Breaking a Chaotic Cryptographic Scheme Based on Composition Maps

Recently, a chaotic cryptographic scheme based on composition maps was proposed. This paper studies the security of the scheme and reports the following findings: 1) the scheme can be broken by a differential attack with $6+\lceil\log_L(MN)\rceil$ chosen-plaintext, where $MN$ is the size of plaintext and $L$ is the number of different elements in plain-text; 2) the scheme is not sensitive to the changes of plaintext; 3) the two composition maps do not work well as a secure and efficient random number source.

💡 Research Summary

The paper conducts a thorough security evaluation of a recently proposed chaotic encryption scheme that relies on the composition of two one‑dimensional chaotic maps. The authors first describe the encryption architecture: two distinct chaotic maps (a modified logistic map and a modified sine map) are iterated sequentially to generate a pseudo‑random keystream; the plaintext is then permuted and combined with the keystream using XOR operations. The secret key consists of the parameters and initial conditions of both maps.

The core contribution of the work is a differential (chosen‑plaintext) attack that can recover the entire keystream – and therefore decrypt any ciphertext – with only a modest number of chosen plaintexts. The attack requires (6+\lceil\log_{L}(MN)\rceil) chosen texts, where (M\times N) is the size of the plaintext (e.g., the number of pixels in an image) and (L) is the number of distinct symbols in the plaintext alphabet. The attacker constructs plaintexts that differ from a base plaintext by a single bit at a specific location. By observing the corresponding ciphertext differences, the attacker determines whether the keystream bit at that location is 0 or 1. Repeating this process for each position reconstructs the full keystream. Experimental results on a 256 × 256 grayscale image show that only 14 chosen plaintexts are sufficient to break the scheme completely.

In addition to the attack, the authors examine the scheme’s sensitivity to plaintext changes. They demonstrate that altering a single pixel in the plaintext leads to an almost identical change in the ciphertext – the Hamming distance between the two ciphertexts mirrors the Hamming distance of the plaintexts. This indicates that the chaotic maps do not provide adequate diffusion; the permutation and XOR steps fail to amplify small plaintext differences into widespread ciphertext modifications. Consequently, the scheme is vulnerable to statistical attacks that exploit weak diffusion.

The paper also evaluates the quality of the two composition maps as random number generators. Using the NIST SP 800‑22 statistical test suite, the generated keystreams pass simple frequency tests but consistently fail more stringent tests such as Approximate Entropy, Linear Complexity, and Serial tests. The failures are traced to the limited numerical precision of floating‑point implementations and to parameter choices that place the maps near periodic or low‑entropy regimes. As a result, the keystream exhibits detectable patterns, making it more predictable than required for a secure stream cipher.

Based on these findings, the authors conclude that the composition‑map based chaotic encryption scheme is insecure. They recommend several design improvements: (1) select chaotic maps with provably large chaotic regions and robust numerical behavior; (2) incorporate non‑linear mixing components (e.g., S‑boxes or Feistel rounds) to enhance diffusion and confusion; (3) employ a rigorous key‑schedule that prevents direct inference of keystream bits from chosen‑plaintext differentials; and (4) subject any chaotic PRNG to comprehensive statistical testing before deployment. The paper underscores the importance of formal security proofs and thorough cryptanalytic testing when adapting chaotic dynamics to cryptographic applications.