A novel image encryption scheme based on a linear hyperbolic chaotic system of partial differential equations

Signal Processing: Image Communication 28 (2013) 292–300

Contents lists available at SciVerse ScienceDirect

Signal Processing: Image Communication journal homepage: www.elsevier.com/locate/image

A novel image encryption scheme based on a linear hyperbolic chaotic system of partial differential equations Yushu Zhang a,n, Di Xiao a, Yonglu Shu b, Jing Li b a b

College of Computer Science, Chongqing University, Chongqing 400044, PR China College of Mathematics and Statistics, Chongqing University, Chongqing 401331, PR China

a r t i c l e in f o

abstract

Article history: Received 14 November 2011 Accepted 26 December 2012 Available online 4 January 2013

Compared with general chaotic systems, a linear hyperbolic chaotic system of partial differential equations with nonlinear boundary conditions has larger parameter space, stronger sensitivity to initial condition and control parameter, better random-like behavior and so on, but it has not been employed in cryptography so far. Then using its significant properties, we present a new cryptosystem with coupled map lattices and time-varying delay. The proposed image encryption algorithm with permutation– diffusion architecture can overcome some drawbacks in the existing methods, because the sum of pixel value of original image is used for determining the permutation parameters and the previous cipher image information is utilized in the next diffusion. Theoretical analysis and computer experiments confirm that the new algorithm is efficient, practicable, and reliable, with high potential to be adopted for network security and secure communications. & 2013 Elsevier B.V. All rights reserved.

Keywords: Hyperbolic chaotic systems Partial differential equations Image encryption Coupled map lattices Time-varying delay

1. Introduction Image data is receiving more and more attention due to the widespread transmission over various communication channels. Thus, image encryption is of great significance but of difference from traditional text encryption due to some inherent features of the image, such as bulk data capacity, high redundancy, and strong correlation among adjacent pixels. A variety of image encryption schemes have ever been proposed [1–6,8–12,18,27–31,34]. Chaos theory consistently plays an important role in modern cryptography. As the basis for developing cryptosystem, the advantage of chaos lies in its random behavior and sensitivity to initial conditions and parameter settings to fulfill the classic Shannon requirements of confusion and diffusion [7]. Based on this, some algorithms consisting of two ways have been proposed recently [8–12]. In [8], a symmetric image encryption scheme based on 3D chaotic

n

Corresponding author. E-mail address: [email protected] (Y. Zhang).

0923-5965/$ - see front matter & 2013 Elsevier B.V. All rights reserved. http://dx.doi.org/10.1016/j.image.2012.12.009

cat maps was proposed. A more complex encryption scheme which combines discrete and continuous time chaotic systems was designed in [9]. In [10], Wang et al. proposed a novel color image encryption algorithm based on chaos. Two image encryption schemes with compound chaotic sequence cipher shifting dynamically and chaotically coupled chaotic maps were proposed in [11] and [12], respectively. Unfortunately, these chaos-based image encryption algorithms with a permutation–diffusion structure were broken in [13–17], respectively. The reason why those cryptosystems is not immune to some famous attacks such as chosen-plaintext/known-plaintext attacks is that the control parameters for permutation are fixed in encryption and the keystream extracted from the chaotic orbit depends only on the key. These two drawbacks were proposed in [18] for the first time. Simultaneously, spatiotemporal chaotic systems, in comparison with the general chaotic systems, have larger parameter space, stronger sensitivity to initial condition and control parameter, better random-like behavior and so on. For example, a linear hyperbolic spatiotemporal chaotic system of partial differential equations (PDE) in [19] maintains much longer

Y. Zhang et al. / Signal Processing: Image Communication 28 (2013) 292–300

periodicity in digitalization and gains excellent performance in cryptography and to the best of authors’ knowledge, it has not been employed in cryptography so far. Moreover, time-delay in CML (coupled map lattices) and its synchronization which has been studied in [20,21] can be related to diffusion in cryptosystem. According to the above discussion, a novel scheme with variable control parameters is proposed in this paper, where a spatiotemporal chaotic system, CML, and time-varying delay are utilized in the presented scheme. Thus, this cryptosystem based on confusion–diffusion architecture can make a high secure level. The main novelty of this paper can be summarized as follows: (1) a linear hyperbolic chaotic system of partial differential equations with nonlinear boundary conditions is used to encrypt for the first time; (2) the sum of all the pixel values in the image is considered to generate keystream in the permutation stage; (3) the information of the former cipher image is associated based on CML and time-varying delay to encrypt the current plain image.

