CN112491532A - Video data encryption method and device, storage medium and electronic equipment - Google Patents
Video data encryption method and device, storage medium and electronic equipment Download PDFInfo
- Publication number
- CN112491532A CN112491532A CN202011415073.9A CN202011415073A CN112491532A CN 112491532 A CN112491532 A CN 112491532A CN 202011415073 A CN202011415073 A CN 202011415073A CN 112491532 A CN112491532 A CN 112491532A
- Authority
- CN
- China
- Prior art keywords
- video
- groups
- video data
- encryption
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 56
- 230000005540 biological transmission Effects 0.000 claims abstract description 28
- 238000012545 processing Methods 0.000 claims description 20
- 238000004891 communication Methods 0.000 claims description 15
- 230000008569 process Effects 0.000 claims description 15
- 230000004044 response Effects 0.000 claims description 11
- 238000004590 computer program Methods 0.000 claims description 10
- 230000006870 function Effects 0.000 claims description 10
- 238000006243 chemical reaction Methods 0.000 claims description 7
- 230000001131 transforming effect Effects 0.000 claims 1
- 238000005516 engineering process Methods 0.000 abstract description 6
- 238000010586 diagram Methods 0.000 description 9
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 241000522195 Dalbergia Species 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000009466 transformation Effects 0.000 description 2
- 238000013473 artificial intelligence Methods 0.000 description 1
- 239000002131 composite material Substances 0.000 description 1
- 230000006835 compression Effects 0.000 description 1
- 238000007906 compression Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 239000002360 explosive Substances 0.000 description 1
- 238000003384 imaging method Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/44—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs
- H04N21/4408—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving video stream encryption, e.g. re-encrypting a decrypted video stream for redistribution in a home network
Landscapes
- Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Multimedia (AREA)
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
Abstract
The invention discloses a video data encryption method and device, a storage medium and electronic equipment, and belongs to the field of data security. Wherein, the method comprises the following steps: splitting source video data to be transmitted into a plurality of video groups according to bytes; converting the initial keys into key streams according to the plurality of video groups, wherein the key streams comprise a plurality of groups of keys, and each group of keys corresponds to one round of encryption operation; and respectively carrying out multiple rounds of encryption on the plurality of video groups by using the key stream to generate target video data. According to the invention, the technical problem of low efficiency when video data are encrypted based on video frames in the related technology is solved, the encryption speed and the encryption efficiency of the video data are improved, the real-time transmission of the video data is realized, the leakage risk of the video data is reduced, and the safety of the video data transmission is improved.
Description
Technical Field
The invention relates to the field of data security, in particular to a video data encryption method and device, a storage medium and electronic equipment.
Background
In the related technology, with the development of technologies such as AI, big data, cloud computing and the like, the intelligent hardware industry has gained explosive development, and the daily life of people is deeply influenced.
In the related art, with the continuous update iteration of the artificial intelligence technology, a video platform based on a camera needs to ensure that video data is not stolen, tampered or even stroked by other useful personnel besides ensuring that the video data is efficiently received and returned with high quality, so that data security in a video transmission process becomes an urgent problem to be solved.
In view of the above problems in the related art, no effective solution has been found at present.
Disclosure of Invention
The embodiment of the invention provides a video data encryption method and device, a storage medium and electronic equipment, and aims to solve the technical problem of low efficiency when video data are encrypted based on video frames in the related art.
According to an aspect of an embodiment of the present application, there is provided a method for encrypting video data, including: splitting source video data to be transmitted into a plurality of video groups according to bytes; converting the initial keys into key streams according to the plurality of video groups, wherein the key streams comprise a plurality of groups of keys, and each group of keys corresponds to one round of encryption operation; and respectively carrying out multiple rounds of encryption on the plurality of video groups by using the key stream to generate target video data.
Further, converting the initial key into the key stream according to the plurality of video groups comprises: allocating a progressively accumulating increment counter to each of the plurality of video groups, wherein the byte length of the increment counter is the same as that of the video group; an initial key is converted to a keystream based on the incremented counter.
Further, the key generated by the incremental counter includes a first field and a second field, where the first field is an initial value of the encrypted random value, and the second field is a packet sequence number of the corresponding video group.
Further, performing multiple rounds of encryption on the plurality of video groups using the key stream, respectively, to generate target video data, including: for each video group, carrying out multiple rounds of XOR operation on the key stream and the corresponding video group to obtain a ciphertext group; and combining the plurality of ciphertext groups into target video data.
Further, performing multiple rounds of xor operations on the key stream and the corresponding video group to obtain a ciphertext group includes: grouping the video groups into N sub-video groups according to the unit of M byte length, wherein M x N is the bit length of the video groups; and performing M rounds of iterative encryption on the N sub-video groups by adopting a round function to obtain N ciphertext groups, wherein in each round of iterative encryption process, the round key of the current round and the sub-video groups execute exclusive OR operation.
Further, after performing multiple rounds of encryption on the plurality of video groups respectively by using the key stream to generate target video data, the method further includes: sending the IP information and the connection request to a Darwinian streaming media server (DSS); creating a real-time video streaming thread and a command processing thread in response to the DSS based on the IP information and a connection response fed back by the connection request; and transmitting the target video data to the DSS by adopting the real-time video stream transmission thread, and establishing a Transmission Control Protocol (TCP) connection between local equipment and the DSS by adopting the command processing thread.
Further, splitting the source video data to be transmitted into a plurality of video groups by bytes comprises: coding a real-time video stream to obtain the source video data; reading data plaintext of the source video data; and splitting the data plaintext into a plurality of video groups by taking bytes with preset length as a unit.
According to another aspect of the embodiments of the present application, there is also provided an apparatus for encrypting video data, including: the splitting module is used for splitting source video data to be transmitted into a plurality of video groups according to bytes; the conversion module is used for converting the initial keys into key streams according to the plurality of video groups, wherein the key streams comprise a plurality of groups of keys, and each group of keys corresponds to one round of encryption operation; and the encryption module is used for respectively carrying out multi-round encryption on the plurality of video groups by using the key stream to generate target video data.
Further, the conversion module includes: the distribution unit is used for distributing an incremental counter which is accumulated successively for each video group in the plurality of video groups, wherein the byte length of the incremental counter is the same as that of the video group; a conversion unit for converting the initial key into a keystream based on the incremental counter.
Further, the key generated by the incremental counter includes a first field and a second field, where the first field is an initial value of the encrypted random value, and the second field is a packet sequence number of the corresponding video group.
Further, the encryption module includes: the encryption unit is used for carrying out multiple rounds of XOR operation on each video group by using the key stream and the corresponding video group to obtain a ciphertext group; and the combination unit is used for combining the plurality of ciphertext groups into target video data.
Further, the encryption unit includes: a grouping subunit, configured to group the video group into N sub-video groups according to a unit of M byte length, where M × N is a bit length of the video group; and the encryption subunit is used for performing M rounds of iterative encryption on the N sub-video groups by adopting a round function to obtain N ciphertext groups, wherein in each round of iterative encryption process, an XOR operation is performed on a round key of a current round and the sub-video groups.
Further, the apparatus further comprises: a sending module, configured to send IP information and a connection request to a dalbergia streaming server DSS after the encryption module uses the key stream to perform multiple rounds of encryption on the multiple video packets, respectively, and generate target video data; a creating module, configured to create a real-time video streaming thread and a command processing thread in response to a connection response fed back by the DSS based on the IP information and the connection request; and the communication module is used for transmitting the target video data to the DSS by adopting the real-time video stream transmission thread and establishing a Transmission Control Protocol (TCP) connection between local equipment and the DSS by adopting the command processing thread.
Further, the splitting module comprises: the encoding unit is used for encoding the real-time video stream to obtain the source video data; a reading unit, configured to read a data plaintext of the source video data; and the splitting unit is used for splitting the data plaintext into a plurality of video groups by taking bytes with preset lengths as units.
According to another aspect of the embodiments of the present application, there is also provided a storage medium including a stored program that executes the above steps when the program is executed.
According to another aspect of the embodiments of the present application, there is also provided an electronic device, including a processor, a communication interface, a memory, and a communication bus, where the processor, the communication interface, and the memory complete communication with each other through the communication bus; wherein: a memory for storing a computer program; a processor for executing the steps of the method by running the program stored in the memory.
Embodiments of the present application also provide a computer program product containing instructions, which when run on a computer, cause the computer to perform the steps of the above method.
According to the invention, the source video data to be transmitted is divided into a plurality of video groups according to bytes, then the initial secret key is converted into the secret key stream according to the plurality of video groups, the plurality of video groups are respectively encrypted by using the secret key stream in multiple rounds to generate the target video data, the source video data is divided into the plurality of video groups according to the bytes, and each video group is encrypted by using the secret key stream in multiple rounds, so that a plaintext encryption scheme of the video data is realized, the technical problem of low efficiency when video data is encrypted based on video frames in the related technology is solved, the encryption speed and the encryption efficiency of the video data are improved, the real-time transmission of the video data is realized, the leakage risk of the video data is reduced, and the safety of the video data transmission is improved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the invention without limiting the invention. In the drawings:
fig. 1 is a block diagram of a hardware structure of a camera according to an embodiment of the present invention;
fig. 2 is a flowchart of an encryption method of video data according to an embodiment of the present invention;
FIG. 3 is an encryption flow diagram of an embodiment of the present invention;
FIG. 4 is a video upload flow diagram of an embodiment of the present invention;
FIG. 5 is an encryption flow diagram of an encryption algorithm according to an embodiment of the present invention;
FIG. 6 is a block diagram of an encryption algorithm according to an embodiment of the present invention;
fig. 7 is a block diagram of an apparatus for encrypting video data according to an embodiment of the present invention.
Detailed Description
In order to make the technical solutions better understood by those skilled in the art, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only partial embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application. It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict.
It should be noted that the terms "first," "second," and the like in the description and claims of this application and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the application described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Example 1
The method provided by the first embodiment of the present application can be executed in a camera, a mobile phone, a tablet, or a similar imaging device. Taking the operation on a camera as an example, fig. 1 is a hardware structure block diagram of a camera according to an embodiment of the present invention. As shown in fig. 1, the camera 10 may include one or more (only one shown in fig. 1) processors 102 (the processor 102 may include, but is not limited to, a processing device such as a microprocessor MCU or a programmable logic device FPGA) and a memory 104 for storing data, and optionally may further include a transmission device 106 for communication functions and an input-output device 108. It will be understood by those skilled in the art that the structure shown in fig. 1 is merely illustrative and is not intended to limit the structure of the camera head. For example, camera head 10 may also include more or fewer components than shown in FIG. 1, or have a different configuration than shown in FIG. 1.
The memory 104 may be used to store a camera program, for example, a software program and a module of application software, such as a camera program corresponding to an encryption method of video data in an embodiment of the present invention, and the processor 102 executes various functional applications and data processing by running the camera program stored in the memory 104, so as to implement the above-mentioned method. The memory 104 may include high speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, memory 104 may further include memory located remotely from processor 102, which may be connected to camera head 10 via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The transmission device 106 is used for receiving or transmitting data via a network. The above-described specific example of the network may include a wireless network provided by a communication provider of the camera 10. In one example, the transmission device 106 includes a Network adapter (NIC), which can be connected to other Network devices through a base station so as to communicate with the internet. In one example, the transmission device 106 may be a Radio Frequency (RF) module, which is used for communicating with the internet in a wireless manner.
In this embodiment, a method for encrypting video data is provided, and fig. 2 is a flowchart of a method for encrypting video data according to an embodiment of the present invention, as shown in fig. 2, the flowchart includes the following steps:
step S202, splitting source video data to be transmitted into a plurality of video groups according to bytes;
the source video data of this embodiment is video data to be transmitted, and is unencrypted or simply encrypted video data.
Step S204, converting the initial keys into a key stream according to a plurality of video groups, wherein the key stream comprises a plurality of groups of keys, and each group of keys corresponds to one round of encryption operation;
and step S206, respectively carrying out multiple rounds of encryption on the plurality of video groups by using the key stream to generate target video data.
In the encryption process, because a plurality of video groups are relatively independent, a plurality of video groups can be simultaneously encrypted for multiple rounds, after target video data are generated, local storage, further compression coding, transmission and the like can be carried out based on the target video data, and the method can be applied to application scenes such as video conferences, video monitoring, home security, remote management and the like.
Through the steps, the source video data to be transmitted are split into the plurality of video groups according to bytes, then the initial keys are converted into the key streams according to the plurality of video groups, the key streams are used for carrying out multi-round encryption on the plurality of video groups respectively to generate target video data, the source video data are split into the plurality of video groups according to the bytes, and the key streams are used for carrying out multi-round encryption on each video group, so that a plaintext encryption scheme of the video data is realized, the technical problem of low efficiency when video data are encrypted based on video frames in the related art is solved, the encryption speed and the encryption efficiency of the video data are improved, the real-time transmission of the video data is realized, the leakage risk of the video data is reduced, and the safety of video data transmission is improved.
In an implementation manner of this embodiment, splitting source video data to be transmitted into a plurality of video groups by bytes includes: coding the real-time video stream to obtain source video data; reading a data plaintext of source video data; and splitting the data plaintext into a plurality of video groups by taking bytes with a preset length as a unit.
Optionally, the predetermined length is 8 bytes (128 bits) or 16 bytes, and after the video lumens text is input, the video lumens text is grouped according to 128 bits, and if the video lumens text is less than 128 bits, the last group can be filled to ensure the symmetry of the data to the last group and the encryption algorithm. In this embodiment, Padding may be performed by adopting ZeroPadding, PKCS7Padding, PKCS5Padding, and the like, and adopting all 0 or other known data, where a last block needs to be padded to a byte with a predetermined length before encryption, and the padded data needs to be deleted after decryption, and three Padding methods are described below:
ZeroPadding is used when the data lengths are not aligned, and otherwise, the padding is not used;
PKCS7Padding, which is n bytes each, assuming that the data length needs to be padded with n (n >0) bytes to align; if the data itself is already aligned, filling a block of data with a block size, each byte being the block size;
PKCS5Padding, which is a subset of PKCS7Padding, has a fixed block size of 8 bytes. Since the last byte is definitely the length of the Padding data when the PKCS7Padding/PKCS5Padding is used, the padded data can be accurately deleted after decryption, and the real data and the Padding data cannot be distinguished when the ZeroPadding is used, so that the method is only suitable for encrypting and decrypting the character string ending in \ 0.
In one embodiment of this embodiment, converting the initial key into the key stream according to the plurality of video groups includes: allocating a progressively-accumulated incremental counter to each of the plurality of video groups, wherein the byte length of the incremental counter is the same as that of the video group; the initial key is converted to a keystream based on an incrementing counter.
Optionally, the key generated by the up-counter includes a first field and a second field, where the first field is an initial value of the encrypted random number, and the second field is a packet sequence number corresponding to the video group.
An initial key may be converted into a key stream by an encryption method based on the CTR mode (counting mode) with one up-counter per packet. In the CTR mode, each packet corresponds to a counter that is incremented successively, and in one example, the length of the key is 128 bits (16 bytes × 8), the first 8 bytes are an initial value called nonce, which is different from each encryption, and the last 8 bytes are packet sequence numbers, i.e., values obtained by continuously + 1. And carrying out encryption processing on the refreshed counter by using an SM4 algorithm to obtain the key stream.
In an implementation manner of this embodiment, performing multiple rounds of encryption on the plurality of video packets using the key stream to generate target video data includes: aiming at each video group, carrying out multi-round XOR operation on the key stream and the corresponding video group to obtain a ciphertext group; and combining the plurality of ciphertext groups into target video data.
Based on the foregoing embodiment, performing multiple rounds of xor operations on a key stream and a corresponding video group to obtain a ciphertext group includes: grouping the video groups into N sub-video groups according to the unit of M byte length, wherein M x N is the bit length of the video groups; and performing M rounds of iterative encryption on the N sub-video groups by adopting a round function to obtain N ciphertext groups, wherein in each round of iterative encryption process, the round key of the current round and the sub-video groups execute exclusive OR operation. The keystream comprises M round keys which,
fig. 3 is an encryption flowchart of an embodiment of the present invention, in an example, source video data is split into 4 video groups, which are plaintext block 1, plaintext block 2, plaintext block 3, and plaintext block 4, each video group corresponds to an incremental counter for outputting a key stream, then an xor operation is performed between a round key of each round and a sub video group, and finally ciphertext groups, which are ciphertext block 1, ciphertext block 2, ciphertext block 3, and ciphertext block 4, are output.
In an embodiment of this embodiment, after performing multiple rounds of encryption on the plurality of video packets by using the key stream to generate target video data, the method further includes: transmitting the IP information and the connection request to a Darwin Streaming Server (DSS); responding to a connection response fed back by the DSS based on the IP information and the connection request, and creating a real-time video stream transmission thread and a command processing thread; and transmitting the target video data to the DSS by adopting a real-time video stream Transmission thread, and establishing Transmission Control Protocol (TCP) connection between the local equipment and the DSS by adopting a command processing thread.
Fig. 4 is a video uploading flowchart according to an embodiment of the present invention, which includes:
s41, sending a connection request;
s42, judging whether the connection is successful;
s43, if the connection is successful, a thread sends RTP data packets to transmit the encrypted target video data;
s44, if the connection is successful, one thread establishes TCP link with the DSS server;
s45, judging whether the TCP connection is successful;
s46, if the TCP connection is successful, based on the connection cycle: waiting for the command, receiving the command, and analyzing and processing the command.
As shown in fig. 4, the video uploading flowchart firstly initializes the camera, and then sends IP information and a connection request to the DSS server, and after obtaining a server connection response, respectively starts two threads, namely a real-time video streaming thread and a command processing thread. The real-time video stream processing thread is responsible for processing and sending the processed real-time video data collected by the camera. The command processing thread is responsible for responding to a command sent by the client, the video sending end establishes TCP connection with the server, receives and processes the command of the client through the forwarding of the server, and makes a corresponding command response to the client.
The invention will be explained in more detail below with reference to examples and drawings, but the invention is not limited to these embodiments:
the embodiment provides an intelligent camera video data uploading method, which is used for encrypting and transmitting a video in an encryption mode based on a stream cipher, and includes dividing a plaintext into encoding basic units, generating a key stream by using an SM4 to realize an encryption function of the video, and finally scheduling and distributing a real-time video stream by using a DSS streaming media server to complete an uploading process of the video. The embodiment can be applied to places such as video conferences, home security and remote management.
Fig. 5 is an encryption flow chart of an encryption algorithm according to an embodiment of the present invention, which includes:
s51, inputting plaintext blocks;
s52, obtaining an initial key;
s53, expanding the key of the initial key;
s54, encrypting the plaintext block by adopting a basic round function;
s55, generating a ciphertext;
and S56, outputting the ciphertext.
In order to ensure the real-time performance of the video transmission process and avoid the generation of a packet loss phenomenon, the algorithm selects the coded video as common binary data to be encrypted. The specific process is as follows: processing the input real-time video stream packets coded by H.264 into 128 bits, converting an initial key into a key stream by an encryption method based on a CTR mode, carrying out XOR operation on the key stream and a plaintext packet to obtain a ciphertext block, and finally completing the encryption process of the stream cipher.
Fig. 6 is a block diagram of an encryption algorithm according to an embodiment of the present invention, where rki is a round key generated by the encryption key, the round key is represented as rki (i is 0,1,2.. times, 31) as words, and F represents a round, and fig. 6 illustrates 32 rounds (F (round1) to F (round32)), each group (video group) is divided into four words X0X 1X 2X 3 by 32 bits, and after 32 rounds of iterative encryption (composite permutation T composed of nonlinear transformation and linear transformation), a ciphertext Y0Y 1Y 2Y 3 is obtained. Similarly, decryption only needs to process the whole process in a reverse order.
By adopting the scheme of the embodiment, for the real-time requirement of video transmission, the video encryption method based on the stream cipher can not only ensure the rapidity of video transmission, but also improve the security of the encryption process, and finally achieve the effect of safe and efficient audio and video encryption. The system has strong overall operability and good practicability, and can be used in places such as video conferences, home security, remote management and the like.
Through the above description of the embodiments, those skilled in the art can clearly understand that the method according to the above embodiments can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware, but the former is a better implementation mode in many cases. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which is stored in a storage medium (e.g., ROM/RAM, magnetic disk, optical disk) and includes instructions for enabling a terminal device (e.g., a mobile phone, a computer, a server, or a network device) to execute the method according to the embodiments of the present invention.
Example 2
In this embodiment, an encryption apparatus for video data is further provided, which is used to implement the foregoing embodiments and preferred embodiments, and the description already made is omitted here for brevity. As used below, the term "module" may be a combination of software and/or hardware that implements a predetermined function. Although the means described in the embodiments below are preferably implemented in software, an implementation in hardware, or a combination of software and hardware is also possible and contemplated.
Fig. 7 is a block diagram of an apparatus for encrypting video data according to an embodiment of the present invention, as shown in fig. 7, the apparatus including: a splitting module 70, a translation module 72, an encryption module 74, wherein,
a splitting module 70, configured to split source video data to be transmitted into multiple video groups according to bytes;
a conversion module 72, configured to convert the initial key into a key stream according to the plurality of video groups, where the key stream includes a plurality of groups of keys, and each group of keys corresponds to one round of encryption operation;
and an encryption module 74, configured to perform multiple rounds of encryption on the multiple video groups respectively by using the key stream, so as to generate target video data.
Optionally, the conversion module includes: the distribution unit is used for distributing an incremental counter which is accumulated successively for each video group in the plurality of video groups, wherein the byte length of the incremental counter is the same as that of the video group; a conversion unit for converting the initial key into a keystream based on the incremental counter.
Optionally, the key generated by the incremental counter includes a first field and a second field, where the first field is an initial value of an encrypted random value, and the second field is a packet sequence number of a corresponding video group.
Optionally, the encryption module includes: the encryption unit is used for carrying out multiple rounds of XOR operation on each video group by using the key stream and the corresponding video group to obtain a ciphertext group; and the combination unit is used for combining the plurality of ciphertext groups into target video data.
Optionally, the encryption unit includes: a grouping subunit, configured to group the video group into N sub-video groups according to a unit of M byte length, where M × N is a bit length of the video group; and the encryption subunit is used for performing M rounds of iterative encryption on the N sub-video groups by adopting a round function to obtain N ciphertext groups, wherein in each round of iterative encryption process, an XOR operation is performed on a round key of a current round and the sub-video groups.
Optionally, the apparatus further comprises: a sending module, configured to send IP information and a connection request to a dalbergia streaming server DSS after the encryption module uses the key stream to perform multiple rounds of encryption on the multiple video packets, respectively, and generate target video data; a creating module, configured to create a real-time video streaming thread and a command processing thread in response to a connection response fed back by the DSS based on the IP information and the connection request; and the communication module is used for transmitting the target video data to the DSS by adopting the real-time video stream transmission thread and establishing a Transmission Control Protocol (TCP) connection between local equipment and the DSS by adopting the command processing thread.
Optionally, the splitting module includes: the encoding unit is used for encoding the real-time video stream to obtain the source video data; a reading unit, configured to read a data plaintext of the source video data; and the splitting unit is used for splitting the data plaintext into a plurality of video groups by taking bytes with preset lengths as units.
It should be noted that, the above modules may be implemented by software or hardware, and for the latter, the following may be implemented, but not limited to: the modules are all positioned in the same processor; alternatively, the modules are respectively located in different processors in any combination.
Example 3
Embodiments of the present invention also provide a storage medium having a computer program stored therein, wherein the computer program is arranged to perform the steps of any of the above method embodiments when executed.
Alternatively, in the present embodiment, the storage medium may be configured to store a computer program for executing the steps of:
s1, splitting the source video data to be transmitted into a plurality of video groups according to bytes;
s2, converting the initial keys into key streams according to the plurality of video groups, wherein the key streams comprise a plurality of groups of keys, and each group of keys corresponds to one round of encryption operation;
and S3, respectively carrying out multiple rounds of encryption on the plurality of video groups by using the key stream to generate target video data.
Optionally, in this embodiment, the storage medium may include, but is not limited to: various media capable of storing computer programs, such as a usb disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic disk, or an optical disk.
Embodiments of the present invention also provide an electronic device comprising a memory having a computer program stored therein and a processor arranged to run the computer program to perform the steps of any of the above method embodiments.
Optionally, the electronic device may further include a transmission device and an input/output device, wherein the transmission device is connected to the processor, and the input/output device is connected to the processor.
Optionally, in this embodiment, the processor may be configured to execute the following steps by a computer program:
s1, splitting the source video data to be transmitted into a plurality of video groups according to bytes;
s2, converting the initial keys into key streams according to the plurality of video groups, wherein the key streams comprise a plurality of groups of keys, and each group of keys corresponds to one round of encryption operation;
and S3, respectively carrying out multiple rounds of encryption on the plurality of video groups by using the key stream to generate target video data.
Optionally, the specific examples in this embodiment may refer to the examples described in the above embodiments and optional implementation manners, and this embodiment is not described herein again.
The above-mentioned serial numbers of the embodiments of the present application are merely for description and do not represent the merits of the embodiments.
In the above embodiments of the present application, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
In the embodiments provided in the present application, it should be understood that the disclosed technology can be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units is only one type of division of logical functions, and there may be other divisions when actually implemented, for example, a plurality of units or components may be combined or may be integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, units or modules, and may be in an electrical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be substantially implemented or contributed to by the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.
The foregoing is only a preferred embodiment of the present application and it should be noted that those skilled in the art can make several improvements and modifications without departing from the principle of the present application, and these improvements and modifications should also be considered as the protection scope of the present application.
Claims (10)
1. A method for encrypting video data, comprising:
splitting source video data to be transmitted into a plurality of video groups according to bytes;
converting the initial keys into key streams according to the plurality of video groups, wherein the key streams comprise a plurality of groups of keys, and each group of keys corresponds to one round of encryption operation;
and respectively carrying out multiple rounds of encryption on the plurality of video groups by using the key stream to generate target video data.
2. The method of claim 1, wherein transforming the initial key into the key stream according to the plurality of video groups comprises:
allocating a progressively accumulating increment counter to each of the plurality of video groups, wherein the byte length of the increment counter is the same as that of the video group;
an initial key is converted to a keystream based on the incremented counter.
3. The method of claim 2, wherein the key generated by the incremental counter comprises a first field and a second field, wherein the first field is an initial value of the encrypted random number, and the second field is a packet sequence number of the corresponding video group.
4. The method of claim 1, wherein performing multiple rounds of encryption on the plurality of video packets using the key stream to generate target video data comprises:
for each video group, carrying out multiple rounds of XOR operation on the key stream and the corresponding video group to obtain a ciphertext group;
and combining the plurality of ciphertext groups into target video data.
5. The method of claim 4, wherein performing multiple rounds of XOR operations on the keystream and the corresponding video group to obtain the ciphertext group comprises:
grouping the video groups into N sub-video groups according to the unit of M byte length, wherein M x N is the bit length of the video groups;
and performing M rounds of iterative encryption on the N sub-video groups by adopting a round function to obtain N ciphertext groups, wherein in each round of iterative encryption process, the round key of the current round and the sub-video groups execute exclusive OR operation.
6. The method of claim 1, wherein after performing multiple rounds of encryption on the plurality of video packets using the key stream to generate target video data, the method further comprises:
sending the IP information and the connection request to a Darwinian streaming media server (DSS);
creating a real-time video streaming thread and a command processing thread in response to the DSS based on the IP information and a connection response fed back by the connection request;
and transmitting the target video data to the DSS by adopting the real-time video stream transmission thread, and establishing a Transmission Control Protocol (TCP) connection between local equipment and the DSS by adopting the command processing thread.
7. The method of claim 1, wherein splitting source video data to be transmitted into a plurality of video groups in bytes comprises:
coding a real-time video stream to obtain the source video data;
reading data plaintext of the source video data;
and splitting the data plaintext into a plurality of video groups by taking bytes with preset length as a unit.
8. An apparatus for encrypting video data, comprising:
the splitting module is used for splitting source video data to be transmitted into a plurality of video groups according to bytes;
the conversion module is used for converting the initial keys into key streams according to the plurality of video groups, wherein the key streams comprise a plurality of groups of keys, and each group of keys corresponds to one round of encryption operation;
and the encryption module is used for respectively carrying out multi-round encryption on the plurality of video groups by using the key stream to generate target video data.
9. A storage medium, characterized in that the storage medium comprises a stored program, wherein the program is operative to perform the method steps of any of the preceding claims 1 to 7.
10. An electronic device comprises a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory are communicated with each other through the communication bus; wherein:
a memory for storing a computer program;
a processor for performing the method steps of any of claims 1 to 7 by executing a program stored on a memory.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011415073.9A CN112491532A (en) | 2020-12-03 | 2020-12-03 | Video data encryption method and device, storage medium and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011415073.9A CN112491532A (en) | 2020-12-03 | 2020-12-03 | Video data encryption method and device, storage medium and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112491532A true CN112491532A (en) | 2021-03-12 |
Family
ID=74940296
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011415073.9A Pending CN112491532A (en) | 2020-12-03 | 2020-12-03 | Video data encryption method and device, storage medium and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112491532A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114390317A (en) * | 2022-01-18 | 2022-04-22 | 山东点盾云网络科技有限公司 | Encryption method and system for streaming video |
| CN114710287A (en) * | 2022-06-06 | 2022-07-05 | 中科问天量子科技(天津)有限公司 | Encryption method, system, storage medium and encrypted file access method |
| CN115834926A (en) * | 2022-11-21 | 2023-03-21 | 深圳市超时代软件有限公司 | Video encryption method based on H.265 entropy coding binarization |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2003061289A1 (en) * | 2002-01-02 | 2003-07-24 | Sony Electronics Inc. | Critical packet partial encryption |
| US20030159140A1 (en) * | 2002-01-02 | 2003-08-21 | Candelore Brant L. | Selective encryption to enable multiple decryption keys |
| CN1607793A (en) * | 2003-09-26 | 2005-04-20 | 创世纪微芯片公司 | Packet based high definition high-bandwidth digital content protection |
| US20080187134A1 (en) * | 2004-06-21 | 2008-08-07 | France Telecom | Method and Device For the Encryption and Decryption of Data |
| CN105991645A (en) * | 2015-12-31 | 2016-10-05 | 龙迅半导体(合肥)股份有限公司 | Data flow encryption method and system |
| CN107197328A (en) * | 2017-06-11 | 2017-09-22 | 成都吱吖科技有限公司 | A kind of interactive panoramic video safe transmission method and device for being related to virtual reality |
| CN108768606A (en) * | 2018-05-10 | 2018-11-06 | 深圳市汇星数字技术有限公司 | The real-time encrypted method and system of Streaming Media based on transmission of video |
-
2020
- 2020-12-03 CN CN202011415073.9A patent/CN112491532A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2003061289A1 (en) * | 2002-01-02 | 2003-07-24 | Sony Electronics Inc. | Critical packet partial encryption |
| US20030159140A1 (en) * | 2002-01-02 | 2003-08-21 | Candelore Brant L. | Selective encryption to enable multiple decryption keys |
| CN1607793A (en) * | 2003-09-26 | 2005-04-20 | 创世纪微芯片公司 | Packet based high definition high-bandwidth digital content protection |
| US20080187134A1 (en) * | 2004-06-21 | 2008-08-07 | France Telecom | Method and Device For the Encryption and Decryption of Data |
| CN105991645A (en) * | 2015-12-31 | 2016-10-05 | 龙迅半导体(合肥)股份有限公司 | Data flow encryption method and system |
| CN107197328A (en) * | 2017-06-11 | 2017-09-22 | 成都吱吖科技有限公司 | A kind of interactive panoramic video safe transmission method and device for being related to virtual reality |
| CN108768606A (en) * | 2018-05-10 | 2018-11-06 | 深圳市汇星数字技术有限公司 | The real-time encrypted method and system of Streaming Media based on transmission of video |
Non-Patent Citations (1)
| Title |
|---|
| 结城浩: "《图解密码技术》", 31 January 2015 * |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114390317A (en) * | 2022-01-18 | 2022-04-22 | 山东点盾云网络科技有限公司 | Encryption method and system for streaming video |
| CN114390317B (en) * | 2022-01-18 | 2024-03-19 | 山东点盾云网络科技有限公司 | Encryption method and system for streaming video |
| CN114710287A (en) * | 2022-06-06 | 2022-07-05 | 中科问天量子科技(天津)有限公司 | Encryption method, system, storage medium and encrypted file access method |
| CN115834926A (en) * | 2022-11-21 | 2023-03-21 | 深圳市超时代软件有限公司 | Video encryption method based on H.265 entropy coding binarization |
| CN115834926B (en) * | 2022-11-21 | 2023-11-21 | 深圳市超时代软件有限公司 | Video encryption method based on H.265 entropy coding binarization |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112491532A (en) | Video data encryption method and device, storage medium and electronic equipment | |
| EP3588838A1 (en) | Chaotic map-based digital chaotic encryption method | |
| US8401186B2 (en) | Cloud storage data access method, apparatus and system based on OTP | |
| EP3178190B1 (en) | Encoder, decoder and method | |
| KR20020016620A (en) | Method for encrypting information and device for realization of the method | |
| CN110348229B (en) | Data encryption method and device and data decryption method and device | |
| CN110557680A (en) | Audio and video data frame transmission method and system | |
| US20230208615A1 (en) | Online-Streamer Image Model File Transmission in Co-Hosting During Livestreaming | |
| CN111372056A (en) | Video data encryption and decryption processing method and device | |
| CN101621376A (en) | Method, device and system for multi-level encryption and decryption | |
| CN101621661B (en) | Audio-video encryption and decryption transmission system | |
| CN106789971A (en) | A kind of encrypted transmission method of power carrier data | |
| CN110730366B (en) | Bit operation-based lightweight video stream encryption and decryption method and encryption and decryption method | |
| CA3135046C (en) | Enhanced randomness for digital systems | |
| CN101621677A (en) | Method, device and system for multi-level encryption and decryption of audios and videos for monitoring | |
| CN114826748B (en) | Audio and video stream data encryption method and device based on RTP, UDP and IP protocols | |
| CN109560917B (en) | QKD method, device and system | |
| US11019042B1 (en) | Data assisted key switching in hybrid cryptography | |
| CN102624741A (en) | TLV (Threshold Limit Value) based data transmission method and system thereof | |
| CN113596054B (en) | Method for encrypting transmission soft frequency hopping between information systems | |
| CN113676315B (en) | Slicing application method of star-ground integrated quantum network | |
| Quist-Aphetsi et al. | Node to node secure data communication for IoT devices using Diffie-Hellman, AES, and MD5 cryptographic schemes | |
| Seo et al. | Network and data link layer security for DASH7 | |
| CN114244635A (en) | Encryption type data coding method of communication equipment | |
| CN109831295B (en) | Encryption method based on electric power emergency communication system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210312 |
|
| RJ01 | Rejection of invention patent application after publication |