Extended substitutiondiffusion based image cipher

using chaotic standard map

Anil Kumar
*
, M.K. Ghose
Computer Science and Engineering Department, Sikkim Manipal Institute of Technology, Sikkim, India
a r t i c l e i n f o
Article history:
Received 25 September 2009
Received in revised form 28 January 2010
Accepted 12 April 2010
Available online 20 April 2010
Keywords:
Chaotic standard map
Diffusion
Encryption
a b s t r a c t
This paper proposes an extended substitutiondiffusion based image cipher using chaotic
standard map [1] and linear feedback shift register to overcome the weakness of previous
technique by adding nonlinearity. The rst stage consists of row and column rotation and
permutation which is controlled by the pseudo-random sequences which is generated by
standard chaotic map and linear feedback shift register, second stage further diffusion
and confusion is obtained in the horizontal and vertical pixels by mixing the properties
of the horizontally and vertically adjacent pixels, respectively, with the help of chaotic
standard map. The number of rounds in both stage are controlled by combination of
pseudo-random sequence and original image. The performance is evaluated from various
types of analysis such as entropy analysis, difference analysis, statistical analysis, key sen-
sitivity analysis, key space analysis and speed analysis. The experimental results illustrate
that performance of this is highly secured and fast.
2010 Elsevier B.V. All rights reserved.
1. Introduction
Security of multimedia data is most important days due to the widespread transmission over various communication net-
works. It has been observed that the traditional encryption schemes [2] fail to protect multimedia data due to some special
properties and some specic requirements of multimedia processing systems, such as mammoth size and strong redundancy
of uncompressed data.
The fundamental features of chaotic systems such as ergodicity, mixing property, sensitivity to initial conditions, system
parameters and which can be considered analogous to ideal cryptographic properties such as confusion, diffusion, balance
and avalanche properties. Hence, many chaos-based encryption systems also proposed [1,36]. Many chaos-based cryptog-
raphy schemes have been successfully cryptanalyzed [79].
In this paper, we have proposed an extended symmetric image encryption by using the chaotic 2D standard map and lin-
ear feedback shift register which in turn introduces the nonlinearity which is the main limitation of the Patidar et al. [1]. The
proposed algorithm comprises three stages, viz. (i) Generation of pseudo-random sequences and synthetic images. (ii) Hor-
izontal, vertical rotation and permutation and XORing with synthetic image. (iii) Vertical, horizontal diffusion and XORing
with synthetic image.
Pseudo-random sequences is generated by linear feedback shift register and standard chaotic map, while the synthetic
images are generated using standard chaotic map. Total number of rounds for two stages are calculated using pseudo-ran-
dom sequence which is generated using standard chaotic map and original image.
1007-5704/$ - see front matter 2010 Elsevier B.V. All rights reserved.
doi:10.1016/j.cnsns.2010.04.010
* Corresponding author.
E-mail address: dahiyaanil@yahoo.com (A. Kumar).
Commun Nonlinear Sci Numer Simulat 16 (2011) 372382
Contents lists available at ScienceDirect
Commun Nonlinear Sci Numer Simulat
j our nal homepage: www. el sevi er . com/ l ocat e/ cnsns
The rest of the paper is organized as follows: In Section 2, brief description chaos, linear feedback shift register and of the
Patidar [1] cryptosystem. The detailed algorithms of the proposed encryption procedures is discussed in Section 3. In Section
4, analysis of the proposed image cipher and evaluate its performance through various statistical analysis, key sensitivity
analysis, differential analysis, key space analysis, speed analysis, etc. Finally, Section 5 concludes the paper.
2. Basic of chaos, LFSR and brief discussion of cryptosystem [1]
2.1. Chaotic sequence
