CN112272314B - Method, device, equipment and medium for safely transmitting video in video network - Google Patents
Method, device, equipment and medium for safely transmitting video in video network Download PDFInfo
- Publication number
- CN112272314B CN112272314B CN202011478099.8A CN202011478099A CN112272314B CN 112272314 B CN112272314 B CN 112272314B CN 202011478099 A CN202011478099 A CN 202011478099A CN 112272314 B CN112272314 B CN 112272314B
- Authority
- CN
- China
- Prior art keywords
- encrypted
- key frame
- key
- parameter set
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 52
- 230000005540 biological transmission Effects 0.000 claims abstract description 32
- 238000004806 packaging method and process Methods 0.000 claims abstract description 13
- 238000012545 processing Methods 0.000 claims abstract description 10
- 239000013598 vector Substances 0.000 claims description 65
- 238000004590 computer program Methods 0.000 claims description 3
- 230000006837 decompression Effects 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/23—Processing of content or additional data; Elementary server operations; Server middleware
- H04N21/234—Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs
- H04N21/2347—Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs involving video stream encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/44—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs
- H04N21/4405—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving video stream decryption
Landscapes
- Engineering & Computer Science (AREA)
- Multimedia (AREA)
- Signal Processing (AREA)
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
Abstract
The application provides a method, a device, electronic equipment and a medium for safely transmitting videos in a video network, which comprise the following steps: obtaining a security parameter set and a security parameter set length, wherein the security parameter set at least comprises: an encryption policy and/or an encryption algorithm type, the encryption policy and the encryption algorithm type being used for encrypted transmission of video data; processing the security parameter set and the security parameter length according to a set rule to obtain encrypted security information; encrypting the key frames in the video data according to the encryption strategy and the encryption algorithm type to obtain encrypted key frame data; packaging the encrypted safety information and the encrypted key frame data into a key frame data packet; and sending the key frame data packet to a receiving end to solve the problem of video file leakage easily caused at present.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a method, an apparatus, and a medium for secure transmission of videos in a video network.
Background
With the development and progress of video technology, video files have been used and applied in various fields, and the security of video files is more and more emphasized.
In the prior art, in order to improve the security of a video in a transmission process, during the transmission process of a video file, a sender and a receiver can encrypt the video file first, then send the encrypted video file and an encryption key to the receiver, and the receiver decrypts the received encrypted video file to obtain the video file.
However, the inventor finds that the encryption key is transmitted in a separate packet sending manner, and since the format of the encryption key data packet is different from that of the encrypted video file, the encryption key data packet is easily found and stolen by illegal personnel in the video transmission process, so that the video file is leaked.
Disclosure of Invention
The application provides a method, a device and a medium for safely transmitting videos in a video network, which aim to solve the problem that video files are easy to leak at present.
In order to solve the above problem, the present application discloses a method for secure transmission of video in a video network, comprising:
obtaining a security parameter set and a security parameter set length, wherein the security parameter set at least comprises: an encryption policy and/or an encryption algorithm type, the encryption policy and the encryption algorithm type being used for encrypted transmission of video data;
processing the security parameter set and the length of the security parameter set according to a set rule to obtain encrypted security information;
encrypting the key frames in the video data according to the encryption strategy and the encryption algorithm type to obtain encrypted key frame data;
packaging the encrypted safety information and the encrypted key frame data into a key frame data packet;
and sending the key frame data packet to a receiving end.
Optionally, the step of processing the security parameter set and the security parameter set length according to a set rule to obtain encrypted security information includes:
and taking the length of the security parameter set as a part of the security parameter set, and encrypting to obtain encrypted security information.
Optionally, the step of processing the security parameter set and the security parameter set length according to a set rule to obtain encrypted security information includes:
encrypting the security parameter set to obtain an encrypted security parameter set;
splicing the length of the security parameter set and the encrypted security parameter set in sequence to obtain the encrypted security information; or
Encrypting the security parameter set and the length of the security parameter set respectively;
and splicing the encrypted security parameter length and the encrypted security parameter set in sequence to obtain the encrypted security information.
Optionally, the step of encapsulating the encrypted security information and the encrypted key frame data into the key frame data packet includes:
and splicing the encrypted safety information and the encrypted key frame data in sequence, using the spliced safety information and the encrypted key frame data as the data load of the key frame data packet, and packaging the key frame data packet.
Optionally, the encryption policy includes partially encrypting the key frame or fully encrypting the key frame; the encryption algorithm types include: a cipher block chaining mode;
when the encryption algorithm type is a cipher block chaining mode, the step of encrypting the key frames in the video data according to the encryption strategy and the encryption algorithm type to obtain encrypted key frame data comprises the following steps:
determining at least one frame key frame needing encryption in the video data;
generating an initialization vector corresponding to each key frame in the at least one frame of key frames;
grouping each frame key frame in the at least one frame key frame to obtain more than two sub key frames;
performing XOR operation on a first sub-key frame of the more than two sub-key frames and the initialization vector to obtain a first output result
Encrypting the first output result to obtain a first encrypted frame;
performing XOR operation on the first encrypted frame and a second sub-key frame of the more than two sub-key frames to obtain a second output result;
encrypting the second output result to obtain a second encrypted frame;
and generating encrypted key frame data according to the first encrypted frame and the second encrypted frame.
Optionally, the encryption policy includes partially encrypting the key frame or fully encrypting the key frame; the encryption algorithm types include: outputting a feedback mode;
when the encryption algorithm type is the output feedback mode, the step of encrypting the key frames in the video data according to the encryption strategy and the encryption algorithm type to obtain encrypted key frame data comprises the following steps:
determining at least one frame key frame needing encryption in the video data;
generating an initialization vector corresponding to each key frame in the at least one frame of key frames;
encrypting the initialization vector to generate a first encrypted initialization vector;
grouping each frame key frame in the at least one frame key frame to obtain more than two sub key frames;
performing exclusive-or operation on a first sub-key frame of the more than two sub-key frames and the first encryption initialization vector to obtain a third encryption frame;
encrypting the first encrypted initialization vector to generate a second encrypted initialization vector;
performing XOR operation on the second encryption initialization vector and a second sub-key frame of the more than two sub-key frames to obtain a fourth encryption frame;
and generating encrypted key frame data according to the third encrypted frame and the fourth encrypted frame.
Optionally, the encryption policy includes partially encrypting the key frame or fully encrypting the key frame; the encryption algorithm types include: a codebook mode;
when the encryption algorithm type is in a codebook mode, the step of encrypting the key frame in the video data according to the encryption strategy and the encryption algorithm type to obtain encrypted key frame data comprises the following steps:
determining at least one frame key frame needing encryption in the video data;
grouping each frame key frame in the at least one frame key frame to obtain more than two sub key frames;
and encrypting each sub-key frame in the more than two sub-key frames to obtain the encrypted key frame data.
