Project_Report_V17 - College of Engineering and Applied

advertisement
Matrix Encryption Algorithm for MP4 Video
by
Sandeep M Chandrashekaregowda
Bachelor of Engineering VTU, India
2011
A Project
Submitted to the Graduate School Faculty of Graduate School of the
University of Colorado at Colorado Springs
In Partial Fulfillment of the Requirements
For the Degree of Master of Science
Department of Computer Science
Spring 2014
1
This project for the Master of Science degree by
Sandeep M Chandrashekaregowda
Has been approved for the
Department of Computer Science
By
________________________________________________________________
Advisor: Dr. C. Edward Chow
________________________________________________________________
Dr. Rory Lewis
________________________________________________________________
Dr. Jia Rao
2
Contents
1. INTRODUCTION .................................................................................................................................. 5
1.1 Aim and Objective of the project: ..................................................................................................... 5
1.2 Need of Secure communication ........................................................................................................ 5
1.3 Introduction to Multimedia ............................................................................................................... 6
Multimedia Building Blocks ................................................................................................................... 6
1.3.1 Audio: ........................................................................................................................................ 7
1.3.2 Video .......................................................................................................................................... 8
1.3.3 Images ........................................................................................................................................ 9
1.4. Introduction to Secure Communication ......................................................................................... 10
1.4.1 Need of secure communication ................................................................................................ 10
1.4.2 Secure communication ............................................................................................................. 10
1.4.3. How security is provided? ...................................................................................................... 10
1.5. Structure of MP4 ............................................................................................................................ 11
1.5 .1 Terms and definitions [17] ...................................................................................................... 12
1.5.2 Object-structured File Organization ........................................................................................ 12
1.6 Introduction to Multimedia ................................................................................................................. 15
1.6.1 Audio: .......................................................................................................................................... 16
1.6.2 Video ............................................................................................................................................ 16
1.6.3 Images .......................................................................................................................................... 19
2. Background and Prior Work ................................................................................................................. 19
2.1. SECMPEG by Meyer and Gadegast, 1995 .................................................................................... 19
2.2 Video Encryption Algorithm by Qiao and Nahrstedt, 1997 ........................................................... 20
2.3. Video Encryption Methods by Alattar, Al-Regib and Al-Semari, 1999........................................ 21
2.4 Partial Encryption Algorithms for Videos by Cheng and Li, 2000 ................................................ 22
3. Matrix Encryption Algorithm ............................................................................................................... 23
3.1 Matrix Encryption Algorithm ......................................................................................................... 24
3.2 Schema: ........................................................................................................................................... 26
3.3 Encryption: ...................................................................................................................................... 27
3
6.4 Decryption....................................................................................................................................... 30
5. Implementation ..................................................................................................................................... 34
6. Challenges Encountered........................................................................................................................ 34
7. Performance Evaluation ........................................................................................................................ 35
8. Conclusion ............................................................................................................................................ 40
9. Future work ........................................................................................................................................... 40
10. References ........................................................................................................................................... 41
Appendix A: Installation and Configuration of Matrix Encryption Algorithm. ....................................... 42
Appendix B: Demo of Matrix Encryption Algorithm. ............................................................................. 43
4
1. INTRODUCTION
With the advancement of the ages, man has greatly found the need to communicate through distances.
Initially this being accomplished through snail-mail was not real enough. He wanted to communicate vital
moments of his file, his thoughts through the usage of more realistic means by the usage of multimedia,
which is nothing but audio and video, which helped to share interesting thoughts, interesting audio/video
files among people. Sharing of such files often requires communicating through networks of computers,
which is not always secure enough. It is often a requirement that the file being shared is only visible or
usable by the intended recipient, sometimes it is also may be essential to disguise the intruder of the file
being different than what it really is. And in some commercial purposes it also may be required that only
parts of the communicated audio/video files are playable. This arouses the need to device a methodology to
securely communicate these multimedia files and hence protect the intellectual property of multimedia from
attacks arising out of a hostile network environment.
1.1 Aim and Objective of the project:
Aim:
To develop a methodology by which the video and audio files are secured in time and space efficient
manner.
Objective:
To develop an encryption methodology that utilizes various available encryption techniques and helps
secure multimedia data files in such a manner that securing only information in the frame data provides an
effect of securing the file as a whole. This securing process is to be carried out in a manner so as to reduce
the amount of time used in securing the file.
1.2 Need of Secure communication
With the advent and consequent vast growth of the technology, intellectual property has become vulnerable
to a number of threats that range from information retrieval to destruction of the intellectual property.
Hence one has found the extensive need to secure such intellectual property. Intellectual property in the
form of multimedia data files has been under constant threat over the years. Given the fact that often files
5
(including multimedia) would need to be communicated through possibly insecure channels where an
imposter or an intruder may cause extensive damage to such intellectual property. It has become the need of
the hour that methods are developed to ensure secure communication of such file.
1.3 Introduction to Multimedia
Multimedia is media and content that uses a combination of different content forms. The term can be used
as a noun (a medium with multiple content forms) or as an adjective describing a medium as having multiple
content forms. The term is used in contrast to media which only use traditional forms of printed or handproduced material. Multimedia includes a combination of text, audio, still images, animation, video, and
interactivity content forms. Multimedia has become an inevitable part of any presentation. It has found a
variety of applications right from entertainment to education. The evolution of internet has also increased
the demand for multimedia content. Multimedia is the media that uses multiple forms of information
content and information processing (e.g. text, audio, graphics, animation, video, interactivity) to inform or
entertain the user. Multimedia also refers to the use of electronic media to store and experience multimedia
content. Multimedia is similar to traditional mixed media in fine art, but with a broader scope. The term
"rich media" is synonymous for interactive multimedia.
Multimedia may be broadly divided into linear and non-linear categories. Linear active content progresses
without any navigation control for the viewer such as a cinema presentation. Non-linear content offers user
interactivity to control progress as used with a computer game or used in self-paced computer based
training. Non-linear content is also known as hypermedia content. Multimedia presentations may be viewed
in person on stage, projected, transmitted, or played locally with a media player. A broadcast may be a live
or recorded multimedia presentation. Broadcasts and recordings can be either analog or digital electronic
media technology. Digital online multimedia may be downloaded or streamed. Streaming multimedia may be
live or on-demand. Multimedia games and simulations may be used in a physical environment with special
effects, with multiple users in an online network, or locally with an offline computer, game system, or
simulator.
Multimedia Building Blocks
Any multimedia application consists any or all of the following components:
6
1. Text: Text and symbols are very important for communication in any medium. With the recent
explosion of the Internet and World Wide Web, text has become more the important than ever. Web is
HTML (Hypertext Markup language) originally designed to display simple text documents on computer
screens, with occasional graphic images.
2.
Audio: Sound is perhaps the most element of multimedia. It can provide the listening pleasure of
music, the startling accent of special effects or the ambience of a mood-setting background.
3.
Images: Images whether represented analog or digital plays a vital role in a multimedia. It is expressed
in the form of still picture, painting or a photograph taken through a digital camera.
4.
Video: Digital video has supplanted analog video as the method of choice for making video for
multimedia use. Video in multimedia are used to portray real time moving pictures in a multimedia
project.
1.3.1 Audio:
Sound is perhaps the most important element of multimedia. It is meaningful "speech" in any language,
from a whisper to a scream. It can provide the listening pleasure of music, the startling accent of special
effects or the ambience of a mood setting background. Sound is the terminology used in the analog form,
and the digitized form of sound is called as audio.
An audio file format is a file format for storing audio data on a computer system. It can be a raw bit stream,
but it is usually a container format or an audio data format with defined storage layer. The general approach
towards storing digital audio is to sample the audio voltage which, on playback, would correspond to a
certain level of signal in an individual channel with a certain resolution—the number of bits per sample—in
regular intervals (forming the sample rate). This data can then be stored uncompressed, or compressed to
reduce the file size. [15]
It is important to distinguish between a file format and a codec. A codec performs the encoding and
decoding of the raw audio data while the data itself is stored in a file with a specific audio file format. Most
of the publicly documented audio file formats can be created with one of two or more encoders or codecs.
