Upload
others
View
9
Download
0
Embed Size (px)
Citation preview
1
CHAPTER 1
INTRODUCTION
Information sharing is gaining importance, especially after 9/11, in
order to prevent terrorism attacks. Governments refine Intelligence Reform
and Prevention of Terrorism policies continuously to provide a better
information sharing environment across the globe. Traditional information
sharing happens as one-to-one exchange of data between sender and receiver
using open and proprietary protocols, messages and file formats. During late
1970s, modern information sharing methods started using Electronic Data
Interchange (EDI) standard for data exchange. From then on, EDI has become
the de-facto standard till date for data exchange. Technologies such as blogs,
Wikis and social networks continuously evolve to fit into one of the following
information sharing design patterns: one-to-one, one-to-many, many-to-many,
and many-to-one. As technologies evolve, information sharing platforms need
to provide and facilitate controlled vocabularies, data harmonization, privacy
and security policies.
End users/customers prefer secured communication during
information sharing without the apprehension of third parties or an attacker
intercepting what is being shared. In information sharing, huge volume of
data that need to be transferred becomes the bottleneck in providing secured
communication. Secured communication is not just any communication that
employs encryption, but it should posses the ability to process rapidly
growing information. It is imperative to provide efficient, secured solutions
depending on the demands and needs of end-users during information sharing.
2
There are several security algorithms proposed in the literature for secured
communication. They are expected to provide the following essential
services: Privacy, Authentication, Integrity and Non-Repudiation. These
services are collectively called as PAIN services. Secured communication
becomes an essential phenomenon in various activities done on daily basis
both in governmental, non-governmental and business organizations. Some of
those activities are listed below:
a) Protecting sensitive information related to government
agencies dealing with social security numbers, bank account
numbers, credit card numbers and national top secrets and
policy decisions
b) Secured data links for defense and military related
communication to and from systems setup in unconventional
places such as satellite, airborne, ground and sea-based remote
platforms
c) Secured Intelligence, Surveillance and Reconnaissance (ISR)
systems that are employed in various social, economic, and
commercial agencies
d) Security in strategic and tactical signal intelligence systems
that detect, collect, identify, analyze and disseminate
information. Few examples are weather forecasting, enemy
trespassing activities, identifying wealth and natural resources
in a particular area etc.
e) Protection in sharing patient’s information such as
Electrocardiograms (ECGs), Magnetic Resonance
Imaging (MRIs), and Digital Imaging and Communications in
Medicine (DICOM)
3
f) Secured communications and solutions such as secured
pathways to communicate sensitive messages among clients,
advocates and judges in legal industry
With rapid growth in digital communication, sharing and
transmission of videos and images over the Internet is unsecured due to
eavesdropping. Various cryptography algorithms are employed in order to
provide secured data communication by preventing cipher attacks and
snooping. Cryptography is an ancient art, originated way back in 4000 BC, to
protect information. Over century of years, cryptographic techniques are
evolved, refined and adopted for providing fast and secured communication
(Chung 2005), (Grangetto 2006), (Hyungjin 2007) (Matthias 2008) .
Rest of this chapter presents the timeline of cryptography
algorithms and basic concepts of video encryption. Various types of
cryptography algorithms are explained with suitable diagrams and examples.
This work focuses mainly on several video security mechanisms.
1.1 THE SECURITY MODEL
Pervasive usage of image, audio and video information require
media content protection making security an indispensable, vital factor. In
order to guarantee utmost data security, access rights alone are not adequate.
Data must be protected along the entire route/path during transmission by
employing suitable encryption techniques in order to provide complete
protection from piracy or unauthorized access. Security algorithms provide
mechanisms to solve risks and/or security threats during information sharing
with the following specific requirements (Gary 1999):
4
a) Privacy or Confidentiality: It makes sure that no one, except
the intended receiver, can read the message.
b) Authentication: It is the process of confirming identity of
users to access / modify the message. i.e. it makes sure that the
user is actually who he/she claims to be.
c) Integrity: It guarantees that the content of the message
received is not tampered; it protects the information from
damage or deliberate manipulation and thereby assuring the
receiver that the received message has not been altered in any
way from the original.
d) Non-repudiation: It means to deny something. Non-
repudiation is the ability to ensure that a sender cannot deny
the authenticity of his/her signature or sending of the message.
It provides a mechanism to prove that the sender has really
sent this message.
The above cryptographic services are realized by employing
encryption and authentication primitives, and cryptographic protocols.
Encryption primitives are used to provide confidentiality, whereas,
authentication primitives are used to provide data authentication. Ciphers
created by employing various encryption algorithms are known as encryption
primitives. Hash functions and digital signatures are examples for
authentication primitives.
5
Figure 1.1 Typical Security Model
A typical security model for information sharing is shown in Figure
1.1 (William 2005). The message is to be transferred from one party to
another across shared transmission medium such as Internet. In the model
shown in Figure 1.1, a logical information channel is established by defining a
route through the Internet from source to destination with the use of
communication protocols agreed upon by both the parties. The model shown
in Figure 1.1 has a trusted third party which facilitates secure transmission.