It has a long circle, sensitive to initial value, and unpredictability. The encryption with chaos is fast, so it is widely com-
bined with traditional encryption.
The general chaotic system model is given as below
xn f xn 1 1
where the x(n) is a chaotic sequence generated by the nonlinear f(.), x(0) are the initial condition values.
The 1D logistic maps whose chaotic intervals are both in [0, 1] as follows
X
n1
X
n
l1 X
n
2
where l[0, 4] and X[0, 1]
The compound chaotic functions whose chaotic intervals are both in [1, 1] as follows
Fx
8x
4
8x
2
1. . . ; x < 0
4x
3
3x . . . ; x P0:
_
3
The chaotic standard map have a large key space compared to another maps Lian et al. [10].
X
n1
X
n
K sinY
n
Y
n1
Y
n
X
n1
4
where X
n
and Y
n
are taken modulo 2p and K is constant.
We will generate the pseudo-random sequences using Eq. (4) which in turn used for generating the synthetic images and
in calculating the numbers of rounds.
2.2. Linear feedback shift register
A Linear feedback shift register (LFSR) is a mechanism for generating binary sequences [11]. Fig. 1 shows a general model
of an n-bit LFSR.
LFSR are extremely good pseudo-random binary sequence generators [11]. When this register is loaded with any given
initial value (except 0 which will generate a pseudo-random binary sequence of all 0s) it generates pseudo-random binary
sequence which has very good randomness and statistical properties.
The only signal necessary for the generation of the binary sequence is a clock pulse. With each clock pulse a bit of the
binary sequence is produced. A example of 4-bit LFSR is considered to demonstrate the functioning of LFSR with the feedback
function f = 1 + x + x
4
. Its initial bit values are used (1111).
The output sequence Z
n
: 011111000000001. . . Generated by LFSR in is periodic of period 15.
Period of the sequence generated by LFSR is maximum if we use the primitive polynomial. To design any stream cipher
system, one needs to consider the LFSR with primitive feedback polynomials as the basic building blocks. The pseudo-ran-
dom sequence depends upon the initial seed value and feedback function.
Fig. 1. A general model of n bit linear feedback shift register.
A. Kumar, M.K. Ghose / Commun Nonlinear Sci Numer Simulat 16 (2011) 372382 373
2.3. Brief description of cryptosystem [1]
Patidar et al. [1] proposed a cryptosystemwhich was utilizes the chaotic 2Dstandard map and 1Dlogistic map and which is
specically designed for the coloured images. The initial condition value, number of iterations together consider as the secret
key for the algorithm. The algorithmcomprises four rounds: two for the substitution and two for the diffusion. The rst round
of substitution/confusion is achieved with the help of intermediate XORing keys calculated from the secret key. Then two
rounds of diffusion namely the horizontal and vertical diffusions are completed by mixing the properties of horizontally
and vertically adjacent pixels, respectively. In the fourth round, a robust substitution/confusion is accomplished by generating
an intermediate chaotic key stream (CKS) image in a novel manner with the help of chaotic standard and logistic maps.
Rhouma et al. [8] shows that all the steps are linear in nature and Rhouma also shows that this cryptosystem vulnerable
to attacks by dividing the cryptosystem procedure in two majors successive steps: (1) the diffusion process and (2) the mask-
ing process.
3. Proposed method
In the encryption, it includes the input image, secret keys. First, generation of pseudo-random sequences and synthetic
images using standard chaotic map explained in Section 3.1, calculation of the numbers of rounds in Section 3.2, generation
of pseudo-random sequence using LFSR explained in Section 3.3, rotation and permutation and XORing with synthetic image
explained in Section 3.4, diffusion and XORing with synthetic image explained in Section 3.5, and decryption discussed in
Section 3.6.
3.1. Generation of synthetic images and pseudo-random sequence using standard chaotic map
Here, generation of synthetic images and pseudo-random sequences is discussed. Refer Algorithm 1. As we know that
