A Study on Multimedia Security Systems in Video ... - IEEE Xplore

A Study on Multimedia Security Systems in Video Encryption 1

Rustam Rakhimov Igorevich1, Hanmaro Yong1, Dugki Min1, Eunmi Choi2 School of Computer Science and Engineering, Konkuk University, Hwayang-dong, Seoul, 133-701, Korea 2 School of Business IT, Kookmin University, Jeongneung-dong, Seongbuk-gu, Seoul, 136-792, Korea [email protected], {maro1076, dkmin}@konkuk.ac.kr [email protected]

Abstract - This paper is to survey video encryption algorithms field which becomes as an important field nowadays. As an increasing rate of applying video is getting high, the security of video data becomes more important. In this paper listed several famous encryption schemes which have their own advantages and cryptographic stability. Three main classes of video encryption techniques are studied. Given encryption which based on entropy coding, reason is entropy coding based encryption solutions are regarded as one of the bests.

I.

intelligibility of encrypted video investigated. There are three presented visual security assessment methods, which are found as a structure distorted, image entropy and spatial correlation. And as a main idea of that [6] paper, suggested scheme would analyze and compare video encryption algorithms from visual way, it's definitely a different way than usual cryptanalysis. The visual security assessment can be compared with video quality assessment, and as a comparison, result would be opposite. Video quality assessment is the method to evaluates distortion level of videos in video compression. If look more detail into video quality assessment, it's possible to find the difference in detail on image pixel between images, and analyze this difference which will define quality portion. But in case of visual security assessment, it is assessing security level of cipher-images in given video, but also logically doing same thing like taking difference between encrypted and unencrypted video. But main difference between them is that if in quality assessment many matches of pixels happened, then considered compression algorithm quality assessing with a high mark. Accordingly video security assessment scheme works in opposite way. Cipher-image is an encrypted image using chosen encryption algorithm. In Fig. 1, given three images are sort of one image, it’s like original video, compressed video and encrypted video.

INTRODUCTION

Digital systems has brought many advantages to the human life, especially digital multimedia and processing have given many advantages compared with the analog form of multimedia. Processing, storage, compression, noise resistance and many other that kind of multimedia properties have been realized and discovered using digital multimedia. As it is known that every new technology has advantages and regarding disadvantages. In case of digital multimedia, there are established the problems with the ownership rights or with the illegal access and copies of the multimedia data. Actually before digital multimedia was originated, analog multimedia also had problem, but at that time the multimedia sources weren't globalized compared with now. Three major security technologies are suggested to protect video contents: 1. To provide end-to-end security using encryption technology at the distributing video over internet or other public communication channel 2. To achieve copyright protection with watermarking, ownership trace and authentication 3. To prevent unauthorized access using access control technology Encrypted video must be assessed somehow, and there are some methods for that. For example, encrypted video data can be analyzed cryptographically or visually. In [6] given method of visual security assessment for video encryption and

Fig. 1. Visual difference between original images, encoded image and encrypted image. (a) is the original image, (b) is the reconstruction image, (c) is the cipher-image

This paper contains some of the famous algorithms like USE, VEA, also given information about video encryption algorithm based on entropy coding. In section two given types

•••

of video encryption and they divided into three types. Section three about encryption based on entropy coding and what kind of advantages it has compared with frequency domain and spatial domain encryption methods. In Sections four and five given encryption algorithms VEA and USE, and last section 6 devoted to conclusion. II.

coefficients can be considered. AC and DC coefficients permutation must be done before entropy coding. Using this way invokes breaking procedure of video compression because standard decoder unavailable to decode that kind of encrypted video data. Accordingly decoder to this secure encoder should be "Integrated video decompression and decryption decoder". - Zig-zag algorithm - actually this method of video encryption not acknowledged as an encryption because it has permutation list, and if permutation list is known, the algorithm will not be secured.

