CN113163232A - Chaos-based multi-user video file encryption system and method - Google Patents

Chaos-based multi-user video file encryption system and method Download PDF

Info

Publication number
CN113163232A
CN113163232A CN202110428924.1A CN202110428924A CN113163232A CN 113163232 A CN113163232 A CN 113163232A CN 202110428924 A CN202110428924 A CN 202110428924A CN 113163232 A CN113163232 A CN 113163232A
Authority
CN
China
Prior art keywords
video
module
frame group
video frame
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110428924.1A
Other languages
Chinese (zh)
Other versions
CN113163232B (en
Inventor
陈尚武
李晓丹
李华松
邬文达
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Xujian Science And Technology Co ltd
Original Assignee
Hangzhou Xujian Science And Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Xujian Science And Technology Co ltd filed Critical Hangzhou Xujian Science And Technology Co ltd
Priority to CN202110428924.1A priority Critical patent/CN113163232B/en
Publication of CN113163232A publication Critical patent/CN113163232A/en
Application granted granted Critical
Publication of CN113163232B publication Critical patent/CN113163232B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/234Processing of video elementary streams, e.g. splicing of video streams, manipulating MPEG-4 scene graphs
    • H04N21/2347Processing of video elementary streams, e.g. splicing of video streams, manipulating MPEG-4 scene graphs involving video stream encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/001Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using chaotic signals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/26606Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing entitlement messages, e.g. Entitlement Control Message [ECM] or Entitlement Management Message [EMM]

Abstract

The invention relates to a chaos-based multi-user video file encryption system and a chaos-based multi-user video file encryption method, wherein the chaos-based multi-user video file encryption system comprises a video source module, a video frame group check code module, a video frame group check signature module, a chaos initial value module, a video chaos encryption module, a video encryption file generation module, a video frame group check signature reduction module, a video frame group check reduction module, a chaos initial value reduction module, a video chaos decryption module, a video validity check module, a video display module and a video check encryption module; the invention uses an ultra-large secret key space to improve the cracking difficulty, and uses an algorithm with an XOR low calculation amount, thereby ensuring the safety and reducing the calculation amount, ensuring the legality and tamper resistance of the video chaotic encryption file, and realizing the capability of a specific user to decrypt the video chaotic encryption file.

