Cuando la realización de una obra o actividad que requiera sujetarse al

As the aforementioned discussions in Section 3.5.3, it is empirically found that MBS is

an effective attack in generating outline image from both INTRA- and INTER-frames en-

crypted by the conventional H.264/AVC format-compliant selective encryption modules.

However, since MBS is designed to exploit each MB information (i.e., the bits spent to

encode each non-overlapping 16 × 16 pixel block), straightforwardly, a shuffling MB op-

eration with maintaining format-compliant can be implemented to withstand the proposed

MBS sketch attack. It is because that MBS generates a pixel value from the correspond-

ing MB. Thus when the MBs of a video frame is shuffled, the generated pixel values

will also be shuffled. In other words, the shuffling operation prevents leaking the infor-

mation of the plaintext video. Although the shuffling operation before or during video

compression breaks the correlation among MBs, the operation induces the bitstream size

encryption. In addition, the shuffling operation requires additional operations, which

are fully/partially decoding the compressed-encrypted video, to complete the decryption

process. This requirement makes this encryption approach less feasible. On the other

hand, a shuffling MBs operation during or after video compression can be considered.

In H.264/AVC video compression, an error resilient tool of the Flexible MB Ordering

(FMO), which allows a video frame to be arranged in different scan patterns of MBs,

is included. Note that the FMO includes 6 built-in scan patterns as well as one option

to include an entire explicitly user-defined pattern viz., assigned through the parameter

MB Allocation MAP (MBAmap). Hence, the FMO information can be utilized to shuffle

MBs. Specifically, by masking the scan pattern of MBAmap, the FMO-based shuffling

can be deployed. However, FMO is only supported in the baseline and extended profiles

of H.264/AVC (Wiegand et al., 2003), this approach is also less practical.

Another alternative encryption approach against MBS is diffusing the perceptual in-

formation of a region into other regions. For example, an encryption operation diffuses

pixel values of an MB into other pixel values of MBs. Two diffusion scenarios using

this approach can be considered, namely diffusion before or during video compression,

and diffusion during or after video compression. In the first case, the diffusion approach

destroys the spatial correlation among the pixels of the original frame, hence the com-

pression efficiency will be dropped and the bitstream size overhead increases. In the

second case, the diffusion can theoretically maintain format-compliant, however, since

the nature of context adaptive entropy coding (i.e., CAVLC and CABAC) is complex,

the diffusion is not able to be implemented straightforwardly. It is because the adaptive

entropy coding uses multiple tables or statistical features of the input frame(s), hence

the original statistical information is required to maintain bitstream size. In addition, the

decode-encrypt-encode approach is always able to encrypt a compressed video, but the

with limited battery power. It should be noted that the approach significantly causes the

bitstream size overhead.

It can be concluded that, since the format compliance and bitstream overhead sup-

pression are required for H.264/AVC video encryption, there are no straightforward en-

cryption methods, which can avoid local complexity information leakage (i.e., the com-

plexity of each MB) as well as the aforementioned requirements. Therefore, the proposed

MBS sketch attack is viable to extract outline information of the original frame directly

from the encrypted video in H.264/AVC format, which supports FMO in only a few pro-

files, i.e., baseline and extension. However, if security is the uppermost important issue

for a particular video, then the user can consider the shuffling operation in FMO or the

decode-encrypt-encode approach to withstand the proposed MBS at the expense of bit-

stream size overhead or high-cost computation and space. All in all, there is a trade-off

relationship among security, format compliance, and bitstream size overhead.

3.6 Summary

In this chapter, five novel sketch attacks for format-compliant selectively encrypted video,

namely encrypted H.264/AVC video, were put forward to generate sketch images, which

can reveal an outline of each frame of the original video. Specifically, sketch images

are generated using the DC, AC coefficients or the MB bitstream size of the encrypted

video. In addition, to evaluate the performance of the sketch images by the proposed

sketch attacks, an edge similarity method was modified and then the similarity scores

were calculated by using the Canny edge map as an ideal outline image. It is observed

from experimental results that the proposed MBS sketch attack can extract and reveal

perceptual information directly from the video encrypted by format-compliant selective

encryption. It should be emphasized that, although the five proposed sketch attacks can

MBS can extract outline from the encrypted INTER-frame, which outnumbers INTRA-

frame, by far, in compressed video. Furthermore, it is validated that the MBS is more

robust against various compression parameter (i.e., QP) than the performance of the rest

proposed sketch attacks. Moreover, some future research directions are straightforward,

such as launching appropriate sketch attack(s) by determining the encryption module in

use, extending the sketch attacks to different video standards, i.e., HEVC, Audio Video