# Cryptanalysis of an Image Encryption Algorithm Based on Combined Chaos for a BAN System, and Improved Scheme Using SHA-512 and Hyperchaos

^{1}

^{2}

^{3}

^{4}

^{5}

^{6}

^{*}

## Abstract

**:**

## 1. Introduction

- The security of the recent image encryption algorithm in [14] is scrutinized and some defects are unveiled.
- A total break of the algorithm is done under proposed simple cryptanalysis that recovers the plain-image and nullifies the claim of excellent attack resistance ability of the algorithm made in [14].
- An improved scheme is proposed based on SHA-512 and a 4D hyperchaotic system to settle the issues of plain-image insensitivity and weak keys with strong encryption quality.

## 2. Wang et al. Image Encryption Algorithm

_{n}, y

_{n}$\in $ [0, 1] (n > 0) represents the respective state of maps as per the specifications in [14]. The initial condition y

_{0}(=x

_{k}) is the x state of map (1) after k iterations. The Wang algorithm to encrypt a plain-image I of size M × N has the following operational steps:

E = Wang_Encryption(I(i, j)) | |

W.1. | Read the plain-image I(i, j) and form its data matrix T of dimension M × N. |

W.2. | Set initial values of map (1) and generates 1D chaotic sequence X = {x_{1}, x_{2}, …, x_{n}_{1}} of length n_{1} = M × N_{1}, where N_{1} = N − ceil(N/2) |

W.3. | Create a 2D sub-chaotic matrix SI from sequence X of Logistic map of size M × N_{1}. |

W.4. | Set initial values of map (2) and generates another 1D chaotic sequence Y = {y_{1}, y_{2}, …, y_{n}_{2}} of length n_{2} = M × N_{2}, where N_{2} = N − N_{1} |

W.5. | Construct another 2D sub-chaotic matrix SK from sequence Y of size M × N_{2}. |

W.6. | Combine the two sub-chaotic matrices SI and SK to get 2D chaotic matrix EC_{M}_{×N} = {SI_{M}_{×N1}; SK_{M}_{×N2}}. |

W.7. | Perform the XOR operation on data matrix T (of plain-image I) and chaotic matrix EC to get final encrypted image E as: |

for i = 1 to M do for j = 1 to N do | |

E(i, j) = bitxor(T(i, j), EC(i, j)) | |

endfor | |

endfor | |

W.8. | Exit |

## 3. Security Defects

#### 3.1. Weak Keys

_{n}= 0 for all subsequent n. Therefore, these two values should be avoided while selecting the initial condition x

_{0}for map (1), but these values have been taken as part of key space in the Wang et al. encryption algorithm, as x

_{n}$\in $ [0, 1] is specified. For the computed two fixed points, the map generates a completely fixed sequence containing only zeros. Lastly, the logistic map has symmetric dynamics whether x

_{n}$\in $ (0, 0.5] or x

_{n}$\in $ [0.5, 1) as the map has two terms x

_{n}and (1 − x

_{n}) whose product is x

_{n}(1 − x

_{n}); now when we transform x

_{n}by (1 − x

_{n}) then the resulting terms are (1 − x

_{n}) and x

_{n}which again gives the same expression (1 − x

_{n})x

_{n}. This means the sequence generated with x = 0.35 is exactly similar to the one generated with x = 0.65 for unchanged μ. In general, the same sequence will be generated for x

_{n}and (1 − x

_{n}), making 50% of the keys component due to the initial condition of x effective i.e., equal to 50% of 10

^{15}. The set of weak keys for map (1) due to x

_{0}and μ includes k

_{1}= 0.5 × 10

^{15}− Δ

_{1}(Δ

_{1}is the set of all those values of μ for which map (1) falls in the non-chaotic regions).