2. Chaotic cryptosystem 2.1. A linear hyperbolic spatiotemporal chaotic system of partial differential equations We first present a brief review of a linear hyperbolic chaotic system of partial differential equations. This system about the initial-boundary value problem can be

defined as [19] 8 " # " # # " c1 0 @ uðx,tÞ > @ uðx,tÞ > > ¼ > > > xðx,tÞ 0 c2 @x xðx,tÞ > < @t vð0,tÞ ¼ gðuð0,tÞÞ, uð1,tÞ ¼ f ðvð1,tÞÞ > > > > uðx,0Þ ¼ jðxÞ, vðx,0Þ ¼ cðxÞ, j, c 2 Cð½0,1Þ > > > : 0 ox o1,t 40,c ,c 4 0: 1

293

ð1Þ

2

Theorem 1. Let jð½0,1Þ ¼ ½a1 ,a2  D ½a,b, a2 a1 4 0, cð½0, 1Þ ¼ ½a3 ,a4  D ½c,d, a4 a3 4 0, f : ½a,b-½c,d, g : ½c,d-½a,b be continuous. (1) If gf : ½a,b-½a,b is chaotic, then uðx,tÞ, vðx,tÞ are chaotic. (2) If fg : ½a,b-½a,b is chaotic, then uðx,tÞ,vðx,tÞ are chaotic. Proof. It is easy to see that uðx,tÞ,vðx,tÞ are constant along the characteristic lines, x þ c1 t ¼ const, xc2 t ¼ const. Thus by some elementary calculation we get the solution of (1) as 8 1x > > > jðx þ c1 tÞ, 0 r t r c > > 1 > > > c1 þ c2 c2 ðx þ c1 tÞ 1x > c1 þ c2 c2 x > > , f c otr > < c1 c1 c1 c2   uðx,tÞ ¼ c2 ðx þ c1 tÞkðc1 þ c2 Þ > k > , ak ot rbk > ðfgÞ j > > c2 > >   > > > ðk þ 1Þðc1 þ c2 Þc2 ðx þ c1 tÞ > k > , b k o t r ak þ 1 : : ðfgÞ f c c1 ð2Þ

Fig. 1. Temporal evolution wave form of (a) uðx,tÞ, x ¼ 0:11, (b) vðx,tÞ, x ¼ 0:11 and spatial evolution wave form of (c) uðx,tÞ, t ¼ 501, (d) vðx,tÞ, t ¼ 501.

294

Y. Zhang et al. / Signal Processing: Image Communication 28 (2013) 292–300

8 x > > > cðxc2 tÞ, 0 rt r c > 2 > >   > > c1 ðc2 txÞ x c2 þ c1 x > > > , g j ot r > < c2 c2 c1 c2   vðx,tÞ ¼ c ðxc tÞ þ kðc þ c Þ 1 2 1 2 > > ðgf Þk c , pk o t r qk > > c1 > > >   > > c ðc txÞkðc1 þ c2 Þ > > > ðgf Þk g j 1 2 , qk ot rpk þ 1 , : c2

Corollary 1. Let jð½0,1Þ D ½a,b, cð½0,1Þ D ½a,b. If gðxÞ ¼ x, f : ½a,b-½a,b are continuous and chaotic, then uðx,tÞ,vðx,tÞ are chaotic. If f ðxÞ ¼ x, g : ½a,b-½a,b are continuous and chaotic, then uðx,tÞ,vðx,tÞ are chaotic.