Although most audio file formats support only one type of audio data (created with an audio coder), a
multimedia container format (as MKV or AVI) may support multiple types of audio and video data.
7
1.3.2 Video
Video can be basically understood as a process of displaying still images at a rapid rate giving a notion of a
moving image, which is coupled with perfectly synchronized audio stream. Each such still image is referred
to as a frame.
Modern video file formats interleave audio and video to allow for playing even partially loaded video stream
on the network. And they also employ video compression methodologies to conserve space. This
compression is made possible by using relative references that is to say if two consecutive frames have
almost the same content except for partial changes, it is preferable to record only the changes and use the
reference frame to generate the current frame.
Thus we normally find the frames distinguished as,
I-frame (intra-coded frame) is an infra-coded pictures in effect a fully specified picture, like a conventional
static image file. I-frames are pictures coded without reference to any pictures except themselves. They may
be generated by an encoder to create a random access point (to allow a decoder to start decoding properly
from scratch at that picture location). They may also be generated when differentiating image details
prohibit generation of effective P or B frames. I-frames typically require more bits to encode than other
picture types. Often, I-frames are used for random access and are used as references for the decoding of
other pictures. Intra refresh periods of a half-second are common on such applications as digital television
broadcast and DVD storage. Longer refresh periods may be used in some environments. [18]
P-frame (Predicted frames) holds the changes in the image from the previous frame (Ex: Moving a car
across a stationary background, only car’s movement needs to be recorded).
P-frames require the prior decoding of some other picture(s) in order to be decoded. They may contain both
image data and motion vector displacements and combinations of the two. They can reference previous
pictures in decoding order.
In the older standard designs (such as MPEG-2), use only one previously-decoded picture as a reference
during decoding, and require that picture to also precede the P picture in display order. In H.264, it can use
multiple previously-decoded pictures as references during decoding, and can have any arbitrary display-order
8
relationship relative to the picture(s) used for its prediction. Typically, P-frames require fewer bits for
encoding than I-frames do. [17]
B-frame (bi-directional predicted frame) helps specify the content by using differences between the current
and both preceding and following frames. [17]
B-frames require the prior decoding of some other picture(s) in order to be decoded. It may contain both
image data and motion vector displacements and combinations of the two. They include some prediction
modes that form a prediction of a motion region by averaging the predictions obtained using two different
previously-decoded reference regions.
In older standard designs (such as MPEG-2), B pictures are never used as references for the prediction
of other pictures. As a result, a lower quality encoding (resulting in the use of fewer bits than would
otherwise be the case) can be used for such B pictures because the loss of detail will not harm the prediction
quality for subsequent pictures. In H.264, they may or may not be used as references for the decoding of
other pictures.
In older standard designs (such as MPEG-2), use exactly two previously-decoded ^pictures as references
during decoding, and require one of those pictures to precede the B j picture in display order and the other
one to follow it. In H.264, can use one, two, or more than two previously-decoded pictures as references
during decoding, and can have any arbitrary display-order relationship relative to the picture(s) used for its
prediction. Typically, B-frames require fewer bits for encoding than either I or P frames do. The following
figure shows the relationship among the various frame types mentioned above. [17]
1.3.3 Images
An image (from Latin imago) is an artifact, for example a two-dimensional picture that has a similar
appearance to some subject, usually a physical object or a person. Image file formats are standardized means
of organizing and storing digital images. Image files are composed of either pixel or vector (geometric) data
that are rasterized to pixels when displayed (with few exceptions) in a vector graphic display. The pixels that
constitute an image are ordered as a grid (columns and rows); each pixel consists of numbers representing
magnitudes of brightness and color.
9
1.4. Introduction to Secure Communication
1.4.1 Need of secure communication
The requirements of information security within an organization have undergone two major changes in the
last several decades. Before the wide spread use of data processing equipment, the security of information
felt of be valuable to an organization was provided primarily by physical and administrative means.
With the advent of the computer, the need for automated tools for protecting files and other information
stored on the computer became evident. This is especially the case for a shared system.
1.4.2 Secure communication
When two entities are communicating with each other, and they do not want a third party to listen to their
communication, then they want to pass on their message in such a way that nobody else can understand
their message. This is known as communicating in a secure manner or secure communication. Secure
communication includes means by which people can share information with varying degrees of certainty
that third parties cannot know what was said. Other than communication spoken face to face out of
possibility of listening, it is probably safe to say that no communication is guaranteed secure in this sense,
although practical limitations such as legislation, resources, technical issues (interception and encryption),
and the sheer volume of communication are limiting factors to surveillance.
1.4.3. How security is provided?
There are two major encryption methodologies used to provide secure communication:
Method I: Symmetric Encryption
Encryption methodologies that require the same secret key to encipher and decipher the message are using
what is called private key encryption or symmetric key encryption. Symmetric encryption methods use
mathematical operations that can be programmed into extremely fast computing algorithms so that the
encryption and decryption processes are executed quickly by even small computers. The challenges that this
type of encryption methodology faces is that if either copy of the key falls into the wrong hands, massages
can be decrypted by others and the sender and intended receiver may not know the message was
10
intercepted. The primary challenge of symmetric key encryption is getting the key to the receiver, a process
that must be conducted out of band to avoid interception.
There are number of popular symmetric encryption cryptosystems. One of the most widely known is the
Data Encryption Standard (DBS). DBS uses a 64-bit block size and 56-bit key. But over the years DBS has
been proven to be easily compromised using a dedicated attack supported by proper hardware. [22]
Method II: Asymmetric Encryption
Another category of encryption technique is asymmetric encryption. Whereas the symmetric encryption
system use a single key both encrypted and decrypted a message, asymmetric encryption uses two different
but related keys, and either key can be used to encrypt or decrypt the message. If, however, key A is used to
encrypt the message, only key B can decrypt it, and if key B is used to encrypt the message, only key A can
decrypt it. Asymmetric encryption can be used to provide elegant solution to problem of security and
verification. This technique has its highest value when one key used as a private key, which means that it is
kept secret (much like the key of the symmetric encryption), known only to the owner of the key pair, and
other key serves as a public key, which means that it is stored in a public location where anyone can use it.
This is why the more common name for asymmetric encryption is public-key encryption.
One of the most popular asymmetric encryption techniques is the RSA algorithm. There are many such
algorithms that are widely in use in the present day. [22]
1.5. Structure of MP4
MP4 follows the ISO base format. The ISO Base Media File Format is designed to contain timed media
information for a presentation in a flexible, extensible format that facilitates interchange, management,
editing, and presentation of the media. This presentation may be 'local' to the system containing the
presentation, or may be via a network or other stream delivery mechanism. The file structure is objectoriented; a file can be decomposed into constituent objects very simply, and the structure of the objects
inferred directly from their type. The file format is independent of any particular network protocol while
enabling efficient support for them in general. The ISO Base Media File Format is a base format for media
file formats. One such being MPEG-4 is technically described by the ISO/IEC 14496-12, in accordance
11
with its compliance to the base format. [6]
The responsibility of maintaining the ISO Base Media File Format rests on WG1 and WG11.
1.5 .1 Terms and definitions [17]
The following terms and definitions are useful in understanding the file format
Box: Object-oriented building block defined by a unique type identifier and length. It is also popularly
known as 'atom' in some specifications, including the first definition of MP4.
Chunk: Contiguous set of samples for one track
Container Box: whose sole purpose is to contain and group a set of related boxes.