FUNDAMENTAL CONCEPTS

There are three main video encryption techniques exist, and all suggested schemes up to now can be subdivided into these three types. - Whole video encryption - techniques contain two ways: video scrambling and naive approach. Naive algorithm is also called encrypting entire video data encryption. The main reason for that, it's encrypting the binary sequence of video. Video scrambling is a permuting the video in the time domain or frequency domain. But this method deemed like low security approach. Just encrypting entire video approach is referring as "naive approach" because it's just encrypting bit sequence of whole compressed or uncompressed video in a stream. Certainly this solution suggests more substantial high security; however it needs more computational time. - Selective video encryption - can be classified into three types: frequency domain schemes, spatial domain and entropy coding schemes. Let's describe these domain schemes more detail. Frequency domain scheme selecting frequency domain data's in video. Certainly frequency domain data include itself motion vector (MV), DCT coefficients, I block, I frame and so on. Frequency domain schemes are not used much in selective encryption methods. Spatial domain scheme uses spatial information of video data. Special entropy codec uses encrypt in entropy coding schemes, and as it is considered one of the more secure methods of encryption. But these encryption methods schemes have few problems: 1. Security problem. From the view points of the cryptographic analytics, the security schemes which don’t use standard cryptographic algorithms are very low. Especially, uses permutation operation is highly risky, even using some standard cryptographic algorithms in video encryption schemes, there are also many security problems. More detail cryptanalysis given in [2] 2. Computational cost problem. Some methods of encryption algorithms can provide substantial security, but the computational cost becomes higher when length of data is increasing. As an example VEA is suitable because it needs to encrypt half of the video data using internal encryption scheme. 3. Feasibility problem. Feasibility is third major widespread problem in many existed schemes. There are some existing schemes so-called "Integrated video compression and encryption system" which means that the video encryption module integrated into video compression module. As ordinary example permutation of AC and DC

III.

VIDEO ENCRYPTION BASED ON ENTROPY CODING

Video coding technologies developing and encryption algorithm should be well combined with compression process so as to satisfy the expectations in real-time transmission, format maintenance and error resilience. In [3] authors said that entropy coding would become the research direction of video security algorithms. The video encryption methods that are based on entropy coding have already been researched. Main logic of entropy coding encryption is that information carrying fields are what needed to be encrypted. For those bits from that information carrying fields are extracted to be concatenated in an appropriate way. Concatenation would be encrypted by a common cipher algorithm for example like DES, and result of encrypted bits need to put back into their original positions. Encryption entropy coding can be used effectively if it would be used in H.264, because different from other video standards there are two entropy coding methods exist: Context-adaptive variable length coding (CAVLC) and context-adaptive binary arithmetic coding (CABAC), CAVLC computational beneficial than CABAC, that's why in [3] considered CAVLC. H.264 CAVLC is specified in five ordered steps: 1. Encode total number of all coefficients and trailing one 2. Encode signs of trailing one 3. Encode non-zero coefficient levels exclude trailing one 4. Encode total number of zeros before last non-zero coefficient 5. Encode runs of zero coefficients before each non-zero coefficient According to five steps, there are five different codeword tables. And accordingly it can be chosen by sides at the time of using encryption, which codeword table must be referenced. In processing CAVLC stream cipher algorithm are used to encrypt the codeword index so as to get a new index, then with derived index looks up codeword table to determine the new codeword according to the encrypted index. As mentioned before, CAVLS goes through the five steps and each step has its own codeword table. Encryption would not be embedding into all five steps, it’s unsuitable. Schematically it would have like illustrated in Fig. 2.

•••

IV.

VEA (VIDEO ENCRYPTION ALGORITM)

If a user wants to remain functionality video retrieval and playback process within encryption of video in a real-time, then DES and RSA algorithms are not fast enough to satisfy this requirement. Hence, it was necessary for new secure and fast encryption algorithm for compressed video. Statistical analysis of compressed video is really different comparing with text or other data types, and after deeply learning that statistical properties of compressed video Lintian Qiao and Klara Nardstedt [5] triggered out their own developments of an efficient and secure VEA. MPEG has a more uniform distribution byte values for more details about that distribution refer to [5]. As a basic approach to achieve highest security level, there was considered sequence of I-frame and assumed to separate them to odd-numbered bytes and even-numbered bytes to form two new byte streams. As an operation over that streams was chosen simple bitwise XOR operation and encryption function E. As it is known from basics of cryptography if a2, a4, …,an has no repeated pattern then cryptographic stability of system would totally depend on crypto stability of function E because the a2, a4, …, a2n is a one-time pad sequence. Let’s consider the algorithm of VEA. In Fig. 4 given block scheme of algorithm.

