Академический Документы
Профессиональный Документы
Культура Документы
org
Published in IET Image Processing
Received on 12th October 2012
Revised on 29th June 2013
Accepted on 14th July 2013
doi: 10.1049/iet-ipr.2012.0586
ISSN 1751-9659
Abstract: This study presents hardware realisation of chaos-based stream cipher utilised for image encryption applications. A
third-order chaotic system with signum non-linearity is implemented and a new post processing technique is proposed to
eliminate the bias from the original chaotic sequence. The proposed stream cipher utilises the processed chaotic output to
mask and diffuse input pixels through several stages of XORing and bit permutations. The performance of the cipher is tested
with several input images and compared with previously reported systems showing superior security and higher hardware
efciency. The system is experimentally veried on XilinxVirtex 4 eld programmable gate array (FPGA) achieving small
area utilisation and a throughput of 3.62 Gb/s.
1 Introduction key stream for image encryption. Amin et al. [21] used the
tent map to generate a chaotic key stream to encrypt image
Inherited randomness behaviour and sensitivity to initial bits though a non-linear transformation function. None of
conditions promote chaos-based random number generators the previously mentioned encryption systems have been
(CB-PRNGs) as efcient candidates for cryptographic realised on hardware as they occupy a larger area and
applications [13]. Many CB-PRNGs have been digitally operate on lower throughput rates losing the sole
realised using chaotic maps [4, 5] and recently using the advantages of stream encryption.
numerical solution of differential equations [6, 7]. Digital design To the best knowledge of the authors, this paper presents
provides area efciency, repeatability, portability and the rst hardware realisation of a lightweight chaotic stream
integrability with IC technology [8]. However, digital cipher utilised for coloured image encryption satisfying
CB-PRNGs suffer from serious dynamical degradations because three corner requirements: (i) high throughput, (ii) robust
of quantisation error and nite representation of system states, encryption and (iii) small hardware area. A third-order jerk
including loss of ergodicity and shorter pseudo orbits [9]. chaotic generator with signum non-linearity is utilised as a
Chaos-based image encryption using stream ciphers is a CB-PRNG. The size of the chaotic attractor is controlled
vivid, yet challenging, application of chaos because of the dynamically by the input image increasing the sensitivity of
high correlation between image pixels. Unlike block ciphers the output chaotic stream. This paper further introduces a
[10], stream ciphering [11] operates on smaller data units new post processing technique to overcome the defects in
and satises the high throughput requirement for data CB-PRNGs maintaining the same throughput and with a
transmission applications [12] such as wireless small hardware overhead. A thorough security analysis is
communications. Chaotic stream ciphers utilise CB-PRNGs provided for several images and the results are compared
to generate a key stream necessary for masking and with the previously reported software-based encryption
defusing image pixels. Nevertheless, aws in CB-PRNGs systems showing a superior performance. The hardware
result in weak encryption prone to various cryptanalysis utilisation and the maximum throughput of the proposed
attacks [13]; and therefore are solved by the hybridisation stream cipher is compared with known ciphers such as RC4
of two or more chaotic systems [1417]. The work done by [22], E0 [23], A5/1 [23], SNOW 3G [24] AES [25] and so
Huang [18] reports using Chebyshev function to generate on reecting a higher hardware efciency. The whole
the key stream to mask and permute image pixels in system is implemented on XilinxVirtex 4 FPGA.
addition to two-dimentional Chebyshev function to avoid
known-plaintext and chosen-plaintext attacks. Wang et al.
[19] also used three chaotic maps in his encryption that 2 Chaotic random number generator
alters between block and stream ciphering. Liu and Wanga
[20] utilised a true random number generator to provide the The following set of three rst-order ODEs describe a
seed for a piecewise linear chaotic map which generates a third-order non-autonomous double-scroll chaos generator
1 F F
X 0 1 0 X 0 Dt = + 1 + 162 , F1 # {0, 1},
4 16 2
Y = 0 0 1 Y + ,0
F2 [ 0, 212 1 , F2 [ N (3a)
Z 1 1 1 Z Dt sgn(X )
1 X 0 Dt = {4 b0010, F1 , F2 , 7 b0} Dt [24 bits]
sgn(X ) = (1)
1 X ,0 = [0010F1 F2 0000000] (3b)
Fig. 1 Circuit diagram of the fully digital third-order ODE-based non-autonomous double-scroll chaos generator
where m denotes a permutation scheme. Each permutation where t is an 8-bit counter. Unlike the input signal, the FFT of
matrix has a cyclicity index bigger than three and is not the the ciphered signal is uniformly distributed over the whole
inverse of any of the others. Moreover, the net effect of spectrum with characterisitcs similar to white noise.
