Upload
gusty
View
44
Download
0
Embed Size (px)
DESCRIPTION
2. Encryption Algorithms and Data Types Taxonomy. Selected Topics in Information Security – Bazara Barry. Introduction. Converged networks will be the common platform to carry different types of data and traffic. - PowerPoint PPT Presentation
Citation preview
2
Encryption Algorithms and Data Types Taxonomy
Selected Topics in Information Security – Bazara Barry
Introduction
Converged networks will be the common platform to carry different types of data and traffic.
It is therefore important to classify different data types in order to select the appropriate encryption algorithm(s) for each data type.
The encryption algorithm should maintain the quality of the specific data type after the decryption process, reduce the mathematical computation, and keep balance between performance and security
Selected Topics in Information Security – Bazara Barry
Data types Taxonomy
From network perspective and according to Khanvilkar et al (2002) all the data types can be classified as either Real-Time (RT) or Non Real-Time (NRT).
RT data types require strict delay constraints while NRT data types do not, but they may have some constraints on error.
Examples of NRT data types are text and images.
Selected Topics in Information Security – Bazara Barry
Data types Taxonomy
Selected Topics in Information Security – Bazara Barry
RT media can be classified into Discrete Media (DM) and Continuous Media (CM).
This classification is based on whether the data is transmitted into discrete quantum as a file or a message or continuously as stream of messages with inter-message dependency.
RT continuous media can further be classified as delay tolerant (i.e. can tolerate high amount of delay without significant performance degradation) or delay intolerant.
Data types Taxonomy
Selected Topics in Information Security – Bazara Barry
Data types
Discrete Continuous
Real TimeNon-Real Time
Delay tolerant Delay intolerant
E.g. Text E.g. Images
E.g. Instant Messaging
E.g. Weather Updates
E.g. Remote Desk Application
E.g. Interactive Audio/Vedio
E.g. Streaming Audio/Vedio
Text Data
The most popular data types with many forms and supporting protocols such as HTTP (i.e. used to transmit HTML pages over the Internet), FTP (used to transfer binary and ASCII files), SMTP (for exchanging messages).
Bandwidth requirements of text mainly depend on its size, which can be easily reduced using common compression schemes such as LZW and Huffman coding.
Error characteristics of the text media are based on the application under consideration (TCP, UDP).
Some text-based applications have real-time nature (IM), whereas others do not (Web browsing).
Selected Topics in Information Security – Bazara Barry
Audio Data
Selected Topics in Information Security – Bazara Barry
Audio is a sound/speech converted into digital form using sampling or quantization. It is transmitted over network as discrete packets.
The required bandwidth for audio is based on its dynamic range and/or spectrum. A number of compression schemes are used for audio such as MPEG layer III, GSM, Pulse Code Modulation.
Audio can tolerate up to 1 or 2% packet loss/error without much degradation.
Real-time requirements of audio type depend on the interactivity between the communication parties.
Graphics and Animation
Selected Topics in Information Security – Bazara Barry
Include static media like digital images and dynamic media types like flash representations.
Bandwidth requirements can be reduced with compression. Some popular compression schemes are GIF, JPEG, and PNG.
They are error tolerant and can sustain packet loss.
Do not have any real-time constraints
Video
Selected Topics in Information Security – Bazara Barry
Video is a sequence of images/frames at a certain rate, e.g. 24 or 30 frames/second.
Some compression schemes are MPEG-I, II, IV.
Real time requirements and error tolerance of video are similar to audio.
Conclusion
Selected Topics in Information Security – Bazara Barry
Multimedia data have some characteristics that should be taken into consideration when designing encryption algorithms for them.
Some of these characteristics are: high data rate, high quality, real time nature, continuity, loss-tolerance, error-tolerance.
Encryption Algorithms
Can be classified into shared (secret) key algorithms, public key algorithms, and hash functions.
