1 Introduction

H.265/MPEG-H or high efficiency video coding, known as HEVC, is the latest compression standard, which was officially approved in January 2013 [1], and became the successor of H.264/MPEG-4 or advanced video coding (AVC) standard [2]. The HEVC standard design has the features to be easily adaptable to about all the current existing H.264/MPEG-AVC applications, and emphasizes mainly on the capability of ultra-high-definition (UHD) video view [2] without much bandwidth consumption.

The basic achieve of the HEVC compression standard is the fact that it presents significantly better compression performance compared to the existing standards. Specifically, the HEVC standard causes about 50 % bit-rate reduction for about the same video quality, compared to H.264/MPEG-AVC standard [1, 3, 27]. In addition, it is designed to provide high-quality streaming multimedia, even on low-bandwidth networks, due to the fact that it consumes about half bandwidth less than H.264/MPEG-AVC. Therefore, the use of HEVC compression standard brings many benefits against compared to its predecessor H.264/MPEG-4 AVC standard [2, 4].

It is notable that HEVC standard presents specific complexity [4, 5, 28], and implementation [5], and it is being integrated into multimedia systems and protocols [6], while constitutes the current codec for resolutions beyond HDTV [7] for real-time streaming of video files [8]. Moreover, HEVC presents more effective rate–distortion (R–D) performance, using specific algorithms [9].

Due to the above features which established HEVC as the best compression standard, several researches focus on the development of security methods which can contribute to the protection of HEVC videos, while they are transmitted over the internet. Specifically, special encryption algorithms have been proposed for HEVC standard to protect the video sequence against cryptanalysis attacks by malicious users who use third-party tools and methods to crack and steal the transmitted video sequence.

In this paper, we present a new encryption algorithm for efficient secure transmission of video files compressed with HEVC standard. Our algorithm is based on known algorithms proposed for previous compression standards, which we adapt properly so as to be applicable to the new standard.

The paper is organized as follows: In the “Related work” section, we present the related work of other researchers on video encryption area, both on HEVC standard and previous compression standards. In the “Proposed algorithm” section, we present and analyze our proposed algorithm for efficient encryption and transmission of video files, compressed with HEVC standard. “Experiments” section describes our methodology for the experiments we made upon the proposed algorithm, while “Experimental results” section includes the experimental results with comparative diagrams. “Conclusions and future work” section concludes the paper and indicates future research directions.

2 Related work

Multiple algorithms and schemes have been proposed for video encryption by many researchers, both in HEVC compression standard and in previous standards, such as H.264 and MPEG. Their main properties and limitations are presented in [10]. The authors make a series of comparisons to conclude that there is no method that can meet all the security requirements and thus, the suitable encryption algorithm for each video case depends on its confidentiality requirements.

A novel selective encryption scheme for secure transmission of video streams compressed with H.264/AVC standard is proposed in [11]. Simulation results demonstrate that its application implies PSNR degradations of about 25–30 dB when the ciphering key is unknown and thus, the video becomes unidentifiable. Another relative encryption algorithm especially for H.264/AVC format is proposed in [12] and its experimental results demonstrate much less important data encryption, better security, and high efficiency. Other selective encryption algorithms for image and videos compression standards: JPEG, JPEG2000, H.264/AVC, and H.265/HEVC are analyzed with cryptanalysis methods in [15].

In addition, encryption method and algorithm for Intra and Inter frames in MPEG videos are presented in [20]. According to the authors, highly private videos require encryption of all parts of the video, because all these are important in such cases. Thus, both Intra and Inter frames need to be encrypted. Another security scheme for MPEG video standard too is proposed in [21] and is based on AES-128 encryption algorithm. The difference here is that the authors choose and encrypt only the Intra frames of the video, because Inter frames are useless without knowing the corresponding Intra frames. This process saves 30–50 % of encryption/decryption time and does not affect the size of the encrypted stream.

A special study on the applicability and the encryption of H.264 video format including its scalable video coding (SVC) extension is presented in [13]. This survey is based on the latest results on video encryption methods which have been proposed. A scalable video encryption algorithm for H.264/SVC too is proposed in [14], which shows adequate performance and strength against cryptanalysis attacks, and it seems that it can be used in real-world applications. Moreover, possible bitstream elements, which can be used for HEVC compatible encryption, are described in [18], and ensure a good level of protection of the video information.

