A Symmetric Key-Based Image Encryption Scheme

Abstract

In this information age, secure transmission and storage of digital image are an important requirement. Due to its better performance, symmetric key algorithms are popularly employed to provide confidentiality of digital information. In this paper, a new symmetric key-based image encryption technique has been introduced. In proposed scheme, firstly, a plain image is divided into blocks of 16 pixels and then each block is permutated by an invertible linear transformation. After that, permutated image pixel values are XOR-ed with expanded key bytes. The scheme is implemented and analyzed against statistical analysis and cryptanalysis. It is shown that proposed scheme is secure and easy for implementation.

Introduction

Cryptography is a tool to transform readable information into a meaningless one. It plays a vital role when the secure information is transmitted through a non-secure channel. This scenario makes it more complex and significant for digital image. Encryption plays an important role which makes the image meaningless to the attacker. Although there exists several well-established encryption [1, 2] techniques such as Data Encryption Standard (DES), International Data Encryption Algorithm (IDEA), RSA, and Advanced Encryption Standard (AES) but with respect to robustness and complexity, they are not suitable for image encryption.

In last few years, researchers developed several image encryption schemes. But till date, it is becoming a challenge to develop an efficient image encryption scheme due to large size, redundancy, and strong correlation between pixel values of plain image. In [3], skew tent chaotic map and permutation–diffusion architecture have been proposed. But with respect to differential cryptanalysis, it does not provide satisfactory result in round one and the paper concluded that more than two times iteration of the algorithm can resist the differential attack. Bhowmik et al. [4] developed their work with the help of genetic algorithm (GA). Here, GA has been applied to generate encryption key with the combination of well known Blowfish encryption technique. Using GA, a new approach of image encryption has been developed in [5]. Beside GA-based scheme, several researchers focused their work on AES and modified AES for image encryption [6, 7]. In [8, 9], image encryption schemes based on AES in Electronic Code Book (ECB) mode have been presented. In these schemes, two different linear operations are performed before applying AES. Most of the existing image encryption schemes either do not satisfy all cryptographic parameters or they are costly for implementation in real-time application.

In this paper, a new image encryption scheme has been introduced. The scheme consists of three parts: image permutation, key expansion, and the final one is key XOR-ing with the permutated image. The correlation between adjacent pixels of cipher image significantly reduced by the proposed scheme, and it is observed that linear transformation with optimum number of iterations makes the algorithm lighter and faster.

The rest of the paper is organized as follows. In section “Proposed Scheme,” proposed image encryption scheme is described. Section “Experimental Results” elaborately represents the experimental outcomes. In section “Security Analysis,” security analysis of the proposed scheme is discussed and finally conclusions are drawn in section “Conclusion.”

Proposed Scheme

The said scheme consists of three functional blocks: linear transformation for plain image, key expansion, and the last one is encryption by XOR operation with expanded key and outcome of the permutation block. The details of the each block are explained below.

Linear Transformation for Plain Image (LT_PI)

LT_PI is a linear transformation, and it is a \(128\times 128\) binary matrix. The matrix is a tri-diagonal matrix where upper and lower diagonal elements are all ones and main diagonal elements are as follows:

0100100010001000001011111011110101100111000000111001111001011110

0101111001011000110000001110011010111101111101000001000100010010

In LT_PI, at a time, 16 bytes data are XOR-ed with 16 bytes output of LT_PI. Then, XOR-ed output is passed through the linear transformation.

Key Expansion

In key expansion algorithm, cipher key is expanded to produce key of size equal to image size. Key is expanded by employing linear transformation for key and nonlinear mixing function Nmix.

Linear Transformation for key (LT_Key) It takes 16 bytes input (initially 16 bytes cipher key) and produces a 16 bytes output by employing the matrix \(T_{key}\) shown in Eq. 64.1(a) and the 16 bytes previously permutated output. T matrix (Eq. 64.1(b)) is a (\(8\times 8\)) binary non-singular matrix and \(T^L = I\), where I is a (\(8\times 8\)) identity matrix and \(L=255\). T matrix is as follows:

$$\begin{aligned} T_{key} = \left( {\begin{array}{*{20}c} {T^1 } &{} {T^2 } &{} {T^3 } &{} {....} &{} {T^{15} } &{} {T^{16} } \\ {T^2 } &{} {T^4 } &{} {T^6 } &{} {} &{} {T^{30} } &{} {T^{32} } \\ {T^3 } &{} {T^6 } &{} {T^9 } &{} {} &{} {T^{45} } &{} {T^{48} } \\ {...} &{} {} &{} {} &{} {} &{} {} &{} {} \\ {...} &{} {} &{} {} &{} {} &{} {} &{} {} \\ {T^{15} } &{} {T^{30} } &{} {T^{45} } &{} {} &{} {T^{225} } &{} {T^{240} } \\ {T^{16} } &{} {T^{32} } &{} {T^{48} } &{} {} &{} {T^{240} } &{} {T^1 } \\ \end{array}} \right) ..(a)\ and\ T = \left( {\begin{array}{*{20}c} 1 &{} 1 &{} 0 &{} 0 &{} 0 &{} 0 &{} 0 &{} 0 \\ 1 &{} 1 &{} 1 &{} 0 &{} 0 &{} 0 &{} 0 &{} 0 \\ 0 &{} 1 &{} 0 &{} 1 &{} 0 &{} 0 &{} 0 &{} 0 \\ 0 &{} 0 &{} 1 &{} 1 &{} 1 &{} 0 &{} 0 &{} 0 \\ 0 &{} 0 &{} 0 &{} 1 &{} 0 &{} 1 &{} 0 &{} 0 \\ 0 &{} 0 &{} 0 &{} 0 &{} 1 &{} 1 &{} 1 &{} 0 \\ 0 &{} 0 &{} 0 &{} 0 &{} 0 &{} 1 &{} 0 &{} 1 \\ 0 &{} 0 &{} 0 &{} 0 &{} 0 &{} 0 &{} 1 &{} 1 \\ \end{array}} \right) ..(b) \end{aligned}$$

(64.1)

The characteristic polynomial associated with T matrix is (T + I.x), and it is also a primitive polynomial of degree 8. Input 128-bits cipher key is first passed through LT_Key. Then, output of LT_Key is mixed with input of LT_Key using Nmix function. For even/odd key generation, Nmix is operated from left to right/right to left, respectively. After 16th iteration, 16th 128-bits key is loaded as an input of LT_Key and it repeats until it expands the key size at par with size of plain image. Process has been presented in Fig. 64.1.

Fig. 64.1

Block diagram of proposed image encryption scheme

Nmix, the nonlinear key mixing function [10], is applied here for the key expansion from the permuted keys. Two different directions of operation of Nmix in key expansion algorithm are considered here to produce odd and even 128-bit keys. For an odd set of 128 bits output (obtained from LT_Key), the Nmix operation is done from the right to left (LSB to MSB). On the other hand, in an even set of key generation, the Nmix operation is done from the left to right (MSB to LSB) direction. The detailed equations for right to left Nmix operation are expressed in Eqs. 64.2 and 64.3. Similarly, left to right operation is performed starting from MSB.

$$\begin{aligned} y_i = x_i \oplus k_i \oplus c_{i-1} \end{aligned}$$

(64.2)

$$\begin{aligned} c_i = \oplus _{{j = 0}}^{i} x_j k_j \oplus x_{{i - 1}} x_i \oplus k_{{i - 1}} k_i \end{aligned}$$

(64.3)

where X, K, and Y are n-bit variables, \(c_i\) is the carry term propagating from the ith bit position to \((i+1)\)th bit position; \(0\le i\le n-1\) and \(0\le j\le n-1\).

Encryption

Image encryption part is done by bitwise XOR operation of permutated image with expanded keys. Here, the cipher image is obtained from the XOR operation between expanded keys(K) and permuted image(P).

$$\begin{aligned} C = P\oplus K \end{aligned}$$

(64.4)

where P: permuted image, K: expanded key, C: cipher image

Decryption

Image decryption is done using following steps.

Step 1: Expand cipher key

Step 2: XOR between cipher image and expanded key

Step 3: Reverse image permutation

Experimental Results

Proposed scheme is tested by using several plain images. The plain image “Lena” and result of the permutation block are shown in Figs. 64.2(a) and 64.2(b), respectively. On the other hand, initial 128 bits key and expanded keys for encryption are shown in Figs. 64.2(c) and 64.2(d), respectively. Figure 64.3 represents the plain images and corresponding cipher images obtained by applying the proposed scheme.