In order to solve the above problem, the present application further discloses a method for decrypting video data, including:
the receiving end receives a video data packet, wherein the video data packet comprises: a key frame data packet and non-key frame data;
when the video data packet is determined to carry the encrypted security parameter set, decrypting the key frame data packet to obtain encrypted security information and encrypted key frame data;
decrypting the encrypted security information to obtain a security parameter set, wherein the security parameter set at least comprises: any one or more parameters of encryption key, encryption strategy and encryption algorithm type;
decrypting the encrypted key frame data by using the encryption key, the encryption strategy and the encryption algorithm type to obtain key frames in the video data;
and restoring the original video according to the key frame.
Optionally, the step of decrypting the encrypted security information to obtain the security parameter set includes:
decrypting a preset number of bytes in the data load of the key frame data packet, and obtaining the length of the encrypted safety information after decryption;
extracting encrypted security information from the data payload in accordance with the length;
and decrypting the encrypted security information to obtain a security parameter set.
In order to solve the above problem, the present application further discloses a device for secure transmission of video in a video network, comprising:
an obtaining module, configured to obtain a security parameter set and a security parameter set length, where the security parameter set at least includes: an encryption policy and/or an encryption algorithm type, the encryption policy and the encryption algorithm type being used for encrypted transmission of video data;
the safety information module is used for processing the safety parameter set and the safety parameter length according to a set rule to obtain encrypted safety information;
the key frame module is used for encrypting key frames in the video data according to the encryption strategy and the encryption algorithm type to obtain encrypted key frame data;
the splicing module is used for packaging the encrypted safety information and the encrypted key frame data into a key frame data packet;
and the sending module is used for sending the key frame data packet to a receiving end.
In order to solve the above problem, the present application further discloses an apparatus for decrypting video data, comprising:
a receiving module, configured to receive a video data packet, where the video data packet includes: a key frame data packet and non-key frame data;
the decompression module is used for decrypting the key frame video data packet to obtain encrypted safety information and encrypted key frame data when the video data packet is determined to carry the encrypted safety parameter set;
a first decryption module, configured to decrypt the encrypted security information to obtain a security parameter set, where the security parameter set includes: any one or more parameters of encryption key, encryption strategy and encryption algorithm type;
the second decryption module is used for decrypting the encrypted key frame data by the encryption key, the encryption strategy and the encryption algorithm type to obtain key frames in the video data;
and the restoring module is used for restoring the original video according to the key frame.
In order to solve the above problem, the present application also discloses an electronic device, including:
one or more processors; and
one or more machine readable media having instructions stored thereon, which when executed by the one or more processors, cause the apparatus to perform the above-described method for secure transmission of video in a video network or the above-described method for decryption of video data.
In order to solve the above problem, the present application also discloses a computer-readable storage medium storing a computer program that causes a processor to execute the above-mentioned secure transmission method of video in a video network or the above-mentioned video data decryption method.
Compared with the prior art, the method has the following advantages:
according to the method and the device, the safety parameter set and the safety parameter set length are obtained and processed according to the set rule, the encrypted safety information is obtained, the safety of the safety parameter set is improved, meanwhile, the encrypted safety information is hidden in the encrypted key frame data and is sent, so that the encrypted safety information is not easily found by illegal personnel, and the leakage of the video file is avoided.
Of course, it is not necessary for any product to achieve all of the above-described advantages at the same time for practicing the present application.
Drawings
Fig. 1 is a flowchart of a method for secure transmission of video in a video network according to an embodiment of the present application;
fig. 2 is a flowchart of a method for decrypting video data according to the second embodiment of the present application;
fig. 3 is a schematic structural diagram of a device for secure transmission of video in a video network according to a third embodiment of the present application;
fig. 4 is a schematic structural diagram of a video data decryption apparatus according to a fourth embodiment of the present application.
Detailed Description
In order to make the aforementioned objects, features and advantages of the present application more comprehensible, the present application is described in further detail with reference to the accompanying drawings and the detailed description.
Example one
Referring to fig. 1, a flowchart of a method for securely transmitting a video in a video network according to an embodiment of the present application is shown, which specifically includes:
the video secure transmission method can be applied to communication between a client and a client, communication between a server and a server, and communication between the client and the server.
Step 101: and acquiring a security parameter set and a security parameter set length.
In a specific implementation, the security parameter set and the security parameter set length may be obtained from a client, or the security parameter set and the security parameter set length may be obtained from a server.
Wherein the set of security parameters comprises at least: an encryption policy, and/or an encryption algorithm type, and/or an encryption key, the encryption policy and the encryption algorithm type being used for encrypted transmission of the video data.
The encryption strategy comprises the following steps: partially encrypting the key frame and fully encrypting the key frame.
In specific implementation, based on different application scenarios, a part of the key frames may be selected from the key frames to perform partial encryption, or all the key frames may be encrypted, which is not limited in this application.
The encryption algorithm types include: codebook mode ECB, cipher block chaining mode CBC and output feedback mode OFB.
The security parameter set may further include: one or more of an encryption flag, a version number, a length of a video encryption key, a video key encryption key version number, a new video key encryption key version length, a new video key encryption key version, an authentication flag, an authentication policy.
When the encryption flag in the security parameter set is analyzed, whether the video data is encrypted is determined through the encryption flag, wherein encryption is generally represented by 1, and non-encryption is generally represented by 0.
If the video data is encrypted data, the encryption policy and the encryption algorithm type need to be configured.
The authentication flag, non-authentication is generally indicated by 0 and authentication is generally indicated by 1, and the authentication policy may be hash operation message authentication code HMAC-SM3, packet encrypted message authentication code CMAC-SM1, and packet encrypted message authentication code CMAC-SM 4.
Step 102: and processing the security parameter set and the security parameter length according to a set rule to obtain encrypted security information.
As one implementation manner, step 102 specifically includes:
the length of the security parameter set is used as a part of the security parameter set and is encrypted to obtain encrypted security information, that is, the security parameter set comprises the length of the security parameter set, and is then encrypted to obtain the encrypted security information.
In practical applications, the length of the security parameter set may be placed from the starting position, and then the security parameter set may be placed after the length of the security parameter set, and then the security parameter set may be encrypted, so as to obtain the encrypted security information.
In practical application, the chacha algorithm, the asymmetric encryption algorithm and the symmetric encryption algorithm may be used to encrypt the length of the security parameter set as a part of the security parameter set, preferably, the chacha algorithm is used to encrypt the security parameter set to obtain encrypted security information, and the security parameter set is encrypted by using the length of the security parameter set as a part of the security parameter set, so that the security of the security parameter set is improved.
As another implementation manner, step 102 specifically includes:
and encrypting the security parameter set to obtain the encrypted security parameter set.
