CN104639943A - H.264 coding standard-based general video encryption method and system - Google Patents
H.264 coding standard-based general video encryption method and system Download PDFInfo
- Publication number
- CN104639943A CN104639943A CN201510050727.5A CN201510050727A CN104639943A CN 104639943 A CN104639943 A CN 104639943A CN 201510050727 A CN201510050727 A CN 201510050727A CN 104639943 A CN104639943 A CN 104639943A
- Authority
- CN
- China
- Prior art keywords
- video
- piece
- encryption
- sheet
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 53
- 230000005540 biological transmission Effects 0.000 claims abstract description 28
- 230000000153 supplemental effect Effects 0.000 claims abstract description 18
- 238000002372 labelling Methods 0.000 claims description 18
- 239000002131 composite material Substances 0.000 claims description 10
- 238000005516 engineering process Methods 0.000 description 5
- 230000008569 process Effects 0.000 description 4
- 230000000717 retained effect Effects 0.000 description 4
- 241000446313 Lamella Species 0.000 description 3
- 230000006835 compression Effects 0.000 description 3
- 238000007906 compression Methods 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 3
- 238000005457 optimization Methods 0.000 description 3
- 238000011084 recovery Methods 0.000 description 3
- 230000003044 adaptive effect Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 238000011160 research Methods 0.000 description 2
- 230000011218 segmentation Effects 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 150000001875 compounds Chemical class 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000018109 developmental process Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000004069 differentiation Effects 0.000 description 1
- 239000003814 drug Substances 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000004806 packaging method and process Methods 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000011002 quantification Methods 0.000 description 1
- 238000013139 quantization Methods 0.000 description 1
- 238000005070 sampling Methods 0.000 description 1
- 230000001932 seasonal effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/434—Disassembling of a multiplex stream, e.g. demultiplexing audio and video streams, extraction of additional data from a video stream; Remultiplexing of multiplex streams; Extraction or processing of SI; Disassembling of packetised elementary stream
- H04N21/4345—Extraction or processing of SI, e.g. extracting service information from an MPEG stream
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/44—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs
- H04N21/4408—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving video stream encryption, e.g. re-encrypting a decrypted video stream for redistribution in a home network
Landscapes
- Engineering & Computer Science (AREA)
- Multimedia (AREA)
- Signal Processing (AREA)
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
- Compression Or Coding Systems Of Tv Signals (AREA)
Abstract
The invention relates to an H.264 coding standard-based general video encryption method and system. The method comprises the following steps: analyzing video to recognize an NAL (Network Abstract Layer) unit in the video; directly performing plaintext transmission of a parameter set and supplemental enhancement information in the recognized NAL unit in a network; analyzing a video slice, recognizing a header of the video slice, a data part and a position of a first macro block in the video slice, taking the header of the video slice and the information in front of the first macro block in the video slice as conserved information without encryption, and encrypting the information apart from the conserved information in the video slice; adding shell for a ciphertext obtained through encryption in the video slice, combining the shell added ciphertext, the header of the video slice and the information in front of the first macro block in the video slice to obtain the encrypted video slice, and transmitting the encrypted video slice in the network. According to the method and the system, the safety of a video content can be protected without changing the video integral structure, the universality and the robustness are high, and the cost is low.
Description
Technical field
The present invention relates to video encryption method, especially relate to a kind of generic video encryption method based on H.264 coding standard and system.
Background technology
Along with the fast development of video coding technique and network technology, video conference, Digital Television, Video chat, online video display etc. have become the part in people's daily life gradually.Video conference is used widely with its feature real-time fast, but these Video service are easy to suffer artificial attack in open network environment, add delete as data interception, information stealth, data tampering and data.At present, the mode adopting authentication techniques, delineation of power more or set up escape way prevents the video in disabled user's reference to storage.All there is certain defect in these modes, safe procedures too strictly can reduce for experiencing, and be difficult to safeguard, if too succinct, then easily occurs security breaches.
A kind of method solved the problem is encrypted video content itself.Current, the safety of video content obtains the extensive attention of educational circles, and a lot of encryption method is constantly proposed, but algorithm itself is devoted in research more, application-oriented demand little.According to data type and the shared ratio of encryption, cryptographic algorithm can be roughly divided into encryption completely, Partial encryption, scrambling encryption, selective encryption and based on Entropy Encoding and Encryption etc.Full cipher mode is that content in each frame is not added differentiation, and parameter and data subject are all encrypted, alternate manner can select a part of parameter or video block to be encrypted.But all there is following problem in these modes in application:
1), imperfection is gone back with the research of the encryption combined of encoding.Some encryption methods can change information source structure and syntax significantly, and very large on next code impact, this can reduce network resource utilization and network service quality.Other methods contradiction each other in fail safe, compression ratio and encryption complexity etc., is difficult to realize business application.
2), bad with the versatility of the encryption combined of encoding.The more coding standard of current application all provides the kinds of schemes such as basic shelves, main shelves and expansion shelves for different application scenarioss.There is certain difference in the coding strategy that different shelves inter-stage is taked, parameter such as sampling frequency, picture size, the coding bit rate etc. of setting also all there are differences.This needs the picture pick-up device producer first to modify according to the feature of coding and hardware device and to optimize, and the encryption therefore based on coding needs the scheme different according to different equipment de-sign, and versatility is inadequate.
3), higher with the cost of the encryption combined of encoding.In order to improve coding rate, most of picture pick-up device all uses hardware mode to Video coding, and also namely on video processor, Video coding is responsible for specially by integrated DSP processor etc.If adopt the mode combined with coding to video-encryption, just must adjust the structure of the hardware module relevant to Video coding, this can improve the cost of coding greatly.
Summary of the invention
Technical problem to be solved by this invention is to provide and is not a kind ofly changing the safety protecting video content under video overall structure, and versatility is good, robustness is high, cost is low based on the generic video encryption method of H.264 coding standard and system.
