For an excellent image encryption algorithm, it can resist several commonly used attacks, such as the brute-force attack and differential attack. This paper analyzes the performance of the proposed algorithm in terms of the key space, histogram, correlation, differential attack, information entropy, and encryption efficiency.
6.1. Key Space Analysis
For a desirable encryption algorithm, its key space should be large enough to resist the brute-force attack. (1) For Zhang’s algorithm, the AES key is also the key of Zhang’s algorithm. This algorithm security main depends on the used key length, i.e., 128, 192, or 256 bits. Therefore, the size of key space is also , , or ; (2) For Kalubandi’s algorithm, authors adopt AES-256 during the process of image encryption. Therefore, the key space is ; (3) For Hraoui’s algorithm, authors adopt AES-128 during the process of image encryption. Therefore, the key space is ; (4) for the proposed algorithm, the keys are the AES key, the variables and of PWLCM. In our experiment, we used AES-256 to encrypt the plain image. If 16 digits exists after the decimal point for the key, then the key space is . Therefore, the proposed algorithm has the largest key space to withstand the brute-force attack.
6.4. Differential Attack Analysis
The differential attack is used to check the plaintext sensitivity for an image encryption algorithm [
22]. Therefore, if we make a slight change to the plain image, a desirable encryption algorithm can spread this influence over the whole encryption process. To evaluate the ability to resist the differential attack, the Number of Pixels Change Rate (NPCR) and Unified Average Changing Intensity (UACI) are defined by:
where
is the encryption image of the plain image,
is the encryption image of the modified plain image, and
is defined by:
To evaluate the performance of the plaintext sensitivity, the simulation changes the pixel value
of the plain image into 200. For the proposed algorithm, Zhang’s algorithm, Kalubandi’s algorithm, and Hraoui’s algorithm, have their NPCR and UACI results of
Figure 4a listed in
Table 4. For the proposed algorithm and Zhang’s algorithm, NPCR and UACI results are very large. Therefore, their plaintext sensitivity is very strong. However, for Kalubandi’s algorithm and Hraoui’s algorithm, NPCR and UACI results are 0. The reason is that both the proposed algorithm and Zhang’s algorithm use the mode of cipher block chaining to encrypt
Figure 4a. Meanwhile, for the proposed algorithm, the variable
and
of PWLCM are generated by the SHA-256 value of
Figure 4a. Even if two images are very similar, but only one bit is different. Their hash values of SHA-256 are completely different [
21]. The results imply that both the proposed algorithm and Zhang’s algorithm are strong to withstand the differential attack.
6.6. Encryption Efficiency Analysis
The encryption efficiency is the significant performance for an encryption algorithm. The core encryption times can directly affect the encryption speed. For the proposed algorithm, Zhang’s algorithm, Kalubandi’s algorithm, and Hraoui’s algorithm have their core operation is AES encryption times. The AES encryption times for these algorithms are given in
Table 6. The unit is times. A 128-bit data block is encrypted with the encryption function of AES, i.e.,
, viewed as once AES encryption times. The data in
Table 6 view that the proposed algorithm can obviously reduce AES encryption times. We analyze the AES encryption times of these algorithms in detail as follows.
(1) In Zhang’s algorithm, authors divide the pixel values into pixel blocks, and then encrypt them with AES. For the plain image with the size , it has 262,144 (i.e., ) pixel values. These pixel values can be converted into 16,384 (i.e., 262,144/16) pixel blocks. Therefore, to protect the plain image, this algorithm should encrypt 16,384 pixel blocks with Equation (11) or (12), i.e., 16,384 AES encryption times;
(2) In Kalubandi’s algorithm, authors encode the plain image with the Base64 standard. And then they encrypt the Base64 encoded text with AES. For the plain image with the size
, it has 262,144 pixel values. Each Base64 code represents with 6 bits of the pixel value, so three 8-bit pixel values can be represented by four 6-bit Base64 codes. If there are only two pixel values, they can be represented by three Base64 codes. If there is only one pixel value, it can be represented by two Base64 codes [
24]. Therefore, for the plain image, 262,144 pixel values can be encoded with 349,526 (i.e.,
) Base64 codes, where 262,143 is multiples of 3,262,143 pixel values can be encoded with 349,524 Base64 codes, and the last pixel value can be encoded with 2 Base64 codes. The plain image can be encoded with 349,526 Base64 codes in total. These Base64 codes can be converted into 21,846 (i.e.,
) 128-bit data blocks, where 349,520 is multiples of 16. The 349,520 Base64 codes can be converted with 21,845 128-bit data blocks, and the last 6 Base64 codes can be converted with one 128-bit data block. Therefore, to protect the plain image, this algorithm should encrypt 21,846 128-bit data blocks with
, i.e., 21,846 AES encryption times;
(3) In Hraoui’s algorithm, authors divide the image into pixel blocks, and then encrypt them with AES directly. The plain image with the size can be divided into 16,384 (i.e., ) pixel blocks. Therefore, to protect the plain image, this algorithm should encrypt 16,384 pixel blocks with , i.e., 16,384 AES encryption times;
(4) In the proposed algorithm, Alice groups 16 pixel values together to form a big integer number with the 128-bit length. We consider that the AES operation is more complex than the XOR operation. The proposed algorithm only encrypts the first big integer with Equation (7), i.e., only once AES encryption times, and encrypt other big integers with the previous encrypted big integer and chaotic big integers, i.e., Equation (8).