Pseudo-random sequence generator based on the generalized Henon map

The Journal of China Universities of Posts and Telecommunications September 2008, 15(3): 64–68 www.buptjournal.cn/xben

Pseudo-random sequence generator based on the generalized Henon map ZHENG Fan, TIAN Xiao-jian, SONG Jing-yi, LI Xue-yan College of Electronic Science and Engineering, Jilin University, Changchun 130012, China

Abstract

By analysis and comparison of several chaotic systems that are applied to generate pseudo-random sequence, the generalized Henon map is proposed as a pseudo-random sequence generator. A new algorithm is created to solve the problem of non-uniform distribution of the sequence generated by the generalized Henon map. First, move the decimal point of elements in the sequence to the right; then, cut off the integer; and finally, quantify it into a binary sequence. Statistical test, security analysis, and the application of image encryption have strongly supported the good random statistical characteristics, high linear complexity, large key space, and great sensitivity of the binary sequence. Keywords pseudo-random sequence, chaos, the generalized Henon map

1

Introduction

The extremely rapid development of the internet brings more and more attention to the information security techniques, such as text encryption, image encryption, video encryption, etc. As a result, highly qualified random sequences, as an inseparable part of encryption techniques, are urgently. There are two kinds of random sequences: real random sequences generated by physical methods and pseudo-random sequences generated by algorithm simulations, which are in accordance with some kind of probability distributions. However, the constructions of the real random sequences are usually poor in speed and efficiency, and require considerably more storage space as well, and these defects restrict the usage in modern cryptography. Pseudorandom sequences are usually generated by prescriptive processes or methods, and have similar characteristics with the white noise. Since pseudo-random sequences are easy to be generated, processed, and regenerated, they are widely used in various fields such as cryptography, communications, testing, aerospace, automation, etc. [1–12]. Most existing methods for generating the pseudo-random sequences are based on the mid-square method, the linear congruential method, linear and nonlinear feedback shift registers, etc. [13]. In recent years, several researchers have applied chaotic systems in the generation of pseudo-random sequences and been successful [4–6]. Chaotic sequence has very good pseudo-random characteristics and ergodicity. It is extremely sensitive to the Received date: 27-10-2007 Corresponding author: ZHENG Fan, E-mail: [email protected]

initial states: even a minute difference in the initial values of two similar chaotic systems can cause a significant difference in their tracks in a very short time. Therefore, chaotic sequence well fits the requirements of pseudo-random sequence. When the chaotic system has no less than 2 positive Lyapunov exponents, it is called hyper-chaos. Since high-dimensional hyper-chaotic system is more complex and unpredictable, it is more suitable to be a pseudo-random sequences generator. In this article, a pseudo-random binary sequence is generated by the high-dimensional generalized Henon hyper-chaotic system. Statistical testing and security analysis verify that it has good pseudo-random characteristics and is highly capable to withstand attacks.

2

The generalized Henon map

The chaotic systems used for information security can be classified into two categories: one-dimensional Logistic map and three-dimensional Lorenz system. These are all excellent models that bear all the classical chaotic characteristics, yet, they have their own disadvantages. Low-dimensional chaotic system is easy to be cracked [7, 8]; therefore, it will require two or more low-dimensional maps to work simultaneously [5, 9], or to merge with other chaotic systems to form a composite one [6, 10]. Three-dimensional Lorenz system is a continuous dynamic system [11], and therefore, a fixed step numerical integration method is needed to solve differential equations; however, this process will lead to the dynamic behaviors of the chaotic system degradation. Therefore, the ideal way to generate pseudo-random sequences is to use a

Issue 3

ZHENG Fan, et al. / Pseudo-random sequence generator based on the generalized Henon map

discrete-time high-dimensional chaotic system. The generalized Henon map is designed by Richter in Ref. [14], and it can be elaborated as follows: ª x1 ( j  1) º ª a  xw 1 ( j ) 2  bxw ( j ) º (1) » « x ( j  1) » « xi 1 ( j ) ¬ i ¼ ¬ ¼

where, i

2, 3,..., w, a ! 0, b ! 0 and x  \ w ; w refers

to the dimension, and a and b refer to the control parameters. When w = 2, the system becomes the famous Henon map [15]. Reference [14] has specifically calculated the Lyapunov exponents in fixed parameters a = 1.76, b = 0.1. Suppose L is the number of positive Lyapunov exponent; when w changes from 2 to 10, L w  1 . In other words, when w ! 2 , the system is hyper-chaos.

