Abstract

A novel chaotic image encryption scheme based on the time-delay Lorenz system is presented in this paper with the description of Circulant matrix. Making use of the chaotic sequence generated by the time-delay Lorenz system, the pixel permutation is carried out in diagonal and antidiagonal directions according to the first and second components. Then, a pseudorandom chaotic sequence is generated again from time-delay Lorenz system using all components. Modular operation is further employed for diffusion by blocks, in which the control parameter is generated depending on the plain-image. Numerical experiments show that the proposed scheme possesses the properties of a large key space to resist brute-force attack, sensitive dependence on secret keys, uniform distribution of gray values in the cipher-image, and zero correlation between two adjacent cipher-image pixels. Therefore, it can be adopted as an effective and fast image encryption algorithm.

1. Introduction

With the rapid development of the computer network, it becomes more and more convenient to communicate in digital form. However, the transmitted information may be intercepted, copied, and even modified illegally. Aiming at the security and protection of digital images, many image encryption algorithms or technologies such as DNA sequence [1], chaotic map [2], circular bit shift and XOR operations [3], quantum logistic map [4], and Hartley transform [5] have been developed. Among these encryption algorithms, the chaos-based approach has become a hot research topic because of many unique characteristics of the chaotic system itself such as sensitive dependence on initial conditions and system parameters, nonperiodicity, pseudorandom property, and topological transitivity. These properties lead to efficient methods for image encryption.

One-dimensional and two-dimensional chaotic maps are usually employed in chaos-based image encryption algorithms. One-dimensional chaotic maps such as Logistic map, Sine map, and skew tent map have the advantages of simplicity and easy implementation [6]. In particular, Logistic map was widely used for image encryption [7ā€“9]. However, it is not secure enough to use only one-dimensional chaotic map because of its small key space and weak security [7]. Many studies [10ā€“13] were carried out to improve its security. For example, Singh and Sinha combined the Hartley transform and Logistic map in [5], Gao et al. [6] increased the number of parameters to six, and Ye [10] adopted the matrix property of Toeplitz and Hankel. Reference [11] proposed a total shuffling algorithm using Logistic map. In [12], two Logistic maps were employed to enlarge the key space. In other schemes [14, 15], the security has been improved by shuffling the positions and changing the pixel values simultaneously. Li and Yuan [15] reported the weakness of DCT-based encryption algorithm and proposed the full interblock shuffle approach. The authors in [16] studied the hyperchaotic systems with uncertain parameter for image encryption.

A good encryption algorithm must satisfy some requirements such as large key space, sensitive dependence on secret keys, and no correlation between two adjacent pixels [17, 18]. Here we propose an image encryption algorithm based on the time-delay Lorenz system and the unique properties of chaotic systems. It performs the position permutation according to a chaotic sequence and the diffusion stage by blocks. The rest of this paper is arranged as follows. In Section 2, Circulant matrix and time-delay Lorenz system are introduced. The proposed image encryption algorithm and its mathematical model are described in Section 3. Numerical experiments are reported in Section 4 while the related security analysis is given in Section 5. Finally, some conclusions are drawn in Section 6.

2. Circulant Matrix and Time-Delay Lorenz System

2.1. Circulant Matrix

Definition 1. Suppose that there is an matrix having the following form: Then is called a Circulant matrix [19] if ().

Definition 2. Suppose that there is an matrix () possessing the following form: Then is called a generalized Circulant matrix if ().
We can also consider as a generalized Circulant matrix when , considering that has the same form as (2).

2.2. The Time-Delay Lorenz System

The time-delay Lorenz system [20] is a three-dimensional system defined by where is an unknown time-varying lag. When , , , , and , the time-delay Lorenz system (3) is in the chaotic state [20]; that is, the two chaotic sequences are nonperiodic, nonconvergent, and noncorrelated with two different sets of initial values , , and . More details of the time-delay Lorenz system can be found in [20].

2.3. Random Chaotic Sequence

Given initial values , , and , a set of values can be obtained by iterating (3). A parameter can be added to drop the former iterated values; that is, we only keep the values . Collect the first component since the plain-image size is . Do the preprocessing for by updating the values as , .

Sort the updated sequence and we obtain . By finding the position of in , a sequence can be generated. Similarly, do the same process for the second component , and we can get another sequence .

3. Image Encryption Scheme

In general, the adjacent pixels in the plain-image have high correlation. In order to reduce this correlation and resist known-plaintext attacks, position permutation is considered as the first encryption operation.

3.1. Position Permutation Based on Circulant Matrix

Noting that the generalized Circulant matrix (Definition 2 for rectangular image) can be extended directly, we mainly discuss the case of Circulant matrix (Definition 1 for square image). For a Circulant matrix, its elements satisfy (); that is, all elements in a diagonal or a subdiagonal line are equal. Moreover, the total number of elements along the subdiagonal line and () is . For example, for a Circulant matrix which satisfies , , , , , the total number of and () is 3, which equals that on the diagonal line:

Based on the Circulant matrix, we can perform position permutation along the diagonal or antidiagonal lines in the upper and lower triangular matrices. This approach is different from the traditional method of row and column position shuffling. Of course, it will have problems if we apply the chaotic sequences to the diagonal and antidiagonal lines directly because the number of elements on these lines is not equal. This is the main reason why the existing approaches do not perform position shuffling along the diagonal and antidiagonal instead of row and column. Here we can solve this problem using the properties of the Circulant matrix.

(1) Permutation along Diagonal Direction. In the upper part of an image matrix (we denote the plain-image as in this paper), the number of elements on subdiagonal and diagonal lines is if the elements on the subdiagonal line of () are patched by the elements on the subdiagonal line of . In this case, the position permutation along the diagonal direction can be carried out. This is equivalent to having position permutation in the diagonal matrix , of which the elements are

The position shuffled matrix is governed by (6) when is permuted along the diagonal direction:

We will go back to the traditional position scrambling approach by columns if the elements of the matrix are computed by (7) instead of (5):

(2) Position Permutation along Antidiagonal Direction. For the case of antidiagonal, the permutation procedures are similar to those for the diagonal case. The difference is that we make use of the lower triangular of matrix that is equivalent to performing position scrambling in the antidiagonal matrix , of which the elements are given by

Thus, the shuffled image is obtained by (9) when is permuted along the antidiagonal direction:

Similarly, this is equivalent to the traditional position scrambling by rows when we set the matrix by

In the decryption process, we just need to rewrite (5), (6), (8), and (9) reversely. In fact, the traditional permutation is a special case of our method. Of course, the method can be extended to image shuffling of any size according to the generalized Circulant matrix (here we do not discuss this in detail; please refer to the Appendix). After being permutated along the diagonal and antidiagonal directions, the process of position permutation is finished. For example, Figure 1(b) is the cipher-image of Rice shown in Figure 1(a) using three rounds of our method. Figure 1(c) is the cipher-image using traditional row and column method, also by three rounds. The figures show that the proposed method has a better shuffling performance.

3.2. Block-Based Diffusion

To make a bit-change in the plain-image result in a big difference in the cipher-image, we adopt block-based diffusion for a fast implementation. The diffusion steps are stated as follows:

Step 1. Read the permuted image to a matrix . Then divide into two equal blocks, that is, . Each block has size . We can add a random row to if is not an even number.

Step 2. Extract values from to form the set . Then convert the elements into decimal value in the following way: where returns the absolute value of , rounds to the nearest integer less than or equal to , and returns the remainder after division. Rearrange into a matrix in the order from left to right and top to bottom.

Step 3. Carry out the following gray-level diffusion [22] and the cipher-image will eventually be generated as : where . Here, represents the modular addition under 256. The parameter is dependent on the plain-image.

3.3. Encryption Procedures

The detail procedures of the proposed image encryption algorithm based on time-delay Lorenz system and Circulant matrix are described as follows.

Step 1. Read the plain-image and put its pixels in a two-dimensional matrix .

Step 2. Generate two chaotic sequences and by iterating the time-delay Lorenz system from the initial condition , , , .

Step 3. Perform position permutation on using and according to the property of the Circulant matrix. A new permuted matrix is then formed.

Step 4. Generate the pseudorandom matrix of size from the chaotic system again.

Step 5. Divide the matrix into two parts, that is, , and compute the control parameter .

Step 6. Perform pixel value diffusion according to (12). Then the cipher-image is obtained as .

To enhance the security, we can perform more rounds from Step 5 to Step 6, that is, multiple diffusion. In this paper, we take 5 rounds. The decryption process is just the reverse of the encryption one.

4. Numerical Experiments

In this section, some experimental results of the proposed image encryption method are presented. The work is accomplished in a computer of Intel(R) Core(TM) i3-2350M, 2.30ā€‰GHz CPU, running Windows 7. The plain-image is Lena with size shown in Figure 2(a). Figure 2(b) is the cipher-image obtained by the proposed method using the initial values , , , and .

5. Security Analysis

(1) Key Space. The key space refers to the total number of distinct keys which can be used in the algorithm. A good encryption algorithm should have a large key space to avoid brute-force attacks. In the proposed algorithm, the size of the key space can reach if the computation precision is . This value justifies that our encryption algorithm has a sufficiently large key space.

