On the Performance of Symmetrical and Asymmetrical Encryption for Real-Time Video Conferencing System by ijcsis


More Info
									                                                                   (IJCSIS) International Journal of Computer Science and Information Security,
                                                                                                                    Vol. 8, No. 7, October 2010

            On the Performance of Symmetrical and
         Asymmetrical Encryption for Real-Time Video
                    Conferencing System
                                       Maryam Feily, Salah Noori Saleh, Sureswaran Ramadass
                                            National Advanced IPv6 Centre of Excellence (NAv6)
                                                      Universiti Sains Malaysia (USM)
                                                             Penang, Malaysia

                                                     {maryam, salah, sures}@nav6.usm.my

Abstract— Providing security for video conferencing systems is in                  Since the mid 90’s, numerous efforts have been devoted
fact a challenging issue due to the unique requirements of its real-           towards the development of real-time multimedia encryption
time multimedia encryption. Modern cryptographic techniques                    solutions. However, most of the proposed algorithms are
can address the security objectives of multimedia conferencing                 characterized by a significant imbalance between security and
system. The efficiency of a viable encryption scheme is evaluated              efficiency. Some of them are efficient enough to meet the
using two critical performance metrics: Memory usage, and CPU                  requirements of the multimedia encryption, but only provide
usage. In this paper, two types of cryptosystems for video                     limited security, whilst others are robust enough to meet the
conferencing system were tested and evaluated. The first                       security demands but require complex computations [5].
cryptosystem is asymmetric, whereas the second is symmetric.
Both cryptosystems were integrated and tested on a commercial                      This paper proposes a viable multimedia encryption that
based video and multimedia conferencing platform.                              addresses the requirements of video conferencing systems. The
                                                                               efficiency of the proposed encryption scheme is evaluated
    Keywords- Encryption; Asymmetric; Symmetric; Security;                     using two critical performance metrics: Memory usage, and
Efficiency; Video Conferencing.                                                CPU usage. In this paper, the performance of two different
                                                                               types of cryptosystems (symmetric and asymmetric encryption)
                                                                               for encrypting real-time video data are tested and evaluated
                        I.     INTRODUCTION                                    based on the aforementioned performance metrics.
    Video and multimedia conferencing systems are currently                    Performance tests of both encryption schemes have been
one of the most popular real-time multimedia applications and                  carried out using the Multimedia Conferencing System (MCS)
have gained acceptance as an Internet based application as                     [6] that is a commercial video conferencing application.
well. And since the Internet is involved, security has now                        The first encryption system is an asymmetric cryptosystem
become a very important aspect of such systems. To provide a                   based on Elliptic Curve Cryptography (ECC) [7], whereas the
secure video conferencing system, cryptography is used to                      second encryption scheme is based on Blowfish [8] which is a
address data confidentiality and authentication. However,                      symmetric cryptosystem. These schemes have been chosen as
unlike plaintext, encryption of multimedia data, including                     the best representative of each symmetric and asymmetric
compressed audio and video, is a challenging process due to                    encryption based on their advantages. In fact, ECC is a recent
the following two constrains. First, the multimedia data                       public key cryptosystem which is more efficient and faster
encryption and decryption must be done within real-time                        than the other asymmetric cryptosystems [9]. On the other
constraints with minimal delays. Hence, applying heavy                         hand, Blowfish is known as the fastest symmetric encryption
encryption algorithms during or after the encoding phase will                  scheme which is compact and suitable for large blocks of data,
increase the delay, and are likely to become a performance                     and therefore suitable for video data encryption [8].
bottleneck for real-time multimedia applications. The second
constraint is that multimedia data is time dependent, and must                    The rest of this paper is organized as follows: Section II
be well synchronized. Therefore, the needed encryption must                    provides an overview of cryptographic schemes and compares
be done within the defined time restrictions to keep temporal                  symmetric and asymmetric cryptography. Section III discusses
relations among the video streams intact [1]. There are also                   the asymmetric encryption scheme for real-time video
other limitations due to the large size of multimedia data [2],                conferencing system, while Section IV discusses the
[3], but the operation system’s network layer can be called                    symmetric encryption scheme. Section V provides details on
upon to handle this. In overall, a viable security mechanism                   performance tests and a comparison of both cryptosystems.
for real-time multimedia transmission must consider both                       Finally the paper will be concluded in Section VI.
security and efficiency [4].