Hint track: Special track which does not contain media data, but instead contains instructions for
packaging one or more tracks into a streaming channel
Hinter: tool that is run on a file containing only media, to add one or more hint tracks to the file and so
facilitate streaming
Movie box: Container box whose sub-boxes define the metadata for a presentation ('moov') media data
box, box which can hold the actual media data for a presentation ('mdat')
Sample: All the data associated with a single timestamp. No two samples within a track can share the same
time-stamp. In non-hint tracks, a sample is, for example, an individual frame of video, a series of video
frames in decoding order, or a compressed section of audio in decoding order; in hint tracks, a sample
defines the formation of one or more streaming packets.
Sample description: Structure which defines and describes the format of some number of samples in a
track
1.5.2 Object-structured File Organization
Files are formed as a series of objects, called boxes. All data is contained in boxes; there is no other data
within the file. This includes any initial signature required by the specific file format. All files conformant to
the ISO base format are required to contain the File Type Box.
Object Structure
An object in this terminology is a box. Boxes start with a header which gives both size and type. The header
12
permits compact or extended size (32or 64 bits) and compact or extended types (32 bits or full Universal
Unique Identifiers, i.e. UUIDs). The standard boxes all use compact types (32-bit) and most boxes will use
the compact (32-bit) size. Typically only the Media Data Box (es) needs the 64-bit size. The size is the entire
size of the box, including the size and type header, fields, and all contained boxes. This facilitates general
parsing of the file. The definitions of boxes are given in the syntax description language (SDL). The fields in
the objects are stored with the most significant byte first, commonly known as network byte order or bigendian format. When fields smaller than a byte are defined, or fields span a byte boundary, the bits are
assigned from the most significant bits in each byte to the least significant. For example, a field of two bits
followed by a field of six bits has the two bits in the high order bits of the byte. [17]
aligned(S) class Box (unsigned int(32) boxtype,
optional unsigned int(8)[16] extended_type) {
unsigned int(32) size;
unsigned int(32) type = boxtype; if(size==l) {
unsigned int(64) largesize; } else if (size-- =0) { //box extends to end of file
} if (boxtype -='uuid') { unsigned int(8) [16] usertype = extended _type;
The semantics of these two fields are
Size is an integer that specifies the number of bytes in this box, including all its fields and contained boxes;
if size is 1 then the actual size is in the field largesize; if size is 0, then this box is the last one in the file, and
its contents extend to the end of the file (normally only used for a Media Data Box)
Type: identifies the box type; standard boxes use a compact type, which is normally four printable
characters (commonly known as the 4cc or 4 character code), to permit ease of identification, and is shown
so in the boxes below. User extensions use an extended type; in this case, the type field is set to 'uid'.
Version: is an integer that specifies the version of this format of the box.
Flags: is a map of flags.
The semantics of these two fields are:
aligned(S) class FullBox(unsigned int(32) boxtype, unsigned int(8) v, bit(24)f) extends Box(boxtype) {
unsigned int(8) version = v; bit(24) flags =f;
Many objects also contain a version number and flags field:
It suggested to ignore any boxes with an unrecognized type and is not to be considered for the normal
processing of the video.
13
Box Order
In order to improve interoperability and utility of the files, the ISO base format specifications requires
following of the following rules and guidelines for the order of boxes: [17]
1. The file type box 'ftyp' shall occur before any variable-length box (e.g. movie, free space, mediadata).
Only a fixed-size box such as a file signature, if required, may precede it.
2. It is strongly recommended that all header boxes be placed first in their container: these boxes are the
Movie Header, Track Header, Media Header, and the specific media headers inside the Media Information
Box (e.g. the Video Media Header).
3. Any Movie Fragment Boxes shall be in sequence order
4. It is recommended that the boxes within the Sample Table Box be in the following order: Sample
Description, Time to Sample, Sample to Chunk, Sample Size, Chunk Offset.
5. It is strongly recommended that the Track Reference Box and Edit List (if any) should precede the Media
Box, and the Handler Reference Box should precede the Media Information Box, and the Data Information
Box should precede the Sample Table Box.
6. It is recommended that user Data Boxes be placed last in their container, which is either the Movie Box
or Track Box.
7. It is recommended that the Movie Fragment Random Access Box, if present, be last in the file.
8. It is recommended that the progressive download information box be placed as early as possible in files,
for maximum utility.
The table shows those boxes that may occur at the top-level in the left-most column; indentation is used to
show possible containment. Thus, for example, a Track Header Box (tkhd) is found in a Track Box (trak),
which is found in a Movie Box (moov). Not all boxes are required to be present in all the files; the
mandatory boxes are marked with an asterisk (*), these mandatory boxes provide the minimal information
necessary for the normal processing and rendering of the file.
User data objects shall be placed only in Movie or Track Boxes, and objects using an extended type may be
placed in a wide variety of containers, not just the top level. [17]
14
1.6 Introduction to Multimedia
Multimedia is media and content that uses a combination of different content forms. The term can be used
as a noun (a medium with multiple content forms) or as an adjective describing a medium as having multiple
content forms. The term is used in contrast to media which only use traditional forms of printed or handproduced material. Multimedia includes a combination of text, audio, still images, animation, video, and
interactivity content forms. Multimedia has become an inevitable part of any presentation. It has found a
variety of applications right from entertainment to education. The evolution of internet has also increased
the demand for multimedia content. Multimedia is the media that uses multiple forms of information
content and information processing (e.g. text, audio, graphics, animation, video, interactivity) to inform or
entertain the user. Multimedia also refers to the use of electronic media to store and experience multimedia
content. Multimedia is similar to traditional mixed media in fine art, but with a broader scope. The term
"rich media" is synonymous for interactive multimedia.
Multimedia may be broadly divided into linear and non-linear categories. Linear active content progresses
without any navigation control for the viewer such as a cinema presentation. Non-linear content offers user
interactivity to control progress as used with a computer game or used in self-paced computer based
training. Non-linear content is also known as hypermedia content. Multimedia presentations may be viewed
in person on stage, projected, transmitted, or played locally with a media player. A broadcast may be a live
or recorded multimedia presentation. Broadcasts and recordings can be either analog or digital electronic
media technology. Digital online multimedia may be downloaded or streamed. Streaming multimedia may be
live or on-demand. Multimedia games and simulations may be used in a physical environment with special
effects, with multiple users in an online network, or locally with an offline computer, game system, or
simulator.
Multimedia Building Blocks
Any multimedia application consists any or all of the following components:
5. Text: Text and symbols are very important for communication in any medium. With the recent
explosion of the Internet and World Wide Web, text has become more the important than ever. Web is
HTML (Hypertext Markup language) originally designed to display simple text documents on computer
15
screens, with occasional graphic images.
6.
Audio: Sound is perhaps the most element of multimedia. It can provide the listening pleasure of
music, the startling accent of special effects or the ambience of a mood-setting background.
7.
Images: Images whether represented analog or digital plays a vital role in a multimedia. It is expressed
in the form of still picture, painting or a photograph taken through a digital camera.
8.
Video: Digital video has supplanted analog video as the method of choice for making video for
multimedia use. Video in multimedia are used to portray real time moving pictures in a multimedia
project.
1.6.1 Audio:
Sound is perhaps the most important element of multimedia. It is meaningful "speech" in any language,
from a whisper to a scream. It can provide the listening pleasure of music, the startling accent of special
effects or the ambience of a mood setting background. Sound is the terminology used in the analog form,
and the digitized form of sound is called as audio.
An audio file format is a file format for storing audio data on a computer system. It can be a raw bit stream,
but it is usually a container format or an audio data format with defined storage layer. The general approach
towards storing digital audio is to sample the audio voltage which, on playback, would correspond to a
certain level of signal in an individual channel with a certain resolution—the number of bits per sample—in
regular intervals (forming the sample rate). This data can then be stored uncompressed, or compressed to
reduce the file size. [15]
It is important to distinguish between a file format and a codec. A codec performs the encoding and
decoding of the raw audio data while the data itself is stored in a file with a specific audio file format. Most
of the publicly documented audio file formats can be created with one of two or more encoders or codecs.
