Four dimensional chaotic ciphers for secure image transmission

Four Dimensional Chaotic Ciphers for Secure Image Transmission Mohamed Hamdi, Noureddine Boudriga Communication Networks and Security Research Lab. University of 7th of November at Carthage, Tunisia Abstract— This paper proposes a chaotic encryption scheme for image data transmission and multimedia communication. To this end , we first extend the definition of the well-known Arnold 2-D chaotic map to the four-dimensional context. We demonstrate that the chaotic behaviour of the Arnold function is enhanced through our extension to four dimensions. Second, we develop a cryptosystem based on the use of chaotic maps and wavelet decomposition. In fact, by involving the wavelet decomposition filters in the encryption process in addition to the pixel positions and the image gray levels, the 4-D chaotic map is defined in a way that it extends the 3-D chaotic map presented in the literature. This allows to adapt the efficiency of the encryption algorithm to the security needs and the available bandwidth through progressive encryption. According to the length of the symmetric key, different resolutions of the image can be obtained at the decryption level. Keywords Chaotic ciphers, wavelet transform, Arnold map. I. I NTRODUCTION The open nature of today’s networks makes the transmitted multimedia content subject to many potential threats (e.g., access to confidential images, non-authorized modification of tracking data). Hence, appropriate encryption algorithms should be used to provide an adequate protection to sensitive images. This paper introduces a novel approach for symmetric image encryption based on chaotic maps. Actually, the idea of using chaos for developing encryption algorithms is very old. In his seminal paper about cryptography, Shannon [1] mentioned that ”... good mixing are often formed by repeated products of two simple non-commuting operations.” In the past decades, the use of chaos-based ciphers in various contexts has been investigated. Among these contexts, image encryption perhaps constitutes the most important application of chaos theory to network security. The main reason is that chaotic transforms conform to the special features of multimedia data [2]. Nevertheless, to the best of our knowledge, all of the proposed constructions involve 2D or 3D chaotic maps. In this work, a four-dimensional chaotic map is defined and used for encrypting the images acquired by vision sensors before being transmitted through the satellite backbone to the analysis center (Section 2 describes the architecture of the considered hybrid WSN). Our technique relies on the extension of the Arnold 2dimensional chaotic in such a manner that the image gray levels as well as the wavelet filters used for multiresolution decomposition can be integrated in the cryptosystem. Throughout a rigorous security analysis, we demonstrate that our algorithm outperforms the existing approaches. Concrete results obtained through simulations on real images also confirm the efficiency of our method. 978-1-4244-2571-6/08/$25.00 ©2008 IEEE The organization of this paper is as follows. Section 2 reviews the most pertinent chaotic encryption schemes that have been proposed in the literature. The mathematical framework representing the new four-dimensional Arnold chaotic map is introduced in Section 3. Section 4 performs key space analysis and statistical analysis in order to assess the proposed cryptosystem. Section 5 discusses results obtained through simulations on real data. Section 6 concludes the paper. II. S TATE - OF - THE - ART OF CHAOTIC IMAGE CIPHERS Due to the tight relationship between chaos and cryptography, in the past two decades it is widely investigated how to use chaotic maps to construct cryptosystems. Basically, there are two typical ways using chaos in image/video encryption schemes: 1) use chaos as a source to generate pseudorandom bits with desired statistical properties to realize secret encryption operations; 2) use 2-D chaotic maps (or fractal-like curves) to realize secret permutations of digital images/frames. The first