Elsevier

Signal Processing

Volume 118, January 2016, Pages 203-210
Signal Processing

Cracking a hierarchical chaotic image encryption algorithm based on permutation

https://doi.org/10.1016/j.sigpro.2015.07.008Get rights and content

Highlights

  • Security performance of an encryption algorithm called HCIE is analyzed in detail.

  • Hierarchical permutation-only encryption schemes are less secure than normal ones.

  • Security of HCIE against ciphertext-only attack was reported being overestimated.

Abstract

In year 2000, an efficient hierarchical chaotic image encryption (HCIE) algorithm was proposed, which divides a plain-image of size M×N with T possible value levels into K blocks of the same size and then operates position permutation on two levels: intra-block and inter-block. As a typical position permutation-only encryption algorithm, it has received intensive attention. The present paper analyzes specific security performance of HCIE against ciphertext-only attack and known/chosen-plaintext attack. It is found that only O(logT(M·N/K)) known/chosen plain-images are sufficient to achieve a good performance, and the computational complexity is O(M·N·logT(M·N/K)), which effectively demonstrates that hierarchical permutation-only image encryption algorithms are less secure than normal (i.e., non-hierarchical) ones. Detailed experiment results are given to verify the feasibility of the known-plaintext attack. In addition, it is pointed out that the security of HCIE against ciphertext-only attack was much overestimated.

Introduction

With the increasing transmission speeds of wired/wireless networks and popularization of image capturing devices and cloud storage services, image data are transmitted over open networks more and more frequently. This makes security of image data become more and more important. The public concern of it becomes serious as news about the illegal online leak of personal photos of some celebrities was released. As a chaotic system owns some similar properties as that of modern encryption schemes, it has been intensively studied as an alternative approach for designing secure and efficient encryption schemes [1], [2], [3]. The main idea and principle of applying chaos theory to protecting images can be traced back to 1986 [4], which demonstrates the stretching effect of a chaotic map on a painting of Henri Poincaré, a founder of modern chaos theory.

The simplest and most efficient method for protecting multimedia data is permuting the positions of their spatial pixels [5] or frequency coefficients [6]. In the literature, some synonyms of permutation, transposition, shuffle, scramble [6], swap and shift, are used. Security scrutiny on some specific permutation-only encryption algorithms against known/chosen-plaintext attacks were previously developed [7], [8]. In [9], a ciphertext-only attack on a specially simple permutation-only encryption algorithm was proposed utilizing correlation redundancy remaining in the cipher-image. No matter how the permutation relationships are generated and what the permutation object is, any permutation-only encryption algorithm can always be represented by a permutation relationship matrix, whose entry stores the corresponding permuted location in the cipher-text [10]. The security of permutation-only encryption algorithm relies on its real permutation domain, in which any element in the permutation object can be permuted independently. As for a permutation domain of size M×N with T possible value levels, it is estimated that the required number of known/chosen-plaintexts for an efficient plaintext attack is O(logT(M·N)), where x denotes the ceiling function. An upper bound of the attack complexity is also derived therein to be O(n·(M·N)2), where n is the number of known/chosen plain-images [10]. In [11], the computational complexity of the attack is further reduced to O(n·(M·N)) by replacing the set intersection operations of quadratic complexity with linear element access operations. Even so, all kinds of permutation operations are still being used in multimedia protection today [12], [13], [14], [15].

In [16], a typical example of permutation-only image encryption algorithms, called HCIE (Hierarchical Chaotic Image Encryption), was proposed. Although security performance of general permutation-only image encryption algorithms against plaintext attack has been quantitatively analyzed, specific security performance of HCIE is still not evaluated. The core of HCIE is a permutation function composed of rotation operations of four directions, originates from an intellectual toy, Rubik׳s Cube [17]. In [16], the authors claimed about the security property of HCIE as follows: “By way of collecting some original images and their encryption results or collecting some specified images and their corresponding encryption results, it is still difficult for the cryptanalysts to decrypt an encrypted image correctly because the permutation relationship is different for each image.” In this paper, we will demonstrate that the claim on the robustness of HCIE against known/chosen-plaintext attack is groundless. Further more, we find that the hierarchical encryption structure suggested in HCIE does not provide any higher security against known/chosen-plaintext attack, but actually make the overall security performance even weaker. In addition, we find that the capability of HCIE against ciphertext-only attack was much over-estimated.

The rest of this paper is organized as follows. The algorithm HCIE is briefly introduced in Section 2. Detailed cryptanalysis on HCIE is provided in Section 3, with some experimental results. The last section concludes the paper.

Section snippets

The hierarchical chaotic image encryption algorithm (HCIE)

HCIE is a two-level hierarchical permutation-only image encryption algorithm, in which all involved permutation relationships are defined by pseudo-random combinations of four rotation mappings with pseudo-random parameters. For an image, f=[f(i,j)]M×N, the four mapping operations are described as follows, where p<min(M,N) holds for each mapping.

Definition 1

The mapping f=ROLRbi,p(f) (0iM1) is defined to rotate the i-th row of f, in the left (when b=0) or right (when b=1) direction, by p pixels.

Definition 2

The

The ciphertext-only attack on HCIE

In [16], it was claimed that the complexity of brute-force attacks to HCIE is O(2Lb), since there are Lb=(1+MSM·NSN)·(3SM+3SN2)·no secret chaotic bits in {b(i)}i=0Lb1 that are unknown to the attackers. However, this statement is not true due to the following fact: the Lb bits are uniquely determined by the secret key, i.e., the initial condition x(0) and the control parameter μ, which have only 2L secret bits. This means that there are only 22L different chaotic bit sequences.

Now, let us

Conclusion

Specific security performance of a typical permutation-only encryption algorithm, called HCIE, against ciphertext-only attack and known/chosen-plaintext attacks has been studied in detail. It is found that the capability of HCIE against the former attack was over-estimated much and hierarchical permutation-only image encryption algorithms such as HCIE are less secure than normal permutation-only ones without using hierarchical encryption structures. This work effectively demonstrates that the

Acknowledgments

This research was supported by the Distinguished Young Scholar Program of the Hunan Provincial Natural Science Foundation of China (No. 2015JJ1013), and Scientific Research Fund of Hunan Provincial Education Department (15A186). Some parts of Section 3 were completed with the help of Dr. Shujun Li, from Surrey University, UK.

References (26)

  • Y. Matias, A. Shamir, A video scrambling technique based on space filling curve (extended abstract), in: Advances in...
  • W. Zeng et al.

    Efficient frequency domain selective scrambling of digital video

    IEEE Trans. Multimed.

    (2003)
  • J.-K. Jan et al.

    On the security of image encryption method

    Inf. Process. Lett.

    (1996)
  • Cited by (169)

    • High-efficiency medical image encryption method based on 2D Logistic-Gaussian hyperchaotic map

      2023, Applied Mathematics and Computation
      Citation Excerpt :

      Properties of chaotic systems such as highly sensitive to initial conditions and long-term unpredictable iterative trajectories [5,6], which are similar in many ways to the requirements of cryptography [7,8], therefore encryption schemes based on chaos theory have stimulated the interest in the majority of researchers. In the meantime, various attacks and noise disturbance methods have emerged to test the confidentiality of algorithms in facing increasing requirements for security [25–27]. Although some progress has been made in the design of encryption algorithms, some algorithms still have weaknesses with the development of code-breaking techniques [28,29], making it worthwhile to explore a more secure and efficient encryption scheme.

    View all citing articles on Scopus
    View full text