_{n}= a, map (2) results to y

_{n}

_{+1}= y

_{n}/ a = 1, thus a periodic fixed sequence of {y

_{n}= a, 1, 0, 0, …, 0} will be generated. For case B: when y

_{n}$\in $ (0, 0.5) and a = 2y

_{n}, then a non-random sequence {y

_{n}, 0.5, 1, 0, 0, …, 0} is obtained from map (2). For case C: when y

_{n}$\in $ (0, 1) and a = 0.5, a sequence with poor period is observed. In [14], the restriction on parameter a in interval [0.4, 0.5] reduces the key space component due to a being only 10% of 10

^{15}. There are almost 10

^{15}values out of possible pairs of (y

_{0}, a) = 10

^{15}× 10

^{15}for case A, 0.5 × 10

^{15}for case B, and Δ

_{2}for case C which must be avoided. Moreover, the x

_{k}-th value of map (1) derives the initial condition y

_{0}of map (2). So, its component factor of 10

^{15}should not be considered in key space. Hence, the set of weak keys for map (2) are k

_{2}= 0.9 × 10

^{15}+ 10

^{15}+ 0.5 × 10

^{15}+ Δ

_{2}.

_{0}, μ, a is reduced to (4 − 3.5699456) × 10

^{45}− k

_{1}− k

_{2}due to the above issues as a lot of weak keys = k

_{1}+ k

_{2}= 2.9 × 10

^{15}≈ 2

^{52}out of 10

^{45}may result in poor encryption quality. Hence, the algorithm in [14] has a large number of weak keys which may weaken the algorithm and the claimed key space of (10

^{15})

^{4}= 10

^{60}≈ 2

^{200}is impractical.

#### 3.2. Sub-Chaotic Matrices SI and SK Are Fixed

#### 3.3. Lack of Sensitivity to Change in Plain-Image

_{1}shown in Figure 2a as plain image which is encrypted by algorithm in [14] and shown in Figure 2b as E

_{1}. Then, we change only one pixel of I

_{1}at the central position and another plain image I

_{2}is obtained (depicted in Figure 2c); this new image I

_{2}is also encrypted with same algorithm and shown in Figure 2d as E

_{2}. To our dismay, the difference between the two encrypted images is almost a black image except the central position pixel which was altered. This means that the change in plain image does not result in good confusion and diffusion, or else the difference image will be a random-like one. This defect proves that Wang’s encryption algorithm has a lack of plain-image sensitivity.

## 4. Proposed Cryptanalysis

## 5. Proposed Improved Image Encryption Scheme

#### 5.1. 4D Hyperchaotic System

_{1}= 25.6206, λ

_{2}= 11.2401, λ

_{3}= 1.717 ×

^{10−5}and λ

_{4}= −115.0336. Note the presence of more than one positive lyapunov exponents which indicates the existence of hyperchaotic phenomenon in system (3). We applied the Runge–Kutta of order 4 to solve the system. This hyperchaotic system is adopted because of its following features:

- It consists of 7 system parameters, which enlarge heavily the key space of the respective security primitive and make the exhaustive attack impractical.
- It has a maximum lyapunov exponent of 25.6206 which is quite high and it is largest among all available 4D hyperchaotic systems. A larger positive lyapunov exponent shows that system trajectories vary more sharply in phase space and makes system’s dynamics more complicated by establishing stronger sensitivity to initial conditions [32]. However, the lyapunov exponent of most of the 1D chaotic maps are less than 1, including the logistic map and skew tent map in (1) and (2).
- The range of Kaplan–Yorke dimensions for 60 ≤ r ≤ 166 is 3.2801 ≤ D
_{KY}≤ 3.3241, which is also much larger than most of the existing 4D hyperchaotic systems. - It exhibits largest topological entropy, in hyperchaotic systems, which is not less than log(3).

#### 5.2. SHA-512

^{256}, and it uses different shifts amounts and additive constant during its operation [34]. SHA-512 operates on eight 64-bit words. The message to be hashed is first padded with its length such that the result is a multiple of 1024-bits, and which is then parsed to 1024-bit message sub-blocks. The sub-blocks are treated iteratively one at a time beginning with a fixed initial hash value to return the final hash digest of 512-bits after processing all message sub-blocks.

#### 5.3. Algorithm

_{i}

_{−1}, β, g

_{i}

_{−1}and the image information dependent function circ-shift(x, n) creates further complexity and dependency of the algorithm on image information to be encrypted for secure image transfer. This function circularly shifts the input argument x in the left direction by n number of positions and generates output. All these modifications in the algorithm make it highly robust, secure and statistically sound which will be discussed in Section 6.

- Step 1.
- Take proper input values for initial conditions x(0), y(0), z(0), w(0), parameters a, b, c, d, e, f, r.
- Step 2.
- Read the plain image I (gray-scale or RGB image).
- Step 3.
- Transform the input image I into 1D sequence of pixels of length say L (=MN for gray image and 3 MN for color image).
- Step 4.
- Compute hash digest of 512-bits using SHA-512 on 1D image sequence I in Step 3, say HH = H
_{1}, H_{2}, H_{3}, …, H_{63}, H_{64}_{i}= {h_{i}_{1}, h_{i}_{2}, h_{i}_{3}, ..., h_{i}_{8}} is i-th byte in hash H. - Step 5.
- Update the initial conditions of system (3) and parameter r $\in $ [60, 166] according to the following Formulas (4)–(8)$$\widehat{x}(0)=\left[x(0)+\frac{1}{256\times 16}\left({\displaystyle \sum _{i=1}^{16}bin2dec({H}_{i})}\right)\right]\mathrm{mod}(1)$$$$\widehat{y}(0)=\left[y(0)+\frac{1}{256\times 16}\left({\displaystyle \sum _{i=17}^{32}bin2dec({H}_{i})}\right)\right]\mathrm{mod}(1)$$$$\widehat{z}(0)=\left[z(0)+\frac{1}{256\times 16}\left({\displaystyle \sum _{i=33}^{48}bin2dec({H}_{i})}\right)\right]\mathrm{mod}(1)$$$$\widehat{w}(0)=\left[w(0)+\frac{1}{256\times 16}\left({\displaystyle \sum _{i=49}^{64}bin2dec({H}_{i})}\right)\right]\mathrm{mod}(1)$$$$\widehat{r}=\left(r\right)\mathrm{mod}(1)+\left[\lfloor r\rfloor +\left({H}_{7}\times {H}_{13}+{H}_{21}\times {H}_{31}+{H}_{37}\times {H}_{45}+{H}_{51}\times {H}_{62}\right)\right]\mathrm{mod}(107)+60$$
_{i}) converts input binary data H_{i}to its equivalent decimal value. - Step 6.
- Iterate the hyperchaotic system (3) with updated initial conditions and parameter for L times to generate four chaotic sequences X(i), Y(i), Z(i) and W(i), where i = 1 to L.
- Step 7.
- Do the following to perform masking operation on 1D image sequence I = {I
_{1}, I_{2}, I_{3}, …, I_{L}} for i = 1 to L as$${F}_{1}=\left[floor(X(i))\times {10}^{15}\right]\mathrm{mod}(256)$$$${F}_{2}=\left[floor(Y(i))\times {10}^{15}\right]\mathrm{mod}(256)$$$${F}_{3}=\left[floor(Z(i))\times {10}^{15}\right]\mathrm{mod}(256)$$$$r=\left(r\times {F}_{2}\times F3\right)\mathrm{mod}(1)+\left[floor(W(i))\times {10}^{15}+r\right]\mathrm{mod}(107)+60//\mathrm{re-update}r\mathrm{for}\mathrm{next}\mathrm{iteration}$$$${Q}_{i}=\left[{I}_{i}\oplus {F}_{1}+{s}_{i-1}\right]\mathrm{mod}(256)\oplus {F}_{3}\oplus {g}_{i-1}$$$$\delta ={F}_{1}\oplus {F}_{3}$$$$\beta =\left[\delta +{s}_{i-1}\right]\mathrm{mod}(256)$$$${E}_{i}=circ-shift\left({Q}_{i},\left[\beta \right]\mathrm{mod}(8)\right)$$$${g}_{i}={E}_{i}\oplus {F}_{2}$$$${s}_{i}={s}_{i-1}+{g}_{i}$$ - Step 8.
- Perform the inverse of Step 3 on 1D sequence E to get the encrypted image.
- Step 9.
- Exit

## 6. Performance Analysis of Improved Scheme

_{0}= 0, g

_{0}= 0. The results of the encryption for the gray-scale and color Lena images are shown in Figure 5 and Figure 6, respectively. It can be seen that encrypted images have high indistinguishability, visual distortion and are significantly different from their respective plain images.

#### 6.1. Histogram Analysis

#### 6.2. Pixels Correlation Analysis

#### 6.3. Image Entropy Analysis

_{i}) represents the probability of occurrence of intensity level s

_{i}$\in $ [0, 255] for 8-bit encoded images. The computed entropy scores of the plain Lena gray image is 7.44737, and for components of the plain Lena color image as 7.2531 (red), 7.59403 (green), 6.96842 (blue). The entropies of encrypted images by different encryption schemes are listed in Table 3 and Table 4 for gray and color images, respectively. It is apparent from the two tables that all entropy values are significantly close to the ideal value 8. However, the improved scheme still shows an upright performance compared to other encryption schemes in the tables as our entropy scores are slightly higher in most cases and, hence, can resist entropy-based attacks more diligently.

#### 6.4. Number of Pixel Change Rate (NPCR) and Unified Average Changing Intensity (UACI) Analysis for Plain-Image Sensitivity

_{1}and I

_{2}(which have only one pixel difference to each other) and whose corresponding encrypted images are, let say, E

_{1}and E

_{2}, respectively, the NPCR and UACI metrics are defined as:

^{−10}in all floating-point components and +1 in integer components of the key, and the values are consistent with the values of Wang’s algorithm.

#### 6.5. Key Space Analysis

^{45}as analyzed in Section 3.1. Whereas the components of the secret key for our proposed improved scheme includes the four initial conditions, x(0), y(0), z(0), w(0), seven parameters a, b, c, d, e, f, r, all are floating-point numbers, and integers s

_{0}, g

_{0}≥ 0. In order to avoid the problem of dynamic degradation, we carried out all floating point computation as per the IEEE-754 floating point standard of double-floating point arithmetic. Hence, for the working precision of 10

^{−15}, our key space is found to be more than 10

^{165}≈ 2

^{548}. Key space for our improved encryption scheme is decently large compared to key space of 10

^{45}in [14], 2

^{199}in [37,38], 2

^{256}in [41,42], 2

^{390}in [43], and 2

^{203}in [44], and can withstand any exhaustive search attack more comfortably.

