a video authentication scheme for h.264/avc main profile
DESCRIPTION
A video authentication scheme for H.264/AVC Main profile. Nandakishore Ramaswamy Multimedia Processing Lab July 9 th , 2004. Agenda. Objectives Introduction Previous work Encoder/Decoder description Simulation Results Conclusion and Future work References. Objectives. - PowerPoint PPT PresentationTRANSCRIPT
1
A video authentication scheme for H.264/AVC Main profile
Nandakishore RamaswamyMultimedia Processing Lab
July 9th, 2004.
2
Agenda Objectives Introduction Previous work Encoder/Decoder description Simulation Results Conclusion and Future work References
3
Objectives Verify the integrity of the video
bitstream compressed by H.264/AVC Main Profile
Identify the originator (sender) of the video
4
Introduction Multimedia authentication: - Verify
the integrity of the multimedia signala) Hard authentication: - Allows no alteration of
the pixel values. b) Soft authentication: - Accepts manipulations of
the pixel values which preserve the semantic structure of the multimedia signal.
Typically, cryptographic techniques are used for authentication and verification.
5
Digital Signature Vs Encryption Digital Signature Alice wants to sign and send a message to Bob
Encryption algorithm
BobMessages match
Alice’s private key
Digital Signature
Alice’s public key
Received Digital Signature
Original Message
Received Message
Encryption algorithm
Alice
Yes = Signature VerifiedNo= Signature Verification failed
6
Digital Signature Vs Encryption (contd.) Encryption Alice wants to encrypt and send a message to Bob
Encryption algorithm
Bob
Bob’s public key
Cipher message
Bob’s private key
Received cipher message
Original Message
Original MessageEncryption algorithm
Alice
7
Introduction (contd.) A generic video authentication process [1]
8
Introduction (contd.) A generic video verification process [1]
9
Digital Signature Standard Digital signature standard (DSS) a) Developed by NIST b) Consists of two parts - Secure Hash Algorithm (SHA)
- Digital Signature Algorithm (DSA)
10
(DSA and SHA)’s relationship
Secure Hash Algorithm
DSA Sign operation
Secure Hash Algorithm
DSA Verify Operation
Signature
Original Message
Received Message
Message Digest Message Digest
Private Key
Public Key
Yes = Signature VerifiedNo= Signature Verification failed
Signature Generation
Signature Verification
Source:- Federal Information Processing Standards Publications –180http://www.itl.nist.gov/fipspubs/fip180-1.htm
160 bits 160 bits
320 bits 320 bits
11
Rivest Shamir and Adleman (RSA) EncryptionLet m = Input Message
e = Encrypted messagen = Common parameterpr = Private Keypb = Public Key
Encryptione = mpr * mod(n) Decryptionm = epb * mod(n)
12
Previous Work Digital signature generation using block means [2]
Division into 8x8 blocks
Block mean
computation
Quantization
Encryption
Original Image Sender’s
secret keyDigital
Signature
13
Previous Work (contd.) Digital signature verification using block means [2]
Division into 8x8 blocks
Extract Block means before inverse quantization
Decryption
Block mean
s matc
hReceive
d Image
Received signatur
eImage
Authentic
Image NOT
AuthenticYes
No
Sender’s
public key
14
Previous Work (contd.) Digital signature in JPEG-2000 [3] Every code-block of the compressed image is
hashed using Secure Hash Algorithm and appended at the end of the bitstream.
JPEG-2000 code-block
Compute hash using
SHAEncrypt
using RSA
Sender’s
public key
160 bit digest
Append to bitstream
For verification, received image’s code-blocks are hashed and matched with decrypted hash.
