Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword
Like this
4Activity
0 of .
Results for:
No results containing your search query
P. 1
On the Performance of Symmetrical and Asymmetrical Encryption for Real-Time Video Conferencing System

On the Performance of Symmetrical and Asymmetrical Encryption for Real-Time Video Conferencing System

Ratings: (0)|Views: 265 |Likes:
Published by ijcsis
Providing security for video conferencing systems is in fact a challenging issue due to the unique requirements of its real-time multimedia encryption. Modern cryptographic techniques can address the security objectives of multimedia conferencing system. The efficiency of a viable encryption scheme is evaluated using two critical performance metrics: Memory usage, and CPU usage. In this paper, two types of cryptosystems for video conferencing system were tested and evaluated. The first cryptosystem is asymmetric, whereas the second is symmetric. Both cryptosystems were integrated and tested on a commercial based video and multimedia conferencing platform.
Providing security for video conferencing systems is in fact a challenging issue due to the unique requirements of its real-time multimedia encryption. Modern cryptographic techniques can address the security objectives of multimedia conferencing system. The efficiency of a viable encryption scheme is evaluated using two critical performance metrics: Memory usage, and CPU usage. In this paper, two types of cryptosystems for video conferencing system were tested and evaluated. The first cryptosystem is asymmetric, whereas the second is symmetric. Both cryptosystems were integrated and tested on a commercial based video and multimedia conferencing platform.

More info:

Published by: ijcsis on Nov 02, 2010
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

08/09/2014

pdf

text

original

 
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 7, October 2010
On the Performance of Symmetrical andAsymmetrical Encryption for Real-Time VideoConferencing System
Maryam Feily, Salah Noori Saleh, Sureswaran Ramadass
National Advanced IPv6 Centre of Excellence (NAv6)Universiti Sains Malaysia (USM)Penang, Malaysia{maryam, salah,sures}@nav6.usm.my
 Abstract
 — 
 
Providing security for video conferencing systems is infact a challenging issue due to the unique requirements of its real-time multimedia encryption. Modern cryptographic techniquescan address the security objectives of multimedia conferencingsystem. The efficiency of a viable encryption scheme is evaluatedusing two critical performance metrics: Memory usage, and CPUusage. In this paper, two types of cryptosystems for videoconferencing system were tested and evaluated. The firstcryptosystem is asymmetric, whereas the second is symmetric.Both cryptosystems were integrated and tested on a commercialbased video and multimedia conferencing platform.
 Keywords- Encryption; Asymmetric; Symmetric; Security; Efficiency; Video Conferencing.
I.
 