ð3Þ where

2.2. Permutation algorithm

kðc1 þ c2 Þc2 x ak ¼ , c1 c 2

kðc1 þ c2 Þ þ c2 c2 x bk ¼ , c1 c2

k ¼ 1,2, . . .

and pk ¼

For example, let gðxÞ ¼ x, f : ½0,1-½0,1, f ðxÞ ¼ 4xð1xÞ; Then f is chaotic [22]. c1 ¼ c2 ¼ 1, jðxÞ ¼ x, cðxÞ ¼ sin x; Then for jð½0,1Þ D½0,1, cð½0,1Þ D ½0, sin 1, simulated with Matlab 7.10.0 for spatial step h ¼ 0:005, we get the results shown in Fig. 1(a)–(d).

kðc1 þ c2 Þc1 þ c1 x , c1 c2

qk ¼

kðc1 þ c2 Þ þ c1 x , c1 c2

k ¼ 1,2, . . . :

Then the chaotic properties of uðx,tÞ and vðx,tÞ are determined by fg and gf. If gf is chaotic, then vðx,tÞ is also chaotic. As ðfgÞk ¼ f ðgf Þk1 g, therefore uðx,tÞ is also chaotic. The same result is true for fg being chaotic. &

In the proposed algorithm, the solution of Eq. (1) is employed to achieve the goal of image encryption. Eqs. (2) and (3) are used to shuffle the position of each pixel. To apply our encryption, initially the plain image M mn is transformed into M N1 ðN ¼ mnÞ. We select two random initial values x1 , x2 in the interval (  1,1) as the secret keys and then calculate ak , bk , pk , qk as follows: ak ¼

kðc1 þ c2 Þc2 x1 : c1 c2

ð4Þ

1 0.9 0.8 0.7

x

0.6 0.5 0.4 0.3 0.2 0.1 0

0

50

100

150

200 k

250

300

350

400

7000 6000

times

5000 4000 3000 2000 1000 0

0

0.2

0.4

x

0.6

0.8

1

Fig. 2. (a) Sensitivity to initial values and (b) the distribution of x under certain system parameters in 65,536 iterations.

Y. Zhang et al. / Signal Processing: Image Communication 28 (2013) 292–300

bk ¼

kðc1 þ c2 Þ þ c2 c2 x2 : c1 c2

kðc1 þc2 Þc1 þ c1 x1 : pk ¼ c1 c2

qk ¼

kðc1 þ c2 Þ þ c1 x2 : c1 c2

ð5Þ

k ¼ bx1  oc þdx2  oe,

295

o¼

N X

MðiÞ,

ð8Þ

i¼1

ð6Þ

ð7Þ

where the key k 2 N þ is determined by x1 , x2 .

where o stands for sums of all the pixels in the plain image, and bxc, dxe denote floor and ceiling of x, respectively. It has been revealed that, in order to resist known/chosen-plaintext attacks [23,24], the keystream should vary in every encryption procedure and in different plaintexts. A simple solution is to make the keystream depends on the plaintext or ciphertext. Thus, we adopt the above method to make keystream changed in the encryption scheme. The function about t is defined as t ¼ ðax1 þ bx2 Þ mod b:

ð9Þ

where ‘mod’ is the modulus operation. (9) leads to ( ðx1 ak þ x2 bk Þ mod bk , 0 r x1 o 0:5 t1 ¼ ðx1 bk þ x2 ak þ 1 Þ mod ak þ 1 , 0:5 rx1 o1 ( t2 ¼

0 rx2 o0:5

ðx1 pk þ x2 qk Þ mod pk ,

ðx1 qk þ x2 pk þ 1 Þ mod qk þ 1 ,

0:5 r x2 o 1

ð10Þ

ð11Þ

x2 in (10) and x1 in (11) are used to improve initial value sensitivity. Based on the above basic information, we can obtain 8 1x1 > > > > jðx1 þ c1 tÞ, 0 rt1 r c1 > > >   > > c1 þc2 c2 ðx1 þc1 t1 Þ 1x1 c1 þ c2 c2 x1 > > , fc o t1 r > > > c1 c1 c2 c 1 > <   uðx1 ,t1 Þ ¼ ðfgÞk j c2 ðx1 þ c1 t 1 Þkðc1 þ c2 Þ , a ot rb > 1 k k > c2 > > >   > > ðk þ 1Þðc þc Þc ðx þ c t Þ > 1 2 2 1 1 1 > > ðfgÞk f c , > > c1 > > > : b ot ra 1 k kþ1

