Presentation is loading. Please wait.

Presentation is loading. Please wait.

KIANOOSH MOKHTARIAN SCHOOL OF COMPUTING SCIENCE SIMON FRASER UNIVERSITY 3/24/2008 Secure Multimedia Streaming.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "KIANOOSH MOKHTARIAN SCHOOL OF COMPUTING SCIENCE SIMON FRASER UNIVERSITY 3/24/2008 Secure Multimedia Streaming."— Presentation transcript:

1 KIANOOSH MOKHTARIAN SCHOOL OF COMPUTING SCIENCE SIMON FRASER UNIVERSITY 3/24/2008 Secure Multimedia Streaming

2 Motivation Multimedia streaming: a great source of revenue  Its market will grow from $900 mln in 2005 to $6 bln in 2011

3 Motivation Multimedia streaming: a great source of revenue  Its market will grow from $900 mln in 2005 to $6 bln in 2011 Affecting our daily lives

4 Motivation Multimedia streaming: a great source of revenue  Its market will grow from $900 mln in 2005 to $6 bln in 2011 Affecting our daily lives Security of multimedia systems

5 Overview Desired security aspects Conventional authentication methods Requirements for a media authentication scheme Previous works  Stream authentication  Typical video authentication  Scalable video authentication Conclusion and future research directions

6 What Security Aspects?

7 Authentication Data integrity Access control Data confidentiality Non-repudiation Availability of service

8 What Security Aspects? Authentication Data integrity Access control Data confidentiality Non-repudiation Availability of service

9 An Example The Olympic games  $$!

10 An Example The Olympic games The network is by default UNSECURE  Anyone can listen, capture, and replace the traffic.

11 Conventional Authentication: Preliminaries Digital signature  Publicly verifiable  Message dependant  Not repudiatable

12 Conventional Authentication: Preliminaries Digital signature  Publicly verifiable  Message dependant  Not repudiatable One-way hash functions  Fixed length output  Easy to compute y = H(x) for everyone  Infeasible to compute x given the value of H(x)  Infeasible to find x 1 and x 2 such that H(x 1 ) = H(x 2 )  if H(x) is authentic, then x is authentic

13 Conventional Auth’: the Case of Multimedia Treating the entire media as a file: Sign ( Hash(media) ) and Verify ( Hash(media) )

14 Conventional Auth’: the Case of Multimedia Treating the entire media as a file: Sign ( Hash(media) ) and Verify ( Hash(media) )  Cannot produce the media online  Cannot verify the media online  Sensitive to any loss or adaptation on the media

15 Conventional Auth’: the Case of Multimedia Treating the entire media as a file: Sign ( Hash(media) ) and Verify ( Hash(media) )  Cannot produce the media online  Cannot verify the media online  Sensitive to any loss or adaptation Signing each frame

16 Conventional Auth’: the Case of Multimedia Treating the entire media as a file: Sign ( Hash(media) ) and Verify ( Hash(media) )  Cannot produce the media online  Cannot verify the media online  Sensitive to any loss or adaptation Signing each frame  Computationally expensive

17 Conventional Auth’: the Case of Multimedia Treating the entire media as a file: Sign ( Hash(media) ) and Verify ( Hash(media) )  Cannot produce the media online  Cannot verify the media online  Sensitive to any loss or adaptation Signing each frame  Computationally expensive Using Message Authentication Codes (MAC)  y = MAC K ( x ) = Hash ( x || K )

18 Conventional Auth’: the Case of Multimedia Treating the entire media as a file: Sign ( Hash(media) ) and Verify ( Hash(media) )  Cannot produce the media online  Cannot verify the media online  Sensitive to any loss or adaptation Signing each frame  Computationally expensive Using Message Authentication Codes (MAC)  y = MAC K ( x ) = Hash ( x || K )  Cannot go beyond single-sender single-receiver case

19 Requirements

20 Security!

21 Requirements Security! Online production, online verification

22 Requirements Security! Online production, online verification Computational cost

23 Requirements Security! Online production, online verification Computational cost Communication overhead

24 Requirements Security! Online production, online verification Computational cost Communication overhead Buffer needed for authentication purposes

25 Requirements Security! Online production, online verification Computational cost Communication overhead Buffer needed for authentication purposes Robustness against adaptations on the media  Whether to get the proxies involved or not

26 Requirements Security! Online production, online verification Computational cost Communication overhead Buffer needed for authentication purposes Robustness against adaptations on the media  Whether to get the proxies involved or not Tolerability of packet losses in network

27 Requirements Security! Online production, online verification Computational cost Communication overhead Buffer needed for authentication purposes Robustness against adaptations on the media  Whether to get the proxies involved or not Tolerability of packet losses in network Supported scenarios

28 Stream Authentication Hash chaining

29 Stream Authentication Hash chaining  No online production of the authenticated stream

30 Stream Authentication Hash chaining  No online production of the authenticated stream  Sensitive to any packet loss

31 Stream Authentication One-time signature  Based on conventional (symmetric) cryptographic functions One-time signature chaining

32 Stream Authentication One-time signature  Based on conventional (symmetric) cryptographic functions One-time signature chaining  High communication overhead

33 Stream Authentication One-time signature  Based on conventional (symmetric) cryptographic functions One-time signature chaining  High communication overhead  Sensitive to any packet loss

34 Stream Authentication SAIDA: Signature Amortization using IDA (Information Dispersal Algorithms)

35 Stream Authentication SAIDA: Signature Amortization using IDA (Information Dispersal Algorithms)  Tradeoff between verification delay and overheads

