Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG 1
Abstract—In this paper, we survey A5/1 and W7 stream ciphers as methods for protecting the distribution of digital images in
an efficient and secure way. So, we performed a series of tests and some comparisons to justify their efficiency for image
encryption. These tests included key space analysis, histogram analysis, Randomness Tests, information entropy, encryption
quality, correlation analysis, differential analysis, sensitivity analysis and performance analysis. All parts of this study were
simulated using MATLAB code. Based on all analysis and experimental results, it can be concluded that, the surveyed ciphers
are efficient and Feasible with high potential to be adopted for image encryption.
—————————— ——————————
1 INTRODUCTION
encryption schemes under study and visual test is per- tests if the computed P-value is < 0.01, then conclude that
formed. An example is shown in Fig. 4. Fig. 4 shows his- the sequence is non-random. Otherwise, conclude that the
togram analysis on test image using proposed algorithm. sequence is random.
The histogram of original image contains large sharp rises Figs. 5(a) and 5(b) illustrate that the image sequences
followed by sharp declines as shown in Fig. 4(d), and the encrypted by A5/1 and W7 have no defect and pass all
histograms of the encrypted images as shown in Figs. 4(e) the statistical tests with high P-values.
and 4(f) have uniform distribution which is significantly
different from original image and has no statistical simi-
larity in appearance. Therefore, the surveyed algorithms
do not provide any clue for statistical attack. The en-
crypted image histogram, approximated by a uniform
distribution, is quite different from plain-image histo-
gram. Uniformity caused by encryption algorithms is jus-
tified by the chi-square test [18] as follows:
256
(v k − e k ) 2
2
χtest = ∑ ek
(1)
k =1
where k is the number of gray levels (256), vk is the ob-
served occurrence frequencies of each gray level (0–255),
and ek is the expected occurrence frequency of each gray
level. For example, if plain-image size is 256×256 then ek =
256. Assuming a significant level of 0.05, (a)
χ 2 (255, 0.05) 293 . It is found that for A5/1 and W7:
2
χtest < χ 2 (255, 0.05) , implying that the null hypothesis is
not rejected and the distribution of the encrypted image
histogram is uniform. Relatively uniform distribution in
cipher-images histograms points out good quality of me-
thods.
(b)
Fig. 5. Results of NIST tests for the image sequences encrypted by
(a) A5/1 and (b) W7.
(d) (e) (f)
Fig. 4. Result of visual testing and histogram analysis: figures (a), (b)
3.4 Information Entropy
and (c) show plain-image, A5/1 cipher-image and W7 cipher-image,
Information theory is the mathematical theory of data
respectively. Figures (d), (e) and (f) show histogram of plain-image,
communication and storage founded in 1949 by Shannon
A5/1 cipher-image and W7 cipher-image, respectively.
[20]. Information entropy is defined to express the degree
3.3 Randomness Tests of uncertainties in the system. It is well known that the
To ensure the security of a cryptosystem the cipher entropy H(m) of a message source m can be calculated as:
must have some properties such as good distribution,
2 N −1 1
long period, high complexity and efficiency. In particular,
the outputs of a cryptosystem must be unpredictable in
H (m ) = ∑ i =0 P (m i ) log 2
P (m i )
(2)
the absence of knowledge of the inputs. The NIST de-
signed a set of different statistical tests to test randomness Where P ( m i ) represents the probability of symbol m i
of binary sequences produced by either hardware or and the entropy is expressed in bits. Let us suppose that
software based cryptographic random or pseudorandom the source emits 28 symbols with equal probability, i.e.,
number generators. These tests focus on a variety of dif- m = {m1 , m 2 ,..., m 28 } . Truly random source entropy is
ferent types of non-randomness that could exist in a se- equal to 8. Actually, given that a practical information
quence. The mathematical description of each test can be source seldom generates random messages, in general its
found at [19]. So, we used the NIST test suite in order to entropy value is smaller than the ideal one. However,
test the randomness of the surveyed algorithms. In all when the messages are encrypted, their entropy should
JOURNAL OF COMPUTING, VOLUME 2, ISSUE 8, AUGUST 2010, ISSN 2151-9617
HTTPS://SITES.GOOGLE.COM/SITE/JOURNALOFCOMPUTING/
WWW.JOURNALOFCOMPUTING.ORG 4
5.2.08 Couple 512×512 Grey 7.9994 7.9991 x and y are intensity values of two neighboring pixels in
5.2.09 Aerial 512×512 Grey 7.9993 7.9993 the image and N is the number of adjacent pixels selected
5.2.10 Bridge 512×512 Grey 7.9994 7.9991 from the image to calculate the correlation. 1000 pairs of
5.3.01 Pirate 1024×1024 Grey 7.9998 7.9998 two adjacent pixels are selected randomly from image to
5.3.02 Airport 1024×1024 Grey 7.9998 7.9997 test correlation. Correlation test image is depicted in Fig.
4(a). Fig. 6 shows the correlation distribution of two adja-
cent pixels in the plain-image and cipher-image. It is ob-
3.5 Encryption Quality served that neighboring pixels in the plain-image are cor-
Plain-image pixels values change after image encryption as related too much, while there is a little correlation be-
compared to their original values before encryption. Such tween neighboring pixels in the encrypted image. Results
change may be irregular. This means that the higher the for correlation coefficients of A5/1 and W7 are listed in
change in pixels values, the more effective will be the image table 3. Correlation coefficients analysis shows that A5/1
encryption and hence the encryption quality [21]. So the dissipates the vertical and diagonal correlation of adjacent
encryption quality may be expressed in terms of the total pixels better than W7.