conversion oating-point number to integer is required for the chaos based encryption, this conversion and multiplication
are time consuming compare to modulus, addition, XOR, etc. operations [13]. Hence, in the proposed method for generation
of the synthetic images oating-points to integer conversions and multiplication is reduced into order decrease the compu-
tational complexity.
1. The secret key consists of three oating-point numbers and one integer (x
0
, y
0
, K, N), where x
0
, y
0
2 (0, 2p), K can have any
real value greater than 18.0 and N is any integer value, ideally should be greater than 100.
2. By iterating Eq. (4) W*H + N times, the pseudo-random sequence generated as XKey and YKey by taking last 256 values.
3. The synthetic images and scaled pseudo-random sequence are explained in Algorithm 1.
Algorithm 1. Synthetic images generation and scaled pseudorandom sequence
for i = 1 to 256
X1i
XKeyi
2p
256
_ _
;
Y1i
YKeyi
2p
256
_ _
;
end
for i = 257 to W*H
X1i Y1X1i 256 bsY1X1i 128 bsY1X1i 64;
//Where bs is the byte substitution taken from AES
Y1i XKey1Y1i 256 bsX1Y1i 128 bsX1Y1i 64;
end
SImage1 = reshape (X1,W,H);
SImage2 = reshape (Y1,W,H);
3.2. Numbers of rounds
The numbers of rounds for both rotation and diffusion is depends upon the pseudo-random sequence generated using
standard chaotic map and original image. Refer Algorithm 2.
Algorithm 2. Numbers of rounds
1. Read the image, let the size of image is W*H. XOR all the bytes of the image let it be IXOR.
2. XOR of the values of the pseudo-random sequence X1 as KXORX and of Y1 as KXORY.
3. The number of the rounds for rotation N
R
= mod(XOR(IXOR, KXORX), 5) + 1.
4. The number of the rounds for diffusion N
D
= mod(XOR(IXOR, KXORY), 5) + 1.
374 A. Kumar, M.K. Ghose / Commun Nonlinear Sci Numer Simulat 16 (2011) 372382
3.3. Generation of pseudo-random sequence using LFSR
Here, the pseudo-randomsequence generated using LFSR for all values (1, 256) considering the size of image is 256 256.
Considering the original image size is 256 256.
Generate the pseudo-random sequences using the primitive root x
8
+ x
6
+ x
5
+ x
4
+ 1. Refer Algorithms 3 and 4.
Algorithm 3. Function to calculate pseudo-random sequence generation using LFSR
function D = LFSR (input)
for i = 1 to 256
if i = 256
D(i) = 256;
else
D(i) = A;
B = dec2binvec (A,8);
c = bitxor(B
6
, B
5
, B
4
);
C = circshift(B, [0 1]);
C(1) = c;
A = binvec2dec(C);
end
end
Algorithm 4. Pseudo-random sequences generation using LFSR
for i = 1 to 256
D = LFSR(i);
LFSROut(i, :) = D;
end
save output LFSROut
3.4. Rotation, permutation and XORing
Here, the concept of the circular rotation, permutation and XOR using synthetic image (SImage1) is used. All row trans-
formation in the right direction, and all column rotation up direction. All addition are done with mod(256).The image [W*H]
elements are regarded as a set and are fed into an W*H matrix. Refer Algorithm 5.
Algorithm 5. Rotation, Permutation and XORing
for i = 1 to N
R
1. XOR transformed data with synthetic image SImage1.
2. Permute each row coefcients using the pseudo-random sequence generated using LFSROut (Y1(X1(i + row
number))).
3. Permute each column coefcients using the pseudo-random sequence generated using LFSROut (X1(Y1(i + column
number)))
4. Transformed each row of the matrix using rotation function which is controlled by X1(Y1(i + row number)).
5. Transformed each column of the matrix using rotation function which is controlled by Y1(X1(i + column number)).
end
The circulation functions are:
Denition 1. The rotate X
i
r
to rotate each data in the i
th
row of the matrix r times in the right direction.
Denition 2. The rotate Y
j
s
to rotate each data in the j
th
column of the matrix s times in the up direction.
The calculation involved are easily explained using the following example
A. Kumar, M.K. Ghose / Commun Nonlinear Sci Numer Simulat 16 (2011) 372382 375
Let matrix M
1 2 3 4 5 6 7 8
9 10 11 12 13 14 15 16
17 18 19 20 21 22 23 24
25 26 27 28 29 30 31 32
33 34 35 36 37 38 39 40
41 42 43 44 45 46 47 48
49 50 51 52 53 54 55 56
57 58 59 60 61 62 63 64
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
Rotate X
3
3