And splicing the length of the security parameter set and the encrypted security parameter set in sequence to obtain encrypted security information, namely, in practical application, the length of the security parameter set and the security parameter set can be separated, only the security parameter set is encrypted, the length of the security parameter set is not encrypted, and then the length of the security parameter set is placed in front of the encrypted security parameter set, so that the encrypted security information is obtained.
In a specific application, the security parameter set length may also be transmitted separately, for example: the header of the key frame data packet may be placed for transmission, and the header of the protocol may also be placed for transmission, which is not specifically limited in this application.
As another implementation manner, step 102 specifically includes:
and respectively encrypting the security parameter set and the length of the security parameter set.
And splicing the encrypted security parameter length and the encrypted security parameter set in sequence to obtain the encrypted security information.
In specific application, the length of the security parameter set and the length of the security parameter set are separated, the length of the security parameter set is encrypted respectively, and then the encrypted length of the security parameter and the encrypted security parameter set are spliced in sequence to obtain the encrypted security information, so that the encrypted security information is lengthened, and the security of the security parameter set is improved.
Step 103: and encrypting the key frames in the video data according to the encryption strategy and the encryption algorithm type to obtain encrypted key frame data.
The video data comprises key frames and non-key frames, the key frames can comprise I frames (I frames) and the like, the non-key frames can comprise P frames (Pframe) and B frames (B frames) and the like, the I frames are the most important frames, if a lawless person cracks the I frames but does not crack the P frames and/or the B frames, part of original video data can be easily restored, and therefore the video data can be leaked, and therefore the purpose of preventing the lawless person from cracking the video data can be achieved by encrypting the I frames in the video data.
Wherein the encryption policy comprises partially encrypting the key frame or fully encrypting the key frame; the encryption algorithm types include: cipher block chaining mode, cipher block chaining mode CBC and output feedback mode OFB.
As one of the implementation manners, when the type of the encryption algorithm is the cipher block chaining mode, step 103 includes the following sub-steps:
substep 1031: at least one frame key frame requiring encryption is determined in the video data.
In this embodiment, determining at least one key frame to be encrypted in the video data may be understood as encrypting part of the key frames in the key frames, or may be understood as encrypting all of the key frames in the key frames, and the operation process of the encryption algorithm type is the same regardless of the encryption of part of the key frames and the encryption of all of the key frames.
Substep 1032: and generating an initialization vector corresponding to each key frame in the at least one key frame.
The at least one key frame may include one key frame, two key frames, or all key frames, and the initialization vector corresponding to the key frame is generated for each key frame of the at least one key frame, that is, how many key frames correspond to how many initialization vectors.
In this embodiment, the initial vectors corresponding to different keyframes may be different, and the initialization vector of the keyframe of the first frame of the at least one frame of the key may be independent of the initialization vectors of other keyframes, i.e., the initialization vectors of different keyframes are independent of each other or do not affect each other.
Substep 1033: and grouping each frame key frame in the at least one frame key frame to obtain more than two sub key frames.
In this embodiment, each of the at least one frame of key frames is grouped according to the length of the key frame to obtain more than two sub-key frames.
For example: if there are 3 key frames, each of the 3 key frames can be grouped according to the length of the key frame to obtain more than two sub-key frames.
Substep 1034: and carrying out XOR operation on a first sub-key frame of the more than two sub-key frames and the initialization vector to obtain a first output result.
Substep 1035: and encrypting the first output result to obtain a first encrypted frame.
In this embodiment, a symmetric encryption algorithm or an asymmetric encryption algorithm may be used to encrypt the first output result to obtain the first encrypted frame, and preferably, the symmetric encryption algorithm is used to encrypt the first output result, because the symmetric encryption algorithm has a fast encryption speed, the encryption efficiency may be improved.
Substep 1036: and carrying out XOR operation on the first encrypted frame and a second sub-key frame of the more than two sub-key frames to obtain a second output result.
Substep 1037: and encrypting the second output result to obtain a second encrypted frame.
In this embodiment, a symmetric encryption algorithm or an asymmetric encryption algorithm may be used to encrypt the second output result to obtain the second encrypted frame, and preferably, the symmetric encryption algorithm is used to encrypt the second output result, because the symmetric encryption algorithm has a fast encryption speed, the encryption efficiency may be improved.
Substep 1038: and generating encrypted key frame data according to the first encrypted frame and the second encrypted frame.
It should be noted that, in the present application, the key frame is divided into two sub-key frames as an example, and the process of generating the encrypted key frame data may further include a plurality of sub-key frames in practical applications, for example: the encrypted key frame data may be generated by referring to two sub key frames for 3 sub key frames or 4 sub key frames, which is not described herein again.
As another implementation manner, when the encryption algorithm type is the output feedback mode, step 103 includes the following sub-steps:
substep 1039: at least one frame key frame requiring encryption is determined in the video data.
Substep 1040: and generating an initialization vector corresponding to each key frame in the at least one key frame.
Substep 1041: and encrypting the initialization vector to generate a first encrypted initialization vector.
In this embodiment, a symmetric encryption algorithm or an asymmetric encryption algorithm may be used to encrypt the initialization vector to obtain the first encrypted initialization vector, and preferably, the symmetric encryption algorithm is used to encrypt the initialization vector, because the symmetric encryption algorithm has a fast encryption speed, which may improve the encryption efficiency.
Substeps 1042: and grouping each frame key frame in the at least one frame key frame to obtain more than two sub key frames.
Substep 1043: and carrying out XOR operation on a first sub-key frame of the more than two sub-key frames and the first encryption initialization vector to obtain a third encryption frame.
Substep 1044: and encrypting the first encrypted initialization vector to generate a second encrypted initialization vector.
In this embodiment, the first encrypted initialization vector may be encrypted by using a symmetric encryption algorithm or an asymmetric encryption algorithm to obtain the second encrypted initialization vector, and preferably, the first encrypted initialization vector is encrypted by using a symmetric encryption algorithm, because the symmetric encryption algorithm has a fast encryption speed, the encryption efficiency may be improved.
Substep 1045: and carrying out XOR operation on the second encryption initialization vector and a second sub-key frame of the more than two sub-key frames to obtain a fourth encryption frame.
Substep 1046: and generating encrypted key frame data according to the third encrypted frame and the fourth encrypted frame.
It should be noted that, in the present application, the key frame is divided into two sub-key frames as an example, and the process of generating the encrypted key frame data may further include a plurality of sub-key frames in practical applications, for example: the encrypted key frame data may be generated by referring to two sub key frames for 3 sub key frames or 4 sub key frames, which is not described herein again.
As another implementation manner, when the type of the encryption algorithm is a codebook mode, step 103 includes the following sub-steps:
substep 1047: at least one frame key frame requiring encryption is determined in the video data.