changes in pixels values between the plain-image and the
cipher-image. Luo et al. proposed a measurement by compu- Correlation Distribution of two Adjacent Pixels
ting the relative error [22], which for an image of H×W is Analysis Vertical Horizontal Diagonal
defined as
H −1 W −1
1 | P (i , j ) − C (i , j ) |
ARE =
HW ∑∑ | P (i , j ) |
(3) Plain‐image
i =0 j =0
which gives the average relative error of a pixel. The
higher the ARE value, the better the encryption quality.
We computed the average relative error between plain-
A5/1
image and cipher-image caused by the cryptosystems
under study and listed the results in table 2. Table 2 illu-
strates that A5/1's ARE values are higher than W7's. So,
Cipher-image
A5/1 algorithm has a better encryption quality compared
to W7.
W7
TABLE 3 result shows that the rate influence due to one pixel
CORRELATION COEFFICIENTS OF TWO ADJACENT PIXELS IN change is very low. The results demonstrate that a swiftly
PLAIN-IMAGE AND CIPHER-IMAGE. change in the original image will result in a negligible
Correlation Coefficient Analysis change in the ciphered image. Unfortunately, A5/1 and
Image Adjacent Pixels Orientation W7 encryption schemes fail to satisfy plaintext sensitivity
Vertical Horizontal Diagonal requirement. The reason lies in their mode of operation.
Plain-image 0.8880 0.9672 0.8507 The function of A5/1 and W7 operates in counter mode
A5/1 0.0155 0.0927 0.0066 and does not mangle plaintext in a complicated way like
Cipher-image other ciphers.
W7 0.1454 0.0850 0.0344
TABLE 4
3.7 Differential Analysis COMPARISON BETWEEN MAE OF A5/1 AND W7.
In general, a desirable property for an encrypted image is Method MAE
being sensitive to the small changes in plain-image (e.g., A5/1 72.9768
modifying only one pixel). Opponent can create a small W7 72.7620
change in the input image to observe changes in the re-
sult. By this method, the meaningful relationship between TABLE 5
original image and encrypted image can be found. If one NPCR AND UACI COMPARISON OF A5/1 AND W7.
small change in the plain-image can cause a significant Method NPCR UACI
change in the cipher-image, with respect to diffusion and A5/1 0.0015% 0.0005%
confusion, then the differential attack actually loses its W7 0.0015% 0.0005%
efficiency and becomes practically useless. Three common
measures were used for differential analysis: MAE, NPCR
and UACI [24, 25]. MAE is mean absolute error. The lar- 3.8 Sensitivity Analysis
ger the MAE value, the better the encryption security. An ideal image encryption procedure should be sensitive
NPCR means the number of pixels change rate of ci- with the secret key. It means that the change of a single
phered image while one pixel of plain-image is changed. bit in the secret key should produce a completely differ-
UACI which is the unified average changing intensity, ent cipher-image. For testing the key sensitivity of the
measures the average intensity of the differences between encryption schemes under study, the test image shown in
the plain-image and ciphered image. Fig. 4(a) is encrypted using A5/1 and W7. The secret keys
Let C (i, j) and P (i, j) be the gray level of the pixels at the used for A5/1 are "A = 0123456789abcdef" (in hexadecim-
ith row and jth column of a W×H cipher and plain-image, al) and "B = 1123456789abcdef ". Also, the secret keys
respectively. The MAE between these two images is de- used for W7 are "C= 0123456789abcdef0123456789abcdef"
fined in (in hexadecimal) and "D = 1123456789abcdef0123456789
W H abcdef".Fig. 7 shows key sensitivity test result. It is not
1
MAE =
W ×H ∑∑ | C (i , j ) − P (i , j ) | (5) easy to compare the encrypted images by simply observ-
ing these images. So for a better comparison, the cipher-
j =1 i =1
Consider two cipher-images, C1 and C2, whose corre- images histograms are depicted in Fig. 7. It can be ob-
sponding plain-images have only one pixel difference. served that two encrypted images with a slightly different
The NPCR of these two images is defined in key are quite different. To ease the comparison, the per-
∑
centage of different pixels between the cipher-images un-
D(i, j )
i, j der these two different keys is listed in table 6. Therefore,
NPCR = × 100% (6)
W ×H the surveyed image encryption schemes are highly key
Where D (i , j ) is defined as sensitive.
⎧0, if C1 (i , j ) = C 2 (i , j ),
⎪
D (i , j ) = ⎨ (7)
⎪⎩1, if C1 (i , j ) ≠ C 2 (i , j ).
Another measure, UACI, is defined by the following
formula: (a) (b)
1 | C (i , j ) − C 2 (i , j ) |
UACI =
W ×H
× ∑
i,j
[ 1
255
] × 100% (8)