   This paper is financially sponsored by the Universiti Sains Malaysia
(USM) through the USM Fellowship awarded to Maryam Feily.

                                                                          49                             http://sites.google.com/site/ijcsis/
                                                                                                         ISSN 1947-5500
                                                           (IJCSIS) International Journal of Computer Science and Information Security,
                                                                                                            Vol. 8, No. 7, October 2010
             II.   OVERVIEW OF CRYPTOGRAPHY                               Modern public key cryptosystems rely on some
   Cryptography is the art and science of hiding secret                computationally intractable problems, and the security of
documents [9]. Security is very important in applications like         public key cryptosystems depends on the difficulty of the hard
multimedia conferencing system. To provide a secure                    problem on which they rely. Hence, public key algorithms
multimedia conferencing system, cryptography is used to                operate on sufficiently large numbers to make the
address data confidentiality, and authentication [10]. Modern          cryptanalysis practically infeasible, and thus make the system
cryptographic techniques address the security objectives of            secure [9], [18]. However, due to smart modern cryptanalysis
multimedia conferencing systems. In general, there are two             and modern high speed processing power, the key size of
main categories of cryptography; symmetric and asymmetric              public key cryptosystems grew very large [11]. Using large
key cryptography [9], [11].                                            keys is one of the disadvantages of public key cryptography
                                                                       due to the large memory capacity and large computational
    A brief overview of each category will be provided in this         power required for key processing.
Section. In addition, symmetric and asymmetric cryptography
will be compared briefly to realize the advantages and                     There are several standard public key algorithms such as
disadvantages of each one.                                             RSA [19], El-Gamal [20] and Elliptic Curve Cryptography
                                                                       (ECC) [7]. However, ECC [7] is a recent public key
A. Symmetric Key Cryptography                                          cryptography which is more efficient and faster than the other
                                                                       asymmetric cryptosystems. Unlike previous cryptography
    Symmetric key cryptography is one of the main categories
                                                                       solutions, ECC is based on geometric instead of number
of cryptography. In symmetric key cryptography, to provide a
                                                                       theory [9]. In fact, the security strength of the ECC relies on
secure communication a shared secret, called “Secret Key”,
                                                                       the Elliptic Curve Discrete Logarithm Problem (ECDLP)
must be established between sender and recipient. The same
                                                                       applied to a specific point on an elliptic curve [21], [22]. In
key is used for both encryption and decryption. Thus, such a
                                                                       ECC, the private key is a random number, whereas the public
cryptosystem is called “Symmetric” [9]. This type of
                                                                       key is a point on the elliptic curve which is obtained by
cryptography can only provide data confidentiality, and cannot
                                                                       multiplying the private key with the generator point G on the
address the other objectives of security [9], [11].
                                                                       curve [18]. Hence, computing public key from private key is
    Moreover, symmetric key cryptography cannot handle                 relatively easy, whereas obtaining private key from public key
communications in large n-node networks. To provide a                  is computationally infeasible .This is considered as ECDLP
confidential communication in a large network of n nodes,              that is much more complex than the DLP, and it is believed to
each node needs n-1 shared secrets. Hence, n (n-1) shared              be harder than integer factorization problem [18]. Hence, ECC
secrets need to be established that is highly impractical and          is one of the strongest public key cryptographic systems
inconvenient for a large value of n [11]. All classical                known today.
cryptosystems that were developed before 1970s and also most
                                                                           In addition, ECC uses smaller keys than the other public
modern cryptosystems are symmetric [11]. DES (Data
                                                                       key cryptosystems, and requires less computation to provide a
Encryption Standard) [12], 3DES (Triple Data Encryption
                                                                       high level of security. In other words, efficiency is the most
Standard) [13], AES (Advanced Encryption Standard) [14],
                                                                       important advantage of the ECC since it offers the highest
IDEA [15], RC5 [16], Blowfish [8], and SEAL [17] are some
                                                                       cryptographic strength per bit [9], [23]. This a great advantage
of the popular examples of modern symmetric key
                                                                       in many applications, especially in cases that the
                                                                       computational power, bandwidth, storage and efficiency are
    Amongst all symmetric encryption schemes, Blowfish [8]             critical factors [9], [23]. Thus, ECC has been chosen as the
is known as the fastest symmetric encryption scheme which is           best asymmetric encryption in this research.
compact and suitable for large blocks of data, and therefore
suitable for video data encryption [8]. Thus, Blowfish is              C. Symmetric Versus Asymmetric Key Cryptography
chosen as the best example of symmetric scheme for video                   Despite the Public key cryptography that can only provide
encryption in this research.                                           data confidentiality, asymmetric key cryptography addresses
                                                                       both data confidentiality and authentication. Public key
B. Asymmetric Key Cryptography                                         cryptography solves the problem of confidential
    Asymmetric or public key cryptography is the other                 communication in large n-node networks, since there is no
category of cryptography. Despite symmetric key                        need to establish a shared secret between communicating
cryptography, public key cryptosystems use a pair of keys              parties. Moreover, there are protocols that combine public key
instead of a single key for encryption and decryption. One of          cryptography, public key certificates and secure hash functions
the keys, called “Public Key”, is publicly known and is                to enable authentication [11].
distributed to all users, whereas the “Private Key” must be
                                                                           However, public key cryptosystems are significantly
kept secret by the owner. Data encrypted with a specific public
                                                                       slower than symmetric cryptosystems. Moreover, public key
key, can only be decrypted using the corresponding private
                                                                       cryptography is more expensive since it requires large memory
key, and vice versa. Since different keys are used for
                                                                       capacity and large computational power. For instance, a 128-
encryption and decryption, the cryptosystem is called
                                                                       bit key used with DES provides approximately the same level
“Asymmetric” [9].
                                                                       of security as the 1024-bit key used with RSA [24]. A brief
                                                                       comparison of symmetric and asymmetric key cryptography is
                                                                       summarized in Table I.