#### 6.6. Computation Efficiency

## 7. Conclusions

## Author Contributions

## Funding

## Conflicts of Interest

## References

- Patel, M.; Wang, J. Applications, challenges, and prospective in emerging body area networking technologies. IEEE Wirel. Commun.
**2010**, 17, 80–88. [Google Scholar] [CrossRef] - Jovanov, E.; Milenkovic, A. Body Area Networks for Ubiquitous Healthcare Applications: Opportunities and Challenges. J. Med. Syst.
**2011**, 35, 1245–1254. [Google Scholar] [CrossRef] [PubMed] - Milenkovic, A.; Otto, C.; Jovanov, E. Wireless sensor networks for personal health monitoring: Issues and an implementation. Comput. Commun.
**2006**, 29, 2521–2533. [Google Scholar] [CrossRef] - Javadi, S.S.; Razzaque, M.A. Security and Privacy in Wireless Body Area Networks for Health Care Applications. Signals Commun. Technol. Wirel. Netw. Secur.
**2013**, 165–187. [Google Scholar] [CrossRef] - Li, M.; Lou, W.; Ren, K. Data security and privacy in wireless body area networks. IEEE Wirel. Commun.
**2010**, 17, 51–58. [Google Scholar] [CrossRef] - Poon, C.; Zhang, Y.-T.; Bao, S.-D. A novel biometrics method to secure wireless body area sensor networks for telemedicine and m-health. IEEE Commun. Mag.
**2006**, 44, 73–81. [Google Scholar] [CrossRef] - Ahmad, M.; Ahmad, T. A Framework to Protect Patient Digital Medical Imagery for Secure Telediagnosis. Procedia Eng.
**2012**, 38, 1055–1066. [Google Scholar] [CrossRef] - Zhang, Z.; Wang, H.; Vasilakos, A.V.; Fang, H. ECG-Cryptography and Authentication in Body Area Networks. IEEE Trans. Inf. Technol. Biomed.
**2012**, 16, 1070–1078. [Google Scholar] [CrossRef] [PubMed] - Shi, L.; Li, M.; Yu, S.; Yuan, J. BANA: Body area network authentication exploiting channel characteristics. IEEE J. Sel. Areas Commun.
**2013**, 9, 1803–1816. [Google Scholar] [CrossRef] - Zhao, Z. An Efficient Anonymous Authentication Scheme for Wireless Body Area Networks Using Elliptic Curve Cryptosystem. J. Med. Syst.
**2014**, 38. [Google Scholar] [CrossRef] [PubMed] - Carmen, P.-L.; Ricardo, L.-R. Notions of Chaotic Cryptography: Sketch of a Chaos Based Cryptosystem; Applied Cryptography and Network Security: Intechopen, UK, 2012. [Google Scholar]
- Sufi, F.; Han, F.; Khalil, I.; Hu, J. A chaos-based encryption technique to protect ECG packets for time critical telecardiology applications. Secur. Commun. Netw.
**2010**, 4, 515–524. [Google Scholar] [CrossRef] - Fu, C.; Meng, W.-H.; Zhan, Y.-F.; Zhu, Z.-L.; Lau, F.C.; Tse, C.K.; Ma, H.-F. An efficient and secure medical image protection scheme based on chaotic maps. Comput. Biol. Med.
**2013**, 43, 1000–1010. [Google Scholar] [CrossRef] [PubMed] - Wang, W.; Si, M.; Pang, Y.; Ran, P.; Wang, H.; Jiang, X.; Liu, Y.; Wu, J.; Wu, W.; Chilamkurti, N.; et al. An encryption algorithm based on combined chaos in body area networks. Comput. Electr. Eng.
**2018**, 65, 282–291. [Google Scholar] [CrossRef] - Ahmad, M.; Alam, M.Z.; Ansari, S.; Lambić, D.; Alsharari, H.D. Cryptanalysis of an image encryption algorithm based on PWLCM and inertial delayed neural network. J. Intell. Fuzzy Syst.
**2018**, 34, 1323–1332. [Google Scholar] [CrossRef] - Bard, G.V. Algebraic Cryptanalysis; Springer: Berlin, Germany, 2009. [Google Scholar]
- Alvarez, G.; Li, S.; Hernandez, L. Analysis of security problems in a medical image encryption system. Comput. Biol. Med.