I
NTRODUCTION
 Video and multimedia conferencing systems are currentlyone of the most popular real-time multimedia applications andhave gained acceptance as an Internet based application aswell. And since the Internet is involved, security has nowbecome a very important aspect of such systems. To provide asecure video conferencing system, cryptography is used toaddress data confidentiality and authentication. However,unlike plaintext, encryption of multimedia data, includingcompressed audio and video, is a challenging process due tothe following two constrains. First, the multimedia dataencryption and decryption must be done within real-timeconstraints with minimal delays. Hence, applying heavyencryption algorithms during or after the encoding phase willincrease the delay, and are likely to become a performancebottleneck for real-time multimedia applications. The secondconstraint is that multimedia data is time dependent, and mustbe well synchronized. Therefore, the needed encryption mustbe done within the defined time restrictions to keep temporalrelations among the video streams intact [1]. There are alsoother limitations due to the large size of multimedia data [2],
[3], but the operation system’s network layer can be called
upon to handle this. In overall, a viable security mechanismfor real-time multimedia transmission must consider bothsecurity and efficiency [4].
Since the mid 90’s, numerous efforts have been devoted
towards the development of real-time multimedia encryptionsolutions. However, most of the proposed algorithms arecharacterized by a significant imbalance between security andefficiency. Some of them are efficient enough to meet therequirements of the multimedia encryption, but only providelimited security, whilst others are robust enough to meet thesecurity demands but require complex computations [5].This paper proposes a viable multimedia encryption thataddresses the requirements of video conferencing systems. Theefficiency of the proposed encryption scheme is evaluatedusing two critical performance metrics: Memory usage, andCPU usage. In this paper, the performance of two differenttypes of cryptosystems (symmetric and asymmetric encryption)for encrypting real-time video data are tested and evaluatedbased on the aforementioned performance metrics.Performance tests of both encryption schemes have beencarried out using the
 Multimedia Conferencing System (MCS)
 [6] that is a commercial video conferencing application.The first encryption system is an asymmetric cryptosystembased on Elliptic Curve Cryptography (ECC) [7], whereas thesecond encryption scheme is based on Blowfish [8] which is asymmetric cryptosystem. These schemes have been chosen asthe best representative of each symmetric and asymmetricencryption based on their advantages. In fact, ECC is a recentpublic key cryptosystem which is more efficient and fasterthan the other asymmetric cryptosystems [9]. On the otherhand, Blowfish is known as the fastest symmetric encryptionscheme which is compact and suitable for large blocks of data,and therefore suitable for video data encryption [8].The rest of this paper is organized as follows: Section IIprovides an overview of cryptographic schemes and comparessymmetric and asymmetric cryptography. Section III discussesthe asymmetric encryption scheme for real-time videoconferencing system, while Section IV discusses thesymmetric encryption scheme. Section V provides details onperformance tests and a comparison of both cryptosystems.Finally the paper will be concluded in Section VI.
This paper is financially sponsored by the
Universiti Sains Malaysia(USM)
through the USM Fellowship awarded to Maryam Feily.
49http://sites.google.com/site/ijcsis/ISSN 1947-5500
 
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 7, October 2010
II.
 
O
VERVIEW OF
C
RYPTOGRAPHY
 Cryptography is the art and science of hiding secretdocuments [9]. Security is very important in applications likemultimedia conferencing system. To provide a securemultimedia conferencing system, cryptography is used toaddress data confidentiality, and authentication [10]. Moderncryptographic techniques address the security objectives of multimedia conferencing systems. In general, there are twomain categories of cryptography; symmetric and asymmetrickey cryptography [9], [11].A brief overview of each category will be provided in thisSection. In addition, symmetric and asymmetric cryptographywill be compared briefly to realize the advantages anddisadvantages of each one.
 A.
 
Symmetric Key Cryptography
Symmetric key cryptography is one of the main categoriesof cryptography. In symmetric key cryptography, to provide a
secure communication a shared secret, called “Secret Key”,
must be established between sender and recipient. The samekey is used for both encryption and decryption. Thus, such a
cryptosystem is called “Symmetric” [9]. This type of 
cryptography can only provide data confidentiality, and cannotaddress the other objectives of security [9], [11].Moreover, symmetric key cryptography cannot handlecommunications in large n-node networks. To provide aconfidential communication in a large network of 
n
nodes,each node needs
n-1
shared secrets. Hence,
n (n-1)
sharedsecrets need to be established that is highly impractical andinconvenient for a large value of 
n
[11]. All classicalcryptosystems that were developed before 1970s and also mostmodern cryptosystems are symmetric [11]. DES (DataEncryption Standard) [12], 3DES (Triple Data EncryptionStandard) [13], AES (Advanced Encryption Standard) [14],IDEA [15], RC5 [16], Blowfish [8], and SEAL [17] are someof the popular examples of modern symmetric keycryptosystems.Amongst all symmetric encryption schemes, Blowfish [8]is known as the fastest symmetric encryption scheme which iscompact and suitable for large blocks of data, and thereforesuitable for video data encryption [8]. Thus, Blowfish ischosen as the best example of symmetric scheme for videoencryption in this research.
 B.
 
