Secure chaotic dual encryption scheme for H.264/AVC video conferencing protection
2017; Institution of Engineering and Technology; Volume: 12; Issue: 1 Linguagem: Inglês
10.1049/iet-ipr.2017.0022
ISSN1751-9667
AutoresNaziha Khlif, Atef Masmoudi, Fahmi Kammoun, Nouri Masmoudi,
Tópico(s)Video Coding and Compression Technologies
ResumoIET Image ProcessingVolume 12, Issue 1 p. 42-52 Research ArticleFree Access Secure chaotic dual encryption scheme for H.264/AVC video conferencing protection Naziha Khlif, Corresponding Author Naziha Khlif naziha.khlif@gmail.com Electrical Department, Laboratory of Electronics and Information Technologies National Engineering School of Sfax, Sfax University, Road Soukra Km 3.5, BP 3038 Sfax, TunisiaSearch for more papers by this authorAtef Masmoudi, Atef Masmoudi Electrical Department, Laboratory of Electronics and Information Technologies National Engineering School of Sfax, Sfax University, Road Soukra Km 3.5, BP 3038 Sfax, TunisiaSearch for more papers by this authorFahmi Kammoun, Fahmi Kammoun Electrical Department, Laboratory of Electronics and Information Technologies National Engineering School of Sfax, Sfax University, Road Soukra Km 3.5, BP 3038 Sfax, TunisiaSearch for more papers by this authorNouri Masmoudi, Nouri Masmoudi Electrical Department, Laboratory of Electronics and Information Technologies National Engineering School of Sfax, Sfax University, Road Soukra Km 3.5, BP 3038 Sfax, TunisiaSearch for more papers by this author Naziha Khlif, Corresponding Author Naziha Khlif naziha.khlif@gmail.com Electrical Department, Laboratory of Electronics and Information Technologies National Engineering School of Sfax, Sfax University, Road Soukra Km 3.5, BP 3038 Sfax, TunisiaSearch for more papers by this authorAtef Masmoudi, Atef Masmoudi Electrical Department, Laboratory of Electronics and Information Technologies National Engineering School of Sfax, Sfax University, Road Soukra Km 3.5, BP 3038 Sfax, TunisiaSearch for more papers by this authorFahmi Kammoun, Fahmi Kammoun Electrical Department, Laboratory of Electronics and Information Technologies National Engineering School of Sfax, Sfax University, Road Soukra Km 3.5, BP 3038 Sfax, TunisiaSearch for more papers by this authorNouri Masmoudi, Nouri Masmoudi Electrical Department, Laboratory of Electronics and Information Technologies National Engineering School of Sfax, Sfax University, Road Soukra Km 3.5, BP 3038 Sfax, TunisiaSearch for more papers by this author First published: 01 January 2018 https://doi.org/10.1049/iet-ipr.2017.0022Citations: 12AboutSectionsPDF ToolsRequest permissionExport citationAdd to favoritesTrack citation ShareShare Give accessShare full text accessShare full-text accessPlease review our Terms and Conditions of Use and check box below to share full-text version of article.I have read and accept the Wiley Online Library Terms and Conditions of UseShareable LinkUse the link below to share a full-text version of this article with your friends and colleagues. Learn more.Copy URL Share a linkShare onFacebookTwitterLinkedInRedditWechat Abstract This study presents a chaos-based crypto-compression scheme to protect the H.264 advanced video coding (AVC) used for the applications of video conference. To this end, a selective encryption approach was adopted. The authors proposed to encrypt the inter-prediction, the intra-prediction and the context adaptive variable length coding. The format compliance and compression ratio are conserved. Their encryption method is based on two piecewise linear chaotic maps for pseudo-random bit generators. The first is considered as a decision module to choose either to encrypt or not, whereas the second is used for the encryption. The proposed encryption techniques were developed and discussed, and their experimental results indicate that the scheme is secure and very efficient according to the computing times. Moreover, it is suitable for real-time application and convenient for all the H.264/AVC profiles or even with other video compression standards. 1 Introduction The huge evolution of information technology has enabled an easy transfer of all types of data over public channels. The data protection during transmission, against various attacks, is certainly an essential requirement to ensure confidentiality and integrity. Therefore, encryption appeared as a golden technique for this purpose. Since then, various encryption algorithms have been widely used such as data encryption standard [1], advanced ES (AES) [2] etc. for text data. AES is used in a streaming mode as the basis of many recent encryption schemes selecting from parameters in the entropy coding stage [3-6]. However, such encryption algorithms seem unsuitable for multimedia applications especially videos because of the large data amount and the real-time constraint. Chaos-based cryptography seems to overcome the above-mentioned drawbacks of the standard cryptography. In fact, using a chaotic signal to generate a random bit