For example, the third party may be responsible for distributing the secret
information to sender and receiver and arbitrating disputes between them. The
general model in Figure 1.1 shows that there are four main tasks in designing
a particular security service (William 2005):
a) Designing an algorithm for converting the plain text to cipher
text. The designed algorithm should not be broken by
opponents. Various encryption algorithms have been
developed for this purpose (Daniel 2007), (Suman 2011),
(Yuefa 2012).
Opponent Intercepting the
Channel
6
b) Generating the secret information, i.e. the cipher-text, using
encryption algorithms.
c) Developing methods to distribute and share the secret
information.
d) Specifying a protocol for secured communication in order to
achieve a specific goal. e.g. (i) protocols for user
authentication and (ii) protocols for key management.
1.2 EVOLUTION AND HISTORY OF CRYPTOGRAPHY
TECHNIQUES
The word Cryptography is coined from the following two Greek
words: krypto=“hidden” and grafo=“to write” i.e. “hidden writing”.
Cryptography is being used since ancient times in order to hide the original
message during data transfer. Cryptography techniques developed so far can
be divided into the following three eras:
a) Techniques developed from ancient civilization to first part of
nineteenth century (4000 BC – 400 AD). These techniques are
simple algorithms designed and implemented manually.
b) Classical techniques that are used in electro-mechanical
machines (1000 AD - 1948). These algorithms were
developed during world war times, especially for secret
communications between Presidents and Heads of allied
nations.
c) Techniques that are developed during modern computing era
i.e. after the release of microprocessors (1949 – till date).
7
These techniques are developed based on solid mathematical
background.
The history and timeline of cryptography algorithms is shown in
Table 1.1. It is interesting to note that beside researchers and academicians,
other communities such as military persons, diarists and diplomatic personals
have also contributed several techniques in cryptography. For brevity, only
limited details such as name(s) of the invention and inventors are given in
Table 1.1. More details on some of the popular inventions are given
subsequently after Table 1.1.
Table 1.1 History and Timeline of Cryptography Techniques
Period/Year Name(s) of Inventors and Description of the Technique
Ancient Cryptography Techniques
Before Christ Era (BC)
Hieroglyphic Symbols used by Egypts, 4000 BC – AD 400, to transfer religious literature and sacred writing
Phaistos Disks made using clay by Greeks, 1800–1600 BC, first movable type printing
Substitution Cipher, Steganography, Caesar Cipher by Romans -600 BC
Spartans Skytale Device by Greeks, 500 BC
Classical
1000 AD Frequency Analysis by Arabs
1467Cipher Disk
Polyalphabetic Cipher by Leon Battista Alberti used in Mechanical Cipher Machines
1585 Vigenere by Bellaso
1795Jefferson Disk by Thomas Jefferson used in World War II by US Navy
8
Table 1.1 History and Timeline of Cryptography Techniques (Contd.)
Period/Year Name(s) of Inventors and Description of the Technique
1932
Enigma used for Military Communications in World War II
SIGABA used in World War II by USA
Typex used in Rotor Machines by British
1940 One Time Pad used in Banking initiated by Frank Miller
1942 SIGSALY used in World War II
Modern Computing
1949 Mathematical Theory of Cryptography published by Shannon
1970 Quantum States by Stephen Wiesner
1973 Feistel Network Block Cipher Design by Horst Feistel
1975 Public-key Cryptography
1976 Key Exchange Algorithms by Diffie-Hellman-Merkel
1977
Data Encryption Standard (DES) by USA used for enciphering PIN numbers and bank transactions
RSA by Ronald Rivest, Adi Shamir, and Leonard Adleman, used for Secured Communication
1982 Feynman ciphers by Richard Feynman
1984
BB84 -First Quantum Cryptography Protocol designed by Charles Bennett and Gilles Brassard
Probabilistic Encryption by Shafi Goldwasser and Silvio Micali
Chaotic Encryption by Matthews
1994Peter Shor Algorithm
Tiny Encryption Algorithm by David J. Wheeler and Roger M. Needham
1995SECMPEG by Jurgen Meyer, Frank Gadegast used for Video Encryption
1996Zig-Zag Permutation Algorithm by Lei B. Y, Lo K. T and Haijun Lei used for Text, Image and Video Encryption
9
Table 1.1 History and Timeline of Cryptography Techniques (Contd.)
