- About this Journal
- Abstracting and Indexing
- Aims and Scope
- Annual Issues
- Article Processing Charges
- Articles in Press
- Author Guidelines
- Bibliographic Information
- Citations to this Journal
- Contact Information
- Editorial Board
- Editorial Workflow
- Free eTOC Alerts
- Publication Ethics
- Reviewers Acknowledgment
- Submit a Manuscript
- Subscription Information
- Table of Contents
Mathematical Problems in Engineering
Volume 2010 (2010), Article ID 361860, 18 pages
Cryptanalysis of a Chaotic Communication Scheme Using Parameter Observer
Information Security Center, State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, P.O. Box 145, Beijing 100876, China
Key Laboratory of Network and Information Attack and Defence Technology of MOE, Beijing University of Posts and Telecommunications, Beijing 100876, China
National Engineering Laboratory for Disaster Backup and Recovery, Beijing University of Posts and Telecommunications, Beijing 100876, China
Received 17 October 2009; Accepted 3 December 2009
Academic Editor: Massimo Scalia
Copyright © 2010 Haipeng Peng et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
This paper addresses the cryptanalysis of a secure communication scheme proposed by Wu (2006), where the information signal is modulated into a system parameter of a unified chaotic system. It is demonstrated that a parameter observer can be designed to identify the parameter determined by the transmitted information and then the transmitted information can be obtained. Compared with the existing analysis using adaptive observer, the cryptanalysis based on parameter observer is much simpler and needs less structure information of the transmitter system. With numerical simulations, it is shown that the parameter observer has stronger practicality and robustness. Furthermore, it is still possible to obtain the transmitted information, even if the derivative of the transmitted signal is unknown.
Over the past two decades, increasing attentions are drawn on utilizing chaos theory on secure communication based on synchronization technique [1–4]. At the meantime, cryptanalysis of chaotic secure communication scheme is proposed with different methods [5, 6]. Recently, a new secure cryptosystem based on adaptive synchronization has been proposed by Wu . In this paper, we carry out a security analysis of the cryptosystem on the concept of parameter identification. It is demonstrated that a parameter observer can be designed to identify the parameter and then the information can be obtained. Compared with the existing analysis using adaptive observer, the parameter observer is much simpler and needs less structure information of the transmitter system. With numerical simulations, it is shown that the parameter observer has stronger practicality and robustness.
Wu proposed a new secure communication scheme in . The secure communication scheme utilizes adaptive synchronization of a unified chaotic system. The transmitter is designed as follows:
where the lower scripts stands for the transmitter system, , , and are user-specific parameters. The information signal , which satisfies , is modulated into the function as follows:
The identical receiver system can be constructed at the receiving end as follows:
where the lower scripts stands for the receiver system. , and are the nonlinear controllers and is the estimator for and is updated adaptively. With the assumption that or is known, it is proved in  by the Lyapunov stability theorem that the receiver is synchronous with the transmitter, and the covered message can be obtained with a reverse transformation of (1.2).
In , Liu and Tang addresses a cryptanalysis of the cryptosystem performed with adaptive control theory. To obtain the transmitted information, an adaptive observer with three state observers (, and ) and five parameter estimators (, , , and ) are designed. Assuming that the dynamical evolution of the information signal is available, it is proved that both state variables and unknown parameters of the adaptive observer will asymptotically converge to their true values, respectively, justified by the Lyapunov stability theory. As the result, the transmitted information can be retrieved.
In this paper, we are interested in performing the cryptanalysis of the same cryptosystem in a simpler way, based on two questions as follows.
Firstly, since it is that we only need to obtain the transmitted information, can we identify without achieving the true values of the user-specific parameters , , and ?
Secondly, if the structure of the system (1.1) is partly available, for instance, only the structure of the third equation is known, is it possible to obtain the transmitted information?
Our answer is positive, and it is demonstrated in the following sections that it can be achieved based on the concept of parameters observer.
The paper is organized as follows. In Section 2, a parameter observer is designed for the cryptanalysis of the secure communication system (1.1) with both theoretical analysis and numerical simulations. In Section 3, a more practical case is considered, for which the derivative of the information signal is kept secret from attackers. Finally, the conclusion of the paper is given in Section 4.
2. Cryptanalysis Using the Parameter Observer
Let us consider the conditions of the secure communication scheme proposed in , where system (1.1) with parameters , , , and being unknown, in this section, we will show that a parameter observer can be designed to retrieve the transmitted information.
2.1. Design of the Parameter Observer
Assuming all the state variables in system (1.1) and the dynamical evolution of the information signal are available, let
and the third equation of (1.1) can be written as follows:
A parameter observer is proposed as follows:
where is the estimators for , and is a designed gain function. Let
is the chosen function verifying that the system
is exponentially stable. Then will exponentially converge to when . A possible choice for is , then system (2.6) can be written as follows:
where determines the converging speed.
