Hybrid Encryption Of Videos With UICC

Technical Document
Suman Jojiju
March 25, 2014

Introduction

Nowadays, internet business is growing in a rapid pace. Consider a hypothetical media company making its business by publishing music videos remotely and streaming
them to the android smart phone of its customers. Customers who are subscribed can
only access the videos through an android application provided by the media company.
However, it is losing customers because people around are violating its digital right
management [Wik] and gaining unauthorized access to the videos. Therefore its crucial
for the media company to protect its videos from illegal access.
In this work, we provide a secure way of accessing the videos with hybrid encryption mechanism. Using this mechanism, videos are encrypted and stored in the remote
server. When a user wants to access the videos they are subscribed to, the encrypted
videos are streamed to the smart phone of a user and decrypted by the Universal Integrated Circuit Card (UICC) of the smart phone. Section 2 presents the high level
description of the system. Section 3 explains the workflow of the system.

Architecture

The architecture of a system basically consists of four components. They are VideoClient apps, Video Repository, Video Manager and UICC as shown in Figure 1. These

Figure 1: Architecture
components are briefly described as follows:
1. VideoClient apps - VideoClient apps is an android component. It is responsible for
playing the streamed videos. It communicates with the Video Repository component and receive the video chunks. It also communicates with UICC component
for decrypting videos.
2. Video Repository - This component provides a mechanism to store the videos.
3. UICC - This component provides communication and cryptographic interfaces
that enables the VideoClient apps to communicate with UICC.
4. Video Manager - This component uses hybrid encryption to encrypt the videos in
the repository.

Workflow

The workflow of a system is shown in Figure 2.

Figure 2: Workflow
The media company manages a pool of videos in its repository. It can use Video Manager tool (Figure 3) to manage the access rights of the videos to the users. It can select
a video and the subscribed users of that video. When allow access button is clicked
hybrid encryption is applied. The symmetric key is generated for each video segment
and is used to encrypt the corresponding video segment. Each symmetric key generated
is encrypted with the public key of the user and stored as a wrapped key in a file.

Figure 3: Video Manager

When the user wants to access a video, he opens the VideoClientApps application. Now
he has to provide his pin number (Figure 4).

Figure 4: Input pin dialog

If the pin number is verified then the user can see the list of videos that he is subscribed
to (Figure 5).

Figure 5: Video list

After clicking the video link that he wants to play, the encrypted video with its corresponding wrapped key is fetched from the video repository. Then VideoClientApps
application communicates with UICC and the private key stored in the UICC decrypts
the wrapped key. Then the symmetric key is obtained which is used to decrypt the video
chunk.

Figure 6: Media Player playing the video

The process is repeated to all of its chunks. Thus, android media player plays the decrypted video chunks one after another (Figure 6).

Summary

In order to prevent unauthorized access of the videos located in remote location, hybrid
encryption with UICC is applied to the videos. As encryption and decryption of videos
are done with the cryptographic information stored in UICC, users who are subscribed
to the videos are only able to play them in their respective smart phones thus enhancing
the security.

References
[Wik] W IKIPEDIA: Digital rights management. [Online; accessed 25-March-2014]