Substep 1048: grouping each of the at least one frame key frame to obtain more than two sub-key frames.
Substep 1049: and encrypting each sub-key frame in the more than two sub-key frames to obtain the encrypted key frame data.
In this embodiment, a symmetric encryption algorithm or an asymmetric encryption algorithm may be used to encrypt each sub-key frame to obtain encrypted key frame data, and preferably, a symmetric encryption algorithm is used to encrypt each sub-key frame, because the symmetric encryption algorithm has a high encryption speed, and the encryption efficiency may be improved.
Step 104: and packaging the encrypted safety information and the encrypted key frame data into a key frame data packet.
When the encrypted security information is obtained by using the length of the security parameter set as a part of the security parameter set and encrypting, step 104 includes:
and sequentially splicing the encrypted security information and the encrypted key frame data, and packaging the spliced security information and the encrypted key frame data into a key frame data packet as a data load of the key frame data packet, namely, transmitting the encrypted security information as a part of data of the data load, so that the encrypted security information is hidden in the data load of the video data for transmission, and the security is provided.
When the encrypted information is obtained by separately transmitting the length of the security parameter set and the security parameter set, and encrypting the security parameter set, step 104 includes:
and sequentially splicing the safety parameter length, the encrypted safety parameter set and the encrypted key frame data, packaging the spliced safety parameter length and the encrypted key frame data into the key frame data packet as a data load part of the key frame data packet, and decrypting according to the sequence of packaging the key frame data packet during decryption to obtain the safety parameter set length, the encrypted safety parameter set and the encrypted key frame data.
It should be noted that, in the present application, the key frame is divided into two sub-key frames as an example, and the process of generating the encrypted key frame data may further include a plurality of sub-key frames in practical applications, for example: the encrypted key frame data may be generated by referring to two sub key frames for 3 sub key frames or 4 sub key frames, which is not described herein again.
In the embodiment of the application, the encrypted security information and the encrypted key frame data are packaged into the key frame data packet for transmission, that is, the encrypted security information is hidden in the encrypted key frame data for transmission, so that lawless persons can easily regard the encrypted security information as data transmission, and compared with the prior art, the security of the encrypted security information is improved.
Step 105: and sending the key frame data packet to a receiving end.
In practical application, the non-critical frame data may also be sent to the receiving end, and the non-critical frame data may be sent in a plaintext manner, or may be sent after being encrypted, which is not specifically limited in this application.
In the embodiment, the security parameter set and the security parameter set length are obtained, the security parameter set and the security parameter length are processed according to the set rule, the encrypted security information is obtained, the security of the security parameter set is improved, and meanwhile, the encrypted security information is hidden in the encrypted key frame data and is sent, so that the encrypted security information is not easily discovered by illegal personnel, and the leakage of the video file is avoided.
Example two
Referring to fig. 2, a flowchart of a video data decryption method according to the second embodiment of the present application is shown, where the video data decryption method is applied to a receiving end, and specifically includes:
step 201: the receiving end receives the video data packet.
The receiving end can receive the video data packet sent by the sending end and also can receive the video data packet sent by the server.
Wherein the video data packet includes: a critical frame data packet, non-critical frame data.
Step 202: and when the video data packet is determined to carry the encrypted security parameter set, decrypting the key frame data packet to obtain encrypted security information and encrypted key frame data.
In specific application, whether the video data packet carries the encrypted security parameter set is judged, if the video data packet carries the encrypted security parameter set, it is indicated that the transmitted key frame data packet is the key frame data packet, and the key frame data packet is decompressed.
Step 203: decrypting the encrypted security information to obtain a security parameter set, wherein the security parameter set at least comprises: any one or more of encryption key, encryption policy, type of encryption algorithm.
As one implementation manner, when the encrypted security information is obtained by using the length of the security parameter set as a part of the security parameter set and performing encryption, step 203 includes the following sub-steps:
substep 2031: and decrypting the bytes with the preset number in the data load of the key frame data packet to obtain the length of the encrypted safety information.
In a specific application, the key frame data packet is decrypted, the encrypted security information is obtained from the first two bytes of the key frame data packet, and the first two bytes of the encrypted security information are used to indicate the length of the security parameter set, so that the length of the encrypted security parameter set can be obtained by obtaining the first two bytes of the encrypted security information and decrypting the first two bytes.
Substep 2032: encrypted security information is extracted from the data payload according to the length.
And intercepting corresponding length from the data load part of the key frame data packet according to the length, acquiring the encrypted safety information from the intercepted content, and decrypting the encrypted key frame data part to acquire the key frame, wherein the rest part is the encrypted key frame data part.
Substep 2033: and decrypting the encrypted security information to obtain a security parameter set.
In this embodiment, the encrypted security information may be decrypted by using a symmetric encryption algorithm or an asymmetric encryption algorithm to obtain the security parameter set, and preferably, the encrypted security parameter set is decrypted by using the symmetric encryption algorithm, because the symmetric encryption algorithm has a fast decryption speed, the decryption efficiency may be improved.
As another implementation manner, when the encrypted information is obtained by separately transmitting the length of the security parameter set and the security parameter set, and encrypting the security parameter set, step 203 includes the following sub-steps:
substep 2034: the security parameter set length in the encrypted security information is obtained.
The encrypted security parameter set length is obtained from the first two bytes in the data payload of the key frame data packet.
Substep 2035: and acquiring the position information of the encrypted security parameter set, and extracting the encrypted security information from the data load according to the length to acquire the encrypted security parameter set.
In this embodiment, since the length of the security parameter set in the encrypted security information is obtained, then the location information of the encrypted security parameter set needs to be obtained, and then the key frame data packet is intercepted according to the length of the security parameter set with the location information as a starting point, so as to obtain the encrypted security parameter set.
Substep 2036: and decrypting the encrypted security parameter set to obtain the security parameter set.
Step 204: and decrypting the encrypted key frame data by using the encryption key, the encryption strategy and the encryption algorithm type to obtain key frames in the video data.
And removing the encrypted safety information from the data load part in the key frame data packet, namely encrypting the key frame data to the rest, and then decrypting the encrypted key frame data by using the encryption key, the encryption strategy and the encryption algorithm type to obtain the key frame in the video data.
By decrypting the encrypted security parameter set, the encryption key, the encryption strategy and the encryption algorithm type are already obtained from the security parameter set, so that the parameters in the security parameter set can be used for decrypting the encrypted key frame data to obtain the key frame in the video data.
Wherein the encryption policy comprises partially encrypting the key frame or fully encrypting the key frame; the encryption algorithm types include: cipher block chaining mode, cipher block chaining mode CBC and output feedback mode OFB.
As one implementation manner, when the type of the encryption algorithm is a cipher block chaining mode, the encrypted key frame data is decrypted by using the cipher block chaining mode to obtain a key frame in the video data, and step 204 includes the following sub-steps:
substep 2041: and decrypting the encrypted key frame data to obtain a first encrypted frame and a second encrypted frame.