Although most audio file formats support only one type of audio data (created with an audio coder), a
multimedia container format (as MKV or AVI) may support multiple types of audio and video data.
1.6.2 Video
Video can be basically understood as a process of displaying still images at a rapid rate giving a notion of a
16
moving image, which is coupled with perfectly synchronized audio stream. Each such still image is referred
to as a frame.
Modern video file formats interleave audio and video to allow for playing even partially loaded video stream
on the network. And they also employ video compression methodologies to conserve space. This
compression is made possible by using relative references that is to say if two consecutive frames have
almost the same content except for partial changes, it is preferable to record only the changes and use the
reference frame to generate the current frame.
Thus we normally find the frames distinguished as,
I-frame (intra-coded frame) is an infra-coded pictures in effect a fully specified picture, like a conventional
static image file. I-frames are pictures coded without reference to any pictures except themselves. They may
be generated by an encoder to create a random access point (to allow a decoder to start decoding properly
from scratch at that picture location). They may also be generated when differentiating image details
prohibit generation of effective P or B frames. I-frames typically require more bits to encode than other
picture types. Often, I-frames are used for random access and are used as references for the decoding of
other pictures. Intra refresh periods of a half-second are common on such applications as digital television
broadcast and DVD storage. Longer refresh periods may be used in some environments. [18]
P-frame (Predicted frames) holds the changes in the image from the previous frame (Ex: Moving a car
across a stationary background, only car’s movement needs to be recorded).
P-frames require the prior decoding of some other picture(s) in order to be decoded. They may
contain both image data and motion vector displacements and combinations of the two. They can reference
previous pictures in decoding order.
In the older standard designs (such as MPEG-2), use only one previously-decoded picture as a
reference during decoding, and require that picture to also precede the P picture in display order. In H.264,
it can use multiple previously-decoded pictures as references during decoding, and can have any arbitrary
display-order relationship relative to the picture(s) used for its prediction. Typically, P-frames require fewer
bits for encoding than I-frames do. [17]
17
B-frame (bi-directional predicted frame) helps specify the content by using differences between the current
and both preceding and following frames. [17]
B-frames require the prior decoding of some other picture(s) in order to be decoded. It may contain
both image data and motion vector displacements and combinations of the two. They include some
prediction modes that form a prediction of a motion region by averaging the predictions obtained using two
different previously-decoded reference regions.
In older standard designs (such as MPEG-2), B pictures are never used as references for the prediction
of other pictures. As a result, a lower quality encoding (resulting in the use of fewer bits than would
otherwise be the case) can be used for such B pictures because the loss of detail will not harm the prediction
quality for subsequent pictures. In H.264, they may or may not be used as references for the decoding of
other pictures.
In older standard designs (such as MPEG-2), use exactly two previously-decoded ^pictures as references
during decoding, and require one of those pictures to precede the B j picture in display order and the other
one to follow it. In H.264, can use one, two, or more than two previously-decoded pictures as references
during decoding, and can have any arbitrary display-order relationship relative to the picture(s) used for its
prediction. Typically, B-frames require fewer bits for encoding than either I or P frames do. The following
figure shows the relationship among the various frame types mentioned above. [17]
18
Fig: 1.1 Group of frames [17]
1.6.3 Images
An image (from Latin imago) is an artifact, for example a two-dimensional picture that has a similar
appearance to some subject, usually a physical object or a person. Image file formats are standardized means
of organizing and storing digital images. Image files are composed of either pixel or vector (geometric) data
that are rasterized to pixels when displayed (with few exceptions) in a vector graphic display. The pixels that
constitute an image are ordered as a grid (columns and rows); each pixel consists of numbers representing
magnitudes of brightness and color.
2. Background and Prior Work
2.1. SECMPEG by Meyer and Gadegast, 1995
In 1995 Meyer and Gadegast introduced the encryption method called Secure MPEG, or shortly
SECMPEG, designed for the MPEG-1 video standard. The SECMPEG I contains four different levels of
19
security. At the first level, SECMPEG encrypts the headers from the sequence layer to the slice layer, while
the motion vectors and DCT blocks are unencrypted. At the second level, most relevant parts, upper left
corner of the block, of the I-blocks are additionally encrypted At the third level, SECMPEG encrypts all Iframes and all I-blocks. Finally, at the fourth level, SECMPEG encrypts the whole MPEG-1 sequence. The
authors chose Data Encryption Standard (DES) symmetric key cryptosystem, which was the natural choice,
given that this cryptosystem had been around since 1976 and was the official symmetric encryption
algorithm standardized by National Institute of Standard and Technology (NIST) and adopted by the US
Government. Since DES is a symmetric key cryptosystem, it could only be used to achieve confidentiality.
Meyer and Gadegast targeted solving the problem of data integrity as well. For that reason, the Cyclic Redundancy-Check (CRC) was incorporated as a low-level solution to the integrity. The real data integrity
mechanisms that included public key cryptography and cryptographically good hash functions such as MD4,
MD5, or SHA were left for further research. [4]
The encryption in SECMPEG (levels 1, 2, and 3) has some weaknesses. It is due to the fact that even
though single P- or B-frame on its own carries almost no information tout the corresponding I-frame, a
series of P- or B-frames can tell a lot if their base I¬-frames are correlated. Since SECMPEG introduces
changes to the MPEG-1 format, a special encoder and decoder is needed to handle SECMPEG streams.
Nevertheless, the SECMPEG paper and implementation by Meyer and Gadegast was one of the first
important research initiatives for selective encryption of multimedia streams.[4]
2.2 Video Encryption Algorithm by Qiao and Nahrstedt, 1997
The Video Encryption Algorithm (VEA) by Qiao and Nahrstedt is constructed with the goal to exploit the
statistical properties of the MPEG video standard. The algorithm consists of the following four steps:
Step 1: Let the 2n byte sequence, denoted by ala2...a2n, represent the chunk of an I-frame
Step 2: Create two lists, one with odd indexed bytes ala3...a2n-l, and the other with even indexed bytes
a2a4...a2n.
Step 3: XOR the two lists into an n-byte sequence denoted with clc2...cn
Step 4: Apply the chosen symmetric cryptosystem E (for example DBS or AES) with the secret key KeyE
on either odd list or even list, and thus create the cipher text sequence clc2...cn EKeyE(ala3...a2n-l) or
clc2...cnEKeyE(a2a4...a2ri) respectively.[1] Video encryption algorithm upon the statistical properties of
MPEG video standard and symmetric key algorithm standard to reduce the amount of data that is
20
encrypted.
AVE is actually dividing the input video stream into chunks, where in Matrix Encryption Algorithm The
frames are selected depending on the selection type of encryption, weather to encrypt only audio, only video
or both. The Matrix encryption is applied on block of code. The block of code will be in the form of an
array. Which will be first arranged as matrix for the matrix encryption. This provides a faster and secure way
as encrypt frames rather than dividing the input video stream into chunks and encrypting.