ð12Þ 8 x > cðx2 c2 t2 Þ, 0 r t2 r 2 > > > c2 > >   > > c1 ðc2 t2 x2 Þ x2 c 2 þ c 1 x2 > > > , gj o t2 r > < c2 c2 c1 c2   vðx2 ,t2 Þ ¼ c1 ðx2 c2 t 2 Þ þ kðc1 þ c2 Þ > k > ðgf Þ c , pk ot 2 rqk > > c1 > > >   > > c1 ðc2 t2 x2 Þkðc1 þ c2 Þ > k > > , qk o t2 r pk þ 1 : : ðgf Þ g j c2

ð13Þ After every iteration, the parameters x1 , x2 in Eqs. (12) and (13) can be mutually modified by x1 ¼ vðx2 ,t 2 Þ:

ð14Þ

x2 ¼ uðx1 ,t 1 Þ:

ð15Þ

In other words, u,v as two arrays are determined by t

uði þ 1Þ ¼ f ðuðiÞ,vðiÞÞ,vði þ1Þ ¼ g t ðuðiÞ,vðiÞÞ, t

Fig. 3. Block diagram: (a) encryption diagram and (b) decryption diagram.

ð16Þ

where i 2 1,2, . . . ,N and f ðxÞ is a compound function, which means iterating the function f ðxÞt times. We randomly shuffle the values MðiÞ and MðNi þ 1Þ by using u,v each time, which is similar to Knuth shuffling [25]. Every permutation of this process is written in the

296

Y. Zhang et al. / Signal Processing: Image Communication 28 (2013) 292–300

following form: MðiÞ3MðmodfbuðiÞ  232 c,N1g þ 1Þ MðNi þ 1Þ3MðmodfbvðiÞ  232 c,N1g þ 1Þ:

ð17Þ

Here MðaÞ3MðbÞ represents an exchange operation of two values at the ath and bth the positions of the array M. 2.3. Diffusion algorithm The reason why the chosen-plaintext/known-plaintext attacks can totally or partially break the original scheme is that the generation of the shuffling parameters depends solely on the key and has nothing to do with the pending plain image. In order to defeat these attacks, a close link between the shuffling parameters and the pending plain image must be established. We use a CML method to solve this problem. A CML with time-varying consisting of Eqs. (12) and (13) is adopted to construct the spatiotemporal chaotic system. Its mathematical representation is given by xðiÞ ¼ ðuðx1 ,t 1 ,lÞvðx2 ,t 2 ,ldði,lÞÞ þ vðx2 ,t 2 ,lÞuðx1 ,t 1 ,ldði,lÞÞ þ xðitði,lÞÞ,1Þ,

ð18Þ

where dði,lÞ, tði,lÞ is the time-varying delay, and l is a positive integer key. It should be noticed that the plainimage is only used in the permutation algorithm rather than diffusion algorithm.

One may set the initial value x0 as a constant. If i r tði,lÞ, xðitði,lÞÞ ¼ x0 . As is well known, a description of chaos is that chaotic systems exhibit a great sensitivity to initial conditions. In order to show great sensitivity to initial values of Eq. (18), the time evolutionary process of states x is given in Fig. 2(a) under x1 ¼ 0:888888888, x2 ¼ 0:666666666, l ¼ 655,335, Lena (256  256), dði,lÞ ¼ i mod 100 þ50  ð1Þl þ 100, tði,lÞ ¼ l mod i. Then, we only change the initial value of into x1 ¼ 0:888888889 differing by 109 . After 10 iterations, the states with different initial values are totally different from each other. We also calculate the correlation coefficient of these two arrays with 65,536 iterations. The correlation coefficient is 0.0002, which is sufficiently small. On the other hand, the distribution of x is calculated under the above parameters in 65,536 iterations. From Fig. 2(b), it is clear that the distribution of x is almost flat. Such flat distribution is very useful for achieving high security, as pointed out in [26]. CML in Eq. (18) is composed by a number of chaotic maps instead of one chaotic map. This property can be used to encrypt image to make the chaotic streams more complex. More detailed superiority of CML is described in [27–29] and references therein. To encrypt image, a keystream FðiÞ is generated from the CML by applying simple algebraic computations given by

FðiÞ ¼ ðxðiÞ  1010 Þ mod L,

Fig. 4. (a) Plain image (b) cipher image and (c) decrypted image.

ð19Þ

Y. Zhang et al. / Signal Processing: Image Communication 28 (2013) 292–300

297

where L is the number of possible grey levels in image pixels. The diffusion model is as follows:

(3) the parameters of dði,lÞ, tði,lÞ in Eq. (18); (4) the initial values of x0 , C 0 .

CðiÞ ¼ Cðitði,lÞÞ  Fðitði,lÞÞ  fðMðiÞ þ Fðitði,lÞÞÞ mod Lg,

If the precision is 1014 , the key space size is over than 2250 . If the confusion, diffusion rounds increase or more lattices are used in the encryption scheme, the space will increase rapidly. It seems that the size of key space compared with [30,31] is large enough to resist all kinds of brute-force attacks.

ð20Þ where MðiÞ, CðiÞ are the currently operated pixel and output pixel, respectively. Cðitði,lÞÞ is the previous cipher-pixel with time-varying delay. One may set the initial value C 0 as a constant. If ir tði,lÞ, Cðitði,lÞÞ ¼ C 0 . Here, the iterations of (18) are calculated by ciphertext l ¼ l þ mod ðcðiÞ,5Þ,

3.2. Statistical analysis

ð21Þ

where mod ðcðiÞ,5Þ is used to improve the initial-value sensitivity. For the sake of clarity, Fig. 3 shows the block diagram of encryption scheme. 2.4. Decryption algorithm

3.2.1. Histograms of encrypted image An image histogram illustrates that how pixels in an image are distributed by plotting all the pixels at each color intensity level. From Fig. 5, we can see that the histograms of the encrypted image are fairly uniform and significantly different from the histograms of the original

The decryption diffusion algorithm is defined as follows: MðiÞ ¼ ðFðitði,lÞÞ  CðiÞ Cðitði,lÞÞ þ LFðitði,lÞÞÞ mod L:

800 700

ð22Þ

600

The decryption procedure is in the same way like the encryption scheme (see Fig. 3(b)). The difference is that the confusion operation is done first and the diffusion operation is done in the second in the decryption process.

500 400 300 200

3. Security analysis

100

3.1. Key space Key space size is the total number of different keys that can be used in the encryption. A good encryption scheme should be sensitive to the secret keys, and the key space should be large enough to make brute-force attacks infeasible. From the cryptographic point of view, the size of the key space should not be smaller than 2100 to provide a high level of security [32,33]. Our cryptosystem actually have some of the following secret keys: (1) the parameter o in Eq. (8); (2) the initial values of c1 ,c2 ,x2 ,x2 and the initial functions f ðxÞ, gðxÞ, jðxÞ, cðxÞ in Eqs. (12) and (13);

0 0

50

100

0

50

100

150

200

250

200

250

600 500

Distribution

A secure encryption scheme should resist types of cryptanalysis such as statistical attacks, brute-force attacks, ciphertext only attack and known plaintext attack. In this section, the security analysis of the proposed encryption scheme by experimental tests which are performed Matlab 7. 10. 0 (R2010a) is discussed, and for comparison, we implement ‘Lena’ image (256  256 pixels) encryption schemes based on compound twodimensional chaotic function [30] and multiple chaotic systems [31]. The encryption and decryption results are given in Fig. 4 with the secret key (gðxÞ ¼ x, f ðxÞ ¼ 4xð1xÞ, cðxÞ ¼ sin x, jðxÞ ¼ x, c1 ¼ c2 ¼ 1, x1 ¼ 0:888888888, x2 ¼ 0:666666666, l ¼ 655,335, dði,lÞ ¼ i mod 100 þ50 ð1Þl þ100, tði,lÞ ¼ l mod i).

400 300 200 100 0

Gray Scale 150

Fig. 5. Histogram of: (a) plain image and (b) cipher image.