(2) ā€‰Sensitivity Analysis. High key sensitivity means that a little change in the key will cause a huge change in the decrypted image. In our algorithm, with the original keys , , , and , we encrypt the plain-image Lena to the cipher-image shown in Figure 2(b). The decrypted image using a key with only a tiny difference, that is, , is depicted in Figure 2(c). Figure 2(d) shows the decrypted image with a wrong key of . Figures 2(e) and 2(f) are similar wrong decrypted images. They all indicate that the new algorithm is very sensitive to the key.

(3) ā€‰Histogram Analysis. The histogram, also called the gray scale distribution, displays and reflects the distribution of pixel values in an image. Figures 3(a) and 3(b) are the plain-image and cipher-image of Cameraman while Figures 3(c) and 3(d) are their histograms, respectively. These diagrams show that an attacker can hardly launch any statistical attack because the gray values are distributed uniformly.

(4) Correlation Coefficient Analysis of Two Adjacent Pixels. To evaluate the correlation between two adjacent pixels in the plain and the cipher-images, the following equation is used [6, 11]: where , , .

First of all, 2500 pairs of adjacent pixels of the Rice image (Figure 4(a)), in horizontal, vertical, and diagonal directions, are randomly selected. The results are listed in Table 1, in which we find that the correlation coefficients of two adjacent pixels in the cipher-image are almost zero. Figures 4(b) and 4(c) show the gray-level distribution of two horizontally adjacent pixels in the plain-image and the cipher-image, respectively.

(5) ā€‰Differential Attack. To avoid differential attacks, NPCR and UACI [12, 23, 24] defined by (14) are commonly used to test the influence of a one-pixel change in the plain-image on the resultant cipher-image. For an effective encryption algorithm, the cipher-image should show a significant change even for a tiny change in the plain-image: where is the image size and is determined by and ; namely, if , then ; otherwise, . Here, and are the two cipher-images whose corresponding plain-images are different only in one pixel.

In the proposed method, a small difference in the plain-image can affect the whole cipher-image. The results can be found in Table 2 (here, we randomly choose a pixel at position (201,100)). The percentage of pixel changed in the cipher-image is over 99.5% even with a one-bit difference in the plain-image. The UACI values are over 33.4%, as required for good protection [22, 23, 25]. Thus, the proposed encryption method is able to resist the differential attack.

(6) Speed Analysis. There are already many image encryption algorithms suggested. Here, we compare the speed of our method with [10, 11, 21], which is also composed of two stages of permutation and diffusion. The average time cost is listed in Table 3. The data show that the proposed method is fast and efficient, which is more suitable to encrypt large images.

(7)ā€‰ā€‰Information Entropy Analysis. Commonly, we take the information entropy as a tool to measure the strength of a cryptosystem. It is defined by (15) for message : Here, represents the probability of occurrence of and means the base 2 logarithm. The information entropy is 8 for any ideal random sequence. Using the proposed algorithm, we can get the results for different images, as listed in Table 4. They indicate that the cryptosystem can resist the entropy attacks.

(8)ā€‰ā€‰Other Comparisons. Compared with the existing methods [2, 22, 26], the proposed one using the time-delay chaotic system can show more natural phenomena when generating the chaotic sequence. Besides, only two blocks are decomposed with a new control parameter which is determined by the plain-image and so the implementation time is shorter. To make the attack infeasible, any algorithm should have the ability to resist the chosen-plaintext, the chosen-ciphertext, and the known-plaintext attacks. However, in spite of good randomness and high computational efficiency, the keystream remains unchanged in the encryption process of [27], which cannot offer the security requirement [28]. In [26], the UACI is less than 28% while we can reach 33% in our method. All these show good performance by using the proposed scheme.

6. Conclusions

In this paper, a novel image encryption method based on chaotic maps and Circulant operation has been proposed. Position scrambling is employed to remove the high correlation between adjacent pixels in the plain-image. Meanwhile, to avoid statistical attacks, the modular function by blocks is adopted in the diffusion stage. Security analyses on (1) key space and key sensitivity, (2) histogram, (3) correlation between two adjacent pixels, (4) differential attacks, and (5) operating speed have been carried out. All the results are satisfactory which justify the effectiveness of the proposed algorithm for image encryption. Furthermore, the algorithm can be extended to images at any aspect ratio by the generalized Circulant matrix (see Definition 2 and appendix).

Appendix

The Case When Is Not Equal to

When is not equal to , we can also perform encryption on the image matrix . Without loss of generality, we assume and (7), (8), (10), and (12) are rewritten to the following forms, respectively:

Acknowledgments

This project was supported by the National Natural Science Foundation of China (no. 11226091), the grant from CityU (Project no. 7008106), the Science & Technology Program Foundation of Zhanjiang City of China (no. 2011C3109002), and the Natural Science Foundation of Guangdong Ocean University of China (no. 1212334).