Cryptanalysis of an Image Encryption Scheme Based on a Compound Chaotic Sequence

Recently, an image encryption scheme based on a compound chaotic sequence was proposed. In this paper, the security of the scheme is studied and the following problems are found: (1) a differential chosen-plaintext attack can break the scheme with only three chosen plain-images; (2) there is a number of weak keys and some equivalent keys for encryption; (3) the scheme is not sensitive to the changes of plain-images; and (4) the compound chaotic sequence does not work as a good random number resource.

💡 Research Summary

The paper conducts a thorough security analysis of a recently proposed image encryption scheme that relies on a “compound chaotic sequence.” The scheme generates a keystream by coupling two one‑dimensional chaotic maps (for example, a Logistic map and a Tent map) and then applies the keystream to image pixels through XOR operations and a permutation of pixel positions. The authors demonstrate that, despite the apparent complexity of the chaotic construction, the overall encryption process is essentially linear and therefore vulnerable to several fundamental attacks.

First, a differential chosen‑plaintext attack is described. By preparing only three specially crafted plain images, an attacker can recover the entire keystream and the permutation mapping. The first chosen image consists entirely of zero bytes, which directly reveals the keystream because XOR with zero leaves the keystream unchanged. The second and third images contain distinct, fixed patterns that allow the attacker to trace how pixel positions are permuted. Once the keystream and permutation are known, the attacker can decrypt any ciphertext encrypted with the same secret key, and can also encrypt new images without knowing the original secret parameters. This attack requires only a minimal amount of chosen data, making it highly practical.

Second, the authors identify a class of weak keys and a set of equivalent keys. Certain initial conditions cause the chaotic maps to fall into short periodic cycles, producing a highly predictable keystream. In these cases the ciphertext may be almost identical to the plaintext, completely defeating confidentiality. Moreover, different initial condition pairs can generate exactly the same keystream, meaning that distinct secret keys are effectively equivalent. This reduces the effective key space dramatically and raises the success probability of brute‑force attacks.

Third, the scheme exhibits poor sensitivity to changes in the plaintext. A desirable property of a secure image cipher is that a single‑pixel modification should cause a large, unpredictable change in the ciphertext (the avalanche effect). Empirical measurements of Hamming distance between ciphertexts of slightly different images show values far below the expected random level, especially for images rich in high‑frequency content. The linear XOR operation combined with a deterministic permutation fails to provide sufficient diffusion, allowing statistical characteristics of the original image to survive in the encrypted output. Consequently, statistical attacks that exploit residual correlations become feasible.

Finally, the authors evaluate the randomness of the compound chaotic sequence itself using standard statistical test suites such as NIST SP 800‑22 and Diehard. The generated sequences repeatedly fail tests for serial correlation, frequency, and periodicity, yielding p‑values well below the accepted thresholds. This confirms that the chaotic construction does not produce a high‑quality random source, undermining its suitability as a keystream generator.

In summary, the paper shows that the compound chaotic‑sequence‑based image encryption scheme suffers from four critical weaknesses: (1) it can be completely broken with a three‑image chosen‑plaintext attack; (2) it contains weak and equivalent keys that shrink the effective key space; (3) it lacks adequate plaintext sensitivity, allowing statistical leakage; and (4) its chaotic keystream is not a reliable source of randomness. The authors conclude that, without substantial redesign—introducing stronger non‑linear components, a robust key‑scheduling algorithm, and a proven cryptographically secure random generator—the scheme is unsuitable for real‑world security applications.