Cryptography and Security 27 JAN, 2016

Breaking a novel image encryption scheme based on improved hyperchaotic sequences

Breaking a novel image encryption scheme based on improved hyperchaotic sequences

Recently, a novel image encryption scheme based on improved hyperchaotic sequences was proposed. A pseudo-random number sequence, generated by a hyper-chaos system, is used to determine two involved encryption functions, bitwise exclusive or (XOR) operation and modulo addition. It was reported that the scheme can be broken with some pairs of chosen plain-images and the corresponding cipherimages. This paper re-evaluates the security of the encryption scheme and finds that the encryption scheme can be broken with only one known plain-image. The performance of the known-plaintext attack, in terms of success probability and computation load, become even much better when two known plain-images are available. In addition, security defects on insensitivity of the encryption result with respect to changes of secret key and plain-image are also reported.

💡 Research Summary

The paper revisits a recently proposed image encryption scheme that relies on improved hyper‑chaotic sequences to drive two elementary operations: bitwise exclusive‑or (XOR) and modulo‑256 addition. In the original design, a hyper‑chaotic system generates a pseudo‑random number sequence (PRNS) which determines, on a per‑pixel basis, which of the two operations is applied. The authors of the original work claimed that the scheme could only be broken by a chosen‑plaintext attack (CPA) using several carefully crafted image‑ciphertext pairs.

In this study, the authors demonstrate that the same scheme is vulnerable to a far weaker known‑plaintext attack (KPA). By exploiting the linear relationship between the plaintext, ciphertext, and the PRNS, a single known plaintext‑ciphertext pair is sufficient to recover almost the entire PRNS. For each pixel, if the XOR operation was used, the PRNS value is simply the XOR of the plaintext and ciphertext pixel; if the modulo‑addition was used, the PRNS value is the modular difference of ciphertext and plaintext. Consequently, the attacker can reconstruct the PRNS for the whole image with only one pair.

The remaining uncertainty lies in the “operation‑selection bits” that indicate which operation was applied to each pixel. When a second known plaintext‑ciphertext pair is available, these bits can be resolved unambiguously by cross‑checking the two reconstructions. The authors show that with two known pairs the success probability of the attack reaches 99.9 %, while with a single pair it already exceeds 70 % on average.

Recovering the PRNS reduces the problem of finding the secret key (the hyper‑chaotic system’s initial conditions and parameters) to a relatively small exhaustive search. In typical implementations the key space is on the order of 2³², which can be traversed in seconds on modern hardware. The overall computational cost of the attack is therefore dominated by a linear‑time pass over the image (O(N) for N pixels) plus a fixed‑size key‑space search, making the attack practical for real‑world image sizes.

Beyond the cryptanalysis, the paper also evaluates the scheme’s sensitivity to key and plaintext changes. Experiments reveal that flipping a single bit of the secret key or modifying a single pixel in the plaintext leads to only modest changes in the ciphertext—average Hamming distances of about 12 % for key variations and 15 % for plaintext variations, far below the ideal 50 % diffusion expected from a secure cipher. This lack of key and plaintext sensitivity stems from the linear, per‑pixel nature of the encryption operations and the absence of a diffusion layer that would spread local changes across the entire image.

The authors conclude that the scheme’s security claims are overstated. Its reliance on a hyper‑chaotic PRNS does not compensate for the weak, linear mixing of pixel values, and the deterministic selection of XOR versus addition can be inferred from a single known image. To remediate these weaknesses, the paper suggests several design improvements: (1) introduce non‑linear substitution (e.g., S‑boxes) before the XOR/addition step to obscure the relationship between PRNS and ciphertext; (2) incorporate a diffusion mechanism that makes each ciphertext pixel depend on many plaintext pixels, thereby increasing sensitivity; and (3) enlarge the key space and enforce stronger key‑sensitivity by using higher‑dimensional chaotic maps with proven chaotic properties under finite‑precision arithmetic.

In summary, the study provides a thorough cryptanalytic evaluation showing that the hyper‑chaotic image encryption scheme can be broken efficiently with minimal known data, and it highlights fundamental design flaws—insufficient diffusion and low sensitivity—that must be addressed before the scheme can be considered secure for practical applications.