# Cryptanalysis and Improvement of a Chaotic Map-Based Image Encryption System Using Both Plaintext Related Permutation and Diffusion

^{*}

## Abstract

**:**

## 1. Introduction

## 2. Related Work

#### 2.1. The Involved Chaotic Maps

#### 2.1.1. Generalized Arnold’s Cat Map

#### 2.1.2. Chebyshev Map

#### 2.2. Image Encryption Algorithm

#### 2.2.1. Permutation Stage

#### 2.2.2. Diffusion Stage

#### 2.3. Image Decryption Algorithm

## 3. Cryptanalysis

#### 3.1. Security Weaknesses

#### 3.1.1. Equivalent Classes in Keyspace

#### 3.1.2. Low Sensitivity to the Change of Plaintext

#### 3.2. Chosen-Plaintext Attack

#### 3.2.1. Extraction of the Permutation Matrix

- Construct a special plain image $P$, such that$${P}_{R}={P}_{G}={P}_{B}={\left[\begin{array}{cccc}1& 1& \cdots & 1\\ 1& 1& \cdots & 1\\ \vdots & \vdots & \ddots & \vdots \\ 1& 1& \cdots & 1\end{array}\right]}_{256\times 256}.$$
- Encrypt $P$ using CIES-UBPRPD to obtain the corresponding cipher image $C$. We denote the image after permutation stage as ${P}^{*}$ (an intermediate product during the execution of the whole encryption process).
- Let us use R channel as an example: select two different positions $\left(a,b\right)$ and $\left(x,y\right)$, where $a,b,x,y\in \left\{0,1,\cdots ,255\right\}$ and construct another special plain image ${P}^{\prime}$, such that$$\begin{array}{c}{{P}^{\prime}}_{R}={\left[f\left(i,j\right)\right]}_{256\times 256},\\ {{P}^{\prime}}_{G}={{P}^{\prime}}_{B}={\left[\begin{array}{cccc}1& 1& \cdots & 1\\ 1& 1& \cdots & 1\\ \vdots & \vdots & \ddots & \vdots \\ 1& 1& \cdots & 1\end{array}\right]}_{256\times 256}\end{array},$$$$f\left(i,j\right)=\{\begin{array}{l}0,if\left(i,j\right)=\left(a,b\right)\hfill \\ 2,if\left(i,j\right)=\left(x,y\right)\hfill \\ 1,else\hfill \end{array}.$$
- Encrypt ${P}^{\prime}$ to obtain its cipher image ${C}^{\prime}$. From Section 3.1.2, we knew that $P$ and ${P}^{\prime}$ share the same parameters used in ACM; thus, they have the same permutation mapping. Let us denote the first position of different values that occurred in ${C}_{R}$ and ${{C}^{\prime}}_{R}$, following the raster-scan order, as $\mathsf{\Delta}C$. It means that ${{P}^{\prime *}}_{R}\left(\mathsf{\Delta}C\right)\ne {P}_{R}^{*}\left(\mathsf{\Delta}C\right)=1$, such that ${{C}^{\prime}}_{R}\left(\mathsf{\Delta}C\right)\ne {C}_{R}\left(\mathsf{\Delta}C\right)$, which means either ${{P}^{\prime}}_{R}\left(a,b\right)=0$ or ${{P}^{\prime}}_{R}\left(x,y\right)=2$ will be moved to the position $\mathsf{\Delta}C$ after performing the permutation stage. This property reveals some information regarding the permutation behavior of CIES-UBPRPD. We define $\left(\left(a,b\right),\left(x,y\right),\mathsf{\Delta}C\right)$ as a tuple of constraints.
- Choose a different $\left(a,b\right)$ or $\left(x,y\right)$, repeat Step 3 to Step 4 several times and collect all of the produced constraint tuples, and then define the associated collection of constraint tuples as a set $S$.
- Construct a $256\times 256$ matrix $Z$, by setting the chosen positions (a, b) and (x, y), used in Step 2, with different positive integers and all other positions with value 0. For example, assume there are two constraint tuples $\left(\left(0,0\right),\left(0,1\right),\left(8,8\right)\right)$ and $\left(\left(0,0\right),\left(0,2\right),\left(6,9\right)\right)$ in $S$, we can now set $Z\left(0,0\right)=1$, $Z\left(0,1\right)=2$, $Z\left(0,2\right)=3$, and $Z\left(i,j\right)=0,\forall \left(i,j\right)\notin \left\{\left(0,0\right),\left(0,1\right),\left(0,2\right)\right\}$.
- Using the brute-force searching algorithm, denoted as Algorithm 1 in the following, to find ${b}_{r}$ and $\widehat{{a}_{r}}$ for all of the above chosen plain images, where $\widehat{{a}_{r}}={a}_{r}\mathrm{mod}256$. In the specifically considered case, all of the images are of size $256\times 256\times 3$, ${a}_{r},$ and $\widehat{{a}_{r}}$ are equivalent in the permutation stage. Actually, we do not need to know what ${a}_{r}$ exactly is, but only its last eight bits. If Algorithm 1 outputs more than one candidate pair, let us go back to Step 3 to collect more constrained tuples and iterate this step until only one pair is left.
- Making changes to G and B channels, repeat the procedures listed in Step 3 to Step 7 and obtain ${b}_{g}$, $\widehat{{a}_{g}}$, ${b}_{b}$, and $\widehat{{a}_{b}}$, where $\widehat{{a}_{g}}={a}_{g}\mathrm{mod}256$ and $\widehat{{a}_{b}}={a}_{b}\mathrm{mod}256$.
- Extract ${k}_{1}\mathrm{mod}256$, ${k}_{2}\mathrm{mod}256$, and ${k}_{3}\mathrm{mod}256$ by using$$\{\begin{array}{l}{k}_{1}\mathrm{mod}256=\left({C}_{R}\left(0,0\right)-{b}_{r}\right)\mathrm{mod}256\hfill \\ {k}_{2}\mathrm{mod}256=\left({C}_{G}\left(0,0\right)-{b}_{g}\right)\mathrm{mod}256\hfill \\ {k}_{3}\mathrm{mod}256=\left({C}_{B}\left(0,0\right)-{b}_{b}\right)\mathrm{mod}256\hfill \end{array}.$$We denote these three values as $\widehat{{k}_{1}}$, $\widehat{{k}_{2}},$ and $\widehat{{k}_{3}}$, respectively, for convenience.