2.3. Video Encryption Methods by Alattar, Al-Regib and Al-Semari, 1999
In 1999, Alattar, Al-Regib and Al-Semari presented the three methods for selective video encryption based
on DES cryptosystem. These methods, called simply Method I, Method II and Method III, were
computationally improved versions of the previous work from two of the co-authors, which is referred to as
Method 0. The first algorithm (Method 0), proposed by Alattar and Al-Regib in, essentially encrypts all
macro blocks from I-frames and the headers of all prediction macro blocks using DES cryptosystem. This
method performs relatively poorly because encryption is carried out on 40%-79% of the MPEG video
stream. [20]
In Method I, the data of every nth macro block from the I-frame of MPEG video stream is encrypted using
DES cryptosystem, while the information from the all other I-frame macro blocks is left unencrypted. The
value of n was not specified, and it can be chosen depending on the application needs. If the value of n is 2
then the encryption is performed on approximately a half of all I-frame macro blocks, but the security level
is higher. On the other hand, if the value of n is higher, the computational savings are bigger, yet the
security level is lower. An important observation is that even though the certain number of I-macro blocks
is left unencrypted, they are not expected to reveal any information about the encrypted ones. [20]
To improve the security of Method I, Alattar, Al-Regib and Al-Semari suggested Method II, which
additionally encrypts the headers of all predicted macro blocks using DES. Since DES is a block cipher that
operates on 64-bit blocks, a 64-bit segment starting from the header of a predicted macro block is processed
in the beginning. This segment may include exactly the whole header (which is the rare case when header
size is equal to 64 bits), a part of the header (when header size is larger than 64 bits), or the whole header
21
along with the part of the macro block data (when the header size is smaller than 64 bits). In the case when
the encrypted segment contains a part of the header, an adversary would have serious problems with
synchronization, which adds to the security regarding motion vectors. [2] The security is further increased if
the encrypted segment also contains a part of the macro block data. The computation performed using
Method II is clearly faster than that of the Method 0, but slower than that of Method I. Finally, Alattar, AlRegib and Al-Semari proposed Method III to reduce the amount of computation from Method II. Namely,
instead of encrypting all predicted macro blocks, the encryption in Method III is performed on every nth
predicted macro block, along with encrypting every nth I-macro block. [20]
Alattar, Al-Regib and Al-Semari [21] propose that about the four sets of the ciphers on the blocks with in
MPEG-1 video. They proposed to encrypt every nth macro blocks. Then the selected blocks are encrypted
using the DES. The Selective Macro block Cipher is not suitable for streaming video. High speed playback
modes, resynchronization of the DES cipher in these playback modes is not possible as we cannot
determine which frame is currently being played back. [24] The Matrix encryption is applied on block of
code. The block of code will be in the form of an array. Which will be first arranged as matrix for the matrix
encryption. This provides a faster and secure way as encrypt frames rather than dividing the input video
stream into chunks and encrypting and the video is always render able.
2.4 Partial Encryption Algorithms for Videos by Cheng and Li, 2000
The partial encryption schemes for still images introduced by Cheng and Li are also further extended to the
videos. The approaches proposed by Cheng and Li are not suitable for JPEG image compression, and thus
naturally also not suitable for the MPEG video compression standard. Instead, the partial encryption
algorithms are designed for the video compression methods, which use either quadtree compression or
wavelet compression based on zero trees for the video sequence intraframes, motion compensation, and
residual error coding. For example, the partial encryption is applicable to the videos that are based on the
Set Partitioning In Hierarchical Trees (SPIHT) image compression algorithm, which is an application of
zerotree wavelet compression. Cheng and Li's partial encryption algorithms are designed to disguise the
intraframes (I-frames), the motion vectors, and the residual error code of the given video sequences. In both
quadtree compression and wavelet compression based videos, all I-frames are encrypted using the
previously discussed methods for partial encryption of still images by Cheng and Li. In addition, it is also
important to encrypt the motion vectors. If the motion vector information is unencrypted, the adversary
22
may be able to use an image frame to obtain approximations to the successive frames. Almost all motion
estimation algorithms divide the frame into blocks and try to predict their movement (the position in the
next frame) by constructing the estimated motion vector for each block. The blocks that belong to the same
large object often have identical motion vectors and it is efficient to encode these vectors together. The
authors restrict to those video encryption algorithms that use a quadtree for merging these blocks. Then,
quadtree partial encryption is used to encrypt the motion vectors. Finally, for the security purposes it is
important to encrypt the residual error as well. Unencrypted residual error may reveal the outline of a
moving object. The residual error is often treated as an image frame and then compressed using some
standard image compression algorithm. Again, we restrict ourselves to video compression algorithms that
use either quadtree or wavelet based image compression algorithm to compass the residual error frames.
Thus, Partial encryption schemes for both quadtree and wavelet compression can be applied to the residual
error encryption. [21].
This algorithm provided me strength and gave a support to think that the frames can be encrypted. Cheng
and Li [21] provided an encrypted scheme which encrypts only a part of compressed data. They used quad
tree compression is more efficient at low bitrates and brute force attack is practical for low information
images where quad tree structure is very simple. [25]
3. Matrix Encryption Algorithm
This project will encrypt only the selected frames in multimedia, render the file playable. The frames are
selected depending on the selection type of encryption, whether to encrypt only audio, only video or both.
The selection criteria and their rationale are as follow: The I frame contains original content. They need to
be encrypted so that no content will be leaked. The macro blocks of P and B frames encoded the
differentiated content if they exceed certain thresholds. They only need to be encrypted if the related macro
blocks on the corresponding I/P frame are plain and hence the differentiated content reflect the actual
content on that correspond frame. Note that if a video has many repeated frames, we will only encrypted
the I frame. Based on this scheme, a video with talking head, we only need to encrypt the macroblocks of
those P or B frames with differentiated content. By skipping frames or macroblacks for encryption, the time
performance improvement and file size reduction can be achieved.
23
Note that in our implementation we can pick and choose which media components are to be protected. For
example, if only audio is selected as encryption type, then only audio frames will be taken for encryption.
Each selected frames are encrypted separately.
Multimedia
Analyze to find out
frames to be encrypted
Selected
Encrypt frames
frames
Remaining frames
Encrypted
multimedia
Transmit
Network
Transmit
Multimedia
Unencrypted
Analyze as to which frames
to be decrypted
frames
Frames to be decrypted
Decrypt frame
Decrypted frames
Fig 3.1: Figure 3.1 illustrates a simplified implementation of the algorithm
3.1 Matrix Encryption Algorithm
24
Figure 3.2 – Matrix Encryption Algorithm
1. Initial Round:
a. Divide the stream in frames to 16 bytes of sub-frames; consider it as a 4x4 matrix. Each subframe is encrypted separately.
2. Rounds:
a. Operate on the part of matrix: Divide the matrix as 2x2 matrix (each cell will be containing
2x2 matrix in it). Perform Xor operation on 1st part of the matrix with its next one.
b. Operate with Key: Perform Xor operation on the 4x4 matrix with key of 16 bytes
(considering the key as 4x4 matrix for the operation)
c. Shift cells: shift the divided matrix cell values clockwise.
3. Final Round:
Append the encrypted sub-frames
25
The Algorithm is:
Step 1. Create matrix
Step 2. xor X00(00,01, 10, 11) with X01(02, 03, 12, 13) respectively which updates only 1/4th of matrix.
Step 3. Rotate X00->X01->X11->X10->X01
Step 4. Add Key.
Step 5. Repeat step 2, 3, 4 for 3 more times. (Means all the 4 parts of matrix are updated).
Since the first step operates on itself (in all the 4 rounds, the same above operation works), we need not to
keep the s-Box like AES algorithm.
The second step is just like AES algorithm, it uses 16 bytes key, which will be XORed with the resultant of
the above step. (AES algorithm also uses 128 bit key, which mean 16 bytes).
The third step will actually shuffles the bytes in the matrix. Unlike AES, which will shifts values within row.
This algorithm will rotate the value position. The values changes row-wise as well as column-wise.
3.2 Schema:
This project will provide an encryption methodology with the bit-wise encryption. This helps secure
multimedia data files in such a manner that securing only information in the frame data provides an effect of
securing the file as a whole. The Matrix encryption algorithm has 128 bit (16 bytes) of block size and 128
bit (16 bytes) of size. This uses 4 rounds that convert the original block to encrypted block. This uses 4
rounds that convert the original block to encrypted block. Each round consists of several processing steps,
each containing three similar but different stages, including one that depends on the encryption key itself
The Matrix Encryption Algorithm consists of a set of processing steps repeated for four rounds with 128 bit
(16 bytes) of key. The algorithm works on 16 bytes of data. We can divide the frame data in set of 16 bytes.