Table 1 Correlation coefficients of adjacent pixels in cipher image. Orientation

Proposed scheme

[30]

[31]

Horizontal Vertical Diagonal

 0.0019  0.0028 0.0008

0.0172 0.0099 0.0330

0.0107 0.0141 0.0097

298

Y. Zhang et al. / Signal Processing: Image Communication 28 (2013) 292–300

image and hence it does not provide any clue to employ any statistical analysis attack on the encryption image. 3.2.2. Correlation of two adjacent pixels By randomly selecting 2000 adjacent pixels, we have analyzed the correlation between two vertically, two horizontally, and diagonally adjacent pixels in Lena cipher image. The formula of correlation coefficients is given as P PN PN N N i ¼ 1 ðxi yi Þ i ¼ 1 xi i ¼ 1 yi ffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffiffi C xy ¼ r   ffi , P P PN PN 2 2 2 N N N i ¼ 1 x2i ð N i ¼ 1 xi Þ i ¼ 1 yi ð i ¼ 1 yi Þ ð23Þ where xi and yi are the values of two adjacent pixels in the image and N is the total number of pixels selected from the image for the calculation. Table 1 gives the correlations of two adjacent pixels in the cipher image, and shows that the above described image encryption scheme has better confusion and diffusion properties than other schemes.

image. Finally, the above two cipher images, encrypted by the two slightly different keys, are compared. Fig. 6(a) is the correctly encrypted image and Fig. 6(b) gives the decrypted image by correct keys. Fig. 6(c) and (d) shows how sensitive our scheme is if one parameter has been changed. From our experiment we can see that a slight fluctuation will lead to a wrong decryption.

3.3.2. Difference attacks-sensitivity for the cipher to plaintext Generally, an opponent may make a slight change of plaintext. In order to test the influence of changing a single pixel in the original image on the encrypted image byte, we have measured the number of pixels change rate by calculating the number of pixel change rate (NPCR) defined by Eq. (24) and the unified average changing intensity (UACI) defined by Eq. (25) of the two Table 2 Sensitivity for the cipher to plaintext.

3.3. Sensitivity analysis 3.3.1. Sensitivity analysis for the cipher to key The original key x1 ¼ 0:888888888 is changed into x1 ¼ 0:888888889, which is used to encrypt the same

Items

Proposed scheme

[30]

[31]

NPCR (%) UACI (%)

99.62 33.42

99.58 33.43

99.67 27.88

Fig. 6. Sensitivity analysis for the cipher to key: (a) encrypted Lena, (b) correctly decrypted Lena, (c) wrongly encrypted Lena and (d) wrongly decrypted Lena.

Y. Zhang et al. / Signal Processing: Image Communication 28 (2013) 292–300

299

Table 3 Sensitivity for the cipher to plaintext. Items

Proposed scheme

[30]

[31]

Number of primitive instructions per pixel per round Number of pixels Number of rounds Total number of primitive instructions

465 65,536 1 30,670,848

942 65,536 1 61,734,912

1337 65,536 1 87,621,632

3.5. Resistance to known and chosen-plaintext attacks

encrypted images. P

i,j Dði,jÞ

 100%:

ð24Þ

2 3 1 4X 9C 1 ði,jÞC 2 ði,jÞ95  100%, UACI ¼ m  n i,j 255

ð25Þ

NPCR ¼

mn

where m and n are the width and height of encrypted image. The NPCR measures the percentage of different pixels numbers between the two images. The UACI measures the average intensity of differences between the two images. We defined a two-dimensional array D with the same size as C 1 and C 2 . If C 1 ði,jÞ ¼ C 2 ði,jÞ, then Dði,jÞ ¼ 0, otherwise Dði,jÞ ¼ 1. The expected values for NPCR and UACI for an ideal cipher system are 99.6% and 33.4%, respectively [2]. In Table 2, the experiments results show that the NPCR and UACI performance of the proposed scheme are better than other schemes, which indicate the higher sensitivity of the cipher to plaintext.

3.4. Computational complexity analysis In [34], Zhou and Liao pointed out that it is more efficient to use the number of primitive instructions as a measure of the computational complexity of a cryptosystem and more objective as execution time of the same algorithm varies a lot with programming language, the programmer and the way to optimize the program. Nonprimitive instructions, such as multiplication/division operation, trigonometric functions and inverse trigonometric functions, consume more time than primitive ones, such as addition, XOR and memory reading/writing. For example, multiplication computing of two doubleprecision numbers costs about 64 addition and shift operations, whereas the computation of trigonometric functions and inverse trigonometric functions is more complex. The algorithm [30] requires many multiplications and inverse trigonometric functions for compound chaotic systems, and the scheme [31] is more complicated due to requiring too many trigonometric functions. In Table 3, the number of primitive instructions required by the proposed scheme and the comparative ones to encrypt a 256  256 image is listed. It is found that the number of primitive instructions per pixel per round required by the proposed algorithm is smaller than that of [30,31], which means the proposed schemes is faster than other two algorithms.