However, it is not practical to get the information of , which makes observer (2.3) practically useless. To overcome the defect, we define an instrumental variable as follows:
where is a designed function verifying
We can obtain
Obviously, choose function such that
is exponentially stable, then will exponentially converge to .
Summing up the above analysis, we have the following parameter observer.
Result 1. With known , we can obtain . The parameter observer of is designed as follows: where is a designed function verifying and determines the converging speed.
where the minimum and maximum values of are 0 and 1, respectively. Note that can be obtained by the observer mentioned before and is the constant, it is possible to determine by the minimum and maximum values of . Consequently, can be obtained. Then, the information can be retrieved as follows:
As the result, the scheme proposed in  is considered to be insecure.
The parameter observer proposed in this paper gives excellent performances in following aspects.
Firstly, the parameter observer is simple and direct. To retrieve the transmitted information, we only need to construct one observer to identify the true value of , which is directly determined by the transmitted information. And it is unnecessary to obtain the true value of the user-specific parameters , , and . The result answers on the first question in Section 1.
Secondly, the parameter observer is only related to the structure of the third equation in system (1.1), which means it is possible to construct the parameter observer, even if part of the structure information of the transmitter system is unknown. The result answers on the second question in Section 1. Furthermore, for the reason that the parameter observer is designed based on the third equation, any change of parameters or structures in the first and second equations in system (1.1) has no effect on the result of parameter identification.
Thirdly, our cryptanalysis with parameter observer imposes less assumptions than the cryptanalysis proposed in , where, in order to obtain the true value of the parameters, persistently excitation or linearly independent condition are need.
As mentioned in the first and second aspects, the questions proposed in Section 1 have been resolved. Moreover, it can be concluded that the parameter observer has stronger practicality and robustness.
2.2. Numerical Simulations with Available
In the following, several functions of are tested. At the meantime, a possible case, for which the parameter changes during the parameter identification process, is also simulated. Furthermore, we also take the influence of the noise on the identification performance into consideration. The parameters and initial states of system (1.1) are set the same as : , , , , , , . For the parameter observer, the initial state is set as: . It was shown above that is a designed gain function, which determines the converging speed. is set as: , where different is chosen in different cases, according to the frequency of the information signal.
Case 1 (). For the first case, and . According to (1.2), . The simulation results are given in Figure 1 with . It is shown in Figure 1(a) that is obtained and found to be varied in the range of . Considering that the minimum and maximum values of are 0 and 1, respectively, it is estimated that and is shown in Figure 1(b). Figure 1(d) shows the estimation of the absolute error. After the initial transient time of about s, information signal can be recovered with a fluctuation of . A faster convergence rate is achieved, compared with the result given in .
Case 2 (). In this case, information signal with higher frequency is simulated and a large value is set for as: . As it is shown in Figure 2, still closely follows with a small mismatch after a transient time of s.
Case 3 (). In this case, a composite signal is chosen as the information signal. It is assumed that . As it is indicated in Figure 3 with , information signal is identified with a small mismatch of after a transient time of s.
Case 4 (The parameter changes during parameter identification process). In the above three cases, the success of the proposed algorithm is clearly indicated. In the following two cases, we are going to demonstrate that the parameter observer has strong robustness. In Case 4, it is assumed that the parameter in system (1.1) is not a constant anymore. Instead, is varied in the range of . Figure 4(a) shows that during the initial five seconds, and then . It is demonstrated in Figure 4 with that the information can still be recovered with the same mismatch as that in Case 1. Furthermore, information signal with higher frequency and composite signal are also considered. The results with , and , are shown in Figures 5 and 6, respectively. It is clearly demonstrated that the information signal can be recovered successfully, even if the parameter changes during the identification process. Based on much simulations, we find that any change of parameters in the first and second equations of system (1.1) has nothing to do with the identification results.
Case 5 (Simulation results in presence of noise). In this part, we are going to consider the influence of the noise on the identification performance of the proposed parameter observer in practical applications. We keep the third equation of system (1.1) invariant and add the noise into the other two equations, then the transmitter system can be written as follows:
As it is shown in Figure 7(a), the mean of the random noise is zero mean and the sample time is 0.001. In the simulations, we set the amplitudes of the noise as 3 and the information signal as , , , respectively. We utilize the proposed parameter observer to recover the information signal. Figures 7, 8, and 9 show the identification results when the information signals are , , , respectively. It is indicated that for the transmitter system in presence of noise, the information signal can still be retrieved with the same mismatch as Cases 1, 2, and 3. Based on the simulations, we can conclude that the proposed observer in this paper is robust to noise.
Compared with the performance of adaptive observer proposed in , it takes less time for the parameter observer to recover the transmitted information. Moreover, the proposed parameter observer is robust to any change of parameters and noise in the first and second equations in system (1.1). However, the information estimation error is larger than , but still tolerable. To identify the information easily and quickly, accuracy is the only sacrifice.