Finally, there are many encryption algorithms proposed exclusively for HEVC standard, based on selective encryption. Specifically, a new scheme based on selective encryption for HEVC is proposed in [16] and ensures transparent and sufficient encryption and protection against attacks. Moreover, this scheme allows fast encryption and decryption while preserving the format and length of the video stream. A new scheme for format compliant visual protection of HEVC using selective encryption too is proposed in [17], and offers a good level of protection with minimal use of computational requirements. Similar to this project, an efficient SE system for CABAC entropy coding of HEVC video standard is proposed in [19], which presents sufficient protection against cryptanalysis attacks, while making it proper for streaming on heterogeneous networks, due to the fact that bit-rate remains the same and the system requirements are minimal.

Although the new algorithms, which have been proposed exclusively for HEVC standard, present several advantages and are regarded to be effective solutions in protecting the video sequence, we merge two known algorithms proposed for previous standards [20, 21] and modify them properly so as to be integrated with HEVC standard, offering encryption and decryption time savings, while ensuring the protection level of the sequence against malicious users.

3 Proposed algorithm

Our proposed algorithm for efficient encryption and secure transmission is based on advanced encryption standard (AES), amendable to be adaptable to the new video compression standard, HEVC. AES was adopted by the U.S. government in 2002 and became the successor of the data encryption standard (DES) algorithm which was launched in 1977 [24]. This algorithm, known as Rijndael too, is a symmetric-key algorithm, fact which means that the same key is used for both encrypting and decrypting video files. Figure 1 depicts the encryption process of a video, using a 256-bit key to our proposed cryptographic algorithm, which is described below.

Fig. 1
figure 1

The encryption process of a video file by using 256-AES key

Full size image

J. Nehete et al. proposed a real-time MPEG video encryption algorithm using AES with key length of 128 bits (AES-128) [21]. In this paper, we adopt their proposed algorithm, making it amendable to AES-256 to ensure maximum security, due to the fact that larger key sizes use is more secure. Table 1 shows the required time to crack an encryption algorithm of a specific key size using brute force attack [25]. As it is clearly shown, the larger key sizes ensure more security, due to the fact that it is more time consuming to be cracked. Therefore, 256-bit key size of AES presents the maximum security level than other algorithms such as AES-128 or DES.

Table 1 The required time to crack an algorithm with respect to its key size
Full size table

For some highly sensitive and important information, it is not always the best way to have a unique person in control of the key, and consequently, the security of the information. This problem is addressed by the development and use of secret sharing schemes, which allow keys to be shared among a group of people, with a predefined number of them needing to input their share in order to have access to the key [30]. Therefore, we introduce additionally a form of secret sharing scheme, Shamir’s secret sharing (SSS) scheme, which is an encryption algorithm only for intra-frames and described analytically by Vijayalakshmi et al. for MPEG videos [20]. Specifically, SSS scheme is a cryptographic algorithm in which a secret is shared into n unique parts for equal number of participants, so as to be—some or all of them—necessary to reconstruct the original secret [20]. In our encryption algorithm for HEVC which is presented below, the embedded SSS algorithm is marked in italics.

Thus, using these two algorithms, we ensure the encryption of only I frames, because P and B frames are useless without knowing the corresponding I frames [21]. Moreover, researches have shown that the encryption of only I frames can save 30–50 % of encryption/decryption time and the size of encrypted stream does not change [21]. In the case of missing the secret key, the user’s decoder will play quite different images from the original video, because of the fact that most of the image pixel values would have been changed [21].

figure c

4 Experiments

In this section, we conducted tests upon specific video sequences so as to indicate diagrammatically the effect of cryptographic algorithms on them. Specifically, we calculated the size and the encryption time of the used video sequences, after the application of the cryptographic algorithms: DES, AES-128, and AES-256 respectively. Then, we consider our recommendations for each case relative to the protection level they provide.

Table 2 indicates the test sequences, retrieved by JCT-VC main configuration common conditions [22], which we used to conduct the experiments. As shown in this Table and Table 3, the sequences differ from each other in terms of frame count, frame rate (fps), and bit rate (Mbps), and as a result of them, they have different sizes (MB) too.

Table 2 The sizes of each sequence of the test classes after encryption with DES, AES-128, and AES-256 algorithms for HEVC and H.264 standards
Full size table
Table 3 test classes and bit rates for HEVC
Full size table

Sequences used in the experiments are classified into five classes based on their resolution (class A, B1, B2, C, D). Class A sequences correspond to ultra-high definition (HD).

Sequences with a resolution of 2560 × 1600. Class B1 and B2 sequences correspond to full high-definition sequences with a resolution of 1920 × 1080. Class C and Class D sequences correspond to WVGA and WQVGA resolutions of 800 × 480 and 400 × 240, respectively.

For the experiments, Class A includes the Traffic, PeopleOnStreet, Nebuta, and SteamLocomotive sequences; Class B1 includes the Kimono, ParkScene sequences; Class B2 includes the Cactus, BQTerrace and BasketballDrive sequences; Class C includes the RaceHorses, BQMall, PartyScene and BasketballDrill sequences; and Class D includes the RaceHorses, BQSquare, BlowingBubbles and BasketballPass sequences.

For each Class (A, B1, B2, C, and D), we selected the maximum bitrate levels for the classes [22], as they are summarized in Table 3. This Table indicates also the transmission rate in MB per second for the ease of the following calculations.

For the calculation of the size of each video sequence, before and after encryption, we used the following general equation [23]:

$${\text{CipherText}} \, = \, {\text{PlainText}} \, + \, {\text{Block}}\,\, - \,\,\left( {\text{PlainText MOD Block}} \right).$$
(1)

Thus, the above equation is modified as follows:

  • For DES-56 encryption (56/8 = 7 blocks):

    $${\text{CipherSequence}} \, = \, {\text{PlainSequence}} \, + \, 7\, - \,\left( {\text{PlainSequence MOD 7}} \right).$$
    (2)

  • For AES-128 encryption (128/8 = 16 blocks):

    $${\text{CipherSequence}} \, = \, {\text{PlainSequence}} \, + \, 1 6 { } - \,\,\left( {\text{PlainSequence MOD 16}} \right).$$
    (3)

  • For AES-256 encryption (256/8 = 32 blocks):

    $${\text{CipherSequence}}\, = \, {\text{PlainSequence}} \, + \, 3 2\,\, - \,\,\left( {\text{PlainSequence MOD 32}} \right).$$
    (4)

In addition, except of the above calculations upon HEVC standard, we present and compare the size of each sequence—before and after encryption—upon H.264 standard too. Based on the previous subjective video performance comparisons [26], Class A’ sequences compressed in HEVC standard (4 K UHD) present an average 64 % bitrate reduction compared to H.264, Class B’ (1080p) 62 %, Class C’ (720p) 56 %, and Class D’ (480p) 52 %, respectively.

Finally, a comparative analysis of the encryption speed of AES-128, AES-256, and DES algorithms for HEVC and H.264 standards is discussed in the next section and is based on Table 4, which indicates the amount of encrypted data (MB) every second after the application of DES, AES-128, and AES-256 algorithm, respectively [29].

Table 4 The encryption speed of every algorithm
Full size table

5 Experimental results

The results of the calculations of the previous section are presented in the Table 2. Figures 2, 3, 4, 5, and 6 depict diagrammatically the changes of the size of each sequence of each class after the encryption with DES, AES-128, and AES-256 algorithms in H.264 and HEVC compression standards, respectively. Specifically, Fig. 2 depicts these changes of the size of each sequence of Class A; Fig. 3 depicts these changes of the size of each sequence of Class B1; Fig. 4 depicts these changes of the size of each sequence of Class B2; Fig. 5 depicts these changes of the size of each sequence of Class C; Fig. 6 depicts these changes of the size of each sequence of Class D.

Fig. 2
figure 2

The original size and the size after encryption with DES, AES-128, and AES-256 algorithms for the sequences of Class A

Full size image
Fig. 3
figure 3

The original size and the size after encryption with DES, AES-128, and AES-256 algorithms for the sequences of Class B1

Full size image
Fig. 4
figure 4

The original size and the size after encryption with DES, AES-128, and AES-256 algorithms for the sequences of Class B2

Full size image
Fig. 5
figure 5

The original size and the size after encryption with DES, AES-128, and AES-256 algorithms for the sequences of Class C

Full size image
Fig. 6
figure 6

The original size and the size after encryption with DES, AES-128, and AES-256 algorithms for the sequences of Class D

Full size image

Based on these diagrams, we highly recommend AES-256 for Class A, B1, and B2, while for classes C and D, AES-128 security level could be more convenient if the security factor is not the priority, because of the fact that in these classes, AES-256 increase very much the size of the relative video sequences compared to AES-128. Table 2 indicates clearly the accurate sizes of each sequence before and after the application of DES, AES-128, and AES-256 algorithms for H.264 and HEVC format, respectively.

Generally, the AES-128 algorithm presents sufficient security level in some cases, but it is the fact that AES-256 maximize very much the security level. On the other hand, DES algorithm seems to be inconvenient and unsafe, because it is regarded easy to be cracked (Table 1), while some sequences increase their size more than the other two algorithms, as it is shown diagramatically. Moreover, bandwidth savings thanks to HEVC are confirmed from the above diagrams, not only to the original video sequences, but also to their encrypted forms after the effect of the cryptographic mechanism of DES, AES-128, and AES-256 algorithms, compared to H.264 compression standard.

In addition, Figs. 7, 8, 9, 10, and 11 depict diagrammatically the required time for the sequences of each class after the application of DES, AES-128, and AES-256 algorithms in H.264 and HEVC format, respectively. Specifically, Fig. 7 depicts these required encryption times for the sequences of Class A in H.264 and HEVC compression standards, respectively; Fig. 8 depicts these required encryption times for the sequences of Class B1 in H.264 and HEVC compression standards, respectively; Fig. 9 depicts these required encryption times for the sequences of Class B2 in H.264 and HEVC compression standards, respectively; Fig. 10 depicts these required encryption times for the sequences of Class C in H.264 and HEVC compression standards, respectively; Fig. 11 depicts these required encryption times for the sequences of Class D for H.264 and HEVC compression standards, respectively. The diagrams are the result of calculations based on Table 4.

Fig. 7
figure 7

The required encryption time of DES, AES-128, and AES-256 algorithms for the Class A sequences in HEVC and H.264 standard

Full size image
Fig. 8
figure 8

The required encryption time of DES, AES-128, and AES-256 algorithms for the Class B1 sequences in HEVC and H.264 standard

Full size image
Fig. 9
figure 9

The required encryption time of DES, AES-128, and AES-256 algorithms for the Class B2 sequences in HEVC and H.264 standard

Full size image
Fig. 10
figure 10

The required encryption time of DES, AES-128, and AES-256 algorithms for the Class C sequences in HEVC and H.264 standard

Full size image
Fig. 11
figure 11

The required encryption time of DES, AES-128, and AES-256 algorithms for the Class D sequences in HEVC and H.264 standard

Full size image

According to these diagrams, AES-128 algorithm for HEVC standard is the fastest, as it requires the minimum possible time to encrypt the video sequences mentioned in the Table 2. Specifically, AES-128 needs 0.14, 0.12, 0.20, 0.04, and 0.03 s to encrypt each sequence of Class A, B1, B2, C, and D, respectively.

On the other hand, despite the fact that AES-256 is slower than AES-128 about 20.95 %, it offers a much better security level, as is depicted in Table 1. The corresponding encryption times for each sequence of Class A, B1, B2, C, and D are 0.18, 0.16, 0.26, 0.05, and 0.04 s, respectively.

Moreover, DES algorithm is presented very slow as it can encrypt only 21.34 MB per second and thus, it is about 2,26 times slower than AES-256 and 2,86 times than AES-128 algorithm, respectively.

Finally, the required encryption time for HEVC standard is much less than the corresponding time for H.264, due to the fact that HEVC presents bitrate reduction for all test classes compared to its previous compression standard, H.264 [26].

6 Conclusions and future work

A new encryption and transmission algorithm for efficient HEVC-media communications was presented. This algorithm merges two algorithms proposed for previous standards and it is modified so as to be amendable to the new video compression standard. A comparative analysis between DES, AES-128, and AES-256 was conducted to show which algorithm could be more convenient for the video sequences of each class A, B, C, and D compressed with HEVC. Experimental results show that despite the fact that AES-256 is slower than AES-128, it offers a much better security level and it is better for the classes A and B, due to bandwidth factor, while AES-128 seems to be sufficient to encrypt video of the classes C and D if the security factor is not the priority.

In addition, according to the comparative analysis of the last two recent compression standards, HEVC compression standard is shown to be better than H.264 using the same algorithms—DES, AES-128, and AES-256—for intra-frames encryption, because of the fact that it presents bandwidth savings and requires less time to be encrypted with relevant algorithms compared to H.264. Future work will include comparative analysis of the effectiveness of our algorithm with the other proposed algorithms for HEVC compression standard.