It is clear to see that, in our proposed scheme, the control parameters of the permutation are determined by both the key and the plain-image. In permutation stage, the sum of pixel value of plain image is used to determine the permutation parameters. Moreover, in the diffusion stage, the information of the cipher image is employed to change the iteration of tði,lÞ. Therefore, the attacks become ineffective on our new cryptosystem, where the control parameters of the permutation and the keystream for diffusion are both related to the plain image or cipher image. Thus, the proposed algorithm can resist the knownplaintext and the chosen-plaintext attacks efficiently. 4. Conclusions In this paper, a new scheme for image encryption based on a linear hyperbolic chaotic system of partial differential equations has been presented. The encryption scheme is related to the plain image, cipher image and chaos-controlled time-varying delay. Thus, different plain-images result in distinct control parameters and keystreams. The confusion and diffusion performance has been enhanced and the cryptosystem can resist knownplaintext, chosen-plaintext attacks, differential attacks, statistical attacks and brute-force attacks effectively. Both theoretical analysis and experimental results show that the proposed cryptosystem has a high security level.

Acknowledgments The work was funded by the Natural Science Foundation Project of CQ CSTC (grant no. 2011jjjq40001), the National Natural Science Foundation of China (Grant nos. 61070246, 61103211), the Graduate Innovation Foundation of Chongqing University (Grant no. CDJXS12180009) and the Project no. CDJZR10180003 supported by the Fundamental Research Funds for the Central Universities. References [1] H.J. Gao, Y.S. Zhang, S.Y. Liang, D.Q. Li, A new chaotic algorithm for image encryption, Chaos, Solitons & Fractals 29 (2) (2006) 393–399. [2] K.W. Wong, B.S.H. Kwok, W.S. Law, A fast image encryption scheme based on chaotic standard map, Physics Letters A 372 (15) (2008) 2645–2652. [3] D. Xiao, F.Y. Shih, Using the self-synchronizing method to improve security of the multi chaotic systems-based image encryption, Optics Communications 283 (15) (2010) 3030–3036. [4] M. Cancellaro, F. Battisti, M. Carli, G. Boato, F.D. Natale, A. Neri, A commutative digital image watermarking and encryption method

300

[5]

[6]

[7] [8]

[9] [10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]

[18]

[19]

Y. Zhang et al. / Signal Processing: Image Communication 28 (2013) 292–300

in the tree structured Haar transform domain, Signal Processing: Image Communication 26 (1) (2011) 1–12. Y.S. Zhang, D. Xiao, Double optical image encryption using discrete Chirikov standard map and chaos-based fractional random transform, Optics and Lasers in Engineering, http://dx.doi.org/10.1016/j. optlaseng.2012.11.001, in press. M. Francois, T. Grosges, D. Barchiesi, R. Erra, A new image encryption scheme based on a chaotic function, Signal Processing: Image Communication 27 (3) (2012) 249–259. C.E. Shannon, Communication theory of secrecy systems, Bell System Technical Journal 28 (4) (1949) 656–715. G.R. Chen, Y.B. Mao, C.K. Chui, A symmetric image encryption scheme based on 3D chaotic cat maps, Chaos, Solitons & Fractals 21 (3) (2004) 749–761. Z.H. Guan, F.J. Huang, W.J. Guan, Chaos-based image encryption algorithm, Physics Letters A 346 (1–3) (2005) 153–157. X.Y. Wang, L. Teng, X. Qin, A novel color image encryption algorithm based on chaos, Signal Processing 92 (4) (2012) 1101–1108. X.J. Tong, M.G. Gui, Image encryption with compound chaotic sequence cipher shifting dynamically, Image and Vision Computing 26 (6) (2008) 843–850. A.N. Pisarchika, M. Zanin, Image encryption with chaotically coupled chaotic maps, Physica D: Nonlinear Phenomena 237 (20) (2008) 2638–2648. K. Wang, W.J. Pei, L.H. Zou, A.G. Song, Z.Y. He, On the security of 3D Cat map based symmetric image encryption scheme, Physics Letters A 343 (6) (2005) 432–439. D. Xiao, X.F. Liao, P.C. Wei, Analysis and improvement of a chaosbased image encryption algorithm, Chaos, Solitons & Fractals 40 (5) (2009) 2191–2199. C.Q. Li, Y. Zhang, R. Ou, K.W. Wong, Breaking a novel color image encryption algorithm based on chaos, Nonlinear dynamics 70 (4) (2012) 2383–2388. C.Q. Li, S.J. Li, G.R. Chen, W.A. Halang, Cryptanalysis of an image encryption scheme based on a compound chaotic sequence, Image and Vision Computing 27 (8) (2009) 1035–1039. D. Arroyo, S. J Li, J.M. Amigo´c, G. Alvareza, R. Rhouma, Comment on ‘‘Image encryption with chaotically coupled chaotic maps’’, Physica D: Nonlinear Phenomena 239 (12) (2010) 1002–1006. Y. Wang, K.W. Wong, X.F. Liao, T. Xiang, G.R. Chen, A chaos-based image encryption algorithm with variable control parameters, Chaos, Solitons & Fractals 41 (4) (2009) 1773–1783. Y.L. Shu, Chaotifing a linear hyperbolic system of partial differential equations by means of nonlinear boundary reflection, Nonlinear