Since, each set is encrypted individually and independently. We can process each steps parallel, which will
increase the speed of encryption. The output of all blocks creates the encrypted video. A set of reverse
rounds are applied to transform ciphertext back into the original plaintext using the same encryption key.
Matrix encryption algorithm does not increase the size of the files, like other encryption algorithms.
26
3.3 Encryption:
The selected frame divided into blocks before it is processed with Matrix Encryption. Each block of
data is encrypted separately and appended again to construct the encrypted frame.
public int[] EncryptFrame(int[] frame)
{
int length = frame.Count();
int[] encryptedFrame = new int[length];
int i = 0;
while (i < length)
{
int[] tempBlock = CeateBlock(frame, i);
if (tempBlock != null)
{
tempBlock = MatrixEncryption(tempBlock);
}
//Append the blocks to create encrypted frame
AppendArray(ref encryptedFrame, i, tempBlock);
i += 16;
27
}
return encryptedFrame;
}
The Matrix encryption is applied on block of code. The block of code will be in the form of an array. Which
will be first arranged as matrix for the matrix encryption.
The matrix is processed with 4 rounds of 3 operations.
After completion of operations, the encrypted matrix will be available. This encrypted matrix will be
converted back to array before appending with other blocks to construct encrypted frame.
private int[] MatrixEncryption(int[] block)
{
int[,] matrix = new int[4, 4];
//Create matrix of 4x4 with 16 bytes of subFrame
for (int row = 0, count = 0; row < 4; row++)
{
for (int col = 0; col < 4; col++)
{
matrix[row, col] = block[count];
count++;
}
}
for (int executionCount = 0; executionCount < 4; executionCount++)
{
matrix = InitialXorOperation(matrix);
matrix = KeyOperation(matrix, Key);
matrix = ShiftCells(matrix);
}
for (int row = 0, count = 0; row < 4; row++)
{
for (int col = 0; col < 4; col++)
{
block[count] = matrix[row, col];
count++;
}
}
return block;
}
28
The set of operations performed in each round in the Matrix encryption algorithm are as follows.
1. Initial XOR operation:
Quarter of matrix (cells: 00, 01, 10, 11) is performed XOR operation with next Quarter of matrix
(cells: 02, 03, 12, 13).
private int[,] InitialXorOperation(int[,] matrix)
{
for (int row = 0; row < 2; row++)
{
for (int col = 0; col < 2; col++)
{
matrix[row, col] ^= matrix[row + 2, col + 2];
}
}
return matrix;
}
2. Operation with Key:
The first quarter of the matrix is XORed with the key.
private int[,] KeyOperation(int[,] matrix, int[] key)
{
for (int row = 0, count = 0; row < 4; row++)
{
for (int col = 0; col < 4; col++)
{
matrix[row, col] ^= key[count];
count++;
}
}
return matrix;
}
3. Shift cells as to shuffle the data:
This step will actually shuffles the bytes in the matrix. Unlike AES, which will shifts values within
rows. This algorithm will rotate the value position. The values changes row-wise as well as column-wise.
private int[,] ShiftCells(int[,] matrix)
{
int temp;
for (int row = 0; row < 2; row++)
{
for (int col = 0; col < 2; col++)
{
temp = matrix[row, col];
matrix[row, col] = matrix[row, col + 2];
29
matrix[row, col + 2] = matrix[row + 2, col + 2];
matrix[row + 2, col + 2] = matrix[row + 2, col];
matrix[row + 2, col] = temp;
}
}
return matrix;
}
6.4 Decryption
The decryption process follows the same process of dividing the frame in to blocks as to process
each block to convert it to original block. Each block are processed for decryption.
public int[] DecryptFrame(int[] frame)
{
int length = frame.Count();
int[] decryptedFrame = new int[length];
int i = 0;
while (i < length)
{
int[] tempSubFrame = CeateBlock(frame, i);
if (tempSubFrame != null)
{
tempSubFrame = MatrixDecryption(tempSubFrame);
}
AppendArray(ref decryptedFrame, i, tempSubFrame);
i += 16;
}
return decryptedFrame;
}
Similar to encryption process, The Matrix decryption is applied on block of code. The block of code will be
in the form of an array. Which will be first arranged as matrix for the matrix decryption.
The matrix is processed with 4 rounds of 3 operations.
After completion of operations, the encrypted matrix will be available. This decrypted matrix will be
converted back to array before appending with other blocks to construct decrypted frame.
private int[] MatrixDecryption(int[] subFrame)
{
int[,] matrix = new int[4, 4];
30
//Create matrix of 4x4 with 16 bytes of subFrame
for (int row = 0, count = 0; row < 4; row++)
{
for (int col = 0; col < 4; col++)
{
matrix[row, col] = subFrame[count];
count++;
}
}
for (int executionCount = 0; executionCount < 4; executionCount++)
{
matrix = ShiftCellsBack(matrix);
matrix = KeyOperation(matrix, Key);
matrix = InitialXorOperation(matrix);
}
for (int row = 0, count = 0; row < 4; row++)
{
for (int col = 0; col < 4; col++)
{
subFrame[count] = matrix[row, col];
count++;
}
}
return subFrame;
}
The
decryption
performs
the
same
3
operations
as
encryption
but
in
reverse
order.
4. Security Analysis
Secure Key: The main challenge was to secure the stored key. The storage also depends on the hardware
platform what we use for encryption and decryption. Use the ProtectedMemory class to encrypt an array of
in-memory bytes. This functionality is available in Microsoft Windows XP and later operating systems. You
can specify that memory encrypted by the current process can be decrypted by the current process only, by
all processes, or from the same user context. [8]
[HostProtectionAttribute(SecurityAction.LinkDemand, MayLeakOnAbort = true)]
public static class ProtectedMemory
Use the ProtectedData class to encrypt a copy of an array of bytes. This functionality is available in
31
Microsoft Windows 2000 and later operating systems. You can specify that data encrypted by the current
user account can be decrypted only by the same user account, or you can specify that data encrypted by the
current user account can be decrypted by any account on the computer. [8]
[HostProtectionAttribute(SecurityAction.LinkDemand, MayLeakOnAbort = true)]
public static class ProtectedData
Other recent papers conducting analysis of standards and implementations of high-profile secure protocols
include [11], [12], [13], [14], and [17]. These papers highlight the problems that arise in protocol
specifications with respect to implementation details having the potential to undermine security. They also
show that, in order to evaluate security, it is not enough to look at the specification alone – rather, one must
look at how the specifications have been implemented in order to gauge whether an attack idea will work
against a real system [18].
Here to analyze the security of the algorithm, we can explore the complexity of brute force attacks on the
Matrix Encryption Algorithm. Brute force attacks can be considered are breaking the encryption and
cracking the authentication. Considering the first case, the attacker intention would be to get the key for to
decrypt the encrypted file or media. The attacker may get the cipher text and Matrix Encryption Algorithm
that yield it. The attacker might produce the key iterating all possible solutions.
Measures that can be are followed are choosing a key size encrypt and decrypt messages. The Matrix
encryption algorithm has 128 bit (16 bytes) of block size and 128 bit (16 bytes) of size. The greater the key,
often it makes more time to break using brute force. DES uses a 56-bit key that was broken using brute
force attack in 1998. [26] To counter step key brute force attacks, it is favored to use a key size of at least
128 bits.
Steps that can be followed to test using brute force as

Find a ciphertext C that was encrypted using key K (C = Encrypt(P, K)) and plaintext P is not
known.

Iterate though all possible key values on the key space of K.

For each predicted value K’, execute the decryption algorithm using the ciphertext from step 1 to
produce its equivalent plaintext (P’ = Decrypt(C, K’)).
32
Check if the produced plaintext P’ is readable. The Matrix Encryption Algorithm is vulnerable if it is
possible to recover a valid key in a reasonable amount of time but greater the key, often it makes more time
to break using brute force
Once attackers discover a valid key they can use it to decipher encrypted data or to break an authentication
scheme. This vulnerability is avoided by using an industry-standard algorithm with a large enough key of at
least 128 bits, thus making the key space so large that is impossible to cover it in a reasonable amount of
time. [26]
Assume the content is protected by the AES and related key. The following is the sketch proof that the
matrix encryption algorithm will not leak any content with the following arguments:

All I frames are encrypted. Therefore no original content in those frames will be leaked.

The macroblocks in P or B frame which are not encrypted by the matrix encryption algorithm are
those whose content are the same as correspond macroblock in I frame. Since the correspond
macroblock in I frame are encrypted, their original content can be derived.

The rest of the macroblock in P or B frame are encrypted.

Therefore all P or B frame content are encrypted.
Figure 4.1: sketch proof that the matrix encryption algorithm will not leak any content with the
above arguments
33
5. Implementation
The Matrix Encryption Algorithm was implemented for this project to validate the designed algorithm,
evaluate performance, and provide a tool that could be used for future applications. The implementation is
done with Windows application used for debugging, program validation and testing. . The implementation
was developed and complied on Windows 8 using the Microsoft Visual Studio 2010 Express Edition
compiler. The program is implemented in C# language. Windows forms are used for User Interface for
testing the algorithm, evaluating the performance.
The implementation includes reading a MP4 file and breaking the file into metadata, video frames and audio
frame. Encryption will be performed only on the frames, which is decided based on the selection of
encryption mode, video only, audio only or both. The implementation includes creation of key file with
random key, generated in the program. The implementation of encryption includes breaking the frame into
parts of 64 bits. Each part is then converted to matrix to apply Matrix Encryption Algorithm on it. The
encrypted matrix is again serialized to 64 bits to create the encrypted MP4 file. The frames which are not
required to encrypt are passed from original file to encrypted file as it is. The person encrypts the video with
the Matrix Encryption Algorithm and user the server to upload along with the key. The recipient person
could download with the password and decrypts with the same Matrix Encryption Algorithm and it could
play in any computer and on any video players available.
6. Challenges Encountered
The implementation effort encountered several challenges in reading the MP4 file. Identifying the frames
type, size and data was a challenge. Encrypting the other data, which are not actually video or audio data,
would make the d output encrypted file non-playable. So it was very challenging to study the file format and
catch the exact frame data to perform the encryption operation.
Encryption of the media files not only mean just to make the video non-playable or to jumble the data in
frame to confuse the unauthorized viewers. But encryption also includes giving the security from the
hackers. Here with the Matrix Encryption Algorithm, we can achieve both jumbling the data inside the
frame and also secure the data with strong key. This will increase the strength of the security as to provide
high secured transmission over un-secured network. Encryption algorithm should not increase the size of
34
the file, which will add an overhead to the transmission. To avoid size growth, Matrix Encryption Algorithm
will perform rounds of operations within the matrix along with key in one operation.
The other challenges were to test the strength of the algorithm. The algorithm was analyzed based on the
chosen cipher text attacks [11].
7. Performance Evaluation
In this section we present the evaluation results of the matrix encryption algorithm. Two major metrics for
evaluation a multimedia encryption algorithm are the encrypted file size and the computation time, both the
encryption time and decryption time. We will compare the performance of matrix encryption algorithm with
the baseline version that use AES algorithm to encrypt the whole file.
We conduct the experiments on a Windows 8.1 PC with i7 processor 2.4Ghz and 4GB memory. For the
data set we used a set of recorded lectures with varying sizes. They contain the slides and class room
conversation. Table 7.1 lists the sizes of MP4 files and audio/video samples in test data set.
The files of various sizes were considered for the purposes of testing the efficiency and the feasibility of the
methods implemented to provide security of the multimedia file. We need to measure the performance of
the algorithm with different file size. The encryption and decryption process was carried out for all possible
options provided.
We perform three runs of the algorithms and compute their averages. Figure 7.1 shows the MES encryption
performance. Figure 7.2 shows the MES decryption performance. There does not seem to be big
differences between encryption times and corresponding decryption times. A 725MB mp4 file can be
encrypted with MES in about 171 seconds. Figure 7.3 shows the comparison between MES and AES
algorithms on encryption results. Table 7.2 lists the encryption performance results of MES and AES
algorithms on the data set. Figure 7.4 shows the comparison between MES and AES algorithms on
decryption results. Table 7.3 lists the decryption performance results of MES and AES algorithms on the
data set.
35
250
Time in seconds
200
150
Audio only
Video only
100
Audio and Video
50
0
21
89
160
284
523
608
725
File Size in MB
Figure 7.1. MES Algorithm encryption Performance
250
Time in seconds
200
150
Audio only
Video only
100
Audio and Video
50
0
21
89
160
284
523
608
725
File Size in MB
Figure 7.2. MES Algorithm decryption Performance
36
File Name
21.mp4
40.mp4
59.4.mp4
82.mp4
107.mp4
215.mp4
719.mp4
File Size
# of Audio samples
# of Video samples
21 MB
15357
8903
40 MB
9204
5345
59.4 MB
49365
34354
82 MB
47221
27412
107 MB
25054
14544
215 MB
49552
28765
719 MB
125623
58398
Table 7.1. Sizes of MP4 files and audio/video samples in test data set.
Type
21
40
59.4
82
107
215
719
MES
Audio only
1.1
0.64
3.85
4.25
3.14
4.36
21.49
AES Audio
only
MES
Video only
0.93
1.02
3.95
5.1
7.83
8.05
22.25
4.14
8.68
11.99
15.34
21.92
49.24
153.59
AES Video
only
MES
Audio and
Video
2.45
6.93
12.37
17.06
24.62
47.53
155.02
5.20
9.03
14.98
19.02
24.53
52.98
171.91
AES Audio
and Video
3.12
7.21
15.74
21.52
27.84
58.21
176.37
Table 7.2: The average computation time of the encryption for the test files
37
200
180
Time in seconds
160
140
Audio only
120
AES Audio Only
100
Video only
80
AES Video Only
60
Audio and Video
40
AES Audio and Video
20
0
21
40
59.4
82
107
215
719
File Size
Figure 7.3 MES and AES Algorithm encryption Performance
Type
21
40
59.4
82
107
215
719
MES
1.3
Audio only
0.88
4.34
4.48
4.56
4.72
23.29
AES
0.95
Audio only
MES
4.4
Video only
1.01
3.92
5.24
8.03
8.15
24.53
7.12
13.37
15.74
23.45
51.76
156.62
AES Video 1.46
only
MES
5.80
Audio and
Video
6.95
12.39
17.07
24.75
47.64
159.83
10.13
16.02
23.45
27.18
59.35
183.03
AES
Audio and
Video
7.25
15.81
21.59
28.48
159.83
190.28
3.32
Table 7.3: The average computation time of the decryption for the test files.
38
200
180
160
140
Audio only
120
AES Audio Only
100
Video only
AES Video Only
80
Audio and Video
60
AES Audio and Video
40
20
0
21
40
59.4
82
107
215
719
Figure 7.4. MES and AES Algorithm decryption Performance
Through the testing and analyzing the data, it can be inferred that the Matrix Encryption Algorithm
performs slightly better than Advanced Encryption Standard Algorithm when we go on increasing the size
of the file. To be noted that the file sizes are same for both the algorithm to test the performance. We can
also note that the AES algorithm performs better encryption for file sizes up to 59.4 megabytes. Then the
curve for AES algorithm bumps up indicating that the performance of Matrix Encryption is slightly better
when the encryption process for files greater than 59.4 megabytes.