36 Video Authentication: The General Case Exploiting the strong correlation between consecutive video frames  To reduce overheads  To increase robustness Extract key frames in a video sequence  Extract and authenticate key features of such frames  Authenticate non-key frames based on key frames

37 Scalable Video Authentication: Recall Scalable video  To support heterogeneous receivers  A base layer and a number of enhancement layers

38 Scalable Video Authentication Any number of enhancement layers may be dropped  Non-scalable video/stream auth schemes do not work

39 Scalable Video Authentication Any number of enhancement layers may be dropped  Non-scalable video/stream auth schemes do not work Authenticating only the base layer  Not enough

40 Scalable Video Authentication Extending the hash chaining to 2D

41 Scalable Video Authentication Extending the hash chaining to 2D  Erasure Correction Codes (ECC) can be used for tolerating packet loss

42 Scalable Video Authentication Extending the hash chaining to 2D  Erasure Correction Codes (ECC) can be used for tolerating packet loss  No online production

43 Scalable Video Authentication Extending the hash chaining to 2D  Erasure Correction Codes (ECC) can be used for tolerating packet loss  No online production  Communication overhead

44 Conclusion No previous scheme meets all of the requirements

45 Conclusion No previous scheme meets all of the requirements Future research directions  Multimedia-devoted hash functions  Support for modern video coding standards  FGS, MGS  The case of P2P streaming  Taking advantage of distribution of peers

46 Thank You Any Questions?

47 Main References Stallings, W., “Cryptography and network security: principles and practices,” 4th Edition, Prentice Hall, 2006. “Streaming media, iptv, and broadband transport: Telecommunications carriers and entertainment services 2006-2011,” The Insight Research Corporation, Technical Report, April 2006, http://www.insight-corp.com/execsummaries/iptv06execsum.pdf.http://www.insight-corp.com/execsummaries/iptv06execsum.pdf Gennaro, R., and Rohatgi, P., “How to sign digital streams,” in Advances in Cryptology (CRYPTO’97), Santa Barbara, CA, August 1997, LNCS vol. 1294, pp. 180–197. Park, J., Chong, E. and Siegel, H., “Efficient multicast stream authentication using erasure codes,” ACM Transaction on Information and System Security (TISSEC), vol. 6, no. 2, pp. 258–285, May 2003. Li, W., “Overview of fine granularity scalability in MPEG-4 video standard,” IEEE Transactions on Circuits and Systems for Video Technology, vol. 11, no. 3, pp. 301–317, March 2001. Wu, Y., and Deng, R., “Scalable authentication of MPEG-4 streams,” IEEE Transactions on Multimedia, vol. 8, pp. 152–161, February 2006.

Download ppt "KIANOOSH MOKHTARIAN SCHOOL OF COMPUTING SCIENCE SIMON FRASER UNIVERSITY 3/24/2008 Secure Multimedia Streaming."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
Advanced Security Constructions and Key Management Class 16.

Advanced Security Constructions and Key Management Class 16.
Sri Lanka Institute of Information Technology

Sri Lanka Institute of Information Technology
Computer and Network Security Mini Lecture by Milica Barjaktarovic.

Computer and Network Security Mini Lecture by Milica Barjaktarovic.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Cryptography Introduction Last Updated: Aug 20, 2013.

Cryptography Introduction Last Updated: Aug 20, 2013.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Mohamed Hefeeda 1 School of Computing Science Simon Fraser University, Canada Analysis of Multimedia Authentication Schemes Mohamed Hefeeda (Joint work.

Mohamed Hefeeda 1 School of Computing Science Simon Fraser University, Canada Analysis of Multimedia Authentication Schemes Mohamed Hefeeda (Joint work.
Mohamed Hefeeda 1 School of Computing Science Simon Fraser University, Canada End-to-End Secure Delivery of Scalable Video Streams Mohamed Hefeeda (Joint.

Mohamed Hefeeda 1 School of Computing Science Simon Fraser University, Canada End-to-End Secure Delivery of Scalable Video Streams Mohamed Hefeeda (Joint.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.

First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
Motion-compensation Fine-Granular-Scalability (MC-FGS) for wireless multimedia M. van der Schaar, H. Radha Proceedings of IEEE Symposium on Multimedia.

Motion-compensation Fine-Granular-Scalability (MC-FGS) for wireless multimedia M. van der Schaar, H. Radha Proceedings of IEEE Symposium on Multimedia.
Authenticating streamed data in the presence of random packet loss March 17th, 2000. Philippe Golle, Stanford University.

Authenticating streamed data in the presence of random packet loss March 17th, Philippe Golle, Stanford University.
SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, J.D. Tygar Research Topics in Security in the context.

SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, J.D. Tygar Research Topics in Security in the context.
SPINS: Security Protocols for Sensor Networks Adrian Perrig Robert Szewczyk Victor Wen David Culler Doug TygarUC Berkeley.

SPINS: Security Protocols for Sensor Networks Adrian Perrig Robert Szewczyk Victor Wen David Culler Doug TygarUC Berkeley.
August 6, 2003 Security Systems for Distributed Models in Ptolemy II Rakesh Reddy Carnegie Mellon University Motivation.

August 6, 2003 Security Systems for Distributed Models in Ptolemy II Rakesh Reddy Carnegie Mellon University Motivation.

Similar presentations

Ads by Google