#### Abstract

The optical image encryption has attracted more and more researchers’ attention, and the various encryption schemes have been proposed. In existing optical cryptosystem, the phase functions or images are usually used as the encryption keys, and it is difficult that the traditional public-key algorithm (such as RSA, ECC, etc.) is used to complete large numerical key transfer. In this paper, we propose a key distribution scheme based on the phase retrieval algorithm and the RSA public-key algorithm, which solves the problem for the key distribution in optical image encryption system. Furthermore, we also propose a novel image encryption system based on the key distribution principle. In the system, the different keys can be used in every encryption process, which greatly improves the security of the system.

#### 1. Introduction

The characteristics of optical information processing are parallel and multidimensional, so more and more researchers have been studying the optical information security in the recent twenty years. Optical image encryption system based on double random phase encoding (DRPE) was proposed in 1995 [1] and the keys were two random phase matrices in this system. It was easy for the optical implementation and easy to combine with other encryption methods, so it attracted many researchers’ attention and a lot of improved encryption systems were proposed in [2–7]. However, the security of the system in the systems without reference to the key distribution and transmission concerned researchers more. Optical asymmetric cryptosystem (OACS) was proposed based on phase-truncated Fourier transforms (PTFT) in 2010 [8], and it used nonlinear operation of the phase truncation which overcame the defects that DRPE was linear and symmetric [9–11]. Since then, the many improved systems have been proposed based on PTFT [12–20] and some researchers proposed different OACS from another perspective [21–24]. However, the existing OACS was incomplete [25], which did not meet the basic protocol of asymmetric cryptosystem (ACS). Although the security of the systems is significantly improved, only the private key sharing can establish communication in reality. Recently, Zhang et al. proposed an optical cryptosystem based on the phase-truncated Fresnel diffraction (PTFD) and transport of intensity equation (TIE) [26]. A random amplitude mask (RAM) and a random phase mask (RPM) are employed as two secret keys to encrypt the input image into a real-valued noise-like intensity distribution. Moreover, the proposed scheme is expected to against existing attacks. Wang et al. proposed a new optical information authentication system based on compressed DRPE images and quick-response (QR) codes, where the parameters of optical light wave are used as keys for optical decryption and the QR code is a key for verification [27]. Cai et al. proposed an asymmetric cryptosystem using equal modulus decomposition (EMD) to create an effective trapdoor one-way function without a silhouette problem [28]. In the system the encryption key is RPM, and the decryption key is obtained by EMD.

In the existing optical cryptosystem, usually the key generally is phase functions or other optical parameters (such as wavelength, focal length, etc.), but the problem to be solved is how to distribute and transmit the keys (phase functions). In this paper, we propose a key distribution scheme, which solves the problem for the key distribution. Furthermore, we propose an image encryption system of changing key based on the key distribution principle which conforms to the basic protocol of ACS, and the greatest advantage of the system is that both sides of communication can change key constantly, which greatly improve the security of the system.

#### 2. Key Distribution Scheme

We propose a key distribution scheme on public channel, and the process is shown in Figure 1.

The basic protocol is as follows:(1)Alice opens the encryption keys (the public key ) and reserves the decryption keys (the private key ).(2)Bob wants to send key to Alice and he uses Alice’s public key to encrypt .(3)Alice receives Bob’s ciphertext and uses the private key for decryption and obtains .(4)If Alice receives Laura’s ciphertext and uses the private key for decryption and obtains the key .

In the key distribution scheme, users do not need to establish the secret channel and the whole transmission process can be open to the public.

#### 3. The Encryption and Decryption

##### 3.1. RSA Public-Key Algorithm

In 1978, Rivest et al. first proposed RSA algorithm based on public-key cryptosystems of numeric theory and RSA algorithm was the best encryption algorithm in public-key cryptosystems [29]; the following steps show how the keys are generated [30]:(1)Select two large prime numbers and randomly.(2)Consider and .(3)Select an integer , such that and (gcd: relatively prime).(4)The decryption key is calculated by (mod: modulo operators).(5) denotes the public key, and denotes the private key.