3

The generation of pseudo-random sequence

By analyzing the sequences generated by the generalized Henon map, the authors have realized that the randomicity of the sequence is not very ideal. In Eq. (1), set w = 4, then the 4-dimensional chaotic system is created. Set all four initial values at 0.1 and the control parameters at a = 1.76, b = 0.1. Iterate the generalized Henon map 50 000 times. Use elements between 5 000 and 45 000 in the generated sequence to form sequence X. The histogram of X (Fig.1(a)) illustrates that the sequence generated directly by the generalized Henon map does not fit the uniform distribution. Therefore, effective changes should be made to enhance the random statistical properties.

65

Based on a large number of experiments, the authors propose the following method to improve the chaotic sequence of the generalized Henon map: move the decimal point k b to the right, cut off the integer. The procedure (Eq. (2)) is shown below: X i 10k X i  fix(10k X i ) (2)

where, fix(˜) rounds the elements toward zero. Suppose the greatest accuracy is 10 r ; then, the value space of the elements in the improved sequence is 10r  k . According to Eq. (2), right shift the elements in the sequence by k b, and then map them to the range [0, 1]. Sequence analysis shows that the randomness is not salient when k<2; when k is extremely close to r, the values of the sequence tend to be constants (for example, 0, 0.25, 0.5, 0.75, 1, etc.); finally when k = r, all values change to 0. Therefore, it is wise to set the value of k as integer between 2 and r  log10 l ( X ) , where, l (˜) expresses the length of the sequence. Set k = 3; the mean

and the variance of the improved sequence are 0.500 4 and 0.082 8 respectively, which are close to the ideal values 0.5 and 0.083 3. Figure 1(b) depicts the histogram of the improved sequence. Comparison of the two diagrams shows that the uniform distribution characteristic of the new chaotic sequence is significantly improved. Following Eq. (3), the improved sequence is transformed into binary. X i İf median ( X ) ­0; (3) Bi ® X i ! f median ( X ) ¯1; where, f median ( X ) is the median of X (in statistics) .

(a) Histogram of the original chaotic sequence

Consider an n b binary sequence B; and A refers to B when it is right shifted by d b. Let D be the number of bit-by-bit disagreements between B and A. Then, D is defined as: ­ n  d 1 ° ¦ Bi † Bi  d ; dı0 ° 0 D ® n  d 1 (4) ° B B ; d 0 †  i i d °¯ ¦ 0 The auto-correlation function is defined as: n | d | 2 D C (5) n | d |

The auto-correlation function of the above 40 000 b binary sequence is shown in Fig. 2. In this figure, it can be seen that the auto-correlation is a more ideal į-like function.

(b) Histogram of the improved chaotic sequence Fig. 1 Histograms of chaotic sequences

66

The Journal of China Universities of Posts and Telecommunications

2008

4.4 Runs test Let y be the number of runs. The mean value: 2n0 n1 1 E n0  n1

Fig. 2 Auto-correlation function

4

Statistical test

The following measures must be selected to test the random statistical characteristics of the binary sequence. 4.1 Frequency test Let the length of the binary sequence be n. The number of 0s are n0 and the number of 1s are n1 and n0  n1 n .

F

2

2 2 n0  n1 · § n0  n1 · °½ 2 °­§ ®¨ n0  ¸  ¨ n1  ¸ ¾ n0  n1 ¯°© 2 ¹ © 2 ¹ ¿°

The variance value: 2n0 n1 (2n0 n1  n0  n1 ) V ( n0  n1 ) 2 ( n0  n1  1)

(10)

The statistic value: yE Z V When |Z| < 1.96, it passes the runs test.

(11)

4.5 Results of tests Table 1 indicates the pseudo-random performance of the 4 tests of 4 binary sequences at 5% significant level. T refers to the threshold. The results indicate that the sequences have very good statistical characteristics. Table 1 Pseudo-random performance

(6) 10 000 b 20 000 b 30 000 b 40 000 b T

The degree of freedom (DOF) is 1. When F 2 < 3.841 5, it passes the frequency test. 4.2

Serial test

0, 1) counts the times when i is followed by j,

ni , j ( i, j

and it is expected that n00

F2

1

n01

1

4 n 1· § ¦¦ ¨ ni , j  4 ¸¹ n 1 i 0 j 0 ©

n10

n11

n 4. (7)