And decrypting the encrypted key frame data by using a decryption algorithm corresponding to the symmetric encryption algorithm to obtain a first encrypted frame and a second encrypted frame.
Substep 2042: and decrypting the first encrypted frame to obtain a first output result.
Substep 2043: and acquiring an initialization vector corresponding to the key frame.
In practical applications, the initialization vector used in both the encryption process and the decryption process is the same.
Substep 2044: and carrying out XOR operation on the first output result and the initialization vector to obtain a first sub-key frame.
Substep 2045: and decrypting the second encrypted frame to obtain a second output result.
Substep 2046: and carrying out XOR operation on the second output result and the first encrypted frame to obtain a second sub-key frame.
Substep 2047: and forming a key frame according to the first sub-key and the second sub-key frame, and determining the key frame as one key frame in at least two frame keys which need to be decrypted in the video data.
It should be noted that, in the present application, the key frame is divided into two sub-key frames as an example, and the process of decrypting the encrypted key frame data may further include a plurality of sub-key frames in practical applications, for example: the encrypted key frame data can be decrypted by referring to the two sub key frames in 3 sub key frames or 4 sub key frames, which is not described in detail herein.
As another implementation manner, when the type of the encryption algorithm is the output feedback mode, the encrypted key frame data is decrypted by using the output feedback mode to obtain a key frame in the video data, and step 204 includes the following sub-steps:
substep 2048: and decrypting the encrypted key frame data to obtain a third encrypted frame and the fourth encrypted frame.
Substep 2049: and acquiring a first encrypted initialization vector generated by encrypting the initialization vector corresponding to the key frame.
Substep 2050: and carrying out XOR operation on the third encrypted frame and the first encrypted initialization vector to obtain a first sub-key frame.
Substep 2051: and acquiring a second encrypted initialization vector corresponding to the key frame.
Substep 2052: and carrying out XOR operation on the fourth encrypted frame and the second encrypted initialization vector to obtain a second sub-key frame.
Substep 2053: and forming a key frame according to the first sub-key and the second sub-key frame, and determining the key frame as one key frame in at least one frame key which needs to be decrypted in the video data.
It should be noted that, in the present application, the key frame is divided into two sub-key frames as an example, and the process of decrypting the encrypted key frame data may further include a plurality of sub-key frames in practical applications, for example: the encrypted key frame data can be decrypted by referring to the two sub key frames in 3 sub key frames or 4 sub key frames, which is not described in detail herein.
As another implementation manner, when the type of the encryption algorithm is a codebook mode, the encrypted key frame data is decrypted by using the codebook mode to obtain a key frame in the video data, and step 204 includes the following sub-steps:
substep 2054: and decrypting the encrypted key frame data to obtain each sub-key frame.
Substep 2055: and combining each sub-key frame to obtain each key frame of the at least two key frames which need to be encrypted in the video data.
Step 205: and restoring the original video according to the key frame.
Based on the above embodiment, the video secure transmission method of the present application may be applied to a scenario of a sending client and a receiving client, where the sending client generates a security parameter set, where the security parameter set includes a length of the security parameter set, and encrypts the security parameter set to obtain encrypted security information; encrypting the key frames in the video data according to the encryption strategy, the encryption key and the encryption algorithm type to obtain encrypted key frame data; and packaging the encrypted safety information and the encrypted key frame data into a key frame data packet. And sending the key frame data packet to a receiving client.
Receiving a video data packet of a sender received by a client, wherein the video data packet comprises: a key frame data packet and non-key frame data; judging whether the video data packet carries an encrypted security parameter set or not, and if the video data packet carries the encrypted security parameter set, decrypting the key frame data packet to obtain encrypted security information and encrypted key frame data; decrypting the encrypted security information to obtain a security parameter set, wherein the security parameter set comprises: an encryption key, an encryption policy, and an encryption algorithm type; decrypting the encrypted key frame data by using the encryption key, the encryption strategy and the encryption algorithm type to obtain key frames in the video data; and restoring the original video according to the key frame.
In the above scenario, the encrypted security information is hidden in the encrypted key frame data and is not exposed on the transmission path between the sending client and the receiving client, so that the security of the video file can be improved.
It should be noted that the foregoing method embodiments are described as a series of acts or combinations for simplicity in explanation, but it should be understood by those skilled in the art that the present application is not limited by the order of acts described, as some steps may occur in other orders or concurrently depending on the application. Further, those skilled in the art will also appreciate that the embodiments described in the specification are presently preferred and that no particular act is required to implement the invention.
Based on the description of the method embodiment, the present application further provides a corresponding apparatus embodiment to implement the content described in the method embodiment.
EXAMPLE III
Referring to fig. 3, which shows a structure diagram of a device for secure transmission of video in a video network according to the third embodiment of the present application, specifically including:
an obtaining module 301, configured to obtain a security parameter set and a security parameter set length, where the security parameter set at least includes: an encryption policy and/or an encryption algorithm type, the encryption policy and the encryption algorithm type being used for encrypted transmission of the video data.
And the security information module 302 is configured to process the security parameter set and the security parameter length according to a set rule, so as to obtain encrypted security information.
And the key frame module 303 is configured to encrypt a key frame in the video data according to the encryption policy and the encryption algorithm type to obtain encrypted key frame data.
And the splicing module 304 is configured to encapsulate the encrypted security information and the encrypted key frame data into a key frame data packet.
A sending module 305, configured to send the key frame data packet to a receiving end.
Optionally, the security information module is specifically configured to use the length of the security parameter set as a part of the security parameter set, and encrypt the security parameter set to obtain encrypted security information.
Optionally, the security information module includes:
the encryption submodule is used for encrypting the security parameter set to obtain an encrypted security parameter set;
and the splicing submodule is used for splicing the length of the security parameter set and the encrypted security parameter set in sequence to obtain the encrypted security information.
The encryption sub-module is further used for encrypting the security parameter set and the length of the security parameter set respectively;
and the splicing submodule is also used for splicing the encrypted security parameter length and the encrypted security parameter set in sequence to obtain the encrypted security information.
Optionally, the splicing module is specifically configured to splice the encrypted security information and the encrypted key frame data sequentially, and package the spliced security information and the encrypted key frame data into the key frame data packet as a data load of the key frame data packet.
Optionally, the encryption policy includes partially encrypting the key frame or fully encrypting the key frame; the encryption algorithm types include: a cipher block chaining mode;
when the encryption algorithm type is cipher block chaining mode, the key frame module comprises:
the first selection module is used for determining at least one frame key frame needing encryption in the video data.
The first initialization vector module is configured to generate an initialization vector corresponding to each of the at least one frame of key frames.
