Research Article  Open Access
Chaotic Image Encryption Based on RunningKey Related to Plaintext
Abstract
In the field of chaotic image encryption, the algorithm based on correlating key with plaintext has become a new developing direction. However, for this kind of algorithm, some shortcomings in resistance to reconstruction attack, efficient utilization of chaotic resource, and reducing dynamical degradation of digital chaos are found. In order to solve these problems and further enhance the security of encryption algorithm, based on disturbance and feedback mechanism, we present a new image encryption scheme. In the runningkey generation stage, by successively disturbing chaotic stream with ciphertext, the relation of runningkey to plaintext is established, reconstruction attack is avoided, effective use of chaotic resource is guaranteed, and dynamical degradation of digital chaos is minimized. In the image encryption stage, by introducing randomfeedback mechanism, the difficulty of breaking this scheme is increased. Comparing with thestateoftheart algorithms, our scheme exhibits good properties such as large key space, long key period, and extreme sensitivity to the initial key and plaintext. Therefore, it can resist bruteforce, reconstruction attack, and differential attack.
1. Introduction
With the rapid development of network and multimedia technology, a large number of images are transmitted and stored in the network. Interactivity, openness, and sharing of network as well as easiness of copying and modifying a digital image, while providing the convenience for users, also provide the opportunity for attackers to steal or tamper secret data [1]. For instance, in June 2013, Edward Snowden leaks the PRISM documents to the media. The major content is that, since 2007, the National Security Agency collects documents, connection logs, photos, videos, emails, and more to acquire personal contact information and action. In addition, according to the report a survey of China Internet Network Security Situation, published by China Computer Emergency Response Team (2012), more than 141.97 millions of computers in the territory of China are controlled by about 0.73 millions of abroad Trojan horses or bonnets. Attackers can acquire any information in these controlled hosts. These facts show that the secret images, whether transmitted through open network or stored in insecure station, need a maximum protection. With the advent of cloud computing and the arrival of big data era, the demand for security becomes extremely high. Among several protection methods in the literature, encryption is one of the most efficient and common methods. However, the inherent characteristics of image, such as high redundancy of data, strong correlation among adjacent pixels, and less sensitivity to data change and its structure property make traditional document encryption schemes unsuitable for image encryption [1, 2]. In recent years, with further study in chaos theory, many desirable encryption characteristics of chaotic sequence, for example, nonperiodicity, likerandom behavior, sensitivity, and easy to implement, have been found. These features help to enhance the security and reduce the cost of implementation for encryption algorithm. Thus, image encryption based on chaos has become one of the most important image protection methods.
2. Related Work
In 1998, Fridrich first proposed a representative chaotic image encryption scheme, which has confusiondiffusion integration mechanism [3]. In order to enhance the role of chaos in this kind of integration mechanism, Chen et al. [4], based on 3D cat map, proposed an image encryption scheme. Afterwards, three other schemes were presented in [5–7]. Essentially, these schemes have the same encryption principle; that is, confusion and diffusion perform alternatively. However, paper [8] (2008) analyzes this kind of scheme and finds some problem such as weak sensitivity to the change of plainimages or key stream and the flaw of diffusion function and pseudorandom sequence. Obviously, these shortcomings violate the security rules proposed in [9]. On top of that, paper [10] find another defect of Fridrich integration mechanism; that is, neither initialkey nor runningkey of an encryption system is related to plaintext. So, if using the same user keys, encrypt scheme would use the same initialkey and runningkey to encrypt different images. Practically, user keys do not frequently change. Consequently, this kind of encryption algorithm is cracked. Under these circumstances, in order to design more secure image encryption, studying image encryption in which initialkey or runningkey is related not only to user keys but also to plaintext has received increased attention in the research community.
According to the type of key related to plaintext, the existing image encryption algorithms can be divided into two categories. One is based on initialkey related to plaintext. The other is based on runningkey related to plaintext.