way has been widely used to design chaotic stream ciphers, while the second is specially employed by chaosbased image encryption schemes. The idea of using 2-D chaotic maps to design permutationbased image encryption schemes was initially proposed in [8]. Assuming that the size of the plain-image is H × W , the encryption procedure can be described as follows: (a) define a discretized and invertible 2-D chaotic map on a H ×W lattice, where the discretized parameters serve as the secret key; (b) iterate the discretized 2-D chaotic maps on the plain-image to permute all pixels; (c) use a substitution algorithm (cipher) so as to modify the values of all pixels to flatten the histogram of the image, i.e., to enable the confusion property; and (d) repeat the permutation and the substitution for k rounds to generate the cipher-image. In [9], it was pointed out that there exist some weak keys in Fridrichs image encryption scheme [10]. This problem is caused by the short recurrent-period effect of the discretized Baker map: for some keys, the recurrent period of the chaotic permutation is only 4. To overcome this defect, in [11], a modified Fridrichs image encryption scheme was proposed. An extra permutation (shifting pixels in each row) is introduced to avoid short recurrent period of the discretized chaotic permutation. The existence of weak keys signifies the importance of the dynamical properties of the discretized chaotic permutations. However, till now only limited results on a subset of all chaotic possible permutations have been reported, therefore further theoretical research is needed to clarify this issue and its negative effect on the security of the image encryption schemes. Recently, 2-D discretized chaotic maps were generalized to 3-D counterparts: 3-D Baker map in [12] and 3-D Cat 437 ICME 2008 The resulting four-dimensional chaotic map is obtained by combining the four aforementioned transforms. This expressed by Equation III.2. ⎡ ⎤ xn+1 ⎢ ⎢ yn+1 ⎥ ⎢ ⎥ ⎢ ⎣ zn+1 ⎦ = Ax .Ay .Az .At ⎣ tn+1 ⎡ Fig. III.1. Matrices used to build the 4-D chaotic transform. map in [13]. The third dimension allows scrambling the image gray levels in a chaotic manner. Based on the proposed 3D discretized chaotic maps, after re-arranging the 2-D plainimage into a 3-D lattice (over which the 3-D chaotic map is iterated), the plain-image can be encrypted in a similar procedure to the original Fridrichs scheme. Another difference of the two schemes from the Fridrichs scheme is that a chaotic PRNG (pseudo-random number generator) based on the 1-D Logistic map is used to realize the substitution algorithm. III. A NOVEL FOUR - DIMENSIONAL IMAGE ENCRYPTION ALGORITHM The basic idea of our work is to develop a four dimensional chaotic map that preserves the traditional permutations on pixel positions and gray levels (provided by 3-D maps) but also introduces some ’randomness’ in the compression process, which is based on the wavelet transform. A. Definition of a 4-D chaotic map To implement the ideas presented in the foregoing discussion, we develop a 4-D chaotic map based on the 2-D Arnold chaotic map expressed by:  xn+1 yn+1  =  1 a a 1 + ab  xn yn  mod (1), (III.1) a and b are the control parameters defining the map, and r mod (1), for r ∈ R, denotes the fractional parts of r by subtracting or adding an appropriate integer. As it has been mentioned above, this map has been extended in [13] to a three-dimensional context. In the following, we propose a four-dimensional extension allowing to express the vector ⊤ ⊤ [xn+1 , yn+1 , zn+1 , tn+1 ] as a function of [xn , yn , zn , tn ] , where .⊤ denotes the transposition operator. To this end, we define four matrices Ax , Ay , Az , and At given by Figure III.2 where αx , αy , αz , αt , βx , βy , βz , and βt are in [0, 1].. These matrices extend the canonical 3-D Arnold map proposed in [13]. It is noteworthy that the matrix Ax corresponds to the case where xn+1 = xn and the canonical 3-D Arnold map is performed on the remaining parameters. The same reasoning applies for the remaining matrices. 