**2007**, 37, 424–427. [Google Scholar] [CrossRef] [PubMed] [Green Version] - Acharya, U.R.; Bhat, P.S.; Kumar, S.; Min, L.C. Transmission and storage of medical images with patient information. Comput. Biol. Med.
**2003**, 33, 303–310. [Google Scholar] [CrossRef] - Zhu, Z. An Efficient Authentication Scheme for Telecare Medicine Information Systems. J. Med. Syst.
**2012**, 36, 3833–3838. [Google Scholar] [CrossRef] [PubMed] - Muhaya, F.T.B. Cryptanalysis and security enhancement of Zhu’s authentication scheme for Telecare medicine information system. Secur. Commun. Netw.
**2014**, 8, 149–158. [Google Scholar] [CrossRef] - Xu, X.; Zhu, P.; Wen, Q.; Jin, Z.; Zhang, H.; He, L. A Secure and Efficient Authentication and Key Agreement Scheme Based on ECC for Telecare Medicine Information Systems. J. Med. Syst.
**2013**, 38, 1–7. [Google Scholar] [CrossRef] [PubMed] - Islam, S.H.; Khan, M.K. Cryptanalysis and Improvement of Authentication and Key Agreement Protocols for Telecare Medicine Information Systems. J. Med. Syst.
**2014**, 38, 1–16. [Google Scholar] [CrossRef] [PubMed] - Zhang, L.-B.; Zhu, Z.-L.; Yang, B.-Q.; Liu, W.-Y.; Zhu, H.-F.; Zou, M.-Y. Cryptanalysis and Improvement of an Efficient and Secure Medical Image Protection Scheme. Math. Probl. Eng.
**2015**, 2015, 1–11. [Google Scholar] [CrossRef] - Chen, L.; Wang, S. Differential cryptanalysis of a medical image cryptosystem with multiple rounds. Comput. Biol. Med.
**2015**, 65, 69–75. [Google Scholar] [CrossRef] [PubMed] - Schneier, B. Applied Cryptography: Protocols, Algorithms, and Source Code in C; John Wiley & Sons: Indianapolis, IN, USA, 2015. [Google Scholar]
- Kerckhoffs’s Principle. Available online: http://crypto-it.net/eng/theory/kerckhoffs.html (accessed on 13 February 2018).
- Hua, Z.; Zhou, B.; Zhou, Y. Sine-Transform-Based Chaotic System with FPGA Implementation. IEEE Trans. Ind. Electr.
**2018**, 65, 2557–2566. [Google Scholar] [CrossRef] - Wang, X.-Y.; Zhang, H.-L. A novel image encryption algorithm based on genetic recombination and hyper-chaotic systems. Nonlinear Dyn.
**2016**, 83, 333–346. [Google Scholar] [CrossRef] - Li, P.; Wang, X.-Y.; Fu, H.-J.; Xu, D.-H.; Wang, X.-K. A New Color Image Encryption Based On High-Dimensional Chaotic Systems. Int. J. Mod. Phys. B
**2014**, 28, 1450024. [Google Scholar] [CrossRef] - Ahmad, M.; Ahmad, T. Securing multimedia colour imagery using multiple high dimensional chaos-based hybrid keys. Int. J. Commun. Netw. Distributed Syst.
**2014**, 12, 113. [Google Scholar] [CrossRef] - Liu, H.; Wang, X.-Y.; Kadir, A. Color image encryption using Choquet fuzzy integral and hyper chaotic system. Optik
**2013**, 124, 3527–3533. [Google Scholar] [CrossRef] - Chen, L.; Tang, S.; Li, Q.; Zhong, S. A new 4D hyperchaotic system with high complexity. Math. Comput. Simul.
**2018**, 146, 44–56. [Google Scholar] [CrossRef] - Maashri, A.A.; Pathuri, L.; Awadalla, M.; Ahmad, A.; Ould-Khaoua, M. Optimized Hardware Crypto Engines for XTEA and SHA-512 for Wireless Sensor Nodes. Indian J. Sci. Technol.