(1) Image Encryption Based on InitialKey Related to Plaintext. Paper [11] proposed chaotic image encryption by correlating initial key with plaintext. In the initialkey generation stage, it uses plaintext to disturb the current chaotic number and then takes the disturbed chaotic number as the next input of chaotic iteration. Repeat this process and use the last output value as the initial key. By doing so, the correlation between initialkey and plaintext is created. Paper [12] proposed remotesensing image encryption in hybrid domains, which first gets the hash value of original image and then calculates the initial key of the encryption system through eight formulae. These formulae use hash value as parameters. Thus, the algorithm realizes the correlation between initial key and plaintext. After that, by using the same method as paper [12], paper [13] established the correlation between initial key and plaintext. Paper [1] proposed a color image encryption algorithm based on DNA sequence operation and hyperchaotic system, which first encodes the image with DNA encoding rules and then gets three Hamming distances through image channels, next, transforms them into three decimal numbers, after that, adds them to initial values of chaotic system, finally, gets initial key. Through this process, the correlation is established.
(2) Image Encryption Based on RunningKey Related to Plaintext. Paper [14] proposed a new image encryption algorithm based on 3D chaotic map. This algorithm does not use the whole chaotic numbers, but only utilizes partial elements as running key. In chaotic sequence, those used elements keep certain interval, which is determined by the current ciphertext. Due to ciphertext closely related to plaintext, runningkey is indirectly related with plaintext.
For the first category, although these algorithms all establish the correlation between the initial key and plaintext, thus being capable of resisting attack method proposed by Solak et al. [10]. Yet chaotic stream, which is used to generate runningkey, is totally determined by the initial key and thus its orbit does not dynamically change in the encryption process, which makes encryption algorithm vulnerable to reconstruction attack. For the second one, although algorithm is of good security, yet it only uses a part of the chaotic stream when generating runningkey and wastes each element generated but not used. Therefore, it not only fails to not only fails to make full use of chaos resources, but also wastes the expensive time of the system. In addition, the common defect of these two categories of encryption schemes is that they do not consider digital chaotic dynamical degradation. Aiming at the above limitations, an efficient and secure image encryption scheme based on ciphertext disturbing chaotic stream is proposed.
3. Image Encryption Based on RunningKey Related to Plaintext
3.1. Notation Definitions
:A procedure or function that transforms any chaotic sequence from any distribution into uniform distribution. For example: A universal algorithm for transforming chaotic sequence into uniform pseudorandom sequence [15], or shiftandcut method [16] as follows: , here refers to chaotic number.:Any function that can transform uniform random variable into uniform integer space. A concrete example is , , which can map into , where represents uniform distribution over ; is a function that truncates the decimal portion and remains the integer portion of the value .:Any function that can map an integer number from to . A function like this: , , which can map to with significant digits.:A disturbing function implementing the interaction between current chaotic output and the value of function. Math expression is . The simplest function is .
3.2. Basic Idea
Our scheme (see Figure 1) is comprised of three parts. The first part is key uniformity module, which includes chaotic sequence uniformity function and space transformation function , implementing transformation from any chaotic sequence to cipherkey. The second is chaotic sequence disturbing module, by disturbing function , achieving the function of reducing dynamical degradation of digital chaos and generating one time runningkey stream. The last is random feedback encryption module, in which both length and position of feedback ciphertext are random, increasing the difficulty of breaking our scheme.
3.3. Algorithm Implementation
The encryption processes, which include the forward and backward encryption, are shown in Figure 2. The specific procedure is described in detail as follows.
3.3.1. Encryption Process
Initialization. Select three chaotic maps. The first one, map , is used to forward encryption. The second one, map (2), is used to generate a binary vector. The last one, map (3), is used to backward encryption. Set user key, which includes the initial values and parameters of chaotic maps, and related function parameters. is assigned to the number of image pixels.