438 ⎤ xn yn ⎥ ⎥ zn ⎦ tn mod (1). (III.2) In the following, A4D will denote the product Ax .Ay .Az .At . To measure the data mixing capability of the novel 4-D map, we compute its leading Lyapunov characteristic exponent, which has been mentioned in [10] as a measurable dynamic indicator. In our context, since the chaotic map is expressed by a matrix multiplication, it can be shown that the Lyapunov exponents equal the eigenvalues of the matrix A4D . We found that this matrix has four eigenvalues λ1 = 8.85, λ2 = 43.10−2 , and λ3 = λ4 = 5.10−3 . The reader familiar with chaos theory may have noticed that the leading Lyapunov exponent is strictly larger than 1, meaning that the 4-D map is effectively chaotic. More importantly, the leading Lyapunov characteristic exponent is larger than that of the 3-D extension proposed by Chen et al. in [13], which equals 7.18. Henceforth, the chaotic behavior of the 4-D extension of Arnold map is better than that of the 3-D version. B. The encryption process The second generation wavelet transform [14], also known as the lifting scheme, introduces new insights related to lossless compression. The lifting scheme, which is a special construction of the wavelet transform, is performed according to the following steps: (a) Split: The set of initial coefficients xj = (xj (n)n∈N ) is divided into two different subsets xoj = (xj (2n + 1)n∈N ) and xej = (xj (2n)n∈N ); (b)Predict: The set xoj is updated using xoj+1 (n) = xoj (n) − P(xej )(n); and (c) Update: The same filtering operation is applied to xej with another predictor P ′ . In other terms, xej+1 (n) = xej (n) − P ′ (xoj )(n). In our work, we propose to modify the traditional compression process in order to support advanced encryption functionalities. Supposing that S is the number of wavelet steps, we propose to use different parameters for the prediction filter at each step s ∈ {1, .., S}. These parameters can be selected based on a chaotic strategy as it will be described in the following subsection. The encryption steps defined in this figure will be detailed in the following. Having introduced the mathematical foundations of the 4-D chaotic Arnold map, a subsequent image encryption process can be defined. This process scrambles not only pixel positions and gray levels, but also the predictors used to perform the second generation wavelet transform. In this section, we detail the three elementary steps of this process. 1) Key construction: Since the 4-D chaotic map that has been defined in the previous section is mathematically defined on [0, 1]4 , it should clearly be adapted to the image context where all variables (i.e., dimension, number of gray levels, number of wavelet steps) are discrete. The simplest manner to perform such discretization is to replace the mod (1) operator by mod (p), where p can be equal to the image width W or to the image height H. Then, we extend the key generation function presented in [11]. More accurately, we propose the usage of 128-bit key composed of eight 12-bit fields corresponding to the map parameters, one 16-bit field corresponding to the number of iterations of the 4-D chaotic map, and one 16-bit field corresponding to the initial values of the key generation function. 2) First iteration: The first iteration consists in applying the wavelet transform Wβ1 to the original image I(., .) with a prediction filter Pβ1 given by: P(xej )(n) = β1 xej (n) + (1 − β1 )xej (n + 1), (a) (b) (c) (III.3) where β1 ∈ [0, 1]. The parameter β1 is obtained by iterating p times the map defined by A4D while setting t0 to 1 in the initial vector. This iteration generates four W H 2 × 2 sub-images LL1 , HL1 , LH1 , and HH1 . 3) ith iteration: The process described above is repeated by ⊤ computing βi such that [xn+1 , yn+1 , zn+1 , βi ] = Ap4D ⊤ [x0 , y0 , z0 , i] . 