2

Encryption Algorithms and Data Types Taxonomy

Selected Topics in Information Security – Bazara Barry

Introduction

Converged networks will be the common platform to carry different types of data and traffic.

It is therefore important to classify different data types in order to select the appropriate encryption algorithm(s) for each data type.

The encryption algorithm should maintain the quality of the specific data type after the decryption process, reduce the mathematical computation, and keep balance between performance and security

Selected Topics in Information Security – Bazara Barry

Data types Taxonomy

From network perspective and according to Khanvilkar et al (2002) all the data types can be classified as either Real-Time (RT) or Non Real-Time (NRT).

RT data types require strict delay constraints while NRT data types do not, but they may have some constraints on error.

Examples of NRT data types are text and images.

Selected Topics in Information Security – Bazara Barry

Data types Taxonomy

Selected Topics in Information Security – Bazara Barry

RT media can be classified into Discrete Media (DM) and Continuous Media (CM).

This classification is based on whether the data is transmitted into discrete quantum as a file or a message or continuously as stream of messages with inter-message dependency.

RT continuous media can further be classified as delay tolerant (i.e. can tolerate high amount of delay without significant performance degradation) or delay intolerant.

Data types Taxonomy

Selected Topics in Information Security – Bazara Barry

Data types

Discrete Continuous

Real TimeNon-Real Time

Delay tolerant Delay intolerant

E.g. Text E.g. Images

E.g. Instant Messaging

E.g. Weather Updates

E.g. Remote Desk Application

E.g. Interactive Audio/Vedio

E.g. Streaming Audio/Vedio

Text Data

The most popular data types with many forms and supporting protocols such as HTTP (i.e. used to transmit HTML pages over the Internet), FTP (used to transfer binary and ASCII files), SMTP (for exchanging messages).

Bandwidth requirements of text mainly depend on its size, which can be easily reduced using common compression schemes such as LZW and Huffman coding.

Error characteristics of the text media are based on the application under consideration (TCP, UDP).

Some text-based applications have real-time nature (IM), whereas others do not (Web browsing).

Selected Topics in Information Security – Bazara Barry

Audio Data

Selected Topics in Information Security – Bazara Barry

Audio is a sound/speech converted into digital form using sampling or quantization. It is transmitted over network as discrete packets.

The required bandwidth for audio is based on its dynamic range and/or spectrum. A number of compression schemes are used for audio such as MPEG layer III, GSM, Pulse Code Modulation.

Audio can tolerate up to 1 or 2% packet loss/error without much degradation.

Real-time requirements of audio type depend on the interactivity between the communication parties.

Graphics and Animation

Selected Topics in Information Security – Bazara Barry

Include static media like digital images and dynamic media types like flash representations.

Bandwidth requirements can be reduced with compression. Some popular compression schemes are GIF, JPEG, and PNG.

They are error tolerant and can sustain packet loss.

Do not have any real-time constraints

Video

Selected Topics in Information Security – Bazara Barry

Video is a sequence of images/frames at a certain rate, e.g. 24 or 30 frames/second.

Some compression schemes are MPEG-I, II, IV.

Real time requirements and error tolerance of video are similar to audio.

Conclusion

Selected Topics in Information Security – Bazara Barry

Multimedia data have some characteristics that should be taken into consideration when designing encryption algorithms for them.

Some of these characteristics are: high data rate, high quality, real time nature, continuity, loss-tolerance, error-tolerance.

Encryption Algorithms

Can be classified into shared (secret) key algorithms, public key algorithms, and hash functions.

Classical and modern ciphers have all been developed for the simplest form of multimedia data, i.e., text, and are not appropriate for higher forms such as images and video with very large file sizes.

A major recent trend is to minimize the computational requirements for secure multimedia distribution by “selective encryption” where only parts of the data are encrypted.

Selected Topics in Information Security – Bazara Barry

Video Encryption Algorithms

1. SECMPEG by Meyer and Gadegast, 19952. Aegis by Maples and Spanos, 19953. Zigzag Permutation Algorithm by Tang, 19964. Video Encryption Algorithm by Qiao and Nahrstedt, 19975. Video Encryption Algorithms by Shi, Wang and Bhargava I, II

(VEA), III (MVEA), and IV (RVEA) 1998 and 19996. Video Encryption Methods by Alattar, Al-Regib and Al-Semari, 19997. Partial Encryption Algorithms for Videos by Cheng and Li,

20008. MHT-Encryption Scheme and MSI-Coder by Wu and Kuo,

2000 and 20019. Format-Compliant Configurable Encryption by Wen et al.,

200210. Selective Scrambling Algorithm by Zeng and Lei, 2002

Selected Topics in Information Security – Bazara Barry

Image Encryption Algorithms

1. Selective Encryption Methods for Raster and JPEG Images by Droogenbroeck and Benedett, , I and II, 2002

2. Selective Bitplane Encryption Algorithm by Podesser, Schmidt and Uhl, 2002

Selected Topics in Information Security – Bazara Barry

Audio Encryption Algorithms

1. ENCRYPTION OF COMPRESSED SPEECHa. Selective Encryption Algorithm for G.723.1 Speech

Codec by Wu and Kuo, 2000b. Perception-Based Partial Encryption Algorithm by

Servetti and De Martin, 20022. ENCRYPTION OF COMPRESSED AUDIO

a. MP3 Security Methods by Thorwirth, Horvatic, Weis and Zhao, 2000

Selected Topics in Information Security – Bazara Barry

Performance Metrics to be Considered

1. Latency (the time it takes for a multimedia transmission to go from its source to its destination

2. Jitter (Non-uniform delays)3. Packet Loss4. Bandwidth and Effective Bandwidth

Selected Topics in Information Security – Bazara Barry

Encryption Solutions for VoIP

The IETF has chosen three security protocols in the SIP standard, namely, Transport Layer Security (TLS), Secure/Multipurpose Internet Mail Extensions (S/MIME), and Secure Real-Time Transfer Protocol (SRTP)—to be used for securing SIP service.

The basic approach consisted of adding a security layer below the existing VoIP protocol rather than crafting a new security protocol, which helps in terms of existing protocol implementation reuse.

Selected Topics in Information Security – Bazara Barry

Encryption Solutions for VoIP

Selected Topics in Information Security – Bazara Barry

SRTP: Voice/Video Packet Security

SRTP, specified in RFC 3711, describes how to protect telephony media by encryption of the RTP packet payload, authentication of the entire RTP packet, and packet replay protection

The protocol is located between the RTP application and RTP transport layers. It secures the confidentiality of RTP payloads and the integrity of all RTP packets by adopting the AES using a symmetric cryptographic key. The payloads from the RTP application are encrypted and encapsulated into an SRTP packet.

Selected Topics in Information Security – Bazara Barry

Confidentiality

Selected Topics in Information Security – Bazara Barry

Message Authentication

Selected Topics in Information Security – Bazara Barry

Replay Protection

Selected Topics in Information Security – Bazara Barry

Selected Topics in Information Security – Bazara Barry

References1. X. Liu, and A. M. Eskicioglu, “Selective Encryption of Multimedia Content in

Distribution Networks: Challenges and New Directions,” In Proceedings of IASTED International Conference on Communications, Internet and Information Technology (CIIT 2003), Scottsdale, AZ, USA, Nov 2003.

2. T. Porter, Practical VoIP Security. Rockland, MA: Syngress, 2006, Ch 14.