Elsevier

Journal of Systems and Software

Volume 85, Issue 9, September 2012, Pages 2077-2085
Journal of Systems and Software

Cryptanalyzing a chaos-based image encryption algorithm using alternate structure

https://doi.org/10.1016/j.jss.2012.04.002Get rights and content

Abstract

Recently, a chaos-based image encryption algorithm with an alternate structure (IEAS) was proposed. This paper applies the differential cryptanalysis on the IEAS and finds that some of its properties favor the differential attack which can recover an equivalent secret key with only a few number of chosen plain-images. Detailed procedures for cryptanalyzing IEAS with a lower round number are presented. Both theoretical analysis and experimental results are provided to show the vulnerability of IEAS against differential attack. In addition, some other security defects of IEAS, including insensitivity with respect to changes of plain-images and insufficient size of the key space, are also pointed out and verified.

Highlights

► Some properties of a chaos-based image encryption algorithm with an alternate structure (IEAS) were explored to support cryptographic attacks. ► Detailed procedures for cryptanalyzing IEAS with a lower round number are presented, which can be extended to the case of higher round numbers. ► Some other security defects of IEAS, including insufficient size of key space, are pointed out.

Introduction

The security of multimedia data such as images and videos is considered more and more important as the transmission of this type of data becomes more and more frequently via the internet. However, the differences between this type of data and texts, such as bulk data size and high redundancy among neighboring raw pixels, make most traditional encryption algorithms like DES (Data Encryption Standard) ineffective for multimedia data. In addition, multimedia encryption has other special requirements, for example fast encryption and easy cascading with other functional blocks in the system. Therefore, designing specific multimedia encryption algorithm is a desirable but challenging task.

Chaos theory was developed in depth in the 1960s. The most essential characteristic of chaos is the so-called “butterfly effect”, i.e., states of a chaotic system are very sensitive to the changes of its initial conditions and control parameters. This characteristic is similar to the confusion and diffusion properties of a cryptosystem used for measuring sensitivity of encryption results with respect to changes of the secret key and the plaintext. The subtle similarity inspired researchers to design various secure encryption algorithms by combining chaos and cryptography.

Roughly speaking, the role of chaos in designing digital encryption schemes can be categorized into the following three classes:

  • creating position permutation matrices (Fridrich, 1998, Chen et al., 2004, Wang et al., 2005, Solak et al., 2010, Li and Lo, 2011);

  • generating a pseudo-random bit sequence, which is then used to control combination and composition of some basic arithmetical operations like modulo addition and exclusive OR operation (Li and Zheng, 2002, Yi et al., 2002, Li et al., 2008, Li et al., 2009, Li et al., 2010, Rhouma and Belghith, 2008, Alvarez and Li, 2009, Yoon et al., 2011);

  • producing ciphertext directly when the element values of the plaintext are converted to initial conditions and control parameters of a chaotic map (Pisarchik et al., 2006, Arroyo et al., 2008, Solak and Cokal, 2011).

Meanwhile, some research work show that security of chaos-based cryptography is questionable (Li et al., 2004, Masuda et al., 2006, Alvarez and Li, 2006, Zhou and Au, 2011) and that some specific properties of chaotic system can be used to support the corresponding attack (Chen et al., 2012). Due to the simple syntax of uncompressed image and easy extension of image encryption schemes for other multimedia data, a great number of chaos-based encryption schemes consider image data as the encryption object. In the past decade, hundreds of chaos-based image encryption schemes have been proposed, the most famous schemes are the ones proposed in Fridrich (1998) and Chen et al. (2004).

In Zhang et al. (2007), a new image encryption algorithm with an alternate structure (IEAS) based on the generalized cat map and OCML (One-way Coupled Map Lattice) was proposed, where the two maps are used for realizing position permutation/diffusion and value substitution, respectively. Essentially, the structure of IEAS belongs to a Feistel network, i.e., an iterative block cipher where the output of the current round is determined by that of the previous one. This paper focuses on the security analysis of IEAS. It is found that, when the integer parameter is even, some properties of IEAS favor a differential attack which can recover an equivalent secret key with a small number of chosen plain-images. The procedure of the differential attack is presented in detail when the round number of IEAS is less than or equal to four. In addition, the cryptanalysis finds some other security defects of IEAS, like insensitivity with respect to changes of plain-images and an insufficient key space.

The rest of this paper is organized as follows. The next section introduces the image encryption algorithm under investigation, i.e., IEAS. Section 3 presents a comprehensive cryptanalysis on the algorithm with some experimental results demonstrated. The last section concludes the paper.

Section snippets

The image encryption algorithm IEAS

A plain-image encrypted by IEAS is a gray-scale image of size N × 2N (height × width), which can be denoted by an N × 2N matrix in domain 256. The plain-image is first divided into two parts of the same size: L=[L(i,j)]i=0,j=0N1,N1 and R=[R(i,j)]i=0,j=0N1,N1. The corresponding cipher-image is also composed of two parts: l=[l(i,j)]i=0,j=0N1,N1 and r=[r(i,j)]i=0,j=0N1,N1. With these notations, the encryption algorithm IEAS (Zhang et al., 2007) can be described as follows.1

Differential cryptanalysis

The goal of differential cryptanalysis is to obtain information of the (equivalent) secret key of an encryption algorithm by observing how differences in a plain-image can affect the cipher-image. Generally, the difference is defined with respect to the exclusive or (XOR) operation. In the following, some properties of IEAS are first introduced, which form the basis of differential attack on IEAS at different rounds.

Some other security defects of IEAS

To make the present cryptanalysis on IEAS more complete, some other security defects of IEAS are revealed in this section.

  • The key space of IEAS is not big enough

In Zhang et al. (2007, Section 4), it is claimed that the key space of IEAS is 232(T+2) since PRNS {Kl}l=0T+1 has 32(T + 2) bits. However, this it not true since {Kl}l=0T+1 is generated by the logistic map with initial condition K0, which has only n0 unknown bits, where n0 is the precision of computation. In fact, using permutation

Conclusion

The security of the IEAS image encryption algorithm have been investigated comprehensively. Some properties of this algorithm are derived, which lead to an effective differential attack on it when the key parameter is even. Detailed procedures for breaking IEAS, when the round number is less than five and an important integer parameter is even, are presented. The proposed differential attack may be still effective when the round number is not very large. In addition, it is found that key space

Acknowledgements

This research was supported by the National Natural Science Foundation of China (No. 61100216), Changjiang Scholars and Innovative Research Team in University of China (No. IRT1179), Scientific Research Fund of Hunan Provincial Education Department (Nos. 11B124, 2011FJ2011), and Start-up Fund of Xiangtan University (Nos. 10QDZ39, 10QDZ40).

Leo Yu Zhang was born in Xiangxiang, Hunan, China. He received his B.S. degree in Information and Computing Science from Xiangtan University in 2009. Now, he is pursuing his M.S. degree in Computational Mathematics in the same school. His current research interest is cryptanalysis of digital chaotic cipher.

References (22)

  • E. Solak et al.

    Cryptanalysis of Fridrich's chaotic image encryption

    International Journal of Bifurcation and Chaos

    (2010)

    • Cited by (62)

    • Secure communication through reliable S-box design: A proposed approach using coset graphs and matrix operations

      2023, Heliyon

    • A new cryptographic algorithm via a two-dimensional chaotic map

      2022, Ain Shams Engineering Journal

    • Visually meaningful encryption for color images by using Qi hyper-chaotic system and singular value decomposition in YCbCr color space

      2020, Optik

    • A versatile chaotic cryptosystem with a novel substitution-permutation scheme for internet-of-drones photography

      2024, Nonlinear Dynamics

    • An image encryption algorithm based on the LSCMM chaotic map and bidirectional dynamic diffusion

      2024, Multimedia Tools and Applications

    • An image encryption scheme based on elementary and life-liked cellular automatons

      2023, Physica Scripta
    View all citing articles on Scopus

    Leo Yu Zhang was born in Xiangxiang, Hunan, China. He received his B.S. degree in Information and Computing Science from Xiangtan University in 2009. Now, he is pursuing his M.S. degree in Computational Mathematics in the same school. His current research interest is cryptanalysis of digital chaotic cipher.

    Chengqing Li was born in Xiangxiang, Hunan, China. He received his M.Sc. degree in Applied Mathematics from Zhejiang University, China in 2005 and his Ph.D. degree in Electronic Engineering from City University of Hong Kong in 2008. Thereafter, he had been working as a Postdoctoral Fellow at the Hong Kong Polytechnic University. Since September 2010, he has joined the College of Information Engineering, Xiangtan University, China as an Associate Professor, where he received his Bachelor degree in Mathematics and Applied Mathematics. Dr Li focuses on security analysis of encryption schemes and published thirty papers on the topic in the past nine years.

    Kwok-Wo Wong graduated with a B.Sc. (EE) degree from The Chinese University of Hong Kong and a Ph.D. degree from City University of Hong Kong. Currently, he is an Associate Professor in Department of Electronic Engineering, City University of Hong Kong. His research interests focus on the application of chaos and nonlinear systems for source coding and cryptography. He is an Associate Editor of International Journal of Bifurcation and Chaos (IJBC), an Editor of The HKIE Transactions, and Mathematical Problems in Engineering, respectively.

    Shi Shu received the B.Sc. degree in Applied Mathematics from Huaqiao University, Quanzhou, China in 1983. Then, he obtained his M.Sc. degree and Ph.D. degree both in Computational Mathematics from Xiangtan University, China in 1986 and 2004, respectively. Currently, he is a Professor and the Dean of the School of Mathematics and Computational Science, Xiangtan University, China.

    Guanrong Chen received the M.Sc. degree in Computer Science from Zhongshan University, Guangzhou, China in 1981 and the Ph.D. degree in Applied Mathematics from Texas A&M University, College Station, USA in 1987. Currently he is a Chair Professor and the Founding Director of the Centre for Chaos and Complex Networks at the City University of Hong Kong, prior to which he was a tenured Full Professor in the University of Houston, Texas, USA.

    View full text
    Copyright © 2012 Elsevier Inc. Published by Elsevier Inc. All rights reserved.