1 2 3 4 5 6 7 8
9 10 11 12 13 14 15 16
20 21 22 23 24 17 18 19
25 26 27 28 29 30 31 32
33 34 35 36 37 38 39 40
41 42 43 44 45 46 47 48
49 50 51 52 53 54 55 56
57 58 59 60 61 62 63 64
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
Rotate Y
3
3

1 2 27 4 5 6 7 8
9 10 35 12 13 14 15 16
17 18 43 20 21 22 23 24
25 26 51 28 29 30 31 32
33 34 59 36 37 38 39 40
41 42 3 44 45 46 47 48
49 50 11 52 53 54 55 56
57 58 19 60 61 62 63 64
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
_
3.5. Diffusion and XORing
In cryptography, diffusion plays most important part, which refers to the process of spreading out the bits in the mes-
sage so that redundancy in the plaintext is spread out over the complete cipher text. Especially in images, where the
redundancy is large, the process of diffusion is a necessary requirement to develop a secure encryption technique. Diffusion
process changes the statistical properties of the image by spreading the inuence of each bit of the plain image all over the
cipher image, which removes the possibility of differential attacks by comparing the pair of plain and cipher images. Refer
Algorithm 6.
Algorithm 6. Diffusion and XORing
for i = 1 to N
D
1. XOR transformed data with synthetic image SImage2.
2. Modify second row by XORing of the rst row and second row, modify third row by XORing of the modied second
row and third row and the process continues till the end of the image, which in turn gives the vertical diffusion.
3. Modify second last column by XORing of the last column and second last column, modify third last column by XOR-
ing of the modied second last column and third last column and the process continues till the rst column, which in
turn gives the horizontal diffusion.
end
3.6. Decryption
Decryption can be obtained as exact reverse of the encryption as discussed in above sections.
4. Security and performance analysis
An robust encryption scheme should resist against various kinds of attacks such as ciphertext only attack, known plain-
text attack, statistical attacks, brute-force attacks, etc. Results of the security and performance analysis performed on the
proposed image encryption technique.
376 A. Kumar, M.K. Ghose / Commun Nonlinear Sci Numer Simulat 16 (2011) 372382
4.1. Statistical analysis
4.1.1. Histograms of encrypted image
We have analyzed of the histograms of 10 plain images and their corresponding cipher images using various combina-
tions of the secret key. One example of such histogram analysis is shown in Fig. 2. We have taken the image Lena
(256*256 pixels) and the secret keys (x
0
= 4.94785238984676, y
0
= 0.31256128342389, K = 131.7183545564243 and
N = 110). It is clear that the histograms of the cipher image are fairly uniform and signicantly different from the respective
histograms of the plain image and hence does not provide any type of information to employ statistical attack on the encryp-
tion scheme.
4.1.2. Correlation of two adjacent pixels
For any given image each pixel is highly correlated with its adjacent pixels in horizontal, vertical and diagonal direction.
An ideal encryption technique should produce the encrypted image with no such correlation in the adjacent pixels. It is an
effective tool to assess the measure of encryption-efciency in terms minimum correlation between corresponding pixels.
Let the size of image is W*H and represented as X(i, j) in matrix form.
C
N

