CN106910156A - A kind of New chaotic image encryption method with plaintext association key stream generting machanism - Google Patents

Abstract

The present invention discloses a kind of New chaotic image encryption method with plaintext association key stream generting machanism.The method is realized based on " scramble-diffusion " framework.Scrambling algorithm is based on pixel exchanging mechanism, and the position for exchanging target is generated by logistic chaotic maps.Diffusion key stream is generated based on Generalized Lorenz like systems, and introduces a kind of key stream Quantification of elements mechanism related to plaintext.The mechanism enhances encryption system and resists the ability of known-plaintext and chosen -plain attact, while accelerating diffusion process, can reduce the diffusion wheel number needed for reaching preferable diffusion.With existing key stream compared with plaintext correlation technique, the present invention solves the problems, such as that chaos sequence cannot be reused in many wheel encryptions, therefore with lower computational load.Cryptanalysis result shows that encryption method proposed by the invention has good security.

Description

A kind of New chaotic image encryption method with plaintext association key stream generting machanism

Technical field

It is specifically a kind of to have and plaintext association key stream generation machine the present invention relates to New chaotic image encryption technical field The New chaotic image encryption method of system.

Background technology

In recent years, developing rapidly with multimedia and computer networking technology, digital picture is used as most intuitively information Carrier has carried out the important means of information interchange as people.Increasing digital picture is with Internet, wireless network Deng propagating in the Open Network for representative, the access of information and shared is very easy to.At the same time, business, finance, doctor Transmission of the image information of many Sensitive Domains such as treatment, scientific research, military affairs, politics under open network environment has huge peace Full hidden danger, often suffer from it is various it is potential it is artificial attack, including information illegal acquisition, distort with issue etc., to information Owner causes huge loss.Therefore image information is encrypted most important.

The image encryption that develops into of chaology provides a brand-new thinking in recent years.From the mid-90 in last century Since, many scholars have found to there is natural contact between Chaos and cryptography.Initial value and system that chaos system has The series of characteristics such as parameter extreme sensitivity, ergodic, track unpredictability and good pseudo-randomness, can be very The demand for building a good cryptographic system of security performance is met well.Based on the encryption system of chaotic dynamics construction, carry A good balance of security and encryption efficiency is supplied, it both has safety very high, and with soft and hardware reality Now simply, the characteristics of speed, it is particularly suitable for the digital picture larger to data volume and is encrypted, realizes the reality of digital picture When, safe transmission.At present, Chaotic Image Encryption Algorithm has turned into the mainstream technology and study hotspot of image information safety, has Great application potential.

1998, American scholar Jessica Fridrich proposed a kind of general image encryption framework, such as Fig. 1 first It is shown.The framework realizes a safety by " scramble " (confusion) and " diffusion " (diffusion) two nucleus modules Encryption system.In the scramble stage, the position of each pixel is disturbed in a kind of pseudorandom mode in image, but pixel value Generally remain constant.For diffusion process, in addition to changing the pixel value of each point, its another Core Feature is by each The influence of pixel diffuses to whole ciphertext graph picture, so as to ensure that encryption system can effectively resist differential attack.

Behind between more than ten years, countries in the world scholar based on the framework that Fridrich is proposed, to based on chaos Digital image encryption technology has been carried out research extensively and profoundly, achieves many achievements.At the same time, for technique Cryptanalysis work also flourishing launch.Scholars are successive in recent years finds in existing many schemes, for what is spread Key stream is only related to key, if that is, key does not make alterations, identical key stream is by for encrypting different plaintext images. Such method for designing is highly prone to selection in plain text or known plain text attack in the case where single-wheel is encrypted.For example, attacker can structure The plaintext image (such as complete white or all black picture) that a width is made up of special pixel value is made, the image is carried out using encryption system Encryption.One basic demand of contemporary cryptology is that cryptographic algorithm is in itself full disclosure.Attacker is based on to AES Grasp, compared with plaintext image by by ciphertext graph picture, can obtain used key stream.And be based on realizing that cost is examined Consider, in most practical applications, encryption system does not use typically the one-time pad mechanism, therefore cracking for key stream to mean The failure of encryption system.

The available strategy for solving the problem is that key stream element is related to plaintext.The method of current main flow is using in plain text The iterative process of chaos system is influenceed, for example, disturbing the track of chaos system using plaintext.Chaos encryption process general by taking turns more Complete, due to chaos iteration process and the correlation of plaintext, chaos sequence is no longer able to be reused by the cryptographic operation of different wheels. Because for the second wheel encryption, the intermediate ciphertext of first round encryption generation is equivalent to bright operated by the second wheel encryption Text, thus each round encryption be required for again iterative chaotic system cannot be completed to produce independent key stream, otherwise decryption behaviour Make.This reduces the operational efficiency of system to a certain extent.

