end for periodically generating a new first matching key and sending the key to at least one decryption unit;

用于提取时常通过发送端包括在该信号内的新第一匹配密钥的装置；以及means for extracting a new first matching key included in the signal from time to time by the sender; and

用于将提取的新信号密钥写入所述存储设备的装置。means for writing the extracted new signal key into said storage device.

在第二个方面，本发明涉及在发送端与一个或多个接收端之间进行的加密信号传输过程中使用的解密单元，该接收端对其信号解密密钥或其部分被存储在可装卸的存储设备内的这类信号进行解密，该解密单元包括：In a second aspect, the invention relates to a decryption unit for use in the transmission of an encrypted signal between a sender and one or more receivers whose signal decryption key or part thereof is stored in a removable Such signals in the storage device are decrypted, and the decryption unit includes:

存储器，用于存储第一匹配密钥；a memory for storing the first matching key;

用于将所述第一匹配密钥复制到所述可装卸存储设备的装置；means for copying the first matching key to the removable storage device;

用于将存储在可装卸存储设备内的第一匹配密钥与存储在所述存储器内的第一匹配密钥进行比较的装置；means for comparing a first matching key stored in the removable storage device with a first matching key stored in said memory;

只有当两个第一匹配密钥一致时，才对信号进行解密的装置；means for decrypting the signal only if the two first matching keys agree;

用于提取时常通过发送端包括在该信号内的新第一匹配密钥的装置；以及means for extracting a new first matching key included in the signal from time to time by the sender; and

用于将提取的新信号密钥写入所述存储设备的装置。means for writing the extracted new signal key into said storage device.

在此说明书中，术语“加密”和“解密”分别包括“加扰”和“解扰”过程。此外，“解密”包括“解码”过程并且“解密单元”具有等效意义。In this specification, the terms "encryption" and "decryption" include "scrambling" and "descrambling" processes, respectively. Furthermore, "decryption" includes a "decoding" process and "decryption unit" has an equivalent meaning.

附图说明Description of drawings

图1示出利用具有设置在本地解密设备内的解密密钥的进行加密传输的方框图(现有技术)；Figure 1 shows a block diagram of an encrypted transmission with a decryption key provided in a local decryption device (prior art);

图2示出不仅与图1所示的系统相同的系统，而且还包括与本地解密设备共同使用且存储在智能卡中的解密密钥(现有技术)方框图；Figure 2 shows not only the same system as that shown in Figure 1, but also a block diagram of a decryption key (prior art) for use with a local decryption device and stored in a smart card;

图3示出利用成对密钥使本地系统与智能卡之间的信道安全对图2所示的系统进行改进的系统(现有技术)；Figure 3 shows a system (prior art) that improves on the system shown in Figure 2 by utilizing a pairwise key to secure the channel between the local system and the smart card;

图4示出用于概况说明根据本发明系统的方框图；Figure 4 shows a block diagram for an overview of the system according to the invention;

图5示出实现本发明的更详细方框图。Figure 5 shows a more detailed block diagram for implementing the invention.

具体实施方式Detailed ways

现在对于用户电视广播系统，参考图4和图5对本发明的优选实施例进行说明。上述技术同样可以用于对存储在便携式存储设备内的任何数据提供安全性。包括远程系统1的广播设备产生电视信号，在利用公知加密设备2进行传输之前，电视台对电视信号进行加密。目标本地设备3(对于用户电视为机顶盒)接收此加密广播信号，并保持加密直到将与电视台使用的信号密钥匹配的密钥送到用户设备3的解密模块为止。此信号密钥被存储到安全装置6，安全装置优选是智能卡。当与本地设备进行电连接(插入卡阅读器)时，信号密钥被送到本地设备3的解密单元，并对广播信号进行解密以显示在电视接收机上。Referring now to a consumer television broadcasting system, a preferred embodiment of the present invention will be described with reference to FIGS. 4 and 5. Referring to FIG. The techniques described above can also be used to provide security for any data stored within the portable storage device. The broadcasting equipment comprising the remote system 1 generates television signals which are encrypted by the television station before transmission using known encryption equipment 2 . The target local device 3 (set-top box for the user's TV) receives this encrypted broadcast signal and keeps it encrypted until a key matching the signal key used by the TV station is sent to the decryption module of the user device 3 . This signal key is stored to a security device 6, preferably a smart card. When an electrical connection is made to the local device (card reader inserted), the signal key is sent to the decryption unit of the local device 3 and decrypts the broadcast signal for display on the television receiver.

智能卡6与本地系统3匹配以确保智能卡不会被用于另一个本地系统。对本地系统和智能卡分别设置至少一个“动态”密钥，对“动态”密钥进行比较匹配后，本地系统才可以访问存储在卡上的信号或其它保护密钥或数据。通过“动态”就是指可以随机或周期地改变的密钥。此动态匹配密钥比静态密钥大大提高了安全性，以维护卡接口或信道的完整性。The smart card 6 is mated with the local system 3 to ensure that the smart card cannot be used with another local system. Set at least one "dynamic" key for the local system and the smart card respectively, and only after the "dynamic" keys are compared and matched, the local system can access the signal or other protected keys or data stored on the card. By "dynamic" we mean keys that can be changed randomly or periodically. This dynamically matched key greatly improves security over static keys to maintain the integrity of the card interface or channel.

动态密钥可以是单一密钥，也可以是多个分别产生的密钥的组合。可以改变一个组成密钥，远程密钥10。即新动态匹配密钥10可由密钥生成器4产生，并在被STB从远程密钥接口5的数据信号中提取的广播信号上发送，然后通过接口加密引擎8将它载入存储器7，加密引擎8反过来通过智能卡接口9将新密钥写入智能卡6。The dynamic key can be a single key, or a combination of multiple keys generated separately. One constituent key, remote key 10, can be changed. That is, the new dynamic matching key 10 can be generated by the key generator 4, and sent on the broadcast signal extracted from the data signal of the remote key interface 5 by the STB, then it is loaded into the memory 7 by the interface encryption engine 8, encrypted The engine 8 in turn writes the new key to the smart card 6 through the smart card interface 9 .

