Cryptography. â¢Cryptography is the practice and study of hiding information. ... Outline. â¢Existing work. â¢Proposed cryptographic primitives. â¢Key schedule.
BY
J. Mohamedmoideen Kader Mastan, PG Student, Dept. of ECE Sri Venkateswara College of Engg. Sriperumbudur
G.A. Sathishkumar, Associate Professor, Dept. of ECE Sri Venkateswara College of Engg. Sriperumbudur
Dr. K. Bhoopathy Bagan, Professor and Head, Instrumentation Madras Institute of Technology Chennai
Need for data security Confidentiality Authentication Message integrity
Applications: Banking transactions Government transactions Medical transactions Military transactions
Cryptography Cryptography is the practice and study of hiding information.
Types of techniques: Symmetric key encryption Asymmetric key encryption Hash function Digital signature Convergence of these techniques. Elements of cryptography: Confusion Diffusion Avalanche effect Completeness effect
Need for encrypting medical images Preserving the confidentiality of medical images and
thus the privacy of patients Curbing piracy in medical research Curbing lethal tasks which could have been done by
anti-social agents using the medical information
Why IMAGE encryption? 000102030405060708090a0b0c0d0e0f0001020304050607 0060bffe46834bb8da5cf9a61ff220ae5cbbd8811851a91781d5d 358213579fe
Outline Existing work Proposed cryptographic primitives Key schedule Flow diagram
Results Parametric results Sensitivity test results Randomness test results Efficiency test results Technique’s potential Conclusion and future scope
About the… Existing work
Existing Work (few interesting ones) Work
Cryptographic primitives used
Disadvantages
[1]
Pixel permutation and random arrangement, baker map.
No diffusion.
[2]
N-dimensional Affine transformation. Poor avalanche and completeness effect. As weak as Hill cipher.
[4]
Hill Cipher, pixel addition, pixel shifting
Relatively very slow. No logic claimed.
[5]
Chaotic map – first chaos based encryption technique.
Susceptible to chosen ciphertext attack. Poor completeness effect. Tree of causality.
[6]
Chaotic map, substitution, diffusion Broken with single known/chosen plaintext – claimed to have high data rate of 10 attack. MB/s
[12]
JPEG2000, AES, pixel permutation.
Poor avalanche and completeness effect
On the… Key schedule
Key Schedule Generation of key matrix Mat1
Swapping consecutive rows to generate Mat2
Swapping consecutive columns to generate Mat3
Swapping consecutive rows to generate Mat4
XOR values in each row to generate array Key1
XOR values in each row to generate array Key2
XOR values in each column to generate array Key3
XOR values in each row to generate array Key4
Defining the… Proposed cryptographic primitives
1. Matrix Transformation 8 × 8 key matrix ‘Mat’ in Z256 Key space = 3.887×10153 Encryption C = Mat × P mod 256 where P is plaintext and C is ciphertext Decryption P = Mat-1 × C mod 256 Different keys generated for each stage of Matrix
Transformation
2. Single Pixel Diffusion 1. a(1:8) ←a(1:8)⊕k1 2. i←1 3. a(i+1) ← a(i)⊕a(i+1)
4. i←i+1 5. Repeat Step 3 till i=1 6. a(i+1) ← (a(i)+a(i+1))mod n 7. i←i+1 8. Repeat Step 6 for r – 1 times where ‘r’ is number of
rows in the image.
3. Block Pixel Diffusion 1. a(1:8) ← a(1:8)⊕k1 2. i←1 3. a(i+8:i+15) ← a(i+8:i+15)⊕a(i:i+7) 4. i←i+7 5. Repeat Step 3 till i=1
4. Permutation Box R1 G1 B1
R2 G2 B2
R3 G3 B3
R4 G4 B4
→
G2 R2 G1
B1 B2 R1
B4 B3 R4
G3 R3 G4
Features: Only stage where the ‘R’, ‘G’ and ‘B’ channels of the image become interdependent. Independent of key and plain image.