#### 3.2.2. Extraction of the Diffusion Matrix

#### 3.2.3. Recovering the Original Plain Image

- Transform $\overline{{C}_{R}}$, $\overline{{C}_{G}}$, and $\overline{{C}_{B}}$ into three 1D arrays $\overline{{C}_{R\_P}}$, $\overline{{C}_{G\_P}}$, and $\overline{{C}_{B\_P}}$, respectively, in row major ordering.
- Calculate the required parameters, as follows.$$\begin{array}{c}\begin{array}{c}\{\begin{array}{l}{b}_{r}=\left(\overline{{C}_{R\_P}}\left(0\right)-\widehat{{k}_{1}}\right)\mathrm{mod}256\hfill \\ {b}_{g}=\left(\overline{{C}_{G\_P}}\left(0\right)-\widehat{{k}_{2}}\right)\mathrm{mod}256\hfill \\ {b}_{b}=\left(\overline{{C}_{B\_P}}\left(0\right)-\widehat{{k}_{3}}\right)\mathrm{mod}256\hfill \end{array}\end{array}\\ \{\begin{array}{l}\widehat{{a}_{r}}=\mathrm{mod}\left(\left({b}_{r}+1\right)\times \left(\widehat{{k}_{1}}\otimes \widehat{{k}_{2}}\otimes \widehat{{k}_{3}}\right),256\right)+1\hfill \\ \widehat{{a}_{g}}=\mathrm{mod}\left(\left({b}_{g}+1\right)\times \left(\widehat{{k}_{1}}\otimes \widehat{{k}_{2}}\otimes \widehat{{k}_{3}}\right),256\right)+1\hfill \\ \widehat{{a}_{b}}=\mathrm{mod}\left(\left({b}_{b}+1\right)\times \left(\widehat{{k}_{1}}\otimes \widehat{{k}_{2}}\otimes \widehat{{k}_{3}}\right),256\right)+1.\hfill \end{array}\end{array}$$
- Reconstruct $\overline{{P}_{R\_P}^{*}}$, $\overline{{P}_{G\_P}^{*}}$ and $\overline{{P}_{B\_P}^{*}}$ according to$$\{\begin{array}{l}\overline{{P}_{R\_P}^{*}}=\mathrm{mod}\left(\left(\overline{{C}_{R\_P}}\left(i\right)\otimes \overline{{C}_{R\_P}}\left(i-1\right)\right)-{num}^{\prime},256\right)\otimes D\left(i\right)\hfill \\ \overline{{P}_{G\_P}^{*}}=\mathrm{mod}\left(\left(\overline{{C}_{G\_P}}\left(i\right)\otimes \overline{{C}_{G\_P}}\left(i-1\right)\right)-{num}^{\prime},256\right)\otimes D\left(i\right)\hfill \\ \overline{{P}_{B\_P}^{*}}=\mathrm{mod}\left(\left(\overline{{C}_{B\_P}}\left(i\right)\otimes \overline{{C}_{B\_P}}\left(i-1\right)\right)-nu{m}^{\prime},256\right)\otimes D\left(i\right),\hfill \end{array}$$$${num}^{\prime}=\left(\widehat{{a}_{r}}\times {b}_{r}+\widehat{{a}_{g}}\times {b}_{g}+\widehat{{a}_{b}}\times {b}_{b}\right)\otimes \left(\widehat{{k}_{1}}+\widehat{{k}_{2}}+\widehat{{k}_{3}}\right),$$
- Reconstruct $\overline{{P}_{R}}$, $\overline{{P}_{G}},$ and $\overline{{P}_{B}}$ by using ACM, but now the scanning sequence is from right to left and from bottom to top.

