Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
___________________________________
978-1-4244-6943-7/10/$26.00 2010 IEEE
information protected framework and explain how to
achieve real-time and security property. Section ] will
introduce a RSA based group key technique which is the
basis of broadcast encryption in section ]. In section |, we
will empirically show the performance of the proposed
scheme. Finally, it will draw a conclusion in section `.
II. THE PROPOSED VISUAL CONTENT ENCRYPTION
FRAMEWORK
For a typical video conference system, it usually
composes of one main node and multiple sub nodes, in
which each sub node captures the local visual information
and compresses it in an efficient compression format like
H.264, and then transmits it to main node. The main node
usually deploys a Multi-point Control Unit (MCU) which
integrates and compresses visual information captured from
all nodes, and then distributed to all nodes. In practice,
according to the direction of visual information stream, the
visual information between main node and all sub nodes can
be classified into two categories: downstream and upstream.
Currently, due to the fact that visual information get
involved in commercial or military secrets in most cases, it
is required to encrypt the video stream prior to transmission.
In the existing video conference system, the upstream and
downstream are encrypted using the unified way in which it
needs to prepares the distinguished encryption data for each
destination node. Under such an encryption mode, the main
node needs to prepare multiple encryption shares for all sub
nodes while the visual content of downstream is identical to
all sub nodes. It is evident that such encryption mode for
downstream is quite wasteful. Though most of video
conference systems can be operated under high-bandwidth
digital network environment such as Integrated Services
Digital Network (ISDN), the bandwidth is still rare resource
especially in the case of demand on high resolution.
As summarized in section 1, , existing video encryption
just consider the security of video content. Though they have
made a significant progress in time cost and security.
However, for a practical video conference system, the
security of a video conference should be comprehensively
considered. That is, besides the security for visual
information, security of system should be also taken into
account simultaneously. This means the encryption
algorithm for video stream must be sophisticatedly
integrated with the identity authentication and encryption for
keys. Based on above considerations, we propose a novel
visual information encryption algorithm in which the
efficient XOR operation,viewed as one kind of complete
encryption,is used to encrypt video stream offering lower
computation over current complete encryption like AES or
3DS. In addition, it adopts the hierarchical encryption
strategy to ensure the security of keys and session by
hierarchically encrypting the keys and providing a RSA-
based identity authentication. At the same time, to further
reduce the overhead of transmission bandwidth,it encrypts
and transmits the downstream in broadcast way. Though it is
very similar to the existing broadcast encryption such as
CAS for digital TV but substantially different from each
other. The detail process is as follows. Firstly, we will
introduce how to implement identity authentication and
encrypt for downstream. For each node such as main or sub
node, it will be assigned a RSA-based key pair,
1
,
M M
K K
< >
or
1
,
i i
S S
K K
= ,i.e.
1
( ( ))
S
i
RSA RSA
GPK
K
m Decrypt Encrypt m
= .As to
why GPK has this property, it will be illustrated in detail in
section ] . Now, it will firstly present downstream
encryption algorithm. As illustrated in Fig.1.
Figure 1. Identity authentication and downstream encryption
As illustrated in Fig.1, similar to broadcast encryption,
it adopts the hierarchical way to encrypt the downstream and
the detail processes of main node are as follows:
(1)Authenticate the sub node based on the digital
certificate from sub node and generate a GPK using the
public keys of all valid sub nodes;
(2)To ensure efficiency and security, firstly
downstream is partitioned into two uneven parts (i.e., larger
size one and smaller size one) and the larger-size one is
scrambled using efficient XOR operation with control word
CW . The smaller-size one is used to carry encrypted
message ( )
SK
Encrypt CW in watermarking way,
where ( ) Encrypt is a symmetric encryption algorithm such
as AES or 3DES, SK is a session key. To avoid using
additional message package to transmit the encrypted
message of CW so as to save bandwidth, a bit domain
watermarking algorithm is selected from literature[8] to hide
the encrypted message into smaller-size part of downstream.
Due to the encryption and watermarking operations both
= ;
For each valid sub node, it will adopt a series of inverse
operation relative to main node towards encrypted keys,as
well as scrambled and watermarked downstream and then
can successfully obtain decrypted downstream. With respect
to upstream, its encryption and decryption algorithm is
analogous to that of downstream just by replacing GPK ,
1
, 1,...,
i
S
K i N
= with
1
,
M M
K K
respectively.
Based on above illustrations, in comparison with the
existing video conference, one can find out this downstream
encryption algorithm can save approximatetimes bandwidth.
In addition, it offers good security due to adopting
hierarchical encryption structure whose security is
guaranteed by appropriately setting the size and update
periodic of related keys such as , CW SK . Although the size
of message of encrypted session key SK is a little bit large,
it will not seriously affect the performance because the
update frequency of session key is quite low.
III. RSA-BASED GROUP PUBLIC KEY ALGORITHM
In section ], it has been told that each node will be
allocated a key pair
1
, , 1,...,
i i
K K i N
( ) = ,where
1
,
i i
K K
are
public and private key respectively and N is the number of
node or key pair. In addition, one can generate a group
public key GPK based on the set of all public keys
, 1,...,
i
K i N = so that the message encrypted with GPK
can be decrypted by any private key
1
i
K
,i.e., GPK is a
common public key relative to any private key. As to why
this kind of key pair has this characteritic, please look at the
generation principal of such a kind key pair and related
proof later. The key pairs is yielded as follows. First,
generate N pairs of prime number ,
i i
p q ( ) ,next compute
i i i
N p q = as well as ( ) ( 1) ( 1)
i i i
N p q u = , and then
find a positive integer e such that e is prime to
any ( )
i
N u (i.e., ( , ( )) 1
i
gcd e N u = ),finally
evaluate
i
d satisfying 1mod ( )
i i
ed N = u and can get public
key ,
i i
K e N = ( ) and private key
1
,
i i i
K d N
= ( ) .
And then we will introduce how to generate GPK and its
property. From main node side, one can derive a set
S ,which is composed of
i
N extracted from public key
of valid node. The generation of GPK will only consider
the all valid node passed the authentication and
,
j r
j
N S
GPK e N
e
=< >
[
.Let m denote the message expected
for encryption with GPK and the encrypted message is
e
=
[
) mod )
_
kS^
0ll _
\ S
lu)t m m \ .Using any prviate key
1
,
j j j
K d N
e . =
=
[ !
)) mod )) mod
`
_
d kS^ kS^
0ll _ t _
l
t S t _
D)t l)t m m \ \ \
u +
= = =
) !
mod mod
_ _
d x \
_ _
m \ m \ m
Its expanded formulations is .
( ) 1
( mod ) mod
( mod( ) mod ) mod
( mod ) mod
mod
mod
j
x
j
x
j
j
j
d e
t j
t s
d e
j t j j
t s t j
d e
j j
ed
j
x N
j
m N N
m N N N N
m N N
m N
m N
m
e
e . =
u +
=
=
=
=
=
[
[
Where
( mod( ) mod
mod mod( )
x
x
e
j t j
t s t j
e
j j t
t s t j
m N N N
m N N N
e . =
e . =
=
[
[
.
From above derivation, it can be seen that GPK is
indeed a common public key to all valid sub nodes and with
the help of GPK , main node can prepare just one share of
encrypted message for all sub nodes thus saving large
amount of bandwidth. Meanwhile,we can conduct identity
authentication based on PKI, which is the security basis in
state-of-the-arts digital rights management system and
electronic commercial business, and is very popular.
IV. EXPERIMENTAL RESULTS AND ANALYSISES
For video conference,one usually concerns about the
complexity and security. To verify the such two property of
the proposed scheme, we choose three typical video
sequences (352`288) for test: akiyo, flower and football,
which have low, middle and high motion complexity
respectively and contain luminance and chrominance data.
Our program was run on a PC with a Intel(R)-Core(TM)2
2.26GHz CPU under Windows XP Professional.
A. Computational complexity
In this algorithm, we will evaluate its complexity by
analyzing the time cost in main and sub node. For main node,
the session key and GPK is updated only when session
membership has changed. In fact, it rarely happens during
video conference, so the running time is mainly spent on the
processes such as encrypting and embedding the control
word, and scrambling video stream, abbreviated as
'encryption+embed'.As to sub node, its main operations
include extracting and decrypting control word,
descrambling video stream as well as playing video,
abbreviated as 'decryption+extract+play'.