Secure Transcoding of Internet Content

Abstract

In this paper, we introduce a secure transcoding framework that enables network intermediaries such as proxies to transcode multimedia data without violating end-to-end security guarantees. In our approach, an encoder decomposes a data stream at the source into multiple streams, encrypts each stream independently, and annotates each stream with clear-text metadata. An intermediary performs transcoding by prioritizing the data streams based only on the clear-text metadata, and then dropping lower priority streams. The destination can then decrypt the remaining received streams and recombine them into the transcoded output stream. Our solution offers true end-to-end security since there is no decryption and re-encryption of the data stream midway. As a result, the proxy/intermediary may employ compression-based transcoding of encrypted multimedia data to improve speed of delivery over slow access links without having to decrypt the data.