The technical scheme that the present invention solves the problems of the technologies described above is as follows: a kind of generic video encryption method based on H.264 coding standard, comprises the following steps:
Step 1: resolve the video based on H.264 coding standard, identify the NAL unit in video, described NAL unit comprises parameter set, Supplemental Enhancement Information and piece of video; The parameter set identified in NAL unit and Supplemental Enhancement Information are directly carried out plaintext transmission in a network;
Step 2: resolve piece of video, identify the position of first macro block in the stem of piece of video, data division and piece of video, using the information before first macro block in the stem of piece of video and piece of video as reservation information, will not encrypt, the information in piece of video except reservation information is encrypted;
Step 3: the ciphertext obtained is encrypted to passing through in piece of video and adds shell, combine through the information added in the ciphertext of shell, the stem of piece of video and piece of video before first macro block, obtain the piece of video through encryption, the piece of video through encryption is transmitted in a network.
The invention has the beneficial effects as follows: the present invention, according to after H.264 video encoding standard coding, retains parameter and other important information of video, is only encrypted data subject.Specifically, be exactly retain parameter set SPS (sequence parameter set), the PPS (picture parameter set), SEI (Supplemental Enhancement Information) etc. in video, only the parts such as I frame, P frame and B frame be encrypted.And for the frame encrypted, still retaining several important field in head, other parts are all encrypted.Video after encryption can obtain the safeguard protection of high strength; but still can equally with ordinary video transmit in a network; can preserve by commonsense method and management encrypt data, therefore this is the encryption method of video stream that a kind of versatility is better, robustness is higher, cost is lower.
On the basis of technique scheme, the present invention can also do following improvement.
Further, the parameter set in described step 1 in NAL unit comprises sequence parameter set SPS and picture parameter set PPS; Piece of video comprises I sheet, B sheet, P sheet, SI sheet and SP sheet.
Further, the reservation information in described step 2 in piece of video before first macro block comprises first_mb_in_slice field, slice_type field, pic_parameter_set_id field and rame_num field.
Further, stream cipher encrypting or block encryption is encrypted as in described step 2, described stream cipher encrypting comprises employing RC4 cryptographic algorithm, and grouping encryption method comprises des encryption algorithm, 3DES cryptographic algorithm, AES encryption algorithm, SM1 cryptographic algorithm and SM4 cryptographic algorithm.
Further, in described step 3, when there is start-stop code in ciphertext encryption being detected, inserting start-stop code labeling by before last byte, when decoding, when start-stop code labeling being detected, start-stop code labeling being abandoned.
Further, a kind of generic video encryption system based on H.264 coding standard, comprises parsing module, encrypting module and composite module;
Described parsing module, for resolving the video based on H.264 coding standard, identify the NAL unit in video, described NAL unit comprises parameter set, Supplemental Enhancement Information and piece of video; The parameter set identified in NAL unit and Supplemental Enhancement Information are directly carried out plaintext transmission in a network;
Described encrypting module, for resolving piece of video, identify the position of first macro block in the stem of piece of video, data division and piece of video, using the information before first macro block in the stem of piece of video and piece of video as reservation information, will not encrypt, the information in piece of video except reservation information is encrypted;
Described composite module, shell is added for encrypting to passing through in piece of video the ciphertext obtained, combine through the information added in the ciphertext of shell, the stem of piece of video and piece of video before first macro block, obtain the piece of video through encryption, the piece of video through encryption is transmitted in a network.
Further, the parameter set in described parsing module in NAL unit comprises sequence parameter set SPS and picture parameter set PPS; Piece of video comprises I sheet, B sheet, P sheet, SI sheet and SP sheet.
Further, the reservation information in described encrypting module in piece of video before first macro block comprises first_mb_in_slice field, slice_type field, pic_parameter_set_id field and rame_num field.
Further, stream cipher encrypting or block encryption is encrypted as in described encrypting module, described stream cipher encrypting comprises employing RC4 cryptographic algorithm, and grouping encryption method comprises des encryption algorithm, 3DES cryptographic algorithm, AES encryption algorithm, SM1 cryptographic algorithm and SM4 cryptographic algorithm.
Further, in described composite module, when there is start-stop code in ciphertext encryption being detected, inserting start-stop code labeling by before last byte, when decoding, when start-stop code labeling being detected, start-stop code labeling being abandoned.
Accompanying drawing explanation
Fig. 1 is the structure of existing H.264 encoded video;
Fig. 2 is the DISPLAY ORDER of existing I sheet, P sheet and B sheet;
Fig. 3 is the schematic diagram of existing video transmission sequence;
Fig. 4 is the inventive method flow chart of steps;
Fig. 5 is present system structure chart.
In accompanying drawing, the list of parts representated by each label is as follows:
1, parsing module, 2, encrypting module, 3, composite module.
Embodiment
Be described principle of the present invention and feature below in conjunction with accompanying drawing, example, only for explaining the present invention, is not intended to limit scope of the present invention.
Embodiment 1
As shown in Figure 4, a kind of generic video encryption method based on H.264 coding standard, comprises the following steps:
Step 1: resolve the video based on H.264 coding standard, identify the NAL unit in video, described NAL unit comprises parameter set, Supplemental Enhancement Information and piece of video; The parameter set identified in NAL unit and Supplemental Enhancement Information are directly carried out plaintext transmission in a network;
Step 2: resolve piece of video, identify the position of first macro block in the stem of piece of video, data division and piece of video, using the information before first macro block in the stem of piece of video and piece of video as reservation information, will not encrypt, the information in piece of video except reservation information is encrypted;
Step 3: the ciphertext obtained is encrypted to passing through in piece of video and adds shell, combine through the information added in the ciphertext of shell, the stem of piece of video and piece of video before first macro block, obtain the piece of video through encryption, the piece of video through encryption is transmitted in a network.