15
Encoder/Decoder description
A video authentication scheme for H.264/AVC Main
profile
16
Encoder Luma values only Features taken in transform
domain Intra and Inter MB’s Signature for every coded video
sequence
17
Encoder (contd.) Intra 4x4 and Inter MB
DC
AC
AC
(0,0)
(3,0)
(0,3)
(3,3)
(3,0) (3,3
)
(0,3)
(0,0)
Q
4X4 integer DCT
T
Original residual block
Transformed and quantized blockFeature data
18
Encoder (contd.) Intra 16x16 MB
T
Q
T4X4 integer DCT
4X4 Hadamard transform
Original 16x16 MB residual
Transformed 16x16 MB
Quantized Hadamard coefficients
Q
Feature data
19
Encoder (contd.) Collect all feature data of a MB for
every picture. Insert picture number after a
picture is coded Repeat process until end of
sequence
20
Encoder (contd.)
Feature data Hash (SHA)
Generate signature D=DSA(H)
Encryption E= RSA(D)
Sender’s private key
Receiver’s public key
Append as SEI to video bitstream
Signature generation for a coded video sequence
H
D
E
21
Encoder (contd.) Multiple signature generation
a) Video = 1 or more video sequencesb) Generate signature for every video sequence
c) Append every signature as SEI in the corresponding video sequence
22
Decoder (contd.) Luma values only
Features taken in transform domain
Signature verification for every coded video sequence
23
Decoder (contd.) Intra 4x4 and Inter MB’s
DC
AC
AC
(0,0)
(3,0)
(0,3)
(3,3)4x4 block of transform
coefficients before inverse quantization
Feature data
24
Decoder (contd.) Intra 16x16 MB
Transformed 16x16 MB before inverse quantization
Hadamard coefficients before inverse quantization
15 AC coefficients
Feature data
25
Decoder (contd.) Collect all feature data of a MB for
every picture.
Insert picture number after a picture is decoded
Repeat process until end of sequence
26
Decoder (contd.) Signature verification for a coded
video sequence
Feature data Hash (SHA)
Verify signature D’’ = DSV(H’,D’)
Decryption D’=RSA-1(E’)
Received video and signature
D’’=D’
Sender’s public key
Receiver’s private key
Video Authenticated
Video NOT Authenticated
E’
D’
D’’
H’
YesNo
27
Decoder (contd.) Tampering frames = Signature failure Sender forgery = Signature failure Cannot point out the reason of
signature failure If tampered, cannot point out location
of tampering Modify encoder to accommodate
these issues
28
Revised Encoder Compute hash of every picture in the
coded video sequence. Signature failure = Match decoder
hash Inter and Intra for hash computation Transform domain values only Luma frames Authentication data = Signature +
Hash
29
Hash computation Intra 4x4 and Inter MB
DC
AC
AC
AC
AC
AC
AC
AC
AC
AC
AC
AC
AC
AC
AC
AC
(0,0)
(3,0)
(0,3)
(3,3)
(3,0) (3,3
)
(0,3)
(0,0)
Q
4X4 integer DCT
T
Original residual block
Transformed and quantized blockFeature data
30
Hash computation (contd.) Intra 16x16 MB
T
Q
T4X4 integer DCT
4X4 Hadamard transform
Original 16x16 MB residual
Transformed 16x16 MB
Quantized Hadamard coefficients
Q
Feature data
31
Hash computation (contd.)
Feature data for a picture
Hash PH =
SHA(data)
Encryption EH= RSA(PH)
Receiver’s public key
Append as SEI to video bitstream
Hash generation for a picture
PH
EH
Repeat process for every picture in the coded video sequence
32
Tampered locations and sender forgery
Signature Failure
Decrypt hashes
Compute Hash for every picture
All Hashe
s match
?
