Security analysis and improvement of a partial encryption scheme

Abstract

This paper proposes to cryptanalyze a partial image encryption scheme. Security weaknesses were found in the cryptosystem consisting in the generation of the keystream. We then propose a modified version of the partial encryption scheme to enhance its security together with keeping the benefit of encrypting a reduced amount of data. Our contributions can be resumed in two points : we will first show the insecurity of the cryptosystem under study then we will propose a remedy to resist the described attacks.

Appendix

We give here the definition and equations of the correlation coefficient of an image as well as the NPCR and UACI quantities.

1. 1.

   Calculus of the Correlation Coefficient: It is well known that adjacent image pixels are highly correlated either in horizontal, vertical or diagonal directions. Such high correlation property can be quantified by means of correlation coefficients which are given by:

   $$ r=\frac{cov(p,q)}{\sqrt{D(p)}\sqrt{D(q)}} $$

   (19)

   where,

   $$D(p)= \frac{1}{S} \sum_{i=1}^{S}(p_i- \bar{p})^{2}$$
   $$cov(p,q)=\frac{1}{S} \sum_{i=1}^{S}(p_i- \bar{p})(q_i- \bar{q})$$

   \(q_{i}\) and \(p_{i}\) denote two adjacent pixels (either horizontal or vertical). S is the total number of duplets \((p_{i},q_i)\) obtained from the image; \(\bar {p}\) and \(\bar {q}\) are the mean values of \(p_{i}\) and \(q_{i}\), respectively.

2. 2.

   Calculus of the NPCR and UACI: As a general requirement for all the image encryption schemes, the encrypted image should be greatly different from its original form. Such difference can be measured by means of two criteria namely, the NPCR (Number of Pixel Change Rate) and the UACI (Unified Average Changing Intensity). The NPCR is used to measure the number of pixels in difference between two images. Let \(S(i,j)\) and \(S'(i,j)\) be the \((i,j)^{th}\) pixel of two images S and \(S'\), respectively. The NPCR can be defined as:

   $$ NPCR=\frac{\sum_{i,j}D(i,j)}{L} \times 100~\% $$

   (20)

   where L is the total number of pixels in the image and \(D(i,j)\) is defined as:

   $$ D(i,j)=\left\{ {\begin{aligned} 0 \,\, if \,\, S(i,j)=S'(i,j) \\ 1 \,\, if \,\, S(i,j) \neq S'(i,j) \\ \end{aligned}} \right. $$

   (21)

   where \(S(i,j)\) and \(S'(i,j)\) are the pixel values of the two images, respectively. For instance, for two random images with \(256 \times 256\) pixels:

   $$NPCR=99.609375~\%.$$

   The second criterion, UACI, is used to measure the average intensity difference and can be defined as:

   $$ UACI=\frac{1}{L}\left( \sum_{i,j} \frac {|S(i,j)-S'(i,j)|}{2^{B}-1}\right)\times 100~\% $$

   (22)

   Where B is the number of bits used to represent a grey scale pixel value. In the case of two random images, the expected value of UACI is:

   $$UACI= 33.46354~\% $$