On the Security of Permutation-Only Image Encryption Schemes
read more
Citations
An efficient verifiable (t,n)-threshold secret image sharing scheme with ultralight shares
Image Encryption Technique for Improvement of Image Security
Cryptanalysis of an Image Encryption Algorithm Based on a 2D Hyperchaotic Map
On the Security of Encrypted JPEG Image with Adaptive Key Generated by Invariant Characteristic
On the security of a class of diffusion mechanisms for image encryption
References
Data encryption standard
The advanced encryption standard
Partial encryption of compressed images and videos
Efficient frequency domain selective scrambling of digital video
A general quantitative cryptanalysis of permutation-only multimedia ciphers against plaintext attacks
Related Papers (5)
Some basic cryptographic requirements for chaos-based cryptosystems
Frequently Asked Questions (13)
Q2. How many pairs of input/output binary images does the adversary need?
To deduce the 256 × 2048 permutation mapping, the adversary only requires dlog2 (256× 2048)e = 19 pairs of input/output binary images.
Q3. How many plain-images can be constructed by 2 digit expansions in radix?
For instance, if M = N = L = 2, then 2 plainimages can be constructed by 2 digit expansions in radix 2 for s = 0, 1, 2, 3, that is, s′ = 00, 01, 10, 11.
Q4. How does Kuhn’s work affect the security of permutation-only image ?
increasing the permutation domain makes the correlation analysis, and hence the ciphertext-only attacks, computationally cumbersome.
Q5. What is the definition of a permutation-only image cipher?
The permutation-only image cipher is pseudo-random if it permutes the location of plain-image entries, with an approximate uniform probability, from the set of all possible (#S)!
Q6. What is the case for a dlogL (MN)e attack?
A best case in connection with lower bounds on pairs can be sharply stated as follows:Lemma 1: Given L color intensities and MN locations, for any permutation ρ, which is applied to get the respective cipher-images, there exist n ≥ dlogL (MN)e, such that ρ is uniquely determined by making use of n pairs of plain-images and cipher-images.
Q7. How many plain-images are generated by splitting this matrix into three?
Hence,P2 = 000 001 002 010 011 012 020 021 022 100 101 102 110 111 112 120 121 122 200 201 202 210 211 212 220 . (5) Then, plain-images whose entries are 0, 1 and 2 are generated by splitting this matrix into three.
Q8. How did they show that the plain-image could be partially recovered?
They showed that the pixel data could be reordered according to a space-filling curve, and hence, the plain-image could be partially recovered by exploiting the correlation between subsequent frames.
Q9. How can the authors improve the security level against plaintext attacks?
To offer an acceptable security level against plaintext attacks, the pseudo-random permutations should be updated to a frequency smaller than dlogL (MN)e.
Q10. what is the main advantage of the proposed attack over the chosen-plaintext attacks?
Based on the discussions above, the main advantage of the proposed attack over the chosen-plaintext attacks of [28] and [29] is that it presents a precise method for the construction of the chosen plain-images which ensures the correct retrieval of the permutation mapping.
Q11. How many matrices are recombined using positional bits?
When these matrices are recombined using positional bits, the mapped locations of the original locations s = 0, 1, . . . , 24 will be revealed.
Q12. How did Li and Lo improve the implementation performance of their attack?
Li and Lo [29] improved the implementation performance of Li et al.’s cryptanalysis by reducing its computational complexity to O (n (MN)).
Q13. How many plain-images are required for the chosen-plaintext attack?
This shows that the proposed cryptanalysis is efficiently achievable by means of a limited number of chosen plain-images using a polynomial amount of computation time.