## 4. Improved CIES-UBPRPD Algorithm

#### 4.1. The Weaknesses of the Original CIES-UBPRPD

- Misuse of the modulo operation. A value’s remainder divided by 256 equals to the last eight bits in its binary representation. This operation makes the last eight bits of the value more important than the rest parts. This unequal importance in bits gives us a large number of clues for finding the equivalent classes of parameters in CIES-UBPRPD.
- The parameters used in ACM are not very sensitive to the initial plain images. As we pointed out in Section 3.1.2, images that have the same $su{m}_{r}$, $su{m}_{g}$, and $su{m}_{b}$ share the same system parameters. Thus, it is vulnerable to differential attacks.
- The diffusion matrix (process) depends only on secret keys, but not the plain images. Once we cracked one cipher image and extracted the diffusion matrix, we can use it to decrypt the other cipher images.

#### 4.2. The Enhanced CIES-UBPRPD

#### 4.2.1. Secret Key Formulation

#### 4.2.2. Image Encryption Algorithm

#### Permutation Stage

- Use ${x}_{0}$ as the initial value and iterate the Chebyshev map $\left({n}_{0}+131\right)$ times, discard the first ${n}_{0}$ elements to avoid the harmful effect, and obtain the chaotic sequences ${x}_{n}$, which contain 131 elements. That is,$${x}_{n}=\left\{{x}_{0},{x}_{1},\cdots ,{x}_{130}\right\}.$$
- Generate another sequence ${x}_{nq}$ by$${x}_{nq}\left(i\right)=\lfloor {x}_{i}\times {k}_{imod3}\times \mathrm{cos}{h}_{imod32}\rfloor mod256,\mathrm{where}i\in \left\{0,1,\cdots ,130\right\}.$$
- Calculate the parameters by following equations:$$\begin{array}{c}a=({\displaystyle {\displaystyle \sum}_{i=0}^{31}}{h}_{i}\times {x}_{nq}\left(i\right))\mathrm{mod}65536\\ b=({\displaystyle {\displaystyle \sum}_{i=0}^{31}}{h}_{i}\times {x}_{nq}\left(i+32\right))\mathrm{mod}65536\\ c=({\displaystyle {\displaystyle \sum}_{i=0}^{31}}{h}_{i}\times {x}_{nq}\left(i+64\right))\mathrm{mod}65536\\ d=({\displaystyle {\displaystyle \sum}_{i=0}^{31}}{h}_{i}\times {x}_{nq}\left(i+96\right))\mathrm{mod}65536\end{array}$$
- Permute $P$ using the following three-dimensional (3D) cat map:$$\left[\begin{array}{c}{i}^{\prime}\\ {j}^{\prime}\\ {k}^{\prime}\end{array}\right]=\left[\begin{array}{ccc}1& a& 0\\ b& ab+1& 0\\ c& d& 1\end{array}\right]\left[\begin{array}{c}i\\ j\\ k\end{array}\right]\mathrm{mod}\left[\begin{array}{c}M\\ N\\ 3\end{array}\right],$$