N
k1
fa
k
b
k
g
_ _

N
j1
a
k

N
k1
b
k

N
k1
fa
2
k
g

N
k1
fa
k
g
_ _
2
_ _
N

N
k1
b
2
k
_ _

N
k1
fb
k
g
_ _
2
_ _
5
1. Horizontal correlation a
k
= X(i, j) and b
k
= X(i, j + 1) with condition 1 6 i 6 H, 1 6 j 6 W 1 and take any N pairs of (a, b)
samples with different values of i and j.
2. Vertical correlation a
k
= X(i, j) and b
k
= X(i + 1, j) with condition 1 6 i 6 H 1, 1 6 j 6 W and take any N pairs of (a, b) sam-
ples with different values of i and j.
3. Diagonal correlation a
k
= X(i, j) and b
k
= X(i + 1, j + 1) with condition 1 6 i 6 H 1, 1 6 j 6 W 1 and take any N pairs of
(a, b) samples with different values of i and j.
4.1.3. Correlation between original and cipher images
We have analyzed the correlation between various pairs of original and cipher images by computing the 2D correlation
coefcients between original and encrypted images. We have chosen 10 images for this analysis (cf. Tables 1 and 2).
0
100
200
300
400
500
600
700
800
0 50 100 150 200 250
0
100
200
300
400
500
600
0 50 100 150 200 250
Fig. 2. Experimental results: (a) Lena image; (b) encrypted image; (c) histogram of Lena image; (d) histogram of encrypted image.
Table 1
Correlation coefcients for the two adjacent pixels in the original and encrypted shown in Fig. 2.
Original image (Fig. 2(a)) Encrypted image (Fig. 2(b))
Horizontal 0.9187 0.0004992
Vertical 0.9511 0.00198
Diagonal 0.8934 0.0008371
Table 2
Average correlation between the original and cipher images.
Plain vs Encrypted image Correlation
0.00182
A. Kumar, M.K. Ghose / Commun Nonlinear Sci Numer Simulat 16 (2011) 372382 377
4.2. Sensitivity analysis of the encryption.
4.2.1. Sensitivity analysis for the cipher to key
A good encryption algorithm must possess the property that a slight change in the key changes the encrypted le almost
completely. The key sensitivity of a cryptosystem is observed by two different method.
1. Encrypted image should be very sensitive to the secret key. If we use two slightly different keys to encrypt the same
image then the correlation between two encrypted images should be negligible. Results are shown in Table 3.
(a) First Lena image is encrypted by using a pair of keys of 4.94785238984676 and 0.31256128342389, and then the least
signicant bit of key x is changed. The new keys become 4.94785238984675 and 0.31256128342389 in this example,
which are used to encrypt the Lena image. The resulting image is Fig. 3(b).
(b) Now change the least signicant bit of y of the original key.The new keys become 4.94785238984676 and
0.31256128342388 in this example, which are used to encrypt the Lena image.The resulting image is Fig. 3(c).
2. The encrypted image should not be decrypted correctly if there is slight difference between the encryption and decryp-
tion keys. We will encrypt image by using the pairs of key 4.94785238984676 and 0.31256128342389. After try to decrypt
with slight change in keys.
First by changing least signicant bit of x key, and decrypt with keys 4.94785238984675 and 0.31256128342389. The
resulting image is Fig. 4(b).
After that changing the least signicant bit of y key, and decrypt with keys 4.94785238984676 and 0.31256128342388.
The resulting image is Fig. 4(c).
4.2.2. Difference attacks sensitivity analysis for the cipher to plaintext
For implementation of various types of attacks such as known plaintext attack, chosen plaintext attack and more ad-
vanced adaptive chosen plaintext attack, a slight change in plain image and compare the encrypted images in order to extract
some relationship between plain image and encrypted image, which help attackers in determining the secret key. Such anal-
ysis is termed as differential cryptanalysis in cryptographic terminology. If one minor change in the original image causes
large changes in the encrypted image then such differential analysis may become useless.
Table 3
Sensitivity analysis for the cipher to key.
Test item Test results
Sensitivity for cipher to key (key difference ( 10exp 14) in x
0
) 0.00173
Sensitivity for Cipher to Key (key difference ( 10exp 14) in y
0
) 0.0005932
Fig. 3. Sensitivity analysis for the cipher to keys when encrypt with slightly different key: (a) encrypted image; (b) encrypted image with change in x; (c)
encrypted image with change in y.
Fig. 4. Sensitivity analysis for the cipher to keys when decrypt with slightly different key: (a) decrypted image with original key; (b) decrypted Image with
change in x; (c) decrypted Image with change in y.
378 A. Kumar, M.K. Ghose / Commun Nonlinear Sci Numer Simulat 16 (2011) 372382
We have measured the number of pixels change rate by calculating the number of pixel change rate (NPCR) and the uni-
ed average changing intensity (UACI) of the two encrypted images. And we have also calculated the correlation between
these two encrypted image which is 0.0002342.
NPCR

H
i1

W
j1
fD
ij
g
W H
100 6
UACI
1
W H

H
i1

W
j1
fC
1
i; j C
2
i; jg
255
_ _
100 7
where W and H are the width and height of encrypted image. Two encrypted images C
1
and C
2
, whose corresponding original
images have only 1-pixel difference. We dene a two-dimensional array D, which has the same size as C
1
and C
2
. If C
1
(i, j) = -
C
2
(i, j), then D
i,j
= 0, otherwise D
i,j
= 1.
The proposed image encryption technique shows extreme sensitivity on the original and hence not vulnerable to the dif-
ferential attacks (see Table 4 and Fig. 5).
4.2.3. Avalanche criterion
As we knowthat if one bit change in the plaintext should make ideally 50% difference in the bits of the cipher, and we also
done analysis about the changing rate of the bits of the cipher, the changing rate is 49.97%, so our scheme is nearly ideal.
4.3. Experimental proof for chosen plaintext attack
The various attacks are following that can be done by adversary.
1. Ciphertext only: Adversary possesses a string of cipher data. Adversary is to recover the plaintext, or nd the key.
2. Known plaintext: Adversary possesses a string of plaintext a, and the corresponding cipher text b. Adversary is to nd the
key or an approach so that he can decrypt a new cipher encrypted with the help of the same key.
3. Chosen plaintext: Adversary has obtained temporary access to the encryption machinery. So, he can choose a plaintext of
his choice string a, and can construct the corresponding encrypting string b.
4. Chosen cipher text: Adversary has obtained temporary access to the decryption machinery. So he can choose a ciphertext
of his choice string b, and can get corresponding plaintext string a. Adversary is to nd the key.
Take picture X and Y are encrypted in the same key [3], and the plaintext Y as PlainY, the key as K, XOR key and Plaintext as
Z
0
Y
XORPlainY; K, the permutation and diffuse this of Z
0
Y
as Z
Y
PZ
0
Y
, and K
0
= XOR(Z
Y
, PlainY).
Permutation and diffusion performed on the XOR value Z
0
Y
, so it is not possible to decrypt Z
0
X
with the key K
0
. Because
K
0
K. And therefore the attack matrix has no use in proposed technique.
The original images are Figs. 6(a) and (b), the corresponding encrypted images are Figs. 6(c) and (d). We try to recover
Fig. 6(b) from Fig. 6(a) and (c) by the iterating attack matrix, Fig. 6(e) on the basis of this we can say that the proposed
scheme is safe to against the method of attack matrix. So the our scheme is safe to against the attack of iterating attack ma-
trix [12].
Table 4
Sensitivity to plaintext.
Test item Test results
NPCR 0.9972
UACI 0.32821
Fig. 5. Difference attacks sensitivity analysis for the cipher to plaintext: (a) encrypted image; (b) encrypted Image with 1-bit change in original image.
A. Kumar, M.K. Ghose / Commun Nonlinear Sci Numer Simulat 16 (2011) 372382 379
4.4. Speed analysis
The running speed of a cryptosystem is the most important parameter for the practical applications. In order to achieve
this,the computational complexity is decreased by decreasing the numbers of multiplication and oating-points number to
integer conversion [13]. To support our analysis, we have performed various basic operations which are repeated 10,000,000
times on two computers with different conguration, where PC1 with a 2.1 GHz Pentium processor and 2G RAM and PC2
with a 2.67 GHz HPZ400 workstation and 6G RAM. Results are shown in Table 6 shows that multiplication and conversion
from oating-points to integers should be avoided to get high efciency for encryption and decryption.
Let consider the gray scale image of W width and H height (Table 5).
4.4.1. Patidar cryptosystem
1. Calculation of XOR key
(a) Multiplication: 2*W*H.
(b) Floating-points number to integer conversion: W*H.
(c) Modolus: 0.5*W*H.
2. Confusion using XOR key
(a) XOR: W*H.
3. Diffusion
(a) XOR: 2*W*H.
4. Generation of CKS
(a) Total multiplication: 7*W*H.
(b) Floating-points number to integer conversion: W*H.
(c) Modulus: 2*W*H.
(d) Addition: 3*W*H.
5. Confusion using CKS image
(a) XOR: W*H.
6. Total
(a) Multiplication: 9*W*H.
(b) Floating-points number to integer conversion: 2*W*H.
(c) XOR: 4*W*H.
(d) Modulus: 3*W*H.
(e) Addition: 3*W*H.
4.4.2. Proposed cryptosystem
1. Generation of Synthetic image
(a) Multiplication: 6*256.
(b) Floating-points number to integer conversion: 6*256.
Table 5
Computational complexity.
Computation Patidar cryptosystem Proposed cryptosystem
FP number to integer conversion 2*W*H 1536
Multiplication 9*W*H 1536
Modulus 3*W*H 1536
XOR 4*W*H (3*N
D
+ N
R
+ 2) *W*H
Addition 3*W*H
Permutation N
R
*(W + H)
Rotation N
R
*(W + H)
Fig. 6. Attack matrix: (a) Lena image; (b) house image; (c) encrypted Lena image; (d) encrypted house image; (e) attack to (b) by using (a) and (c).
380 A. Kumar, M.K. Ghose / Commun Nonlinear Sci Numer Simulat 16 (2011) 372382
(c) Modolus: 2*256.
(d) XOR: 2*W*H.
2. Numbers of Rounds
(a) XOR: 3*W*H.
(b) Modolus: 2.
3. Rotation
(a) XOR: N
R
*W*H.
(b) Permutation: N
R
*(W + H).
(c) Tranformation: N
R
*(W + H).
4. Diffusion
(a) XOR: 3*N
D
*W*H.
5. Total
(a) Multiplication: 6*256.
(b) Floating-points number to integer conversion: 6*256.
(c) XOR: (3*N
D
+ N
R
+ 2) *W*H.
(d) Modulus: 6*256.
(e) Permutation: N
R
*(W + H).
(f) Rotation: N
R
*(W + H).
4.5. Entropy
Entropy of a message m measured by
HM