In the encryption process, at first, divide the bit string of plaintext into many groups, and set the decimal number corresponding to each group to be less than . Then perform the encryption operation on each plaintext group such that

The decryption operation on each ciphertext group may be expressed as

##### 3.2. The Encryption Scheme

In the key distribution scheme of Figure 1 the public key is . The key is generated by RSA algorithm, and is the public image. We present the encryption system as shown in Figure 2. The plaintext is the key to be transferred, and is the initial random phase encoding; thenwhere denotes the Fourier transform. The correlation coefficient (CC) controls whether the iterative process continues, which is discussed in two different conditions.

First, when , iteration continues and the amplitude is limited,where is the target image (the public image), and the inverse Fourier transform is to be done next:where denotes the inverse Fourier transform, and phase is reserved:where denotes the operation of phase reservation. An iteration process is completed, and then is replaced by to complete the next iteration process.

Secondly, when , the iteration is stopped and outputs , which is processed dividing into two parts: (a) the ciphertext is obtained by modulus operation; (b) the matrix is obtained by binary modulationThe encryption key is used to encrypt the matrix and the ciphertext is obtained:Then the encryption process is completed and the ciphertext (,) is obtained.

##### 3.3. The Decryption Scheme

In the decryption system the private key is as the decryption key, and the decryption process is shown in Figure 3. The receiver receives the ciphertext (,) using the private key to decrypt the ciphertext and gets the binary matrix ,thenin order to calculate phase ,here is the public image, so you can get the plaintext ,

In the decryption process, the receiver uses the private key to decrypt the ciphertext and gets the binary matrix and finds the phase through the constraint relationship between and the ciphertext ; thus it is easy to get the plaintext .

##### 3.4. The Performance Analysis

To evaluate the impact of iteration numbers on the retrieved image, the CC is introduced for comparing the retrieved image with the original image, which is defined aswhere and stand for the original image and the retrieved image, respectively, and are the standard deviations of and , and is the covariance of the two corresponding images. The CC curves of different iteration numbers are shown in Figures 4 and 5, respectively.

In Figure 4 we present the CC curve which iteratives 200th. When the value of the CC is 0.99, the retrieved image is obtained and the original image is presented on the right. That is, the algorithm needs only a small iteration number to restore the clear image. In Figure 5, we present the CC curve which iteratives 1000th and mark the number of iterations () and the value of the CC (). Thus according to Figure 5 users can flexibly choose the value of the CC to control the iterative process in the encryption process.

#### 4. Verification and Analysis

In this paper, we verify the key distribution scheme taking the DRPE, for example. The plaintext is real image, and just the second phase is distributed. In order to better facilitate observation, “Baboon” image is selected as the key. The simulation of the DRPE is given in Figure 6. Figures 6(a) and 6(b) are the plaintext and the ciphertext, respectively, and Figures 6(c) and 6(d) are both the encryption keys.

**(a)**

**(b)**

**(c)**

**(d)**

The key distribution based on DRPE is shown as follows.

Alice opens the public key . (, ) is the public keys of RSA algorithm, and is the public image (Figure 7(a)).

**(a)**

**(b)**

**(c)**

**(d)**

Bob wants to send the phase (Figure 6(d)) to Alice and uses the public key to encrypt the phase as shown in Figure 7(b).

Alice receives the ciphertext and uses the private key for decryption; then the phase is obtained in Figure 7(c).

So far the process of the key distribution is completed.

Next, Bob sends the ciphertext (Figure 6(b)) to Alice who uses the phase for decryption and gets the plaintext (Figure 7(d)).

In the above simulation experiment, we have completed the key transmission for the DRPE system and can restore the original image using the obtained key .

