The first key technique : using plain - text cipher and md5 message - digest algorithm to ensure stb and dhcp server ' s certificate and secure the stb and server ' s communications - the second key technique : using hmac algorithm to realize the safe functions - the third key technique : using ipsec to realize safe functions o those three methods " complexity increases in turn and the degree of the security increases as well which depend on the frame of the methods and the complexity of the algorithm . all theose three methods use the unique serial - number or a special slip - window to defend replay attack 主要采用三种安全方案实现:第一种:利用约定的明文密码验证机顶盒与dhcp服务器的合法身份, md5验证信息合法性:第二种:利用hmac算法验证机顶盒与服务器身份,信息合法性;第三种:利用ipsec验证机顶盒与dhcp服务器身份与信息合法性。每一种方案中皆采用包序号唯一法或者滑动窗口法保证重放攻击。此三种方案复杂度依次增加,安全度依次升高,主要取决于算法的复杂度与架构的搭建。