Classical and modern ciphers have all been developed for the simplest form of multimedia data, i.e., text, and are not appropriate for higher forms such as images and video with very large file sizes.
A major recent trend is to minimize the computational requirements for secure multimedia distribution by “selective encryption” where only parts of the data are encrypted.
Selected Topics in Information Security – Bazara Barry
Video Encryption Algorithms
1. SECMPEG by Meyer and Gadegast, 19952. Aegis by Maples and Spanos, 19953. Zigzag Permutation Algorithm by Tang, 19964. Video Encryption Algorithm by Qiao and Nahrstedt, 19975. Video Encryption Algorithms by Shi, Wang and Bhargava I, II
(VEA), III (MVEA), and IV (RVEA) 1998 and 19996. Video Encryption Methods by Alattar, Al-Regib and Al-Semari, 19997. Partial Encryption Algorithms for Videos by Cheng and Li,
20008. MHT-Encryption Scheme and MSI-Coder by Wu and Kuo,
2000 and 20019. Format-Compliant Configurable Encryption by Wen et al.,
200210. Selective Scrambling Algorithm by Zeng and Lei, 2002
Selected Topics in Information Security – Bazara Barry
Image Encryption Algorithms
1. Selective Encryption Methods for Raster and JPEG Images by Droogenbroeck and Benedett, , I and II, 2002
2. Selective Bitplane Encryption Algorithm by Podesser, Schmidt and Uhl, 2002
Selected Topics in Information Security – Bazara Barry
Audio Encryption Algorithms
1. ENCRYPTION OF COMPRESSED SPEECHa. Selective Encryption Algorithm for G.723.1 Speech
Codec by Wu and Kuo, 2000b. Perception-Based Partial Encryption Algorithm by
Servetti and De Martin, 20022. ENCRYPTION OF COMPRESSED AUDIO
a. MP3 Security Methods by Thorwirth, Horvatic, Weis and Zhao, 2000
Selected Topics in Information Security – Bazara Barry
Performance Metrics to be Considered
1. Latency (the time it takes for a multimedia transmission to go from its source to its destination
2. Jitter (Non-uniform delays)3. Packet Loss4. Bandwidth and Effective Bandwidth
Selected Topics in Information Security – Bazara Barry
Encryption Solutions for VoIP
The IETF has chosen three security protocols in the SIP standard, namely, Transport Layer Security (TLS), Secure/Multipurpose Internet Mail Extensions (S/MIME), and Secure Real-Time Transfer Protocol (SRTP)—to be used for securing SIP service.
The basic approach consisted of adding a security layer below the existing VoIP protocol rather than crafting a new security protocol, which helps in terms of existing protocol implementation reuse.
Selected Topics in Information Security – Bazara Barry
Encryption Solutions for VoIP
Selected Topics in Information Security – Bazara Barry
SRTP: Voice/Video Packet Security
SRTP, specified in RFC 3711, describes how to protect telephony media by encryption of the RTP packet payload, authentication of the entire RTP packet, and packet replay protection
The protocol is located between the RTP application and RTP transport layers. It secures the confidentiality of RTP payloads and the integrity of all RTP packets by adopting the AES using a symmetric cryptographic key. The payloads from the RTP application are encrypted and encapsulated into an SRTP packet.
Selected Topics in Information Security – Bazara Barry
Confidentiality
Selected Topics in Information Security – Bazara Barry
Message Authentication
Selected Topics in Information Security – Bazara Barry
Replay Protection
Selected Topics in Information Security – Bazara Barry
Selected Topics in Information Security – Bazara Barry
References1. X. Liu, and A. M. Eskicioglu, “Selective Encryption of Multimedia Content in
Distribution Networks: Challenges and New Directions,” In Proceedings of IASTED International Conference on Communications, Internet and Information Technology (CIIT 2003), Scottsdale, AZ, USA, Nov 2003.
2. T. Porter, Practical VoIP Security. Rockland, MA: Syngress, 2006, Ch 14.