Description

Chaos-based multi-user video file encryption system and method
Technical Field
The invention belongs to the technical field of information, and particularly relates to a chaos-based multi-user video file encryption system and method.
Background
With the product development of law enforcement recorders, a large amount of videos are generated, most of the videos are confidential and need to be encrypted, but the existing encryption means are not matched with the requirements very much. The existing video file encryption methods mainly comprise three methods, namely: the video source is encrypted by using a key and the display end is decrypted by using the key by using a symmetric encryption algorithm, the video source needs to inform all the display ends of the key by using the method, a specific user cannot be locked for checking, and the video file cannot be judged to be from the video source by using the method; II, secondly: the video file is encrypted by a private key and decrypted by a display end by using a non-pair encryption algorithm, the public key is required to be informed to all the display ends by using the method, a specific user cannot be locked for checking, and the video file can be judged to be from the video source by using the method; thirdly, the method comprises the following steps: by using a non-pair encryption algorithm, a video source is encrypted by using a public key, a display end is decrypted by using a private key, a specific user can be locked to check the video file, and the video file cannot be judged to be from the video source by using the method. In addition, in the traditional symmetric encryption DES and SM4, the computation amount of asymmetric encryption RSA and SM2 is large, the encryption is not suitable for encrypting large file video files, and the computation capability of the law enforcement recorder is not suitable, so a new method is needed.
Disclosure of Invention
Aiming at the defects of the existing scheme, the invention discloses a chaos-based multi-user video file encryption system and method.
The technical scheme of the invention is as follows:
a chaos-based multi-user video file encryption system comprises a video source module, a module for generating video data, a video frame group verification module and a video chaos encryption module, wherein the video source module is used for sending data of a required video frame group to the video frame group verification module and the video chaos encryption module;
the video frame group checking module is used for receiving the data of the video frame group of the video source module, calculating a video frame group checking code of video stream data and sending the video frame group checking code to the video frame group checking signature module and the chaotic operator module;
the video frame group verification signature module is used for receiving the verification code of the video frame group verification signature module, encrypting the verification code to obtain video frame group verification signature data and sending the video frame group verification signature data to the video frame group verification signature encryption module;
the chaotic operator module is used for receiving the video frame group check code of the video frame group check code module, calculating an x and y initial value of a Henon algorithm, and sending the x and y initial value to the video chaotic encryption module;
the video chaotic encryption module is used for receiving the video frame group data of the video source module and the x and y initial values of the chaotic operator module, encrypting the video frame group data and sending the encrypted data to the video encryption file generation module;
the video encryption file generation module is used for generating a video chaotic encryption file;
the video frame group verification signature restoration module is used for acquiring a video frame group signature encrypted data storage object block of the video chaotic encrypted file, decrypting and comparing the video frame group signature encrypted data storage object block to obtain video frame group verification signature data;
the video frame group verification and restoration module is used for receiving the video frame group verification signature data of the video frame group verification signature restoration module to obtain a video frame group verification code and sending the video frame group verification code to the chaotic operator restoration module and the video validity module;
the chaotic operator reduction module is used for receiving the video frame group check code of the video frame group check reduction module, calculating an x and y initial value of a Henon algorithm, and sending the x and y initial value to the video chaotic decryption module;
the video chaos decryption module is used for receiving x and y initial values of a Henon algorithm of the chaos operator reduction module, decrypting the video chaos encrypted file and sending decrypted data of the video frame group to the video legality module and the video display module;
the video legality module is used for judging the authenticity of the video data;
the video display module is used for receiving the decrypted data of the video frame group of the video chaotic decryption module and carrying out decoding display;
the user public key is generated according to the user private key and is used for the video signature encryption module to encrypt the video frame group verification signature;
the user private key is held by a user and is used for decrypting the video chaotic encrypted file;
the video private key is held by a video source and used for sending a video frame group verification signature module to encrypt a verification code of video frame group data;
the video public key is generated according to the video private key and is used for decrypting the video frame group check code;
and the video signature encryption module is used for receiving the video frame group verification signature data of the video frame group verification signature module, encrypting the video frame group verification signature data to obtain video signature encryption data and sending the video signature encryption data to the video encryption file generation module.
Preferably, the video encryption file generation module includes three storage object blocks, which are a video frame group index storage object block, a video frame group encryption data storage object block and a video frame group signature encryption data storage object block, and the storage object blocks are composed of a storage block type, a storage block length, and a storage block data.
A chaos-based multi-user video file encryption method comprises the following steps:
1) the video source module sends data of a video frame group to be generated to the video verification module and the video chaotic encryption module;
2) the video frame group check code module receives data of a video frame group of the video source module, hash calculation is carried out on the data by the SM3 to obtain a 256-bit check code of video stream data, and the video frame group check code module sends the video frame group check code to the video frame group check signature module and the chaotic operator module;
3) the video frame group verification signature module receives the 256-bit verification code of the video frame group verification signature module, SM2 encryption is carried out on the 256-bit verification code by using a video private key to obtain video frame group verification signature data, and the video frame group verification signature module sends the video frame group verification signature data to the video frame group verification signature encryption module; the video signature encryption module receives video frame group verification signature data of the video frame group verification signature module, and SM2 encryption is carried out by using a user public key to obtain video signature encryption data; if multiple users exist, encrypting the video frame group verification signature data and the user public key by using the respective user public keys respectively to obtain data video signature encrypted data of each user; the video frame group verification signature encryption module sends all data video signature encrypted data to the video encrypted file generation module;
4) the chaos operator module receives 256-bit check codes of the video frame group check code module, a multidimensional Henon chaos encryption method is adopted, grouping is carried out according to 64 bits and is divided into 4 groups, the first 32 bits of the 64-bit check codes of each group are converted into non-conforming integers, the non-conforming integers are divided by the 32 th power of 2 and are converted into floating point numbers smaller than 1 and are x initial values of the Henon algorithm, the same method is used for the second 32 bits, floating point numbers are obtained and are y initial values of the Henon algorithm, and the chaos operator module sends the calculated 4 groups of x and y initial values to the video chaos encryption module;
5) the video chaotic encryption module encrypts video frame group data:
6) the video encrypted file generating module generates a video chaotic encrypted file;
7) the video frame group verification signature reduction module is used for indexing the storage object block storage position of the video frame group signature encrypted data of the storage object block from a video frame group of a video chaotic encrypted file according to time, the video frame group verification signature reduction module is used for obtaining the video frame group signature encrypted data storage object block of the video encrypted file, a user private key is used for carrying out SM2 decryption on the video frame group signature encrypted data to obtain video frame group verification signature data and a decrypted user public key, the decrypted user public key is compared with the user public key stored by the video frame group verification signature reduction module, if the user public key is the same as the user public key, the video frame group signature encrypted data storage object block is the user video frame group signature encrypted data, and the video frame group verification signature reduction module is used for sending the video frame group verification signature data to the video frame group verification reduction module;
8) the video frame group verification and restoration module receives video frame group verification signature data of the video frame group verification and signature restoration module, and the video frame group verification and restoration module verifies the signature data of the video frame group by using a video public key to obtain a video frame group verification code; the video frame group check and restoration module sends the video frame group check code to the chaotic operator restoration module and the video validity module;
