节点文献

会议电视中MPEG-Ⅱ视频流加密系统的设计与实现

The Design and Realization of Encryption System of Video Stream in Videoconference

【作者】 郑哲星

【导师】 孙娇燕;

【作者基本信息】 大连海事大学 , 通信与信息系统, 2003, 硕士

【摘要】 Internet的迅猛发展普及为会议电视的应用提供了广阔的市场前景。由于会议电视经常会涉及商业或政府部门的一些敏感、关键性数据,因此会议电视不同于普通的视频应用,需要达到较高的加密强度。在研究生实习期间,本人参与了上海交大慧谷信息股份有限公司的WITNET-VideoTM网智通视产品的研发,负责MPEG-Ⅱ视频流在网上的安全传输。本人设计并实现了针对会议电视的MPEG-Ⅱ视频流加密系统,其加密强度达到商密级别的标准。本加密系统充分利用MPEG-Ⅱ视频流的结构特性,结合会议电视安全性能的要求,对运算量和加密强度这一矛盾进行合理的折衷,提出了MPEG-Ⅱ视频流的选择性加密方案。该方案采用对称算法3DES和非对称算法RSA相结合的混合方式密码体制,并以密钥管理为研究核心。用私钥算法中的3DES对视频流的有关帧进行加密;而用公钥算法中的RSA对3DES密钥进行加密。密钥管理模块实现了密钥安全可靠的产生、分配、存贮和销毁,采用数字签名技术,并用证件方式来实现密钥管理。引入X.509证书机制,用以解决RSA的公钥分发,公钥/私钥对与用户真实身份的绑定问题。将密钥管理系统的体系结构分为两级,从而保证了有限长的凭证路径,缩短了证件的检验过程并且较易实现。

【Abstract】 With the rapid development of Internet, the market prospect of the application in videoconference is growing widely. As videoconference is often related to sensitive, pivotal data about enterprise or government organization, it needs high encryption intensity. During the practice ofgradutate student, I participated in the development of WITNET-Video?inthe Jiaoda Withub Information Co., Ltd. I am responsible for secure transmission of MPEG- II video stream in the network. I designed and realized the encryption system of MPEG-II video stream in videoconference, whose ercryption intensity achieves the level of market secret. The encrytion system makes full use of structure characteristic of MPEG-II, combined with secure performance demanded in videoconference. A selective encryption scheme of video stream is proposed making compromise of computation quantity and encryption intensity, which makes main emphasis on the study of the key management and uses cipher mechanism mixed by 3DES symmetrical algorithm and RSA unsymmetrical algorithm. Some frames in video stream are encrypted by 3DES private-key algorithm. And keys of 3DES are encrypted by RSA public-key algorithm. Key management provides a set of procedures generation, distribution, storage and deletion, implemented by the technology of certificate and digital signature. The certificate mechanism of X. 509 is introduced to resolve the problems of the RSA public-key distribution and combination of users’ authorized identity with the pair of public-key and private-key. The two level structure of this key management system leads to a definite certificate authentication path, which makes the verifying procedure shorter and makes the system easier to be realized.

【关键词】 会议电视MPEG-Ⅱ密钥管理CA
【Key words】 VideoconferenceMPEG-IIKey managementCA
  • 【分类号】TN948.63
  • 【被引频次】1
  • 【下载频次】133
节点文献中: