A Secure Multiple Path Real-Time Framework for

A Secure Multiple Path Real-Time Framework for Video Communication over the Internet Andrea De Mauro, Claudio Rossi Politecnico di Torino Dipartimento di Elettronica Torino, Italy

ABSTRACT This paper proposes a method for securing a real-time video communication based on the contemporary usage of multiple paths. An initial RSA session aims to the exchange of what we call the call keys. Then the video content is sent through different paths: each bitstream will be deciphered at the receiver, by using some information contained in the other bit-streams. This method makes it quite impossible the malicious synchronization to the ciphering machine unless the attacker can have access to all of the paths. Since the paths can be obtained in such a way to suppose them maximally disjoint, we can claim that this algorithm considerably improves the security of the communication. 1. INTRODUCTION Spurred by today’s widely available broadband Internet access, new multimedia streaming applications have experienced an explosive growth. Likewise, research into efficient support of such applications over today’s Internet has continued to flourish. Since video communication over lossy packet networks such as the Internet suffers from limited bandwidth and packet loss, scalable representation of video (Layered Coding) and Multiple Description Coding techniques have been proposed in order to tackle these problems [1] [2]. Layered Coding (LC) consists of a base layer and multiple enhancement layers. The base layer provides a basic level of quality and can be decoded independently of the enhancement layers. On the other hand, the enhancement layers serve only as quality refinements and are useless on their own. Therefore, the performance of streaming applications that exploit layered representations is sensitive to losses of base layer packets. Thus, the transmission of layered coded video is inefficient when channel prioritization is not possible; as in the case of the current Internet. In most implementations, a multiple description coder generates two equal-rate, equally meaningful descriptions: each description on its own providing low, though acceptable, quality and both descriptions together yielding higher quality. When losses are inevitable Multiple Description Coding (MDC) is preferable to LC because the loss of one description does not compromise the entire transmission. To gain robustness to the loss of descriptions, MDC must sacrifice some compression efficiency. This is because each description has to represent the original signal with an acceptable quality; in other words the descriptions must be correlated. We chose to rely on MDC because of its better error resiliency both when dealing with high loss probability channels and when either FEC and ARQ protection are limited or not viable. This statement is enforced by different performance comparison between LC and MDC such ad as [3] and [4]. MDC has been proposed in a variety of application scenarios, [2], and its benefits are enhanced when associated with path diversity, [5], [6]. Path diversity exploits the fact that the probability of having all the paths simultaneously congested is relatively low. As a result, MDC can achieve higher throughput and increase tolerance to packet loss and delay due to network congestion. There are two main ways to obtain path diversity: 1 2

Adopt an application level overlay infrastructure. Use multihomed transport protocols.

Accepted at: SCRA 2006-FIM XIII-Thirteenth International Conference of the Forum for Interdisciplinary Mathematics on Interdisciplinary Mathematical and Statistical Techniques New University of Lisbon-Tomar, Portugal, September 1-4, 2006.

Even if the technology and the infrastructures to obtain reliable multimedia transmission are available, little has been done in order to provide security to these transmissions. The problem is becoming more and more tangible today: new and exciting applications continue to develop, which range from audio streaming to video-on-demand and video conferencing. There are many situations that may require security for this kind of applications, for example, the military may use a video conferencing application for tactical planning in times of war. Such an application should be designed to be extremely secure against attempts to be listened by hostile people. A video-on-demand application also would need to use secure communication to prevent non-paying users from gaining access to the transmitted video, although the security requirement here can be less stringent. In this paper we present a new protocol supporting multipath transmission of multiple description encoded multimedia traffic, featuring confidentiality and data transmission security. In order to obtain multiple paths between the two end-points we decided to rely on a peer-to-peer (P2P) network. P2P networks provide flexibility and can be deployed without changing the preexisting infrastructure. Moreover, the most of the recent P2P-based applications have met the approval of the public (e.g. file sharing systems). Our protocol sits at the application layer and can be used with UDP as transport layer protocol. In order to better clarify all of the introduced concepts, we will briefly describe them in the next subsections.

1.1. Multiple Description Coding As already mentioned, MDC is a source coding technique which encodes a signal into a number of separate and equally important bitstreams called descriptions. Usually, the generated descriptions are sent over different network paths to the receiver, which can make a useful reproduction of the signal when at least one of the descriptions is received. As we already said, the quality of the reproduced signal is proportional to the number of descriptions received. This property makes MDC highly suitable for lossy packet networks such as Internet. Figure 1 shows a typical implementation of a MDC technique using two descriptions and a multiple-paths network. When the loss of one description occurs, the received signal is the output of either Decoder1 or Decoder2, according to which description is successfully received. When both descriptions are received we take the output of Decoder3 which of course yield to the highest quality.

1.1.1. Single versus Multiple Description Coding In [7], Apostolopoulos showed that minimizing the dependency between multiple paths results in a better quality of MDC video. In Figure 2, MDC (two descriptions) and Single Description Coding (SDC) performances are compared with equal length paths in function of the number of shared links. Specifically, the total length of each path is 8 links, and the number of joint links is varied from 0 to 8. The result of this first comparison is that: the more the path separation, the less the distortion. Moreover, this performance analysis further motivates the use of MDC.

1.1.2. A MDC distortion model In order to further motivate the performance gap between MDC and SDC we can present the simplified model that follows. Let d1 be the distortion introduced when a frame is correctly received at the destination (d1 0) and d0 the distortion due to the loss of a frame. Under the assumption that we know the Packet Loss Probability (PLP) P for the entire path, the average distortion obtained by using a SDC over a single path is given by: dSDC = d1 (1 - P)+d0P. (1) The overall distortion is obviously proportional to P, since the first term is negligible.

Fig.2. MDC versus SDC distortion varying the number of joint links given a total number of 8 links. Source: [7].

Now let us consider a multipath scenario on which a MDC technique is employed. The distortion introduced by each frame can be represented by di where i is the number of correctly received descriptions of that frame. If both paths have the same PLP and losses are considered as independent events, the total mean distortion can be written as: 2

2

dMDC=d2(1-P ) +2d1P(1-P)+d0P . (2) 2

The dominant terms in (1) and (2) are d0P and d0P respectively. Since P