To solve problem above, the inventive method devises a kind of key stream Quantification of elements mechanism related to plaintext.Should Method realizes that scrambling algorithm is based on pixel exchanging mechanism based on " scramble-diffusion ", exchanges the position of target by logistic Chaotic maps are generated.Diffusion key stream is generated based on Generalized Lorenz-like systems, during key stream Quantification of elements, by Plaintext pixel value determines the number of significant figures of the chaos state variable for participating in key stream Quantification of elements, it is achieved thereby that key stream It is related to plaintext image.Because key stream and plaintext related mechanism are introduced rather than iterative process in quantizing process, mix Ignorant sequence can be reused in many wheel encryptions, therefore improve the operational efficiency of encryption system.Additionally, key stream is related to plaintext The use of technology, the overall encryption round number required for can also effectively accelerating diffusion process, reduction to reach preferable diffusion effect.Password Learn analysis result and show that encryption method proposed by the invention has good security.

The content of the invention

This encryption system can carry out adding for different wheel numbers based on the realization of " scramble-diffusion " framework according to security requirement Close, i.e. encryption round number is more, and security is higher.This method is encrypted to image and is divided into two processes of scramble and diffusion, scramble Process is based on logistic mappings and produces one-dimensional pseudorandom coordinate position, and uses pixel exchanging mechanism；Diffusion process is using wide Adopted Lorenz-like mappings produce key stream.

Without loss of generality, if image to be encrypted is 24 true color images, its size is H × W.

Concrete methods of realizing of the invention is as follows：

Step 1:It is an one-dimension array, note by the sequential deployment that image pixel to be encrypted is pressed from left to right, from top to bottom It is imgData={ p₀,p₁,…,p_3×H×W-1, wherein p₀,p₁,p₂Represent first red, green, blue of point, three kinds of color components Pixel value, p₃,p₄,p₅Second red, green, blue of point, three kinds of pixel values of color component are represented, by that analogy.

Step 2：Shuffle operation is implemented to plaintext image.Basic ideas are：Will be each in plaintext image array imgData Individual pixel (last pixel need not be exchanged), is exchanged with some pixel behind, the coordinate of exchangeable object by Logistic chaotic maps are produced.The state variable initial value x' of logistic mappings₀(i.e. scramble key) is set by encipherer.Tool Body method is：

Step 2-1：One length L of generation_permThe pseudo-random sequence of=len (imgData) -1.Wherein, len (imgData) length of plaintext image array imgData is returned.Concrete operation method is：

Step 2-1-1：Pre- iteration logistic maps N₀Secondary (N₀It is constant, typically takes N₀>=200), reflect logistic Penetrate well into chaos state.Logistic mappings are as shown in formula (1).

x'_n+1=μ x'_n(1-x'_n),x'_n∈[0,1],μ∈[0,4] (1)

Wherein μ and x' are respectively control parameter and state variable, x'_nNth iteration value is represented, its initial value x'₀As putting Random key, is set by encipherer.When μ ∈ [3.57,4], logistic mappings are in chaos state.Here μ is set to 4, is made It is operated in surjection state.It should be noted that：When μ=4, there is two " bad point " in mapping：0.5 and 0.75, shape can be made It is " fixed point " 0 and 0.75 that state variable is constant in successive iterations.If the situation occurs, the value of x' is done one it is small Disturbance, for example, increased or decrease 0.001.

Step 2-1-2：The iteration logistic mappings L on the basis of step 2-1-1_permIt is secondary, each iteration is obtained Current state variables values x'_n+1It is sequentially placed into one-dimension array logSeq={ ls₀,ls₁,…,ls_3×H×W-2In.

Step 2-1-3：(2) quantify to logistic mapping status variable arrays logSeq according to the following formula, obtain puppet Random scrambling sequence perm={ r₀,r₁,…,r_3×H×W-2}。

Wherein, pos (r_n) function return r_nPosition in logistic mapping status variable arrays perm, i.e. n；abs X () function returns to the absolute value of x；Sig (x, m) function returns to the preceding m significant digits of x；Mod (x, y) function returns to x divided by y Remainder.When realizing, all of state variable is defined as double-precision floating pointses (64 double types) to this encryption system, According to computer expression precision, m is set to 15.

From formula (2), r_nSpan be [(n+1), (len (imgData) -1)], i.e.,：Plaintext image array The exchange target of each pixel (puppet) random selection from all pixels behind in imgData.

Step 2-2：By each pixel p in plaintext image array imgData_n(except last pixel) be located at r_nThe pixel at placeIt is exchanged.

Step 3：Dispersion operation is implemented to the image after scramble.Specific method is：

Step 3-1：Generation length is L_ksThe diffusion key stream sequence of=len (imgData).Concrete operation method is：

Step 3-1-1：Pre- iteration Generalized Lorenz-like systems N₀Secondary (N₀It is constant, typically takes N₀>=200), fill it Divide and enter chaos state.Generalized Lorenz-like the systematic mathematicals for being used are defined as follows：

Wherein x, y, z are state variable, and t represents the time, and a, b, c are systematic parameter.Work as a=-10, b=-4, during c=0, System is in chaos state.

Equation (3) is solved using Fourth order Runge-Kutta, its formula is：

Wherein

H is step-length, and 0.005, x is taken here_n,y_n,z_nNth iteration value is represented, its initial value (x₀,y₀,z₀) as diffusion Key, is set by encipherer.

