The Design of Video-Conference Encryption System based on H.

264
Hua-Zhen YAO
#1

Ya-Tao JING

#2

Zhongkai University of Agriculture and Engineering, Information College Guangzhou 510225 , China yao_huazhen@163.com
Abstract This paper discusses problems about video security based on H.264 video compression encoding standard, puts forward a design scheme of encryption about video meeting. The video encryption system combines with AES (Advanced Encryption Standard) algorithm, H.264 and the chaos encryption. In this scheme, AES is used in encrypting DCT Coefficients and motion vector symbol sequence of H.264. The protection of video movement information and video texture information is achieved in this video encryption system. Chaos encryption technology is used to generate the video conference keys to ensure the unpredictability of the key. Experiments show that the system can achieve rapid video encryption computing and smooth video conferencing .It also can protect video data against wiretapping and attack ,it improve the confidentiality of the communication, Group members can be safe and effective authentication services can be achieved. Keywords- H.264; video encryption; video conference; AES; chaos cipher

South China University of Technology Guangzhou 510640 , China powerjyt@163.com

In order to meet the needs of real-time transmission and access of video data the encryption and decryption algorithms can not bring much delay to the transmission and access. H.264 is the latest video compression standard
[2

, its

compression efficiency is also the highest and twice as much as H.263 and MEPG4 in the similar image quality. H.264 can greatly enhance compression efficiency and improve transmission of image data in the network. This paper discusses problems about video security based on H.264 video compression encoding standard, puts forward a design scheme of encryption about video meeting. The video encryption system combines with AES algorithm, H.264 and the chaos encryption. In this scheme, AES is used to encrypt video data. Chaos encryption technology is used to generate the video conference keys to ensure the unpredictability of the key. Public key encryption is used in key distribution. Experiments show that the system can achieve rapid video encryption computing and smooth video conferencing .It also can protect video data well and meet the requirements of real-time video. II. SYSTEM FUNCTION AND FRAMEWORK

I.

INTUODUCTION

With the development of communications networks, the various departments of enterprise exchanges information more closely through networks, people are no longer satisfied by telephone, fax and e-mail, and other traditional voice and text communications, but they need a new means of communication that combines data, images, audio and video. Video conference is a new means of communication. At present, as the main users of video conferencing, such as government agencies, national defense agencies, and industrial and mining enterprises etc, the contents of video conference are often related to state secrets, military intelligence, business secrets and private information. Video content must be encrypted before transmission in the network. In this paper, the video conference system is composed of participant terminals and Conference Management server as shown in Figure 1. Conference Management server has a multicast group for each meeting so that it can maintain a number of meetings at the same time. Participant terminal is a direct interactive tools of conference scene, it can complete synchronization capture, compression, encryption of the local audio and video and sent out after labeled as standard [8] RTP packets. At the same time, it can receive RTP data flow and form them into data frame, and then decrypt, decode, and play back. The group management server is a Concurrent Server and based on TCP / IP protocol [5].

978-1-4244-7874-3/10/$26.00 2010 IEEE

conference management server Multicast Group 1 Multicast Group 2 Multicast Group 3

authentication, conference management server randomly generates a CKey (conference key).Respectively, CKey, the multicast address and Port information distribute to the participant terminals.
[3]

is be encrypted by

the PuKey (pubic key)of each participant terminal ,then The information that each participant terminal received is be decrypted by the PrKey (private key) of each participant terminal , then CKey, the multicast address of the conference and port information will be gained.
participant terminal video data flow control information

apply to join the conference video code and encryption video decode and decryption

participant terminal

participant terminal

The participant terminal who want to send message generate SKey (video secret key) . SKey is generated by chaotic mapping algorithm. CKey is as Initial conditions of chaotic mapping. Skey is used to encrypt video data. The video data stream of H.264 is encrypted selectively and multicasted to other members (5) When other participant terminals receive video data, they also generate SKey by chaotic mapping algorithm . CKey is also as Initial conditions of chaotic mapping. Video data will be decrypted by SKey, then be decompressed and played. III. IMPROVED VIDEO ENCRYPTION ALGORITHM Because the object of encryption is H.264 video streaming, so a suitable encryption method can be chosen on the features of H.264 basis. There are two kinds of common encryption method
[6]

Figure1. Systemic framework

There are two kinds of data stream in this system: the control information and the video data. The control information between Participant terminal and conference management server constitutes control information stream. RTP pack between various parts constitutes video data stream. Encryption computing is used in control information and video data. Encryption algorithm is the core of encryption computing. Encryption algorithm is divided into Symmetric encryption algorithm (private key) and asymmetric encryption algorithm (PKI)
[3]