**2016**, 9, 1–7. [Google Scholar] [CrossRef] - Ahmad, I.; Das, A.S. Hardware implementation analysis of SHA-256 and SHA-512 algorithms on FPGAs. Comput. Electr. Eng.
**2005**, 31, 345–360. [Google Scholar] [CrossRef] - Wang, X.-Y.; Zhang, Y.-Q.; Bao, X.-M. A colour image encryption scheme using permutation-substitution based on chaos. Entropy
**2015**, 17, 3877–3897. [Google Scholar] [CrossRef] - Ahmad, M.; Alam, M. Z.; Umayya, Z.; Khan, S.; Ahmad, F. An image encryption approach using particle swarm optimization and chaotic map. Int. J. Inf. Technol.
**2018**, 10, 247–255. [Google Scholar] [CrossRef] - Chen, J.; Zhu, Z.; Fu, C.; Yu, H.; Zhang, L. A fast chaos-based image encryption scheme with a dynamic state variables selection mechanism. Commun. Nonlinear Sci. Numer. Simul.
**2015**, 20, 846–860. [Google Scholar] [CrossRef] - Bashir, Z.; Wątróbski, J.; Rashid, T.; Zafar, S.; Sałabun, W. Chaotic Dynamical State Variables Selection Procedure Based Image Encryption Scheme. Symmetry
**2017**, 9, 312. [Google Scholar] [CrossRef] - Dong, C. Color image encryption using one-time keys and coupled chaotic systems. Signal Process. Image Commun.
**2014**, 29, 628–640. [Google Scholar] [CrossRef] - Liu, H.; Kadir, A.; Gong, P. A fast color image encryption scheme using one-time S-Boxes based on complex chaotic system and random noise. Opt. Commun.
**2015**, 338, 340–347. [Google Scholar] [CrossRef] - Chai, X.-L.; Gan, Z.-H.; Lu, Y.; Zhang, M.-H.; Chen, Y.-R. A novel color image encryption algorithm based on genetic recombination and the four-dimensional memristive hyperchaotic system. Chin. Phys. B
**2016**, 25, 100503. [Google Scholar] [CrossRef] - Chai, X.; Gan, Z.; Yang, K.; Chen, Y.; Liu, X. An image encryption algorithm based on the memristive hyperchaotic system, cellular automata and DNA sequence operations. Signal Process. Image Commun.
**2017**, 52, 6–19. [Google Scholar] [CrossRef] - Zhu, C.; Sun, K. Cryptanalyzing and Improving a Novel Color Image Encryption Algorithm Using RT-Enhanced Chaotic Tent Maps. IEEE Access
**2018**, 6, 18759–18770. [Google Scholar] [CrossRef] - Wu, X.; Wang, K.; Wang, X.; Kan, H.; Kurths, J. Color image DNA encryption using NCA map-based CML and one-time keys. Signal Process.
**2018**, 148, 272–287. [Google Scholar] [CrossRef] - Wong, K.-W.; Kwok, B.S.-H.; Yuen, C.-H. An efficient diffusion approach for chaos-based image encryption. Chaos Solitons Fractals
**2009**, 41, 2652–2663. [Google Scholar] [CrossRef] [Green Version] - Mao, Y.; Chen, G.; Lian, S. A Novel Fast Image Encryption Scheme Based On 3D Chaotic Baker Maps. Int. J. Bifurc. Chaos
**2004**, 14, 3613–3624. [Google Scholar] [CrossRef] - Zhang, W.; Wong, K.-W.; Yu, H.; Zhu, Z.-L. An image encryption scheme using reverse 2-dimensional chaotic map and dependent diffusion. Commun. Nonlinear Sci. Numer. Simul.
**2013**, 18, 2066–2080. [Google Scholar] [CrossRef] - Wang, Y.; Wong, K.-W.; Liao, X.; Xiang, T.; Chen, G. A chaos-based image encryption algorithm with variable control parameters. Chaos Solitons Fractals
**2009**, 41, 1773–1783. [Google Scholar] [CrossRef]