Period/Year Name(s) of Inventors and Description of the Technique
1998
Twofish by Bruce Schneier, John Kelsey, Doug Whiting, DavidWagner, Chris Hall, and Niels Ferguson
Quantum Cryptography
Video Encryption Algorithm (VEA) by Changgui Shi and Bharat Bhargava
MPEG Video Encryption Algorithm (MVEA) by Changgui Shi and Bharat Bhargava
1999Real-time Video Encryption Algorithm (RVEA) by ChangguiShi, Wang SY and Bharat Bhargava
2000 Partial Encryption by Howard Cheng and Xiaobo Li
2001 Advanced Encryption Standard (AES)
2003Frequency Domain Scrambling approach by Wenjun Zeng and Shawmin Lei
Selective Encryption by Xiliang Liu and Ahmet M. Eskicioglu
2005 MHT Scheme by Chung Ping Wu and Jay Kuo C. C
2006Wavelet Packet Transform Algorithm by Dominik Engel and Andreas Uhl
2007
PRESENT Algorithm by Andrey Bogdanov, Lars R. Knudsen, Gregor Leander, Christof Paar, Axel Poschmann, Matthew J. Robshaw, Yanick Seurin and C. Vikkelsoe used for VLSI chip design
2009LCASE (Lightweight Cellular Automata-based Symmetric-key Encryption) by Somanath Tripathy and Sukumar Nandi
2010International Data Encryption Algorithm by Rajashekhar Modugu, Yong-Bin Kim and Minsu Choi
2011Humming Bird-2 by Daniel Engels, Markku-Juhani O. Saarinen, Peter Schweitzer and Eric M. Smith
10
It is believed that Egyptians used a symbolic representation called
Hieroglyphic symbol for recording and transferring religious, secret and
mystical knowledge to next generation around 4000 BC. Hieroglyphs are
figurative, stylized symbols representing real or illusional objects. Though
numerous failed attempts were made to decipher the hidden meaning of
hieroglyphic symbols, real breakthrough came during Napoleon’s Egyptian
invasion. Napoleon’s troops discovered a stone called Rosetta stone which
contains a hieroglyphic and a demotic version of the same text in parallel with
a Greek translation. A complete decipherment was made by Jean-François
Champollion during 1820 (Allen 1999). Egyptian Hieroglyphs have been
added to the Unicode Standard Version 5.2 in October, 2009.
In 1850 BC, Greeks used a clay disk called Phaistos Disk for secret
message sharing which is shown in Figure 1.2 (a). Size of this disk is about 15
cm in diameter and covered on both sides with a spiral of stamped symbols.
Stamping of symbols was done by pressing pre-formed seals into soft clay, in
a clockwise sequence spiraling towards the disc's center. Subsequently, the
clay was fired at high temperature. The unique feature of Phaistos Disc is that
entire text can be reproduced by inscribing with the help of reusable
characters. There are 241 tokens on the disc, comprising 45 unique signs that
are easily identifiable. It is believed that Phaistos Disc is the first document
of movable type printing (Schwartz 1959). Inspite of several failed attempts
to decipher the Disc, symbols in Phaistos Disc are still a mystery. A set of 46
Phaistos Disc characters, comprising 45 signs and one oblique stroke, have
been encoded in Unicode version 5.1 since April 2008 (Schwartz 1959).
11
(a) Phaistos Disks
(b) Jefferson’s Disk Cipher (c) Enigma Machine
Figure 1.2 Various Ancient Encryption Mechanisms
Substitution cipher was introduced during 600 BC. It is a
cryptographic technique where each letter of plaintext is replaced by a
different letter. Each letter retains its original position in the message, but the
identity is changed. This type of technique was documented during Julius
Caesar's Gallic Wars. Caesar Cipher, Monoalphabetic Ciphers, Hill Cipher,
Playfair Cipher and Polyalphabetic Ciphers are few examples for substitution
12
ciphers. Steganography was introduced by Greek in 600 BC and is used to
write hidden messages. In Steganography, the actual message is hidden using
video, audio, image and text. The word is derived from two Greek words
steganos (covered) and graphein. SIGSALY (also known as the X System,
Project X, Ciphony I, and the Green Hornet) was used in World War II as a
secured speech system for the highest-level allied communications between
then US President Roosevelt and his England counterpart Winston Churchill.
Design of SIGSALY led to the development of digital communications
concepts including transmission of speech using pulse-code modulation.
Two types of rotation ciphers, namely, Jefferson’s disk and Enigma
machine are shown in Figure 1.2(b) and 1.2(c). Jefferson’s disk was
also called as wheel cipher which had 26 wheels. Enigma machine played an
important role during Second World War. It is an encryption and decryption
machine used by Germans to communicate important military messages
secretly.
1.3 GENERAL CLASSIFICATION OF CRYPTOGRAPHY
TECHNIQUES
In general, cryptographic techniques are classified into three
categories, namely, substitution/transposition techniques, key based
techniques, and hash based techniques. Key based techniques are further
classified into symmetric key and asymmetric key encryption algorithms.
Classification of cryptography techniques is shown in Figure 1.3. Some of the
popular algorithms are explained in subsequent subsections.
13
Figure 1.3 Classification of Encryption Algorithms
1.3.1 Substitution Ciphers
The substitution cipher systematically replaces all characters in the
plaintext with other characters. The Caesar cipher was one of the primitive
schemes based on substitution technique. In this method,
each original letter is replaced with some other alphabet which is few
positions apart. One example for Caesar cipher is given below. Consider that
the message, “hello welcome how are you” is to be transmitted. The above
plain text may be transmitted as the following cipher-text “khoor zhofrh krz
duh brx” using the following mapping mechanism.
14
plain : a b c d e f g h i j k l m n o p q r s t u v w x y z
cipher: D E F G H I J K L M N O P Q R S T U V W X Y Z A B C
Later, shift-3 code which is similar to excess-3 code in Boolean
algebra was included in Caesar cipher for communication among generals in
military camps. Table 1.2 presents numerical equivalence of alphabets used in
Caesar cipher.
Table 1.2 Numerical Equivalence of Alphabets Used in Caesar Cipher
a b c d e f g h i j k l m
0 1 2 3 4 5 6 7 8 9 10 11 12
n o p q r s t u v w x y z
13 14 15 16 17 18 19 20 21 22 23 24 25
Each plain text ‘P’ in the message is substituted with a cipher-text
‘C’ using Table 1.2 by employing equation (1.1).
C = E(3, p) = (p + 3) mod 26 (1.1)
The shift may be of any amount ‘K’, which is between 1 to 25,
equation (1.1) can be generalized as
C = E(k, p) = (p + k) mod 26 (1.2)
Decryption is done using equation (1.3)
p = D(k, C) = (Ck) mod 26 (1.3)
Monoalphabetic cipher, Playfair Cipher, Hill Cipher,
Polyalphabetic Cipher and One-Time Pad are some of the popularly used
substitution ciphers.
15
1.3.2 Transposition Ciphers
Transposition cipher rearranges the order of letters in a message by
a constant position shift during encryption. The simplest transposition cipher
is the rail fence technique, in which the plaintext is written as a sequence of
diagonals and then read off as a sequence of rows. For example, the message
"WELCOME ALL" is encrypted as follows using rail fence encryption.
The above message is read as ‘WOLEC MALLE’ through the
normal eye. But the cryptanalyst will be able to decode the above message
correctly as “WELCOME ALL” using rail-fence technique.
1.3.3 Key Based Techniques
History of key based encryption starts from Second World War.
The revolution in computers and electronic communication during the last
century brought lot of opportunities for civilian research into cryptography.
IBM’s former chairman Tomas Watson set up a cryptography research group
during late 90’s in New York. The group was led by Horst Feistel. A private
key encryption system called ‘Lucifer’ was developed by the IBM
cryptography research group. Later, Lucifer was modified and adopted by
National Beauro of standards (NBS) and released as Data Encryption
Standard (DES) during 1977. As explained in previous sections 1.3.1 and
W.. O.. L W.. O.. L
.E .C . M . A . L. .E .C . M . A . L.
..L … E.. ..L … E..
16
1.3.2, for each character in the plaintext, substitution ciphers substitute
another character to generate the cipher-text. Whereas, transposition ciphers
change the position of each character in the plain-text to generate the cipher-
text. However, key based encryptions employ a specific key or password to
generate a cipher-text.
Key based encryption techniques are classified into (i) symmetric
key or secret key encryption and (ii) asymmetric key encryption which are
explained in subsections 1.3.3.1 and 1.3.3.2 respectively. Asymmetric key
encryption employs either a public key or a private key for encryption.
1.3.3.1 Symmetric-key Cryptography
In symmetric-key cryptography both receiver and sender will have
the same key which is used for encryption and decryption. The architecture of
symmetric-key encryption is shown in Figure 1.4. The plaintext is converted
into cipher-text based on a unique key and function.
Figure 1.4 Symmetric Key Encryption
17
The strength of symmetric-key cryptography lies in the non-
reversible function which uses the key to produce cipher text. The following
functions are used for encryption and decryption.
EK(P) = C (1.4)
DK(C) = P
(1.5)
In equation (1.4) and (1.5), EK and DK are encryption and decryption
functions, K is the key, P is the plaintext and C is the ciphertext.
A 64-bit key can give reasonable security but 128 or 256-bit keys
are required for mission critical applications. Increasing the key size improves
security and mitigates security threats such as brute-force, plaintext, chosen
plaintext and differential plaintext attacks. Symmetric-key methods are
further classified into block ciphers and stream ciphers. In block ciphers,
input data is encrypted as block by block, whereas, in stream ciphers, it is
encrypted as bit by bit. In block ciphers, message size will not be altered
whereas, in stream ciphers, it is altered.
1.3.3.2 Asymmetric-key Cryptography
Figure 1.5 shows a typical asymmetric key encryption process. As
the name indicates, two different functions and keys are used by the sender
and the receiver. The keys are: (i) public key which is kept visible and is
transmitted over network and (ii) private key which is kept secret between the
sender and the receiver. Encryption and decryption functions used in
asymmetric cryptography are given in equations (1.6) and (1.7) respectively.