. Symmetric encryption algorithm has

merits of high encryption speed and high encryption strength. But it has difficulties in key distribution and management. Symmetric encryption algorithm can meet the efficiency needs of video system. Asymmetric encryption algorithm has low speed but simple key management just can be used in key distribution of conference management server. The video encryption conference system in this paper combines the two kinds of encryption algorithm, it can make the key management simpler and effectively improve the efficiency of encryption. Specific interactive process is as follows: At first participant terminals apply to the join the videoconference .Management server must authenticate the identity of participant terminals. Legitimate participants will be accepted as members of multicast Group. The first one that apply to join the video conference become Chairman of the video Conference, the Chairman have the highest control function .The other participants can be expelled from the conference by chairman. When the chairman left the video conference, the conference is suspended. After participant terminals finish identity

. The first one is direct encryption

method, video data is be encrypted as ordinary data in this method, this approach has the highest safety while it has low speed of encryption relatively. This method make video lose compatibility since the format information and control information of video data are also encrypted. The second method is selective encryption. Generally the actual video data is encrypted while format information and control information are not encrypted in this algorithms, it can maintain the compatibility of encrypted data stream. The format of data and encryption algorithm are considered together. Different sensitive data is encrypted to meet different security needs. Generally this encryption method has high speed and can meet the real-time requirements of video. According to the category of encrypted data, this method can be divided into different categories as following discussion: (1) Different data frame and data block are encrypted. For

example, the header and I frame of H.264 are only encrypted, the other frame is not encrypted. This method has not high security because of the correlation between different frames. (2) DCT coefficients are scrambled. 4 4 DCT Integer Transform is used in H.264, and the purpose of encryption can be achieved through scrambling of DCT coefficients. While this method is contrary to the energy sequence of Zig-Zag scan, and it makes the compression ratio of entropy coding reduce. (3) The symbols DCT coefficient and the symbols of motion vectors are only encrypted; this method can reduce complexity greatly and meet the real-time requirements of video stream. Moreover, if the traditional encryption algorithm is used, such as DES, high security can be guaranteed, compatibility and operability of video data also can be maintained. (4) Format information of video data is encrypted. Since the real-time requirement of video conference is high, the idea of selective encryption is adopted in this paper. Improved VEA (Video Encryption Algorithm)
[4]
Video Sequence

CKey

Chaotic mapping DCT Ttransform/ Scan / Quantization

SKey Symbol sequence of DCT coefficients is encrypted through AES encryption Scan and Inverse Transform through AES Entropy Coding

Motion Compensation

Filtering

Motion vector

Motion Estimation

Figure 2.Flow chart of improved video encryption system

Figure 3.contrast before encryption and after decryption

is combined The image texture depends on DCT transform, the information of movement depends on motion vector. If DCT coefficient and the motion vector are encrypted, the image texture and the information of movement will be protected, safe video transmission is realized. The adopted scheme in this paper combines the process of encryption and decryption with the process of code and decode. In this scheme, for intra-coded block, symbol sequence of DCT coefficients is encrypted. For motion prediction-coded block and compensation-coded block, symbol sequence of motion vector is encrypted. The format information is maintained in the process of encryption. In the traditional VEA algorithm, the core operation is XOR; its safety is not very high. In order to strengthen the security of Video-Conference System, AES (Advanced Encryption Standard) is adopted to encrypt the symbol sequence of DCT coefficients and motion vector, The key of AES can be set to the arbitrary multiplier of 32-bit, the minimum is 128-bit and the maximum is 256-bit. The key can not be cracked by exhaustive law. In order to increase the security of the video encryption system, the secure key of this system is 128-bit in length and generated by chaos encryption, the symbol sequence of DCT coefficients and motion vector is encrypted by AES, encryption process is shown in Figure 2.

with AES and an improved integration algorithm is formed. Since DCT coefficient has large amount of information and plays an important role in video code, symbols of DCT coefficient are encrypted by secret key in VEA. The secret key is a binary random sequence m bits in length and is defined as K=k1k2kikm. Symbol sequence of DC and AC coefficients is also a binary sequence and is expressed as S=s1s2sm sm+1s2m. 0 positive represents sign 1 represents negative sign in S sequence. This as encryption algorithm can be expressed

E K (S ) = (k1 s1 )(k 2 s2 )

(k m sm )(km+1 sm+1 ) (k 2m s2m ) , and

represent binary XOR. The encrypted symbol is given back to the original corresponding data. One part of the symbols is the same as the original. The other part is changed. The results of VEA encryption algorithm are reflected in IDCT transform of video decode. Since the symbols of some DCT coefficient are changed, the pixel values of image change a lot after IDCT transform. Since this encrypted system is based on H.264 video coding standard. Motion code (motion Prediction and Compensation) and DCT transform coding occurs In the process of coding.