Phase 1 (Forward Encryption). (1) Generate a chaotic number by iterating map (1). Next, get pseudorandom number by applying function to and then obtain the current running key through function ;
(2) generate a binary random vector by iterating map (2);
(3) encrypt the current plainpixel, formulae as follows:
(4) map the current cipherpixel into real number with function. Next, use it to disturb the current output of map (1) and then take the disturbed result as the next input of map (1);
(5) repeat steps until the last pixel of the image.
In order to guarantee plaintext sensitivity in any position, we take the above cipher image as an intermediate image; start with the (N−1)th pixel and reversely encrypt the image.
Phase 2 (Backward Encryption). (1) Generate a chaotic number by iterating map (3). Next, apply uniformity function to it to get the pseudorandom number and then obtain the current running key through function ;
(2) generate a binary random vector by iterating map (2);
(3) encrypt the current pixel, formulae as follows:
(4) map the current cipherpixel into real number with function. Next, use it to disturb the current output of map (3) and then take the disturbed result as the input of map (3);
(5) repeat steps until the first pixel of the image.
3.3.2. Decryption Process
The decryption process is very similar to the encryption process except that first decrypt ciphertext is generated in the backward encryption process and then do it in the forward encryption process.
4. Encryption Results
In order to verify practicality and efficiency of our scheme, a lot of encryption experiments have been done. Here we illustrate a simplest example. Three chaotic maps all take Logistic equation . Their differences lie in initial values and control parameters, here , , , , , and , where and refer to the parameter and the initial value of map , respectively. Additionally, and .
Take Lena image and Penguin image as examples, the space histograms for the original images and the corresponding cipherimages are showed in Figure 3. From these results, we can see that our scheme has good ciphertext space distribution.
(a) Lena
(b) Lena histogram
(c) CipherLena histogram
(d) Penguin
(e) Penguin histogram
(f) CipherPenguin histogram
5. Performance and Security Analysis
5.1. Key Space
Our scheme includes the following user keys: initial values and control parameters of chaotic systems, feedback length , parameter(s) of uniformity function , and parameter of function . Even if we consider the simplest case: three chaotic maps all take Logistic map; only take their initial values and parameters as key space (suppose the greatest accuracy of variables is ), while omitting other key possible values. The key space is still at least , which is large enough to resist all kinds of bruteforce attack.
5.2. Dynamical Degradation Analysis of Digital Chaos
At present, image encryption schemes based on the correlation between cipherkey and plaintext have dynamical degradation problem. Paper [17] gives three practical solutions as possible remedies: using higher precision, cascading multiple chaotic systems, and (pseudo)randomly disturbing chaotic system. Furthermore, it points out that disturbancebased solution is superior to others. Thus, our scheme utilizes ciphertext disturbing chaotic stream method to minimize the impact of chaotic degradation on encryption system security.
In order to verify the randomness and periodicity of chaotic sequences generated by our scheme, the phase space (, ) generated by using our scheme is shown in Figure 4. For comparison, phase spaces generated by using logistic map and method of literature [18] are also shown in Figures 5 and 6, respectively.
One can see that the phase space in Figure 5 is the single trajectory. On top of that, it has many breakpoints. These facts show that such chaotic sequence has strong correlation and short length of period. When compared with Figure 5, the trajectory of phase space in Figure 6 is compound trajectory, which shows that the sequence’s correlation becomes weak and its period becomes long. It should be noted that in Figure 4, nearly full space trajectory is generated, not limited by fixed orbits. Thus, randomness and periodicity of chaotic sequence are superior to the other two. These experiments show that our scheme can minimize dynamical degradation of digital chaos.
5.3. Reconstruction Attack Analysis
Image encryption scheme, which uses chaotic sequence to generate cipher key, may be attacked by phase space reconstruction. The theory foundation of such attack is Takens’ delay embedding theorem [19]. But in order to use this theory, acquiring a sequence of observations of the state of a dynamical system is the precondition. In our scheme, The chaotic sequence observed by any attacker has been disturbed by ciphertext. According to chaotic sensitivity, the disturbed sequence is totally different from the original chaotic sequence. Thus, phase space reconstruction attack is impossible.