18
Figure 1.5 Asymmetric Key Encryption
EK(P) =C (1.6)
DS(C) = P (1.7)
In equation (1.6), K is the public key which encrypts plaintext P to
generate cipher-text C. In equation (1.7), S is the private key. The private key
‘S’ can be used for encryption and the public key ‘K’ can be used for
decryption and vice versa. Asymmetric key algorithms are slower than
symmetric key algorithms and are prone to security threats. Authentication
using digital signature uses asymmetric key encryption. Table 1.3 lists all
possible key sizes used in symmetric and asymmetric key algorithms.
19
Table 1.3 Key Sizes of Symmetric Key and Asymmetric Key Encryption
Key Size in Symmetric
Key Encryption
Key Size in Asymmetric
Key Encryption
56-bit 384-bit
64-bit 512-bit
80-bit 768-bit
112-bit 1,792-bit
128-bit 2,304-bit
1.3.4 Hash Based Encryption
Cryptographic Hash Function takes a message of any length as
input and produces a fixed length string as output. It is also called as message
digest or a digital fingerprint. A secure hash function is one in which the
original message cannot be deciphered from the given hash (digest) value
other than brute-force technique. Examples of good hash functions are SHA-
512, SHA-256, SHA-160, MD5, RIPEMD and Tiger (Guang 2009), (Rivest
1992). Hashing takes binary or text data as input and creates a constant-length
hash representing a checksum. Different hashing algorithms produce different
sizes of hashes. The original message cannot be recreated using the hash
generated. One-way Unix-based password authentication is based on message
digest. The password is stored as a hash value in a table. During login, the
password is hashed and compared against the stored hash value of the
password. The password is accepted only if both the hashes match. Figure 1.6
shows a model for hash based encryption.
20
Figure 1.6 Hash Based Encryption
1.4 ENCRYPTION ALGORITHMS
Encryption algorithms are used for achieving security and
confidentiality during information sharing. As explained earlier in
Section 1.3, encryption is the process of converting message (plaintext) into
an incomprehensive format called cipher text. The cipher text cannot be easily
understood by an unauthorized user (Min 2002). Two main classifications of
video encryption algorithms are discussed in subsections 1.4.1 and 1.4.2.
1.4.1 Lightweight and Heavyweight Encryption Algorithms
Lightweight algorithms are faster when compared to heavyweight
algorithms as the former employ selective encryption technique (Guido 2003).
Low power devices, networks, designs and operating systems tend to use
lightweight encryption algorithm because of its less computational overhead
and memory utilization. Lightweight algorithms are increasingly used in a
variety of applications, such as wireless and power-constrained devices,
civilian, military and tracking applications, mobile phones, smart cards, and
electronic passports etc. Though, lightweight algorithms are developed for
energy-efficient systems initially, they gain importance because of their
21
widespread usage in pervasive/ubiquitous computing (Ali 2001), (Wang 2008).
On the other hand, heavyweight encryption algorithms provide better security
when compared to lightweight algorithms. Lightweight algorithms attempt to
make a balance between security, performance, and low overall cost in terms of
throughput, area, power consumption, and price in low-resource environments
(Axel 2007). The term lightweight does not necessarily mean weak
cryptographic designs, but it tries to make a better trade-off between the factors
mentioned above. Consequently, they are employed in hand held devices, low
power operating systems and low power wireless sensor networks. Lightweight
algorithms are typically hardware-oriented, and designed to be particularly
compact and efficient. Serpent, Blowfish, Pretty Good Privacy (PGP), Twofish
are few examples for lightweight encryption algorithms.
Heavyweight algorithms are not adopted for real time applications,
mobile devices and wireless networks due to high resource requirements such
as memory, power and computational overhead. Rivest-Shamir-Adelman
(RSA) algorithm and Advanced Encryption Standard (AES) are commonly
employed heavyweight encryption algorithms for video data encryption
(Guido 2003). General steps involved in heavyweight and light weight
encryption algorithms are shown in Figures 1.7 and 1.8.
Figure 1.7 Steps Involved in Heavyweight Encryption
22
Figure 1.8 Steps Involved in Lightweight Encryption
1.4.2 Independent and Joint Encryption Algorithms
Another classification of encryption algorithm is based on how
encryption and compression is done. There are two approaches. In the first
approach, both compression and encryption are done independently as two
different processes by employing suitable and appropriate compression and
encryption algorithms. This approach is called compression-independent
encryption technique and is shown in Figure 1.9. In this approach, only
selective portions of compressed video streams are encrypted and thereby
exploiting the characteristic of the compressed video streams (Fuwen 2005a).