Step 3-1-2：To system (3) iteration H × W times on the basis of step 3-1-1.For each iteration, by 3 shapes The currency x of state variable_n+1,y_n+1,z_n+1It is sequentially written in one-dimension array lozlSeq={ lls₀,lls₁,lls₂,…, lls_3×H×W-1}。

Step 3-1-3：(5) quantify to array lozlSeq according to the following formula, obtain key stream keyStm={ k₀,k₁, k₂,…,k_3×W×H-1}。

k_n=mod [sig (abs (lls_n),(α+mod(p_n-1,β))),C_L], (5)

Wherein, p_n-1It is k_nCorresponding plaintext pixel p_nPrevious point value, C_LFor input picture quantized level (for 24 true color images, C_L=256), and (α, β the ∈ N of (alpha+beta) ≡ 16⁺), so that (α+mod (p_n-1, β))≤15, i.e.,：Dynamic Preceding α~15 significant digits of chaos state variable are selected for the quantization of key stream element.For first plaintext pixel, p_n-1Initial value p₀A value can be set to [0, C by encipherer_L] between integer constant.

By formula (5) as can be seen that plaintext pixel value determines the chaos state variable for participating in key stream Quantification of elements Number of significant figures, therefore generation key stream with plaintext it is related.Explanation is needed exist for, parameter alpha adds with the selection pair of β The validity of close system has important influence.If α is too small, it will reduce the randomness of key stream；If β is too small, it will reduce The correlation of key stream and plaintext.In order to meet two performance requirements, in the present invention, α=9, β=7 are set.

Step 3-2：Each pixel in the image array imgData after scramble is implemented using key stream keyStm Encryption, encrypting formula is：

Wherein, c_nIt is to p_nThe ciphertext value that encryption is obtained, c_n-1It is the ciphertext value of previous pixel, its initial value c_-1Can One span is set to [0, C by encipherer_L] integer constant,Represent step-by-step xor operation.

In the ciphering process to pixel, due to c_n-1Introducing, the influence of each pixel can effectively be spread Into follow-up all of pixel.

Step 4：Many wheel encryptions can be carried out according to security level required, i.e., perform step 2 and step 3 repeatedly.Need exist for Illustrate, the chaos sequence that step 3-1-2 is generated can be reused in many wheel encryptions, thus the second wheel and it is follow-up plus In close wheel, step 3-1-1 and step 3-1-2 can be omitted.

Step 5：Pixel value in array imgData is rearranged to the matrix of a H row, 3 × W row, as encrypted image Output.

Formula (6) for decrypting are inversely transformed into：

It is an advantage of the invention that：

It is proposed by the invention with the New chaotic image encryption method with plaintext association key stream generting machanism, with following 2 advantages：

(1) it is to strengthen the ability that image encryption system resists known plain text attack and chosen -plain attact, existing encryption side Typically there is chaos sequence and can not be taken turns cryptographic operation institutes by different in case using iterative process and mechanism related in plain text, but the method The problem of reuse.The present invention can reuse in many wheel encryptions, improve and add in quantization stage introducing related mechanism, chaos sequence The operational efficiency of close system.

(2) key stream and the use of plaintext correlation technique, effectively accelerate diffusion process, reduce and reach preferable diffusion effect Overall encryption round number required for fruit.Diffusion test shows that encryption method proposed by the present invention takes turns dispersion operations by 2 Preferable NPCR and UACI indexs can be obtained, and for conventional encryption algorithm, it is necessary to 3 wheel dispersion operations can be only achieved.

Brief description of the drawings

Fig. 1 is the common architecture figure of existing New chaotic image encryption method.

Fig. 2 is the conventional image in a width international standard test image storehouse.

Fig. 3 is to the result figure after Fig. 2 scrambles.

Fig. 4 is encrypted image of the present invention to Fig. 2.

Fig. 5 a are the first width plaintext test charts of the invention.

Fig. 5 b are the second width test charts of the invention.

Fig. 5 c are the 3rd width test charts of the invention.

Fig. 5 d are the 4th width test charts of the invention.

Fig. 5 e are the 5th width test charts of the invention.

Fig. 5 f are the 6th width test charts of the invention.

Fig. 6 is the histogram picture of Fig. 5 a.

Fig. 7 is the ciphertext graph picture of Fig. 5 a.

Fig. 8 is Fig. 5 a adjacent pixel correlation visual testing result figures.

Fig. 9 is the key sensitivity testses result figure of Fig. 5 a.

Specific implementation method

With reference to Figure of description, the present invention is described in more detail.

Conventional image in one width international standard test image storehouse is encrypted (as shown in Figure 2).The image is 24 Coloured image, its width W=512, height H=512.

Specific AES is as follows：

Step 1:It is an one-dimension array, note by the sequential deployment that image pixel to be encrypted is pressed from left to right, from top to bottom It is imgData={ p₀,p₁,…,p_3×H×W-1, wherein p₀,p₁,p₂Represent first red, green, blue of point, three kinds of color components Pixel value, p₃,p₄,p₅Second red, green, blue of point, three kinds of pixel values of color component are represented, by that analogy.