used as a dynamic key for encryption is fast enough to satisfy the real-time application requirement. Selective encryption is a technique that decreases the computation complexity [7] by encrypting a little amount of the whole data. This technique was adopted for the conception of our scheme to protect video sequences decoded with the H.264/advanced video coding (AVC) codec. The insertion of the encryption on H.264/AVC should preserve its format [8] which means to keep the same syntax for the bitstream to preserve the ability of the decoder to decode encrypted bitstream without decryption. The current paper presented a scheme that uses a chaotic function with two different keys to generate two renewable key streams. The first is used for the encryption operation and the other for the decision whether to encrypt or not. The dual encryption aspect is clear in our scheme since we used two chaotic stream generators. The first generator is used as a leader to guide the encryption process, whereas the second serves to generate random bits needed for the encryption. Three different modules of the compression chain are subject of the encryption. They are non-zero quantified coefficients for both the intra (I) and inter (P) predicted frames, the signs of motion vectors (MVs) differences for inter-predicted frames and the intra-predicted modes for intra-predicted blocks. All of these methods have been used with luma, blue and red chroma components. Our scheme has the advantage that we do not change the compression ratio (CR) during encryption. We use a chaotic function as a pseudo-random bit generator (PRBG) to generate a dynamic key used for the encryption rather than the standard AES algorithm. This choice seems to be more appropriate to ensure the speed of our system. In this case, the encryption is achieved each time data are received without waiting for the complete reception of all the data. The novelty and the originality of our contribution lie in three factors. First, our scheme uses two piecewise linear chaotic map (PWLCMs) as generators of dynamic keys. Second, it provides exclusively the encryption of intra-prediction modes for chroma components. Third, encryption and decryption processes are, respectively, inserted in the compression and decompression processes. This means, we do not collect all information to be encrypted and then apply the encryption algorithm. However, while encoding, the encryption algorithm is used each time it comes across some bits to encrypt. In the opposite case, the encoder proceeds normally. In the compression part, encrypting and encoding alternate until the construction of the encrypted bitstream. The same process is carried out in the decoder. In the decompression part, decrypting and decoding alternate until the construction of the decrypted sequence. When the decryption algorithm is not used, the decoding process operates normally to construct the encrypted sequence. Section 2 reviewed the state of the art. The remaining of this paper is structured as follows. Section 3 explained the motivation and the need to conceive such encryption scheme. In Section 4, we described the proposed scheme and explained the process given by the H.264/AVC standard to encode parameters selected for the encryption. Section 5 provided a discussion of the achieved results, and a study of the crypto-compression system robustness. Finally, in Section 6, we drew the major conclusion of our paper. 2 State of the art 2.1 Overview of the H.264/AVC The work of a joint committee of researchers from International Telecommunication Union –Telecommunication and International Standardization Organization/ InternationalElectro-technical Commission, also called joint video team, resulted in theH.264/AVC [9] also known as Moving PictureExperts Group-4 Part 10. The H.264/AVC processes the video sequence macro block(MB) by MB with a size of 16 × 16 pixels each one to be encoded separately. Adecision module decided for each MB to be intra or inter-predicted, according tothe dependency relationship between MBs on the same frame or on differentframes. Once chosen, the residual prediction error undergoes a transform module.Transformed coefficients are then quantified by a quantisation standard matrix.The quantified coefficients are used as input of the entropy coding unit usingeither context adaptive variable length coding (CAVLC) or context adaptivebinary arithmetic coding (CABAC). The decoding chain is also inserted in theencoder to reconstruct the current block or current frame used for theprediction of the next block or the next frame. Indeed, the quantifiedcoefficients are subjected to an inverse quantisation and inverse transform,resulting in the residual error of the decoded prediction. This error is addedto the prediction and the result is then transferred to the deblocking filter toprovide the reconstructed frame and hence the reconstructed video. 