Can One Plain Image Break an Entire Encryption Algorithm?

Table of Links

Abstract and 1. Introduction

2. Description of two analyzed image encryption algorithms

3. Cryptanalysis of IEATD

4. Cryptanalysis of IEACD

5. Conclusion, Acknowledgements, and References

Abstract

Security is a key problem for the transmission, interchange and storage process of multimedia systems and applications. In 2018, M. Li et al. proposed in-depth security analysis on an image encryption algorithm based on a first-order time-delay system (IEATD) and gave a specific chosen-plaintext attack on it. Moreover, an enhanced version called as IEACD was designed to fix the reported security defects. This paper analyzes the essential structures of the two algorithms and evaluates their real security performances: 1) no efficient nonlinear operations are adopted to assure the sensibility of keystream; 2) the equivalent secret key of IEATD can be efficiently recovered from one known plain-image and the corresponding cipherimage; 3) IEACD can still be efficiently cracked with a chosen-plaintext attack. Both rigorous theoretical analyses and detailed experimental results are provided to demonstrate effectiveness of the advanced cryptanalytic methods.

1. Introduction

Social media not only drive product discovery and purchase, but also incur serious concern on the security and privacy of the images shared by the Internet users. Due to the special properties of multimedia information, the modern text encryption standards, such as AES and Triple DES, cannot efficiently protect them in general. To cope with the challenge, a number of special image encryption algorithms, e.g. joint encryption and compression together, were proposed every year [1, 2, 3]. It is well known that cryptography (designing encryption algorithm) and cryptanalysis (security analysis of a given encryption algorithm) are two integral parts of cryptology. The cryptanalysis results facilitate the designers strengthen or replace flawed algorithms. Cryptanalysis of a given image encryption scheme also provides a special perspective for promoting some multimedia processing techniques, e.g. image recovery. Some image encryption algorithms like that proposed in [4, 2] are found to be insecure to different extents from the viewpoint of modern cryptology [5, 6, 7, 8].

The complex dynamics of a chaotic system demonstrated in an infinite-precision domain is very similar to the expected properties of a secure encryption scheme outlined ∗Corresponding author. Email address: [email protected] (Chengqing Li) by Shannon in [9]. So, a large number of chaos-based encryption schemes were proposed in the past three decades [10, 11]. In [12], Ikeda adopted a one-variable differential difference equation to model light going around a ring cavity containing a nonlinear dielectric medium and found “chaotic” phenomena in the transmitted field. In [4], Mannai et al. introduced the equation’s variant

as a chaos-based pseudorandom number generator (PRNG), where α and m are coefficients, and T is the positive delay time. The evolution of the dynamics is dependent on not only the present value x(t) but also earlier one x(t − T). To solve equation (1), it is discretized with the following way: 1) each interval T is divided into N subintervals h and each subinterval h is approximated with a scalar value, where T = N × h; 2) the N samples of each interval are considered as an N-dimension vector. In [4], an image encryption algorithm based on a time-delay Ikeda system (IEATD) was proposed. The designers of IEATD believed that utilizing the rich dynamics of a discretized Ikeda system and a new keystream generation mechanism associated with the average of all pixels of the plain-image can provide sufficient capacity to withstand known/chosen-plaintext attacks.

In reality, the security strength of IEATD is very weak as its equivalent secret key can be obtained with only two chosen plain-images [13]. Meanwhile, M. Li et al. pointed out that two security defects exist in IEATD: 1) the regularity of the keystream and absence of position scrambling; 2) incapacity to resist differential attack [13]. To remedy the defects, they adopted much more complex encryption operations: permutation and crossover diffusion phases. In short, we call the enhanced image encryption algorithm using the crossover diffusion as IEACD. This paper focuses on security analysis of the two image encryption algorithms, IEATD [4] and IEACD [13]. We found that the authors of [13] did not notice a fatal drawback of the keystream generation mechanism: insensibility to minor change of a pixel. This leads to that IEACD still cannot withstand chosen-plaintext attack. Furthermore, there is improper keystream configuration in diffusion that almost discloses the whole keystream. The essential structures of the two algorithms cause that the equivalent secret key of IEATD and IEACD can be recovered with known-plaintext attack and chosen-plaintext attack, respectively.

The rest of this paper is organized as follows. Section 2 concisely describes the encryption procedures of the encryption algorithm IEATD and its enhanced version IEACD. Then, Sec. 3 and Sec. 4 present the detailed cryptanalysis results on the two encryption algorithms, respectively. The last section concludes the paper.

2. Description of two analyzed image encryption algorithms

2.1. The framework of IEATD

2.2. The enhanced elements of IEACD compared with IEATD

To enhance the security level of IEATD, some extra operations were appended to withstand the chosen-plaintext attack reported in [13].

• The added secret sub-keys: a positive integer C, the initial condition q(0) ∈ (0, 1) and the control parameter β ∈ (3.5699456, 4] of Logistic map

• The modified encryption procedures:

3. Cryptanalysis of IEATD

3.2. The chosen-plaintext attack proposed by M. Li et al.

To make the cryptanalysis of IEATD more complete, we briefly introduce the chosen-plaintext attack on IEATD proposed by M. Li et al. in [13] and comment its performance:

3.3. Known-plaintext attack on IEATD