| With the continuous development of digital TV technology,digital TV set top box based on embedded Linux is becoming more and more popular with users,but it also has many security risks.If the software is tampered with in the application process of the set-top box,it may lead to information leakage from users and operators.Besides,under the drive of market interest,it is common to produce pirated top box by copying hardware system and illegally copying software.Therefore,under the background of the stern challenge to the security of the set-top box,the research on the security of the embedded Linux digital TV set top box in the application process has the actual market demand and practical significance.This paper aims at protecting the security of the set-top box in the application process,aiming at the startup process of the set-top box,it combines the related theories in the field of cryptography and the Linux mechanism to design and implement the security startup encryption scheme,which is used to protect the set-top box from illegal tampering and copying in the application process of the set-top box and increases the security of the process,reducing the possibility of being attacked illegally.The main contents of this paper include:(1)Study the related theory of cryptography,the Linux mechanism and the role and connection of each software module in the DVB set-top box based on embedded Linux in the starting process.(2)Determine the optimal algorithm in the field of cryptography and implementation scheme after analysis and comparison,according to the hidden security hidden danger and demand based on embedded Linux digital TV set top box.(3)Construct secure data storage structure,combining the characteristics of message authentication codes and symmetric encryption algorithms in the field of cryptography so that the software can check if the data is tampered with,when the data is read.(4)Realize the secure start up of Boot,the secure start up of application and the secure start up of the Loader to protect the software on the set-top box,aiming at the startup process of the set-top box and combining the asymmetric encryption algorithm including symmetric encryption algorithm,one-way hash function and digital signature algorithm.They effectively prevent the illegal tampering and copying of the software(5)Use Linux mechanism to build sandboxes,limiting the rights of the process,thereby reducing the possibility of the set-top box in the process of illegal attacks.In the security startup encryption scheme designed in this paper,it considers the security risk of the set-top box comprehensively,so it has high security.In addition,because the design of the encryption scheme aims at the startup process of the set-top box,it has low requirements for hardware relatively,it is suitable for most common set-top boxes,thus it has strong generality.It can be seen that the scheme designed in this paper can meet the needs of the current market and has certain practical significance. |
PDF Full Text Request