And the first grouping module is used for grouping each frame key frame in the at least one frame key frame to obtain more than two sub key frames.
And the first output module is used for carrying out XOR operation on the first sub-key frame of the more than two sub-key frames and the initialization vector to obtain a first output result.
And the first encryption frame module is used for encrypting the first output result to obtain a first encryption frame.
And the second output module is used for carrying out XOR operation on the first encrypted frame and a second sub-key frame of the more than two sub-key frames to obtain a second output result.
And the second encrypted frame module is used for encrypting the second output result to obtain a second encrypted frame.
And the first generation module is used for generating the encrypted key frame data according to the first encrypted frame and the second encrypted frame.
Optionally, the encryption policy includes partially encrypting the key frame or fully encrypting the key frame; the encryption algorithm types include: and outputting the feedback mode.
When the encryption algorithm type is an output feedback mode, the key frame module comprises:
and the second selection module is used for determining at least one frame key frame needing encryption in the video data.
And the second initialization vector module is used for generating an initialization vector corresponding to each key frame in the at least one key frame.
And the first encryption submodule is used for encrypting the initialization vector to generate a first encrypted initialization vector.
And the second grouping module is used for grouping each frame key frame in the at least one frame key frame to obtain more than two sub key frames.
And the third encrypted frame module is used for carrying out XOR operation on the first sub-key frame of the more than two sub-key frames and the first encrypted initialization vector to obtain a third encrypted frame.
And the second encryption submodule is used for encrypting the first encryption initialization vector to generate a second encryption initialization vector.
And the fourth encryption frame module is used for carrying out XOR operation on the second encryption initialization vector and a second sub key frame of the more than two sub key frames to obtain a fourth encryption frame.
And the second generation module is used for generating encrypted key frame data according to the third encrypted frame and the fourth encrypted frame.
Optionally, the encryption policy includes partially encrypting the key frame or fully encrypting the key frame; the encryption algorithm types include: a codebook mode;
when the encryption algorithm type is a codebook mode, the key frame module comprises:
the third selection module is used for determining at least one frame key frame needing to be encrypted in the video data;
a third grouping module, configured to group each of the at least one frame of key frames to obtain more than two sub-key frames;
and the third sub-encryption module is used for encrypting each sub-key frame in more than two sub-key frames to obtain encrypted key frame data.
In the embodiment, the security parameter set and the security parameter set length are obtained, the security parameter set and the security parameter length are processed according to the set rule, the encrypted security information is obtained, the security of the security parameter set is improved, and meanwhile, the encrypted security information is hidden in the encrypted key frame data and is sent, so that the encrypted security information is not easily discovered by illegal personnel, and the leakage of the video file is avoided.
Example four
Referring to fig. 4, a structural diagram of a video data decryption apparatus according to the fourth embodiment of the present application is shown, which specifically includes:
a receiving module 401, configured to receive a video data packet, where the video data packet includes: a critical frame data packet, non-critical frame data.
A decompression module 402, configured to decrypt the key frame data packet to obtain encrypted security information and encrypted key frame data when it is determined that the video data packet carries the encrypted security parameter set.
A first decryption module 403, configured to decrypt the encrypted security information to obtain a security parameter set, where the security parameter set includes: any one or more of encryption key, encryption policy, type of encryption algorithm.
And a second decryption module 404, configured to decrypt the encrypted key frame data by using the encryption key, the encryption policy, and the encryption algorithm type, so as to obtain a key frame in the video data.
And a restoring module 405, configured to restore the original video according to the key frame.
Optionally, the first decryption module includes:
the length module is used for decrypting the bytes with the preset number in the data load of the key frame data packet and obtaining the length of the encrypted safety information after decryption;
the screenshot module is used for extracting encrypted security information from the data load according to the length;
and the security parameter set module is used for decrypting the encrypted security information to obtain a security parameter set.
Wherein the encryption policy comprises partially encrypting the key frame or fully encrypting the key frame; the encryption algorithm types include: cipher block chaining mode, cipher block chaining mode CBC and output feedback mode OFB.
Optionally, when the type of the encryption algorithm is a cipher block chaining mode, the second decryption module is specifically configured to decrypt the encrypted key frame data to obtain a first encrypted frame and a second encrypted frame. And decrypting the encrypted key frame data by using a decryption algorithm corresponding to the symmetric encryption algorithm to obtain a first encrypted frame and a second encrypted frame. And decrypting the first encrypted frame to obtain a first output result. And acquiring an initialization vector corresponding to the key frame. And carrying out XOR operation on the first output result and the initialization vector to obtain a first sub-key frame. And decrypting the second encrypted frame to obtain a second output result. And carrying out XOR operation on the second output result and the first encrypted frame to obtain a second sub-key frame. And forming a key frame according to the first sub-key and the second sub-key frame, and determining the key frame as one key frame in at least two frame keys which need to be encrypted in the video data.
It should be noted that, in the present application, the key frame is divided into two sub-key frames as an example, and the process of decrypting the encrypted key frame data may further include a plurality of sub-key frames in practical applications, for example: the encrypted key frame data can be decrypted by referring to the two sub key frames in 3 sub key frames or 4 sub key frames, which is not described in detail herein.
Optionally, when the type of the encryption algorithm is an output feedback mode, the second decryption module is specifically configured to decrypt the encrypted key frame data to obtain a third encrypted frame and the fourth encrypted frame. And acquiring a first encrypted initialization vector generated by encrypting the initialization vector corresponding to the key frame. And carrying out XOR operation on the third encrypted frame and the first encrypted initialization vector to obtain a first sub-key frame. And acquiring a second encrypted initialization vector corresponding to the key frame. And carrying out XOR operation on the fourth encrypted frame and the second encrypted initialization vector to obtain a second sub-key frame. And forming a key frame according to the first sub-key and the second sub-key frame, and determining the key frame as one key frame in at least two frame keys which need to be encrypted in the video data.
It should be noted that, in the present application, the key frame is divided into two sub-key frames as an example, and the process of decrypting the encrypted key frame data may further include a plurality of sub-key frames in practical applications, for example: the encrypted key frame data can be decrypted by referring to the two sub key frames in 3 sub key frames or 4 sub key frames, which is not described in detail herein.
Optionally, when the type of the encryption algorithm is in a codebook mode, the second decryption module is specifically configured to decrypt the encrypted key frame data to obtain each sub-key frame. And combining each sub-key frame to obtain each key frame of the at least two key frames which need to be encrypted in the video data.
For the above-mentioned apparatus embodiments, since they are basically similar to the method embodiments, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the illustrated method embodiments.
An embodiment of the present invention further provides an electronic device, including:
one or more processors; and
one or more machine readable media having instructions stored thereon that, when executed by the one or more processors, cause the electronic device to perform the method for secure transmission of video in a video network.