**Figure 2.**Simulation of lack of plain-image sensitivity: (

**a**) plain image I

_{1}; (

**b**) encrypted image E

_{1}of I

_{1}; (

**c**) plain image I

_{2}; (

**d**) encrypted image E

_{2}of I

_{2}; (

**e**) difference of two encrypted images E

_{1}and E

_{2}.

**Figure 3.**Simulation of attack method: (

**a**) plain image P; (

**b**) encrypted image C of P; (

**c**) black image A; (

**d**) encrypted image E (or EC) of black image A; (

**e**) bitxor(C, EC) the recovered plain image of encrypted image C without owning the secret key.

**Figure 4.**Phase portraits of hyperchaotic system (3) as (

**a**) projection on x-y-z space; (

**b**) projection on y-z-w space.

**Figure 5.**Encryption result for Lena gray-scale plain-image: (

**a**) plain-image; (

**b**) encrypted image; (

**c**) histogram of plain image in (

**a**); (

**d**) histogram of encrypted image in (

**b**).

**Figure 6.**Encryption results for Lena color plain image: (

**a**) color plain image; (

**b**) encrypted color image; (

**c**) histogram of plain R component; (

**d**) histogram of plain G component; (

**e**) histogram of plain B component; (

**f**) histogram of encrypted R component; (

**g**) histogram of encrypted G component; (

**h**) histogram of encrypted B component.

**Figure 7.**Simulation of sensitivity to one pixel change in the plain image for the proposed improved encryption scheme: (

**a**) encrypted image of plain image in Figure 2a; (

**b**) encrypted image of one pixel changed plain image in Figure 2c; (

**c**) difference of two encrypted images in (

**a**,

**b**); (

**d**) histogram of difference image obtained in (

**c**).

**Table 2.**Correlation coefficients of adjacent pixels in three color components of encrypted Lena color images.

Component | Proposed | Ref. [14] | Ref. [39] | Ref. [40] | Ref. [41] |
---|---|---|---|---|---|

Red | 0.000626 | 0.0027 | 0.0017 | 0.0026 | −0.0031 |

Green | 0.0000219 | −0.0019 | 0.0027 | 0.0051 | 0.0160 |

Blue | −0.000475 | 0.0003 | 0.0043 | 0.0009 | −0.0190 |

**Table 3.**Correlation coefficients of adjacent pixels in three color components of encrypted Lena images.

Component | Proposed | Ref. [14] | Ref. [39] | Ref. [40] | Ref. [41] |
---|---|---|---|---|---|

Red | 7.999328 | 7.9974 | 7.9898 | 7.99734 | 7.9993 |

Green | 7.999322 | 7.9969 | 7.9901 | 7.99716 | 7.9993 |

Blue | 7.999277 | 7.9884 | 7.9902 | 7.99688 | 7.9993 |

**Table 5.**Results of the number of pixel change rate (NPCR) and unified average changing intensity (UACI) for Lena gray-image sensitivity.

© 2018 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Ahmad, M.; Al Solami, E.; Wang, X.-Y.; Doja, M.N.; Beg, M.M.S.; Alzaidi, A.A.
Cryptanalysis of an Image Encryption Algorithm Based on Combined Chaos for a BAN System, and Improved Scheme Using SHA-512 and Hyperchaos. *Symmetry* **2018**, *10*, 266.
https://doi.org/10.3390/sym10070266

**AMA Style**

Ahmad M, Al Solami E, Wang X-Y, Doja MN, Beg MMS, Alzaidi AA.
Cryptanalysis of an Image Encryption Algorithm Based on Combined Chaos for a BAN System, and Improved Scheme Using SHA-512 and Hyperchaos. *Symmetry*. 2018; 10(7):266.
https://doi.org/10.3390/sym10070266

**Chicago/Turabian Style**

Ahmad, Musheer, Eesa Al Solami, Xing-Yuan Wang, M. N. Doja, M. M. Sufyan Beg, and Amer Awad Alzaidi.
2018. "Cryptanalysis of an Image Encryption Algorithm Based on Combined Chaos for a BAN System, and Improved Scheme Using SHA-512 and Hyperchaos" *Symmetry* 10, no. 7: 266.
https://doi.org/10.3390/sym10070266