Depicting the…
Flow diagram
Encryption flow diagram Generation of key matrices
Pad if necessary
MT (Mat2)
MT (Mat1)
PB Plain image
Generation of key arrays
BPD-1 (Key1)
MT (Mat3)
– matrix transpose
Cipher image
PB
PB
SPD-1 (Key2)
MT (Mat4)
SPD (Key3)
BPD (Key4)
Decryption Process Generation of key matrices MT (Mat3 -1)
MT (Mat4-1) Cipher image
PB -1
BPD -1 (Key4)
Generation of key arrays
MT (Mat2-1)
Unpad if necessary
PB -1
PB -1
SPD-1 (Key3)
MT (Mat1 -1)
SPD (Key2)
– matrix transpose
BPD (Key1)
Plain image
Viewing the…
Results
Typical natural image Mandrill.png
Encrypted Mandrill.png
Decrypted Mandrill.png
Histogram of the red, green and blue channels of the Mandrill.png (top) and those of the encrypted Mandrill.png (bottom)
Typical medical image Heart.jpg
Encrypted heart.jpg
Decrypted heart.jpg
Histogram of the red, green and blue channels of the heart.jpg (top) and those of the encrypted heart.jpg (bottom)
Measuring the…
Parametric results
Entropy of original and encrypted test images Image
Expected Barbara Fabric
Original entropy New entropy
8
F16
Heart
Lena Mandrill Peppers
7.6919
7.5632 6.6639 4.9830 7.7502
7.7624
7.7112
7.9998
7.9998 7.9997 7.9995 7.9998
7.9998
7.9998
Quantitative results after encryption Dim
Mandrill.png
Heart.jpg
Lena.tif
512×512×3
360×360×3
512×512×3
Param
|CAB|
NPCR% UACI%
|CAB|
NPCR% UACI%
|CAB|
NPCR% UACI%
Expected
0
R vs R
1×10-3
R vs G
1×10-3 99.5975 30.0023 2×10-3 99.6173 41.1535 7×10-4 99.6223 33.0813
R vs B
1×10-3 99.6006 29.9843 3×10-3 99.5941 41.0656 1×10-3 99.6071 33.0256
G vs R
2×10-4 99.5705 28.5434 6×10-3 99.5049 43.2241 1×10-3 99.5953 30.5989
G vs G
6×10-4 99.6265 28.5987 1×10-3
G vs B
7×10-4 99.6178 28.5877 3×10-3 99.5957 43.1288 4×10-4 99.6201 30.6442
B vs R
2×10-5 99.6067 31.2287 5×10-3 99.6173
44.344
B vs G
3×10-5 99.6166 31.2768 8×10-4
99.635
44.3225 3×10-4 99.5998 27.6079
B vs B
1×10-3 99.6265 31.2747 2×10-3
99.6111
44.2663 8×10-4 99.5991
0 0 99.6094 33.4635 99.6094 33.4635 99.6094 33.4635 99.6056 29.9482 7×10-3 99.6134 41.2312 2×10-3 99.6159 32.9182
99.598
43.1686 4×10-4 99.6025
30.631
8×10-4 99.6067 27.5898 27.621
Intra-component correlation coefficients Image
Mandrill.png
Heart.jpg
512×512×3
360×360×3
Resolution Red
Green
Blue
Red
Green
Blue
Expected
0
0
0
0
0
0
Horizontal
-0.0027
-0.0031
0.00047
0.0113
0.00023
0.0007
Vertical
0.0062
0.0041
0.0023
0.0026
-0.0028
0.0091
Diagonal
-0.0043
-0.0046
0.0016
-0.0024
0.0029
0.00026
Measuring the…
Sensitivity test results
Decryption key sensitivity Mandrill.png decrypted with wrong key changed by 1 bit
Consolidated histogram of wrongly decrypted Mandrill.png
Sensitivity test results with Mandrill.png Encryption key sensitivity
Expected
Plaintext sensitivity
Ciphertext sensitivity
|CAB|
NPCR% UACI%
|CAB|