#### Diffusion Stage

- Transform ${P}_{R}^{*}$, ${P}_{G}^{*}$, and ${P}_{B}^{*},$ into three 1D arrays ${P}_{R\_P}^{*}$, ${P}_{G\_P}^{*}$ and ${P}_{B\_P}^{*}$ by row-major ordering.
- Use ${y}_{0}=\frac{\mathrm{cos}a+\mathrm{cos}b+\mathrm{cos}c+\mathrm{cos}d+{x}_{0}}{5}$ as the new initial value and iterate the Chebyshev map $\left(3\times M\times N+{n}_{0}\right)$ times, discard the first n
_{0}elements and generate another chaotic sequence ${y}_{n}$, which contains $3\times M\times N$ elements. That is,$${y}_{n}=\left\{{x}_{0},{x}_{1},\cdots ,{x}_{3\times M\times N-1}\right\}.$$ - Calculate the diffusion matrices ${D}_{R}$, ${D}_{G}$, and ${D}_{B}$ according to:$$\{\begin{array}{c}{D}_{R}\left(i\right)=\lfloor {y}_{i}\times \left({k}_{2}\otimes {k}_{3}\right)\rfloor mod256\\ {D}_{G}\left(i\right)=\lfloor {y}_{i+MN}\times \left({k}_{1}\otimes {k}_{3}\right)\rfloor mod256\\ {D}_{B}\left(i\right)=\lfloor {y}_{i+2MN}\times \left({k}_{1}\otimes {k}_{2}\right)\rfloor mod256\end{array}\mathrm{where}i\in \left\{0,1,\cdots ,M\times N-1\right\}.$$
- Calculate ${C}_{R\_P}$, ${C}_{G\_P}$ and ${C}_{B\_P}$ by using$$\begin{array}{c}\{\begin{array}{l}{C}_{R\_P}\left(0\right)=\mathrm{mod}\left({P}_{R\_P}^{*}\left(0\right)\otimes {D}_{R}\left(0\right)+num,256\right)\otimes {x}_{nq}\left(128\right)\hfill \\ {C}_{G\_P}\left(0\right)=\mathrm{mod}\left({P}_{G\_P}^{*}\left(0\right)\otimes {D}_{G}\left(0\right)+num,256\right)\otimes {x}_{nq}\left(129\right)\hfill \\ {C}_{B\_P}\left(0\right)=\mathrm{mod}\left({P}_{B\_P}^{*}\left(0\right)\otimes {D}_{B}\left(0\right)+num,256\right)\otimes {x}_{nq}\left(130\right)\hfill \end{array}\\ \{\begin{array}{l}{C}_{R\_P}\left(i\right)=\mathrm{mod}\left({P}_{R\_P}^{*}\left(i\right)\otimes {D}_{R}\left(i\right)+num,256\right)\otimes {C}_{B}\left(i-1\right)\hfill \\ {C}_{G\_P}\left(i\right)=\mathrm{mod}\left({P}_{G\_P}^{*}\left(i\right)\otimes {D}_{G}\left(i\right)+num,256\right)\otimes {C}_{R}\left(i\right)\hfill \\ {C}_{B\_P}\left(i\right)=\mathrm{mod}\left({P}_{B\_P}^{*}\left(i\right)\otimes {D}_{B}\left(i\right)+num,256\right)\otimes {C}_{G}\left(i\right),\hfill \end{array}\end{array}$$
- Transform ${C}_{R\_P}$, ${C}_{G\_P},$ and ${C}_{B\_P}$ into three grayscale images with size $M\times N$, and then merge them into color cipher image $C$ with size $M\times N\times 3$.