As both compression and encryption are performed separately, this technique
involves high CPU and memory overhead. In the second approach, both
compression and encryption are integrated together as a single process. This
approach is called as joint compression and encryption technique. Two
strategies are followed in joint compression and encryption algorithm. The
first strategy employs encryption after compression, while, the second one
employs encryption before compression. Both strategies are illustrated in
Figure 1.10(a) and 1.10(b). As encryption is done after compression in the
first strategy, we get two-fold advantages, namely, reduction in data size and
execution time. The second strategy encrypts data without compression and
takes more time for encryption. However, both strategies provide two level
security and consume less time when compared to compression independent
encryption algorithms. Secure Motion Picture Experts Group (SECMPEG)
23
(Jurgen 1995), Video Encryption Algorithm (VEA) (Changgui 1998), Real-
time Video Encryption Algorithm (RVEA) (Changgui 1999), are few
examples for joint compression and encryption algorithms. Joint compression
and encryption algorithms are faster in encrypting video data when compared
to independent encryption algorithms.
Figure 1.9 Independent Encryption Technique
(a) Compression before Encryption
(b) Compression after Encryption
Figure 1.10 Joint Compression and Encryption Techniques
1.5 VIDEO ENCRYPTION
Video encryption is the process of converting a plain video into a
cipher video by using a key or hash function which makes it unreadable. The
reverse process of video encryption is called video decryption which converts
the unreadable cipher video into readable plain video using the key or hash
function which has been authenticated during encryption process.
24
1.5.1 Basics of Video Data
Video is a live stream which can be recorded, played or displayed
by information processing devices and real time data processing units, such as
computerized electronic devices (Gordon 2003). The video has been classified
into two categories: (i) linear and (ii) non-linear. The linear video is an active
content stream which has no navigation control. Cinema presentation is one of
the best examples for linear video. The non-linear video stream has user
interactive feature where it supports all controls during navigation. Computer
games, computer based learning and hypermedia are examples of non-linear
video. Video presentations are live streams or recorded file. A recorded video
application can interact with the user through its navigation system, whereas,
a live video stream can interact with the user directly without any interface.
Video is a sequence of frames and its speed can be measured by
using frame rate (Matthias 2008). Number of frame images per unit time is
called frame rate of the video. The frame rate of old mechanical camera
ranges from 6 or 8 frames per second and the frame rate of modern digital
cameras ranges from 120 to more frames per second. The Phase Alternating
Line (PAL) and Sequential Color with Memory (SECAM) standards specify
that frame rate of video camera should be 25 frames/sec and National
Television System Committee (NTSC) specifies 29.97 frame/sec. Film
presentation is one of the interactive video applications which has lower
frame rate of 24 frames/sec. To get the illusion from video frame, the
application should be projected with a minimum frame rate of 15 frames/sec.
25
Figure 1.11 Aspect Ratio of Traditional Television in RGB
Depending on the device, different dimensions are used for color
and gray scale video signals. Aspect Ratio (AR) is used to measure
dimensions of the video screen. It is the ratio of screen width and height.
Figure 1.11 shows the Aspect Ratio (AR) of traditional television. The aspect
ratio of a traditional television screen is 1:33:1 and High Definition (HD)
television is 1:78:1.
The color representation of a video is called its color model. There
are various types of color models used in video display system. In NTSC and
PAL standards YIQ color model which is similar to YUV color model is used
whereas in SECAM standard, YDbDr color model is used. Color
representation of UV color model is shown in Figure 1.12.
Figure 1.12 U-V Color Plane
26
1.5.2 RGB and YUV Representation of Video Signals
In general, the Red, Green, Blue (RGB) color system is used in
representation of color images and video (Iain 2003). Appropriate
contribution of RGB can generate any desired color. In general, a color is
represented using luminance and chrominance. Let Y be the luminance which
represents the brightness of the color. Luminance can be calculated by using
the weighted sum of three colors R, G and B. Color difference of these color
models Cr, Cg and Cb can be calculated by subtracting the luminance from
each primary component using the following expressions:
Cr = Wr* (R - Y)
(1.8)
Cg=Wg* (G - Y) (1.9)
Cb = Wb* (B - Y) (1.10)
where, Wr, Wg and Wb are weights of R, G and B.
Among these three color differences Cr, and Cg are linearly
independent. The color difference Cb can be expressed as a linear
combination of the two linearly independent signals R and G. Luminance Y
and any of the two color differences are used to represent a color. Some of the
popular standards such as NTSC, PAL and SECAM use three components,
luminance Y, blue color difference U and red color difference V to represent a
color (Iain 2003). This is called YUV color system. The RGB color signal can
be converted into YUV model by using the following expressions:
Y = (0.257 * R) + (0.504 * G) + (0.098 * B) +16 (1.11)
27
U = (0.439 * R) + (0.368 * G) – (0.071 * B) +128 (1.12)
V = -(0.148 * R) - (0.291 * G) + (0.439 * B) +128 (1.13)
Human Visual System (HVS) is less sensitive to chrominance than
brightness. This is because chrominance signals are represented by lower
resolution than luminance. Therefore, YUV is preferred over RGB in some
standards. Video data processing quality is very important parameter and is
used to measure signal strength of video signal. Subjective video quality (Ke
1997), (Kotevski 2010), (Maria 2012) (Andrew 1999) for video processing
system is evaluated as follows:
a) Select all video sequences for testing
b) Define a system for evaluation
c) Define a method for presenting video sequences to experts
d) Invite enough number of experts
e) Do testing on video
f) Collect expert’s ratings
g) Calculate average points for each testing based on experts
rating
1.5.3 Challenges in Video Encryption
Internet users have been experiencing viruses, trojans, hacking and
data espionage. The greatest risk for internet users lies in infection of
computers with malware and spyware. The economic losses incurred due to
officially recorded Internet crimes in Germany amounted to approximately
61.5 million euro dollars in 2010.