Parameter set in described step 1 in NAL unit comprises sequence parameter set SPS and picture parameter set PPS; Piece of video comprises I sheet, B sheet, P sheet, SI sheet and SP sheet.
Reservation information in described step 2 in piece of video before first macro block comprises first_mb_in_slice field, slice_type field, pic_parameter_set_id field and rame_num field.
Be encrypted as stream cipher encrypting or block encryption in described step 2, described stream cipher encrypting comprises employing RC4 cryptographic algorithm, and grouping encryption method comprises des encryption algorithm, 3DES cryptographic algorithm, AES encryption algorithm, SM1 cryptographic algorithm and SM4 cryptographic algorithm.
In described step 3, when there is start-stop code in ciphertext encryption being detected, inserting start-stop code labeling by before last byte, when decoding, when start-stop code labeling being detected, start-stop code labeling being abandoned.
As shown in Figure 5, a kind of generic video encryption system based on H.264 coding standard, comprises parsing module 1, encrypting module 2 and composite module 3;
Described parsing module 1, for resolving the video based on H.264 coding standard, identify the NAL unit in video, described NAL unit comprises parameter set, Supplemental Enhancement Information and piece of video; The parameter set identified in NAL unit and Supplemental Enhancement Information are directly carried out plaintext transmission in a network;
Described encrypting module 2, for resolving piece of video, identify the position of first macro block in the stem of piece of video, data division and piece of video, using the information before first macro block in the stem of piece of video and piece of video as reservation information, will not encrypt, the information in piece of video except reservation information is encrypted;
Described composite module 3, shell is added for encrypting to passing through in piece of video the ciphertext obtained, combine through the information added in the ciphertext of shell, the stem of piece of video and piece of video before first macro block, obtain the piece of video through encryption, the piece of video through encryption is transmitted in a network.
Parameter set in described parsing module 1 in NAL unit comprises sequence parameter set SPS and picture parameter set PPS; Piece of video comprises I sheet, B sheet, P sheet, SI sheet and SP sheet.
Reservation information in described encrypting module 2 in piece of video before first macro block comprises first_mb_in_slice field, slice_type field, pic_parameter_set_id field and rame_num field.
Be encrypted as stream cipher encrypting or block encryption in described encrypting module 2, described stream cipher encrypting comprises employing RC4 cryptographic algorithm, and grouping encryption method comprises des encryption algorithm, 3DES cryptographic algorithm, AES encryption algorithm, SM1 cryptographic algorithm and SM4 cryptographic algorithm.
In described composite module 3, when there is start-stop code in ciphertext encryption being detected, inserting start-stop code labeling by before last byte, when decoding, when start-stop code labeling being detected, start-stop code labeling being abandoned.
H.264 the video compression coding standard that the joint video team that coding is made up of ISO/IEC and ITU-T is formulated, formally announces, obtains application widely at present for 2003.
H.264 the structure of encoded video: video is made up of the time series of image, usually also referred to as video image, image sequence, video sequence etc., the such image of each width is called a frame.Frame per second is exactly seasonal effect in time series broadcasting speed, and usual frame per second is 25 ~ 30 frames per second.
Video is a kind of structure of classification, and in early stage video encoding standard, video is a kind of hierarchy being similar to ICP/IP protocol, and every one deck has a head (also comprising necessary afterbody), and the data division of every layer comprises the data of this layer.And the data division of this layer is several high-rise data cells, these unit have again oneself head and data division.This structure is applied widely in various procotol, but the head of every one deck and its data division form management and the strong dependence be managed, once head is lost, the information of data division may be correctly decoded out hardly again.Usually can take re-transmission policy and abandon vicious packet in a network.Because frame of video is general all large than the MTU of network, the syntax elements of whole layer all can not be put into same grouping, if the packet loss at head place, other grouping of this layer and enable being correctly received also cannot be combined into a complete frame, thus cannot decode, cause the wasting of resources.
H.264 coding standard is extensively absorbing on the basis of advantage of all kinds of coding standard, devises the structure of five levels, is respectively the level that sequence, image, sheet, macro block, sub-macro block five are basic.Correlation at all levels, as shown in Figure 1.
In H.264 coding standard, first two kinds of parameter sets are the introduction of---sequence parameter set (SPS) and picture parameter set (PPS), these two kinds of parameters are out formed by the section syntax element sepatation originally belonging to sequence and picture headers, and other part then puts into lamella.Parameter set is an independently data unit, does not rely on other syntax elements outside parameter set.The parameter that what sequence parameter set SPS comprised is for a continuous programming code video sequence, as the number of number-mark, frame number, reference frame, decoded picture size and frame field coding mode select mark etc.The parameter identification of what picture parameter set PPS was corresponding is a certain image or a few width image in a sequence, entropy code model selection mark, sheet group number, initial quantization parameters and deblocking filtering coefficient adjustment mark etc.
Generally, a sequence parameter set SPS can be mapped to multiple picture parameter set.Fig. 1 describes the relation of the outer various syntax elements of sequence parameter set SPS and picture parameter set PPS.The lower one deck of line representative in figure needs the information with reference to last layer when encoding and decoding.Parameter set is just cited when lamella syntax elements needs, and not corresponding specific image or sequence, same picture parameter set also can be quoted by multiple image, when only having encoder to think to need the content of undated parameter collection, just can send the parameter made new advances.In the h .264 standard, all kinds of parameter set compares flexibly with the mapping relations between sheet, image, and a complete frame can be made up of a sheet or multiple, and each can be selected the parameter that needs to quote as required flexibly.
Under this parameter set independently mechanism, parameter set can repeatedly be retransmitted, and when H.264 encoding or need certain syntax elements in guarantee lamella will quote certain parameter set in decode procedure, that parameter set arrives decoder, namely first parameter set must be transmitted in time, if can not get the parameter needed, the parsing of syntax will mistake completely, general decoder can be abandoned, until receive next sequence parameter set SPS and picture parameter set PPS just normal decoder.Therefore H.264 the syntax elements of parameter set and parameter set outside is in different channels by standard suggestion.During set of transmission parameters, the safer but passage that cost is more expensive is used, and when transmitting general data, the low but channel not reliably of use cost.
As shown in Figure 1, for code flow structure is a kind of basic model of simplification, sheets all here only has a type, and one or more sheet forms a sub-picture, and this model can normally work, but perfect not.Usually, the type of sheet may only have two kinds, also may be multiple, and this depends on the shelves level that coding adopts.In order to adapt to complicated occasion, except sheet and parameter set, also needing other data unit to provide extra information, therefore also will do further expansion.
H.264 encode in order to the reliability of the efficiency and transmission that improve compression, video is divided into three kinds of different class.Basic class, is mainly used in the relevant application of video session, if Remote Video Conference, video telephone, tele-medicine, remote teaching, in real time monitoring etc. are in the higher scene of requirement of real-time.Main class, is mainly used in consumption electronic product, as in the scene such as Digital Television, video storage.And expand the video flowing that class is mainly used in network, as video request program etc.
For above-mentioned three kinds of class, each all must meet one group of specific encoding function, and supports that a class is specifically applied.When adopting basic class, only have the sheet of I sheet and P sheet two type, can support in frame and interframe encode, support the entropy code based on contextual adaptive variable length coding (CAVLC).When using main class, except meeting the requirement of basic class, also support interlaced video, adopt the interframe encode of B sheet and adopt the intraframe coding of weight estimation, support to utilize based on contextual adaptive arithmetic coding (CABAC), therefore, three kinds of sheet types of I sheet, P sheet and B sheet are had.And expand class except I sheet, P sheet and B sheet, in order to support the effective switching between code stream, also have SP sheet and SI sheet two kinds of sheets.
As shown in Figure 2, a kind of video structure comprising I frame, P frame and B frame three types.A video image can be encoded into one or more sheet, coded slice generally have three kinds dissimilar, I sheet, P sheet, B sheet.In figure, the afterbody of arrow is the reference picture of stem, I sheet, and namely (Intra) sheet in frame, utilize decoded pixel from current slice to carry out infra-frame prediction as a reference, and the decoded pixel do not got in other sheet carries out infra-frame prediction as a reference.P sheet utilizes encoded I sheet to carry out infra-frame prediction as with reference to image above.B sheet then utilizes former and later two P sheets for reference to predicting.Due to I sheet not with other image for reference, general data amount is larger, and P sheet is much smaller, and B sheet is less, like this can compressed video size further.
In order to the requirement of the bandwidth self-adaption and error-resilient performance of complying with video flowing, in the expansion shelves of H.264 coding standard, in turn define two kinds of new frame types: SP sheet and SI sheet.The general principle of SP frame coding is similar with P sheet, and be still the motion compensated predictive coding based on inter prediction, difference is between the two that SP sheet can reconstruct identical picture frame with reference to different reference frame.Make full use of this characteristic, SP sheet can instead of I sheet, be widely used between stream, switching (bitstream switching), splicing (splicing), Stochastic accessing (random access), fast forwarding and fast rewinding (fast forward, fast backward) and the application such as Fault recovery (error recovery) in, greatly reduce the expense of code check simultaneously.Corresponding with SP sheet, SI sheet is then based on intraframe predictive coding technology, and its reconstructed image is identical with to the reconstructed image of SP sheet.Although the code efficiency of SP sheet is a little less than P sheet, but far away higher than I sheet, greatly improve the network compatibility of H.264 encoded video, support that streaming media service is flexibly applied, there is very strong error-resilient performance, adapt to transmit in large in noise jamming, that packet loss is high wireless channel.
The internal structure of sheet is divided into sheet head (slice_header) and the main part of sheet data (slice_data) two.Order of the address of first macro block in sheet owner record sheet, the type of sheet, the call number of picture parameter set and decoding etc.Need during encryption to be retained.
The data division of sheet forms primarily of several macro blocks, and a macro block is made up of 16 × 16 luminance pixels and a 8 × 8Cb and additional 8 × 8Cr colour element block.In each image, some macro blocks are arranged form in blocks.Macro block also has I, P and B three types, and wherein I sheet only comprises I macro block, and P sheet can comprise P macro block and I macro block, and B sheet can comprise B macro block and I macro block.
I macro block utilizes decoded pixel from current slice to carry out infra-frame prediction as a reference, and the decoded pixel can not got in other sheet carries out infra-frame prediction as a reference.P macro block utilizes encoded image above to carry out infra-frame prediction as with reference to image, the macro block of an intraframe coding can do the segmentation of macro block further, as 16 × 16,16 × 8,8 × 16 or 8 × 8 luminance pixel blocks (and subsidiary colour element) etc.
Compared with former standard, as H.263 coding is compared with MPEG-4 coding etc., the functional module not too large change of codec H.264, main difference is the details that realizes of each functional module, and these details are mainly reflected in macro block.In addition, be H.264 encoded to and meet various multimedia application, provide the mechanism of many optimization coding and decoding videos, therefore different macroblock structure difference is larger.But macro block does not bring direct impact to transmission of video and management, can all encrypt.
By analysis above, can see, sequence parameter set SPS and the picture parameter set PPS essential record global parameter of video sequence, as picture size, video format, and the shelves level of coding etc., major function be in order to peripheral operation can be correct the complete video sequence of identification one, therefore cannot encrypt, otherwise Internet Transmission, storage and parsing etc. will be caused all cannot to carry out.Owing to not containing actual video content, encryption parameter can not bring safety problem.
And for data units such as Supplemental Enhancement Information (SEI), extra data or synchronizing information are mainly provided, suitably can improve the complex characteristic of net synchronization capability or definition image, but not comprise video content itself, optional in decode procedure, therefore need not encrypt.
Therefore, video encryption method of the present invention comprises the steps:
The first step, resolve video based on H.264 encoding, to identify the NAL unit in H.264 encoded video, described in identify encoded video NAL unit comprise parameter set, Supplemental Enhancement Information SEI and piece of video; By the parameter set that identifies in NAL unit and the direct plaintext transmission of Supplemental Enhancement Information SEI;
Identify that the parameter set in NAL unit comprises sequence parameter set SPS, picture parameter set PPS; Piece of video comprises I sheet, B sheet, P sheet, SI sheet and SP sheet.
Second step, parsing piece of video, identify the position of first macro block in the stem of piece of video, data division and piece of video, the information before first macro block in the stem of piece of video and sheet data retained, be encrypted all the other information in sheet;
Reservation information in sheet data before first macro block comprises first_mb_in_slice field, slice_type field, pic_parameter_set_id field and frame_num field.
Can adopt conventional data ciphering method, stream cipher encrypting or grouping encryption method to the method for sheet internal information encryption, described stream cipher encrypting method comprises RC4, and grouping encryption method comprises DES, 3DES, AES, SM1 or SM4.When adopting block encryption, if when end video is less than a grouping, need to carry out filling being encrypted again.The method that the method that block encryption is filled can adopt the art conventional, repeats no more herein.
Due to I sheet, P sheet and B sheet, and SI sheet in expansion shelves level and SP sheet, be the main body of video content, need its encryption.But still the stem of sheet (slice_head) all will be retained.Because the field before first macro block in sheet still plays an important role to video code and decode, if add secret meeting to cause occurring mistake during decryption of video, therefore for sheet data division, the information before first macro block is wanted all to retain, particularly following four field: first_mb_in_slice, slice_type, pic_parameter_set_id, frame_num.First_mb_in_slice, two bytes, represent the address of macro block in sheet, sheet demarcates its address by this syntax elements.Slice_type, two bytes, indicate the type of sheet, and decoder judges the type of current slice by this byte.Pic_parameter_set_id, two bytes, the call number of picture parameter set.Frame_num, two bytes, specify the decoding order of each image.
3rd step, shell is added to the ciphertext in NAL unit, to make not occur start-stop code in the ciphertext after encrypting.
H.264 encoded video adds the start-stop code of 0x000001 as new NAL unit before each NAL unit.Under such mechanism, decoder will detect that 0x000001 starts as new NAL unit, and after being encrypted the piece of video data in NAL unit, probably in ciphertext, has occurred start-stop code.In the embodiment of the present invention, when the start-stop code in ciphertext being detected, inserting 0x03 by before last byte, when decoding, when 0x000003 sequence being detected, 0x03 being abandoned.In addition, also need to add shell protection to 0x000000,0x000002 and 0x000003 of occurring in coding, the situation of detailed process and 0x000001 is similar, repeats no more herein.
The encryption method main feature of the present invention to H.264 encoded video is that versatility is better, go for the encryption of all kinds of scene, be mainly reflected in the following aspects: go for the encryption after all kinds of shelves level coding, go for all kinds ofly needing the encryption after carrying out code optimization according to equipment, ciphertext can by conventional RTP/RTSP protocol transmission, can carry out storing and forwarding according to the method for management Clear video, also can use common decoders decode, but can not video content be revealed.Particularly:
1), in order to adapt to different purposes, H.264 coding standard devises the coding of basic class, main class and expansion class three kinds of class, one sheet having 5 types, coded system, the prediction mode of different sheets are all very different, and general encryption method designs encryption method respectively for the feature of different sheet.These differences are mainly reflected in the internal structure of sheet, in the embodiment of the present invention, do not consider the interior details of sheet, and it are all encrypted, therefore can encrypt various piece of video.
In order to improve the efficiency of compressed encoding, improve the quality of video image, improve Fault recovery function and improve network friendliness etc., H.264 encoded video have employed the technology of many advanced persons, but the raising of performance increases computation complexity for cost, particularly in quantification, motion estimation motion compensation, frame, relate to a large amount of data-movings and calculating in STAD calculating, interframe SAD calculating etc., therefore, under the embedded environment that hardware resource is limited, process video in real time, generally want first Optimized Coding Based.Common encipherment scheme must do optimization situation and adjust for concrete equipment.Because these differences are also embodied in the internal structure of sheet, due in the embodiment of the present invention, do not consider the interior details of sheet, can be encrypted the video that various equipment produces by a kind of mode.
2), video-encryption strategy of the present invention is a kind of good method of versatility, is mainly reflected in and can uses general transmission of video agreement, as RTP/RTSP agreement carrys out the video after Transmission Encryption.Reason is as follows: H.264 encoded video sequence comprises a series of NAL unit, length due to NAL unit is not fixing, such as picture parameter set PPS only has 8 bytes, comprise the NAL unit size of I sheet then up to several thousand bytes, RTP is when transmission of video, according to the size of NAL, frame of video can be combined into a bag, or split into multiple bag.
After H.264 video encoding standard coding, the stem of the NAL unit of video has an important attribute field nal_unit_type, and span is 0-31.Wherein 1-23 is mainly used in the type that decoder distinguishes NAL, and the numerical value such as 24-31 do not use when encoding.Such as 7 represent sequence parameter set SPS, 8 presentation video parameter set PPS etc.But remain some flag bits, as the flag bit between 0 and 24-31, RTP is when packaging to frame of video or splitting into multiple bag, need to use the several untapped numerical value of nal_unit_type to indicate the type of process, the such as combination bag of 24 expression single incidents, the combination bag of 26 expression multiple times, 28 represent bursts etc.Due in the embodiment of the present invention, nal_unit_type is retained, and the data division of sheet inside is encrypted, therefore adopt encryption of the present invention can not bring impact to RTP transmission.Because nal_unit_type is in the header field of NAL, in the present invention, by the first_mb_in_slice of the stem of NAL and NAL data division, slice_type, pic_parameter_set_id, frame_num tetra-fields retain, therefore, the video after encryption does not affect the transmission of video.