Poker test

m

n /( m2 ) . m2m n

2m 1

§

¦ ¨© p i 0

i



n · ¸ m2m ¹

Serial test 2.16 0.40 0.22 0.93 5.99

m=2 0.01 0.58 1.42 0.45 7.81

Poker test m=3 m=4 5.35 18.71 7.70 9.78 11.21 7.73 7.42 6.11 14.07 26.00

Runs test 1.46 0.62 0.46 0.62 1.96

Security analysis

5.1 Key space

Pick m b each time, m  n , and then divide the sequence to n / m groups. The m length binary sequence has 2m conditions. Suppose there are altogether s conditions in all groups of sequences, sİ2m . Let pi count the times of condition i, i  [1, s ] ; it is expected that each condition is

F2

5

Frequency test 0.00 0.00 0.00 0.00 3.84

2

The DOF is 2. When F 2 < 5.991 5, it passes the serial test. 4.3

(9)

2

The DOF is 2m  1 . For example, if m when F 2 < 14.067 1, it passes the poker test.

(8) 3, 23  1 7;

Let the greatest accuracy be 10 r . The w dimensional generalized Henon map has w initial values and 2 control parameters. Consider the initial values alone; the key space size is close to 10wr. When r = 16 and w = 4, the key space size is equal to 1064 § 2210. Now, take the impact of control parameters into account; the key space size can be even larger, large enough to withstand attacks. 5.2

Key sensitivity

Chaotic sequence is greatly sensitive to the initial values. In the simulation experiments, the authors first change one or several initial values of the chaotic systems slightly to create new binary sequence. Suppose H is the number of differences between the new sequence and the primary one by each bit. Suppose n is the length of the sequence. Then, calculate the variance ratio P, P = H / n. The results are shown in Table 2. ' i (i = 1, 2, 3, 4) refers

Issue 3

ZHENG Fan, et al. / Pseudo-random sequence generator based on the generalized Henon map

to the change of each initial value. Based on this, it can be seen that the variance ratios approach 50%, which indicates that the system is extremely sensitive to the initial conditions. Table 2 Sensitivity analysis '2

'3

'4

P/%

0

0

0

49.68

1014

1014

0

0

49.96

14

14

0

50.60

1014

50.78

'1 10 10

14

1014

5.3

10

1014

10

14

1014

Linear complexity properties

The Berlekamp-Massey algorithm has been selected to calculate the linear complexity of a sample sequence of 2 000 b [16]. In Fig. 3, the linear complexity curve is close to the ideal Ci i 2 line, which indicates that the sequence has high linear complexity.

Fig. 3

6

Linear complexity

67

form the upper half and lower half of I . Repeat Step 4 once. Step 7 Divide the matrix into four parts uniformly. Perform the same process as Step 4 between the two parts in the main diagonal and between the other two parts, respectively, to form the left half and the right half of I . Repeat Step 5 once. The original image and the encrypted image are shown in Figs. 4(a) and 4(b). Figures 5(a) and 5(b) depict the histograms. It can be seen that the distribution of the encrypted image is very close to the uniform distribution, which can well protect the information of the image to withstand the statistical attack. We change the first initial value to 0.1  1014 ; then, the new encrypted image is shown in Fig. 4(c). Figure 4(d) is the difference of these two encrypted images. In the experiments, the keys that are only slightly different from the original one have all failed to decrypt the encrypted image, which indicates that this algorithm is extremely sensitive to the secret key. As the method in Ref. [12], randomly select 2 000 pairs of the original image and the encrypted image to test the correlation between the two horizontally adjacent pixels, the vertically adjacent pixels, and the diagonally adjacent pixels. Figure 6 shows the correlation distribution of the two horizontally adjacent pixels in the original image and that in the encrypted image. The correlation coefficients of the horizontal, vertical, and diagonal directions of the two images are shown in Table 3. It can be seen that the correlation property of the original image is very high but that in the encrypted image is extremely low, which can be ignored. Therefore, the proposed pseudo-random sequence can be successfully used in image encryption.

Application of the sequence

An algorithm has been created to encrypt the digital image using the pseudo-random sequence, which is generated by the generalized Henon map. Suppose the size of the image is M u N . The steps of the encryption are shown below: Step 1 Generate 8 u M u N pseudo-random sequence using the above method. Step 2 Transform the image into 8 u M u N binary sequence. Step 3 Perform the XOR operation between the image sequence and the pseudo-random sequence to form the temporary sequence. Then, transform the temporary sequence into image matrix I . Step 4 Set each row of the lower half to be the odd row of I and each row of the upper half to be the even row in order. Step 5 Set each column of the right half to be the odd column of I and each column of the left half to be the even column in order. Step 6 Divide the matrix into four parts uniformly. Perform the same process as Step 5 between the two parts in the main diagonal and between the other two parts, respectively, to