NPCR% UACI%
|CAB|
NPCR% UACI%
0
99.6094 33.4635
0
99.6094 33.4635
0
99.6094 33.4635
R vs R 2×10-3 99.5979 33.4923 1×10-3 99.6067
33.482
1×10-3 99.6586 33.5538
R vs G 5×10-4 99.5995 33.4775 1×10-3 99.6033 33.4443 1×10-3 99.6147 33.4318 R vs B 1×10-3 99.6056 33.5062 4×10-4 99.6033 G vs R 7×10-4
99.614
33.514
33.49
1×10-3 99.6071 33.4821
1×10-3 99.6162 33.4938 7×10-4 99.6246 33.5148
G vs G 7×10-4 99.6212 33.4644 4×10-3 99.5293 33.5271 6×10-4 G vs B 1×10-3
99.612
99.704
33.5113
33.4844 3×10-4 99.5995 33.4658 6×10-4 99.6159 33.4595
B vs R 3×10-3 99.6086 33.4054 5×10-5 99.5922 33.4635 1×10-3 99.6063 33.5522 B vs G 2×10-3 99.6056 33.4375 3×10-4 99.6067 B vs B 1×10-3
99.601
33.458
2×10-3 99.6048 33.4317
33.4356 2×10-3 99.6124 33.5261 1×10-3 99.5689
33.505
Error/Ciphertext sensitivity Mandrill.png decrypted with 1 bit changed after transmission
Consolidated histogram of decrypted erroneous Mandrill.png
Measuring the…
Randomness test results
FIPS PUB 140–2 randomness tests (for sensitive but unclassified data) Randomness test
Parametric result
Criterion for passing
Result
Frequency mono-bit test
P=0.2722
P>0.01
Pass
Runs test
P=0.5757
P>0.01
Pass
Longest runs of ones test
P=0.4230
P>0.01
Pass
Poker test
x=16.5824
2.16 < x < 46.17
Pass
Scrutinizing the…
Efficiency test results
Efficiency test results Spatial Time taken for Time taken for resolution of the encryption (seconds) decryption (seconds) image
Average bit rate for encryption/ decryption
360×360×3
1.878208
1.832749
1.6Mbps
512×512×3
3.648261
3.652164
1.68Mbps
640×480×3
4.214025
4.241128
2.27Mbps
Pointing out the…
Technique’s potential
Security features Low CAB and high h
Resistive to statistical
cryptanalysis and entropy attack Decryption key sensitive Resistive to partial decryption Encryption key sensitive Resistive to related key attack Plaintext sensitive Resistive to differential cryptanalysis Ciphertext sensitive Doesn’t produce a visually perceivable erroneous image.
Comparison with AES Sl. No.
Property
AES (256 bit)
Proposed method
1.
Security
Block - wise secure
Image – wise secure
2.
Key space
2256
≈2512
3.
Stages
4
8
4.
Rounds
14
1
5.
Speed
3 Kbps in MATLAB implementation
1.68 Mbps in MATLAB implementation
6.
Cost
XOR, S – box, row shift, matrix multiplication
XOR, P – box, modular addition, matrix multiplication
7.
Power
More power efficient
Less power efficient due to modular addition
8.
Memory occupied
4 KB (optimized)
4 KB (optimized)
Comparison with Pareek et. al Sl. No.
Property
Work of Pareek et. Al
Proposed method
1.
Security
Broken with single plaintext attack
Computational complexity of 2512 – practically unbreakable
2.
Key space
2157
≈ 2512
3.
CAB
Avg. is 10-3
Avg. is 10-3
4.
NPCR
Satisfactory
Average is 99.60888% - Satisfactory
5.