N
i1
pm
i
log
1
pm
i

8
where N is the total number of symbols, p(m
i
) represents the probability of occurrence of symbol m
i
. For an ideal random
image of 256 symbols entropy is equal to 8-bits. For encrypted images 6(c), (d) entropies are 7.9996 and 7.9993, respec-
tively. This shows that encrypted images are very close to the random image. Hence, the proposed method is secure against
the entropy attack.
4.6. Key space analysis
The key space should be large enough. The effective key space for the proposed method is of nearly 157-bits [1]. This is
large enough to resist the brute-force attack.
5. Conclusions
The improved encryption concept is proposed using the rotation, diffusion and numbers of rounds for both stages de-
pends upon plain image and key combination. This method is immune to various types of cryptographic attacks like known
plaintext, chosen plaintext attacks. The proposed algorithm is lossless. The proposed scheme is secure and useful for real-
time application.
Acknowledgement
This work is part of the Research Project funded by All India Council of Technical Education (Government of India) vide
their ofce order: F.No. 8023/BOR/RID/RPS-236/2008-09. Also thankful to Department of Science & Technology (Ministry of
Science & Technology, Government of India) vide Ref. No. SR/SS/963/2009-10 under Research and Development Support
SERC (1009) Scheme.
Table 6
Time required for various basic operations (ms).
Operators PC1 PC2
Floating point number to integer conversion 190 145
Multiplication 60 42
Modulus 15 10
XOR 15 10
Addition 18 12
A. Kumar, M.K. Ghose / Commun Nonlinear Sci Numer Simulat 16 (2011) 372382 381
References
[1] Patidar V, Pareek NK, Sud KK. A new substitution diffusion based image cipher using chaotic standard and logistic maps. Commun Nonlinear Sci Numer
Simulat 2009;14:305675.
[2] Schneier B. Applied cryptography: protocols algorithms and source code in C. New York (USA): Wiley; 1996.
[3] Tong Xiaojun, Cui Minggen. Image encryption with compound chaotic sequence cipher shifting dynamically. Image Vision Comput 2008;26:84350.
[4] Mazloom Sahar, Masud Eftekhari-Moghadam Amir. Color image encryption based on coupled nonlinear chaotic map. Chaos Solitons Fract
2009;42:174554.
[5] Chen HC, Guo JI, Huang LC, Yen JC. Design and realization of a new signal security system for multimedia data transmission. EURASIP J Appl Signal
Process 2003;2003(13):1291305.
[6] Wang Yong, Wong Kwok-Wo, Liao Xiaofeng, Xiang Tao, Chen Guanrong. A chaos-based image encryption algorithm with variable control parameters
chaos. Solitons Fract 2009;41:177383.
[7] Li Chengqing, Li Shujun, Chen Guanrong, Halang Wolfgang A. Cryptanalysis of an image encryption scheme based on a compound chaotic sequence.
Image Vision Comput 2009;27:10359.
[8] Rhouma Rhouma, Ercan Solak, Safya Belghith. Cryptanalysis of a new substitutiondiffusion based image cipher. Commun Nonlinear Sci Numer
Simulat. doi:10.1016/j.cnsns.2009.07.007.
[9] Alvarez G, Li Shujun. Cryptanalyzing a nonlinear chaotic algorithm (NCA) for image encryption. Commun Nonlinear Sci Numer Simulat
2009;14:37439.
[10] Lian S, Sun J, Wang Z. A block cipher based on a suitable use of chaotic standard map. Chaos Solitons Fract 2005;26:11729.
[11] Rajpal N, Kumar A, Jindal PR. Demonstrating the use of error coding technique in the eld of steganography, along with linear feedback shift register
technique. In: Proc of the 2nd Workshop on Computer Vision, Graphics and Image Processing, Gwalior, India; 2004. p. 227.
[12] Tong Xiaojun, Cui Minggen, Wang Zhu. A new feedback image encryption scheme based on perturbation with dynamical compound chaotic sequence
cipher generator. Opt Commun 2009;282:27228.
[13] Yong Wang, Kwok-Wo Wong, Xiaofeng Liao, Guanrong Chen. A new chaos-based fast image encryption algorithm. Appl Soft Comput J. doi:10.1016/
j.asoc.2009.12.011.
382 A. Kumar, M.K. Ghose / Commun Nonlinear Sci Numer Simulat 16 (2011) 372382