Here, plaintext image array imgData={ 39,46,66 ... }.

Step 2：Shuffle operation is implemented to plaintext image.Basic ideas are：Will be each in plaintext image array imgData Individual pixel (last pixel need not be exchanged), is exchanged with some pixel behind, the coordinate of exchangeable object by Logistic chaotic maps are produced.The state variable initial value x' of logistic mappings₀(i.e. scramble key) is set by encipherer.Tool Body method is：

Step 2-1：One length L of generation_permThe pseudo-random sequence of=len (imgData) -1.Wherein, len (imgData) length of plaintext image array imgData is returned.

Here, len (imgData)=512 × 512=262144, L_p=262143.

Concrete operation method is：

Step 2-1-1：Pre- iteration logistic maps N₀Secondary (N₀It is constant, typically takes N₀>=200), reflect logistic Penetrate well into chaos state.Logistic mappings are as shown in formula (8).

x'_n+1=μ x'_n(1-x'_n),x'_n∈[0,1],μ∈[0,4] (1)

Wherein μ and x' are respectively control parameter and state variable, x'_nNth iteration value is represented, its initial value x'₀As putting Random key, is set by encipherer.When μ ∈ [3.57,4], logistic mappings are in chaos state.Here μ is set to 4, is made It is operated in surjection state.It should be noted that：When μ=4, there is two " bad point " in mapping：0.5 and 0.75, shape can be made It is " fixed point " 0 and 0.75 that state variable is constant in successive iterations.If the situation occurs, the value of x' is done one it is small Disturbance, for example, increased or decrease 0.001.

Step 2-1-2：The iteration logistic mappings L on the basis of step 2-1-1_permIt is secondary, each iteration is obtained Current state variables values x'_n+1It is sequentially placed into one-dimension array logSeq={ ls₀,ls₁,…,ls_3×H×W-2In.

Step 2-1-3：(9) quantify to logistic mapping status variable arrays logSeq according to the following formula, obtain puppet Random scrambling sequence perm={ r₀,r₁,…,r_3×H×W-2}。

Wherein, pos (r_n) function return r_nPosition in logistic mapping status variable arrays perm, i.e. n；abs X () function returns to the absolute value of x；Sig (x, m) function returns to the preceding m significant digits of x；Mod (x, y) function returns to x divided by y Remainder.When realizing, all of state variable is defined as double-precision floating pointses (64 double types) to this encryption system, According to computer expression precision, m is set to 15.

From formula (4), r_nSpan be [(n+1), (len (imgData) -1)], i.e.,：Plaintext image array The exchange target of each pixel (puppet) random selection from all elements behind in imgData.

Here, pseudorandom scrambling sequence perm={ 365827,233010,369102 ... }

Step 2-2：By each pixel p in plaintext image array imgData_n(except last pixel) be located at r_nThe pixel at placeIt is exchanged.

Here, by p₀With p₃₆₅₈₂₇Exchange, p₁With p₂₃₃₀₁₀Exchange, p₂With p₃₆₉₁₀₂Exchange, the exchange of remaining point is by that analogy.

Step 3：Dispersion operation is implemented to the image after scramble.Specific method is：

Step 3-1：Generation length is L_ksThe diffusion key stream sequence of=len (imgData).Concrete operation method is：

Step 3-1-1：Pre- iteration Generalized Lorenz-like systems N₀Secondary (N₀It is constant, typically takes N₀>=200), fill it Divide and enter chaos state.Generalized Lorenz-like the systematic mathematicals for being used are defined as follows：

Wherein x, y, z are state variable, and t represents the time, and a, b, c are systematic parameter.Work as a=-10, b=-4, during c=0, System is in chaos state.

System is solved with fourth-order Runge-Kutta method, and its formula is：

Wherein

H is step-length, and 0.005, x is taken here_n,y_n,z_nNth iteration value is represented, its initial value (x₀,y₀,z₀) as diffusion Key, is set by encipherer.

Here, the state variable initial value of Generalized Lorenz-like systems is taken as：

(x₀=-11.905791, y₀=3.126986, z₀=15.913375).

Step 3-1-2：To system (3) iteration H × W times on the basis of step 3-1-1.For each iteration, by 3 shapes The currency x of state variable_n+1,y_n+1,z_n+1It is sequentially written in one-dimension array lozlSeq={ lls₀,lls₁,lls₂,…, lls_3×H×W-1}。

Here, lozlSeq=6.59492129653895,2.96322961473550, 4.69550053819010,…}。

Step 3-1-3：(12) quantify to array lozlSeq according to the following formula, obtain key stream keyStm={ k₀,k₁, k₂,…,k_3×W×H-1}。

k_n=mod [sig (abs (lls_n),(α+mod(p_n-1,β))),C_L], (5)

Here, keyStm={ 13,174,250 ... }.

Wherein, p_n-1It is k_nCorresponding plaintext pixel p_nPrevious point value, C_LFor input picture quantized level (for 24 true color images, C_L=256), and (α, β the ∈ N of (alpha+beta) ≡ 16⁺), so that (α+mod (p_n-1, β))≤15, i.e.,：Dynamic Preceding α~15 significant digits of chaos state variable are selected for the quantization of key stream element.For first plaintext pixel, p_n-1Initial value p₀A value can be set to [0, C by encipherer_L] between integer constant.