The effect of encryption can be seen in Figure 3, test image is encrypted and it is difficult to confirm. The experimental result shows this system can achieve a good encryption effect. Test results showed that system have good stability and video plays smoothly, processing time of one frame is about 6.4 ms, transmission time of 2 KB is about 0.3 ~ 0.4 ms. IV. KEY GENERATIONS

encrypt symbol sequence of DCT coefficient and motion vector of H.264 video streams. The protection of video movement information and video texture information is achieved. (2) Since quick algorithm is used in realization of AES, fast encryption and decryption operations can be achieved, the computing burden is relatively small to multicast system and video of conference plays smoothly. The security of AES algorithm is better than the traditional algorithm, so Video data can be against wiretapping and attack, the confidentiality of the communication is improved. (3) CKey and SKey are generated by chaotic mapping algorithm . CKey is as the initial conditions of SKey, so the unpredictability of the key can be gained. Public key algorithm RSA is used in key distribution and user authentication at the same time. The experiment shows that Group members can be safe and effective authentication services can be achieved. REFERENCES
[1] Joan Daemen ,Vincent Rijmen. Advanced 2003. Encryption Standard[M].Beijing Tsinghua University Press

Randomicity plays an important role in the calculation theory and cryptology. The key in this paper is chaotic sequence based on logistic mapping. Chaotic systems has the character of pseudo-randomness and is extremely sensitive to initial conditions, it is also a nonlinear series, has a complicated structure and is difficult to forecast. A dynamical system that is researched widely is Logistic mapping, defined as xn +1 = f ( , xn ) = xn (1 xn )
(0,4]

x n (0,1) .Among all the parameters, is known as Mycobacterium parameters. Logistic mapping work in the chaotic state if 3.5699456 < 4 . Chaotic sequence of this video encryption system is generated by Logistic mapping when = 4 . The input and output of Logistic model are in range (0, 1) when this logistic model is in a chaotic state. There are many methods that can be used in the generation of chaotic sequence; one of the methods is adopted in this paper. This method can be expressed as following. (1)The appropriate initial value x0 and the time of iterations

[2] Zhaomin YU Riyong ZHA. Image coding standard-H.264 technology[M]. Telecom Press 2006 [3] Shuling SUN. Cryptographic Application[M]. Beijing University Press,2004 [4] Shi Changgui, Bhargava Bharat. A fast MPEG video encryption algorithm[A].Proceedings of the Sixth ACM international Conference on Multimedia[C],Bristol, United Kingdom,1998 81-88. [5] Andrew S,Tanenbaum .Comupter Network[M]. Beijing University Press 2002. Zhiyun YANG Wei LI Ling CHEN. An Overview of Tsinghua Tsinghua

n are adopted. (2)Real chaotic sequence

X (n) can be

gained after iterative computation. (3) X (n) is quantified and Z is the quantitative threshold, C (n) is quantitative result. Quantitative process is defined as
i = 0,1,2,3
C (i) = 0 1 X (i ) < Z X (i) Z

[6] Zhengquan XU

Encryption Scheme for Digital Video[J]. Journal of Wuhan University, 2005, (30): 570-575. [7] Franco Chiaraluce, Lorenzo Ciccarelli, Ennio Gambi, Paola Pierleoni and Maurizio Reginelli A New Chaotic Algorithm For Video Encryption. IEEE Transactions On Consumer Electronics[J],November 2002,48(4)

n . Since Z has an important impact on

chaotic sequence, Z is equal to V.

1 n

n i =1

x ( i ) in this paper.

CONCLUSIONS

In this paper, a complete video conference encryption system has been constructed. The problems about user authentication, key generation, key distribution and video data confidentiality are solved. The work accomplished in this paper is expressed as following. (1)AES is implemented to

_____________________________________
Hua-Zhen YAO (1980 -), female, MA, lecturer (ZhongKai University of Agriculture and Engineering ,Information College), research area: Theory and Communication Technology . Ya-Tao JING(1979 -), male, Ph.D (South China University of Technology)