Signature failure due to sender
forgery
Signature failure due to
tampering. (Identify tampered
locations)
Receiver’s private key
YesNo
33
Decoder Hash Computation Intra 4x4 and Inter MB: - DC and
AC coefficients of every 4x4 block before inverse quantization
DC
AC
AC
AC
AC
AC
AC
AC
AC
AC
AC
AC
AC
AC
AC
AC
(0,0)
(3,0)
(3,3)
(0,3)
4x4 block of transform coefficients before inverse quantization
Feature data
34
Decoder Hash Computation (contd.) Intra 16x16 MB
Transformed 16x16 MB before inverse quantization
Hadamard coefficients before inverse quantization
15 AC coefficients
Feature data
35
Simulation Results
A video authentication scheme for H.264/AVC Main
profile
36
DSA common parameters Private Key932308816105877193346324924405238358561797363453 Public Key49250364518976760201935612031242625664970300784488999206628
913898684885553279548885211476769179063848086265981390552828860770995411616739007429069330033064008697384549473384637876060915808531747270579608164016570165925297909070695052210446426918824013612814674507994466578915575028597282519755964472561590380
37
Results for one coded video sequence Common ParametersTotal frames encoded = 59Total coefficients = 12501Encoder signaturer = 258230994199886379618680381531392644375747268307 s = 553921005467375065529673563440116158716908054793 Without tampering or forgeryDecoder Signaturev = 258230994199886379618680381531392644375747268307Since r = v, signature is verified.
38
Results for one coded video sequence (contd.) Frame tamperingFrame 0 = I frame = tamperedLocation = 1st Intra 16x16 block, DC coefficient at (0,0) after
Hadamard transform and quantizationOriginal value = 5Modified value = 15
Decoder signaturev = 363510879679629003962752313295967888200812862057 But r =
258230994199886379618680381531392644375747268307 Since, r is not equal to v, Signature is NOT verified.
39
Results for one coded video sequence (contd.) Hash of all pictures in the video
sequence are compared.Picture 0
Encoder Hash = 244521134779192871239422005322433514569730613982 Decoder Hash = 564856327811211747778209339112070483726931840033
Hashes are NOT equal. Tampered location = Picture 0
40
Results for one coded video sequence (contd.) Detecting malicious activity Private key used to sign video = Imposter’s Public key used to verify = Legal user’s
Original Private Key = 932308816105877193346324924405238358561797363453
Imposter’s private key = 13230881610587719334632492440523835856179736345
41
Results for one coded video sequence (contd.) Encoder signaturer = 258230994199886379618680381531392644375747268307 s = 659115584368708655163218960845447884312706027895
Decoder signaturev = 757611328353143787983558147251463660400321700712
Since r is NOT equal to v, signature is NOT verified.
Encoder hashes = Decoder hashesThus, signature failure due to malicious
activity.
42
Results for one coded video sequence (contd.) Robustness to quantizationSequence is encoded with QP 29
Encoder signaturer = 258230994199886379618680381531392644375747268307 s = 553921005467375065529673563440116158716908054793
43
Results for one coded video sequence (contd.) Sequence is re-encoded with QP 35
Decoder signaturev = 450045542578458967124875488958087354781835818707 Since r is NOT equal to v, Video is NOT authenticated.
44
Results for one coded video sequence (contd.) Frame reordering attack Original Re-ordered
45
Results for one coded video sequence (contd.) DC Attack : - Block mean kept the same but
values modified.
Original Block
Transformed Block
Quantized Block
Modified Block
Transformed Block
Quantized Block
T Q
T Q
46
Results for one coded video sequence (contd.)
When using only DC coefficientEncoder Signature (Original Block)
Decoder Signature (Modified Block)
Video is authenticated (Signatures match) even though the block has changed!
47
Results for one coded video sequence (contd.)
When using DC and AC coefficientsEncoder Signature (Original Block)
Decoder Signature (Modified Block)
Video is NOT authenticated. Robust to DC attack!
48
Results for one coded video sequence (contd.) Encoder signaturer = 258230994199886379618680381531392644375747268307 s = 553921005467375065529673563440116158716908054793
Decoder signaturev = 796457292123352592426447215935643118188436156788
Since r is NOT equal to v, signature is NOT verified.
49
Results for multiple coded video sequence (contd.) Total number of frames encoded = 59 Total number of video sequences = 6 Total number of signatures = 6
Encoder Signature 1Total number of coefficients = 4334r = 258230994199886379618680381531392644375747268307 s = 602843151256385963511141755924782867386260766615
50
Results for multiple coded video sequence (contd.)Encoder Signature 2Total number of coefficients = 3724r = 258230994199886379618680381531392644375747268307 s = 909298954038809272308410772111508639025580732794
Encoder Signature 3Total number of coefficients = 3896r = 258230994199886379618680381531392644375747268307 s = 37131761566210379177239004151768998162822235640
Encoder Signature 4Total number of coefficients = 4561r = 258230994199886379618680381531392644375747268307 s = 219871236647467187087134837911922129305756281586
51
Results for multiple coded video sequence (contd.)Encoder Signature 5Total number of coefficients = 4020r = 258230994199886379618680381531392644375747268307 s = 908124295867495640787368571873172959524293811336
Encoder Signature 6Total number of coefficients = 3860r = 258230994199886379618680381531392644375747268307 s = 954693410128487399463060653092140043143216469688
52
Results for multiple coded video sequence (contd.) Decoder Signaturesvi = Signature for ith video sequence
v1 = 258230994199886379618680381531392644375747268307v2 = 258230994199886379618680381531392644375747268307v3 = 258230994199886379618680381531392644375747268307v4 = 258230994199886379618680381531392644375747268307v5 = 258230994199886379618680381531392644375747268307v6 = 258230994199886379618680381531392644375747268307
Signatures match, hence video authenticated
53
Storage requirements Signature = Two 160 bit numbers = 320 bitsAfter encryption 1024 bits
Hash of every picture = 160 bitsAfter encryption = 1024 bits
If there are ‘n’ pictures in a video sequenceBits required for hash = 1024 * nTotal bits required = 1024 * (n+1)
If there are ‘x’ coded video sequencesTotal bits required = x * 1024 * (n+1)
54
Conclusions Robust to temporal and spatial
manipulations Can detect sender forgery Identifies tamper locations Not robust to quantization Neglect of chrominance
coefficients may lead to attack on chroma components
55
Future Work Include chrominance components Requires further research for
robustness to quantization Watermarking the authentication
data directly into the video may result in bit savings
56
References1) Atrey, P.K. et al “A hierarchical signature scheme for
robust video authentication using secret sharing”, In Proc of IEEE 10th International Multimedia Modelling Conference, pp. 330-337, 5-7 Jan 2004.
2) Der-Chyuan Lou and Jiang-Lung Liu, “Fault resilient and
compression tolerant digital signature for image authentication”, IEEE Trans. on Consumer Electronics, Vol. 46, pp. 31-39, Feb 2000.
3) Grosbois, R. and Ebrahimi, T., “Secure JPEG 2000-JPSEC”, In Proc of IEEE International Conference on Acoustics, Speech and Signal Processing, Vol. 4 pp. 716-719, 6-10 Apr 2003.
57
References (contd.)4) Zhu, B.B., Swanson, M.D., and Tewfik, A.H. "When
seeing isn't believing [multimedia authentication technologies]", IEEE Signal Processing Magazine, Vol.21, pp. 40- 49, Mar 2004.
5) Digital Signature Standard Federal Information Processing Standards
Publication-186http://www.itl.nist.gov/fipspubs/fip186.htm
6) Special Issue on H.264/AVCIEEE Trans. on Circuits and Systems for Video Technology, vol. 13, pp. 557-725, Jul 2003.
58
References (contd.)7) Tamhankar, A. and Rao, K.R. “An overview of
H.264/MPEG4- Part 10”, Video/Image Processing and Multimedia Communications, 4th EURASIP, Zagreb, Croatia, 2003.
8) H.264/AVC International Standard ITU‑T Rec. H.264 | ISO/IEC 14496‑10 version 3
9) H.264 Reference softwarehttp://bs.hhi.de/~suehring/tml/
10) YUV 4:2:0 video sequences http://trace.eas.asu.edu/yuv/yuv.html