28
With the increasing trend in digital communication and multimedia
commerce applications, it is important to provide security to audio, video and
other information involved in transmission. In addition, the need for video has
been growing rapidly in areas such as education, communication, publishing
and entertainment in recent years. Combining digital video, database and
communication network technologies enhance the ability of delivering video
along with text, images and audio through networks. Applications such as
digital libraries, video databases, video-telephony/conferencing, and Video-
on-Demand (VoD) are already in use. However, improvement is required in
terms of storing huge amount of video data at relatively low cost, efficient
organization of video data, retrieving, delivering, and presenting the requested
data for easy access for the above mentioned services. One of the major
challenges in deploying digital video is the huge volume of uncompressed
video which may overwhelm the available communication channels and
storage systems.
Two important factors for video data encryption are file size and
speed of execution. A video of three hours movie takes nearly 1 GB size. Real
time applications such as video conferencing and video telephony require
more memory while in operation. It consumes more time to process such
large amount of data for storing or transferring through a network. This is due
to the large size of video files when compared to text files. Therefore, video
data need to be compressed before transmitting or sharing through the
network.
Video is the primary commodity in the world of E-Commerce. As
technology advances and access to markets expand, the need to protect video
29
data, to ensure confidentiality, integrity, and availability for making critical
personal, business, or government decisions became more important. Without
protection of video data, success of an E-Commerce marketplace may be
short-lived. Video security plays a major role in providing threat free
communication. Implementing weak video security mechanisms can result in
the loss of trust, reputation, and money for consumers, businesses, and
governments. The sharp increase in the number of fraud, extortion, and
identity theft crimes is the primary result of weak video security mechanisms.
The cost of implementing basic mechanisms to protect video data is generally
much less expensive than a security breach. Weak video security mechanisms
can generally be attributed to the lack of understanding and acknowledgment
of potential threats to information.
1.6 VIDEO COMPRESSION
With the growth of social and professional networks such as
Facebook, YouTube and LinkedIn etc, large volumes of video files are shared
and transferred across the globe. However, video downloads experience
significantly slow transfer rate. Use of compression techniques before
transferring or sharing large video files will reduce transfer time and further
reduce the cost of communication (Guoping 2004).
Compression is done to minimize the number of bits required to
represent data in memory. The simplest form of data compression is sampling
of band-limited images. In this method, an infinite number of pixels per unit
area is reduced to one sample without any loss of information. Data
30
compression is applied primarily during storage of information and
transmission. Video transmission methods are used in applications such as
remote sensing via satellite, broadcast television, military communications via
aircraft, sonar, radar and teleconferencing. Data compression aids in
development of faster algorithms as number of operations is significantly
reduced for compressed data (Anil 1989).
Usually, television video still image has spatial resolution of
approximately 512 x 512 pixels per frame. Assuming 8-bit per pixel for color
channel and 30 frames in a second, this will translate into a rate of 180 x 106
bits/sec. Depending on the application, digital video still image data rate vary
from 105-bit per frame to 108-bit per frame. Large-channel capacity and
memory requirements for digital video storage and transmission have made it
necessary to employ compression methods.
Converting an analog video signal into a digital signal will result in
increased bandwidth requirement for transmission. Consider a 4 MHz
television signal sampled at Nyquist rate with 8-bit per sample. It would
require a bandwidth of 32 MHz when transmitted using a digital modulation
scheme such as Phase Shift Keying (PSK). It requires 1 Hz for every 2-bit.
Digitized representation has more advantages over its analog counter part in
terms of processing flexibility, random access in storage and higher signal to
noise ratio for transmission with the possibility of errorless communication
etc. These advantages come with a price tag of eightfold increase in
bandwidth. Data compression techniques are employed to reduce the
bandwidth of digital video signal (Anil 1989).
31
Table 1.4 History of International Video Compression Standards
Year Standard Publisher Popular Implementations
1988 H.261 ITU-TVideoconferencing, Video Telephony
1993 MPEG-1 Part 2 ISO, IEC Video-CD
1995H.262/MPEG-2
Part 2ISO, IEC, ITU-
TDVD, Digital Video Broadcasting, SVCD
1996 H.263 ITU-TVideoconferencing, Video Telephony, Video on Mobile Phones (3G Phone)
1999 MPEG-4 Part 2 ISO, IEC Video on Demand
2002H.264/MPEG-4
AVCISO, IEC, ITU-
T
Digital Video Broadcasting, iPod Video, Apple TV, HD DVD
2008 VC-2 (Dirac) ISO, BBCVideo on Demand, HDTV broadcast, UHDTV
Data compression methods fall into two categories: (i) predictive
coding and (ii) transform coding. Predictive coding exploits the redundancy in
the data. As the name indicates, transform coding, transforms the input video
frame into different arrays and packs them into a number of small samples.