UACI
Satisfactory
Average is 33.48185% - Satisfactory
6.
Key sensitivity
Satisfactory
Satisfactory
7.
Plaintext sensitivity
Negligible and predictable
Satisfactory
8.
Speed
80 Mbps
1.68 Mbps
9.
Cost
XOR
XOR, P – box, modular addition, matrix multiplication
10.
Ciphertext expansion
Nil
Significant if dimensions of image are not multiples of 8. Otherwise Nil.
Unique features First image encryption technique which is ciphertext
sensitive. First image encryption technique to produce satisfactory
sensitivity test results for color images.
Last but not the least…
Conclusion and future scope
Conclusion and future work Hence an effective and efficient color image encryption
technique has been designed and compared with contemporary techniques. The technique can very well be used for both natural and medical images. Future work shall be pivoted about efficient cryptanalysis of the technique. If efficient cryptanalysis isn’t possible, hardware implementation shall be carried out.
References 1.
2.
3. 4.
Koredianto Usman, Hiroshi Juzoji, Isao Nakajimal, Soegijardjo Soegidjoko, and Mohamad Ramdhani, Toshihiro Hori, Seiji Igi, “Medical image encryption based on pixel arrangement and random permutation for transmission security,” 9th International Conference on e-Health Networking, Application and Services, 2007, pp. 244 - 247. Wang Fangchao, Bai Sen, Zhu Guibi, and Song Zhenghui, “An image encryption algorithm based on n-dimension affine transformation”, 2009 Eigth IEEE/ACIS International Conference on Computer and Information Science, 2009, pp.579-585. Lester S. Hill, “Cryptography in an Algebraic Alphabet,” The American Mathematical Monthly, Vol. 36, No. 6, pp. 306-312. (Jun. - Jul., 1929) Bibhudendra Acharya, Sambit Kumar Shukla, Saroj Kumar Panigrahy, Sarat Kumar Patra, and Ganapati Panda, “H-S-X Cryptosystem and Its Application to Image Encryption,” International Conference on Advances in Computing, Control, and Telecommunication Technologies, 2009, pp.720-724. Application to Image Encryption,” International Conference on Advances in Computing, Control, and Telecommunication Technologies, 2009, pp.720-724.
References 5. 6.
7.
8.
9.
Fridrich.J, “Symmetric ciphers based on two-dimensional chaotic maps,” Int. J. Bifurcation and Chaos, 1997, Vol. 8, pp-1259–1284. Vinod Patidar, N.K. Pareek, and K.K. Sud, “A new substitution–diffusion based image cipher using chaotic standard and logistic maps” Commun Nonlinear Sci Numer Simulat, Elsevier, 2009, Vol.14, pp-3056–3075. Ercan Solak, Cahit Cokal, Olcay Taner Yildiz, and Turker Biyiko Glu, “Cryptanalysis of fridrich’s chaotic image encryption”,International Journal of Bifurcation and Chaos, 2010, Vol. 20, No. 5 pp. 1-9. V. Patidar, N. Pareek, and K. Sud, Modified substitution-diffusion image cipher using chaotic standard and logistic maps, Communications in Nonlinear Science and Numerical Simulation, Elsevier, 2010, Vol. 15, No 10, pp 2755-2765. R. Rhouma, E. Solak, and S. Belghith, Cryptanalysis of a new substitution-diffusion based image cipher, Communications in Nonlinear Science and Numerical Simulation, 2010, Vol. 15, No. 7, pp 1887-1892.