#### Image Decryption Algorithm

- Transform ${C}_{R}$, ${C}_{G},$ and ${C}_{G}$ into three 1D arrays ${C}_{R\_P}$, ${C}_{G\_P},$ and ${C}_{B\_P}$ respectively, by row-major ordering.
- Calculate the chaotic sequence ${x}_{nq}$ in the same way as the encryption process.
- Calculate the parameters $a,b,c,d$ in the same way as the encryption process.
- Calculate the diffusion matrices ${D}_{R}$, ${D}_{G},$ and ${D}_{B}$ in the same way as the encryption process.
- Reconstruct ${P}_{R\_P}^{*}$, ${P}_{G\_P}^{*},$ and ${P}_{B\_P}^{*}$ by using$$\begin{array}{c}\{\begin{array}{l}{P}_{R\_P}^{*}\left(0\right)=\mathrm{mod}\left(\left({C}_{R\_P}\left(0\right)\otimes {x}_{nq}\left(128\right)\right)-num,256\right)\otimes {D}_{R}\left(0\right)\hfill \\ {P}_{G\_P}^{*}\left(0\right)=\mathrm{mod}\left(\left({C}_{G\_P}\left(0\right)\otimes {x}_{nq}\left(129\right)\right)-num,256\right)\otimes {D}_{G}\left(0\right)\hfill \\ {P}_{B\_P}^{*}\left(0\right)=\mathrm{mod}\left(\left({C}_{B\_P}\left(0\right)\otimes {x}_{nq}\left(130\right)\right)-num,256\right)\otimes {D}_{B}\left(0\right)\hfill \end{array}\\ \{\begin{array}{l}{P}_{R\_P}^{*}\left(i\right)=\mathrm{mod}\left(\left({C}_{R\_P}\left(i\right)\otimes {C}_{R\_P}\left(i-1\right)\right)-num,256\right)\otimes {D}_{R}\left(i\right)\hfill \\ {P}_{G\_P}^{*}\left(i\right)=\mathrm{mod}\left(\left({C}_{G\_P}\left(i\right)\otimes {C}_{G\_P}\left(i-1\right)\right)-num,256\right)\otimes {D}_{G}\left(i\right)\hfill \\ {P}_{B\_P}^{*}\left(i\right)=\mathrm{mod}\left(\left({C}_{B\_P}\left(i\right)\otimes {C}_{B\_P}\left(i-1\right)\right)-num,256\right)\otimes {D}_{B}\left(i\right)\hfill \end{array}\end{array},$$
- Reconstruct ${P}_{R}$, ${P}_{G},$ and ${P}_{B}$ by using 3D cat map in Equation (15), but now the scanning sequence is from B channel to R channel, from right to left, and from bottom to top.

## 5. Experimental Results

#### 5.1. Verification of Encryption and Decryption Algorithms

#### 5.2. Security Analyses

#### 5.2.1. KeySpace Analysis

#### 5.2.2. Histogram Analysis

#### 5.2.3. Correlation Analysis

#### 5.2.4. Key Sensitivity Analysis

#### 5.2.5. Plaintext Sensitivity Analysis

#### 5.3. Robustness Analyses

## 6. Discussions and Conclusions

#### 6.1. Discussions

#### 6.2. Conclusions

^{311}, which is larger than the effective Keyspace 2

^{120}of the original CIES-UBPRPD. Besides the security and the robustness, we also take the execution time into account to provide a full performance baseline for comparing the original and the proposed image encryption algorithms, as suggested by one of the anonymous reviewers. Since the calculation amount of the enhanced CIES-UBPRPD is larger than that of the original CIES-UBPRPD, as shown in Table 6, the execution time of the proposed algorithm will be slightly slower than that of its original counterpart. Our implementation is conducted on Intel Core i7-8700 CPU @ 3.2GHz and 32GB RAM with Windows 10 OS, and written in Python.