2.2 Related works Several selective encryption methods have been proposed in the literature. Indeed, the encryption algorithm can affect the prediction module. This method is discussed in [10-13] where the intra-prediction modes are the encrypted information. Hiding the prediction mode is beneficial to prevent the decoding part from reconstructing the real video. The encryption can also affect the MVs by hiding their signs [14-20] or the suffix of the exponential-Golomb (Exp-Golomb) codes for the differential MVs differences (MVds) [21, 22]. The encryption module can also affect the scan order adopted after quantisation module [23]. The work [3] studies the CABAC's and CAVLC's encryptions. Works [4, 5, 22, 24] also studied the encryption on CAVLC mode. In these works, the encryption on entropy coding module affects a part of the coefficient code. Many works have recently studied the combination of two or three methods together using different encryption algorithms. Li et al. [25] developed a scheme to encrypt the prediction module (intra and inter), quantified coefficients and MVs. They used a system to generate and distribute keys for all the encryption processes. This system consists of two-dimensional (2D) chaotic sequence generators which initial values are generated by the user's key. The selected parameters for encryption are hidden with binary numbers quantified from pseudo-numbers generated after the initialisation of the chaotic generator. The encryption algorithm consists of four operations. The first is an exclusive OR (XOR) of the old intra 4 × 4 prediction mode with a 3 bit long random sequence to obtain a new prediction mode. The second is a scrambling of the inter-frame 4 × 8 and 8 × 4 partition modes if the generated random bit is equal to 1. The third consists of dividing the absolute values of the non-zero quantised coefficients into four parts. According to the generated bits, non-zero coefficients will be kept as they are, or signed changed or also have another value when applying the XOR logic function with variable length pseudo-sequence. The final operation is a random XOR between the MV and the pseudo-sequence. The decryption process is the reverse of the encryption one. Lian et al. [17] conceived a scheme in which the intra-prediction mode is encrypted relying on the Exp-Golomb entropy coding where the intra-MBs DCs are encrypted based on CAVLC, whereas the intra-MBs alternative components (AC) and the inter-MBs MVds are sign encrypted with a stream cipher. For the intra-prediction mode, a permutation occurs only in the codeword with the same length. For the intra-MBs DCs, only the signs of T1 and the levels of the remaining non-zero coefficients are encrypted while other parameters are kept unchanged. The stream cipher is generated from a discrete PWLCM [26]. The key is then subdivided according to one sub-key for each slice. In Lian et al. work [27], both the predicted information [intra-prediction mode and MV difference (MVd)] and residue data are encrypted with the algorithms based on traditional ciphers [28]. For the inter-predicted residue data, only the DC block are encrypted, while for the intra-predicted residue data, both the DC and the AC blocks are encrypted. A key distribution scheme is presented to encrypt video frames segment by segment in order to keep it robust to some transmission errors. Mao et al. [21] used AES to encrypt the codewords of intra-prediction mode, the sign bit of the codewords of the low-frequency discrete cosine transform (DCT) coefficient of intra-frames and the info_suffix of the codewords of MVd. Zhang et al. [29] selected three fixed length fields and used a PR sequence to encrypt the 3 bits info suffix of the intra 4 × 4 codewords, signs of MVd and non-zero coefficients. This scheme used the XOR as the encryption operation. Wang et al. [30] conceived a scheme to encrypt the prediction modes for I and P frames and signs of non-zero coefficients for CAVLC and CABAC entropy encoding under the baseline and the main profiles, respectively. A mechanism adjusting the control factors is used by the authors to keep the implementation of their scheme simple. For the encryption operation, a stream cipher is used to generate a random bit sequence. Then, the XOR logic function is applied between random generated bits and the bits of the related syntax elements. 3 Motivation Till now, various encryption algorithms have been proposed and widely used such as Rivest Shamir Adleman or AES. However, these algorithms are frequently used in text or binary data and are difficult to encrypt videos directly because videos are often of large volumes and require real-time operations such as displaying, cutting or copying. Thus, new algorithms need to be studied. Video transmission requires an encryption algorithm in a streaming mode that ensures the synchronisation between the encoder and decoder. The last one should have no need to wait for the reception of the whole data. It should be able to decode each datum received which ensures the scalability aspect of the transmission. A cryptosystem is increasingly secure if the encryption used is unexpected. To ensure this property, PR binary sequences generated by PR number generator (PRNG) are most often used. Defined by a set of parameters and initial conditions the PRNG should ensure the unpredictability and uniformity properties. Thus, these sequences may be used as dynamic keys for cryptosystems. Chaos is an excellent candidate to make a PRNG since it has characteristics close to those of the noise. Indeed, a chaotic signal is characterised by a high sensitivity to the initial conditions. That means that the same chaotic function generates two binary sequences quite different randomnesses for very close initial conditions. It should be noted that multiple chaotic systems, high-dimensional chaotic systems, multiple iterations of chaotic systems and many other techniques can be used to design the PRBG [31].There are several chaotic functions: 1D such as the logistic function [32], the map ‘PWLCM’ [33], the ‘Sine’ map [34] etc., 2D such as the Henon map [35] and 3D such as the Baker map [36]. The logistic map (LM) was widely used in the literature as chaos-based PRBG, since it is fast and easy to implement to design chaotic-based cryptographic system. The problems with this function are the shortness key length, which makes easy the cryptanalysis on one hand. On the other hand, the distribution of chaotic values is not uniform. Thus, we should find another chaotic function suitable to be used for real-time application and has more uniformity in the generated chaotic values. Fig. 1 shows the bifurcation diagrams of both the logistic and PWLCMs. It is noted that the PWLCM distribution is more uniform by using the whole interval of variation. To generate random bits, we compare each chaotic value to ½. We obtained the same probability to have a bit equal to 1 or to 0 because of the uniformity distribution of the chaotic values generated by the PWLCM. We verified also the rapidity of the PWLCM. In Fig. 2, we compare the computed time needed for different data lengths. We noted from this figure that 1D chaotic maps are more rapid than 2D and 3D. It is clear from Fig. 2 that the PWLCM presented a curve with values very close to those of the LM. So, we concentrated to this map as a solution of the cryptanalysis and uniformity of the LM. To overcome the drawbacks of the key length insufficiency, we thought of a dual encryption scheme. The idea is to use two PWLCMs to ensure an extended key length and avoid the 2D and 3D chaotic maps which are complex. Let us predict the number of bits generated needed to encrypt N bits data using the dual encryption scheme, the 2D or 3D chaotic maps. The principle of our method is to run a first PWLCM to generate N bits. The second PWLCM will generate bits needed for the encryption only if the corresponding bits generated by the first one are equal to 1. Since the PWLCM has a uniform distribution, the probability to have a bit equal to 1 is the same to have a bit equal to 0. So, to encrypt N bits we need N bits from the first PWLCM and N/2 from the second. When using a 2D or 3D chaotic map, we need, respectively, 2N or 3N random bits. Thus, we demonstrate the interest of using the dual encryption scheme based on two PWLCMs in terms of rapidity and time computing gain. So, our idea to use a dual encryption scheme is demonstrated. Fig. 1Open in figure viewerPowerPoint Bifurcation diagram of (a) LM, (b) PWLCM Fig. 2Open in figure viewerPowerPoint Computed time versus data length for different 1D, 2D and 3D chaotic maps 4 Proposed approach As studied above, researchers opted to combine many different parameters for the encryption, in order to scramble the decoded video content as much as possible. For this reason, we conceive our encryption scheme by combining three different parameters previously studied one by one which are non-zero quantified coefficients on CAVLC entropy coding [24], signs of MVs [19] and optional intra-prediction modes [13]. Previously, we have already studied the combination of both non-zero quantified coefficients on CAVLC entropy coding and signs of MVs [37]. In the next sections, we would like to recall our previously conceived encryption methods and highlight the novelties we added. 4.1 Encryption of non-zero CAVLC entropy-coded residual coefficients In the work [24], non-zero quantified coefficients in the entropy coding module on CAVLC mode are encrypted. The encrypted coefficients are the trailing ones (T1s), where the encryption consists of changing its signs according to the random bit generated and the other non-zero coefficients called levels. To encode levels, seven VLC tables are used (VLC0, …, VLC6) in the H.264/AVC. The corresponding code of each coefficient is presented in one VLC table by a prefix and suffix. Only the suffix part is encrypted in this case. The VLC0 table coefficients are not affected by our algorithm because codes in this table have different lengths to avoid changing the CR. Although we do not consider the encryption of VLC0 table codewords, the CR is slightly changed. This is due to the fact that our encryption algorithm is run before the VLC table selection. So, the encoder takes in consideration the new encrypted coefficient value while updating the VLC table. That is why, the CR is changed. To overcome this drawback, the current work proposed to await for the VLC table selection and then run the encryption algorithm. 4.2 MVs signs encryption In [19], Khlif et al. proposed to encrypt the sign of the current MV of each MB. It is worth recalling that an H.264/AVC encoder sends to the corresponding decoder an Exp-Golomb codeword for a differential MV (MVd) calculated as below: where MVp is the predicted MV. This method hardly damages the sequence, but has an impact on the CR because changing the MV sign will change the MVd value and so the possibility of changing its codeword length. The remedy proposed in this paper was to encrypt the MVd sign instead of the MV one. 4.3 Optional intra-prediction modes encryption The scheme proposed in [13] focuses on the encryption of the optional intra-prediction modes. It encrypted exclusively the intra-prediction modes for the 8 × 8 chroma blocks. Our encryption algorithm was an arbitrary choice of alternating between two permutations according to the bit randomly generated for each optional mode. This choice caused a CR change while encryption. In the current paper, only similar codeword length modes are chosen for permutation so as to preserve the CR. 4.4 Current proposed method On the basis of the previous works [13, 37], we proposed to combine the three encryption methods together, taking into account all the already mentioned improvements to preserve the CR. The compression process as well as all the interventions of our encryption algorithm in our scheme are explained below. In a first step, the intra-prediction information as well as the inter-prediction were subject to a permutation according to each bit randomly generated from a PRBG. Richardson's document [38] describes the intra and inter-blocks coding method in the H.264/AVC. In fact, the intra and inter-prediction data are coded using Exp-Golomb codeword. To construct the Exp-Golomb codeword, the encoder converts the syntax element into an index code_num (1) (2)Each codeword is constructed as follows: where INFO is M-bit field carrying information. Each codeword is presented by (2M + 1) bits predefined in the standard. Indeed, for the intra-prediction, luma and chroma components are predicted according to an optional mode. The luma prediction uses 16 × 16 blocks with four optional modes or 4 × 4 blocks with nine optional modes. As for the chroma, it uses 8 × 8 blocks only with four optional modes. To keep the same CR, we had to permute the intra-prediction modes with the same code length. This means we only change the least significant bit (LSB) in the code. This is not the only option for the encryption of intra-prediction mode, as the whole suffix of the codeword also can be encrypted without changing its length. Table 1 gives more details about this method. This table shows that the plane mode of the luma intra 16 × 16 prediction remains intact. In fact, the used LETI H.264/AVC codec [39, 40], omits this mode since it has no impact on the visual quality, but presents an important algorithmic complexity. That is why; it is neglected [41]. Table 1. Intra-prediction modes encryption Prediction type Original optional modes Encrypted optional modes luma prediction 16 × 16 1: horizontal prediction 2: DC prediction 2: DC prediction 1: horizontal prediction luma prediction 4 × 4 1: horizontal prediction 2: DC prediction 2: DC prediction 1: horizontal prediction 3: diagonal down/left prediction 4: diagonal down/right prediction 4: diagonal down/right prediction 3: diagonal down/left prediction 5: vertical/right prediction 6: horizontal/down prediction 6: horizontal/down prediction 5: vertical/right prediction 7: vertical/left prediction 8: horizontal/up prediction 8: horizontal/up prediction 7: vertical/left prediction chroma prediction 8 × 8 1: horizontal prediction 2: vertical prediction 2: vertical prediction 1: horizontal prediction Like the intra-prediction mode, the Exp-Golomb code of inter-prediction information presented by MVd is permuted in such a way that only its sign is changed according to each random bit generated from PRBG. So, we will operate only on the LSB codeword since the MVd is a signed parameter. To encode the signed parameters, the encoder proceeds as follows. Let k be the signed value. k is mapped to code_num as follows: (3) (4)The value code num is converted to an Exp-Golomb binary codeword afterwards. In addition to the intra and inter-selected parameters to be encrypted, for each residual quantified coefficient, a number of random bits equal to the lengths suffix are generated. Hence, the XOR bitwise operation can be applied. The generated binary sequence is based on an irreversible chaotic function sensitive to the initial conditions. The latter defines the encryption key. We obtain the binary sequence by comparing each value generated to 1/2. For all the previous works [13, 19, 24, 37], using one binary sequence generated from a logistic chaotic map [32] as a dynamic key for all of the selected coefficients without renewal, threatens the security of our algorithm. That is why, we thought of making the sequence renewable to avoid using some binary parts from the generated sequence repetitively. In the current work and with no loss of generality, our encryption algorithm is based on PWLCM as chaos-based PRBG since it is fast, presents more uniformity in bit generation and is widely used to conceive a chaotic-based cryptographic system [33]. It is calculated according to the recurrent chaotic function, xn = F(xn−1), as follows: (5)where , the control parameter and . The encryption key is the pair (x0,p) with x0 the initialcondition. It should be noted that multiple chaotic systems, high-dimensionalchaotic systems, multiple iterations of chaotic systems and many othertechniques can be used to design the PRBG [31]. The proposed scheme uses two PWLCMs. The first is used as aleader to guide the encryption process, whereas the second is applied togenerate the random bits needed for encryption. Using two chaotic streamgenerators allows our scheme to have a dual encryption aspect. Fig. 3 presents the proposed video encryptionscheme inserted in the H.264/AVC. In fact, the first PWLCM, noted in Fig. 3 as PWLCM 0, generates one random bit foreach parameter subject of the encryption. If it is equal to one, the secondPWLCM, noted in Fig. 3 as PWLCM 1,generates just the needed number of random bits for encryption. Else, theencoder proceeds normally without encryption. For example, each MV orintra-prediction mode needed only 1 bit generated by PWLCM1. Whereas, eachnon-zero coefficient, other than the trailing ones, needed a number of bitsgenerated by PWLCM1 equal to its suffix length. In our work, the encoding andencryption processes were run simultaneously, i.e. the encoder proceeds normallyuntil it finds the parameters to be encrypted. This is when the encryptionalgorithm intervenes. Then, the encoder continues its process until the end ofdata to be compressed. For all the rest of this paper, we noted the PWLCM0 andPWLCM1 keys by (X00,p00) and (X01,p01), respectively. The same chaotic maps PWLCM0and PWLCM1 with the same keys are used in the decoder for the decryption. Likein the encoder, PWLCM0 generates one random bit for each parameter subject ofthe decryption. If it is equal to one, PWLCM1 generates the needed number ofrandom bits for decryption. Else, the decoder proceeds normally withoutdecryption. It is the same process carried out in the encoder. This means thatthe decryption and decoding alternate until the construction of the decryptedsequence. When the decryption algorithm is excluded or used with wrong keys, thedecoder proceeds normally to construct an encrypted sequence, the needed numberof random bits for decryption. Else, the decoder proceeds normally withoutdecryption. It is the same process carried out in the encoder. This means thatthe decryption and decoding alternate until the construction of the decryptedsequence. When the decryption algorithm is excluded or used with wrong keys, thedecoder proceeds normally to construct an encrypted sequence. Fig. 3Open in figure viewerPowerPoint Proposed video encryption scheme inserted in theH.264/AVC 5 Experimental results About 100 frames of common intermediate format (.cif) sequences (Akiyo, Container, Foreman and News) with a size of 352 × 288 are used to test our algorithm. The reference video clips are chosen in order to learn about our encryption algorithm on static sequences having little motion (Akiyo, News) and on dynamic ones (Foreman and Container). However, our scheme is dedicated for video conferencing applications which do not contain a lot of motion. The LETI H.264/AVC [39, 40], run on baseline profile, is the considered codec. Our tests were carried out on different group of picture (GOP) sizes. We developed our algorithm using the C language (Visual Studio 2010). For all the tests we used the keys (X00, p00) and (X01, p01) defined as follows: We choose to test our scheme with p00 equal to p01 to just simplify the work. Thereby, the key size is 147 bits. It can reach 194 bits while using two different values of p00 and p01. 5.1 Format compliance and compression efficiency All the selected parameters to be encrypted were well studied, so as to preserve the general bitstream format allowing the decoding process of the encrypted bitstream to run without any problem to obtain the encrypted video. Therefore, our scheme preserves the format compliance. The bitstream length can be preserved when a simple permutation is applied to encrypt inter or intra-predictions or when an XOR is used to encrypt whether the suffix leve
Referência(s)