[20]

[21]

[22] [23]

[24]

[25] [26]

[27]

[28]

[29] [30]

[31]

[32] [33] [34]

Analysis: Theory, Methods & Applications 69 (5–6) (2008) 1768–1774. K. Konishi, H. Kokame, Time-delay-induced amplitude death in chaotic map lattices and its avoiding control, Physics Letters A 366 (6) (2007) 585–590. A.C. Mart, C. Masoller, Synchronization of globally coupled nonidentical maps with inhomogeneous delayed interactions, Physica A: Statistical Mechanics and its Applications 342 (1–2) (2004) 344–350. K. Lu, J.H. Sun, R.B. Ouyang, Chaotic Dynamics, Shanghai Translation Publication Company, 1990 (in Chinese). S.J. Li, C.Q. Li, G.R. Chen, N.G. Bourbakis, K.T. Lo, A general quantitative cryptanalysis of permutation-only multimedia ciphers against plaintext attacks, Signal Processing: Image Communication 23 (3) (2008) 212–223. C.Q. Li, K.T. Lo, Optimal quantitative cryptanalysis of permutationonly multimedia ciphers against plaintext attacks, Signal Processing 91 (4) (2011) 949–954. D.E. Knuth, The Art of Computer Programming, Fundamental Algorithms, third ed, Addison-Wesley, 1997. G. Alvarez, S.J. Li, Some basic cryptographic requirements for chaosbased cryptosystems, International Journal of Bifurcation and Chaos 16 (8) (2006) 2129–2151. A.N. Pisarschik, N.J. Flores-Carmona, M. Carpio-Valadez, Encryption and decryption of images with chaotic map lattices, Chaos 16 (3) (2006) 033118. S.G. Lian, Efficient image or video encryption based on spatiotemporal chaos system, Chaos, Solitons & Fractals 40 (5) (2009) 2509–2519. T. Xiang, K.W. Wang, X.F. Liao, Selective image encryption using a spatiotemporal chaotic system, Chaos 17 (2) (2007) 023115. X.J. Tong, M.G. Cui, Z. Wang, A new feedback image encryption scheme based on perturbation with dynamical compound chaotic sequence cipher generator, Optics Communications 282 (14) (2009) 2722–2728. X.Y. Wang, F. Chen, T. Wang, A new compound mode of confusion and diffusion for block encryption of image based on chaos, Communications in Nonlinear Science and Numerical Simulation 15 (9) (2010) 2485–2497. B. Schneier, Applied Cyptography: Protocols, Algorithms, and Source Code in C, second ed, John Wiley & Sons, New York, 1996. D.R. Stinson, Cryptography: Theory and Practice, CRC, 2007. Q. Zhou, X.F. Liao, Collision-based flexible image encryption algorithm, Journal of Systems and Software 85 (2) (2012) 400–407.