Search

KR-102963162-B1 - DISTRIBUTED STORAGE CCTV VIDEO SECURITY SYSTEM BASED ON QUANTUM-RESISTANT ENCRYPTION AND ITS OPERATION METHOD

KR102963162B1KR 102963162 B1KR102963162 B1KR 102963162B1KR-102963162-B1

Abstract

A quantum-resistant encryption-based CCTV video security device may include: an encryption module that collects CCTV video data and encrypts the collected CCTV video data using a quantum-resistant encryption method; a distributed storage module that divides the encrypted CCTV video into blocks and stores them in a distributed file system (such as IPFS) or multiple storage nodes; a fragment recombination and decryption module that, when a request from a legitimate user is confirmed, collects K or more blocks to recombine the original video and decrypts it using a registered PQC-based key; and an access control and audit module that verifies the accessor's authority upon a request to view the video and records the viewing log on a blockchain to enable tamper-proof tracking.

Inventors

  • 한성욱

Assignees

  • 주식회사 아이티유

Dates

Publication Date
20260511
Application Date
20250728

Claims (8)

  1. In a quantum-resistant encryption-based CCTV video security device, An encryption module that collects CCTV video data and encrypts the collected CCTV video data using a quantum-resistant encryption method; A distributed storage module that divides encrypted CCTV footage into blocks and stores it in a distributed file system (IPFS, etc.) or across multiple storage nodes; A fragment recombination and decryption module that, upon confirmation of a legitimate user's request, collects K or more blocks, recombines the original image, and decrypts it using a registered PQC-based key; Includes an access control and audit module that verifies the accessor's authority upon a video viewing request and records viewing logs on the blockchain, and The above distributed storage module is Encrypted CCTV footage is divided into multiple blocks, and each block is stored in multiple distributed storage nodes or distributed file systems. Each of the above blocks is stored with metadata and configured to enable identification of the block order upon recombination, and The above fragment recombination and decoding module is The key for decryption is divided into N key fragments and stored in each node, and When a decryption request occurs and the digital signature of a legitimate user is verified, each storage node holding the key fragment of the requested image performs a signature exchange protocol to mutually verify each other's integrity and trust, and Before providing its own key fragment, each of the above nodes determines whether it is a legitimate cooperative decryption request by referring to the response signature of other nodes, previous decryption history recorded on the blockchain, and the access history of the requester, etc., and Apply time-based validity conditions to decryption key fragments, and perform decryption using only key fragments that satisfy the conditions, and Upon receiving a user's request for viewing, and if legitimacy is verified through digital signatures, etc., a request for decryption key fragments is sent to each storage node, and only fragments satisfying specific conditions are received, The above specific conditions are at least one of the following: the current time exists within the valid time range of each key fragment, the integrity hash verification for the fragment is successful, and the view requester ID satisfies the access conditions set on the key fragment. CCTV video security device.
  2. In paragraph 1, the encryption module is The CCTV video is encrypted using a symmetric key generated according to a quantum-resistant cryptographic method, and the symmetric key is generated using a Lattice-based public-key cryptographic method. CCTV video security device.
  3. delete
  4. In claim 1, the fragment recombination and decoding module is If K or more blocks are secured, the blocks are combined to restore the original CCTV video, and decryption is performed only on legitimate users authenticated based on a quantum-resistant public key. CCTV video security device.
  5. In paragraph 1, The authentication of the aforementioned legitimate user is based on the user's digital signature, and The above decryption is performed only when the above digital signature verification is successful, and The above viewing request and decryption history is recorded on the blockchain, CCTV video security device.
  6. In claim 4, the fragment recombination and decoding module is It includes decryption key fragments corresponding to each of a plurality of distributed storage nodes, and The entire decryption key is generated by combining decryption key fragments obtained from each node, and Decoding of CCTV footage only when the above decoding key is complete, CCTV video security device.
  7. In claim 5, the fragment recombination and decoding module is Decryption key fragments reside in each storage node or are dynamically provided from each node upon a user's access request, and the full decryption key is restored only when a preset minimum number of combinations (M out of N) is satisfied, CCTV video security device.
  8. In paragraph 7, the above decryption key fragment is It is dynamically selected based on the node's reliability, degree of geographical distribution, or block integrity verification results, and The decryption key generation path is recorded in a blockchain-based logging system, CCTV video security device.

Description

Distributed Storage CCTV Video Security System Based on Quantum-Resistant Encryption and Its Operation Method The present disclosure relates to CCTV video security technology, and more specifically, to a CCTV video security system and a method of operation thereof that securely encrypts CCTV video using Post-Quantum Cryptography and prevents data leakage and improves security and availability by storing the encrypted data in distributed storage nodes. Unless otherwise indicated in this specification, the contents described in this section are not prior art for the claims of this application, and are not to be recognized as prior art simply because they are included in this section. Closed-Circuit Television (CCTV) is widely used in various environments for purposes such as public safety, crime prevention, and facility surveillance. These CCTV systems include real-time video data collection and storage capabilities, and the stored footage is utilized for retrospective viewing or analysis. Recently, the volume of video data has increased due to the proliferation of network-based IP cameras and cloud storage systems, making the demand for video security increasingly critical. Conventional CCTV security systems have primarily utilized methods such as encrypting stored video data or protecting it through secure channels like TLS during network transmission. While these methods provide a sufficient level of security in general computing environments, the advancement of quantum computing technology is increasing the vulnerability of existing public-key-based encryption algorithms (such as RSA and ECC) to decryption. Consequently, there is a need to introduce a new security framework based on Post-Quantum Cryptography (PQC). Furthermore, the existing structure of centrally storing CCTV video data on a central server is vulnerable to risks such as Single Point of Failure and large-scale data leakage. To address this, distributed storage technologies utilizing distributed file systems or multiple storage nodes have been proposed; however, these technologies harbor several issues during the partitioning and decryption processes of encrypted data. Specifically, if the key required to decrypt distributed video data is concentrated in a single administrator or authentication system, the theft or tampering of that key severely degrades the security of the entire system. Additionally, in a distributed environment, it is difficult to consistently perform access control and user verification at the level of each node or storage, resulting in a lack of systematic measures to prevent unauthorized viewing or bypassing decryption. Furthermore, most distributed storage systems are implemented by simply merging and decrypting encrypted data fragments, and the security of the decryption process is not sufficiently ensured due to the absence of customized decryption logic that considers storage locations or node-specific characteristics. Accordingly, there is a need for a new system capable of ensuring the confidentiality, integrity, and availability of video security by introducing secure key management technology based on quantum-resistant encryption and a fragment-unit decryption method suitable for distributed storage structures. FIG. 1 is a diagram showing a distributed storage type CCTV video security system based on quantum-resistant encryption according to an embodiment. FIG. 2 is a block diagram of a CCTV video security device according to an embodiment. FIG. 3 is a diagram showing the configuration of an instruction set stored in memory according to an embodiment. Figure 4 is a diagram illustrating a quantum-resistant encryption-based CCTV video security process according to an embodiment. Hereinafter, various embodiments of the present disclosure are described in conjunction with the accompanying drawings. As various embodiments of the present disclosure may be subject to various modifications and may have various forms, specific embodiments are illustrated in the drawings and described in detail. However, this is not intended to limit the various embodiments of the present disclosure to specific forms, and it should be understood that they include all modifications and/or equivalents and substitutions that fall within the spirit and scope of the various embodiments of the present disclosure. In relation to the description of the drawings, similar reference numerals have been used for similar components. In various embodiments of the present disclosure, terms such as “comprising” or “having” are intended to indicate the existence of the features, numbers, steps, actions, components, parts, or combinations thereof described in the specification, and should be understood as not precluding the existence or addition of one or more other features, numbers, steps, actions, components, parts, or combinations thereof. In various embodiments of the present disclosure, expressions such as “or” include any and all combinations of th