By formula (5) as can be seen that plaintext pixel value determines the chaos state variable for participating in key stream Quantification of elements Number of significant figures, therefore generation key stream with plaintext it is related.Explanation is needed exist for, parameter alpha adds with the selection pair of β The validity of close system has important influence.If α is too small, it will reduce the randomness of key stream；If β is too small, it will reduce The correlation of key stream and plaintext.In order to meet two performance requirements, in the present invention, α=9, β=7 are set.

Step 3-2：Each pixel in the image array imgData after scramble is implemented using key stream keyStm Encryption, encrypting formula is：

Wherein c_nIt is to p_nThe ciphertext value that encryption is obtained, c_n-1It is the ciphertext value of previous pixel, its initial value c_-1Can be by Encipherer is set to a span [0, C_L] integer constant,Represent step-by-step xor operation.In the ciphering process to pixel In, due to c_n-1Introducing, the influence of each pixel can be diffused to effectively in follow-up all of pixel.

Here, c_-1128 are set to, to the p after scramble₀It is encrypted, the ciphertext value for obtaining is：

The encryption of rest of pixels color component is by that analogy.

Step 4：Many wheel encryptions can be carried out according to security level required, i.e., perform step 2 and step 3 repeatedly.Need exist for Illustrate, the chaos sequence that step 3-1-2 is generated can be reused in many wheel encryptions, thus the second wheel and it is follow-up plus In close wheel, step 3-1-1 and step 3-1-2 can be omitted.

Step 5：Pixel value in array imgData is rearranged to the matrix of a H row, 3 × W row, as encrypted image Output.

Formula (13) for decrypting are inversely transformed into：

Use above encryption method, taken turns through scramble one, spread one wheel after, the encrypted image for obtaining is as shown in Figure 4.Encryption system System security and efficiency test and analysis

Carry out comprehensive safety Analysis to system proposed by the invention to be analyzed with test and to result, to test Demonstrate,prove its validity and performance advantage.Specific test event includes：

1. broadcast algorithm performance evaluation；

2. anti-exhaustive attack (key space) analysis；

3. anti-statistical attack analyzes (including histogram, adjacent pixel correlation, comentropy)；

4. key sensitivity testses.

Fully to show the versatility of the inventive method, the image for participating in test amounts to 6 width, is all tested from international standard Chosen in image library, image size is 512 × 512 pixels, form is 24 true color images.Fig. 5 lists this 6 width figure respectively Picture.

(1) broadcast algorithm performance evaluation

Good diffusion is to resist the effective guarantee of differential attack.Differential attack is the most normal in chosen -plain attact A kind of means.Its basic ideas is：Attacker uses identical key, and two width of encryption have extremely that fine difference is (for example One bit) plaintext image.The two width ciphertext graph pictures obtained by contrast, analyze used key stream or even key feelings Condition.Therefore, if a minor alteration for pixel value can effectively diffuse to view picture ciphertext graph picture, differential attack is invalid.

NPCR (number of pixels change rate) and UACI (unified average change Intensity it is) to weigh the two of image encryption system diffusion core index.Between NPCR is used to test two images Diversity factor.If I₁(i, j, k) and I₂(i, j, k) represents I respectively₁With I₂Two images be located at (i, j) point pixel value (k=1, 2,3 R, G, B component for representing pixel respectively).The definition of NPCR is：

Wherein H and W are respectively the height and width of image.The definition of D (i, j, k) is：

For two pure random images, its NPCR theoretical value：

For example, for 2 24 RGB random image (C_L=256), its NPCR theoretical value 99.609%.

UACI is used to test the mean difference intensity between two images, and it is defined as：

For two pure random images, its UACI theoretical value：

For example, for 2 24 RGB random image (C_L=256), its UACI theoretical value 33.464%.

The image encryption system good for a design, its NPCR should be as close possible to theoretical value with UACI indexs.

Image encryption method diffusion in the limiting case is obtained for test is proposed by the invention, following steps are taken： A width test image is chosen first, and builds the image of a width and its only one of which bit difference.The position of difference pixel, correspondence Color channel and+1/-1 operations, it is random selected.Test result to six width test images in Fig. 5 is as shown in table 1 below.

The test image initial value of table 1 and amended result

The NPCR test results of table 2

The UACI test results of table 3

Be can see from table 2,3, AES proposed by the invention obtains preferable NPCR by only needing 2 wheel dispersion operations With UACI indexs, and for conventional encryption algorithm, it is necessary to 2 wheel dispersion operations can be only achieved preferable NPCR indexs, need 3 wheel expand Scattered operation can be only achieved preferable UACI indexs.Therefore, the present invention carries algorithm with computational efficiency higher.