## Author Contributions

## Funding

## Conflicts of Interest

## References

- Kumari, M.; Gupta, S.; Sardana, P. A Survey of Image Encryption Algorithms. 3D Res.
**2017**, 8. [Google Scholar] [CrossRef] - Liu, M.; Zhao, F.; Jiang, X.; Liu, X.; Liu, Y. A Novel Image Encryption Algorithm Based on Plaintext-related Hybrid Modulation Map. J. Internet Technol.
**2019**, 20, 2141–2155. [Google Scholar] - Kyamakya, K.; Halang, W.A.; Unger, H.; Chedjou, J.C.; Rulkov, N.C.; Li, Z. (Eds.) Recent Advances in Nonlinear. In Dynamics and Synchronization: Theory and Applications, Studies in Computational Intelligence 254; Springer: Berlin, Heidelberg, 2009. [Google Scholar]
- Fridrich, J. Symmetric Ciphers Based on Two-Dimensional Chaotic Maps. Int. J. Bifurc. Chaos
**1998**, 8, 1259–1284. [Google Scholar] [CrossRef] - Priya, R.; Vidhyapriya, R.; Seifedine, K.; Robertas, D.; Tomas, B. An Image Encryption Scheme Based on Block Scrambling, Modified Zigzag Transformation and Key Generation Using Enhanced Logistic-Tent Map. Entropy
**2019**, 21, 656. [Google Scholar] [CrossRef] [Green Version] - Zhu, S.; Wang, G.; Zhu, C. A Secure and Fast Image Encryption Scheme based on Double Chaotic S-Boxes. Entropy
**2019**, 21, 790. [Google Scholar] [CrossRef] [Green Version] - Liu, H.; Kadir, A.; Sun, X. Chaos-based fast colour image encryption scheme with true random number keys from environmental noise. IET Image Process.
**2017**, 11, 324–332. [Google Scholar] [CrossRef] - Li, Q.; Qian, G. A New Image Encryption Algorithm Based on Chaotic Maps. In Proceedings of the 9th International Conference on Signal Processing Systems, Auckland, New Zealand, 27–30 November 2017; pp. 65–69. [Google Scholar]
- Zhu, S.; Zhu, C.; Wang, W. A New Image Encryption Algorithm Based on Chaos and Secure Hash SHA-256. Entropy
**2018**, 20, 716. [Google Scholar] [CrossRef] [Green Version] - Huang, L.; Cai, S.; Xiao, M.; Xiong, X. A Simple Chaotic Map-Based Image Encryption System Using Both Plaintext Related Permutation and Diffusion. Entropy
**2018**, 20, 535. [Google Scholar] [CrossRef] [Green Version] - Arnold, V.I.; Avez, A. Problèmes Ergodiques de la Mécanique Classique; Benjamin: New York, NY, USA, 1967. (In French) [Google Scholar]
- He, D.; He, C.; Jiang, L.-G.; Zhu, H.-W.; Hu, G.-R. Chaotic characteristics of a one-dimensional iterative map with infinite collapses. IEEE Trans. Circuits Syst. I Regul. Pap.
**2001**, 48, 900–906. [Google Scholar] [CrossRef] - Schneier, B. A self-study course in block-cipher cryptanalysis. Cryptologia
**2000**, 24, 18–33. [Google Scholar] [CrossRef] - Wu, C.-P.; Kuo, C.-C. Design of integrated multimedia compression and encryption systems. IEEE Trans. Multimed.
**2005**, 7, 828–839. [Google Scholar] [CrossRef] - Grangetto, M.; Magli, E.; Olmo, G. Multimedia Selective Encryption by Means of Randomized Arithmetic Coding. IEEE Trans. Multimed.
**2006**, 8, 905–917. [Google Scholar] [CrossRef] - Zhou, J.; Liang, Z.; Chen, Y.; Au, O.C. Security Analysis of Multimedia Encryption Schemes Based on Multiple Huffman Table. IEEE Signal Process. Lett.
**2007**, 14, 201–204. [Google Scholar] [CrossRef] - Nagaraj, N.; Vaidya, P.G.; Bhat, K.G. Arithmetic coding as a non-linear dynamical system. Commun. Nonlinear Sci. Numer. Simul.
**2009**, 14, 1013–1020. [Google Scholar] [CrossRef] [Green Version] - El-Arsh, H.Y.; Mohasseb, Y.Z. A New Light-Weight JPEG2000 Encryption Technique Based on Arithmetic Coding. In Proceedings of the MILCOM 2013—2013 IEEE Military Communications Conference, Institute of Electrical and Electronics Engineers (IEEE). San Diego, CA, USA, 18–20 November 2013; pp. 1844–1849. [Google Scholar]
- Mostafa, M.; Fakhr, M.W. Joint image compression and encryption based on compressed sensing and entropy coding. In Proceedings of the 2017 IEEE 13th International Colloquium on Signal Processing & its Applications (CSPA), Penang, Malaysia, 10–12 March 2017; pp. 129–134. [Google Scholar] [CrossRef]
- Guo, L.; Li, J.; Xue, Q. Joint image compression and encryption algorithm based on SPIHT and crossover operator. In Proceedings of the 2017 14th International Computer Conference on Wavelet Active Media Technology and Information Processing (ICCWAMTIP), Institute of Electrical and Electronics Engineers (IEEE). Chengdu, China, 15–17 December 2017; pp. 185–188. [Google Scholar]
- Shehata, A.E.R.; El-Arsh, H.Y. Lightweight Joint Compression-Encryption-Authentication-Integrity Framework Based on Arithmetic Coding. arXiv
**2018**, arXiv:1804.04300. [Google Scholar] - Tsai, C.-J.; Wang, H.-C.; Wu, J.-L. Three Techniques for Enhancing Chaos-Based Joint Compression and Encryption Schemes. Entropy
**2019**, 21, 40. [Google Scholar] [CrossRef] [Green Version] - Xie, Y.; Yu, J.; Guo, S.; Ding, Q.; Wang, E. Image Encryption Scheme with Compressed Sensing Based on New Three-Dimensional Chaotic System. Entropy
**2019**, 21, 819. [Google Scholar] [CrossRef] [Green Version] - Liao, X.; Guo, S.; Yin, J.; Wang, H.; Li, X.; Sangaiah, A.K. New cubic reference table based image steganography. Multimed. Tools Appl.
**2017**, 77, 10033–10050. [Google Scholar] [CrossRef] - Liao, X.; Yin, J.; Guo, S.; Li, X.; Sangaiah, A.K. Medical JPEG image steganography based on preserving inter-block dependencies. Comput. Electr. Eng.
**2018**, 67, 320–329. [Google Scholar] [CrossRef]

