Metrics for Assessing Visual Security of Image and Video Encryption Schemes

Image and video encryption schemes (IVES) have been intensively researched in the last ten years, however, a commonly agreed methodology how to assess such techniques has not yet been established. Application scenarios for IVES and corresponding security requirements range from highest level security (information leakage has to be prevented) to transparent encryption, where a low quality public version of the content (image / video) is required to be decodable from the ciphertext even with standard decoders. Given a certain IVES, it needs to be determined for which application scenario this specific approach might be suited and for which it is not. To automatically assess the amount of information present in ciphertext or the visual quality of image or video ciphertext (after eventual attacks have been mounted), (image / video) metrics are required. These metrics play an important role in the definition of security of IVES: The security of IVES relies on the inability of an attacker to reconstruct an approximation of the original content with higher quality than targeted by the scheme. Compared to conventional visual quality metrics (PSNR / SSIM / VIF) these security metrics have to assess visual similarity for extremely low quality content, for which the conventional metrics are no longer applicable. Besides the development of such metrics (which is one of the main goals of this project), different subjective test methodologies will have to be considered, developed and implemented, which are applied to IVES-specific subjective databases. These databases will serve as objective basis of evaluation for the suitability of a metric. A second way to objectively evaluate the constructed metrics is to consider application contexts in which the extent of security can be quantified. We consider biometric recognition, medical image retrieval, and privacy protected video surveillance as corresponding application fields where we can measure the impact of using encrypted visual data in a pattern recognition context. Correlation with objective metrics values and subjective assessment will shed light on the impact of using IVES in such contexts. A special interest will be taken in IVES that preserve functionality, especially interesting is transcoding / adaptation of encrypted content and privacy-preserving (ROI) encryption. If such IVES are found to be sufficiently secure, their application could completely change current multimedia distribution and give technological solutions to many of the currently unsolved problems, such as piracy and privacy issues. Overall, the project targets to develop solid foundations for a methodology to enable a transparent assessment of the security of IVES and to study corresponding implications on security architecture design. Furthermore, IVES will be developed for recent image and video formats (i.e. JPEG XR and HEVC) based on the principles garnered from the study of security architecture design. These new IVES can then be employed to compare traditional security evaluation and the security evaluation developed during this project and provide interpretations with respect to the difference among the approaches.

FWF project P27776 is a project on developing metrics to automatically assess the amount of information present in image or video ciphertext (after eventual attacks have been mounted). Such metrics play an important role in the definition of security of image and video encryption schemes (IVES): The security of IVES relies on the inability of an attacker to reconstruct an approximation of the original content with higher quality than targeted by the scheme. Compared to conventional visual quality metrics (PSNR / SSIM / VIF) these security metrics have to assess visual similarity for extremely low quality content, for which the conventional metrics are no longer applicable. Besides the development of such metrics (which is one of the main goals of this project), different subjective test methodologies have been considered, developed and implemented, which have been applied to IVES-specific subjective databases. These databases, also established in the framework of the project, serve as objective basis of evaluation for the suitability of a metric.