在此优选实施例中，总共使用3个密钥用于保护卡接口。除了远程密钥10外，还可使用第二动态密钥11和静态密钥12，以进一步提高安全性。In this preferred embodiment, a total of 3 keys are used for securing the card interface. In addition to the remote key 10, a second dynamic key 11 and a static key 12 can also be used to further increase security.

第二密钥11是一个经常发生变化的随机数。它是在STB3本地产生的。机顶盒具有软件控制随机密钥生成器，它隔一段时间产生一个新密钥。在最简单的运行方式中，每次产生一个密钥11，复制此新密钥并将它存储到安全装置16内的存储地址14(如图5内的点线13所示)。产生新随机密钥的过程和只有此密钥与安全装置内的相应密钥匹配才能进行信号解密过程的要求，是指安全装置仅在用于在第一位置产生此密钥的特定STB时有用。The second key 11 is a random number that changes frequently. It is generated locally on STB3. The set-top box has a software-controlled random key generator that generates a new key at regular intervals. In the simplest mode of operation, each time a key 11 is generated, this new key is copied and stored in a memory address 14 in the security device 16 (shown as dotted line 13 in FIG. 5 ). The process of generating a new random key and the requirement that the signal decryption process only take place if this key matches the corresponding key within the security device means that the security device is only useful for the specific STB that generated this key in the first place .

可以将第三密钥12存储到安全装置6内的存储器地址15并用于进一步确保STB与安全装置匹配。这是一个静态匹配密钥，它保持不变并且例如可以由STB的秘密序列号导出或与STB的秘密序列号等效，将此秘密序列号在最初插入此安全装置时复制并永久存储到安全装置。The third key 12 can be stored to a memory address 15 within the security device 6 and used to further ensure that the STB matches the security device. This is a static matching key which remains unchanged and can for example be derived from or is equivalent to the STB's secret serial number which is copied and permanently stored in the secure device upon initial insertion into the security device. device.

在根据本发明的一种更复杂的运行模式中，不复制这3个密钥10、11和12，它们在STB3与卡6之间分别匹配，并将它们组合在一起形成一个组合(改变的和可改变的)动态密钥16。无论此密钥是否变化，均利用STB3将此密钥复制到卡存储地址17。接口加密引擎8和18持续对保持在STB内的密钥与保持在卡内的密钥进行比较。In a more complex mode of operation according to the invention, these 3 keys 10, 11 and 12 are not copied, they are respectively matched between the STB3 and the card 6, and they are combined to form a combination (changed and changeable) dynamic key 16. No matter whether this key changes, all utilize STB3 to copy this key to card storage address 17. The interface encryption engines 8 and 18 continuously compare the key held in the STB with the key held in the card.

用于对从远程系统到本地系统的信号或数据进行解密的信号和数据被存储到卡存储地址19(数据密钥映射)，并由数据加密引擎20读取此地址。The signals and data used to decrypt the signals or data from the remote system to the local system are stored to the card storage address 19 (data key mapping) and this address is read by the data encryption engine 20 .

在一个实施例中，被用作动态匹配密钥的一部分的远程密钥10与用于解密由远程系统发送的信号或数据的数据密钥相同，动态匹配密钥确保STB至卡接口的安全性。因此将它从远程密钥映射21复制到数据密钥映射19。In one embodiment, the remote key 10 used as part of the dynamic matching key is the same data key used to decrypt the signal or data sent by the remote system, the dynamic matching key ensures the security of the STB to card interface . So copy it from remote keymap 21 to data keymap 19.

配对过程或初始化过程可以建立本地密钥12。在配对过程中，例如根据本地系统ID、智能卡ID以及由远程系统产生的远程密钥组产生本地密钥。为了提高随机性，使用与单个密钥相对的密钥组。对于特定的本地系统与智能卡对，所产生的本地密钥是静态的。当从远程系统接收远程密钥时，远程密钥被存储到远程密钥映射表中。A pairing process or an initialization process may establish the local key 12 . During pairing, a local key is generated, for example, from the local system ID, the smart card ID, and a remote key set generated by the remote system. To increase randomness, use groups of keys as opposed to a single key. The generated local key is static for a specific local system and smart card pair. When a remote key is received from a remote system, the remote key is stored into a remote key map.

无论什么时候产生或接收新随机密钥或新随机远程密钥，均在本地系统与智能卡之间就进行同步处理，结果产生更新的动态匹配密钥。例如以如下方式进行同步处理：Whenever a new random key or a new random remote key is generated or received, it is synchronized between the local system and the smart card, resulting in an updated dynamically matched key. For example, synchronous processing is performed as follows:

(1)根据初始动态密钥，本地系统与智能卡通信；(2)存在检验根据更新的动态匹配密钥进行通信过程的测试周期；(3)如果检验合格，那么通常在这种情况下对更新过程进行确认；(4)如果检验不合格，即意味着还存在某些故障，则显示告警消息。(1) The local system communicates with the smart card according to the initial dynamic key; (2) there is a test cycle to verify the communication process according to the updated dynamic matching key; (4) If the inspection is unqualified, it means that there are still some faults, and an alarm message will be displayed.

随机密钥的用途是确保甚至连设计者(设计加密算法的设计者)也不能破译此智能卡接口。The purpose of the random key is to ensure that even the designer (who designed the encryption algorithm) cannot decipher this smart card interface.