                                                                  50                              http://sites.google.com/site/ijcsis/
                                                                                                  ISSN 1947-5500
                                                            (IJCSIS) International Journal of Computer Science and Information Security,
                                                                                                             Vol. 8, No. 7, October 2010
        Cryptosystem            Symmetric        Asymmetric
Confidentiality           Yes                Yes
Data Integrity            No                 Yes
Authentication            No                 Yes
Number of Keys            1                  2
Key Size                  Smaller            Larger
Speed                     Faster             Slower
Memory Usage              Less               More
Computational Overhead    Less               More
Good for N-node Networks No                  Yes
                                                                                        Figure 1. Video Capture Architecture
Some Examples             DES/RC5/Blowfish   RSA/El-Gamal/ECC

    The asymmetric cryptosystem [25] based on ECC [7] will
be reviewed in this Section. In addition, this Section will
describe how this encryption scheme was implemented into
the MCS video conferencing system.
A. ECC-Based Cryptosystem
    The asymmetrical encryption scheme that is tested in this                           Figure 2. Video Playback Architecture
research is a public key cryptosystem based on the Elliptic
Curve Digital Signature Algorithm (ECDSA) [25]. It is a                    In addition, it is important to mention that all encryptions
robust security platform that employs the most advanced                 and decryptions are performed only at the clients. In this
algorithms recognized by the global cryptography community              architecture, video encryption and decryption are both
to meet the severe security requirements of certain                     performed within the application layer.
applications. Furthermore, it is a multilayer cryptosystem
which consists of multi layers of public-private key pairs [25].            After integration of the ECC-based cryptosystem [25] into
In its standard mode of encryption, this cryptosystem only              the video component of the MCS [6], the performance of the
uses 256-bit ECC to encrypt the data. Although this                     system was tested to evaluate the efficiency of asymmetric
cryptosystem is an ECC public key cryptosystem, it uses other           encryption for real-time video data. The result and analysis of
encryption algorithms as well. Mainly, it uses ECDSA for                the performance test are presented in Section V.
authentication, AES and RSA for key encryption and SHA-2
                                                                          IV.   SYMMETRIC ENCRYPTION FOR VIDEO CONFERENCING
for hashing.
                                                                            In this Section, an alternative symmetric cryptosystem
    However, since this cryptosystem is based on ECDSA, the             scheme for video conferencing system is discussed. Amongst
security strength of its encryption scheme mostly relies on the         all known symmetric encryption such as DES [12], 3DES
Elliptic Curve Discrete Logarithm Problem (ECDLP) applied               [13], AES [14], IDEA [15], and RC5 [16], using Blowfish [8]
to a specific point on an elliptic curve. Hence, breaking this          for video data encryption is suggested as it is known to be a
cryptosystem is theoretically equivalent to solving ECDLP,              fast and compact encryption suitable for large blocks of data
which is computationally impractical for a large key size of            [8]. The symmetrical encryption scheme based on Blowfish
256-bit [25].                                                           was implemented by using OpenVPN [26], [27]. In this
B. Implementation of Asymmetric Scheme                                  Section, Blowfish encryption is introduced, and the algorithm
                                                                        is explained briefly. Furthermore, the details of implementing
    As mentioned earlier, a proper security solution for video          this security scheme into the MCS are explained.
conferencing system must address authentication and data
confidentiality [9]. However, authentication is well addressed          A. Blowfish Encryption
by most video conference systems. Therefore, in order to have              Blowfish is a symmetric block cipher based on the Feistel
a secure video conferencing system, data confidentiality must           network. The block size is 64 bits, whereas the key can be any
be provided. Thus, in this research, the aforementioned                 length up to 448 bits. Blowfish algorithm consists of two
asymmetric encryption [25] is applied only to the video                 phases: Key Expansion and Data Encryption [8].
component of the MCS [6] to protect the video stream. There
are two modules in video component responsible for video                    In Key Expansion phase a key of at most 448 bits will be
encryption and decryption that are “Video Capture” and                  converted into several subkey arrays with maximum of 4168
“Video Playback” correspondingly. The architecture of Video             bytes which will be used in the Data Encryption phase
Capture and Video Playback are depicted in Fig. 1 and Fig. 2            afterward. During the encryption phase, blocks of 64-bit input
respectively.                                                           data will be encrypted using a 16-round Feistel network. Each
                                                                        round of this algorithm consists of permutations and