Table 2 Experimental results on XC4VSX35-10FF668 FPGA for sequence of permutations at each encryption stage and thus,
the cipher and decipher systems gives a completely different output.
Components utilised Encryption system Decryption system
The chaotic generator utilised has three state registers each
of 24-bit wide. On adding the 128-bit seed of the LFSR, the
slices 164 202 total key space in this system is 2200. Key sensitivity is
slice FF 218 244 visually inspected by examining the wrong decrypted image
four input LUTs 236 249 when altering the systems key as shown in Fig. 7c.
Frequency, MHz 408.5 440.3 Quantitatively, key sensitivity is measured through the
mean-square error (MSE) which assesses the distortion in
the wrong decrypted image compared with the original one
4 Security analysis when the input key to the decryption system is wrong. The
MSE test is described as
The analysis in this section is conducted on a 512 512
coloured Lena.bmp. Experiments are carried out and the
1 M N
2
data are analysed using MATLAB. MSE = P i, j D(i, j) (9)
M N i=1 j=1
from the feedback F2 which creates a relationship between the 2 test is performed on the RGB histograms to analytically
input image and the chaotic generation as explained earlier. examine the quality of the uniform distribution. The test is
Thus, MSE values change with the input image producing a used to determine whether there is a signicant difference
prole for each colour component differing from one image between the expected number of intensity counts for colour
to another. levels and the observed counts in the ciphered image
assuming a uniform distribution [38] and is described as
4.2 Histogram analysis
L
(Oi Ei )2
Image histogram depicts statistical distribution of colour x2 = (10)
Ei
intensities. Secure ciphered images are characterised by at i=1
histograms for all colours in which the intensities are
evenly distributed over the whole colour scale. Visual where Ei is the expected occurrence of each colour level
inspection of the histograms in Fig. 7 conrms the uniform asserted by the null hypothesis, L is the colour level (256)
distribution of the RGB colour components. Furthermore, a and Oi is the observed count of each colour level [0255].
Fig. 6 MSE values with respect to the number of error bits in the decryption
2
With a signicance level of 0.05, it is found that 1 N
1
N
x2test , x2 (255, 0.05) for the three histograms implying that D(x) = x x (11b)
the null hypothesis is not rejected and the histogram N i=1 i N j=1 j
distributions are uniform.
cov(x, y)
r = (11c)
D(x) D(y)
4.3 Pixel correlation analysis
where cov (x, y) is the covariance between the two pixels and where P(Si) is the probability of the symbol Si. A source with
N is the total number of pixels selected from the image for the entropy equal to 8 is considered truly random. Table 4 depicts
calculation. Table 3 summarises the auto correlation the entropy values of the ciphered image compared with the
coefcients for horizontal, vertical and diagonal orientations original ones which imply the high randomness levels
of the original and ciphered image and Fig. 8 shows the achieved by the proposed stream cipher.
