Fraunhofer Institute for Telecommunications,
Heinrich-Hertz-Institut, HHI
Video Communication and ApplicationsNewsTechnologies and SolutionsResearch GroupsProjectsPublicationsPeople and Contact

Multimedia Authentication

Trustworthy authentication for compressed video data

Detecting deepfakes and restoring trust in video authenticity

Experience the next evolution in video security with the latest video coding standard H.266/Versatile Video Coding (VVC). Fraunhofer HHI has developed a method to authenticate compressed video bitstreams using digital signatures – thus enabling trustworthy authentication at elementary stream level.

The method has been adopted as part of VVC and is compatible with core application scenarios of modern video codecs like random access or scalability. It also allows a joint digital signature of additional bitstreams associated to a video signal, such as audio or subtitles, in order to guarantee the integrity of compressed multimedia content as a whole. Furthermore, the authentication method will be soon available as part of amendments of the widespread video coding standards H.264/AVC and H.265/HEVC.

Digital signatures for elementary video streams: General principle

In general terms, the standardized Fraunhofer HHI solution works as follows:

  • The encoder i.e., the entity which generates the data stream, is in possession of a private (and a public) key for a fixed signature algorithm.
  • The decoder i.e., the entity which wants to verify the data-stream as being generated from the encoder, only possesses the public, but not the private key. The data stream itself may include a pointer to the public key.
  • Given this information, the decoder can retrieve the digital certificate corresponding to the encoder entity (a public key and all other parameters needed for verification) from a third-party trust center.
  • Encoder and decoder agree on a cryptographic hash function. Afterwards they determine a unique range of bytes from the data stream. The decoder then computes the cryptographic hash value of these bytes using the given hash function.
  • From this, the Fraunhofer HHI method now generates a ‘digital signature’. That signature is the claimed digital signature of the computed hash value for the given range of bytes and will be transmitted in the elementary data stream.
  • To verify trustworthiness, the decoder now processes this digital signature using the given public key. If the result of this process is found to be the digital signature of the computed hash value of the byte range, the decoder can regard this byte range as information that trustworthily belongs to the entity associated to the given public key. In the opposite case, it should regard it as a fake.

Temporal scalability and temporal consistency for digital signatures of video streams

The standardized Fraunhofer HHI method comprises a set of three supplemental enhancement information (SEI) messages. These allow authentication of coded video data on the elementary stream level by giving users the option to attach cryptographic signatures. With these SEI messages, users can flexibly assign video coding layers to different substreams for authentication. To verify higher order substreams, one needs lower order substreams but lower order substreams can be signed without higher order substreams. This functionality enables, for example, scalable coding in a trustworthy scenario. Moreover, by invoking joint signatures for substreams of order zero, trustworthy random access is guaranteed.