3. Cryptanalysis in Case of Unavailable
In the design process of parameter observer mentioned in Section 2, the value of is assumed to be available. However, from the view of real communication, it is sometimes impractical to get the information of . Hence, in this section, we are going to consider the case with unknown .
3.1. Design of Parameter Observer
With being unknown, it is impossible to get the information of . The parameter observer of is designed as follows:
where the designed function determines the converging speed. The observer identifies at an exponential velocity. Consequently, when the frequency of is low and a large gain function is used, can be coarsely identified. Consequently, the transmitted information is coarsely achieved.
3.2. Numerical Simulation
In this part, information functions used in Section 2.2 as well as a chaotic information signal are simulated. All the parameters settings are the same as that of Section 2.2 except that a larger is set to improve the identification performance.
Case 1 (). The simulation results are shown in Figure 10 with , which indicates the success of the information recovering. As the estimation of the absolute error shown in Figure 10, closely matches with , and after the initial transient time of about s, information signal can be recovered with a fluctuation of . Although the performance is slightly worse than that shown in Case 1 of Section 2, the estimation of the absolute error is still small.
Case 2 (). The proposed parameter observer is also used to recover transmitted signal with higher frequency. A larger gain is set to achieve a small error. As shown in Figure 11, still closely follows with a small mismatch of after a transient time of s. Compared with the case when is known, a larger fluctuation is experienced.
Case 3 (). Figure 12 gives the simulation results when a composite signal is used and a large constant is set. Figure 12 shows the proposed parameter observer can still coarsely retrieve the transmitted information with a small mismatch of after s. The performance is inferior to that with a low frequency signal in Case 1, but superior to that with a high frequency signal in Case 2.
Case 4 ( is a chaotic signal). In this example, the information signal is assumed to be a chaotic signal, which is one state of a Lorenz system. We suppose that the maximum and minimum values of the signal are known, and based on (1.2), is obtained from (1.2). Figure 13 shows the simulation results with . As displayed in Figure 13, is varied in the range of , so it is estimated that . It is noticed that closely follows with a small mismatch after a transient time of s, implying the success of the information signal recovering.
This paper provided the cryptanalysis of a chaotic communication scheme based on parameter identification. The approach was to design a parameter observer to identify the true value of the system parameter, which was directly determined by the information signal. Supported by rigorous proof and illustrated with numerical simulation, it was clearly demonstrated that the transmitted information can be obtained with the proposed parameter observer. The results of numerical simulation showed that estimation of the absolute error was about after less than s for the presented cases with different frequencies. Furthermore, it was shown with simulations that the parameter observer was robust to parameter change and noise in the transmitter system. Therefore, the security of the analyzed communication scheme was rather weak under the observer attack, which discouraged its further applications in practical communications.
The authors would like to thank editor and all the anonymous reviewers for their helpful advices. This work is supported by the National Basic Research Program of China (973 Program) (Grant no. 2007CB310704), the Foundation for the Author of National Excellent Doctoral Dissertation of PR China (FANEDD) (Grant no. 200951), the National Natural Science Foundation of China (Grant no. 60805043, 60821001), the 111 Project (Grant no. B08004), and the National Natural Science Foundation of China (NSFC) and the Research Grants Council of Hong Kong (RGC) Joint Research Scheme (Grant no. 60731160626).
- L. M. Pecora and T. L. Carroll, “Synchronization in chaotic systems,” Physical Review Letters, vol. 64, no. 8, pp. 821–824, 1990.
- W. L. Ditto, S. N. Rauseo, and M. L. Spano, “Experimental control of chaos,” Physical Review Letters, vol. 65, no. 26, pp. 3211–3214, 1990.
- G. Hu, J. Xiao, J. Yang, F. Xie, and Z. Qu, “Synchronization of spatiotemporal chaos and its applications,” Physical Review E, vol. 56, no. 3, pp. 2738–2746, 1997.
- G. Hu and Z. Qu, “Controlling spatiotemporal chaos in coupled map lattice systems,” Physical Review Letters, vol. 72, no. 1, pp. 68–71, 1994.
- H. Lü, S. Wang, X. Li, et al., “A new spatiotemporally chaotic cryptosystem and its security and performance analyses,” Chaos, vol. 14, no. 3, pp. 617–629, 2004.
- Y. Liu and W. K. S. Tang, “Cryptanalysis of a chaotic communication scheme using adaptive observer,” Chaos, vol. 18, no. 4, Article ID 043110, 10 pages, 2008.
- X.-J. Wu, “A new chaotic communication scheme based on adaptive synchronization,” Chaos, vol. 16, no. 4, Article ID 043118, 12 pages, 2006.
- X.-P. Guan, H.-P. Peng, L.-X. Li, and Y.-Q. Wang, “Parameters identification and control of Lorenz chaotic system,” Acta Physica Sinica, vol. 50, no. 1, pp. 26–29, 2001.