To analyze the decryption process for AES algorithm studying the graph shows that there is minimal
changes in time for decryption when compared to process of encryption. When it comes Matrix encryption
Algorithm, the decryption process takes slightly longer when compared to encryption process. But when
compared decryption process of with that of Matrix encryption Algorithm to AES algorithm, the Matrix
encryption Algorithm performance is noticeable.
Note that MES algorithm has the overhead of selecting frames or macroblocks for encryption which
requires the parsing the mp4 file and comparison of macroblocks. It has the advantage of skip frames which
39
does not need to encrypted. The type of files that can be benefited from using MES are files with more P/B
frames in between I frames and with busy content so that the macroblocks in the P and B frames does not
have to be encrypted/decrypted.
8. Conclusion
We have designed and developed a matrix encryption algorithm which can outperform the pure AES
encryption method. In particular, it is suited for protecting multimedia files with busy content. The Matrix
Algorithm scheme provides a framework for efficient encryption and decryption in the multimedia
environment which can be used in numerous real world applications. Benefits to algorithm include the
faster means of data protection with confidentiality and integrity. The drawbacks mainly include inefficient
control on key of the algorithm and means to test the algorithm for tamper detection. The security analysis
of the Matrix Encryption Algorithm shows that the algorithm can withstand attacks based on the level of
implementation and standard of the key used as well as the hardware specific restrictions could be used like
SEDS which uses a built in chip that provides transparent encryption.
9. Future work
There is broad perspective of future work related to this paper. As the technology grows, the recent
developments shows that implementation of the various encryption algorithms lead the attacks on the
algorithms like RSA. There should complex encryption techniques to make sure the public key encryption is
reliable. The paper could be extended to mobile devices which in turn based on the cloud that requires
dedicated servers and encryption key managers. The dedicated servers and hardware’s can be used to make
the encryption more specific to the hardware and the key management can be easy.
The paper proposes the Matrix Encryption Algorithm; future work can present a proof of the security for
the algorithm and comply the algorithm on cloud and mobile devices like an application, which should focus
on the reliability of the algorithm.
40
10. References
Preliminary references relating to research done for this paper are listed below.
[1]
Qiao, Lintian, and Klara Nahrstedt. "A new algorithm for MPEG video encryption." Proc. of First
International Conference on Imaging Science System and Technology. 1997.
[2]
Liu, Fuwen, and Hartmut Koenig. "A survey of video encryption algorithms."computers & security 29.1
(2010): 3-15.
[3]
Lui, Oi-Yan, Ching-Hung Yuen, and Kwok-Wo Wong. "Chaos-Based selective encryption for AVS
video coding standard." Advances in Multimedia Information Processing–PCM 2012. Springer Berlin
Heidelberg, 2012. 501-512.
[4]
Lim, Youngkwon, et al. "MMT: An Emerging MPEG Standard for Multimedia Delivery over the
Internet." MultiMedia, IEEE 20.1 (2013): 80-85.
[5]
QuickTime API Reference, 2005-08-11, Apple Computer, Inc. © 2005 Apple Computer, Inc.
[6]
http://en.wikipedia.org/wiki/Mp4
[7]
http://en.wikipedia.org/wiki/I-frame
[8]
http://wolfcrow.com/blog/what-is-video-encryption-and-should-you-care/
[9]
http://msdn.microsoft.com/en-us/library/ms229741%28v=vs.100%29.aspx
[10]
http://cs.uccs.edu/~gsc/pub/master/bbaker/doc/bbaker_project_slides.pdf
[11]
Bleichenbacher, Daniel. "Chosen ciphertext attacks against protocols based on the RSA encryption
standard PKCS# 1." Advances in Cryptology—CRYPTO'98. Springer Berlin Heidelberg, 1998.
[12]
Brumley, David, and Dan Boneh. "Remote timing attacks are practical."Computer Networks 48.5 (2005):
701-716.
[13]
Canvel, Brice, et al. "Password interception in a SSL/TLS channel." Advances in Cryptology-CRYPTO
2003. Springer Berlin Heidelberg, 2003. 583-599.
[14]
Albrecht, Martin R., Kenneth G. Paterson, and G. Watson. "Plaintext recovery attacks against
SSH." Security and Privacy, 2009 30th IEEE Symposium on. IEEE, 2009.
41
[15]
Ravishankar, K. C., and M. G. Venkateshmurthy. "Region based selective image encryption." Computing
& Informatics, 2006. ICOCI'06. International Conference on. IEEE, 2006.
[16]
Multimedia Security Handbook by Borko Furht and Darko Kirovski, published by CRC Press LLC in
December 2004
[17]
http://cs.uccs.edu/~cs525/
[18]
Albrecht, Martin R., Kenneth G. Paterson, and G. Watson. "Plaintext recovery attacks against SSH."
Security and Privacy, 2009 30th IEEE Symposium on. IEEE, 2009.
[19]
Meyer, Jürgen, and Frank Gadegast. "Security mechanisms for multimedia data with the example
MPEG-1 video." Project Description of SECMPEG, Technical University of Berlin, Germany (1995).
[20]
Alattar, Adnan M., Ghassan I. Al-Regib, and Saud A. Al-Semari. "Improved selective encryption
techniques for secure transmission of MPEG video bit-streams." Image Processing, 1999. ICIP 99.
Proceedings. 1999 International Conference on. Vol. 4. IEEE, 1999.
[21]
Cheng, Howard, and Xiaobo Li. "Partial encryption of compressed images and videos." Signal Processing,
IEEE Transactions on 48.8 (2000): 2439-2451.
[22]
Simmons, Gustavus J. "Symmetric and asymmetric encryption." ACM Computing Surveys (CSUR) 11.4
(1979): 305-330.
[23]
http://en.wikipedia.org/wiki/Two's_complement
[24]
But, Jason. Limitations of existing MPEG-1 ciphers for streaming video. Vol. 40429. Technical Report CAIA,
2004.
[25]
Massoudi, Ayoub, et al. "Overview on selective encryption of image and video: challenges and
perspectives." EURASIP Journal on Information Security 2008 (2008): 5.
[26]
http://web.securityinnovation.com/appsec-weekly/blog/bid/63272/How-to-Test-for-Brute-forceVulnerabilities
Appendix A: Installation and Configuration of Matrix Encryption Algorithm.
Source code for this project is available at http://cs.uccs.edu/~gsc/pub/master/schandra/src, This project
was compiled and tested on:
42


Windows 8.1
Microsoft Visual C# 2010 Ultimate
Installation Steps:




Install Microsoft C # 2010 Ultimate
Download the source from http://cs.uccs.edu/~gsc/pub/master/schandra/src
Open the solution file in visual studio 2010.
Press Ctrl+5(Build + Run)
Appendix B: Demo of Matrix Encryption Algorithm.
Video encryption:









Download the videos from http://cs.uccs.edu/~gsc/pub/master/schandra/src/media_1.mp4
Use VLC to play media_1.mp4,. You will see the blackberry adverstisement.
Run MES by typing “Ctrl+5” in the directory where the source code is installed.
Click on “Input File” browse button. Browse video location.
Click on “Output File Path” browse button. Browse output location.
Click on “Encrypt” button.
Wait for “Done” window to be displayed.
The encrypted file will be saved as encryption.mp4 and the 128 bit AES key will be saved as a
binary file named key.
Use VLC to play the encrypted video. A black screen appears without revealing the actual content.
43
Video decryption:







In the installed directory, press Ctrl+5(Build + Run), a dialog windows appears.
Click on “Input File” browse button. Browse encrypted video location.
Click on “Output File Path” browse button. Browse output location.
Click on the “Key File” browse button. Select the key file.
Click on “Decrypt” button.
.The decrypted file will be saved as decryption.mp4 in the specified output file directory.
Use VLC to play the decrypted video.
44
Download