9) the chaos operator reduction module adopts a multi-dimensional Henon chaos encryption method, receives 256 bits of video frame group check codes of the video frame group check reduction module, carries out grouping according to 64 bits and divides the check codes into 4 groups, converts the first 32 bits of the 64 bits of each group into a nonconforming integer, divides the nonconforming integer by the 32 power of 2, converts the nonconforming integer into floating point numbers smaller than 1, and the floating point numbers are x initial values of the Henon algorithm, the later 32 bits use the same method to obtain y initial values of which the floating point numbers are the Henon algorithm, and the chaos operator reduction module sends the calculated 4 groups of x and y initial values to the video chaos decryption module;
10) the video chaos decryption module is used for decrypting the video chaos encrypted file;
11) the video legitimacy module receives a video frame group check code A of the video frame group check restoration module, the video legitimacy module receives decrypted data of a video frame group of the video chaos decryption module, hash calculation is carried out on a state key SM3 to obtain a 256-bit check code B, and if the check code A is the same as the check code B, the data of the video frame group is not tampered;
12) and the video display module receives the decrypted data of the video frame group of the video chaotic decryption module and performs decoding display.
Preferably, the video frame group is formed by a plurality of I frame groups, and the I frame group is formed by an I frame, a dependent P frame and a B frame.
Preferably, the video chaotic encryption module encrypting the video frame group data specifically comprises the following steps:
5.1) the video chaotic encryption module receives video frame group data of a video source module;
5.2) the video chaotic encryption module receives 4 groups of x and y initial values of the Henon algorithm, and encrypts video frame group data by using the Henon algorithm;
5.3) the video chaotic encryption module generates a first 256-bit encryption key: the value of a of Henon is 1.4, the value of b is 0.3, and a Henon formula is in a chaotic state;
5.4) the video chaotic encryption module respectively substitutes 4 groups of x and y initial values to calculate 4 groups of x1 and y1, the video chaotic encryption module obtains the decimal part of 1 group of x1 in the ground, multiplies the decimal part by the power of 32 of 2 to obtain the number of the power of 32 with the range of 2 and the first 32 bits of key of the 256-bit encryption key, and the video chaotic encryption module sequentially processes other groups of x1 to finally obtain 128 bits of the 256-bit encryption key;
5.5) the video chaotic encryption module obtains the decimal part of the 1 group y1, multiplies the decimal part by the 32 power of 2 to obtain the number of the 32 power in the range of 2 and keys of 128 bits to 159 bits of 256-bit encryption keys, the video chaotic encryption module sequentially processes other groups y1 to obtain the rear 128-bit secret key of the 256-bit encryption keys, and finally generates a first 256-bit encryption key;
5.6) the video chaotic encryption module carries out XOR on the first 256-bit encryption key and the first 256-bit video data of the video frame group data to obtain the encrypted data of the front 256 bits of the video frame group data;
5.7) the video chaotic encryption module generates a second 256-bit encryption key, and the video chaotic encryption module substitutes 4 groups of x1 and y1 initial values respectively to calculate 4 groups of x2 and y2;
5.8) the video chaotic encryption module carries out XOR on the second 256-bit encryption key and the second 256-bit video data of the video frame group data to obtain the encrypted data of the front 256 bits of the video frame group data;
5.9) the video chaotic encryption module sequentially generates subsequent 256 encryption keys, and respectively performs exclusive OR on the data of the whole video frame group to obtain the encrypted data of the whole video frame group;
5.10) the video chaotic encryption module sends the encrypted data for generating the video frame group data to the video encrypted file generation module;
the Henon formula is as follows: .
Preferably, the generating of the video chaotic encrypted file by the video encrypted file generating module specifically comprises the following steps:
6.1) the video encryption file generation module receives the video frame group encryption data and the timestamp of the video chaotic encryption module;
6.2) the video encrypted file generating module receives the video frame group signature encrypted data and the timestamp of the video signature encryption module;
6.3) the video frame group index storage object block carries out indexing according to the time stamp, the video frame group index storage object block stores the storage positions of all the video frame group encryption storage object blocks and the video frame group signature encryption data storage object blocks, and corresponding video frame group encryption data and video frame group signature encryption data are found according to the time stamp;
6.4) the video frame group encrypted data storage object block stores the encrypted data of the video frame group, and only one copy of data is stored in the time range of the video frame group;
6.5) the video frame group signature encrypted data storage object block stores video frame group signature encrypted data of one user, and if a plurality of users exist, the video frame group signature encrypted data storage object block is used for storing;
6.6) the video encrypted file generation module transmits according to the fragment of the video frame group, and a user receives fragment data to independently decode and display;
6.7) the video encryption file generation module carries out file recombination to generate a new file, and generates a video encryption file in a new time range by selecting video frame group encryption data storage object blocks and video frame group signature encryption data storage object blocks in different time periods;
6.8) the video encryption file generation module outputs the video chaotic encryption file.
Preferably, the specific steps of the video chaos decryption module decrypting the video chaotic encrypted file include:
10.1) the video chaotic decryption module receives 4 groups of x and y initial values of a Henon algorithm of the chaotic operator reduction module and acquires a video frame group encrypted data storage object block of a video chaotic encrypted file according to time;
10.2) the video chaotic decryption module decrypts the video frame group by using a Henon algorithm;
10.3) the video chaos decryption module generates a first 256-bit encryption key: the a value of Henon is 1.4, the b value is 0.3, the video chaotic decryption module respectively substitutes 4 groups of x and y initial values into 4 groups of x1 and y1, the video chaotic decryption module obtains the decimal part of 1 group of x1 and multiplies the decimal part by the power of 32 of 2 to obtain the number of the power of 32 in the range of 2 and the first 32-bit key of the 256-bit decryption key;
10.4) the video chaotic decryption module sequentially processes other groups x1 to finally obtain 128 bits of 256-bit decryption keys, wherein the video chaotic decryption module obtains the decimal part of 1 group y1, and multiplies the decimal part by the power of 32 of 2 to obtain the number of the power of 32 in the range of 2, and the keys of the 256-bit decryption keys are 128 bits to 159 bits;
10.5) the video chaotic decryption module sequentially processes other groups y1 to obtain a later 128-bit secret key of the 256-bit decryption key, and generates a first 256-bit decryption key;
10.6) the video chaotic decryption module carries out XOR on the first 256-bit decryption key and the first 256-bit video data of the video frame group to obtain the decryption data of the front 256 bits of the video frame group;
10.7) the video chaos decryption module generates a second 256-bit decryption key, and the video chaos decryption module substitutes 4 groups of x1 and y1 initial values to calculate 4 groups of x2 and y2 respectively;
10.8) the video chaotic decryption module carries out XOR on the second 256-bit decryption key and the second 256-bit video data of the video frame group to obtain the decryption data of the first 256 bits of the video frame group;
10.9) the video chaotic decryption module sequentially generates subsequent 256 decryption keys, and respectively performs exclusive OR on the video data of the whole video frame group to obtain the decryption data of the whole video frame group;
10.10) the video chaotic decryption module sends the decrypted data of the video frame group to the video legality module and the video display module.
The invention has the beneficial effects that:
the invention uses chaotic algorithm to generate unpredictable key with the same length as the data of the video frame group, uses super-large key space to improve the cracking difficulty, and uses the algorithm with low calculation amount of XOR, thereby reducing the calculation amount while ensuring the safety. The initial parameters of the chaotic algorithm are generated according to the check codes of the video frame groups, and the check codes of the video frame group data are encrypted by using the video private key, so that the legality and the tamper resistance of the video chaotic encryption file are ensured. The user public key video encryption video frame group is used for verifying signature encryption, and the decryption capability of a specific user on a video chaos encryption file is realized.
Drawings
FIG. 1 is a block diagram of the system of the present invention.
Detailed Description
For further understanding of the present invention, the present invention will be described in detail with reference to examples, which are provided for illustration of the present invention but are not intended to limit the scope of the present invention.
Example 1
As shown in fig. 1, the present embodiment relates to a chaos-based multi-user video file encryption system, which includes a video source module 1, a video frame group check code module 2, a video frame group check signature module 3, a chaos initial value module 4, a video chaos encryption module 5, a video encrypted file generation module 6, a video frame group check signature reduction module 7, a video frame group check reduction module 8, a chaos initial value reduction module 9, a video chaos decryption module 10, a video validity check module 11, a video display module 12, a user public key 13, a user private key 14, a video private key 15, a user public key 16, and a video check encryption module 17.
Video source module 1: the video source module 1 generates video data modules such as law enforcement recorders. The video source module 1 sends data of a required video frame group to the video verification module 2 and the video chaotic encryption module 5. The video frame group is composed of a plurality of I frame groups, each I frame group is composed of an I frame, a dependent P frame and a dependent B frame, the I frame group is latest independent playing data, the video frame group is encrypted once, but different files can be generated at different time according to different user requirements.
Video frame group check code module 2: the method comprises the steps of receiving data of a video frame group of a video source module 1, carrying out hash calculation on the data of a national secret SM3 to obtain a 256-bit check code of video stream data, and sending the video frame group check code to a video frame group check signature module 3 and a chaotic operator module 4 by a video frame group check code module 2.
Video frame group verification signature module 3: the 256-bit check code of the video frame group check signature module 3 is received, the 256-bit check code is encrypted in SM2 by using the video private key 15 to obtain video frame group check signature data, and the video frame group check signature module 3 sends the video frame group check signature data to the video frame group check signature encryption module 17. And only 256 check codes are subjected to asymmetric encryption, so that the calculated amount can be effectively reduced, and the processing of low-calculation-amount equipment of a law enforcement recorder is facilitated.
The chaos operator module 4: the chaos operator module 4 adopts a multi-dimensional Henon chaos encryption method, the chaos operator module 4 receives 256-bit check codes of the video frame group check code module 2, the 256-bit check codes are grouped into 4 groups according to 64 bits, the first 32 bits of the 64-bit check codes of each group are converted into a nonconforming integer, the nonconforming integer is divided by the power of 32 of 2, the floating point number is converted into a floating point number smaller than 1 and is an x initial value of the Henon algorithm, and the later 32 bits use the same method to obtain a y initial value of the Henon algorithm. The chaos operator module 4 sends 4 calculated groups of x and y initial values to the video chaos encryption module 5.
The video chaotic encryption module 5: the video frame group data of the video source module 1 is received, the video chaotic encryption module 5 module receives 4 groups of x and y initial values of a Henon algorithm, and the video chaotic encryption module 5 encrypts the video frame group data by using the Henon algorithm. The video chaotic encryption module 5 generates a first 256-bit encryption key: the method comprises the steps that a of Henon takes a value of 1.4, b takes a value of 0.3, a Henon formula is in a chaotic state, a video chaotic encryption module 5 respectively substitutes 4 groups of x and y initial values to calculate 4 groups of x1 and y1, the video chaotic encryption module 5 obtains a decimal part of 1 group of x1, the decimal part is multiplied by the 32 power of 2 to obtain a number of the 32 power in a range of 2 and a key of the first 32 bits of a 256-bit encryption key, the video chaotic encryption module 5 sequentially processes other groups of x1 to finally obtain 128 bits of the 256-bit encryption key, the video chaotic encryption module 5 obtains a decimal part of 1 group of y1, the decimal part is multiplied by the 32 power of 2 to obtain a number of the 32 power in a range of 2, the keys of the 128 bits to 159 bits of the 256-bit encryption key, the video chaotic encryption module 5 sequentially processes other groups of y1 to obtain a secret key of the last 128 bits of the 256-bit encryption key, and finally generates a first 256-bit encryption key. The video chaotic encryption module 5 performs exclusive or on the first 256-bit encryption key and the first 256-bit video data of the video frame group data to obtain the encrypted data of the front 256 bits of the video frame group data. The video chaotic encryption module 5 generates a second 256-bit encryption key, the video chaotic encryption module 5 substitutes 4 groups of x1 and y1 initial values into 4 groups of x2 and y2 respectively, and calculates the second 256-bit encryption key according to the 4 groups of x2 and y2, and the video chaotic encryption module 5 carries out XOR on the second 256-bit encryption key and second 256-bit video data of the video frame group data to obtain the front 256-bit encrypted data of the video frame group data. The video chaotic encryption module 5 sequentially generates subsequent 256 encryption keys, and performs exclusive or on the data of the whole video frame group respectively to obtain the encrypted data of the whole video frame group. And a key which is unpredictable and has the same length as the video frame group data is generated by using a chaotic algorithm, and the cracking difficulty is improved by using an ultra-large key space. The video chaotic encryption module 5 sends the encrypted data for generating the video frame group data to the video encrypted file generation module 6.
The video encryption file generation module 6: the video encrypted file generation module 6 receives the video frame group encrypted data and the timestamp of the video chaotic encryption module 5, and the video encrypted file generation module 6 receives the video frame group signature encrypted data and the timestamp of the video signature encryption module 17. The video encryption file generation module 6 includes three storage object blocks, a video frame group index storage object block, a video frame group encryption data storage object block, and a video frame group signature encryption data storage object block. The storage object block is composed of a storage block type, a storage block length and storage block data, and any storage block of the encrypted video can be extracted by using the storage object block. The video frame group index storage object block is used for indexing according to the time stamp, the video frame group index storage object block stores the storage positions of all the video frame group encryption storage object blocks and the video frame group signature encryption data storage object blocks, and the corresponding video frame group encryption data and the video frame group signature encryption data can be quickly found according to the time stamp. The video frame group encrypted data storage object block stores encrypted data of a video frame group, and only one copy of the data is stored within the video frame group time range. The video frame group signature encryption data storage object block stores video frame group signature encryption data of one user, and if a plurality of users exist, the video frame group signature encryption data storage object block stores the video frame group signature encryption data of the plurality of users by using a plurality of video frame group signature encryption data storage object blocks. The mode can ensure that the video encrypted file does not need to be decrypted to carry out fragment transmission and file recombination to generate a new file; according to the fragment transmission of the video frame group, a user receives fragment data to independently decode and display, so that the timeliness is improved; the new file generated by file recombination can generate a video encryption file in a new time range by selecting the video frame group encryption data storage object blocks and the video frame group signature encryption data storage object blocks in different time periods, and the new file generated by file recombination also can reduce the range of decryption users by removing the video frame group signature encryption data storage object blocks of part of users. The video encrypted file generation module 6 outputs a video chaotic encrypted file.
The video frame group verification signature restoration module 7: the video frame group verification signature reduction module 7 is used for indexing the storage object block storage position of the video frame group signature encrypted data of the storage object block from the video frame group of the video chaotic encrypted file according to time, the video frame group verification signature reduction module 7 is used for obtaining the video frame group signature encrypted data storage object block of the video encrypted file, SM2 decryption is carried out on the video frame group signature encrypted data by using a user private key to obtain video frame group verification signature data and a decrypted user public key, the decrypted user public key is compared with the user public key stored by the video frame group verification signature reduction module 7, if the video frame group verification signature reduction module 7 and the user public key are the same, the video frame group signature storage object block is the user video frame group signature encrypted data, and the video frame group verification signature reduction module 7 sends the video frame group verification signature data to the video frame group verification reduction module 8.
The video frame group verification and restoration module 8: the video frame group verification and restoration module 8 receives the video frame group verification signature data of the video frame group verification signature restoration module 7, and the video frame group verification and restoration module 8 uses the video public key 16 to verify the video frame group verification signature data to obtain a video frame group verification code. The video frame group check and restoration module 8 sends the video frame group check code to the chaotic operator restoration module 9 and the video validity module 11.
The chaotic operator restoring module 9: the chaotic operator reduction module 9 adopts a multi-dimensional Henon chaotic encryption method, the chaotic operator reduction module 9 receives 256 bits of video frame group check codes of the video frame group check reduction module 8, the 256 bits of the video frame group check codes are grouped into 4 groups according to 64 bits, the first 32 bits of the 64 bits of each group of check codes are converted into a non-conforming integer, the non-conforming integer is divided by the power of 32 of 2, the floating point number which is smaller than 1 is converted into an x initial value of a Henon algorithm, and the later 32 bits of the floating point number are converted into a y initial value of the Henon algorithm by using the same method. The chaos operator reduction module 9 sends 4 calculated groups of x and y initial values to the video chaos decryption module 10.
The video chaos decryption module 10: the video chaotic decryption module 10 receives 4 groups of x and y initial values of the Henon algorithm of the chaotic operator reduction module 9, and acquires a video frame group encrypted data storage object block of the video chaotic encryption file according to time. The video chaotic decryption module 10 decrypts the video frame group using the Henon algorithm. The video chaotic decryption module 10 generates a first 256-bit encryption key: the a value of Henon is 1.4, the b value is 0.3, the video chaotic decryption module 10 respectively substitutes 4 groups of x and y initial values to calculate 4 groups of x1 and y1, the video chaotic decryption module 10 obtains the decimal part of the 1 group x1 and multiplies the decimal part by the 32 power of 2 to obtain the number of the 32 power in the range of 2 and the first 32-bit key of the 256-bit decryption key, the video chaotic decryption module 10 sequentially processes other groups of x1 to finally obtain 128 bits of the 256-bit decryption key, the video chaotic decryption module 10 obtains the decimal part of the 1 group y1 and multiplies the 32 power of 2 to obtain the number of the 32 power in the range of 2 and the keys of 128 bits to 159 bits of the 256-bit decryption key, and the video chaotic decryption module 10 sequentially processes other groups of y1 to obtain the next 128-bit key of the 256-bit decryption key and finally generates the first 256-bit decryption key. The video chaotic decryption module 10 performs exclusive or on the first 256-bit decryption key and the first 256-bit video data of the video frame group to obtain the decryption data of the first 256 bits of the video frame group. The video chaotic decryption module 10 generates a second 256-bit decryption key, the video chaotic decryption module 10 substitutes 4 groups of x1 and y1 initial values into 4 groups of x2 and y2 respectively, and calculates the second 256-bit decryption key according to the 4 groups of x2 and y2, and the video chaotic decryption module 10 performs XOR on the second 256-bit decryption key and the second 256-bit video data of the video frame group to obtain the front 256-bit decryption data of the video frame group. The video chaotic decryption module 10 sequentially generates subsequent 256 decryption keys, and performs exclusive or on the video data of the whole video frame group respectively to obtain the decryption data of the whole video frame group. The video chaos decryption module 10 sends the decrypted data of the video frame group to the video validity module 11 and the video display module 12.
The video validity module 11: the video validity module 11 receives the video frame group check code a of the video frame group check recovery module 8. The video legitimacy module 11 receives the decrypted data of the video frame group of the video chaotic decryption module 10, carries out hash calculation on the SM3 to obtain a 256-bit check code B, and if the check code A is the same as the check code B, the data of the video frame group is not tampered, so that the authenticity of the video data is still ensured by cutting and reforming the video file at the later stage by the method.
The video display module 12: the video display module 12 receives the decrypted data of the video frame group of the video chaotic decryption module 10, and performs decoding display.
User public key 13: the user public key 13 is generated according to the user private key 14, the user sends the user public key 13 to the video signature encryption module 17, and the video signature encryption module 17 is used for encrypting the video frame group verification signature, so that the user can decrypt the video chaos encrypted file.
User private key 14: the user private key 14 is held by a user and receives the encrypted video file, and the user sends the user private key 14 to the video frame group verification signature reduction module 7 to decrypt the video frame group verification signature for subsequently decrypting the video chaos encrypted file.
Video private key 15: the video private key 15 is held by a video source such as a law enforcement recorder, and the video frame group sending verification signature module 3 encrypts a verification code of video frame group data, so that the legality and tamper resistance of the video chaotic encrypted file are ensured.
Video public key 16: generating a video public key 16 according to the video private key 15: the video source sends the video public key 16 to the video frame group verification and restoration module 8 of the user to decrypt the video frame group verification code, thereby realizing the validity check of the video chaotic encrypted file.
The video signature encryption module 17: and receiving video frame group verification signature data of the video frame group verification signature module 3, and carrying out SM2 encryption on the video frame group verification signature data and the user public key 16 data by using the user public key 16 to obtain video signature encrypted data. If there are multiple users, the respective user public keys 16 are used to encrypt the video frame group verification signature data and the user public keys, so as to obtain the data video signature encrypted data of each user. The video frame group verification signature encryption module 17 sends all the data video signature encrypted data to the video encrypted file generation module 6.
Embodiment 2, this embodiment relates to a chaos-based multi-user video file encryption method:
1) the video source module 1 sends the data of the video frame group to be generated to the video verification module 2 and the video chaotic encryption module 5. The video frame group is composed of a plurality of I frame groups, each I frame group is composed of an I frame, a dependent P frame and a dependent B frame, the I frame group is latest independent playing data, the video frame group is encrypted once, but different files can be generated at different time according to different user requirements.
2) The video frame group check code module 2 receives the data of the video frame group of the video source module 1, performs hash calculation on the data of the SM3 to obtain a 256-bit check code of the video stream data, and the video frame group check code module 2 sends the video frame group check code to the video frame group check signature module 3 and the chaotic operator module 4.
3) The video frame group verification signature module 3 receives the 256-bit verification code of the video frame group verification signature module 3, the 256-bit verification code is encrypted in SM2 by using the video private key 15 to obtain video frame group verification signature data, and the video frame group verification signature module 3 sends the video frame group verification signature data to the video frame group verification signature encryption module 17. And only 256 check codes are subjected to asymmetric encryption, so that the calculated amount can be effectively reduced, and the processing of low-calculation-amount equipment of a law enforcement recorder is facilitated. The video signature encryption module 17 receives the video frame group verification signature data of the video frame group verification signature module 3, and encrypts the video frame group verification signature data by using the user public key 16 to obtain video signature encrypted data by SM 2. If there are multiple users, the respective user public keys 16 are used to encrypt the video frame group verification signature data and the user public keys, so as to obtain the data video signature encrypted data of each user. The video frame group verification signature encryption module 17 sends all the data video signature encrypted data to the video encrypted file generation module 6.
4) The chaos operator module 4 adopts a multi-dimensional Henon chaos encryption method, the chaos operator module 4 receives 256-bit check codes of the video frame group check code module 2, the 256-bit check codes are grouped into 4 groups according to 64 bits, the first 32 bits of the 64-bit check codes of each group are converted into a nonconforming integer, the nonconforming integer is divided by the power of 32 of 2, the floating point number is converted into a floating point number smaller than 1 and is an x initial value of the Henon algorithm, and the later 32 bits use the same method to obtain a y initial value of the Henon algorithm. The chaos operator module 4 sends 4 calculated groups of x and y initial values to the video chaos encryption module 5.
5) The video chaotic encryption module 5 encrypts the video frame group data:
5.1) video chaotic encryption module 5: video frame group data of the video source module 1 is received.
And 5.2) the video chaotic encryption module 5 module receives 4 groups of x and y initial values of the Henon algorithm, and the video chaotic encryption module 5 encrypts video frame group data by using the Henon algorithm.
5.3) the video chaotic encryption module 5 generates a first 256-bit encryption key: henon's a takes on 1.4, b takes on 0.3, let Henon's formula chaos state.
5.4) the video chaotic encryption module 5 substitutes 4 groups of x and y initial values respectively to calculate 4 groups of x1 and y1, the video chaotic encryption module 5 obtains the decimal part of 1 group of x1 and multiplies the decimal part by the power of 32 of 2 to obtain the number of the power of 32 with the range of 2 and the key of the first 32 bits of the 256-bit encryption key, and the video chaotic encryption module 5 sequentially processes other groups of x1 to finally obtain 128 bits of the 256-bit encryption key.
5.5) the video chaotic encryption module 5 obtains the decimal part of the 1 group y1, multiplies the decimal part by the 32 power of 2 to obtain the number of the 32 power in the range of 2 and the keys of 128 bits to 159 bits of the 256-bit encryption key, the video chaotic encryption module 5 sequentially processes other groups y1 to obtain the key of the last 128 bits of the 256-bit encryption key, and finally generates the first 256-bit encryption key.
5.6) the video chaotic encryption module 5 carries out XOR on the first 256-bit encryption key and the first 256-bit video data of the video frame group data to obtain the encrypted data of the front 256 bits of the video frame group data.
5.7) the video chaotic encryption module 5 generates a second 256-bit encryption key, the video chaotic encryption module 5 substitutes 4 groups of x1 and y1 initial values respectively to calculate 4 groups of x2 and y2, and the second 256-bit encryption key is calculated according to the 4 groups of x2 and y 2.
5.8) the video chaotic encryption module 5 performs exclusive or on the second 256-bit encryption key and the second 256-bit video data of the video frame group data to obtain the encrypted data of the first 256 bits of the video frame group data.
5.9) the video chaotic encryption module 5 sequentially generates the subsequent 256 encryption keys, and respectively performs exclusive OR on the data of the whole video frame group to obtain the encrypted data of the whole video frame group. And a key which is unpredictable and has the same length as the video frame group data is generated by using a chaotic algorithm, and the cracking difficulty is improved by using an ultra-large key space.
5.10) the video chaotic encryption module 5 sends the encrypted data for generating the video frame group data to the video encrypted file generation module 6.
The Henon formula is:
Figure 8506DEST_PATH_IMAGE001
6) the video encrypted file generation module 6 generates a video chaotic encrypted file flow:
6.1) the video encryption file generation module 6 receives the video frame group encryption data and the timestamp of the video chaotic encryption module 5.
6.2) the video encryption file generation module 6 receives the video frame group signature encryption data and the timestamp of the video signature encryption module 17.
6.3) the video encryption file generation module 6 comprises three storage object blocks, a video frame group index storage object block, a video frame group encryption data storage object block and a video frame group signature encryption data storage object block.
And 6.4) the storage object block consists of a storage block type, a storage block length and a storage block data, and any storage block of the encrypted video can be extracted by using the storage object block.
6.5) the video frame group index storage object block is used for indexing according to the time stamp, the video frame group index storage object block stores the storage positions of all the video frame group encryption storage object blocks and the video frame group signature encryption data storage object blocks, and the corresponding video frame group encryption data and the video frame group signature encryption data can be quickly found according to the time stamp.
6.6) the video frame group encrypted data storage object block stores encrypted data of a video frame group in which only one copy of data is stored within the video frame group time range.
6.7) the video frame group signature encryption data storage object block stores the video frame group signature encryption data of one user, and if a plurality of users exist, the plurality of video frame group signature encryption data storage object blocks are used for storing.
6.8) the video encrypted file generation module 6 can ensure that the video encrypted file does not need to be decrypted to carry out fragment transmission by using the mode; according to the fragment transmission of the video frame group, a user receives fragment data to independently decode and display, so that the timeliness is improved;
6.9) the video encrypted file generation module 6 carries out file recombination to generate a new file, and can generate a video encrypted file in a new time range by selecting video frame group encrypted data storage object blocks and video frame group signature encrypted data storage object blocks in different time periods.
6.10) the new file generated by the file recombination of the video encryption file generation module 6 also achieves the purpose of reducing the range of the decryption users by removing the video frame group signature encryption data storage object blocks of part of users.
6.11) the video encryption file generation module 6 finally outputs the video chaotic encryption file.
7) The video frame group verification signature reduction module 7 is used for indexing the storage object block storage position of the video frame group signature encrypted data of the storage object block from the video frame group of the video chaotic encrypted file according to time, the video frame group verification signature reduction module 7 is used for obtaining the video frame group signature encrypted data storage object block of the video encrypted file, SM2 decryption is carried out on the video frame group signature encrypted data by using a user private key to obtain video frame group verification signature data and a decrypted user public key, the decrypted user public key is compared with the user public key stored by the video frame group verification signature reduction module 7, if the video frame group verification signature reduction module 7 and the user public key are the same, the video frame group signature storage object block is the user video frame group signature encrypted data, and the video frame group verification signature reduction module 7 sends the video frame group verification signature data to the video frame group verification reduction module 8.
8) The video frame group verification and restoration module 8 receives the video frame group verification signature data of the video frame group verification signature restoration module 7, and the video frame group verification and restoration module 8 uses the video public key 16 to verify the video frame group verification signature data to obtain a video frame group verification code. The video frame group check and restoration module 8 sends the video frame group check code to the chaotic operator restoration module 9 and the video validity module 11.
9) The chaotic operator reduction module 9 adopts a multi-dimensional Henon chaotic encryption method, the chaotic operator reduction module 9 receives 256 bits of video frame group check codes of the video frame group check reduction module 8, the 256 bits of the video frame group check codes are grouped into 4 groups according to 64 bits, the first 32 bits of the 64 bits of each group of check codes are converted into a non-conforming integer, the non-conforming integer is divided by the power of 32 of 2, the floating point number which is smaller than 1 is converted into an x initial value of a Henon algorithm, and the later 32 bits of the floating point number are converted into a y initial value of the Henon algorithm by using the same method. The chaos operator reduction module 9 sends 4 calculated groups of x and y initial values to the video chaos decryption module 10.
10) The video chaos decryption module 10 performs a decryption process on the video chaotic encrypted file:
10.1) the video chaos decryption module 10 receives 4 groups of x and y initial values of the Henon algorithm of the chaos operator reduction module 9, and obtains a video frame group encrypted data storage object block of the video chaos encrypted file according to time.
10.2) the video chaos decryption module 10 decrypts the video frame group by using a Henon algorithm.
10.3) the video chaotic decryption module 10 generates a first 256-bit encryption key: henon's a takes 1.4, b takes 0.3, the video chaos decryption module 10 substitutes 4 groups of x, y initial values into 4 groups of x1, y1, respectively, the video chaos decryption module 10 obtains 1 group of x1 decimal part, and multiplies 2 power of 32 to obtain 2 power of 32 number, 256 bits of decryption key first 32 bits of key.
10.4) the video chaotic decryption module 10 processes other groups x1 in sequence to finally obtain 128 bits of 256-bit decryption keys, and the video chaotic decryption module 10 obtains the decimal part of the 1 group y1 and multiplies the decimal part by the power of 32 of 2 to obtain the number of the power of 32 in the range of 2, and the 128 bits of the 256-bit decryption keys to the key of 159 bits.
10.5) the video chaotic decryption module 10 sequentially processes the other groups y1 to obtain the last 128-bit secret key of the 256-bit decryption key, and finally generates the first 256-bit decryption key.
10.6) the video chaotic decryption module 10 performs exclusive or on the first 256-bit decryption key and the first 256-bit video data of the video frame group to obtain the first 256-bit decryption data of the video frame group.
10.7) the video chaos decryption module 10 generates a second 256-bit decryption key, the video chaos decryption module 10 substitutes 4 groups of x1 and y1 initial values into 4 groups of x2 and y2 respectively, and calculates the second 256-bit decryption key according to the 4 groups of x2 and y 2.
10.8) the video chaotic decryption module 10 performs exclusive or on the second 256-bit decryption key and the second 256-bit video data of the video frame group to obtain the first 256-bit decryption data of the video frame group.
10.9) the video chaotic decryption module 10 sequentially generates the subsequent 256 decryption keys, and respectively performs exclusive or on the video data of the whole video frame group to obtain the decryption data of the whole video frame group.
10.10) the video chaos decryption module 10 sends the decrypted data of the video frame group to the video legality module 11 and the video display module 12.
11) The video validity module 11 receives the video frame group check code a of the video frame group check recovery module 8. The video legitimacy module 11 receives the decrypted data of the video frame group of the video chaotic decryption module 10, carries out hash calculation on the SM3 to obtain a 256-bit check code B, and if the check code A is the same as the check code B, the data of the video frame group is not tampered, so that the authenticity of the video data is still ensured by cutting and reforming the video file at the later stage by the method.
12) The video display module 12 receives the decrypted data of the video frame group of the video chaotic decryption module 10, and performs decoding display.
The present invention and its embodiments have been described above schematically, without limitation, and the embodiments of the present invention are shown in the drawings, and the actual structures are not limited thereto. Therefore, those skilled in the art should understand that they can easily and effectively design and modify the structure and embodiments of the present invention without departing from the spirit and scope of the present invention.

Claims (7)

1. A chaos-based multi-user video file encryption system is characterized by comprising
The video source module (1) is a module for generating video data and sending data needing a video frame group to the video frame group verification module (2) and the video chaotic encryption module (5);
the video frame group checking module (2) is used for receiving the data of the video frame group of the video source module (1), calculating a video frame group checking code of video stream data, and sending the video frame group checking code to the video frame group checking signature module (3) and the chaotic operator module (4);
the video frame group verification signature module (3) is used for receiving the verification code of the video frame group verification signature module (3), encrypting to obtain video frame group verification signature data and sending the video frame group verification signature data to the video frame group verification signature encryption module (17);
the chaotic operator module (4) is used for receiving the video frame group check code of the video frame group check code module (2), calculating an x and y initial value of a Henon algorithm, and sending the x and y initial value to the video chaotic encryption module (5);
the video chaotic encryption module (5) is used for receiving the video frame group data of the video source module (1) and the x and y initial values of the chaotic operator module (4), encrypting the video frame group data and sending the encrypted data to the video encrypted file generation module (6);
the video encrypted file generating module (6) is used for generating a video chaotic encrypted file;
the video frame group verification signature reduction module (7) is used for acquiring a video frame group signature encrypted data storage object block of the video chaotic encrypted file, decrypting and comparing the video frame group signature encrypted data storage object block to obtain video frame group verification signature data;
the video frame group verification and restoration module (8) is used for receiving the video frame group verification signature data of the video frame group verification signature restoration module (7) to obtain a video frame group verification code and sending the video frame group verification code to the chaotic operator restoration module (9) and the video legality module (11);
the chaotic operator reduction module (9) is used for receiving the video frame group check code of the video frame group check reduction module (8), calculating an x and y initial value of a Henon algorithm, and sending the x and y initial value to the video chaotic decryption module (10);
the video chaos decryption module (10) is used for receiving x and y initial values of a Henon algorithm of the chaos operator reduction module (9), decrypting the video chaos encrypted file and sending decrypted data of a video frame group to the video legality module (11) and the video display module (12);
the video legality module (11) is used for judging the authenticity of the video data;
the video display module (12) is used for receiving the decrypted data of the video frame group of the video chaotic decryption module (10) and performing decoding display;
the user public key (13) is generated according to the user private key (14) and is used for the video signature encryption module (17) to encrypt the video frame group verification signature;
the user private key (14), the user private key (14) is held by the user and is used for decrypting the video chaos encrypted file;
the video private key (15), the video private key (15) is held by a video source, and the video frame group verification signature sending module (3) encrypts a verification code of video frame group data;
the video public key (16) is generated according to the video private key (15) and is used for decrypting the video frame group check code;
and the video signature encryption module (17) is used for receiving the video frame group verification signature data of the video frame group verification signature module (3), encrypting the video frame group verification signature data to obtain video signature encrypted data, and sending the video signature encrypted data to the video encrypted file generation module (6).
2. The chaos-based multi-user video file encryption system of claim 1 wherein the video encryption file generation module (6) comprises three storage object blocks, a video frame group index storage object block, a video frame group encrypted data storage object block and a video frame group signature encryption data storage object block, the storage object blocks are comprised of a storage block type, a storage block length, and a storage block data.
3. A chaos-based multi-user video file encryption method is characterized by comprising the following steps:
1) the video source module (1) sends data of a video frame group to be generated to the video verification module (2) and the video chaotic encryption module (5);
2) the video frame group check code module (2) receives data of a video frame group of the video source module (1), hash calculation is carried out on the data by the SM3 to obtain a 256-bit check code of video stream data, and the video frame group check code module (2) sends the video frame group check code to the video frame group check signature module (3) and the chaotic operator module (4);
3) the video frame group verification signature module (3) receives the 256-bit verification code of the video frame group verification signature module (3), SM2 encryption is carried out on the 256-bit verification code by using a video private key (15) to obtain video frame group verification signature data, and the video frame group verification signature module (3) sends the video frame group verification signature data to the video frame group verification signature encryption module (17); the video signature encryption module (17) receives the video frame group verification signature data of the video frame group verification signature module (3), and uses the user public key (16) to carry out SM2 encryption to obtain video signature encrypted data; if multiple users exist, the respective user public keys (16) are respectively used for encrypting the video frame group verification signature data and the user public keys to obtain data video signature encrypted data of the users; the video frame group verification signature encryption module (17) sends all data video signature encrypted data to the video encrypted file generation module (6);
4) the chaos operator module (4) receives 256-bit check codes of the video frame group check code module (2), a multidimensional Henon chaos encryption method is adopted, grouping is carried out according to 64 bits and is divided into 4 groups, the first 32 bits of the 64-bit check codes of each group are converted into non-conforming integers, divided by the 32 power of 2 and converted into floating point numbers smaller than 1 and used as x initial values of the Henon algorithm, the later 32 bits use the same method to obtain y initial values of the Henon algorithm, and the chaos operator module (4) sends the calculated 4 groups of x and y initial values to the video chaos encryption module (5);
5) the video chaotic encryption module (5) encrypts video frame group data:
6) a video encrypted file generation module (6) generates a video chaotic encrypted file;
7) a video frame group verification signature reduction module (7) indexes the storage position of a video frame group signature encryption data storage object block of the storage object block from a video frame group of a video chaotic encryption file according to time, the video frame group verification signature reduction module (7) acquires the video frame group signature encryption data storage object block of the video encryption file, a user private key (14) is used for carrying out SM2 decryption on the video frame group signature encryption data to obtain video frame group verification signature data and a decrypted user public key (13), the decrypted user public key (13) is compared with the user public key stored by the video frame group verification signature reduction module (7), if the video frame group verification signature reduction module and the decrypted user public key are the same, the video frame group signature encrypted data storage object block is the user video frame group signature encrypted data, and the video frame group verification signature reduction module (7) sends the video frame group verification signature data to the video frame group verification reduction module (8);
8) the video frame group verification and restoration module (8) receives the video frame group verification signature data of the video frame group verification signature restoration module (7), and the video frame group verification and restoration module (8) verifies the video frame group verification signature data by using a video public key (16) to obtain a video frame group verification code; the video frame group check and restoration module (8) sends the video frame group check code to the chaotic operator restoration module (9) and the video legality module (11);
9) the chaos operator reducing module (9) adopts a multi-dimensional Henon chaos encryption method, the chaos operator reducing module (9) receives 256 bits of video frame group check codes of the video frame group check reducing module (8), the 256 bits of the video frame group check codes are grouped into 4 groups according to 64 bits, the first 32 bits of the 64 bits of each group of check codes are converted into a nonconforming integer, the nonconforming integer is divided by 32 power of 2 and is converted into a floating point number smaller than 1 and is an x initial value of the Henon algorithm, the later 32 bits use the same method to obtain a y initial value of which the floating point number is the Henon algorithm, and the chaos operator reducing module (9) sends the calculated 4 groups of the x and y initial values to the video chaos decryption module (10);
10) the video chaos decryption module (10) decrypts the video chaotic encrypted file;
11) the video legitimacy module (11) receives a video frame group check code A of the video frame group check reduction module (8), the video legitimacy module (11) receives decrypted data of a video frame group of the video chaos decryption module (10), hash calculation is carried out on a state secret SM3 to obtain a 256-bit check code B, and if the check code A is the same as the check code B, the data of the video frame group is not tampered;
12) the video display module (12) receives the decrypted data of the video frame group of the video chaotic decryption module (10) and performs decoding display.
4. The chaos-based multi-user video file encryption method according to claim 2, wherein the video frame group is composed of one or more I frame groups, and an I frame group is composed of an I frame, a dependent P frame, and a B frame.
5. The chaos-based multi-user video file encryption method according to claim 2, wherein the video chaos encryption module (5) encrypting the video frame group data specifically comprises the following steps:
5.1) the video chaotic encryption module (5) receives video frame group data of the video source module (1);
5.2) the video chaotic encryption module (5) receives 4 groups of x and y initial values of a Henon algorithm, and encrypts video frame group data by using the Henon algorithm;
5.3) the video chaotic encryption module (5) generates a first 256-bit encryption key: the value of a of Henon is 1.4, the value of b is 0.3, and a Henon formula is in a chaotic state;
5.4) the video chaotic encryption module (5) substitutes 4 groups of x and y initial values to calculate 4 groups of x1 and y1; the video chaotic encryption module (5) obtains the decimal part of the 1 group x1, multiplies the decimal part by the power of 32 of 2 to obtain the number of the power of 32 with the range of 2 and the first 32-bit key of the 256-bit encryption key, and the video chaotic encryption module (5) sequentially processes other groups x1 to finally obtain 128 bits of the 256-bit encryption key;
5.5) the video chaotic encryption module (5) obtains the decimal part of the 1 group y1, multiplies the decimal part by the 32 power of 2 to obtain the number of the 32 power in the range of 2 and keys of 128 bits to 159 bits of 256-bit encryption keys, and the video chaotic encryption module (5) sequentially processes other groups of y1 to obtain the next 128 bits of keys of the 256-bit encryption keys and finally generates a first 256-bit encryption key;
5.6) the video chaotic encryption module (5) carries out XOR on the first 256-bit encryption key and the first 256-bit video data of the video frame group data to obtain the encrypted data of the front 256 bits of the video frame group data;
5.7) the video chaotic encryption module (5) generates a second 256-bit encryption key, and the video chaotic encryption module (5) substitutes 4 groups of x1 and y1 initial values into 4 groups of x2 and y2 respectively; a second 256-bit encryption key is calculated using 4 sets x2, y2 as described above;
5.8) the video chaotic encryption module (5) carries out XOR on the second 256-bit encryption key and the second 256-bit video data of the video frame group data to obtain the encrypted data of the front 256 bits of the video frame group data;
5.9) the video chaotic encryption module (5) sequentially generates subsequent 256 encryption keys, and respectively performs exclusive OR on the data of the whole video frame group to obtain the encrypted data of the whole video frame group;
5.10) the video chaotic encryption module (5) sends the encrypted data for generating the video frame group data to the video encrypted file generation module (6);
the Henon formula is as follows:
Figure FDA0003030652580000051
6. the chaos-based multi-user video file encryption method according to claim 2, wherein the video encryption file generation module (6) generates the video chaos encryption file by the following steps:
6.1) the video encryption file generation module (6) receives the video frame group encryption data and the timestamp of the video chaotic encryption module (5);
6.2) the video encryption file generation module (6) receives the video frame group signature encryption data and the timestamp of the video signature encryption module (17);
6.3) the video frame group index storage object block carries out indexing according to the time stamp, the video frame group index storage object block stores the storage positions of all the video frame group encryption storage object blocks and the video frame group signature encryption data storage object blocks, and corresponding video frame group encryption data and video frame group signature encryption data are found according to the time stamp;
6.4) the video frame group encrypted data storage object block stores the encrypted data of the video frame group, and only one copy of data is stored in the time range of the video frame group;
6.5) the video frame group signature encrypted data storage object block stores video frame group signature encrypted data of one user, and if a plurality of users exist, the video frame group signature encrypted data storage object block is used for storing;
6.6) the video encrypted file generation module (6) transmits according to the fragment of the video frame group, and a user receives fragment data to independently decode and display;
6.7) the video encrypted file generating module (6) performs file recombination to generate a new file, and generates a video encrypted file in a new time range by selecting video frame group encrypted data storage object blocks and video frame group signature encrypted data storage object blocks in different time periods;
6.8) the video encryption file generation module (6) outputs the video chaotic encryption file.
7. The chaos based multi-user video file encryption method of claim 2, wherein the video chaos decryption module (10) decrypting the video chaotic encrypted file comprises:
10.1) the video chaotic decryption module (10) receives 4 groups of x and y initial values of a Henon algorithm of the chaotic operator reduction module (9) and acquires a video frame group encrypted data storage object block of a video chaotic encrypted file according to time;
10.2) the video chaotic decryption module (10) decrypts the video frame group by using a Henon algorithm;
10.3) the video chaos decryption module (10) generates a first 256-bit encryption key: a of Henon takes a value of 1.4, b takes a value of 0.3, and the video chaotic decryption module (10) substitutes 4 groups of x and y initial values respectively to calculate 4 groups of x1 and y1; the video chaotic decryption module (10) obtains the decimal part of the 1 group x1, multiplies the decimal part by the power of 32 of 2 to obtain the number of the power of 32 with the range of 2 and the first 32-bit key of the 256-bit decryption key;
10.4) the video chaotic decryption module (10) sequentially processes other groups x1 to finally obtain 128 bits of 256-bit decryption keys, wherein the video chaotic decryption module (10) obtains the decimal part of the 1 group y1 and multiplies the decimal part by the power of 32 of 2 to obtain the number of the power of 32 in the range of 2, and the keys of the 256-bit decryption keys from 128 bits to 159 bits;
10.5) the video chaotic decryption module (10) sequentially processes other groups y1 to obtain a later 128-bit secret key of the 256-bit decryption key, and generates a first 256-bit decryption key;
10.6) the video chaotic decryption module (10) carries out XOR on the first 256-bit decryption key and the first 256-bit video data of the video frame group to obtain the decryption data of the first 256 bits of the video frame group;
10.7) the video chaotic decryption module (10) generates a second 256-bit decryption key, and the video chaotic decryption module (10) substitutes 4 groups of x1 and y1 initial values into 4 groups of x2 and y2 respectively; calculating a second 256-bit decryption key using 4 sets x2, y2;
10.8) the video chaotic decryption module (10) carries out XOR on the second 256-bit decryption key and the second 256-bit video data of the video frame group to obtain the decryption data of the first 256 bits of the video frame group;
10.9) the video chaotic decryption module (10) sequentially generates subsequent 256 decryption keys, and respectively performs exclusive OR on the video data of the whole video frame group to obtain the decryption data of the whole video frame group;
10.10) the video chaos decryption module (10) sends the decrypted data of the video frame group to the video legality module (11) and the video display module (12).
CN202110428924.1A 2021-04-21 2021-04-21 Chaos-based multi-user video file encryption system and method Active CN113163232B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110428924.1A CN113163232B (en) 2021-04-21 2021-04-21 Chaos-based multi-user video file encryption system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110428924.1A CN113163232B (en) 2021-04-21 2021-04-21 Chaos-based multi-user video file encryption system and method

Publications (2)

Publication Number Publication Date
CN113163232A true CN113163232A (en) 2021-07-23
CN113163232B CN113163232B (en) 2022-08-05

Family

ID=76867502

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110428924.1A Active CN113163232B (en) 2021-04-21 2021-04-21 Chaos-based multi-user video file encryption system and method

Country Status (1)

Country Link
CN (1) CN113163232B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030007639A1 (en) * 2001-04-05 2003-01-09 International Business Machines Corporation Method and apparatus for encryption of data
US20050271207A1 (en) * 2004-06-05 2005-12-08 Helmut Frey Method and system for chaotic digital signature, encryption, and authentication
CN109275030A (en) * 2018-12-03 2019-01-25 南京森林警察学院 WEB terminal key based on HLS technology obscures incorrect order video encryption method
CN111093098A (en) * 2019-12-30 2020-05-01 北京电子科技学院 Logistic mapping-based chaotic encryption method
CN112422271A (en) * 2021-01-21 2021-02-26 湖北鑫英泰系统技术股份有限公司 Electric power data encryption method and device based on chaos sequence and national cryptographic algorithm
CN112437048A (en) * 2020-11-06 2021-03-02 国民技术股份有限公司 Image encryption method, first image encryption device, second image encryption device and system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030007639A1 (en) * 2001-04-05 2003-01-09 International Business Machines Corporation Method and apparatus for encryption of data
US20070101137A1 (en) * 2001-04-05 2007-05-03 Lambert Howard S Method and Apparatus for Encryption of Data
US20050271207A1 (en) * 2004-06-05 2005-12-08 Helmut Frey Method and system for chaotic digital signature, encryption, and authentication
CN109275030A (en) * 2018-12-03 2019-01-25 南京森林警察学院 WEB terminal key based on HLS technology obscures incorrect order video encryption method
CN111093098A (en) * 2019-12-30 2020-05-01 北京电子科技学院 Logistic mapping-based chaotic encryption method
CN112437048A (en) * 2020-11-06 2021-03-02 国民技术股份有限公司 Image encryption method, first image encryption device, second image encryption device and system
CN112422271A (en) * 2021-01-21 2021-02-26 湖北鑫英泰系统技术股份有限公司 Electric power data encryption method and device based on chaos sequence and national cryptographic algorithm

Also Published As

Publication number Publication date
CN113163232B (en) 2022-08-05

Similar Documents

Publication Publication Date Title
CN111756523B (en) Data transmission method and device
CN103457718B (en) The part ciphertext of variable-length segmentation and fixing block encryption is used to upgrade
CN106656475B (en) Novel symmetric key encryption method for high-speed encryption
US5568554A (en) Method for improving the processing and storage performance of digital signature schemes
US8942371B2 (en) Method and system for a symmetric block cipher using a plurality of symmetric algorithms
AU702766B2 (en) A non-deterministic public key encryption system
US7570759B2 (en) System and method for secure encryption
CN101262341A (en) A mixed encryption method in session system
CN110719295B (en) Identity-based food data security-oriented proxy re-encryption method and device
CN111314050B (en) Encryption and decryption method and device
CN112199696B (en) Encryption and decryption method based on white-box block cipher
CN102063598A (en) Data encryption and decryption methods and devices
CN104396182A (en) Method of encrypting data
CN114826590B (en) Packet mode encryption method, packet mode decryption method, packet mode encryption device, packet mode decryption device and packet mode decryption equipment
CN114826587A (en) Data encryption method, data decryption method, data encryption device, data decryption device and data decryption equipment
CN108199836B (en) Method and device for binding and unbinding key and equipment
CN112528309A (en) Data storage encryption and decryption method and device
CN115766190B (en) Encryption method, decryption method and electronic equipment for arbitrary set elements
CN113163232B (en) Chaos-based multi-user video file encryption system and method
CN112668042B (en) File encryption method
CN114826558A (en) Mass data rapid encryption method and system
CN101889412B (en) Method to generate a private key in a boneh-franklin scheme
CN114826611A (en) IND-sID-CCA2 security identifier broadcast encryption method based on SM9
CN112866288A (en) Data symmetric encryption method for double-plaintext transmission
CN111314051A (en) Encryption and decryption method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant