In most digital video security architecture, video encryption plays a key role in ensuring the confidentiality of the video transfer. However, conventional, general-purpose encryption algorithms (such as AES) are not suitable for video encryption in many digital video applications, mainly since these algorithms do not conform to various video application requirements that will be treated momentarily. In order to overcome this problem, a significant number of video encryption algorithms specifically designed for digital videos have been proposed.
In general, applying a well-established, general-purpose, symmetric-key encryption algorithm to a video sequence is a good idea from a security point of view. However, there are applications with requirements that are not supported with conventional encryption methods. Thus, the encryption algorithms specifically designed to support these requirements are desirable. These aspects include the following: (1) level of security and perception, (2) minimum bitrate, (3) formal-compliance, (4) degree of bitstream expansion, and (5) error-tolerance.
To identify an optimal level of security, one can compare the cost of the multimedia information to be protected versus the cost of the protection itself. If the digital video to be protected is not that valuable in the first place, it is sufficient to choose a relatively light level of encryption. On the other hand, if the media content is highly valuable or represents industrial, governmental or military secrets, the cryptographic security level must be of the highest degree. Light-weight encryption often called “degradation”, may be sufficient for distributing the multimedia content of low value. Degradation usually intentionally preserves some perceptional information, but the visual quality is likely unacceptable for entertainment purposes. This type of encryption is referred to as “perceptual encryption”. If the video contains sensitive industrial, governmental or military information, then the cryptographic strength must be substantial and no perceptual information should be preserved after encryption.
“Minimum bitrate” measures the minimal amount of data that must be received, decrypted and decoded per unit of time by the receiver in order to maintain a real time video playback. This is a function of available transmission bandwidth, the decoding time, and the decryption time. Thus, in many real-time video applications, it is imperative that the speed of decryption algorithm is fast enough to ensure the minimum bitrate needed for the normal video playback.
Additionally, in many applications it is desired that the encryption algorithm preserves the video compression format. In other words, after encrypting the encoded video, it is necessary that ordinary decoders can still decode it without crashing. This can be an important aspect in digital video broadcasting applications where an encrypted video is broadcast to all system users. This property of an encryption algorithm is often called “format-compliance” (also sometimes called “transparency”, “transcodability” or “syntax-awareness”). When feeding the decoder with the format-compliant encrypted data, the produced output can seem distorted and randomized. If the encryption algorithm was lightweight (e.g. degradation), the output often gives out some perceptual hints about the original content. However, if the encryption level was substantial, the output usually gives no perceptual information about the original multimedia.
In many instances, it is also required that the encryption transformation preserves the size of a bitstream. This is known as the constant bitrate requirement. However, more often than not, it is simply preferred that the output produced by an encryption-equipped encoder and the output produced by an ordinary encoder have similar sizes. That is, the encryption stage is allowed to slightly increase the size of a bitstream. This is sometimes called a near constant bitrate. A near-constant bitrate is likely to occur when a block cipher is used for encryption, since in that case the encrypted output is always a multiple of the blocksize.
For many multimedia systems “error-tolerance”, or “error-resilience”, is of high importance. Since the real-time transport of multimedia data often occurs in noisy environments, which is especially true in the case of wireless channels, the delivered media is prone to bit errors. If a cipher possesses a strong avalanche property, the decryption will likely fail even if a single bit is flipped. The error-tolerance can be improved by applying some of the classical error-detecting or error-correcting codes. Unfortunately, these techniques are in many instances extremely costly to apply to an already bulky multimedia bitstream. Advanced video coding systems (such as H.264) have their own error correcting mechanisms. A video encryption algorithm that preserves these mechanisms is therefore favorable for video systems with noisy channels.
For the most part, modern cryptography is designed for a generic bitstream, and as such, it disregards the aforementioned properties of a digital video and the requirements of a typical digital video application. The following presents an overview of some of the video encryption algorithms that have been proposed, mainly to overcome application-related problems.
As the communication bandwidth and computing power of business and personal computers increased, video proliferated and demand for video encryption greatly increased. In general, there are two basic research initiatives regarding the encryption of digital videos: Selective encryption approaches and full encryption approaches. While full encryption approaches are designed to encrypt the entire video bitstream (raw or compressed), selective encryption approaches perform encryption only on certain, carefully selected parts of the video bitstream. Some selective encryption approaches have been broken as ways were found to exploit the information from unencrypted bits. Also, there has been difficulty in evaluating the security of selective encryption techniques.
Full encryption approaches essentially encrypt the entire multimedia data. Full approach is not to be confused with the so-called naïve approach, which is itself in a category of full encryption approaches. Naive approach often refers to a video encryption method that uses a conventional, general-purpose modern cryptosystem to encrypt the entire video bitstream. A “conventional cryptosystem” refers to a modern symmetric-key cryptosystem that is either one of the encryption standards (DES or AES), or a well-established general-purpose cryptosystem that was designed and evaluated by the reputable cryptographic experts, companies, or agencies. Full approaches that are not considered naïve are mostly systems that are specifically designed to encrypt a specific multimedia type of data. Those approaches take into consideration the performance and security aspects needed for an effective multimedia encryption. However, even though the full encryption approaches can in general be more properly evaluated for security, these methods may not be application-friendly when applied after compression. Encrypting the entire bitstream before compression would be more application-friendly since the compressed bitstream would then comply with the application requirements such as format-compliance or error-resilience. In addition this type of encryption does not require modification of encoder or decoder, which is a great benefit to systems with pre-installed hardware codecs. Unfortunately, performing traditional encryption procedure before compression tends to destroy the spatial and temporal redundancies present in the raw video data, which would make the subsequent video compression algorithm very inefficient.
One of the full video encryption approaches involved the use of fast 1-D, 2-D, or 3-D chaotic maps to achieve encryption. Chaos-based methods are considered promising due to their fast performance. In addition, these methods have good local and global confusion and diffusion, which is a desired property in the domain of digital video encryption. Although many chaotic encryption approaches were shown to be insecure, there are chaotic encryption algorithms that, to date, remain unbroken. Chaotic methods can be designed both as full and selective encryption approaches. Unfortunately, the application-related problems with full chaotic encryption algorithms are the same as that of the standard naïve approaches. For further description of chaos-based methods and other existing techniques, reference can be made to the background portion of D. Socek, H. Kalva, S. Magliveras, O. Marques, D. Culibrk, abd B. Furht, “A Permutation-Based Correlation Preserving Encryption Method for Digital Video,” Proceedings of the International Conference on Image Analysis and Recognition ICIAR 2006, Povoa De Varzim, Portugal, September 2006, and also to references cited therein.
It is among the objects of the present invention to provide a technique that can be used for compressing and/or encrypting image sequences, while reducing or eliminating drawbacks of prior art techniques.