(a) Original image

(b) Encrypted image

(c) Encrypted image (d) Difference image of two with different key encrypted images Fig. 4 Images of test results

68

The Journal of China Universities of Posts and Telecommunications

(a) Histogram of the original image

2008

a pseudo-random sequence generator. To improve the pseudo-random characteristics of the sequence to better fit uniform distribution, the authors managed to construct a novel model, and then quantize the improved sequence into binary. This binary sequence has good randomicity, which is proved by statistical test. Security analysis testified the key’s high sensitivity to the initial value, as well as its large space size and high linear complexity. Therefore, the proposed system is suitable to generate pseudo-random sequence. Acknowledgements This work is supported by the National Natural Science Foundation of China (60372061).

References

(b) Histogram of the encrypted image Fig. 5 Histograms of images

(a) Correlation distribution of the original image

(b) Correlation distribution of the encrypted image Fig. 6 Correlation distributions of two horizontally adjacent pixels in the original image and the encrypted image Table 3 Correlation coefficients of two adjacent pixels in the original image and the encrypted image Direction Horizontal Vertical Diagonal

7

Original image 0.924 0 0.960 6 0.936 5

Encrypted image  0.004 4 0.012 1  0.009 8

Conclusions In this article, the generalized Henon map was proposed as

1. Fan W H, Tian X J, Chen J F, et al. Dynamics of erbium-doped fibre laser with optical delay feedback and chaotic synchronization. Chinese Physics, 2007, 16(10): 2908–2912 2. Zhou P. Chaos synchronization on parameters adaptive control for Chen chaotic system. The Journal of China Universities of Posts and Telecommunications, 2003, 10(3): 91–94 3. Zhang J S, Wang X M, Zhang W F. Chaotic keyed Hash function based on feedforward-feedback nonlinear digital filter. Physics Letters A, 2007, 362(5–6): 439–448 4. Chen S, Zhong X X. Chaotic block iterating method for pseudo-random sequence generator. The Journal of China Universities of Posts and Telecommunications, 2007, 14(1): 45–48 5. Li S J, Mou X Q, Cai Y L. Pseudo-random bit generator based on couple chaotic systems and its applications in stream-cipher cryptography. Proceedings of 2nd International Conference on Cryptology, Dec 16–20, 2001, Berlin, Germany: Springer, 2001, 316–329 6. Li C Q, Li S J, Alvarez G, et al. Cryptanalysis of two chaotic encryption schemes based on circular bit shift and XOR operations. Physics Letters A , 2007, 369: 23–30 7. Short K. Steps toward unmasking secure communications. International Journal of Bifurcation and Chaos, 1994, 4(4): 959–977 8. Short K. Unmasking a modulated chaotic communications scheme. International Journal of Bifurcation and Chaos, 1996, 6(2): 367–375 9. Pareek N, Patidar V, Sud K. Image encryption using chaotic logistic map. Image and Vision Computing, 2006, 24(9): 926–934 10. Zhang W, Peng J, Yang H Q, et al. A digital image encryption scheme based on the hybrid of cellular neural network and logistic map. Proceedings of 2nd International Symposium on Neural Networks: Advances in Neural Networks, May 30–Jun 1, 2005, Chongqing, China. Berlin, Germany: Springer, 2005, 860–867 11. Wang Y, Zheng D L, Ju L. Digital image encryption algorithm based on three-dimension Lorenz chaos system. Journal of University of Science and Technology Beijing, 2004, 26(6): 678–682 (in Chinese) 12. Chen G R, Mao Y B, Chui C K. A symmetric image encryption scheme based on 3D chaotic cat maps. Chaos, Solitons and Fractals, 2004, 21(3): 749–761 13. Menezes A, Oorschot P, Vanstone S. Handbook of applied cryptography. New York, NY, USA: CRC Press, 1996: 169–203 14. Richter H. The generalized Henon maps: examples for higherdimensional Chaos. International Journal of Bifurcation and Chaos, 2002, 12(6): 1371–1381 15. Henon M. A two dimensional mapping with a strange attractor. Communications in Mathematical Physics, 1976, 50(1): 69–77 16. Rueppel R. Linear complexity and random sequences. Proceedings of a Workshop on the Theory and Application of Cryptographic Techniques (EUROCRYPT’85), Apr 9–11, 1985, Linz, Austria. Berlin, Germany: Springer, 1986, 167–188