 Asymmetric Key Cryptography
Asymmetric or public key cryptography is the othercategory of cryptography. Despite symmetric keycryptography, public key cryptosystems use a pair of keysinstead of a single key for encryption and decryption. One of 
the keys, called “Public Key”, is publicly known and is
distrib
uted to all users, whereas the “Private Key” must be
kept secret by the owner. Data encrypted with a specific publickey, can only be decrypted using the corresponding privatekey, and vice versa. Since different keys are used forencryption and decryption, the cryptosystem is called
“Asymmetric” [9].
Modern public key cryptosystems rely on somecomputationally intractable problems, and the security of public key cryptosystems depends on the difficulty of the hardproblem on which they rely. Hence, public key algorithmsoperate on sufficiently large numbers to make thecryptanalysis practically infeasible, and thus make the systemsecure [9], [18]. However, due to smart modern cryptanalysisand modern high speed processing power, the key size of public key cryptosystems grew very large [11]. Using largekeys is one of the disadvantages of public key cryptographydue to the large memory capacity and large computationalpower required for key processing.There are several standard public key algorithms such asRSA [19], El-Gamal [20] and Elliptic Curve Cryptography(ECC) [7]. However, ECC [7] is a recent public keycryptography which is more efficient and faster than the otherasymmetric cryptosystems. Unlike previous cryptographysolutions, ECC is based on geometric instead of numbertheory [9]. In fact, the security strength of the ECC relies onthe Elliptic Curve Discrete Logarithm Problem (ECDLP)applied to a specific point on an elliptic curve [21], [22]. InECC, the private key is a random number, whereas the publickey is a point on the elliptic curve which is obtained bymultiplying the private key with the generator point
G
on thecurve [18]. Hence, computing public key from private key isrelatively easy, whereas obtaining private key from public keyis computationally infeasible .This is considered as ECDLPthat is much more complex than the DLP, and it is believed tobe harder than integer factorization problem [18]. Hence, ECCis one of the strongest public key cryptographic systemsknown today.In addition, ECC uses smaller keys than the other publickey cryptosystems, and requires less computation to provide ahigh level of security. In other words, efficiency is the mostimportant advantage of the ECC since it offers the highestcryptographic strength per bit [9], [23]. This a great advantagein many applications, especially in cases that thecomputational power, bandwidth, storage and efficiency arecritical factors [9], [23]. Thus, ECC has been chosen as thebest asymmetric encryption in this research.
C.
 
Symmetric Versus Asymmetric Key Cryptography
Despite the Public key cryptography that can only providedata confidentiality, asymmetric key cryptography addressesboth data confidentiality and authentication. Public keycryptography solves the problem of confidentialcommunication in large n-node networks, since there is noneed to establish a shared secret between communicatingparties. Moreover, there are protocols that combine public keycryptography, public key certificates and secure hash functionsto enable authentication [11].However, public key cryptosystems are significantlyslower than symmetric cryptosystems. Moreover, public keycryptography is more expensive since it requires large memorycapacity and large computational power. For instance, a
128-bit 
key used with DES provides approximately the same levelof security as the
1024-bit 
key used with RSA [24]. A brief comparison of symmetric and asymmetric key cryptography issummarized in Table I.
50http://sites.google.com/site/ijcsis/ISSN 1947-5500
 
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 7, October 2010
TABLE I. S
YMMETRIC
V
ERSUS
A
SYMMETRIC
C
RYPTOGRAPHY
Cryptosystem Symmetric AsymmetricConfidentiality
Yes Yes
Data Integrity
No Yes
Authentication
No Yes
Number of Keys
1 2
Key Size
Smaller Larger
Speed
Faster Slower
Memory Usage
Less More
Computational Overhead
Less More
Good for N-node Networks
No Yes
Some Examples
DES/RC5/Blowfish RSA/El-Gamal/ECC
III.
 