Other compression algorithms are either generalizations or combinations of
predictive coding and transform coding. It is likely that video compression
results in some distortion of data because of analog to digital conversion and
omission of some insignificant information. However, efficient video
compression techniques try to reduce distortion. The timeline of video
compression techniques and standards are tabulated in Table 1.4.
32
1.6.1 Lossy and Lossless Video Compression
Basically, compression packs the input information into a smaller
space. Without compression, video data require huge memory space. Hence
video must be compressed before it is encrypted, transmitted, stored or put up
on the web. Compression techniques are classified into (i) lossy compression
and (ii) lossless compression based on the quality of the output generated
(Alexandre 2003). In lossy compression, files are reduced to 15% - 30% of
their original size. As significant portion of data is lost, quality of output after
decompression may not be the same in lossy compression. MPEG-2 is a lossy
compression technique used in Digital Versatile Disk’s (DVDs). It reduces
files at least fifteen times smaller, but the end user perceives DVDs as having
high-quality video (Fernando 2011), (Nam 2010). In Lossless compression,
there is no significant difference in file sizes before and after compression. It
is mainly used for text and data files where high accuracy is required such as
bank records, employee details and text articles.
1.7 SUMMARY OF RESEARCH CONTRIBUTIONS
With the advent of ubiquitous computing, information sharing
among heterogeneous devices and groups demands high security with low
resource requirements. This in turn necessitates highly efficient and effective
encryption algorithms to share information without the fear of being
eavesdropped. Lightweight encryption algorithms are preferred among low
power devices, whereas, heavyweight algorithms are preferred when security
is the top priority irrespective of high resource requirements. This thesis
proposes three efficient video encryption algorithms which are briefly
described in the following subsections.
33
1.7.1 Fast Random Bit Encryption (FRBE) Technique
Fast Random Bit Encryption (FRBE) compresses the input video
data using GZIP and then encrypts the compressed video by employing
various strategies that give multilevel security to video data that is being
shared. FRBE is a lossless, lightweight, joint compression and encryption
technique. The computing overhead and memory utilization using the
proposed method, FRBE, is less than that of the existing algorithms such as
Advanced Encryption Standard (AES), RSA, Pretty Good Privacy (PGP)
and Tiny Encryption Algorithm (TEA) (Guido 2003), (Yongcheng 1996),
(David 1994).
1.7.2 Puzzle Fast Random Bit Encryption (PFRBE) Technique
Puzzle Fast Random Bit Encryption (PFRBE) is the enhanced
version of FRBE. It uses Entropy Coding (EC), Puzzle Transform (PT) and
Randomized Arithmetic Coding (RAC) for compression. Then, Fast Random
Bit Encryption (FRBE) is employed for encryption. This is a lossless, joint
compression and encryption technique. PFRBE takes less time for encryption,
because the input video is compressed at multiple levels. It is observed that
PFRBE gives better results in terms of compression efficiency and memory
utilization when compared to existing algorithms such as SECMPEG, VEA,
RVEA, ZigZag (Jurgen 1995), (Changgui 1998a), (Changgui 1999), (Lei
1996).
1.7.3 Enhanced Randomized Arithmetic Coding (ERAC)
Enhanced Randomized Arithmetic Coding (ERAC) incorporates
interval splitting Randomized Arithmetic Coding (RAC) (Grangetto 2004)
with a simple bit–wise XOR operation and randomly generated keys for
34
encryption. In this work, randomization is coupled with an XOR operation to
further scramble the video in order to achieve high degree of security. This
technique does not compromise on coding efficiency and mitigates most of
the cryptanalytic attacks such as cipher-only, chosen-plaintext and the chosen-
cipher text attacks. This thesis also presents the comparative analysis based on
compression and encryption efficiency by employing the above mentioned
algorithms.
1.8 ORGANIZATION OF THE THESIS
Rest of the thesis is organized as follows: the literature review is
presented in Chapter 2. Details of Fast Random Bit Encryption (FRBE), one
of the proposed lightweight encryption techniques are discussed in Chapter 3.
Chapter 4 presents the methodology used in implementing another video
encryption algorithm called Puzzle Fast Random Bit Encryption (PFRBE).
PFRBE is the enhanced version of FRBE. An improved and efficient
lightweight encryption technique based on arithmetic coding, called Enhanced
Randomized Arithmetic Coding (ERAC), is explained in Chapter 5.
Comparative analysis of the above mentioned techniques are summarized in
Chapter 6. Chapter 7 concludes the thesis with the directions for future work.