5.4. OneTime Running Key Stream
According to Shannon’s theory [20], perfect secret system needs one time pad. In our scheme, under the condition of the same user key, Figure 7 shows the running keys generated by chaotic sequence before and after disturbance. In which the dotted line represents undisturbed running key, the solid line represents disturbed running key used when system encrypts Lena image (see Figure 3(a)). Figure 8 shows two running keys, represented by a dotted line and a solid line, used when system encrypts Lena image and Penguin image (see Figure 3(d)), respectively.
As can be seen from these results, key generation mechanism in our scheme can guarantee one time running key stream.
5.5. Adjacent Pixel Correlation
Correlation test uses formula (3). where and represent adjacent pixel values, represents image size. For a meaningful image, adjacent pixels usually have a relatively large correlation. For a cipher image, pixel correlation should be as small as possible. For comparison, Rand image is introduced, which is composed of random elements. Seen from Table 1, adjacent pixels in cipher image have very small correlation, which proves our scheme’s effectiveness.

5.6. Sensitivity Analysis
A good encryption algorithm should be sensitive to the changes of plaintext or key.
5.6.1. Plaintext Sensitivity Analysis
Attacker often makes a tiny change in plain image and then observes the changes of corresponding cipher image. If the change is small, the attacker can find out the relation between plain image and cipher image and hence breaks the encryption process. Conversely, differential analysis becomes not significant [13]. Plaintext sensitivity can be investigated through pixel change ratio and bit change ratio. The former can be measured by NPCR (number of pixel change rate) and UACI (unified average change intensity) [4]. The latter can be examined by avalanche effect.
Table 2 shows the results of plainimage sensitivity analysis. The NPCR is over 99%, UACI is over 33%, and bit flip ratio is close to 50%. These results show that our scheme is extremely sensitive to plainimage, therefore, can effectively resist chosenplaintext attack.

5.6.2. User Key Sensitivity Analysis
User key refers to some values given by a user used to set the parameters of an encryption scheme. The sensitivity of cipherimage to user key can be analyzed from two aspects. One is correlation. The other is decryption ability.
Correlation refers to the relationship between two cipherimages. Its strength can be measured by correlation coefficients. Here, two cipher images are generated with the same plainimage, slightly different user keys. According to the definition of user key sensitivity, if cipher image sensitively depends on the user key, encrypting the same image with slightly different user keys would generate two completely different cipher images, which have little correlation. Formula (3) is adopted to calculate correlation coefficients, where , represent pixel values of two cipher images, respectively. Experiment is as follows.
Suppose primary user key is , , , , , and . Each time, we slightly alter a component of the primary key to obtain a new user key. For instance, if altering the 3rd component, we can get the new user key: , , , , , and . Calculate the correlation coefficient of two cipher images, which are encrypted with the primary key and the new user key. Seen from Table 3, two cipher images have little correlation, which shows that our scheme is sensitive to user key.

In the decryption ability, Figure 9(a) shows the Lenacipher image encrypted with the primary user key. Figure 9(b) shows decrypted image of Figure 9(a) with the user key generated by making a alteration to the primary user key.
(a) Lena cipher image
(b) Error decipher image
As we have expected, if the component, no matter what, of the primary user key is changed slightly, the decrypted image would be completely different from the original image. Thus, our algorithm is extremely sensitive to the change of user key.
5.7. MinEntropy Analysis
In chaotic image encryption field, Shannon’s entropy is always utilized to do statistics analysis. But Shannon’s entropy measures the amount of randomness that a distribution contains on average. Considering the practical methods of attack, we think minentropy [21] is more suitable to do that.
Minentropy: . Equivalently, a distribution has minentropy at least if the probability of each element is bounded by . Intuitively, such a distribution contains random bits. Minentropy measures the amount of randomness on the worst case. In order to support our opinion, both Shannonentropy and minentropy are all shown in Table 4.