The embodiment of the invention also provides a computer readable storage medium, and a stored computer program enables a processor to execute the method for safely transmitting the video in the video network.
Alternatively, the computer readable storage medium may be a non-transitory computer readable storage medium, for example, which may be a ROM, a Random Access Memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like.
The embodiments in the present specification are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other.
As is readily imaginable to the person skilled in the art: any combination of the above embodiments is possible, and thus any combination between the above embodiments is an embodiment of the present application, but the present disclosure is not necessarily detailed herein for reasons of space. While the preferred embodiments of the present application have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all alterations and modifications as fall within the scope of the application.
The method, the device, the equipment and the medium for safely transmitting the video in the video network are introduced in detail, and a specific example is applied in the text to explain the principle and the implementation mode of the application, and the description of the embodiment is only used for helping to understand the method and the core idea of the application; meanwhile, for a person skilled in the art, according to the idea of the present application, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.
Claims (12)
1. A method for secure transmission of video over a video network, comprising:
obtaining a security parameter set and a security parameter set length, wherein the security parameter set at least comprises: an encryption policy and/or encryption algorithm type for encrypted transmission of video data, the encryption policy comprising: partially encrypting the key frame or totally encrypting the key frame;
processing the security parameter set and the length of the security parameter set according to a set rule to obtain encrypted security information;
encrypting the key frames in the video data according to the encryption strategy and the encryption algorithm type to obtain encrypted key frame data;
packaging the encrypted safety information and the encrypted key frame data into a key frame data packet;
sending the key frame data packet to a receiving end;
the step of encapsulating the encrypted security information and the encrypted key frame data into a key frame data packet comprises:
and splicing the encrypted safety information and the encrypted key frame data in sequence, using the spliced safety information and the encrypted key frame data as the data load of the key frame data packet, and packaging the key frame data packet.
2. The method according to claim 1, wherein the step of processing the security parameter set and the security parameter set length according to a set rule to obtain encrypted security information comprises:
and taking the length of the security parameter set as a part of the security parameter set, and encrypting to obtain encrypted security information.
3. The method according to claim 1, wherein the step of processing the security parameter set and the security parameter set length according to a set rule to obtain encrypted security information comprises:
encrypting the security parameter set to obtain an encrypted security parameter set;
splicing the length of the security parameter set and the encrypted security parameter set in sequence to obtain the encrypted security information; or
Encrypting the security parameter set and the length of the security parameter set respectively;
and splicing the length of the encrypted security parameter set and the encrypted security parameter set in sequence to obtain the encrypted security information.
4. The method of claim 1, wherein when the encryption policy is to partially encrypt the key frame or to fully encrypt the key frame; the encryption algorithm types include: a cipher block chaining mode;
when the encryption algorithm type is a cipher block chaining mode, the step of encrypting the key frames in the video data according to the encryption strategy and the encryption algorithm type to obtain encrypted key frame data comprises the following steps:
determining at least one frame key frame needing encryption in the video data;
generating an initialization vector corresponding to each key frame in the at least one frame of key frames;
grouping each frame key frame in the at least one frame key frame to obtain more than two sub key frames;
performing exclusive-or operation on a first sub-key frame of the more than two sub-key frames and the initialization vector to obtain a first output result;
encrypting the first output result to obtain a first encrypted frame;
performing XOR operation on the first encrypted frame and a second sub-key frame of the more than two sub-key frames to obtain a second output result;
encrypting the second output result to obtain a second encrypted frame;
and generating encrypted key frame data according to the first encrypted frame and the second encrypted frame.
5. The method of claim 1, wherein when the encryption policy is to partially encrypt the key frame or to fully encrypt the key frame; the encryption algorithm types include: outputting a feedback mode;
when the encryption algorithm type is the output feedback mode, the step of encrypting the key frames in the video data according to the encryption strategy and the encryption algorithm type to obtain encrypted key frame data comprises the following steps:
determining at least one frame key frame needing encryption in the video data;
generating an initialization vector corresponding to each key frame in the at least one frame of key frames;
encrypting the initialization vector to generate a first encrypted initialization vector;
grouping each frame key frame in the at least one frame key frame to obtain more than two sub key frames;
performing exclusive-or operation on a first sub-key frame of the more than two sub-key frames and the first encryption initialization vector to obtain a third encryption frame;
encrypting the first encrypted initialization vector to generate a second encrypted initialization vector;
performing XOR operation on the second encryption initialization vector and a second sub-key frame of the more than two sub-key frames to obtain a fourth encryption frame;
and generating encrypted key frame data according to the third encrypted frame and the fourth encrypted frame.
6. The method of claim 1, wherein when the encryption policy is to partially encrypt the key frame or to fully encrypt the key frame; the encryption algorithm types include: a codebook mode;
when the encryption algorithm type is in a codebook mode, the step of encrypting the key frame in the video data according to the encryption strategy and the encryption algorithm type to obtain encrypted key frame data comprises the following steps:
determining at least one frame key frame needing encryption in the video data;
grouping each frame key frame in the at least one frame key frame to obtain more than two sub key frames;
and encrypting each sub-key frame in the more than two sub-key frames to obtain the encrypted key frame data.
7. A method for decrypting video data, comprising:
the receiving end receives a video data packet, wherein the video data packet comprises: a key frame data packet and non-key frame data;
when the video data packet is determined to carry the encrypted security parameter set, decrypting the key frame data packet to obtain encrypted security information and encrypted key frame data;
decrypting the encrypted security information to obtain a security parameter set, wherein the security parameter set at least comprises: any one or more parameters of an encryption key, an encryption policy, and an encryption algorithm type, the encryption policy comprising: partially encrypting the key frame or totally encrypting the key frame;
the data load part in the key frame data packet removes the encrypted safety information part to obtain encrypted key frame data, and the encrypted key frame data is decrypted by using the encryption key, the encryption strategy and the encryption algorithm type to obtain key frames in the video data;
and restoring the original video according to the key frame.
8. The method of claim 7, wherein decrypting the encrypted security information to obtain the set of security parameters comprises:
decrypting a preset number of bytes in the data load of the key frame data packet, and obtaining the length of the encrypted safety information after decryption;
extracting encrypted security information from the data payload in accordance with the length;
and decrypting the encrypted security information to obtain a security parameter set.
9. An apparatus for secure transmission of video over a video network, comprising:
an obtaining module, configured to obtain a security parameter set and a security parameter set length, where the security parameter set at least includes: an encryption policy and/or encryption algorithm type for encrypted transmission of video data, the encryption policy comprising: partially encrypting the key frame or totally encrypting the key frame;
the safety information module is used for processing the safety parameter set and the length of the safety parameter set according to a set rule to obtain encrypted safety information;
the key frame module is used for encrypting key frames in the video data according to the encryption strategy and the encryption algorithm type to obtain encrypted key frame data;
the splicing module is used for packaging the encrypted safety information and the encrypted key frame data into a key frame data packet;
the sending module is used for sending the key frame data packet to a receiving end;
and the splicing module is specifically used for sequentially splicing the encrypted security information and the encrypted key frame data, and packaging the data serving as the data load of the key frame data packet into the key frame data packet.
