Professional Documents
Culture Documents
Abstract
MPEG video stream is quite different from traditional textual data because interframe dependencies exists in MPEG video. Special MPEG
video encryption algorithms are required because
of their special characteristics, such as coding
structure, large amount of data and real-time constraints. We present a real-time MPEG video encryption algorithm based on AES which is fast
enough to meet the real-time requirements.
Introduction
One way to secure distributed multimedia applications is to encrypt multimedia data using secret
key cryptography algorithms such as Data Encryption Standard (DES), International Data Encryption Algorithm (IDEA), and Advanced Encryption
Standard (AES) [2]. These algorithms involves
complex computations. Heavy-weight encryption
is performed on almost whole data while lightweight encryption is performed on partial or selective data. Heavy-weight encryption/decryption algorithm aggravates the problem and increases the
latency while light-weight encryption/decryption
algorithm provides sufcient security level and has
an acceptable computation cost to MPEG video
applications. In this paper, we present an efcient MPEG video encryption algorithm based
on AES for real-time video transmission. It is a
light-weight selective encryption scheme for secure MPEG transmission. It is based on RVEA
[3] which is light-weight selective encryption algorithm based on DES/IDEA. The security is signicantly improved by adopting AES to encrypt
data. This algorithm reduces and bounds its computation time by limiting the maximum number of
bits selected.
MPEG [1] is an industrial standard for video processing. Multimedia applications such as Videoon-Demand, video broadcast, multimedia mail
and video-conferencing must be provided with secure transmission. Secure video transmission is a
method in which video can be sent to a receiver
with the assurance that any unapproved eavesdroppers along the way will not be able to get any information from video i.e it is desirable that only
those who have paid for the services can view their
videos or movies. The high amount of redundancy
in the video gives an attacker more clues to reconstruct the original video. Normal data, such 2 Various Methods for MPEG video encrypas program code or text, has much less reduntion
dancy in its structure. These factors make providing secure MPEG video a challenge. Adding There are several already existing encryption alsecurity to MPEG transmission usually involves gorithms based on DES/IDEA for secure MPEG
encrypting parts or the entire MPEG bit stream. video transmission. Each of them has its strength
and weakness in terms of security level, speed,
*Student of M. E. at Government College of Engineering, Pune, currently doing M. E. project at Central Research and resulting stream size matrices. The existLaboratory, Bangalore.
ing algorithms are Naive algorithm, selective algo
rithm, Zig-Zag-Permutation algorithm, Pure Permutation Algorithm and Video Encryption Algorithm (VEA) [4].
The straight-forward method is to encrypt the
entire MPEG stream using standard encryption
method such as DES. This is called the Naive algorithm approach. Naive algorithm treats the MPEG
bit-stream as the traditional text data and does not
make use of the special MPEG structures. This
is the most secure algorithm but it is very slow.
The size of the bit stream does not change because
most standard encryption algorithms preserves the
size.
There are several proposals for selective algorithm
which use the features of MPEG layered structures. The basic selective algorithm encrypts only
I frames [5] because P and B frames are useless
without knowing the corresponding I frames. But
great portions of the video could be visible because some of the P and B frames may contain
intra-coded I blocks. Encrypting only I frames
can save 30-50% of encryption/decryption time.
The size of the encrypted stream does not change.
One selection scheme proposed is to encrypt only
MPEG video headers. This is not effective because
the headers contains mostly standard information
and a video stream is indexed by frame in order to
perform synchronization so that the beginning of
each frame is known.
Zig-Zag-Permutation algorithm [6] presents a
method where the encryption is an integral part of
the MPEG compression process. Instead of mapping 8x8 block to a 1x64 vector in zig-zag order,
it uses a random permutation list to map the individual 8x8 block to a 1x64 vector. This algorithm
cannot withstand the known plaintext attack and is
also vulnerable to the ciphertext only attack. The
speed is very fast and is almost the same as the
MPEG encoding/decoding time and the size of encrypted MPEG stream will increase by a signicant factor.
Video Encryption Algorithm (VEA) uses secret
key to randomly change the sign bits of all DCT
coefcients of MPEG video. Extension to VEA is
Real-time VEA (RVEA). To encrypt selected sign
bits, RVEA uses DES/IDEA while VEA uses only
XOR operation. The security of RVEA is signicantly improved by adopting secret key cryptography algorithms to encrypt the data. RVEA reduces
and bounds its computation time by limiting the
maximum number of bits selected.
Pure Permutation algorithm simply scrambles the
byte stream by permutation. The cardinality of the
permutation key can be varied and depends on the
security level and the application requirement. The
problem of Pure Permutation algorithm is that it
is vulnerable to the known plaintext attack. Bytewise permutation is very fast. Pure Permutation
algorithm does not increase the stream size unless
we change keys for each frame.
Background
Our Algorithm
MPEG video encryption aims to prevent unauthorized receivers from decoding the video programs
by encrypting them. The general scheme is to
to video
apply an invertible transformation
stream S called plaintext that produces a bitstream
C called ciphertext,
(1)
(2)
" !
(3)
1) 0)
2" # "" #
(' & %
"$ # "$ # "$ #
3#
# #
operation randomly changes the sign bits of coefcients. Based on the used secret key, the sign bit is
either changed or unchanged. Even if only some of
coefcients are changed, these changes will propagate to most of Inverse DCT (IDCT) coefcients
while decoding. Our algorithm achieves the goal
of reducing and bounding its computation time by
limiting the maximum number of bits selected.
For those who have the secret key, they can decrypt
the video le and get the original video. The decryption function is the same as encryption function except that inverse operation is performed.
Encryption and decryption keys are the same. For
those who do not have the secret key, their decoders will play quite different images from the
original video, because most of the image pixel
values would have been changed.
Algorithm for Video Encryption/Decryption
begin
open MPEG video le
create output le
while (not end of MPEG le)
{
read n bytes from input le in buffer
for each byte in buffer
{
if (collected sign bits == 128)
{
/*apply AES encryption algorithm */
Rijndael(state,cipher_key)
{
key_expansion(cipher_key,expanded_key)
add_round_key(state,expaned_key)
/* Nr: Number of rounds,
Nc: No. of columns of state matrix */
for(i=1;i<Nr;i++)
Round(state,expaned_key + Nc*i)
Final_round(state,expanded_key+Nc*Nr)
}
put resulting sign bits in original place
}
}
write n bytes from buffer to output le
}
close input and output le
end
Experiments
6. Lei Tang, "Methods for Encrypting and Decrypting MPEG Video Data Efciently", Proceedings of ACM Multimedia 96, pp. 219229, Boston, MA, November 1996.