(2) anti-exhaustive attack (key space) analysis,

Key space refers to the total amount of the available different keys in encryption or decryption process.For an encryption for safety System, key space should be sufficiently large so that exhaustive attack (Brute Force) fails.Arithmetic speed according to active computer and Development trend in the coming years, Current Password educational circles effectively resists exhaustive attack by thinking key length more than 100.This The key of the proposed encryption system of invention is made up of two parts：Scramble key and diffusion key.Scramble key is by logistic The initial value of mapping determines, diffusion key is by three state variable initial value sets of Generalized Lorenz-like systems into this encryption When realizing, all state variables are defined as double-precision floating pointses (64 double types) to system.According to IEEE floating number marks Standard, the effective accuracy of the data type is 53, therefore the key length of encryption system proposed by the invention is 53 × 4= 212.

(3) anti-statistical attack analysis

(a) histogram analysis

Histogram intuitively describes the pixel value frequency distribution of piece image.The image encryption good for a design System, the ciphertext image pixel value frequency of its output should be obeyed and is uniformly distributed, and be attacked with hiding the redundancy in cleartext information and prevention The person of hitting observe it is any about in plain text and the information associated between ciphertext.Fig. 6 (a) is the first width figure plaintext image；B ()-(d) is respectively It is R, G, the B component of (a)；E ()-(g) is respectively the histogram of (b)-(d)；Fig. 7 (h) is the first width figure ciphertext graph picture；(i)- K () is respectively R, G, the B component of (h)；L ()-(n) is respectively the histogram of (i)-(k).By Fig. 6,7 as can be seen that ciphertext graph The histogram of picture is uniformly distributed in good, does not possess any relevance between the histogram of plaintext image, therefore can effectively support Imperial frequency analysis.

(b) adjacent pixel correlation

The digital picture with clear and definite vision implication for one, each of which pixel is in level, vertical and diagonal Correlation very high is respectively provided between the pixel adjacent thereto of line direction.And the image encryption system good for a design, its Should not possess any correlation between the adjacent pixel of the ciphertext graph picture of output.It is close with it that Fig. 8 gives the first width figure plaintext image The horizontal direction adjacent pixel correlation visual testing result of three color components of texts and pictures picture.The test is by a pair adjacent pictures The pixel value of element is drawn on two dimensional surface in dots as horizontal, ordinate.From test result as can be seen that for bright Texts and pictures picture, the point of the overwhelming majority is all concentrated near diagonal, has extremely strong correlation between illustrating adjacent pixel.And for close Texts and pictures picture, is uniformly distributed on gray-scale plane a little, has not had any correlation between illustrating its adjacent pixel.

For further quantitative measurement and the adjacent pixel correlation for comparing plaintext image and ciphertext graph picture, figure is calculated below The coefficient correlation of picture, method is as follows：

(level, vertical, diagonal) is randomly selected first on certain adjacent direction of image (each color component) 5000 pairs of consecutive points.Then, image correlation coefficient r in this direction is calculated using formula (12)-(14)_x,y。

Wherein, x_iAnd y_iTwo pixel values of consecutive points, S respectively in image_nIt is the number of sampled point.

The phase of the adjacent pixel on the plaintext image of 6 width figures and three color components of its ciphertext graph picture is listed in table 4 Relation number.Be can see from table, the ciphertext graph picture that AES proposed by the invention is produced, its correlation in all directions Coefficient is all close to 0.

The coefficient correlation of the plaintext of table 4 and ciphertext graph picture

Comentropy is the important indicator for characterizing an information source randomness and unpredictability.Comentropy is generally by average information Measure to describe, that is, the average number of bits needed for expressing a code element in an information source, it is defined as：

Wherein S is represented by N number of different code element { s₁,...,s_NConstitute information source, P (s_i) it is code element s_iThe probability of appearance.By Formula (23) understands, for a pure random image of 256 grades of gray scales, the theoretical value H (S)=8 of its comentropy.Therefore for one The good image encryption system of individual design, the comentropy of the ciphertext graph picture of its output should be as closely as possible to 8.

Table 5 gives the comentropy of the plaintext image and corresponding ciphertext graph picture drawn using formula (23).Can from table To see, the comentropy of whole ciphertext graph pictures is all extremely close to ideal value 8, it means that what can be exported this encryption system is close Texts and pictures picture regards a random information source as.

The comentropy of the plaintext of table 5 and ciphertext graph picture

By the test in terms of three above, there is the image encryption system that the present invention builds good anti-statistics to attack Hit ability.

(4) key sensitivity testses

Key sensitiveness is a basic norm of encryption system design.The attribute specification has pole when application any two During the key encryption identical plaintext of small difference, entirely different ciphertext will be produced.Conversely, when attacker attempts using and encryption When the extremely close decruption key of key implements decryption, it is impossible to obtain any information related to plaintext.

In this test, a group encryption keys (x' is selected at random first₀=0.625356071474465, x₀=- 14.7498731304718,y₀=4.95344592160937, z₀=7.16150473769644) to the first width figure plaintext image Implement encryption, shown in the ciphertext graph picture such as Fig. 9 (a) for obtaining.Then the ciphertext graph picture for obtaining is entered using 5 decruption keys respectively Row decryption.In 5 decruption keys, only the 1st is identical with encryption key, and remaining 4 only in a state variable There is a difference for bit in upper and encryption key, as shown in table 6.Shown in the decrypted result for obtaining such as Fig. 9 (b)-(f).To it Its test image can obtain similar result, no longer be given here.

Table 6 is applied to the cipher key list of key sensitivity testses

From above test result, there is image encryption system proposed by the present invention good key sensitiveness to ensure.

Claims (1)

1. a kind of New chaotic image encryption method with plaintext association key stream generting machanism, it is characterised in that：To a width state Conventional image in the standard testing image storehouse of border is encrypted, and specific AES is as follows：

Step 1:The sequential deployment that image pixel to be encrypted is pressed from left to right, from top to bottom is an one-dimension array, is designated as ImgData={ p₀,p₁,…,p_3×H×W-1, wherein p₀,p₁,p₂Represent first red, green, blue of point, three kinds of pictures of color component Element value, p₃,p₄,p₅Second red, green, blue of point, three kinds of pixel values of color component are represented, by that analogy；

Step 2：Shuffle operation is implemented to plaintext image；Basic ideas are：By each picture in plaintext image array imgData Element, last pixel need not be exchanged, and be exchanged with some pixel behind, and the coordinate of exchangeable object is by logistic Chaotic maps are produced；The state variable initial value x' of logistic mappings₀(i.e. scramble key) is set by encipherer；

Specific method is：

Step 2-1：One length L of generation_permThe pseudo-random sequence of=len (imgData) -1；Wherein, len (imgData) is returned The length of plaintext image array imgData；Concrete operation method is：

Step 2-1-1：Pre- iteration logistic maps N₀It is secondary, wherein N₀It is constant, typically takes N₀>=200, map logistic Well into chaos state；Logistic mappings are as shown in formula (1)；

x'_n+1=μ x'_n(1-x'_n),x'_n∈[0,1],μ∈[0,4] (1)

Wherein μ and x' are respectively control parameter and state variable, x'_nNth iteration value is represented, its initial value x'₀It is close as scramble Key, is set by encipherer；When μ ∈ [3.57,4], logistic mappings are in chaos state；Here μ is set to 4, makes its work Make in surjection state；It should be noted that：When μ=4, there is two " bad point " in mapping：0.5 and 0.75, can become state It is " fixed point " 0 and 0.75 that amount is constant in successive iterations；If the situation occurs, one is done to the value of x' and small is disturbed It is dynamic, for example increased or decrease 0.001；

Step 2-1-2：The iteration logistic mappings L on the basis of step 2-1-1_permCurrent shape secondary, that each iteration is obtained State variable value x'_n+1It is sequentially placed into one-dimension array logSeq={ ls₀,ls₁,…,ls_3×H×W-2In；

Step 2-1-3：(2) quantify to logistic mapping status variable arrays logSeq according to the following formula, obtain pseudorandom Scrambling sequence perm={ r₀,r₁,…,r_3×H×W-2}；

$r_n=pos\left(r_n\right)+(1+\mathrm{mod}\left(\begin{array}{c}sig\left(abs\right({\mathrm{ls}}_n),m)\\ \left(\right(len\left(imgData\right)-1)-pos(r_n\left)\right)\end{array}\right)),---\left(2\right)$

Wherein, pos (r_n) function return r_nPosition in logistic mapping status variable arrays perm, i.e. n；Abs (x) letters Number returns to the absolute value of x；Sig (x, m) function returns to the preceding m significant digits of x；Mod (x, y) function returns to x divided by more than y Number；When realizing, all of state variable is defined as double-precision floating pointses to this encryption system, using 64 double types, According to computer expression precision, m is set to 15；

From formula (2), r_nSpan be [(n+1), (len (imgData) -1)], i.e.,：Plaintext image array imgData In each pixel exchange target from all pixels behind (puppet) random selection；

Step 2-2：By each pixel p in plaintext image array imgData_n, except last pixel, and positioned at r_nPlace PixelIt is exchanged；

Step 3：Dispersion operation is implemented to the image after scramble；Specific method is：

Step 3-1：Generation length is L_ksThe diffusion key stream sequence of=len (imgData)；Concrete operation method is：

Step 3-1-1：Pre- iteration Generalized Lorenz-like systems N₀It is secondary, wherein N₀It is constant, typically takes N₀>=200, fill it Divide and enter chaos state；Generalized Lorenz-like the systematic mathematicals for being used are defined as follows：

$\left\{\begin{array}{c}\frac{dx}{dt}=-\frac{ab}{a+b}x-yz+c\\ \frac{dy}{dt}=ay+xz\\ \frac{dz}{dt}=bz+xy,\end{array}\right.---\left(3\right)$

Wherein x, y, z are state variable, and t represents the time, and a, b, c are systematic parameter；Work as a=-10, b=-4, during c=0, system In chaos state；

Equation (3) is solved using Fourth order Runge-Kutta, its formula is：

$\left\{\begin{array}{c}{x}_{n+1}=x_n+(h/6)(K_1+2K_2+2K_3+K_4)\\ y_{n+1}=y_n+(h/6)(L_1+2L_2+2L_3+L_4)\\ z_{n+1}=z_n+(h/6)(M_1+2M_2+2M_3+M_4),\end{array}\right.---\left(4\right)$

Wherein

$\left\{\begin{array}{c}{K}_j=-\frac{ab}{a+b}{x}_n-y_n{z}_n+c\\ L_j={\mathrm{ay}}_n+x_n{z}_n\\ M_j={\mathrm{bz}}_n+x_n{y}_n,\end{array}\right.,(j=1)$

$\left\{\begin{array}{c}{K}_j=-\frac{ab}{a+b}(x_n+{\mathrm{hK}}_{j-1}/2)-(y_n+{\mathrm{hL}}_{j-1}/2)(z_n+{\mathrm{hM}}_{j-1}/2)+c\\ L_j=a(y_n+{\mathrm{hL}}_{j-1}/2)+(x_n+{\mathrm{hK}}_{j-1}/2)(z_n+{\mathrm{hM}}_{j-1}/2)\\ M_j=b(z_n+{\mathrm{hM}}_{j-1}/2)+(x_n+{\mathrm{hK}}_{j-1}/2)(y_n+{\mathrm{hL}}_{j-1}/2),\end{array}\right.,(j=2,3)$

$\left\{\begin{array}{c}{K}_j=-\frac{ab}{a+b}(x_n+{\mathrm{hK}}_{j-1})-(y_n+{\mathrm{hL}}_{j-1})(z_n+{\mathrm{hM}}_{j-1})+c\\ L_j=a(y_n+{\mathrm{hL}}_{j-1})+(x_n+{\mathrm{hK}}_{j-1})(z_n+{\mathrm{hM}}_{j-1})\\ M_j=b(z_n+{\mathrm{hM}}_{j-1})+(x_n+{\mathrm{hK}}_{j-1})(y_n+{\mathrm{hL}}_{j-1}),\end{array}\right.,(j=4)$

H is step-length, and 0.005, x is taken here_n,y_n,z_nNth iteration value is represented, its initial value (x₀,y₀,z₀) as diffusion key, Set by encipherer；

Step 3-1-2：To system (3) iteration H × W times on the basis of step 3-1-1；For each iteration, 3 states are become The currency x of amount_n+1,y_n+1,z_n+1It is sequentially written in one-dimension array lozlSeq={ lls₀,lls₁,lls₂,…,lls_3×H×W-1}；

Step 3-1-3：(5) quantify to array lozlSeq according to the following formula, obtain key stream keyStm={ k₀,k₁,k₂,…, k_3×W×H-1}；

k_n=mod [sig (abs (lls_n),(α+mod(p_n-1,β))),C_L], (5)

Wherein, p_n-1It is k_nCorresponding plaintext pixel p_nPrevious point value, C_LIt is the quantized level of input picture (for 24 True color image, C_L=256), and (α, β the ∈ N of (alpha+beta) ≡ 16⁺), so that (α+mod (p_n-1, β))≤15, i.e.,：Dynamic select Preceding α~15 significant digits of chaos state variable are used for the quantization of key stream element；For first plaintext pixel, p_n-1 Initial value p₀A value can be set to [0, C by encipherer_L] between integer constant；

By formula (5) as can be seen that plaintext pixel value determines having for the chaos state variable for participating in key stream Quantification of elements Effect digit, therefore the key stream of generation is related to plaintext；Explanation is needed exist for, parameter alpha is to encryption with the selection of β The validity of system has important influence；If α is too small, it will reduce the randomness of key stream；If β is too small, it will reduce key Flow the correlation with plaintext；In order to meet two performance requirements, in the present invention, α=9, β=7 are set；

Step 3-2：Each pixel in the image array imgData after scramble is implemented using key stream keyStm add Close, encryption formula is：

$c_n=k_n\⊕\[\mathrm{mod}\left(\right(p_n+k_n),C_L)\]\⊕c_{n-1}---\left(6\right)$

Wherein, c_nIt is to p_nThe ciphertext value that encryption is obtained, c_n-1It is the ciphertext value of previous pixel, its initial value c_-1Can be by encrypting Person is set to a span [0, C_L] integer constant,Represent step-by-step xor operation；

In the ciphering process to pixel, due to c_n-1Introducing, after the influence of each pixel can be diffused to effectively In continuous all of pixel；

Step 4：Many wheel encryptions can be carried out according to security level required, i.e., perform step 2 and step 3 repeatedly；Need exist for explanation , the chaos sequence that step 3-1-2 is generated can be reused in many wheel encryptions, therefore be taken turns and follow-up encryption round second In, step 3-1-1 and step 3-1-2 can be omitted；

Step 5：Pixel value in array imgData is rearranged to the matrix of a H row, 3 × W row, is exported as encrypted image；

Formula (6) for decrypting are inversely transformed into：

$p_n=\mathrm{mod}\[(k_n\⊕c_n\⊕c_{n-1}+C_L-k_n),C_L\].---\left(7\right)$

Use above encryption method, taken turns through scramble one, spread one wheel after, the encrypted image for obtaining.