10. An apparatus for decrypting video data, comprising:
a receiving module, configured to receive a video data packet, where the video data packet includes: a key frame data packet and non-key frame data;
the decompression module is used for decrypting the key frame video data packet to obtain encrypted safety information and encrypted key frame data when the video data packet is determined to carry the encrypted safety parameter set;
a first decryption module, configured to decrypt the encrypted security information to obtain a security parameter set, where the security parameter set includes: any one or more of encryption key, encryption policy, encryption algorithm type, encryption policy including: partially encrypting the key frame or totally encrypting the key frame;
the second decryption module is used for decrypting the encrypted key frame data by the encryption key, the encryption strategy and the encryption algorithm type to obtain key frames in the video data;
and the restoring module is used for restoring the original video according to the key frame.
11. An electronic device, comprising:
one or more processors; and
one or more machine readable media having instructions stored thereon that, when executed by the one or more processors, cause an electronic device to perform the method for secure transmission of video in a video network of any of claims 1 to 6 or the method for decryption of video data of any of claims 7-8.
12. A computer-readable storage medium storing a computer program for causing a processor to execute the method for secure transmission of video in a video network according to any one of claims 1 to 6 or the method for decryption of video data according to any one of claims 7 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011478099.8A CN112272314B (en) | 2020-12-15 | 2020-12-15 | Method, device, equipment and medium for safely transmitting video in video network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011478099.8A CN112272314B (en) | 2020-12-15 | 2020-12-15 | Method, device, equipment and medium for safely transmitting video in video network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112272314A CN112272314A (en) | 2021-01-26 |
| CN112272314B true CN112272314B (en) | 2021-03-26 |
Family
ID=74350046
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011478099.8A Active CN112272314B (en) | 2020-12-15 | 2020-12-15 | Method, device, equipment and medium for safely transmitting video in video network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112272314B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116965011A (en) * | 2021-03-25 | 2023-10-27 | 华为技术有限公司 | Encryption control method and device for data transmission |
| CN115348066B (en) * | 2022-08-05 | 2023-03-28 | 昆仑数智科技有限责任公司 | Data encryption transmission method and device, electronic equipment and storage medium |
| CN117061189B (en) * | 2023-08-26 | 2024-01-30 | 上海六坊信息科技有限公司 | Data packet transmission method and system based on data encryption |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101742229A (en) * | 2008-11-25 | 2010-06-16 | 北京中星微电子有限公司 | Method, system and device for improving safety of monitoring data |
| CN111083425A (en) * | 2019-11-25 | 2020-04-28 | 视联动力信息技术股份有限公司 | Video stream processing method and device, server, electronic equipment and storage medium |
| WO2020111403A1 (en) * | 2018-11-30 | 2020-06-04 | 주식회사우경정보기술 | Stream cipher-based image security method using zero-watermarking, server, and computer readable recording medium |
| CN111884802A (en) * | 2020-08-25 | 2020-11-03 | 中移(杭州)信息技术有限公司 | Media stream encryption transmission method, system, terminal and electronic equipment |
| CN111953656A (en) * | 2020-07-09 | 2020-11-17 | 视联动力信息技术股份有限公司 | Monitoring video encryption transmission method, device, equipment and medium |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8898767B1 (en) * | 2011-09-22 | 2014-11-25 | Mountain Top Digital, L.L.C. | Methods and apparatuses for digital content protection |
-
2020
- 2020-12-15 CN CN202011478099.8A patent/CN112272314B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101742229A (en) * | 2008-11-25 | 2010-06-16 | 北京中星微电子有限公司 | Method, system and device for improving safety of monitoring data |
| WO2020111403A1 (en) * | 2018-11-30 | 2020-06-04 | 주식회사우경정보기술 | Stream cipher-based image security method using zero-watermarking, server, and computer readable recording medium |
| CN111083425A (en) * | 2019-11-25 | 2020-04-28 | 视联动力信息技术股份有限公司 | Video stream processing method and device, server, electronic equipment and storage medium |
| CN111953656A (en) * | 2020-07-09 | 2020-11-17 | 视联动力信息技术股份有限公司 | Monitoring video encryption transmission method, device, equipment and medium |
| CN111884802A (en) * | 2020-08-25 | 2020-11-03 | 中移(杭州)信息技术有限公司 | Media stream encryption transmission method, system, terminal and electronic equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112272314A (en) | 2021-01-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112272314B (en) | Method, device, equipment and medium for safely transmitting video in video network | |
| CN107294937B (en) | Data transmission method based on network communication, client and server | |
| CN109728914B (en) | Digital signature verification method, system, device and computer readable storage medium | |
| US20120057702A1 (en) | Tag generation apparatus, tag verification apparatus, communication system, tag generation method, tag verification method, and recording medium | |
| EP3476078B1 (en) | Systems and methods for authenticating communications using a single message exchange and symmetric key | |
| CN110868287B (en) | Authentication encryption ciphertext coding method, system, device and storage medium | |
| CN105376261B (en) | Encryption method and system for instant messaging message | |
| CN111131278A (en) | Data processing method and device, computer storage medium and electronic equipment | |
| CN109005184A (en) | File encrypting method and device, storage medium, terminal | |
| Fauziah et al. | Design and implementation of AES and SHA-256 cryptography for securing multimedia file over android chat application | |
| CN113347143A (en) | Identity authentication method, device, equipment and storage medium | |
| CN115150821A (en) | Offline package transmission and storage method and device | |
| CN113452705B (en) | Encrypted communication method, device, electronic equipment and storage medium | |
| CN111586445B (en) | Video data transmission method and device | |
| CN112948867A (en) | Method and device for generating and decrypting encrypted message and electronic equipment | |
| CN116455572B (en) | Data encryption method, device and equipment | |
| Altigani et al. | Analyzing the performance of the advanced encryption standard block cipher modes of operation: highlighting the national institute of standards and technology recommendations | |
| KR102377265B1 (en) | Apparatus in network | |
| CN113672955B (en) | Data processing method, system and device | |
| CN111212044B (en) | Data transmission method, device and storage medium | |
| CN112713989B (en) | Decryption method and device | |
| CN111431846B (en) | Data transmission method, device and system | |
| Bojanova et al. | Cryptography classes in bugs framework (BF): Encryption bugs (ENC), verification bugs (VRF), and key management bugs (KMN) | |
| CN112069472A (en) | User login authentication method and system | |
| CN112149166A (en) | Unconventional password protection method and intelligent bank machine |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |