Cryptanalyzing a chaos-based image encryption algorithm using alternate structure
Highlights
► Some properties of a chaos-based image encryption algorithm with an alternate structure (IEAS) were explored to support cryptographic attacks. ► Detailed procedures for cryptanalyzing IEAS with a lower round number are presented, which can be extended to the case of higher round numbers. ► Some other security defects of IEAS, including insufficient size of key space, are pointed out.
Introduction
The security of multimedia data such as images and videos is considered more and more important as the transmission of this type of data becomes more and more frequently via the internet. However, the differences between this type of data and texts, such as bulk data size and high redundancy among neighboring raw pixels, make most traditional encryption algorithms like DES (Data Encryption Standard) ineffective for multimedia data. In addition, multimedia encryption has other special requirements, for example fast encryption and easy cascading with other functional blocks in the system. Therefore, designing specific multimedia encryption algorithm is a desirable but challenging task.
Chaos theory was developed in depth in the 1960s. The most essential characteristic of chaos is the so-called “butterfly effect”, i.e., states of a chaotic system are very sensitive to the changes of its initial conditions and control parameters. This characteristic is similar to the confusion and diffusion properties of a cryptosystem used for measuring sensitivity of encryption results with respect to changes of the secret key and the plaintext. The subtle similarity inspired researchers to design various secure encryption algorithms by combining chaos and cryptography.
Roughly speaking, the role of chaos in designing digital encryption schemes can be categorized into the following three classes:
- •
creating position permutation matrices (Fridrich, 1998, Chen et al., 2004, Wang et al., 2005, Solak et al., 2010, Li and Lo, 2011);
- •
generating a pseudo-random bit sequence, which is then used to control combination and composition of some basic arithmetical operations like modulo addition and exclusive OR operation (Li and Zheng, 2002, Yi et al., 2002, Li et al., 2008, Li et al., 2009, Li et al., 2010, Rhouma and Belghith, 2008, Alvarez and Li, 2009, Yoon et al., 2011);
- •
producing ciphertext directly when the element values of the plaintext are converted to initial conditions and control parameters of a chaotic map (Pisarchik et al., 2006, Arroyo et al., 2008, Solak and Cokal, 2011).
In Zhang et al. (2007), a new image encryption algorithm with an alternate structure (IEAS) based on the generalized cat map and OCML (One-way Coupled Map Lattice) was proposed, where the two maps are used for realizing position permutation/diffusion and value substitution, respectively. Essentially, the structure of IEAS belongs to a Feistel network, i.e., an iterative block cipher where the output of the current round is determined by that of the previous one. This paper focuses on the security analysis of IEAS. It is found that, when the integer parameter is even, some properties of IEAS favor a differential attack which can recover an equivalent secret key with a small number of chosen plain-images. The procedure of the differential attack is presented in detail when the round number of IEAS is less than or equal to four. In addition, the cryptanalysis finds some other security defects of IEAS, like insensitivity with respect to changes of plain-images and an insufficient key space.
The rest of this paper is organized as follows. The next section introduces the image encryption algorithm under investigation, i.e., IEAS. Section 3 presents a comprehensive cryptanalysis on the algorithm with some experimental results demonstrated. The last section concludes the paper.
Section snippets
The image encryption algorithm IEAS
A plain-image encrypted by IEAS is a gray-scale image of size N × 2N (height × width), which can be denoted by an N × 2N matrix in domain . The plain-image is first divided into two parts of the same size: and . The corresponding cipher-image is also composed of two parts: and . With these notations, the encryption algorithm IEAS (Zhang et al., 2007) can be described as follows.1
Differential cryptanalysis
The goal of differential cryptanalysis is to obtain information of the (equivalent) secret key of an encryption algorithm by observing how differences in a plain-image can affect the cipher-image. Generally, the difference is defined with respect to the exclusive or (XOR) operation. In the following, some properties of IEAS are first introduced, which form the basis of differential attack on IEAS at different rounds.
Some other security defects of IEAS
To make the present cryptanalysis on IEAS more complete, some other security defects of IEAS are revealed in this section.
- •
The key space of IEAS is not big enough
In Zhang et al. (2007, Section 4), it is claimed that the key space of IEAS is 232(T+2) since PRNS has 32(T + 2) bits. However, this it not true since is generated by the logistic map with initial condition K0, which has only n0 unknown bits, where n0 is the precision of computation. In fact, using permutation
Conclusion
The security of the IEAS image encryption algorithm have been investigated comprehensively. Some properties of this algorithm are derived, which lead to an effective differential attack on it when the key parameter is even. Detailed procedures for breaking IEAS, when the round number is less than five and an important integer parameter is even, are presented. The proposed differential attack may be still effective when the round number is not very large. In addition, it is found that key space
Acknowledgements
This research was supported by the National Natural Science Foundation of China (No. 61100216), Changjiang Scholars and Innovative Research Team in University of China (No. IRT1179), Scientific Research Fund of Hunan Provincial Education Department (Nos. 11B124, 2011FJ2011), and Start-up Fund of Xiangtan University (Nos. 10QDZ39, 10QDZ40).
Leo Yu Zhang was born in Xiangxiang, Hunan, China. He received his B.S. degree in Information and Computing Science from Xiangtan University in 2009. Now, he is pursuing his M.S. degree in Computational Mathematics in the same school. His current research interest is cryptanalysis of digital chaotic cipher.
References (22)
- et al.
A symmetric image encryption scheme based on 3D chaotic cat maps
Chaos, Solitons & Fractals
(2004) - et al.
On the security of 3D cat map based symmetric image encryption scheme
Physics Letters A
(2005) - et al.
Optimal quantitative cryptanalysis of permutation-only multimedia ciphers against plaintext attacks
Signal Processing
(2011) - et al.
Cryptanalysis of RCES/RSES image encryption scheme
Journal of Systems and Software
(2008) - et al.
Cryptanalysis of a spatiotemporal chaotic image/video cryptosystem
Physics Letters A
(2008) - et al.
Cryptanalyzing a nonlinear chaotic algorithm (NCA) for image encryption
Communications in Nonlinear Science and Numerical Simulation
(2009) - et al.
On the security defects of an image encryption scheme
Image and Vision Computing
(2009) - et al.
A differential cryptanalysis of Yen-Chen-Wu multimedia cryptography system
Journal of Systems and Software
(2010) - et al.
Algebraic break of image ciphers based on discretized chaotic map lattices
Information Sciences
(2011) Symmetric ciphers based on two-dimensional chaotic maps
International Journal of Bifurcation and Chaos
(1998)
Cryptanalysis of Fridrich's chaotic image encryption
International Journal of Bifurcation and Chaos
Cited by (62)
A new cryptographic algorithm via a two-dimensional chaotic map
2022, Ain Shams Engineering JournalAn image encryption algorithm based on the LSCMM chaotic map and bidirectional dynamic diffusion
2024, Multimedia Tools and ApplicationsAn image encryption scheme based on elementary and life-liked cellular automatons
2023, Physica Scripta
Leo Yu Zhang was born in Xiangxiang, Hunan, China. He received his B.S. degree in Information and Computing Science from Xiangtan University in 2009. Now, he is pursuing his M.S. degree in Computational Mathematics in the same school. His current research interest is cryptanalysis of digital chaotic cipher.
Chengqing Li was born in Xiangxiang, Hunan, China. He received his M.Sc. degree in Applied Mathematics from Zhejiang University, China in 2005 and his Ph.D. degree in Electronic Engineering from City University of Hong Kong in 2008. Thereafter, he had been working as a Postdoctoral Fellow at the Hong Kong Polytechnic University. Since September 2010, he has joined the College of Information Engineering, Xiangtan University, China as an Associate Professor, where he received his Bachelor degree in Mathematics and Applied Mathematics. Dr Li focuses on security analysis of encryption schemes and published thirty papers on the topic in the past nine years.
Kwok-Wo Wong graduated with a B.Sc. (EE) degree from The Chinese University of Hong Kong and a Ph.D. degree from City University of Hong Kong. Currently, he is an Associate Professor in Department of Electronic Engineering, City University of Hong Kong. His research interests focus on the application of chaos and nonlinear systems for source coding and cryptography. He is an Associate Editor of International Journal of Bifurcation and Chaos (IJBC), an Editor of The HKIE Transactions, and Mathematical Problems in Engineering, respectively.
Shi Shu received the B.Sc. degree in Applied Mathematics from Huaqiao University, Quanzhou, China in 1983. Then, he obtained his M.Sc. degree and Ph.D. degree both in Computational Mathematics from Xiangtan University, China in 1986 and 2004, respectively. Currently, he is a Professor and the Dean of the School of Mathematics and Computational Science, Xiangtan University, China.
Guanrong Chen received the M.Sc. degree in Computer Science from Zhongshan University, Guangzhou, China in 1981 and the Ph.D. degree in Applied Mathematics from Texas A&M University, College Station, USA in 1987. Currently he is a Chair Professor and the Founding Director of the Centre for Chaos and Complex Networks at the City University of Hong Kong, prior to which he was a tenured Full Professor in the University of Houston, Texas, USA.