References 10. Chengqing Li, Shujun Li, and Kwok-Tung Lo, “Breaking a modified
substitution-diffusion image cipher based on chaotic standard and logistic maps”, Communications in Nonlinear Science and Numerical Simulations, 2011, Vol. 16, No. 2, pp. 837-843. 11. Shujun Li, Xuanqin Mou, Yuanlong Cai, and Zhen Ji, “On the security of a chaotic encryption scheme: problems with computerized chaos in finite computing precision”, Computer Physics Communications, 2003, Vol. 153, No.1, pp.52- 58. 12. Zahia Brahimi, Hamid Bessalah, A. Tarabet, and M. K. Kholladi “A new selective encryption technique of JPEG2000 codestream for medical image transmission”, 5th International Multi-Conference on Systems, Signals and Devices, 2008, pp. 1 – 4. 13. Jeffrey Overbey, William Traves, and Jerzy Wojdylo, “On the keyspace of the hill cipher”, Cryptologia, 2005, Vol. 29, No. 1, pages 59 – 72.
References 14. Behrouz A. Forouzan, “Cryptography & Network Security”, Tata 15.
16.
17. 18.
McGraw-Hill, ISBN-13: 978-0-07-066046-5, 2009. Yicong Zhou, Karen Panetta, and Sos Agaian, “A Lossless Encryption Method for Medical Images Using Edge Maps”, 31st Annual International Conference of the IEEE EMBS Minneapolis, 2009, pp. 3707-3710. Guido Bertoni, Luca Breveglieri, Pasqualina Fragneto, Marco Macchetti and Stefano Marchesin, “Efficient software implementation of AES on 32bit platforms”, Cryptographic Hardware and Embedded Systems - CHES 2002 Lecture Notes in Computer Science, 2003, Volume 2523/2003, 129142. Shannon, C.E.: Communication theory of secrecy system. Bell Syst. Techn. J. 28, pp. 656-715, (1949). http://www.healthcareitnews.com/news/hhs-cracks-down-provider-pay100000-hipaa-penalties-over-lost-laptops.
References 18. J. Mohamedmoideen Kader Mastan, G.A. Sathishkumar, K. Bhoopathy
19.
20. 21. 22.
23.
Bagan,: Digital Image Security using Matrix and Non-Linear Pixel Transformation. International Conference on computer, Communication, and Electrical Technology, Vol.1, pp.69-77 (2011). Schneier, B.: Applied Cryptography: Protocols, Algorithms and Source Code in C, 2nd edition (Wiley, NY),(1995). J. J. Buchholz, "Matlab Implementation of the Advanced Encryption Standard," http://buchholz.hs-bremen.de/aes/aes.htm, 2001. National Institute of Standards and Technology (NIST). FIPS pub 140-2: Security requirements for cryptographic modules; May 2001. G.A. Sathish Kumar, K.Bhoopathy Bagan, V. Vivekanand,: A novel algorithm for image encryption by integrated pixel scrambling plus diffusion [IISPD] utilizing duo chaos mapping applicability in wireless systems. Procedia Computer Science, vol. 3 pp. 378-387 (2011). http://en.wikipedia.org/wiki/Brute-force_attack.
Thank you
Questions?
Effect of key space Key size in bits
Permutations
Brute force time for a device checking 256 permutations per second
56
256
1 second
64
264
4 minutes 16 seconds
128
2128
149,745,258,842,898 years ≈ ∞
256
2256
50,955,671,114,250,100,000,000,000,000,000,000,000,000,0 00,000,000,000 years ≈ ∞
512
2512
≈∞
Additionally, ‘Von-Neumann Landauer limit’ physically proves that (when electronic computers are used) the energy required to brute force a 128 bit key is more than that present on earth.
Cross-correlation between two images ‘A’ and ‘B’
NPCR between two images ‘A’ and ‘B’
UACI between two images ‘A’ and ‘B’
Randomness tests Frequency mono bit test: The focus of the test is the proportion of zeroes and ones for the entire sequence. Runs test: The focus of this test is the total number of runs in the sequence, where a run is an uninterrupted sequence of identical bits. Test for the longest run of ones in a block: The focus of the test is the longest run of ones within M-bit blocks. Poker’s test: It is the measure of the distribution of all possible entries using n-bits in a sequence of ‘m’ n bits.