4) S th iteration: Having obtained the image IS where the approximation image is of size 21S × 21S , the traditional 3-D Arnold map is performed to mix the pixel positions as well as the image gray levels. For the sake of parsimony, the diffusion process, which objective is to cope with the periodicity of chaotic maps, is not detailed at this level since it is beyond the contribution of the paper. The reader would refer to [11], [13] for more information about it. IV. S ECURITY ANALYSIS Some security analysis has been performed on the proposed image encryption scheme, including the most important ones like key space analysis, statistical analysis, and differential analysis, which has demonstrated the satisfactory security of the new scheme, as demonstrated in the following. Fig. IV.1. Key sensitivity analysis. B. Sensitivity analysis Assume that a 16-character ciphering key is used. This means that the key consists of 128 bits. A typical key sensitivity test has been performed, according to the following steps: 1) First, a 512 × 512 image is encrypted by using a given key, say ’1234567890123456’. 2) Then, the least significant bit of the key is changed, so that the original key becomes, say ’1234567890123457’ in this example, which is used to encrypt the same image. 3) Finally, the above two ciphered images, encrypted by the two slightly different keys, are compared. Having applied these steps to the first frame of the ’Vivid’ image (see Section 6 for a detailed description of this image), we found that the rate of different pixels in two images encrypted by two keys K1 and K2 which differ in only one bit has 99.78 % of average. Moreover, when the image is encrypted using K1 and decrypted using K2 , Figure IV.1 shows that no visual information can be got about the original image. V. S IMULATIONS AND RESULTS A. Key space analysis This algorithm is a 128-bit encryption scheme, with key space size 2128 ⋍ 34028 × 1038 . Since this scheme takes advantage of the 4-D Arnold map, the opponent may try to bypass guessing the key and instead directly guess all the possible combinations of the control parameters used to build the matrices Ax , Ay , Az , and At . In the following, these parameters are denoted ax , bx , ay , by , az , bz , at , and bt . However, the combinations of the 4-D chaotic map control parameters are large enough to prevent such exhaustive searching. A rough estimate of all possible combinations of control parameters is as follows. Suppose that one has a 512 × 512 image. According to the encryption scheme, it will be piled up to a 64 × 64 × 64 cube. Then, since each of the aforementioned control parameters in between 1 and 64. possible combinations of control parameters are 648 = 248 ⋍ 2.81 × 1014 . Notice that this is just for one round of the several iterations. If each ciphering round of the 4-D Arnold map uses different ciphering keys, then the increase of round numbers will further enlarge the key space. Compared with the 3-D cat map, the key space of the 4-D map is much larger than the key space of the 3-D map, which is already very large (about 236 ⋍ 6.87 × 1010 ). 439 Four test images (’Adams1’, ’Adams2’, ’Zurich’, and ’Vivid’) have been used to simulate the image encryption techniques that have been proposed in this paper. Brief descriptions of these images are given in the following: 1) ’Adams1’ and ’Adams2’: These are two 512x512-size aerial images acquired in North Dakota in the frame of US the National Agriculture Imagery Program (NAIP). c Institute of Geodesy and Photogrammetry, 2) ’Zurich’ ( ETH Zurich): ’Zurich’ is a 3737x3393-size image covering an area nearby the center of Zurich (Switzerland) and the ETH Hoenggerberg. The Zurich Hoengg data set is based on aerial photography collected over Zurich in 1995. 3) ’Vivid’: This sequence composed of 2571 images is part of the VIVID tracking evaluation dataset (available at http://www.vividevaluation.ri.cmu.edu/main.html). They represent several military vehicles looping around on a runway, then driving straight. Statistical analysis has been performed on the proposed image encryption algorithm, demonstrating its superior confusion and diffusion properties which strongly resist statistical attacks. This is shown by a test on the histograms of the Fig. V.1. Histograms of the plain-image and the cipher-image. enciphered images and on the correlations of adjacent pixels in the ciphered image. 