From Table 4, we can see that Shannon entropy of cipherPenguin is higher than that of cipherLena, but the minentropy is just the opposite. According to attacking method, cipherPenguin is easier to break. From such fact, we think minentropy is better than Shannon entropy in security analysis. In addition, Table 4 shows that the minentropy of our scheme is higher than that of the scheme in literature [11]. Thus, our scheme is more secure.
5.8. Speed Analysis
Apart from the security aspect, running speed is another important factor in measuring image encryption scheme. Due to the difference of computer configurations and code optimization ways, running speed cannot be compared directly [13]. Therefore, time complexity analysis is used. Our algorithm includes two stages. They are forward and backward encryption. Time complexity of each stage is , here, denotes feedback maximum length. Therefore, the whole algorithm time complexity is . The time complexity of paper [22] is . Thus, our algorithm is effective in speed.
Additively, in our scheme, several measures are taken to improve running speed. The first is disturbing chaotic stream by ciphertext which can effectively avoid wasting chaotic number and hence accelerate key generation. The second is only two rounds which are necessary to implement high sensitivity of ciphertext to any position plaintext. All these measures can help to accelerate the running speed.
6. Conclusion
In this paper, we present a new image encryption algorithm based on one time runningkey. Using ciphertext to disturb chaotic stream not only helps to minimize digital chaotic degradation, hence reducing the influence of degradation on security of an encryption system, but also implements one time running key and improves the encryption efficiency. Also, introducing random feedback mechanism further enhances the security of our scheme. In addition, minentropy, which more exactly measures the ability of resisting statistical attack, is first proposed to replace Shannon entropy. The last feature is chaotic map and transformation function which can be chosen according to user requirement and possessing strong flexibility and expandability. In the future, parallel implementation of image encryption scheme will be investigated.
Conflict of Interests
The authors declare that there is no conflict of interests regarding the publication of this paper.
Acknowledgments
The research is supported by the National Natural Science Foundation of China (Grant no. 61073013), the Doctoral Scientific Research Foundation of Liaoning Province (Grant no. 20121045), and the Scientific Research Foundation of Liaoning University of Technology (Grant no. X201316).
References
 X. Wei, L. Guo, Q. Zhang, J. Zhang, and S. Lian, “A novel color image encryption algorithm based on DNA sequence operation and hyperchaotic system,” The Journal of Systems and Software, vol. 85, no. 2, pp. 290–299, 2012. View at: Publisher Site  Google Scholar
 T. Xiang, K.W. Wong, and X. Liao, “Selective image encryption using a spatiotemporal chaotic system,” Chaos, vol. 17, no. 2, Article ID 023115, 12 pages, 2007. View at: Publisher Site  Google Scholar
 J. Fridrich, “Symmetric ciphers based on twodimensional chaotic maps,” International Journal of Bifurcation and Chaos, vol. 8, no. 6, pp. 1259–1284, 1998. View at: Google Scholar
 G. Chen, Y. Mao, and C. K. Chui, “A symmetric image encryption scheme based on 3D chaotic cat maps,” Chaos, Solitons & Fractals, vol. 21, no. 3, pp. 749–761, 2004. View at: Publisher Site  Google Scholar
 Y. Mao, G. Chen, and S. Lian, “A novel fast image encryption scheme based on 3D chaotic baker maps,” International Journal of Bifurcation and Chaos, vol. 14, no. 10, pp. 3613–3624, 2004. View at: Publisher Site  Google Scholar
 J. Shen, X. Jin, and C. Zhou, “A color image encryption algorithm based on magic cube transformation and modular arithmetic operation,” in Advances in Multimedia Information Processing, vol. 3768 of Lecture Notes in Computer Science, pp. 270–280, Springer, 2005. View at: Google Scholar
 X. He, Q. Zhu, and P. Gu, “A new chaosbased encryption method for color image,” in Rough Sets and Knowledge Technology, vol. 4062 of Lecture Notes in Computer Science, pp. 671–678, Springer, 2006. View at: Google Scholar
 C. Li and G. Chen, “On the security of a class of image encryption schemes,” in Proceedings of the IEEE International Symposium on Circuits and Systems (ISCAS '08), pp. 3290–3293, Seattle, Wash, USA, May 2008. View at: Publisher Site  Google Scholar
 G. Alvarez and S. Li, “Some basic cryptographic requirements for chaosbased cryptosystems,” International Journal of Bifurcation and Chaos, vol. 16, no. 8, pp. 2129–2151, 2006. View at: Publisher Site  Google Scholar
 E. Solak, C. Çokal, O. T. Yildiz, and T. Biyikoǧlu, “Cryptanalysis of fridrich's chaotic image encryption,” International Journal of Bifurcation and Chaos, vol. 20, no. 5, pp. 1405–1413, 2010. View at: Publisher Site  Google Scholar
 C. Zhu and K. Sun, “Chaotic image encryption algorithm by correlating keys with plaintext,” China Communications, vol. 9, no. 1, pp. 73–79, 2012. View at: Google Scholar
 X. Zhang, G. Zhu, and S. Ma, “Remotesensing image encryption in hybrid domains,” Optics Communications, vol. 285, no. 7, pp. 1736–1743, 2012. View at: Publisher Site  Google Scholar
 H. Liu and X. Wang, “Tripleimage encryption scheme based on onetime key stream generated by chaos and plain images,” Journal of Systems and Software, vol. 86, no. 3, pp. 826–834, 2013. View at: Google Scholar
 A. Kanso and M. Ghebleh, “A novel image encryption algorithm based on a 3D chaotic map,” Communications in Nonlinear Science and Numerical Simulation, vol. 17, no. 7, pp. 2943–2959, 2012. View at: Publisher Site  Google Scholar
 L.Y. Sheng, Y.Y. Xiao, and Z. Sheng, “A universal algorithm for transforming chaotic sequences into uniform pseudorandom sequences,” Acta Physica Sinica, vol. 57, no. 7, pp. 4007–4013, 2008. View at: Google Scholar
 F. Zheng, X.J. Tian, J.Y. Song, and X.Y. Li, “Pseudorandom sequence generator based on the generalized Henon map,” The Journal of China Universities of Posts and Telecommunications, vol. 15, no. 3, pp. 64–68, 2008. View at: Publisher Site  Google Scholar
 S. Li, G. Chen, and X. Mou, “On the dynamical degradation of digital piecewise linear chaotic maps,” International Journal of Bifurcation and Chaos, vol. 15, no. 10, pp. 3119–3151, 2005. View at: Publisher Site  Google Scholar
 S.B. Liu, J. Sun, Z.Q. Xu, and J.S. Liu, “Digital chaotic sequence generator based on coupled chaotic systems,” Chinese Physics B, vol. 18, no. 12, pp. 5219–5227, 2009. View at: Publisher Site  Google Scholar
 F. Takens, “On the numerical determination of the dimension of an attractor,” in Dynamical System and Turbulence, vol. 898 of Lecture Notes in Mathematics, pp. 230–241, Springer, 1981. View at: Google Scholar
 C. Shannon, “Communication theory of secrecy systems,” Bell System Technical Journal, vol. 28, no. 4, pp. 656–715, 1949. View at: Google Scholar
 R. Shaltiel, “Recent developments in explicit constructions of extractors,” Bulletin of the EATCS, vol. 77, pp. 67–95, 2002. View at: Google Scholar
 G. Zhang and Q. Liu, “A novel image encryption method based on total shuffling scheme,” Optics Communications, vol. 284, no. 12, pp. 2775–2780, 2011. View at: Publisher Site  Google Scholar
Copyright
Copyright © 2014 Cao Guanghui et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.