Fig. 64.2

a Lena image; b Permuted Lena; c 128 bits key; d Expanded key(\(256 \times 256\))

Fig. 64.3

a Micky image; b Encrypted Micky; c Lena image; d Encrypted Lena; e Baboon image; f Encrypted Baboon

Security Analysis

In the following section, security analysis of proposed scheme is discussed.

Key Space Analysis

Key space indicates the all possible set of keys which can be used for encryption. Security level is proportional to the key space size. In proposed scheme, key length is 128 bits, i.e., the key space size is \(2^{128}\). As the key space size is larger than \(2^{104}\) [11, 12], it can be stated that the proposed scheme can prevent the brute force attack.

Statistical Analysis

Statistical analysis is absolutely necessary to verify the encryption scheme. Robustness of the algorithm and the random distribution of the cipher images can be categorized by this analysis.

Histogram Analysis An image histogram illustrates how the pixel values are distributed throughout the image. The uniform distribution of histogram indicates to have equal probability of all color intensity level which is highly required for the cipher images. Plot of histograms for “Lena” image and corresponding cipher image are shown in Figs. 64.4(a) and 64.4(b), respectively. Here, the histogram analysis is justifying the proposed scheme.

Fig. 64.4

a Histogram of Lena; b Histogram of encrypted Lena; c Correlations of two horizontally adjacent pixels of Lena; d Correlations of two horizontally adjacent pixels of encrypted Lena

Correlation Analysis Correlation analysis is used to find out the relation between two adjacent pixels of an image in all possible direction. High correlation is an intrinsic nature of general digital image. On the other hand, for an encryption scheme, it is the primary target to break the correlation between two adjacent pixels of the image. Correlation analysis has been done for plain image and cipher image produced by proposed scheme. The equation to compute correlation may be found in [3]. Comparison of correlation with other existing methods of image encryption schemes are provided in Table 64.1. Figure 64.4c, d shows the correlation of two horizontally adjacent pixels of “Lena” image and corresponding cipher image, respectively.

Table 64.1 Correlation coefficient of two adjacent pixels in the plain image and the cipher images

Entropy Analysis

Entropy is a mathematical tool which is basically used for checking the uncertainty of a signal or sequence. For an image encryption scheme having maximum values of entropy implies that it is more significant encryption. The column 5 of the Table 64.2 represents the entropy value of cipher images obtained by employing proposed scheme which is nearly closed to ideal 8-bits random sequences. Table 64.2 shows that the proposed scheme is competent enough with other existing image encryption schemes.

Table 64.2 Entropy value for the cipher images

Sensitivity Analysis

Block cipher-based cryptosystem can be analyzed by sensitivity analysis. It is a technique to check how the encryption scheme reacts with respect to one-bit change of key and/or plaintext. The number of pixels change rate (NPCR) and unified average changing intensity (UACI) [13, 14] are measured for this analysis. Mathematical expressions to compute NPCR and UACI may be found in [14].

Key Sensitivity In this test, one-bit difference between two 128 bits keys is employed for encrypting a plain image and then from the two different cipher images, NPCR and UACI values are computed and comparative study is shown in Table 64.3.

Table 64.3 NPCR and UACI of cipher images with respect to key sensitivity

Plaintext Sensitivity The sensitivity is measured by finding out the NPCR and UACI from two cipher images(using same key) obtaining from two plain images with one-bit difference. The Table 64.4 shows the result of this study.

Table 64.4 NPCR and UACI of cipher images with respect to plaintext sensitivity

From Table 64.3, it is observed that NPCR and UACI values with respect to key sensitivity are better compared to existing scheme. On the other hand, in Table 64.4 the NPCR values with respect to plaintext are slightly lesser than existing scheme in [3, 7], whereas in Table 64.4, UACI values of proposed scheme is better than existing scheme in [3, 7].

Conclusion

In this paper, a new image encryption scheme is introduced. The scheme consists of three functional blocks. In permutation step, the scheme generates same size of image from plain images using LT_PI. Next step, the key expansion module expands the key with same size of plain image using LT_Key and Nmix function. Third block performs XOR-ing of permutated image with the expanded same size key. The experimental results show that the scheme is able to break the correlation and provides the random outcome as a cipher image. Proposed scheme is able to prevent the brute force attack, statistical attack as well as differential attack.