Fig. 2. Codeword index encryption process

Fig. 3. Unencrypted and encrypted frames of Claire

In [3] authors used RC4 stream cipher algorithm to provide data confidentiality, the reason for using this algorithm is light for running. It means that algorithm can be ran very quickly without any kind of initializations and key generation operations, also it's processing with byte-oriented operations and considerably secure. RC4 key length is at least 128 bits, and they used key stream to encrypt codeword tables four times. It generates a new key stream in each encrypting operation, for one codeword index, the key space is at least 2512. In Fig. 3 given three images, they are encrypted and unencrypted video frames of "Claire". The first image is original video sequence, second image is selective encrypted where only DC coefficients are encrypted, and the third one is based on entropy coding encryption. In evidence the third entropy coding encryption is more illegible. The time cost for encrypting codeword index and for mapping the index back to codeword table is almost equal to the time looking up CAVLC codeword table. Additionally RC takes a short time to generate and distribute the key, and as an encryption it uses only simple XOR bitwise operation. Evidently the computation complexity is low enough to support real-time processing. The tread compression performance test gave result like compression variation ratio r was 0.068% for “Claire”. r represents difference video data quantity before encrypting and after encrypting.

Fig. 4. The Algorithm

The algorithm consist the following steps: 1. Constructing Header Block For each MPEG frame. 2. Apply KeyF to KeyM and Keyi’s 3. For j-th 128-byte stream segment, compute i=(j mod 4) 4. Shuffle j-th 128-byte stream segment using KeyM  KeyF and divide the resulting segment into four 32-byte parts sequentially. The first and third part serve as two odd lists and the second and forth one as two Even Lists.

•••

5. Shuffle the first even list using Key2i+1  KeyF . The resulting even list is: 1) XORed with the first odd list giving cipher-text c1 c1 … C32; 2) Encrypted by function E using Key E giving us cipher- text E1 E2 … E32. Apply same steps to the other pair of odd and even lists. 6. Repeat step 1 for each frame.

unimportant data partition. H.264/AVC has many new features that make this procedure easier to implement, and normally important data partition has smaller size than unimportant data. The importance of data is reckons up by how difficult to reconstruct a picture, after defining importance video data is parted into DPA (Data Partition A) and DPB (Data Partition B). 2. Unequal secure encryption. AES and FLEX encryption algorithms were used, regarding AES using to encrypt important data partition and proposed in [4] algorithm FLEX use to encrypt unimportant data partitions. The computational cost of FLEX is only 1/5 of the AES encryption. Using this way achieved the scheme with highly secure and low computation cost.

In first view, the algorithm doesn’t look so complicated and stable. Even this algorithm looks simple Feistel chain, but actually it’s very advanced stream algorithm especially core points here the blocks “Permutation by KeyM * KeyF” and ”Permutation using Key2i+1 * KeyF”. KeyM is especially injected to avoid regularity of odd bytes of plain-text. That’s why if an attacker knows the plaintext of a1, a3, …, a2n-1, then he can simply perform XOR operation with c1, c2, …, c2n and will get even half of byte sequence. Introducing an 128-bit keys which consist randomly generated 0 and 1 bit sequences, and the number of 0 and 1 normalized (means count 0 and 1 equal) and it is called KeyM. And depending on value KeyM in i-iteration ai would be assumed to even or odd group. The suggested key KeyM gives high advantages to VEA algorithm because, now attacker must know whole open plain text. V.

In USE many data classification methods are used, the reason for that is primordially USE scheme was designed for H.264/AVC which has some of the new features. Data partitioning (Extended profile) – This is a new feature of H.264/AVC making up a slices and placed them in three separate Data Partitions. First partition considered like important and contains the slice header and header data for MBs. Rest two partitions hold intra and inter coding MB’s residual data. FMO (Baseline Profile, Extended Profile) – is another new feature in H.264/AVC. It has an ability to partition the picture into slice groups (special regions). There are two kinds of partition modes in USE scheme, first is Region based FMO, here image can be partitioned into two slice groups: secret region and normal regions. Secret region can be selected by preprocessing tool and usually this region contains some recognized objects. Using this mode object-based encryption can be realized. The second partition mode is Mode Based FMO, and in this image also partitioned into two slices groups: Intra MBs and Inter MBs. Intra MBs contain important data’s rather than Inter MBs, it means the Intra MBs must be highly secured than Inter MBs. Parameters Extraction (All Profiles): This method was suggested as a common because two previous methods were profile limited. This method gives effect like Data Partitioning. In USE defined five security levels, depend on necessity this modes can be activated and used. Flex Algorithm is a stream cipher algorithm that is based on AES round transformation. It has same software and hardware flexibility like AES, and another good side of that algorithm it can share resources with AES implementation because as shown in Fig. 6 FLEX uses part of AES permutations and functions inside AES. Especially AES States is output for FLEX algorithm and depend on odd or even round the values of AES States can be assumed as an output of FLEX. In order to reduce computational cost there was used XOR method.

