CN103258312B - There is the digital image encryption method of fast key stream generting machanism - Google Patents

Abstract

A kind of digital image encryption method with fast key stream generting machanism of the present invention, belong to image encryption field, present invention achieves the image encryption system that has fast key stream Element generation mechanism, in diffusion phase, often carry out a chaos system iteration and key stream Quantification of elements, multiple key stream element can be generated, effectively reduce the iterations of chaos system, thus significantly improve the speed of encryption system; In addition, each iteration and the key stream element number quantizing to generate, with expressly relevant, improve the ability of the anti-known-plaintext of encryption system and chosen-plain attact simultaneously; Cryptanalysis and enciphering rate are tested and are shown, the encryption system that the present invention proposes, and under the prerequisite with high security, enciphering rate is had an appointment the lifting of 1 times compared with classic method.

Description

There is the digital image encryption method of fast key stream generting machanism

Technical field

The invention belongs to image encryption field, be specifically related to a kind of digital image encryption method with fast key stream generting machanism.

Background technology

In recent years, along with the develop rapidly of multimedia and computer networking technology, digital picture has become as information carrier the most intuitively the important means that people carry out information interchange, increasing digital picture is propagated in the Open Network being representative with Internet, wireless network etc., greatly facilitates the access of information with shared.Meanwhile; the transmission of image information under open network environment of many Sensitive Domains such as business, finance, medical treatment, scientific research, military affairs, politics also exists huge potential safety hazard; often can suffer various attack artificially; comprise illegally stealing, distort and issuing of information, cause huge loss to information owner.

Compared with common language information, digital picture has the features such as capacity is large, redundance is high, intelligibility is good.Typical cryptographic algorithm in contemporary cryptology, as Triple-DES (triple-data encryption standards), AES (Advanced Encryption Standard), IDEA (IDEA) etc., image encryption can be applied to, but it also reckons without the inherent characteristics of image information, therefore and be not suitable for image encryption.Popularizing especially in recent years along with broad band network application, traditional algorithm more and more can not meet the demand of growing image actual time safety transmission on enciphering rate.

The cryptography that develops into of chaology provides a brand-new thinking in recent years.Since the mid-90 in last century, a lot of scholar finds to there is natural contacting between Chaos and cryptography.The series of characteristics such as the initial value that chaos system has and systematic parameter extreme sensitivity, ergodicity, track unpredictability and good pseudo-randomness, well can meet the demand of the good cryptographic system of structure security performance.Based on the encryption system of chaotic dynamics structure, provide the balance that security and encryption efficiency one is good, it had both had very high safety, there is again software and hardware implementation simple, the feature of speed, be particularly suitable for the digital picture larger to data volume to be encrypted, realize real-time, the safe transmission of digital picture.At present, Chaotic Image Encryption Algorithm has become mainstream technology and the study hotspot of image information safety, has great application potential.

1998, American scholar Fridrich has delivered the founder article " Symmetric ciphers based ontwo-dimensional chaotic maps " of New chaotic image encryption, a kind of general chaos digital image Encryption Architecture is proposed first: scramble-diffusion framework (Confusion-Diffusion), as shown in Figure 1 in this article.

Encryption system is made up of two iteration module, realizes the correlativity eliminated between neighbor and the statistical property changing image respectively.In the scramble stage, in image, the position of each pixel is upset with a kind of pseudo-random fashion, but pixel value does not change.Scramble operation maps based on Arnold Cat usually, and Baker maps and Standard maps three kinds of reversible chaotic maps realizations of Two-dimensional Preserving Area.In diffusion phase, the pixel value of every bit is changed successively by order from top to bottom, from left to right and change to certain pixel value, depends on the cumulative effect of all pixel values encrypted of this pixel above.Therefore the minor alteration of a pixel value, effectively can be diffused into all pixels follow-up in image, thus makes encryption system have stronger Against Differential Cryptanalysis ability.Key stream for spreading is produced by chaotic maps iteration and quantification, and the change of pixel value is realized based on XOR.The key of encryption system is initial parameter and the initial value of the chaotic maps controlling scramble-diffusion process.In order to reach the object fully eliminating the correlativity between neighbor, scrambling process is iteration m wheel (m >=1) altogether.Overall scramble-dispersion operation can perform n wheel (n >=1) according to security requirement.

Thereafter between more than ten years, countries in the world scholar, based on this framework, has carried out research extensively and profoundly to the digital image encryption technology based on chaos, has achieved many achievements.At present, how under the prerequisite ensureing encryption system security, the effective efficiency improving encryption system is a large study hotspot of New chaotic image encryption technology.Although because on enciphering rate, chaos encryption algorithm has significant advantage than classical block encryption algorithm, but for current application increasing high-res Large Copacity image, chaos encryption algorithm still can introduce comparatively significantly time delay, is not still well positioned to meet real-time, the safe transmission demand of Large Copacity image under broadband network.The security of New chaotic image encryption system ensures primarily of diffuse module.In scramble-diffusion encryption system, scramble module mainly plays eliminates neighbor correlativity and auxiliary diffusion transmission effect.Although the image after scramble is visually unrecognizable, this module possesses the security feature of any cryptography angle hardly.But diffuse module has very high computational load, it is the key problem affecting New chaotic image encryption efficiency.This is because in diffusion process, often generating a key stream element, just needed a chaos system iteration and the operation of key stream Quantification of elements, and in order to ensure the precision of encryption system, all computings all realizing based on 64 double-precision floating pointses.

Summary of the invention

For the deficiencies in the prior art, the present invention proposes a kind of digital image encryption method with fast key stream generting machanism, to reach the object improving encryption efficiency, the anti-known-plaintext of encryption system and chosen-plain attact ability.

There is a digital image encryption method for fast key stream generting machanism, comprise the following steps:

Step 1: based on the disorder processing of GENERALIZED DISCRETE LINEAR RANDOM SYSTEM Cat Mapping implementation plaintext image, change the position of each pixel in image;

Step 1-1: set the size of plaintext image to be encrypted as N × N, the scramble of the GENERALIZED DISCRETE LINEAR RANDOM SYSTEM Cat Mapping implementation image utilizing formula (1) to define, eliminate the correlativity between neighbor, formula is as follows:

$\left[\begin{array}{c}{x}^{\′}\\ y^{\′}\end{array}\right]=\left[\begin{array}{cc}1& p\\ q& \mathrm{pq}+1\end{array}\right]\left[\begin{array}{c}x\\ y\end{array}\right]\mathrm{mod}N---\left(1\right)$

Wherein, x, y are the coordinate before conversion; X', y' are the new coordinate after conversion; (p, q) ∈ [1, N] is the systematic parameter controlling scrambling process, the scramble key namely arranged by encipherer;

Inverse Cat for deciphering maps and is defined as

$\left[\begin{array}{c}{x}^{\′}\\ y^{\′}\end{array}\right]=\left[\begin{array}{cc}\mathrm{pq}+1& -p\\ -q& 1\end{array}\right]\left[\begin{array}{c}x\\ y\end{array}\right]\mathrm{mod}N---\left(2\right)$

Step 1-2: return and perform step 1-1, fully to eliminate neighbor correlativity, returning and performing step is 2 ~ 3 times;

Step 2: adopt the image after Logistic mapping pair scramble to carry out DIFFUSION TREATMENT, change the pixel value of every bit in image;

Logistic mapping definition is as follows:

x _n+1=μx _n(1-x _n),x _n∈[0,1],μ∈[0,4] (3)

Wherein, μ and x is respectively controling parameters and state variable, x _nrepresent the state variable value of n-th iteration; x _n+1represent the state variable value of (n+1)th iteration;

Step 2-1: encipherer arranges diffusion key (x ₀, μ), wherein x ₀for state variable initial value; Iterative formula (3) N ₀secondary, above-mentioned N ₀for constant, and N ₀>=200, make system fully enter chaos state;

Step 2-2: continue iterative formula (3), utilize formula (4) to the currency x of chaotic maps state variable _nquantize, obtain the pseudo random number of 4 bytes, formula is as follows:

Wherein, the round values that floor (x) function representation layback x is nearest; Mod (x, y) function representation returns the remainder of x divided by y;

Step 2-3: will be split as the pseudo random number that 4 sizes are 1 byte, and the plaintext value pn-1 of previous point according to current plaintext pixel to be encrypted, select in these 4 pseudo random numbers front M as key stream element, wherein 1≤M≤4;

M is determined by formula (5):

M=p _n-1%4+1 (5)

For first plaintext pixel, p _n-1initial value p ₀the integer constant of a value between [0,255] can be set to by encipherer;

Step 2-4: encryption is implemented to M plaintext pixel according to M the key stream element that step 2-3 obtains;

Formula is as follows:

$c_n=k_m\⊕\left\{\right[p_n+k_n\left]\mathrm{mod}L\right\}\⊕c_{n-1}---\left(6\right)$

Wherein, k _n, p _n, c _nbe respectively the ciphertext pixel value of the key stream element of current operation, expressly pixel value and output; L is the gray level of image; c _n-1for the ciphertext pixel value of previous pass point, its initial value c ₀a constant can be set to; represent step-by-step xor operation; If it is individual less than M to remain pixel to be encrypted, then only encrypt remaining pixel;

Contravariant for deciphering is changed to

$p_n=[k_n\⊕c_n\⊕c_{n-1}+L-k_n]\mathrm{mod}L---\left(7\right)$

Step 2-5: return and perform step 2-2, until all pixels in scramble image are encrypted complete according to order from left to right, from top to bottom;

Step 3: can, according to Cipher Strength requirement, carry out taking turns encryption, namely performs step 1 and step 2 repeatedly.

Cipher Strength described in step 3 refers to the anti-statistical attack ability of encrypted image, anti-known-plaintext/chosen-plain attact ability and Against Differential Cryptanalysis ability.

Advantage of the present invention:

A kind of digital image encryption method with fast key stream generting machanism of the present invention, for traditional algorithm, often generate a key stream element, a chaos system iteration and the operation of key stream Quantification of elements are just needed, and in order to ensure the precision of encryption system, all computings all realize based on 64 double-precision floating pointses, and the key stream therefore in diffusion process generates has very high computational load, is the key problem affecting New chaotic image encryption efficiency; Present invention achieves the image encryption system that has fast key stream Element generation mechanism, in diffusion phase, often carry out a chaos system iteration and key stream Quantification of elements, multiple key stream element can be generated, effectively reduce the iterations of chaos system, thus significantly improve the speed of encryption system; In addition, each iteration and the key stream element number quantizing to generate, with expressly relevant, improve the ability of the anti-known-plaintext of encryption system and chosen-plain attact simultaneously; Cryptanalysis and enciphering rate are tested and are shown, the encryption system that the present invention proposes, and under the prerequisite with high security, enciphering rate is had an appointment the lifting of 1 times compared with classic method.

Accompanying drawing explanation

Fig. 1 is the common architecture of existing New chaotic image encryption method;

Fig. 2 is that an embodiment of the present invention application GENERALIZED DISCRETE LINEAR RANDOM SYSTEM Cat maps scramble image, wherein, figure (a) is 256 × 256 pixel, 256 grades of gray scales expressly images, figure (b) be through 1 take turns Cat convert after result, figure (c) be through 2 take turns Cat conversion after result, (d) be through 3 take turns Cat convert after result;

Fig. 3 is the digital image encryption method process flow diagram with fast key stream generting machanism of an embodiment of the present invention;

Fig. 4 is the Logistic chaos system schematic diagram of an embodiment of the present invention;

Fig. 5 is image schematic diagram after the encryption of an embodiment of the present invention;

Fig. 6 is the plaintext image of an embodiment of the present invention and the histogram of ciphertext graph picture, wherein scheming (a) is plaintext image, figure (b) is plaintext image histogram, and figure (c) is ciphertext graph picture, and figure (d) is ciphertext image histogram;

Fig. 7 is the horizontal adjacent pixels dependency diagram of an embodiment of the present invention, and wherein, figure (a) is plaintext image, and figure (b) is ciphertext graph picture;

Fig. 8 is the vertical adjacent pixels dependency diagram of an embodiment of the present invention, and wherein, figure (a) is plaintext image, and figure (b) is ciphertext graph picture;

Fig. 9 is the diagonal adjacent pixels dependency diagram of an embodiment of the present invention, and wherein, figure (a) is plaintext image, and figure (b) is ciphertext graph picture;

Figure 10 is the ciphering process key sensitivity analysis schematic diagram of an embodiment of the present invention, wherein, figure (a) is plaintext image, figure (b) encrypts the image obtained for primary key, c image that () obtains for amended secret key encryption, figure (d) is the difference of figure (b) and figure (c) two width ciphertext graph picture;

Figure 11 is the decrypting process key sensitivity analysis schematic diagram of an embodiment of the present invention, wherein, figure (a) is plaintext image, and figure (b) is ciphertext graph picture, figure (c) is correct decrypted image, and figure (d) is wrong decrypted image;

Figure 12 is the Against Differential Cryptanalysis test schematic diagram of an embodiment of the present invention, wherein, figure (a) is plaintext image 1, figure (b) is plaintext image 2, figure (c) is for ciphertext graph is as 1, figure (d) is for ciphertext graph is as 2, and figure (e) is the difference of figure (c) and figure (d) two width ciphertext graph picture.

Embodiment

Below in conjunction with accompanying drawing, the embodiment of the present invention is described further.

In the embodiment of the present invention, as schemed, shown in (a), to be encrypted 256 grades of gray level images that a size is 256 × 256 in Fig. 2.

Have a digital image encryption method for fast key stream generting machanism, process flow diagram as shown in Figure 3, comprises the following steps:

Step 1: based on the disorder processing of GENERALIZED DISCRETE LINEAR RANDOM SYSTEM Cat Mapping implementation plaintext image, change the position of each pixel in image;

Step 1-1: implement Cat conversion to plaintext image, the scramble of the GENERALIZED DISCRETE LINEAR RANDOM SYSTEM Cat Mapping implementation image utilizing formula (1) to define, eliminate the correlativity between neighbor, formula is as follows:

$\left[\begin{array}{c}{x}^{\′}\\ y^{\′}\end{array}\right]=\left[\begin{array}{cc}1& p\\ q& \mathrm{pq}+1\end{array}\right]\left[\begin{array}{c}x\\ y\end{array}\right]\mathrm{mod}N---\left(1\right)$

Wherein, scramble key is set to p=20, q=5, as in Fig. 2 scheme (b) be depicted as application Cat map scramble 1 take turns after result.

Inverse Cat for deciphering maps and is defined as

$\left[\begin{array}{c}{x}^{\′}\\ y^{\′}\end{array}\right]=\left[\begin{array}{cc}\mathrm{pq}+1& -p\\ -q& 1\end{array}\right]\left[\begin{array}{c}x\\ y\end{array}\right]\mathrm{mod}N---\left(2\right)$

Step 1-2: for fully eliminating the correlativity between neighbor, returns and performs step 1-1, return execution 2 times, namely implements 3 to plaintext image and takes turns scramble operation.In Fig. 2, figure (c), figure (d) are respectively application Cat conversion scramble 2 and take turns the result after taking turns with 3.

As can see from Figure 2, after 2 round transformations, the correlativity between neighbor is almost completely eliminated, image visually not identifiable design.

Because scrambling process only changes the position of pixel, and do not change the value of pixel, after scramble, image has the histogram distribution identical with plaintext image.Therefore, simple scramble image well can not resist statistical attack and known/chosen-plain attact.Following steps 2 change the statistical property of image by diffusion process.

Step 2: carry out DIFFUSION TREATMENT based on the image after Logistic mapping pair scramble, changes the pixel value of every bit in image.Logistic mapping definition is as follows:

x _n+1=μx _n(1-x _n),x _n∈[0,1],μ∈[0,4] (3)

Wherein, when μ ∈ [3.57,4], system is in chaos state, as shown in Figure 4.

Step 2-1: arrange diffusion key for (x0=0.65850386701505, μ=4.0), iteration Logistic maps (i.e. formula (3)) 200 times, makes system fully enter chaos state.

For state variable x _n, 0.5 is ' bad point ', can make state variable in successive iterations, be absorbed in ' fixed point ' 0.If the state variable value x obtained in iterative process _nbe 0.5, then the disturbance that a size is 0.001 added to it.

Step 2-2: continue iteration Logistic and map (i.e. formula (3)), the currency obtaining state variable is x _n=0.78711995553875, this value is quantized, obtains the pseudo random number of 4 bytes (32 bit):

（4）

Step 2-3: will be split as the pseudo random number that 4 sizes are 1 byte (8 bit), and the plaintext value p of previous point according to current plaintext pixel to be encrypted _n-1, select the front M in these 4 pseudo random numbers individual as key stream element, wherein 1≤M≤4;

M is determined by formula (5):

M=p _n-1%4+1 (5)

Such as, if M=3, then select front 3 pseudo random numbers as key stream element, namely obtain 3 key stream elements by a chaos system iteration and quantification.For first plaintext pixel, p _n-1initial value p ₀the integer constant of a value between [0,255] can be set to by encipherer.

Will in the embodiment of the present invention be split as the pseudo random number that 4 sizes are 1 byte (8 bit).First number is (10010000) ₂=(144) ₁₀, the second number is (10001000) ₂=(136) ₁₀, the 3rd number is (11011000) ₂=(216) ₁₀, the 4th number is (01010011) ₂=(83) ₁₀.If p _n-1initial value p ₀be 33, according to M=p _n-1%4+1=2, selects the first two pseudo random number as key stream element.That is: current iteration creates two key stream elements 144 and 136.

Step 2-4: encryption is implemented to M plaintext pixel according to M the key stream element that step 2-3 obtains;

In the embodiment of the present invention, if c ₀be 128, image gray levels L=256, first the key stream element 144 obtained by step 2-3 is as current key stream element k _n.Get current plaintext pixel to be encrypted, its value is p _n=160, implement encryption to this pixel, obtaining ciphertext pixel value is

$c_n=k_n\⊕\left\{\right[p_n+k_n\left]\mathrm{mod}L\right\}\⊕c_{n-1}=144\⊕\left\{\right[160+144\left]\mathrm{mod}256\right\}\⊕128=32---\left(6\right)$

Get second key stream element 136 again with next expressly pixel 158 as current key stream element and current plaintext pixel to be encrypted, encryption obtains ciphertext pixel value and is

$c_n=k_n\⊕\left\{\right[p_n+k_n\left]\mathrm{mod}L\right\}\⊕c_{n-1}=136\⊕\left\{\right[158+136\left]\mathrm{mod}256\right\}\⊕32=142---\left(8\right)$

Contravariant for deciphering is changed to

$p_n=[k_n\⊕c_n\⊕c_{n-1}+L-k_n]\mathrm{mod}L---\left(7\right)$

Step 2-5: return and perform step 2-2, until all pixels in scramble image are encrypted complete according to order from left to right, from top to bottom;

Step 3: can, according to Cipher Strength requirement, carry out taking turns encryption, namely performs step 1 and step 2 repeatedly.

Cipher Strength described in step 3 refers to the anti-statistical attack ability of encrypted image, anti-known-plaintext/chosen-plain attact ability and Against Differential Cryptanalysis ability.

Use encrypted image that above broadcast algorithm obtains as shown in Figure 5.

Enciphering rate and security test analysis

Speed and security test analysis are encrypted, to verify its high efficiency and security to the image encryption system that the present invention realizes.Security test comprises six aspects such as key susceptibility, anti-exhaustive attack (key space), anti-statistical attack (comprising histogram, neighbor correlativity, information entropy) and Against Differential Cryptanalysis.Testing and analyzing result shows, the encryption system that the present invention proposes, and under the prerequisite with high security, enciphering rate is had an appointment the lifting of 1 times compared with classic method.

(1) enciphering rate

This method is as shown in table 1 from the enciphering rate test result of traditional chaos encrypting method to different sized images.Platform for testing is Intel Centrino T72002.0GHz and 1G internal memory.Wherein, encryption times refers to a complete encryption flow, except the scramble-diffusion time of core, also comprises magnetic disc i/o, key stream sequence generates and pre-service equal time.Can see from table 1, based on the encryption system of this method, its speed is about two times of traditional chaos encryption algorithm, and its encryption times is much smaller than network transfer delay.Therefore, this method is suitable for the actual time safety image transmitting based on broadband network very much.

Table 1 this method and traditional chaos encrypting method velocity ratio are comparatively

(2) anti-exhaustive attack (key space)

Key space refers to the total amount of different keys available in encryption or decrypting process.For the encryption system of a safety, key space should be enough large to make exhaustive attack lose efficacy.Key based on the encryption system of this method structure is made up of two parts: scramble key K ey-P and diffusion key K ey-D.

The controling parameters (p, q) that Key-P is mapped by Cat and iteration wheel number m are formed, and p, q, m are positive integer and the span of (p, q) is [1, L _s], wherein L _sfor width or the height of square-shaped image.Therefore, scramble key add up to (N ²) ^m.Diffusion key K ey-D comprises two floating number (x ₀, μ), wherein x ₀∈ [0,1], μ ∈ [3.57,4].According to IEEE floating number standard, the computational accuracy of 64 bit double-precision floating pointses is 10 ^-15.Therefore, what spread key adds up to 10 ¹⁵× 4.3 × 10 ¹⁴≈ 2 ⁹⁸.Scramble key is separate with diffusion key.If N >=256, scramble wheel number m=3, then total key space Key-S meets

Key-S=key-P×key-D≥(2 ⁸×2 ⁸) ³×2 ⁹⁸=2 ¹⁴⁶(9)

Table 2 is this method and the comparing of three kinds of classical symmetric encipherment algorithm key spaces.As can be seen from the table, the key space of this method is greater than all kinds of classical cryptographic algorithm, effectively can resist exhaustive attack.

Table 2 this method compares with three kinds of classical symmetric encipherment algorithm key spaces

(3) anti-statistical attack

(a) histogram

Histogram describes the distribution situation of pixel in piece image intuitively.The distribution of cipher-text information should have higher randomness, hides redundancy expressly and assailant can not be allowed therefrom to obtain any information about plaintext and ciphertext relation.Scheme (a) in Fig. 6, figure (b) is plaintext image and histogram thereof, and figure (c), figure (d) are ciphertext graph picture and histogram thereof.Can find out with figure (d) by scheming (b) in comparison diagram 6, compared with plaintext image, the histogram of ciphertext graph picture is evenly distributed, and illustrates that the pixel value distribution of ciphertext graph picture has good randomness.

(b) neighbor correlativity

One is had to the digital picture of clear and definite vision content, it is height correlation that its each pixel is adjacent pixel in level, vertical and diagonal.And for a good image encryption system of design, its ciphertext graph picture exported should have enough low neighbor correlativity.Fig. 7 ~ Fig. 9 is the neighbor correlativity visual testing of expressly image and ciphertext graph picture, and the pixel value of two neighbors is drawn on x-axis and y-axis by this test respectively.As can be seen from Figure 7, for plaintext image, the value of its neighbor concentrates on a pair linea angulata, illustrates there is extremely strong correlativity between neighbor.And for ciphertext graph picture, its adjacent pixel values is uniformly distributed in whole gray scale plane, illustrate not there is any correlativity between its neighbor.For the visual testing of vertical direction and diagonal, similar result can be obtained.

In order to quantitative comparison expressly and the neighbor correlativity of ciphertext graph picture, first from expressly and ciphertext graph picture random selecting 2500 pairs of consecutive point on each adjacent direction.Then, formula (10) ~ (12) are used to calculate correlation coefficient r _x,y.

$r_{\mathrm{xy}}=\frac{\frac{1}{N}\underset{i=1}{\overset{N}{\mathrm{\Σ}}}(x_i-\stackrel{\‾}{x})(y_i-\stackrel{\‾}{y})}{\sqrt{\left(\frac{1}{N}\underset{i=1}{\overset{N}{\mathrm{\Σ}}}{(x_i-\stackrel{\‾}{x})}^2\right)\left(\frac{1}{N}\underset{i=1}{\overset{N}{\mathrm{\Σ}}}{(y_i-\stackrel{\‾}{y})}^2\right)}}---\left(10\right)$

$\stackrel{\‾}{x}=\frac{1}{N}\underset{i=1}{\overset{N}{\mathrm{\Σ}}}{x}_i---\left(11\right)$

$\stackrel{\‾}{y}=\frac{1}{N}\underset{i=1}{\overset{N}{\mathrm{\Σ}}}{y}_i---\left(12\right)$

Wherein, x and y is the gray-scale value of two consecutive point in image respectively, and N is the number of sampled point.

Expressly image is as shown in table 3 in level, correlativity that is vertical and diagonal with corresponding ciphertext graph picture.Can draw from Fig. 7 ~ Fig. 9 and table 3, by using this encryption method, the strong correlation expressly in image between neighbor obtains effective elimination in ciphertext graph picture.

Table 3 expressly image compares with the neighbor correlativity of ciphertext graph picture

(c) information entropy

Information entropy is the important indicator of sign information source randomness and unpredictability.For an information source s, its entropy is:

$H\left(s\right)=-\underset{i=0}{\overset{2^N-1}{\mathrm{\Σ}}}P\left(s_i\right){\log }_{2}P\left(s_i\right)---\left(13\right)$

Wherein, N is expression code element s _ibit number needed for ∈ s, P (s _i) represent code element s _ithe probability occurred.For one by 2 ⁿthe pure random information source of individual different code element composition, its entropy is H (s)=N.Therefore, 2 are had for one ⁸the ciphertext graph picture of=256 grades of gray scales, the theoretical value of its information entropy is H (m)=8.If the entropy of the ciphertext exported is less than 8, then there is predictability to a certain degree in ciphertext, will threaten the safety of system.

Calculate based on formula (13), expressly the information entropy of image and ciphertext graph picture is respectively H (s)=7.3507 and H (s)=7.9980.The information entropy closely ideal value 8 of ciphertext graph picture, illustrates that the pixel value distribution of ciphertext graph picture has high randomness.

Known by the analysis of above three aspects, the encryption system that this method builds has good anti-statistical attack ability.

(4) key susceptibility

Key susceptibility means the key that two difference is minimum, when encrypting identical plaintext, will produce diverse ciphertext.This character is extremely important for encryption system, otherwise assailant can attempt removing recovered part cleartext information by close key.

(a) ciphering process key susceptibility

For testing encryption process is to the susceptibility of key, first use diffusion key (x ₀=0.63235924622541, μ=4.0) plaintext image is encrypted, then its value is revised as (x ₀=0.63235924622542, μ=4.0), namely only the one-component of diffusion key is increased by 0.00000000000001, scramble key remains unchanged, observe by the image of secret key encryption and the difference between them after primary key and amendment, as shown in Figure 10.Scheming (a) in Figure 10 is plaintext image, and figure (b) adopts primary key to encrypt the ciphertext obtained, and figure (c) is the ciphertext adopting amended secret key encryption to obtain, and schemes the difference that (d) is two ciphertext graph pictures.By calculate publish picture (b) and figure (c) diversity factor be 99.61%.The change in addition small to the other parts of key, can obtain similar result.

(b) decrypting process key susceptibility

In this test, the secret key of a first selected encryption, then uses the correct key identical with the secret key of encryption and the false key very close with encryption key to be decrypted respectively, observes deciphering effect.If correct diffusion key is (x ₀=27849821886704, μ=4.0), the diffusion key of mistake is (x ₀=27849821886704, μ=3.99999999999999), namely false key only reduces 0.00000000000001 than correct key on second component, and deciphering effect is as shown in figure 11.Scheming (a) in Figure 11 is plaintext image, and figure (b) is the ciphertext graph picture after encryption, and figure (c) is the image after correct secret key decryption, and figure (d) is the image after false key is deciphered.As calculated, mistake decrypted image is 99.60% with the diversity factor of plaintext image.The change in addition small to the other parts of key, can obtain similar result equally.

From the analysis of above two aspects, the encryption system built based on this method has high key susceptibility, even if use one to have the decruption key of extremely fine difference with encryption key, can not decipher and obtain any information relevant to plaintext.

(5) Against Differential Cryptanalysis

Differential attack refers to that assailant utilizes the minor alteration of image, such as, changes the pixel value of a pixel of expressly image, observes the difference of encrypted result, and carry out breaking encryption algorithm accordingly.If expressly a minor alteration of image can be diffused in view picture ciphertext graph picture effectively, then differential attack will be infeasible.The Against Differential Cryptanalysis ability of encryption system is weighed based on NPCR (number of pixels change rate) and UACI (unified average change intensity) two indices usually.NPCR for testing the diversity factor between two width images, if P ₁(i, j) and P ₂(i, j) represents P respectively ₁with P ₂two width images are positioned at the pixel value that (i, j) puts, and NPCR is defined as:

$\mathrm{NPCR}=\frac{\underset{i=1}{\overset{W}{\mathrm{\Σ}}}\underset{j=1}{\overset{H}{\mathrm{\Σ}}}D(i,j)}{W\×H}\×100\%,---\left(14\right)$

Wherein, W and H is respectively width and the height of image, and D (i, j) is defined as

$D(i,j)=\left\{\begin{array}{ccc}0& \mathrm{if}& P_1(i,j)=P_2(i,j),\\ 1& \mathrm{if}& P_1(i,j)\≠P_2(i,j).\end{array}\right.---\left(15\right)$

For two pure random images, its NPCR theoretical value is

${\mathrm{NPCR}}_{\mathrm{expected}}=(1-\frac{1}{2^{{\log }_{2}L}})\×100\%,---\left(16\right)$

Wherein, L is the grey level of image.Such as, for 2 the 256 grades pure random images of gray scale, its NPCR theoretical value is 99.61%.

UACI is for testing the gray difference intensity between two images, and it is defined as

$\mathrm{UACI}=\frac{1}{W\×H}\left[\underset{i=1}{\overset{W}{\mathrm{\Σ}}}\underset{j=1}{\overset{H}{\mathrm{\Σ}}}\frac{|P_1(i,j)-P_2(i,j)|}{L-1}\right]\×100\%.---\left(17\right)$

For two pure random images, its UACI theoretical value is

${\mathrm{UACI}}_{\mathrm{expected}}=\frac{1}{L^2}\left(\frac{\underset{i=1}{\overset{L-1}{\mathrm{\Σ}}}i(i+1)}{L-1}\right)\×100\%.---\left(18\right)$

Such as, for 2 the 256 grades pure random images of gray scale, its NPCR theoretical value is 33.46%.

For the image encryption system that a design is good, its NPCR and UACI should as far as possible close to theoretical value.Based on above discussion, suppose that the most extreme case of one is tested system here, namely two width expressly images only have the difference of a pixel in the lower right corner.The gray-scale value of scheming expressly its lower right corner pixel of image shown in (a) in Figure 12 is 106, and shown in figure (b), expressly the gray-scale value of its lower right corner pixel of image is 107.Adopt identical double secret key two width expressly image implement encryption, the difference between the ciphertext graph picture obtained and two width ciphertext graph pictures is respectively as schemed (c), figure (d), scheming shown in (e) in Figure 12.Be 99.60%, UACI value by the NPCR value calculated between two width ciphertext graph pictures be 33.45%.

Known based on above test result, this method effectively can resist differential attack.

Claims (2)

1. there is a digital image encryption method for fast key stream generting machanism, it is characterized in that: comprise the following steps:

Step 1: based on the disorder processing of GENERALIZED DISCRETE LINEAR RANDOM SYSTEM Cat Mapping implementation plaintext image, change the position of each pixel in image;

Step 1-1: set the size of plaintext image to be encrypted as N × N, the scramble of the GENERALIZED DISCRETE LINEAR RANDOM SYSTEM Cat Mapping implementation image utilizing formula (1) to define, eliminate the correlativity between neighbor, formula is as follows:

$\left[\begin{array}{c}{x}^{\′}\\ y^{\′}\end{array}\right]=\left[\begin{array}{cc}1& p\\ q& pq+1\end{array}\right]\left[\begin{array}{c}x\\ y\end{array}\right]\mathrm{mod}N---\left(1\right)$

Wherein, x, y are the coordinate before conversion: x', y' are the new coordinate after conversion; (p, q) ∈ [1, N] is the systematic parameter controlling scrambling process, the scramble key namely arranged by encipherer;

Inverse Cat for deciphering maps and is defined as

$\left[\begin{array}{c}{x}^{\′}\\ y^{\′}\end{array}\right]=\left[\begin{array}{cc}pq+1& -p\\ -q& 1\end{array}\right]\left[\begin{array}{c}x\\ y\end{array}\right]\mathrm{mod}N---\left(2\right)$

Step 1-2: return and perform step 1-1, fully to eliminate neighbor correlativity, returning and performing step is 2 ~ 3 times;

Step 2: adopt the image after Logistic mapping pair scramble to carry out DIFFUSION TREATMENT, change the pixel value of every bit in image;

Logistic mapping definition is as follows:

x _n+1＝μx _n(1-x _n),x _n∈[0,1],μ∈[0,4] (3)

Wherein, μ and x is respectively controling parameters and state variable, x _nrepresent the state variable value of n-th iteration; x _n+1represent the state variable value of (n+1)th iteration;

Step 2-1: encipherer arranges diffusion key (x ₀, μ), wherein x ₀for state variable initial value; Iterative formula (3) N ₀secondary, above-mentioned N ₀for constant, and N ₀>=200, make system fully enter chaos state;

Step 2-2: continue iterative formula (3), utilize formula (4) to the currency x of chaotic maps state variable _nquantize, obtain the pseudo random number of 4 bytes, formula is as follows:

Wherein, represent the pseudo random number of 4 bytes, the round values that floor (x) function representation layback x is nearest; Mod (x, y) function representation returns the remainder of x divided by y;

Step 2-3: will be split as the pseudo random number that 4 sizes are 1 byte, and the plaintext value p of previous point according to current plaintext pixel to be encrypted _n-1, select the front M in these 4 pseudo random numbers individual as key stream element, wherein 1≤M≤4;

M is determined by formula (5):

M＝p _n-1％4+1 (5)

For first plaintext pixel, p _n-1initial value p ₀the integer constant of a value between [0,255] can be set to by encipherer;

Step 2-4: encryption is implemented to M plaintext pixel according to M the key stream element that step 2-3 obtains;

Formula is as follows;

c _n＝k _n⊕{[p _n+k _n]mod L}⊕c _n-1(6)

Wherein, k _n, p _n, c _nbe respectively the ciphertext pixel value of the key stream element of current operation, expressly pixel value and output; L is the gray level of image; c _n-1for the ciphertext pixel value of previous pass point, its initial value c ₀a constant can be set to; ⊕ represents step-by-step xor operation; If it is individual less than M to remain pixel to be encrypted, then only encrypt remaining pixel;

Contravariant for deciphering is changed to

p _n＝[k _n⊕c _n⊕c _n-1+L-k _n]mod L (7)

Step 2-5: return and perform step 2-2, until all pixels in scramble image are encrypted complete according to order from left to right, from top to bottom;

Step 3: can, according to Cipher Strength requirement, carry out taking turns encryption, namely performs step 1 and step 2 repeatedly.

2. a kind of digital image encryption method with fast key stream generting machanism according to claim 1, is characterized in that: Cipher Strength described in step 3 refers to the anti-statistical attack ability of encrypted image, anti-known-plaintext/chosen-plain attact ability and Against Differential Cryptanalysis ability.