Specifically, H.264 encoded video take NAL as unit, unit close-packed arrays, processor identifies different unit by identifier, common video sequence comprises polytype data, as parameter set PS, image delimiter PD, and coded slice, Data Segmentation, EOS symbol and padding data etc.Typical video transmission sequence as shown in Figure 3.Each unit is by independently NAL unit transmission.
H.264 coding standard the transmission means of undefined NAL unit, determines its transmission means according to different transmission environments in reality.As in packet network, each NAL unit, independently to wrap transmission, is resequenced before decoding.
In order to distinguish the data type in bag, RTP uses the reservation position of the nal_unit_type in H.264 encoding to represent the state of NAL.The concrete meaning of nal_unit_type flag bit is as shown in the table.
When Real-time Transport Protocol is resolved to one NAL unit (nal_unit), first resolve nal_unit_type, then divide three kinds of situation process:
I), single NAL unit pattern
Namely RTP bag is only made up of a complete NAL unit, and RTP NAL head type field is the same with the NAL unit head type field of original H.264 encoded video in this case.
Ii), package pattern is combined
Namely may form a RTP by multiple NAL unit to wrap, have 4 kinds of compound modes respectively: STAP-A, STAP-B, MTAP16, MTAP24.So here, types value is 24,25,26 and 27 respectively.
Iii), burst package pattern
For becoming multiple RTP to wrap a NALU unit package, there are two type FU-A and FU-B types value is 28 and 29 respectively
As can be seen here, mainly use the nal_unit_type of chip level to distinguish the type of each such sheets during transmission of video, and the data division in sheet is not distinguished, therefore adopt the video after this programme encryption that common transmission of video agreement such as RTP can be used to transmit.
3), to being stored in local video file, need to do basic parsing to video, so that management.H.264 decoding is carried out in units of NAL unit, before carrying out NAL unit parsing, is first resolved by Real-time Transport Protocol, or is detected by initial code, obtains NAL unit data from transmission code stream.If will decode to NAL unit, its input is NAL unit, and Output rusults is through the sample value of the present image (CurrPic) of decoding, because now video content is encryption, only will can see muddy picture, and valuable content cannot be seen.
The present invention, according to after H.264 video encoding standard coding, retains parameter and other important information of video, is only encrypted data subject.Specifically, be exactly retain parameter set SPS (sequence parameter set), the PPS (picture parameter set), SEI (Supplemental Enhancement Information) etc. in video, only the parts such as I frame, P frame and B frame be encrypted.And for the frame encrypted, still retaining several important field in head, other parts are all encrypted.Video after encryption can obtain the safeguard protection of high strength; but still can equally with ordinary video transmit in a network; can preserve by commonsense method and management encrypt data, therefore this is the encryption method of video stream that a kind of versatility is better, robustness is higher, cost is lower.
The foregoing is only preferred embodiment of the present invention, not in order to limit the present invention, within the spirit and principles in the present invention all, any amendment done, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (10)
1., based on a generic video encryption method for H.264 coding standard, it is characterized in that, comprise the following steps:
Step 1: resolve the video based on H.264 coding standard, identify the NAL unit in video, described NAL unit comprises parameter set, Supplemental Enhancement Information and piece of video; The parameter set identified in NAL unit and Supplemental Enhancement Information are directly carried out plaintext transmission in a network;
Step 2: resolve piece of video, identify the position of first macro block in the stem of piece of video, data division and piece of video, using the information before first macro block in the stem of piece of video and piece of video as reservation information, will not encrypt, the information in piece of video except reservation information is encrypted;
Step 3: the ciphertext obtained is encrypted to passing through in piece of video and adds shell, combine through the information added in the ciphertext of shell, the stem of piece of video and piece of video before first macro block, obtain the piece of video through encryption, the piece of video through encryption is transmitted in a network.
2. the generic video encryption method based on H.264 coding standard according to claim 1, it is characterized in that, the parameter set in described step 1 in NAL unit comprises sequence parameter set SPS and picture parameter set PPS; Piece of video comprises I sheet, B sheet, P sheet, SI sheet and SP sheet.
3. the generic video encryption method based on H.264 coding standard according to claim 1, it is characterized in that, the reservation information in described step 2 in piece of video before first macro block comprises first_mb_in_slice field, slice_type field, pic_parameter_set_id field and rame_num field.
4. the generic video encryption method based on H.264 coding standard according to claim 1, it is characterized in that, stream cipher encrypting or block encryption is encrypted as in described step 2, described stream cipher encrypting comprises employing RC4 cryptographic algorithm, and grouping encryption method comprises des encryption algorithm, 3DES cryptographic algorithm, AES encryption algorithm, SM1 cryptographic algorithm and SM4 cryptographic algorithm.
5. the generic video encryption method based on H.264 coding standard according to claim 1, it is characterized in that, in described step 3, when there is start-stop code in ciphertext encryption being detected, start-stop code labeling is inserted by before last byte, when decoding, when start-stop code labeling being detected, start-stop code labeling is abandoned.