A
SYMMETRIC
E
NCRYPTION FOR
V
IDEO
C
ONFERENCING
 The asymmetric cryptosystem [25] based on ECC [7] willbe reviewed in this Section. In addition, this Section willdescribe how this encryption scheme was implemented intothe MCS video conferencing system.
 A.
 
 ECC-Based Cryptosystem
The asymmetrical encryption scheme that is tested in thisresearch is a public key cryptosystem based on the EllipticCurve Digital Signature Algorithm (ECDSA) [25]. It is arobust security platform that employs the most advancedalgorithms recognized by the global cryptography communityto meet the severe security requirements of certainapplications. Furthermore, it is a multilayer cryptosystemwhich consists of multi layers of public-private key pairs [25].In its standard mode of encryption, this cryptosystem onlyuses
256-bit 
ECC to encrypt the data. Although thiscryptosystem is an ECC public key cryptosystem, it uses otherencryption algorithms as well. Mainly, it uses ECDSA forauthentication, AES and RSA for key encryption and SHA-2for hashing.However, since this cryptosystem is based on ECDSA, thesecurity strength of its encryption scheme mostly relies on theElliptic Curve Discrete Logarithm Problem (ECDLP) appliedto a specific point on an elliptic curve. Hence, breaking thiscryptosystem is theoretically equivalent to solving ECDLP,which is computationally impractical for a large key size of 
256-bit 
[25].
 B.
 
 Implementation of Asymmetric Scheme
As mentioned earlier, a proper security solution for videoconferencing system must address authentication and dataconfidentiality [9]. However, authentication is well addressedby most video conference systems. Therefore, in order to havea secure video conferencing system, data confidentiality mustbe provided. Thus, in this research, the aforementionedasymmetric encryption [25] is applied only to the videocomponent of the MCS [6] to protect the video stream. Thereare two modules in video component responsible for videoencryption and decryption tha
t are “Video Capture” and“Video Playback” correspondingly. The architecture of Video
Capture and Video Playback are depicted in Fig. 1 and Fig. 2respectively.
Figure 1.
Video Capture Architecture
Figure 2.
Video Playback Architecture
In addition, it is important to mention that all encryptionsand decryptions are performed only at the clients. In thisarchitecture, video encryption and decryption are bothperformed within the application layer.After integration of the ECC-based cryptosystem [25] intothe video component of the MCS [6], the performance of thesystem was tested to evaluate the efficiency of asymmetricencryption for real-time video data. The result and analysis of the performance test are presented in Section V.IV.
 
S
YMMETRIC
E
NCRYPTION FOR
V
IDEO
C
ONFERENCING
 In this Section, an alternative symmetric cryptosystemscheme for video conferencing system is discussed. Amongstall known symmetric encryption such as DES [12], 3DES[13], AES [14], IDEA [15], and RC5 [16], using Blowfish [8]for video data encryption is suggested as it is known to be afast and compact encryption suitable for large blocks of data[8]. The symmetrical encryption scheme based on Blowfishwas implemented by using OpenVPN [26], [27]. In thisSection, Blowfish encryption is introduced, and the algorithmis explained briefly. Furthermore, the details of implementingthis security scheme into the MCS are explained.
 A.
 
 Blowfish Encryption
Blowfish is a symmetric block cipher based on the Feistelnetwork. The block size is
64
 
bits
, whereas the key can be anylength up to
448
 
bits
. Blowfish algorithm consists of twophases: Key Expansion and Data Encryption [8].In Key Expansion phase a key of at most
448
 
bits
will beconverted into several subkey arrays with maximum of 
4168
 
bytes
which will be used in the Data Encryption phaseafterward. During the encryption phase, blocks of 
64-bit 
inputdata will be encrypted using a
16-round 
Feistel network. Eachround of this algorithm consists of permutations and
51http://sites.google.com/site/ijcsis/ISSN 1947-5500

Activity (4)

You've already reviewed this. Edit your review.
1 thousand reads
1 hundred reads
Jan Vekemans liked this

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->