Multimedia Encryption Sistem Multimedia 1 Multimedia Encryption Special

  • Slides: 31
Download presentation
Multimedia Encryption Sistem Multimedia 1

Multimedia Encryption Sistem Multimedia 1

Multimedia Encryption Special application of general encryption to multimedia such that the content cannot

Multimedia Encryption Special application of general encryption to multimedia such that the content cannot be rendered intelligibly or to an acceptable perceptual quality. p Have a number of unique requirements and desirable features that a general cryptosystem lacks. p Different applications may have a different list of requirements and a different order of priorities. p n Trade-off may be necessary 2

Applications Confidential videoconferences p Confidential facsimile transmissions p Medical image transmission and storage p

Applications Confidential videoconferences p Confidential facsimile transmissions p Medical image transmission and storage p Streaming media p DVD content protection p Pay-TV p Digital transmission through IEEE 1394 interface p 3

Characteristics of Multimedia Applications p p p p p Characteristics High data rate Power

Characteristics of Multimedia Applications p p p p p Characteristics High data rate Power hungry Real-time constraint Continuous Synchronous Loss-tolerant Prioritized components Different values of content n p Different security requirements Different distribution channels n DVD, Satellite TV, Internet, wireless 4

Box Office Revenues vs. Time 5

Box Office Revenues vs. Time 5

Major Requirements and Desirable Features p Complexity is an important consideration n p Content

Major Requirements and Desirable Features p Complexity is an important consideration n p Content leakage (or perceptibility) n p Due to change of compression parameters/procedure, change of data statistics, additional header etc. Error resilience. n p Content degradation vs. secrecy Compression efficiency overhead n p Real-time applications, low-power device Error confinement in lossynetwork, synchronization Adaptability and scalability n Dynamic bandwidth/resources, Encryption be transparent to an adaptation process 6

Major Requirements and Desirable Features(cont. ) p Multi-level Encryption n n p Syntax compliance

Major Requirements and Desirable Features(cont. ) p Multi-level Encryption n n p Syntax compliance n p Transparent , “backward”compatibility, inherit other nice properties of compression standards. Content agnostic n n p Enable multiple accesses: resolution, quality, size, frame rate “what you see is what you pay “ Encryption does not depend on content types or the specific coding technology E. g. , Windows Media Rights Manager , OMA’s. DRM Random access, transparency, scene change detection without decryption 7

Encryption and Compression 8

Encryption and Compression 8

Security Break of Multimedia Encryption p Complete break n p Perceptual break n p

Security Break of Multimedia Encryption p Complete break n p Perceptual break n p Render acceptable perceptual quality or recover certain content information without a key Local break n p Recover full plain bitstreamby finding the key etc, Deduce a local plain bitstream/content information Information deduction n Gain certain information, less severe break 9

Attacks on Multimedia Encryption Traditional attacks p Additional attacks that exploit the unique features

Attacks on Multimedia Encryption Traditional attacks p Additional attacks that exploit the unique features of multimedia data p n Statistical attack p Exploit correlation between different portions of multimedia data § Especially for selective encryption p n Compression makes the attack difficult, fortunately Error-concealment based attack Perceptual redundancy exists in compressed media p Perceptual break is possible, i. e. conceal encrypted data p 10

Multimedia Encryption Approaches p Conventional/Naïve approach n Encrypt a compressed codestreamas a whole Full

Multimedia Encryption Approaches p Conventional/Naïve approach n Encrypt a compressed codestreamas a whole Full Encryption p Selective Encryption p Joint Compression and Encryption p Syntax-Compliant Encryption p Scalable Encryption and Multi-Access Encryption p 11

Conventional Approaches p Directly distort visual data in spatial domain n n p Difficult

Conventional Approaches p Directly distort visual data in spatial domain n n p Difficult to compress, potentially high complexity Vulnerable to correlation attacks Encrypt compressed data using DES etc. n Significant processing overhead p n n Plain text attack using known syntax Not secure for adaptation at intermediate nodes p n Difficulty in some real-time application with low-power device require key to decompress/decrypt/re-code/re-encrypt Little transparency 12

Fast Encryption p Encrypt half of the compressed bitstream( Qiao& Nahrstedt’ 97 ) n

Fast Encryption p Encrypt half of the compressed bitstream( Qiao& Nahrstedt’ 97 ) n p Using XOR + DES Encrypt (A, B) as (DES(A), (A XOR B) ) n Secure, speedup by a factor of two 13

Full Encryption p Approach n n p Strength n n n p Partition and

Full Encryption p Approach n n p Strength n n n p Partition and packetizecompressed bitstreaminto structured data packets with header and data field Apply encryption to the data field and leave headers unencrypted Decryption info inserted into headers Usually works with a multimedia format that supports encryption, e. g. , Microsoft’s ASF Allow parsing and extracting basic info without decryption Highest security, small overhead for decryption info Content agnostic Limitation: complexity, limited flexibility 14

Selective Encryption p Only I-frame/blocks encrypted (Maples & Spanos’ 95, Meyer & Gadegast’ 95

Selective Encryption p Only I-frame/blocks encrypted (Maples & Spanos’ 95, Meyer & Gadegast’ 95 ) n n n p p Reduce processing overhead/delay Not sufficient security Plain text attack using known syntax Not very secure for trans-coding Little transparency Sign bits, MVs(Shi & Bhargava’ 98, Zeng & Lei’ 99, Wen et al’ 01) Privacy/security low due to information leakage n Useful for apps focusing on introducing quality degradation 15

Joint Scrambling and Compression p Shuffle DCT coefficients within 8 x 8 block (Tang

Joint Scrambling and Compression p Shuffle DCT coefficients within 8 x 8 block (Tang 96) n Randomize 8 x 8 DCT coefficient scan order p n Some level of security p n p Simple Local scrambling -> spatial energy distribution unchanged > less effective scrambling Significantly reduce compression efficiency (up to 50%) –destroy run-length statistics Shuffle lines of wavelet coefficients ( Macq& Quisquater’ 94 ) n n Change 2 -D statistical property, Reduce compression efficiency 16

Joint Scrambling and Compression p p Selective scrambling in transform domain, prior to compression

Joint Scrambling and Compression p p Selective scrambling in transform domain, prior to compression (Zeng & Lei’ 99) Advantages n n n Simple and efficient. Provides different levels of security, Allows more flexible selective encryption p n n easier for locating what data to be selected Limited adverse impact on compression efficiency, Allow transparency Allow trans-coding without decryption Allow other useful features without decryption 17

Overview 18

Overview 18

Wavelet Based Systems A 3 -level subbanddecomposition • Allow some level of transparency •

Wavelet Based Systems A 3 -level subbanddecomposition • Allow some level of transparency • e. g, free access to low resolution • require key for high definition TV 19

Wavelet Based Systems p Goal: n p Scrambling/shuffling that does not destroy statistical properties

Wavelet Based Systems p Goal: n p Scrambling/shuffling that does not destroy statistical properties of each subband Selective bit scrambling n Sign encryption p p sign bits: “uncompressible”, but critical to image quality Block shuffling n n Divide each subandinto kblocks Shuffle the blocks within a subband p n retain local 2 -D statistics Different shuffling tables for different subbands 20

Wavelet Based Systems p Block rotation n n Rotate each block Special case of

Wavelet Based Systems p Block rotation n n Rotate each block Special case of shuffling coefficients within block 21

Security Analysis p Sign encryption n p Block shuffling n n p kblocks, nzero

Security Analysis p Sign encryption n p Block shuffling n n p kblocks, nzero blocks # of different permutation: k!/n! example: k=64, n=48 ----> K!/n!=1028 each permutation requires an inverse wavelet transform Block rotation (+shuffling) n p M: # of non zero coefficients 2 Mtrials (including inverse transform) for complete recovery example: M=256 ------> 1075 trials # of configuration: (8*k)!/(8*n)! >>K!/n! Other attacks? Your exercises! 22

Wavelet-based System 23

Wavelet-based System 23

Wavelet-based System PSNR Table 1: Impact of different scrambling techniques on compression efficiency. Image

Wavelet-based System PSNR Table 1: Impact of different scrambling techniques on compression efficiency. Image sizes are 512 x 512, 5 -level decomposition, 64 blocks 24 each band.

DCT Based Systems p p JPEG/MPEG/H. 26 x Video compression n GOP (I BBPBBP…)

DCT Based Systems p p JPEG/MPEG/H. 26 x Video compression n GOP (I BBPBBP…) p p n block: 8 x 8, for DCT coding, p n zigzagordering of DCT coefficients Macroblock(MB): 4 lum. blocks + 2 chrom Blocks p p n I: intra-frame P, Bpredictive-coded frames unit for motion compensation intra-coded vs. predictive coded Slice: a horizontal strip of MBs 25

DCT Based Systems p DCT coefficient scrambling n n Sign encryption Coefficient shuffling within

DCT Based Systems p DCT coefficient scrambling n n Sign encryption Coefficient shuffling within each slice p p Motion vector scrambling for P, B frames n n n p shuffle coefficients of sameband little impact on compression efficiency each band has a different shuffling tables Sign flipping MV shuffling within each slice Important for distorting motion information Dynamic-keys for more secure video transmission 26

I-Frames of DCT-based System 27

I-Frames of DCT-based System 27

I-Frames of DCT-based System Table 2: Impact of different scrambling techniques on compression efficiency

I-Frames of DCT-based System Table 2: Impact of different scrambling techniques on compression efficiency for one I frame of “carphone”sequence. 28

DCT-based System (Sequence) Table 3: Impact of different scrambling techniques on compression efficiency for

DCT-based System (Sequence) Table 3: Impact of different scrambling techniques on compression efficiency for 41 (one I frame followed by 40 P frames) frames of “carphone”sequence 29

Video Demo 30

Video Demo 30

References p p p T. Maples and G. Spanos, “Performance study of a selective

References p p p T. Maples and G. Spanos, “Performance study of a selective encryption scheme for the security of networked, real-time video, " Proc. 4 th Inter. Conf. Computer Communications and Networks, Las Vegas, Nevada, Sept. 1995. J. Meyer and F. Gadegast, “Security mechanisms for multimedia data with the example MPEG-1 video, ”http: //www. cs. tuberlin. de/phade/secmpeg. html, 1995. C. Shi and B. Bhargava, “A fast MPEG video encryption algorithm, ”Proc. ACM Multimedia, pp. 81 -88, 1998. L. Tang, “Methods for encrypting and decrypting MPEG video data efficiently, ”Proc. ACM Multimedia, 1996. W. Zeng and S. Lei, “Efficient frequency domain selective scrambling of digital video”, IEEE Tran. Multimedia, vol. 5, no. 1, pp. 118 -129, March 2003. A preliminary version also in Proc. ACM Multimedia, Nov. 1999. Bin Zhu, “Multimedia encryption, “book chapter in Zeng, Yu, and Lin (Eds), Multimedia Security Technologies for Digital Rights Management, ISBN: 012 -369476 -0, Elsevier, July 2006. 31