                                                                   51                                http://sites.google.com/site/ijcsis/
                                                                                                     ISSN 1947-5500
                                                                (IJCSIS) International Journal of Computer Science and Information Security,
                                                                                                                 Vol. 8, No. 7, October 2010
substitutions. Permutations are key dependant, whereas                            TABLE II. SPEED COMPARISON OF BLOCK CIPHERS ON A PENTIUM
substitutions depend on both key and data. Decryption is                      Algorithm         Number of Clock          Number           Number of Clock
exactly the same as encryption, except that subkeys are used in                                     Cycles                 of              Cycles per Byte
the reverse order. All operations are XORs and additions on                                       Per Round              Rounds              Encrypted
32-bit words. In addition to these operations, there are four                 Blowfish                 9                   16                    18
indexed array data lookups per round. Ultimately, the                         Khufu                    5                   32                    20
algorithm is cost-effective due to its simple encryption                      RC5                     12                   16                    23
function. Moreover, Blowfish is the fastest block cipher                      DES                     18                   16                    45
available [8]. Table II shows the speed comparison of block                   IDEA                    50                    8                    50
                                                                              Triple DES              18                   48                   108
ciphers on a Pentium based computer [8].
B. Implementation of Symmetric Scheme
                                                                                  The performance of this scheme is tested on the
   In order to implement the symmetrical encryption scheme                    commercial conferencing system, MCS [6] to realize the
based on Blowfish, OpenVPN software [26] is used as it                        efficiency of Blowfish as a symmetric encryption for real-time
provides the advantage of choosing from a wide range of                       video data. The results of the performance test and evaluation
cryptographic algorithms according to the level of security                   are presented in Section V.
required. OpenVPN’s cryptography library implements a
broad range of standard algorithms to efficiently address both                             V.     PERFORMANCE TEST AND EVALUATION
data confidentiality and authentication [26], [27].
                                                                                 In this Section, the performance test and evaluation of both
    For implementation, a VPN server is installed and                         symmetrical and asymmetrical encryption schemes for video
configured to run in UDP and SSL (Secure Socket Layer)                        conferencing are explained in details, and a comparison of
mode as the MCS uses UDP for its video stream, and the SSL                    both schemes is provided. In fact, the performance of both
Mode is more scalable than the Static Key Mode [27]. Most                     encryption schemes is tested to evaluate the efficiency of each
importantly, Blowfish CBC-mode with 128-bit is selected as                    scheme and to choose the optimal encryption scheme for real-
the symmetric cipher for data channel encryption to implement                 time video conferencing system.
the alternative symmetric encryption scheme. In order to
                                                                              A. Performance Test
provide a multi layer encryption equal to the first scheme,
SHA1 with 160-bit message digest is chosen as the hash                            Performance tests of both symmetric and asymmetric
function algorithm, and 1024-bit RSA as the asymmetric                        encryption schemes have been carried out on the MCS [6] that
cipher for the control channel to provide authentication. The                 is a commercial conferencing application. In order to test and
implemented VPN tunneling and secure data transmission                        evaluate the performance of these cryptosystems, two critical
scheme is illustrated in Fig. 3 below.                                        performance parameters namely, the average of CPU usage
                                                                              and the average of Memory usage were measured. These
    In this scheme, VPN implements a reliable transport layer                 parameters are then compared with a baseline that is the
on top of UDP using SSL/TLS standard protocol. In other                       performance of the video conferencing system without any
words, a secure layer is established between transport layer                  video data encryption/decryption. However, it is important to
and application layer. Hence, it provides a highly secure and                 mention that both encryption schemes have been tested and
reliable connection without the implementation complexities                   evaluated only in terms of efficiency, but not security; since
of the network level VPN protocols.

                                                  Secure Video Conference Between MCS Clients

                                                                 Secured Network

                                                                  MCS Server

                    MCS Client                                                                                                  MCS Client
                                                               Payload         Payload

                                  Secure VPN Tunnel                                         Secure VPN Tunnel

          Payload                                                                                                                          Payload

                 VPN Client                                      VPN Server                                                     VPN Client
                                  Header   Encrypted Payload                               Header   Encrypted Payload

                                       Figure 3. VPN Tunneling and Secure Data Transmission Scheme

                                                                         52                                       http://sites.google.com/site/ijcsis/
                                                                                                                  ISSN 1947-5500
                                                            (IJCSIS) International Journal of Computer Science and Information Security,
                                                                                                             Vol. 8, No. 7, October 2010
the security strength of both encryption schemes are confirmed
[8], [25].
    All testing have been performed on the same test bed,
using identical clients with the following configuration in
Table III. This is the recommended system specification for a
typical video conference client using the MCS.
    First, to provide a baseline for performance evaluation, the
performance       of    the    MCS       without   any    video
encryption/decryption is tested, and intended parameters are
measured. The measurement test bed comprised a video
conference between two clients connected to the LAN with a
high speed network connection with the speed of 100 Mbps.                                  Figure 4. Comparison of CPU Usage
At the next stage, the same critical parameters have been
measured after applying each encryption schemes. Testing of
each case was performed for 80 sessions of video conference
between two clients using the MCS, and the average of
intended parameters (Memory usage, and CPU usage) was
B. Evaluation of Performance Result
    In this part, the performance results of both symmetric and
asymmetric cryptosystems are compared to evaluate the
efficiency of each scheme, and to choose the appropriate
encryption scheme for real-time video conferencing. The
results of CPU usage and Memory usage of both schemes are
depicted in Fig. 4 and Fig. 5 respectively.                                               Figure 5. Comparison of Memory Usage

