Image and Video Encryption (eBook)

Contents 7
List of Figures 9
List of Tables 13
Preface 15
Acknowledgments 17
Chapter 1 Introduction 18
Chapter 2 Visual data formats 28
1. Image and Video Data 28
2. DCT-based Systems 29
2.1 JPEG 29
2.2 MPEG Video Coding (MPEG-1,2,4) 29
2.3 ITU H.26X Video Conferencing 31
3. Wavelet-based Systems 31
3.1 SPIHT 33
3.2 JPEG 2000 34
4. Further Techniques 35
4.1 Quadtrees 35
4.2 Fractal Coding 36
4.3 Vector Quantisation 36
4.4 Lossless Formats: JBIG, GIF, PNG 36
Chapter 3 Cryptography Primer 38
1. Introduction, Terminology 38
2. Secret key vs. Public key Cryptography 39
3. Block Ciphers 40
3.1 sidestep: XOR 41
3.2 Operation Modes for Block Ciphers 41
3.3 DES and triple-DES 42
3.4 AES 43
3.5 Other Blockciphers 44
4. Stream Ciphers 44
4.1 One Time Pad — OTP 45
5. Hybrid Algorithms, some Applications 45
5.1 PGP 45
5.2 SSL and TLS 45
6. Cryptanalysis Overview 46
7. Further Information 47
Chapter 4 Application scenarios for the encryption of visual data 48
1. Security provided by Infrastructure or Application 48
2. Full Encryption vs. Selective Encryption 49
2.1 Off-line Scenario: 50
2.2 On-line Scenario: 51
2.3 Selective Encryption of a JPEG-2000 Bitstream 51
3. Interplay between Compression and Encryption 54
3.1 Basic Building Blocks: Compression, Encryption, and Transmission 55
3.2 Encryption and Transmission 57
3.3 Cost Optimal Configuration of Confidential Visual Data Transmission 57
Chapter 5 Image and video encryption 62
1. DCT-based Techniques 64
1.1 Image Encryption 64
1.2 Video Encryption 75
1.3 Our Implementations of selective MPEG-encryption 79
1.4 Encryption of Scalable or Embedded Bitstreams 91
2. Wavelet-based Techniques 99
2.1 Compression Oriented Schemes 100
2.2 Bitstream Oriented Schemes 124
3. Further Techniques 132
3.1 Raw Image Data 132
3.2 Quadtrees 142
3.3 Fractal-based system 143
3.4 Vector quantisation based system 143
3.5 Base-switching based system 144
4. Transparent Encryption 144
5. Commercial Applications and Standards 146
5.1 JPSEC — secure JPEG 2000 146
5.2 IPMP — Intellectual Property Management and Protection 146
5.3 MPEG, DVB & CSA
5.4 DVD 149
5.5 Other commercial products 150
Chapter 6 Conclusions 152
Appendix 155
A Copyrighted sections 155
B Test Images and Videos 156
1. Cover Page 156
2. Test Images 156
3. Sequence 1 — Bowing 158
4. Sequence 2 — Surf Side 158
5. Sequence 3 — Coast Guard 158
6. Sequence 4 — Akiyo 159
7. Sequence 5 — Calendar 159
C Authors’ Biographies 160
References 162
Index 176

Chapter 4 APPLICATION SCENARIOS FOR THE ENCRYPTION OF VISUAL DATA (p.31-32)

1. Security provided by Infrastructure or Application Images and videos (often denoted as visual data) are data types which require enormous storage capacity or transmission bandwidth due to the large amount of data involved. In order to provide reasonable execution performance for encrypting such large amounts of data, only symmetric encryption (as opposed to public key cryptography) can be used. As done in most current applications with demand for confidentiality, public key techniques are used for key exchange or signature generation only (such schemes are usually denoted as "hybrid").

There are two ways to provide confidentiality to a storage or transmission application. First, confidentiality is based on mechanisms provided by the underlying computational infrastructure. The advantage is complete transparency, i.e. the user or a specific application does not have to take care about confidentiality. The obvious disadvantage is that confidentiality is provided for all applications, no matter if required or not, and that it is not possible to exploit specific properties of certain applications. To give a concrete example, consider the distributed medical database infrastructure mentioned in the introduction. If the connections among the components are based on TCP/IP internet-connections (which are not confidential by itself of course), confidentiality can be provided by creating a Virtual Private Network (VPN) using IPSec (which extends the IP protocol by adding confidentiality and integrity features).

In this case, the entire visual data is encrypted for each transmission which puts a severe load on the encryption system. The second possibility is to provide confidentiality is on the application layer. Here, only applications and services are secured which have a demand for confidentiality. The disadvantage is that each application needs to take care for confidentiality by its own, the advantage is that specific properties of certain applications may be exploited to create more efficient encryption schemes or that encryption is omitted if not required. Selective encryption of visual data takes advantage of the redundancy in visual data which takes place at the application level and is therefore classified into the second category.


2. Full Encryption vs. Selective Encryption

Over the last years a number of different encryption schemes for visual data types have been proposed, since methods to provide confidentiality need to be specifically designed to protect multimedia content and fulfil the security requirements for a particular multimedia application.

The so called naive method - the most secure one - is to take the multimedia bitstream and encrypt this stream with the aid of a cryptographically strong cipher like AES. Here, the encryption is performed after the compression stage and due to the complexity of the involved encryption algorithm, such a scheme inherently adds significant latency which often conflicts with real-time constraints. Since runtime performance is often very critical in video encoding and decoding, more efficient methods have been proposed. Such systems - often denoted as "selective" or "soft" encryption systems - usually trade off runtime performance for security, and are therefore - in terms of security - somewhat weaker than the naive method.

Whereas selective encryption (SE) approaches exploit application specific data structures to create more efficient encryption systems (e.g. encryption of I-encoded blocks in MPEG, packet data of selected layers in JPEG 2000) using secure but slow "classical" ciphers, soft encryption systems employ weaker encryption systems (like permutations) to accelerate the processing speed.