The above step indicates the feasibility of our proposed key distribution scheme, but the quality of the decrypted image depends on the phase . Further, when the CC takes the different value, Alice will get the phase of the different quality which is used to decrypt the ciphertext (Figure 6(b)); the results are shown in Figure 8.

**(a)**

**(b)**

**(c)**

**(d)**

From the analysis of Figure 8 we can see that the closer to 1 the value of CC is, the better the quality of the key transmission is. Though it is time-consuming, it is worth spending more time to transmit a good key for the cryptosystem.

#### 5. Changing Key Cryptosystem

We propose an asymmetric cryptosystem of changing key, and the advantage of the system is that users can change key at any time (they even can use a different key in every encryption process). Thus, the security of the system is greatly improved. The communication protocol is shown in Figure 9.

The basic principle is as follows:(1)The public key was public, while the private key was reserved by Alice.(2)Bob wants to send image to Alice and can use the public key to encrypt the image ; the process is shown in Figure 2.(3)Alice receives the ciphertext from Bob and then uses her private key to decrypt the ciphertext and obtains the image ; the process is shown in Figure 3.(4)Next, Bob can use the key to encrypt image .(5)Alice receives the ciphertext and then uses the key to decrypt the ciphertext and obtains the image .

The encryption scheme of changing key conforms to the basic agreement of asymmetric cryptosystem. Its characteristic is that the sender can change the key at any time and the receiver can use their existing recovery plaintext for decryption.

#### 6. Simulation Analysis

(1)The public key (, ) and the private key () are obtained by RSA algorithm; at the same time an image is opened (Figure 10(a)).(2)Bob wants to send image to Alice and can use the opened image and the public key () to encrypt the image , as shown in Figures 10(b) and 10(c).(3)Alice receives the ciphertext from Bob and then uses her private key () and the image to decrypt the ciphertext and obtains the image “Baboon” (Figure 11(a)).(4)Next, Bob uses the image and the public key to encrypt the image , as shown in Figures 11(b) and 11(c).(5)Alice receives the ciphertext and then uses her private key and the recovered image for decryption and obtains the image “Lena” (Figure 12(a)).(6)Next, Bob uses the image and the public key to encrypt the image , as shown in Figures 12(b) and 12(c).(7)Alice receives the ciphertext and then uses her private key and the recovered image for decryption and obtains the image “Man” (Figure 13(a)).(8)Next, Bob uses the image and the public key to encrypt the image , as shown in Figures 13(b) and 13(c).(9)Alice receives the ciphertext and then uses her private key and the recovered image for decryption and obtains the image “Cameraman” (Figure 14(a)).(10)Next, Bob uses the image and the public key to encrypt the image , as shown in Figures 14(b) and 14(c).(11)Alice receives the ciphertext and then uses her private key and the recovered image for decryption and obtains the image “Babar” (Figure 14(d)).

**(a)**

**(b)**

**(c)**

**(a)**

**(b)**

**(c)**

**(a)**

**(b)**

**(c)**

**(a)**

**(b)**

**(c)**

**(a)**

**(b)**

**(c)**

**(d)**

As cycle index increases, the correlation coefficient curve gradually declines in Figure 15. In the fifth cycle, correlation coefficient reaches its lowest point and the corresponding image contrast is shown in Figures 14(b) and 14(d). In Figure 14(d) there is the large noise in the decrypted images, so it is necessary to use the image as the encryption key in the next encryption process, and the cycle renews.

#### 7. Conclusion

In this paper, we propose a key distribution scheme based on phase retrieval algorithm and RSA public-key algorithm, which solves the problem that it is not easy to distribute due to overloaded key data in optical cryptosystem. Furthermore, we propose an image encryption system of changing key. The advantages are that the security of the system is guaranteed and users can change key at any time, which greatly protect users from economic loss.

#### Conflict of Interests

The authors declare that there is no conflict of interests regarding the publication of this paper.

#### Acknowledgments

The authors would like to thank the editor and reviewers for their valuable comments on the paper. Those comments are helpful and have an important guiding significance to their research.