visual inspection of the horizontal correlation for RGB
components. Furthermore, to measure how different the
ciphered image is from the original, the cross-correlation 4.5 Differential analysis
coefcients are calculated using the same equations in To prevent revelation of any meaningful statistical
(11ac) by considering each pixel value xi from the original relationships between the input and the output, small
image and its corresponding pixel yi from the ciphered one. changes in the original image should result in signicant
Cross-correlation coefcients are found to be 0.0035, changes in the ciphered image. In general, this property is
0.001 and 0.0002 for the RGB colours, respectively. Low directly controlled by the quality of diffusion and confusion
coefcient values imply robust confusion and diffusion adopted in the system. Quantitatively, the sensitivity of the
algorithm implemented in the system to prevent any encryption algorithm to the input is evaluated through two
information leakage regarding pixel correlations. tests [37]. The rst test is the NPCR, which represents the
number of pixels change rate of the ciphered image while
one pixel of the original image has changed. Assume two
4.4 Entropy analysis ciphered images, C1 and C2, whose corresponding original
images have only one pixel difference, the NPCR value is
The entropy is a measure of the predictability of a random
source. The ciphered image data should appear as random
noise to avoid any information leakage. For a binary source Table 4 Entropy results for original and ciphered images for
S producing 28 symbols of equal probabilities each symbol all the colour components
is 8-bits wide and the entropy of this source is dened as [36]
Entropy Original image Ciphered mage
SAC, %
Table 5 Differential analysis results for all the colour
49.995
49.989
49.987
49.991
49.984
49.989
49.999
49.987
49.969
49.977
49.999
49.993
49.976
49.994
49.978
49.993
49.978
49.971
components
UACI, %
33.417
33.465
33.457
33.479
33.497
33.571
33.573
33.459
33.519
33.401
33.497
33.506
33.488
33.457
33.426
33.438
33.359
33.379
red 99.743 99.4 99.59 33.839 32.837 33.367
green 99.742 99.425 99.592 33.972 32.936 33.406
blue 99.748 99.442 99.589 33.946 32.905 33.447
NPCR, %
99.594
99.596
99.597
99.594
99.592
99.593
99.594
99.592
99.593
99.599
99.594
99.593
99.595
99.589
99.592
99.589
99.591
99.59
expressed as
0, C1 (i, j) = C2 (i, j)
D(i, j) = (13a)
C1 (i, j) = C2 (i, j)
Ciphered
1,
7.9993
7.9993
7.9993
7.9993
7.9995
7.9994
7.9992
7.9992
7.9992
7.9993
7.9994
7.9993
7.9993
7.9993
7.9994
7.9993
7.9993
7.9993
1 M N
Entropy
NPCR = D(i, j) (13b)
M N i=1 j=1
Original
6.9481
6.8845
6.1265
7.7067
7.4744
7.7522
6.7178
6.7990
6.2138
7.3124
7.6429
7.2136
7.3388
7.4963
7.0583
The second test is the UACI which represents the unied
0
0
0
average changing intensity measuring the average intensity
difference of two ciphered images, whose corresponding
original image has only one pixel difference as follows
Table 7 Correlation, entropy and differential analysis results for coloured images obtained from USC-SIPI image database
Cross corr.
0.0034
0.0038
0.0027
0.0037
0.0005
0.0039
0.0001
0.0016
0.0017
N
0.0008
0.0045
0.0008
0.0011
0.0013
0.0018
1 M
C1 (i, j) C2 (i, j)
0
0
0
UACI = 100
M N i=1 j=1 255
(14)
0.0031
0.0005
0.0019
0.0019
0.0016
0.0013
0.0014
0.0039
0.0005
0.002
0.0038
0.0012
0.0002
0.0013
0.0003
0.0013
0.002
0.004
Diag.
Both tests are conducted 500 times with inputs having only
1-bit change randomly in only pixel with an arbitrary
Ciphered image corr.
0.0006
0.0021
0.0045
0.0008
0.0036
0.0022
0.0001
0.0004
0.002
reect the effect of using the chained confusion algorithm
0.0027
0.0003
0.0005
0.0008
0.0002
0.0008
0.0002
0.0047
Vert.
0.0001
0.0005
0.0032
0.0015
0.0011
0.0007
0.0012
0.0004
0.0007
0.0009
0.0007
0.0014
0.0002
0.0024
0.0015
0.0002
0.0003
Horiz.
1
1
1
Table 6 NIST SP. 800-22 tests for the original and processed
Original image corr.
1
1
1
PV PP PV PP PV PP
0.9936
0.9812
0.9826
0.9231
0.8655
0.9073
0.9726
0.9578
0.9640
0.9558
0.9715
0.9710
0.9635
0.9811
0.9665
Horiz.
green
green
green
green
green
blue
blue
blue
blue
blue
red
red
red
red
red
red
mandrill (4.2.03)
peppers (4.0.07)
airplane (4.0.04)
sailboat (4.2.06)
Table 9 Comparison in the hardware performance results between the proposed system and other reported non-chaos-based ciphers
System Area (Gc) T.put, Mb/s Efficiency T.put/area Implementation target