USE (UNEQUAL SECURE ENCRYPTION)

USE is an unequal secure encryption and it’s very useful for H.264/AVC video coding standard. The USE scheme encloses two parts: video data classification and unequal secure video data encryption. In [4] for the data classification were proposed three data classification methods and defined five security levels. As an encryption algorithm used algorithm FLEX and XOR methods to reduce computational cost. And as a result, it shows the computational cost of the USE scheme very low, hence in security level 0, the computational cost is about 18% of naïve encryption. In Fig. 4 given USE scheme.

Fig. 5. USE (Unequal Secure Encryption) scheme

As mentioned before “naive approach” is heavy and it needs to make some optimization to reduce the computational cost. For that uses two methods: 1. Data classification. All the data of total video classifying into two data partitions important data partition and

•••

Research Laboratories, NEC Corp. Kawasaki, Kanagawa 211-8666, Japan [5] Lintian Qiao and Klara Nahrstedt. “A New Algorithm for MPEG Video Encryption” Department of Computer Science University of Illinois at UrbanaChampaign, 1304 West Springfield Avenue, Urbana IL 61801, U.S.A. [6] Ye Yao, Zhengquan Xu, Wei Li, Visual Security Assessment for Video Encryption. [7] Jidong WANG, Yibo FAN, Takeshi IKENAGA, Satoshi GOTO. A Partial Scramble Scheme for H.264 Video. Graduate School of Information, Production and systems Waseda University, Fukuoka, 808-0135, Japan [8] Marco Grangetto, Enrico Magli, Gabriella Olmo. CONDITIONAL ACCESS TO H.264/AVC VIDEO BY MEANS OF REDUNDANT SLICES. Corso Duca degli Abruzzi 24 - 10129 Torino – Italy [9] Li Weng, Karel Wouters and Bart Preneel. Extending the Selective MPEG Encryption Algorithm PVEA. Department of Electrical Engineering IBBT-IPEAи, Katholieke Universiteit Leuven Kasteelpark Arenberg 10, 3001 Leuven-Heverlee, Belgium [10] Z. SHAHID, M. CHAUMONT and W. PUECH. “FAST PROTECTION OF H.264/AVC BY SELECTIVE ENCRYPTION OF CABAC”. LIRMM,UMR CNRS 5506, University of Montpellier II, 161, rue Ada, 34392 Montpellier CEDEX 05, France [11] Yan Li, Main Cai. H.264-Based Multiple Security Levels Net Video Encryption Scheme. Electronic Informationg and Control Engineering College Beijing University of Technology BeijingୈChina.

Fig. 6. FLEX encryption algorithm

CONCLUSION Mentioned algorithms VEA and USE were considered one of the best cryptographically stable schemes in video encryption algorithms because the scheme suggested by their authors is stable, also using AES cryptographic algorithm gives more warrant for the security. AES algorithm is number one in the world for nowadays. And there was not suggested any real attack which can brake this algorithm. VEA has advantage like simple view, but hard to break system. These two algorithms solved trade-off problem between substantial security and computational cost. ACKNOWLEDGMENT This research was supported by the MKE(The Ministry of Knowledge Economy), Korea, under the ITRC(Information Technology Research Center) support program supervised by the NIPA(National IT Industry Promotion Agency)" (NIPA2010-C1090-1031-0003)

REFERENCES [1] Zhang Qian, Wu Jin-mu, Zhao Hai-xia. “Efficiency Video Encryption Scheme Based on H.264 Coding Standard and Permutation Code Algorithm”, School of Computer Science and Engineering Hebei University of Technology TianjinୈChina [2] Lintian Qiao and Klara Nahrstedt, Comparision of MPEG Encryption Algorithms. Department of Computer Science, University of Illinois at UrbanaChampaign, 1304 West Springfield Avenue, Urbana IL 61801, U.S.A. [3] Cai Mian, Jia Jia, Yan Lei. An H.264 Video Encryption Algorithm Based On Entropy Coding. School of Electronics Information & Control Engineering, Beijing University of Technology, Beijing 100022,P.R.China, 2007 [4] Yibo Fan, Jidong Wang, Takeshi Ikenaga, Yukiyasu Tsunoo, and Satoshi Goto. A New Video Encryption Scheme for H.264/AVC. 1 Graduate School of Information, Production and Systems, Waseda University 2-7 Hibikino, Wakamatsu, Kitakyushu, Fukuoka, 808-0135, Japan 2 Internet Systems

•••