1) Histograms of encrypted images. Select several 256 grey-scale images of size 512 × 512 that have different contents, and calculate their histograms. One typical example among them is shown in Figure V.1. From the figure, one can see that the histogram of the ciphered image is fairly uniform and is significantly different from that of the original image. 2) Correlation of two adjacent pixels. To test the correlation between two vertically adjacent pixels, two horizontally adjacent pixels, and two diagonally adjacent pixels, respectively, in a ciphered image, the following procedure was carried out. First, randomly select 1000 pairs of two adjacent pixels from an image. Then, calculate the correlation coefficient of each pair Figure V.2 shows the correlation distribution of two horizontally adjacent pixels in the plain-image and that in the cipherimage: the correlation coefficients are 0.91765 and 0.01183, respectively, which are far apart. VI. C ONCLUSION In this paper, the well-known 2-D Arnold chaotic map has been generalized to four dimensions extending the 3-D approach proposed in [13]. This new scheme employs the 4D Arnold map to shuffle the positions, gray values of image pixels, as well as the wavelet filters used in the compression process. This allows enhancing confusing the relationship between cipher-image and plain-image. An extension of this scheme, involving wavelet packet transforms rather than trivial wavelet transform, is currently under development. Fig. V.2. Correlations of two horizontally adjacent pixels in the plain-image and in the cipher-image. [5] J. Mineweaser, ”Networking in the Transformational Communications Architecture,” NASA Third Space Internet Workshop, June 2003. [6] A. Perrig, J. Stankovic, and D. Wagner, Security in Wireless Sensor Networks, Communications of the ACM, vol.47, no.6, 2004. [7] L. Qiao, K. Nahrsted, ”Comparison of MPEG Encryption Algorithms,” Computers and Graphics Journal, Vol. 22, No. 4, pp. 437-448, 1998. [8] J. Scharinger, ”Fast encryption of image data using chaotic Kolmogorov flows,” J. Electronic Imaging, 7(2):318325, 1998. [9] M. Salleh, S. Ibrahim, I. F. Isinn, ”Ciphering key of chaos image encryption,” In Proc. Int. Conference on Artificial Intelligence in Engineering and Technology (ICAIET2002), pages 5862, 2002. [10] J. Fridrich, ”Symmetric ciphers based on two-dimensional chaotic maps,” Int. J. Bifurcation and Chaos, 8(6):12591284, 1998. [11] M. Salleh, S. Ibrahim, I. F. Isinn, ”Enhanced chaotic image encryption algorithm based on Bakers map,” In Proc. IEEE Int. Symposium on Circuits and Systems (ISCAS2003), volume II, pages 508511, 2003. [12] Y. Mao, G. Chen, ”Chaos-based image encryption,” In Eduardo BayroCorrochano, editor, Handbook of Computational Geometry for Pattern Recognition, Computer Vision, Neural Computing and Robotics. Springer-Verlag, Heidelberg, April 2004. [13] Y. Mao, G. Chen, C. K. Chui, ”A symmetric image encryption scheme based on 3D chaotic cat maps,” Chaos, Solitons & Fractals, 21(3):749761, 2004. [14] W. Sweldens, ”The Lifting Scheme: A New Philosophy in Biorthogonal Wavelet Constructions,” Proceedings of SPIE, Vol. 2569, pp. 68-79, 1995.” [15] R. T. Collins, X. Zhou, S. K. Teh, ”An Open Source Tracking Testbed and Evaluation Web Site ,” IEEE International Workshop on Performance Evaluation of Tracking and Surveillance (PETS 2005), Breckenridge, USA, January, 2005. [16] X. Fengjun, D. Morrell, ”Target Tracking Using an Image Sensor with a Configurable Active Area,” Conference Record of the Thirty-Eighth Asilomar Conference on Signals, Systems and Computers,Volume 2, pp. 2111 - 2115, California, USA, November 2004. R EFERENCES [1] C. Shannon, ”Communication Theory of Secrecy Systems,” Bell System Technical Journal, Vol. 28, pp. 656-715, 1949. [2] J. Fridrich, ”Symmetric Ciphers Based on Two-Dimensional Chaotic Maps,” International Journal of Bifurcation and Chaos, Vol. 8, Issue 6, pp. 1259-1284, 1998. [3] M. Hamdi, N. Boudriga, ”WHOMoVeS: An Optimized Broadband Sensor Network for Military Vehicle Tracking,” Accepted for publication in the International Journal of Communication Systems, 2007. [4] C. Anderson, ”MLSATCOMVL Transformation,” Ground System Architectures Workshop, March 2005. 440