**Figure 3.**(Left) The Original Plaintext Image; (Middle) the Encrypted (or Ciphertext) Image; (Right) the Recovered Image After Launching the Proposed Chosen-plaintext Attack to the Ciphertext Image.

**Figure 4.**The Testing Results of the Modified Encryption Scheme: (left) the Plaintext Images; (middle) the Ciphertext Images; and, (right) the Recovered Images.

**Figure 5.**The Original/Encrypted/Recovered Lena Images and the Corresponding Histograms in Different Color Channels.

**Figure 6.**The Original/Encrypted/Recovered Baboon Images and the Corresponding Histograms in Different Color Channels.

**Figure 7.**The Scatter Diagrams of Randomly Select 2000 Pairs of Adjacent Pixels at Four Specific Directions from the R Channel of (top) the Plaintext and (bottom) the Ciphertext Lena images.

**Figure 8.**The Six Ciphertext Images Obtained by Changing Single Bit of Different Secret Key Parameters.

**Figure 10.**The Decrypted Images of Figure 4b with the 1-bit Difference Keys, mentioned in Sub-Section 5.2.4.

**Table 1.**Number of pixels change rate (NPCR) and unified average changing intensity (UACI) Values Between the Two Cipher Images Given in Figure 2.

R | G | B | |
---|---|---|---|

NPCR (%) | 86.5371 | 0 | 0 |

UACI (%) | 4.8464 | 0 | 0 |

Plain Image | Cipher Image | ||||||
---|---|---|---|---|---|---|---|

R | G | B | R | G | B | ||

Lena | V | 0.9893 | 0.9823 | 0.9574 | 0.0015 | −0.0017 | −0.0023 |

H | 0.9797 | 0.9689 | 0.9325 | −0.008 | −0.0014 | −0.0013 | |

D | 0.9696 | 0.9554 | 0.9180 | −0.003 | −0.0011 | −0.0011 | |

A | 0.9777 | 0.9652 | 0.9252 | −0.006 | −0.0005 | −0.0002 | |

baboon | V | 0.8659 | 0.7650 | 0.8808 | 0.0004 | −0.0017 | 0.006 |

H | 0.9230 | 0.8654 | 0.9073 | 0.0005 | 0.0027 | 0.0019 | |

D | 0.8543 | 0.7347 | 0.8398 | 0.0004 | −0.0026 | 0.0014 | |

A | 0.8518 | 0.7249 | 0.8424 | −0.0015 | −0.0017 | 0.002 |

**Table 3.**The Plaintext Sensitivity Analyzing Results, Measured in Terms of Averaged NPCR and UACI Values.

NPCR (%) | UACI (%) | |||||
---|---|---|---|---|---|---|

R | G | B | R | G | B | |

Lena | 99.6094 | 99.6084 | 99.6096 | 33.4673 | 33.4630 | 33.4662 |

baboon | 99.6075 | 99.6081 | 99.6086 | 33.4606 | 33.4646 | 33.4684 |

fruits | 99.6081 | 99.6103 | 99.6095 | 33.4612 | 33.4620 | 33.4689 |

airplane | 99.6094 | 99.6071 | 99.6101 | 33.4669 | 33.4595 | 33.4564 |

peppers | 99.6099 | 99.6109 | 99.6092 | 33.4649 | 33.4641 | 33.4702 |

**Table 4.**Robustness of the Proposed Approach Against the Noise-adding Attack, in terms of Peak Signal-to-Noise Ratio (PSNR).

Added Noise Density | PSNR of the De-Ciphered Image |
---|---|

0.1 (10% of the image frame) | 17.6748 (dB) |

0.2 | 14.9988 (dB) |

0.3 | 13.5375 (dB) |

**Table 5.**Robustness of the Proposed Approach Against the Partial-occlusion Attack, in terms of PSNR.

Data Occlusion Loss | PSNR of the De-Ciphered Image |
---|---|

Pixel values in the bottom half = 0 | 11.6397 (dB) |

Pixel values in the center square = 0 | 14.6680 (dB) |

Pixel values in center row-rectangle = 0 | 14.6726 (dB) |

Pixel values in center column-rectangle = 0 | 14.6285 (dB) |

Original CIES-UBPRPD | Enhanced CIES-UBPRPD | |
---|---|---|

512 $\times $ 512 (image size) | 3.3557 (s) | 3.7944 (s) |

256 $\times $ 256 (image size) | 0.8355 (s) | 0.9165 (s) |

© 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Lin, C.-Y.; Wu, J.-L.
Cryptanalysis and Improvement of a Chaotic Map-Based Image Encryption System Using Both Plaintext Related Permutation and Diffusion. *Entropy* **2020**, *22*, 589.
https://doi.org/10.3390/e22050589

**AMA Style**

Lin C-Y, Wu J-L.
Cryptanalysis and Improvement of a Chaotic Map-Based Image Encryption System Using Both Plaintext Related Permutation and Diffusion. *Entropy*. 2020; 22(5):589.
https://doi.org/10.3390/e22050589

**Chicago/Turabian Style**

Lin, Cheng-Yi, and Ja-Ling Wu.
2020. "Cryptanalysis and Improvement of a Chaotic Map-Based Image Encryption System Using Both Plaintext Related Permutation and Diffusion" *Entropy* 22, no. 5: 589.
https://doi.org/10.3390/e22050589