   According to the results, applying asymmetric encryption             the VPN server, and does not affect the CPU usage of the
[25] to the video component increases both CPU usage and                clients. Moreover, unlike ECC-based encryption, Blowfish
Memory usage significantly. The noticeable increase of the              cipher does not require a large amount of memory, since it is a
CPU usage shown in Fig. 4 is related to the Video Capture               compact cipher with a small key size of 128-bit [8]. In
module, and shows the heavy processing of the 256-bit ECC-              addition, Blowfish encrypts and decrypts the payload of each
based encryption. Moreover, as it is illustrated in Fig. 5, the         UDP packet, without creating any memory. Therefore,
Memory usage is also high and it keeps increasing during the            Memory usage grows by almost a fixed amount of 5000 Kb as
video conference. This is due to the excess Memory usage by             shown in Fig. 5. However, the slight increase in CPU usage
the cryptosystem as it creates several memories to encrypt              and Memory usage is acceptable and does not affect the
each block of raw data. The dramatic increase of CPU usage              overall performance of video conferencing system.
and Memory usage are considered as performance bottleneck
for the video conferencing system due to the limited                                VI.      CONCLUSION AND FUTURE WORK
processing power and memory capacity.
                                                                            In this paper, the performance of two different encryption
    In contrast, the symmetrical encryption based on Blowfish           schemes for real-time video encryption for video conferencing
[8] is more cost-effective in terms of both CPU and Memory              is evaluated in terms of efficiency. The first encryption was an
usage. Fig. 4 shows that applying symmetric encryption for              asymmetric cryptosystem based on Elliptic Curve
video conferencing increases the average CPU usage slightly.            Cryptography (ECC), whereas the second cryptosystem was
The 2% increase of the CPU usage is due to the Blowfish                 an alternative symmetric encryption based on Blowfish cipher.
encryption and decryption which is obviously far less than the          These schemes have been chosen as the best representative of
CPU usage of the 256-bit ECC-based encryption.                          each symmetric and asymmetric encryption based on their
                                                                        advantages. Performance tests of both encryption schemes
   It is important to mention that OpenVPN [26] that is used
                                                                        have been carried out on the MCS [6] that is a commercial
to implement asymmetric encryption uses public key
                                                                        application. According to the results, the ECC-based
cryptography only for authentication which is mainly done in
                                                                        cryptosystem [25] caused significant performance bottleneck,
   TABLE III.     SYSTEM SPECIFICATION OF CLIENTS                       and was not effective for real-time video encryption. In
                                                                        contrast, the alternative symmetric encryption based on
            Platform    Windows XP Professional (SP2)                   Blowfish cipher [8] worked well with the MCS [6], and
            Processor   P4 1.80 GHz                                     proved to be efficient for encrypting video data in real-time as
            RAM         512MB                                           it is capable to provide an acceptable balance between
            Hard Disk   40 GB                                           efficiency and security demands of video and multimedia
                                                                        conferencing systems.

                                                                   53                                 http://sites.google.com/site/ijcsis/
                                                                                                      ISSN 1947-5500
                                                                       (IJCSIS) International Journal of Computer Science and Information Security,
                                                                                                                        Vol. 8, No. 7, October 2010
    Performance analysis shows that the inefficiencies of the                          [8]    Schneier, B.: Description of a New Variable-Length Key, 64-Bit
ECC-based encryption [25] are in fact due to the expensive                                    Block Cipher (Blowfish). In: Fast Software Encryption, Cambridge
                                                                                              Security Workshop (December 1993), pp. 191- -204. Springer-
and heavy computation of the underlying cryptosystem which                                    Verlag (1994). Available at http://www.schneier.com/paper-
is a multi layer public key encryption. In fact, ECC public key                               blowfish-fse.html.
is suitable to address authentication, and it is not proper for                        [9]    Stallings, W.: Cryptography and network security: principles and
real-time video encryption.        However, authentication is                                 practice. Prentice Hall (2006).
usually well addressed by most video conferencing systems,                             [10]   Ahmet, M. E.: Protecting Intellectual Property in Digital
                                                                                              Multimedia Networks. J. IEEE Computer Society. 36, 39- -
and just a proper encryption for real-time video data is                                      45(2003).
required. Hence, ECC-based encryption is not appropriate for                           [11]   Furht, B., Kirovski,D.: Multimedia Security Handbook. CRC Press
real-time video conferencing as it fails to provide an                                        LLC (2004).
acceptable balance between efficiency and security demands                             [12]   National Bureau of Standards.: Data Encryption Standard. National
of video conference. Yet, it is a robust security solution either                             Bureau of Standards, US Department of Commerce- Federal
for non real-time applications or instant messaging where the                                 Information Processing, Standards Publication 46(1977).
                                                                                       [13]   Institute, A.N.S.: Triple Data Encryption Algorithm Modes of
data is an ordinary text, but not a huge video stream. Unlike                                 Operation. American National Standards Institute, ANSI X9.52-
ECC-based cryptosystem that sacrifices efficiency for                                         1998 (1998).
security, the symmetric encryption based on Blowfish meets                             [14]   Daemen, J., Rijmen, V.: AES proposal: Rijndael (1999). Available
both security demands and real-time requirements of the video                                 at http://www.nist.gov/CryptoToolkit.
conferencing system with a better performance. It is concluded                         [15]   Lai, X., Massey, J.L.: A proposal for a new block encryption
                                                                                              standard. J. Springer. 90, 389- -404 (1990).
that the Blowfish which is known as the fastest block cipher is                        [16]   Rivest, R.: The RC5 encryption algorithm. J. Springer. pp. 86- -96
the optimal scheme for real-time video encryption in video                                    (1994).
conferencing systems.                                                                  [17]   Rogaway, P., Coppersmith, D.: A software-optimized encryption
                                                                                              algorithm. J. Cryptology. 11, 273- -287 (1998).
    Nevertheless, there are also few drawbacks of the                                  [18]   Anoop, M.S.: Public key Cryptography: Applications Algorithms
symmetric encryption scheme implementation using                                              and Mathematical Explanations. Tata Elxsi Ltd, India (2007).
OpenVPN. First, if the VPN server and the video conference                             [19]   Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining
server are not located in a secure network, the transmission is                               digital    signatures     and     public-key  cryptosystems.     J.
                                                                                              Communications of the ACM (1978).
not totally secure. Moreover, there will be the problem of                             [20]   ElGamal, T.: A Public Key Cryptosystem and A signature Scheme
single point of failure due to the central VPN server. Hence,                                 Based on Discrete Logarithm Problem. J. IEEE Transaction on
the first idea for future work is to implement VPN server                                     Information Theory. 31, 469- -472 (1985).
directly into the video conference server to eliminate these                           [21]   Koblitz, N.: Introduction to Elliptic Curves and Modular Form.
problems. However, during the time, there will be definitely                                  Springer-Verlag (1993).
                                                                                       [22]   Miller, V.: Uses of Elliptic Curves in Cryptography. Advances in
other new ideas and requirements for the future.
                                                                                              Cryptology (CRYPTO ’85). LNCS, vol. 218, pp. 417- -426.
                                                                                              Springer-Verlag (1986).
                        ACKNOWLEDGMENT                                                 [23]   Johnson, D. B.: ECC: Future Resiliency, and High Security
    The authors graciously acknowledge the support from the                                   Systems. In: Certicom PKS '99 (1999).
Universiti Sains Malaysia (USM) through the USM                                        [24]   Menezes, A. J., Van Oorschot, P. C., Vanstone, S. A.: Handbook
                                                                                              of Applied Cryptography. CRC Press Inc. (1997).
Fellowship awarded to Maryam Feily.                                                    [25]   Zeetoo(M) Sdn. Bhd: Zeetoo Encryptor ECDSA (2006). Available
                             REFERENCES                                                [26]   OpenVPN Technologies Inc.: OpenVPN (2007). Available at
    [1]   Hosseini, H.M.M., Tan, P.M.: Encryption of MPEG Video                               http://www.openvpn.net.
          Streams. In: 2006 IEEE Region 10 Conference (TENCON 2006),                   [27]   Feilner, M.: OpenVPN: Building and Integrating Virtual Private
          pp. 1- - 4. IEEE Press (2006).                                                      Networks - PACKT Publishing (2006).
    [2]   Wu, M.Y., Ma, S., Shu, W.: Scheduled video delivery-a scalable
          on-demand video delivery scheme. J. IEEE Transactions on
          Multimedia. 8, 179- -187 (2006).                                                                    AUTHORS PROFILE
    [3]   Zeng, W., Zhuang, X., Lan, J.: Network friendly media security:
          rationales, solutions, and open issues. In: IEEE International
          Conference on Image Processing (2004).                                                       Maryam Feily is a Ph.D. Student and a
    [4]   Choo, E. et.al.: SRMT: A lightweight encryption scheme for secure                            Research Fellow at the Universiti Sains
          real-time multimedia transmission. In: IEEE International                                    Malaysia (USM).She received the B.Eng.
          Conference on Multimedia and Ubiquitous Engineering
                                                                                                       degree in Software Engineering from the
          (MUE'07), pp. 60- -65. IEEE Press (2007).
    [5]   Liu, F., Koenig, H.: A novel encryption algorithm for high                                   Azad University (Iran) in 2002, and the
          resolution video. In: ACM International Workshop on Network                                  M.Sc. degree in Computer Science from
          and Operating Systems Support for Digital Audio and Video                                    USM (Malaysia) in 2008. She has been
          (NOSSDAV’05), pp. 69- -74. ACM New York (2005).
                                                                                                       awarded with the USM Fellowship in
    [6]   MLABS.Sdn.Bhd: Multimedia Conferencing System - MCS Ver.6
          Technical       White      paper       (2005).   Available     at        2009. Furthermore, she is proud of being one of the successful
          http://www.mlabs.com/paper/MCSv6.pdf.                                    graduates of Iran’s National Organization for Development of
    [7]   Certicom: SEC 1: Elliptic Curve Cryptography. Vol. 1.5 1.0, 2005.        Exceptional Talents (NODET). Her research interests include
          Available           at          http://www.secg.org/download/aid-        Network Management, Network Security, Cyber Security, and
                                                                                   Overlay Networks.

                                                                              54                                    http://sites.google.com/site/ijcsis/
                                                                                                                    ISSN 1947-5500
                                                         (IJCSIS) International Journal of Computer Science and Information Security,
                                                                                                          Vol. 8, No. 7, October 2010

                  Salah Noori Saleh is a Senior                                      Sureswaran Ramadass is a Professor
                  Developer and Researcher in the                                    with the Universiti Sains Malaysia
                  Universiti Sains Malaysia (USM). He                                (USM). He is also the Director of the
                  has received the Ph.D. degree from USM                             National Advanced IPv6 Centre of
                  in 2010. He received the B.Sc. degree in                           Excellence (NAV6) at USM. He
                  Computer      Engineering from the                                 received the B.Sc. degree and the M.Sc.
                  University of Baghdad (Iraq) and the                               degree in Electrical and Computer
                  M.Sc. degree in Computer Science from                              Engineering from the University of
USM (Malaysia). His research interests include Network             Miami in 1987 and 1990 respectively. He received the Ph.D.
Architectures and Protocols, Multimedia and Peer-to-Peer           degree from the Universiti Sains Malaysia (USM) in 2000
Communications, Overlay Networks, and Network Security.            while serving as a full time faculty in the School of
                                                                   Computer Sciences. He is a Primary Member of APAN as
                                                                   well as the Head of APAN Malaysia (Asia Pacific
                                                                   Advanced Networks). He is currently the IPv6 Domain
                                                                   Head for MYREN (Malaysian Research and Education
                                                                   Network) and the Chairman of the Asia Pacific IPv6 Task
                                                                   Force (APV6TF).

                                                             55                               http://sites.google.com/site/ijcsis/
                                                                                              ISSN 1947-5500

To top