6., based on a generic video encryption system for H.264 coding standard, it is characterized in that, comprise parsing module (1), encrypting module (2) and composite module (3);
Described parsing module (1), for resolving the video based on H.264 coding standard, identify the NAL unit in video, described NAL unit comprises parameter set, Supplemental Enhancement Information and piece of video; The parameter set identified in NAL unit and Supplemental Enhancement Information are directly carried out plaintext transmission in a network;
Described encrypting module (2), for resolving piece of video, identify the position of first macro block in the stem of piece of video, data division and piece of video, using the information before first macro block in the stem of piece of video and piece of video as reservation information, will not encrypt, the information in piece of video except reservation information is encrypted;
Described composite module (3), shell is added for encrypting to passing through in piece of video the ciphertext obtained, combine through the information added in the ciphertext of shell, the stem of piece of video and piece of video before first macro block, obtain the piece of video through encryption, the piece of video through encryption is transmitted in a network.
7. the generic video encryption system based on H.264 coding standard according to claim 6, is characterized in that, the parameter set in described parsing module (1) in NAL unit comprises sequence parameter set SPS and picture parameter set PPS; Piece of video comprises I sheet, B sheet, P sheet, SI sheet and SP sheet.
8. the generic video encryption system based on H.264 coding standard according to claim 6, it is characterized in that, the reservation information in described encrypting module (2) in piece of video before first macro block comprises first_mb_in_slice field, slice_type field, pic_parameter_set_id field and rame_num field.
9. the generic video encryption system based on H.264 coding standard according to claim 6, it is characterized in that, described encrypting module is encrypted as stream cipher encrypting or block encryption in (2), described stream cipher encrypting comprises employing RC4 cryptographic algorithm, and grouping encryption method comprises des encryption algorithm, 3DES cryptographic algorithm, AES encryption algorithm, SM1 cryptographic algorithm and SM4 cryptographic algorithm.
10. the generic video encryption system based on H.264 coding standard according to claim 6, it is characterized in that, in described composite module (3), when there is start-stop code in ciphertext encryption being detected, start-stop code labeling is inserted by before last byte, when decoding, when start-stop code labeling being detected, start-stop code labeling is abandoned.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510050727.5A CN104639943B (en) | 2015-01-30 | 2015-01-30 | A kind of generic video encryption method and system based on H.264 coding standard |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510050727.5A CN104639943B (en) | 2015-01-30 | 2015-01-30 | A kind of generic video encryption method and system based on H.264 coding standard |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104639943A true CN104639943A (en) | 2015-05-20 |
| CN104639943B CN104639943B (en) | 2018-02-13 |
Family
ID=53218182
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510050727.5A Expired - Fee Related CN104639943B (en) | 2015-01-30 | 2015-01-30 | A kind of generic video encryption method and system based on H.264 coding standard |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104639943B (en) |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105471860A (en) * | 2015-11-19 | 2016-04-06 | 浙江宇视科技有限公司 | Video data transmission method and apparatus |
| CN105635149A (en) * | 2015-12-30 | 2016-06-01 | 深圳Tcl数字技术有限公司 | Streaming media encryption method, device and system |
| CN105704545A (en) * | 2016-01-20 | 2016-06-22 | 中国科学院信息工程研究所 | Secret key synchronizing information transmission method based on H.264 video stream |
| CN107172431A (en) * | 2017-06-27 | 2017-09-15 | 西南科技大学 | A kind of scalable authentication method based on H264/SVC video flowings |
| CN108235060A (en) * | 2018-03-12 | 2018-06-29 | 上海哔哩哔哩科技有限公司 | Video-encryption playback method, system and the storage medium obscured based on parameter set |
| CN108235152A (en) * | 2018-03-07 | 2018-06-29 | 北京视博数字电视科技有限公司 | The transmission method of DRM application systems and DRM private datas |
| CN108600196A (en) * | 2018-04-04 | 2018-09-28 | 广东中星电子有限公司 | The encryption method and device and decryption method and device of image |
| CN108769740A (en) * | 2018-06-05 | 2018-11-06 | 苏州科达科技股份有限公司 | Video data encrypted transmission method, system, equipment and storage medium |
| CN109388618A (en) * | 2018-10-15 | 2019-02-26 | 深圳市太山科技有限公司 | The method and device of embedded system compressing file, decompression and encryption, decryption |
| CN110611830A (en) * | 2019-09-29 | 2019-12-24 | 腾讯科技(深圳)有限公司 | Video processing method, device, equipment and medium |
| CN111405233A (en) * | 2020-03-25 | 2020-07-10 | 苏州科达科技股份有限公司 | Encrypted graph transmission method, device, storage medium and system in video conference |
| CN114189713A (en) * | 2021-12-21 | 2022-03-15 | 杭州当虹科技股份有限公司 | Content encryption method |
| CN116095331A (en) * | 2023-03-03 | 2023-05-09 | 浙江大华技术股份有限公司 | Encoding method and decoding method |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1333973A (en) * | 1998-11-20 | 2002-01-30 | 艾利森电话股份有限公司 | Method and device for encryption of images |
| CN1452840A (en) * | 2000-05-02 | 2003-10-29 | 通用仪器公司 | Method and apparatus for enabling random access to individual pictures in encrypted video stream |
| CN1726713A (en) * | 2002-12-16 | 2006-01-25 | 皇家飞利浦电子股份有限公司 | Method and apparatus to encrypt video data streams |
| US20070116277A1 (en) * | 2005-11-17 | 2007-05-24 | Samsung Electronics Co., Ltd. | Method and system for encryption/decryption of scalable video bitstream for conditional access control based on multidimensional scalability in scalable video coding |
-
2015
- 2015-01-30 CN CN201510050727.5A patent/CN104639943B/en not_active Expired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1333973A (en) * | 1998-11-20 | 2002-01-30 | 艾利森电话股份有限公司 | Method and device for encryption of images |
| CN1452840A (en) * | 2000-05-02 | 2003-10-29 | 通用仪器公司 | Method and apparatus for enabling random access to individual pictures in encrypted video stream |
| CN1726713A (en) * | 2002-12-16 | 2006-01-25 | 皇家飞利浦电子股份有限公司 | Method and apparatus to encrypt video data streams |
| US20070116277A1 (en) * | 2005-11-17 | 2007-05-24 | Samsung Electronics Co., Ltd. | Method and system for encryption/decryption of scalable video bitstream for conditional access control based on multidimensional scalability in scalable video coding |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105471860A (en) * | 2015-11-19 | 2016-04-06 | 浙江宇视科技有限公司 | Video data transmission method and apparatus |
| CN105635149A (en) * | 2015-12-30 | 2016-06-01 | 深圳Tcl数字技术有限公司 | Streaming media encryption method, device and system |
| WO2017113610A1 (en) * | 2015-12-30 | 2017-07-06 | 深圳Tcl数字技术有限公司 | Method, device, and system for streaming media encryption |
| CN105704545A (en) * | 2016-01-20 | 2016-06-22 | 中国科学院信息工程研究所 | Secret key synchronizing information transmission method based on H.264 video stream |
| CN107172431B (en) * | 2017-06-27 | 2019-12-27 | 西南科技大学 | Scalable authentication method based on H264/SVC video stream |
| CN107172431A (en) * | 2017-06-27 | 2017-09-15 | 西南科技大学 | A kind of scalable authentication method based on H264/SVC video flowings |
| CN108235152B (en) * | 2018-03-07 | 2020-10-27 | 北京视博数字电视科技有限公司 | DRM application system and method for transferring DRM private data |
| CN108235152A (en) * | 2018-03-07 | 2018-06-29 | 北京视博数字电视科技有限公司 | The transmission method of DRM application systems and DRM private datas |
| CN108235060B (en) * | 2018-03-12 | 2020-06-26 | 上海哔哩哔哩科技有限公司 | Video encryption playing method, system and storage medium based on parameter set confusion |
| CN108235060A (en) * | 2018-03-12 | 2018-06-29 | 上海哔哩哔哩科技有限公司 | Video-encryption playback method, system and the storage medium obscured based on parameter set |
| CN108600196A (en) * | 2018-04-04 | 2018-09-28 | 广东中星电子有限公司 | The encryption method and device and decryption method and device of image |
| CN108769740A (en) * | 2018-06-05 | 2018-11-06 | 苏州科达科技股份有限公司 | Video data encrypted transmission method, system, equipment and storage medium |
| CN109388618A (en) * | 2018-10-15 | 2019-02-26 | 深圳市太山科技有限公司 | The method and device of embedded system compressing file, decompression and encryption, decryption |
| CN109388618B (en) * | 2018-10-15 | 2021-02-12 | 密卡思(深圳)电讯有限公司 | Method and device for compressing, decompressing, encrypting and decrypting file of embedded system |
| CN110611830A (en) * | 2019-09-29 | 2019-12-24 | 腾讯科技(深圳)有限公司 | Video processing method, device, equipment and medium |
| CN111405233A (en) * | 2020-03-25 | 2020-07-10 | 苏州科达科技股份有限公司 | Encrypted graph transmission method, device, storage medium and system in video conference |
| CN114189713A (en) * | 2021-12-21 | 2022-03-15 | 杭州当虹科技股份有限公司 | Content encryption method |
| CN116095331A (en) * | 2023-03-03 | 2023-05-09 | 浙江大华技术股份有限公司 | Encoding method and decoding method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104639943B (en) | 2018-02-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104639943B (en) | A kind of generic video encryption method and system based on H.264 coding standard | |
| CN101505316B (en) | Method and device for reordering and multiplexing multimedia packets from multimedia streams pertaining to interrelated sessions | |
| CN101390399B (en) | Backward-compatible aggregation of pictures in scalable video coding | |
| AU2010279256B2 (en) | Signaling characteristics of an MVC operation point | |
| Liu et al. | A survey of video encryption algorithms | |
| CN102804773B (en) | In 2 systems of MPEG, combination multi-angle video decodes sub- bit stream | |
| CN1934865B (en) | Method and device for resizing of buffer in encoder and decoder | |
| CN101444102B (en) | Picture delimiter in scalable video coding | |
| CN101867750B (en) | OSD information processing method and device for video monitoring system | |
| WO2006111087A1 (en) | H.264-based error eliminating method for compressed video transmission | |
| JP2012505569A (en) | Multi-view media data | |
| CN102342127A (en) | Method and apparatus for video coding and decoding | |
| US20110122945A1 (en) | Methods for error concealment due to enhancement layer packet loss in scalable video coding (svc) decoding | |
| CN102469344A (en) | Video stream encryption and decryption method, video stream encryption and decryption device, communication terminal and storage terminal | |
| KR101345544B1 (en) | Multi-view video coding system, decoding system, bitstream extracting system for decoding base view and supporting view random access | |
| US20150103924A1 (en) | On operation of decoded picture buffer for interlayer pictures | |
| Zou et al. | H. 264 video encryption scheme adaptive to DRM | |
| US7839925B2 (en) | Apparatus for receiving packet stream | |
| KR20080068520A (en) | Time-stamping apparatus and method for rtp packetization of svc coded video, rtp packetization system using that | |
| KR20130124348A (en) | Method and apparatus for managing content distribution over multiple terminal devices in collaborative media system | |
| CN106303537B (en) | A kind of more code stream transmission methods of openh264 | |
| KR20080081407A (en) | Method and equipment for hybrid multiview and scalable video coding | |
| KR101340203B1 (en) | Encryption procedure and device for an audiovisual data stream | |
| Jun et al. | A two-way selective encryption algorithm for MPEG video | |
| KR101663769B1 (en) | System and method for executing source buffering for multiple independent group transmission of real-time encoded scalabe video contents |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20180213 Termination date: 20200130 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |