Professional Documents
Culture Documents
Communication
Manuscript Draft
Title: A new color image encryption algorithm using one-time key and
fractional Fourier transform
Image
Communication
Zhenguo Gaoa,, Wei Zhanga , Danjie Chenb , Yunlong Zhaoc , Lihua Lianga
a College of Automation, Harbin Engineering University, Harbin 150001, China
b Collegeof Software, Beijing University of Technology, BeiJing 100024, China
c College of Computer Science and Technology, Harbin Engineering University, Harbin 150001, China
Abstract
A novel chaotic color image encryption algorithm was proposed due to the following three features: (1) large Number of Pixel
Change Rate (NPCR) and Unified Average Change Intensity (UACI); (2) robust to errors and noise attacks; (3) high efficiency and
ease of use. Introducing a one-time key mechanism based on message-digest algorithm 5 (MD5) value of the input plain image, the
algorithm is proved to be robust, resisting differential attacks. Utilizing fractional Fourier transform (FrFT), the proposed algorithm
achieves high robustness to pixel errors and noise attacks arising from the intrinsic feature of FrFT. By scrambling the image data
thoroughly and using software based on digital discrete FrFT, the algorithm develops the complex data manipulating potentials of
FrFT efficiently, and keep the size of the cipher image un-changed, thus eliminates the requirement on double storage space to store
complex values of cipher image. Experimental results show that the proposed algorithm is efficient, effective, and robust.
⃝
c 2015 Published by Elsevier Ltd.
Keywords: color image encryption, chaotic map, one-time key, message-digest algorithm 5, fractional Fourier transform
1. Introduction
Recently, there has been growing interest in image encryption. With the influx of sensitive information being
transmitted over the Internet at an increasing rate, like images, information security is becoming a serious concerns
[1]. However, because of the large quantity of data in images, image encryption should be with less complexity as
well as a satisfiable security level. Hence, traditional data encryption algorithms, such as Data Encryption Standard
(DES) and Advanced Encryption Standard (AES), are not suitable for image encryption.
By generating pseudo random sequences for facilitating the confusion and diffusion of pixel values in images,
chaotic maps provides an efficient and promising approach for image encryption [2]. Providing more information
than gray images, color images are more popular. As a consequence, color image encryption is increasingly attracting
∗ Correspondingauthor
Email address: mrhhzw@126.com/mrhhzw@gmail.com, phone:86-13115301684 (Zhenguo Gao)
1
/ Image Communication 00 (2016) 1–19 2
more research efforts in recent years [3–5, 7]. Based on the traditional approach of chaos-based image encryption,
the authors select chaotic maps in order to meet their particular requirements and adopt various detailed mechanisms
to propose enhanced algorithms. For example, in [3], the authors use the logistic map to produce several successive
sequences for scrambling rows as well as pixels in a row separately. A latter sequence is then used to alter color
channels of the image. The algorithm [4] divides the image into blocks and then using the 3-dimensional cat map
coupled with a zigzag scanning procedure to scrambling pixels. Then, a 1-dimensional chaotic skew tent map is used
in the diffusion operation. In the algorithm proposed in [5], the well known S-box function in DES is added to improve
security.
Above traditional pure (here ”pure” means not using mathematical or optical transformations) chaos-based algo-
rithms usually have relative lower NPCR and UACI performance, which imply that they are vulnerable to differential
attacks. Indeed, a method to break the algorithm in [3] has been proposed in [6]. An important approach to solve this
problem is using a one-time key mechanism which makes keys dependent on the input plain image. The algorithms
in [7, 8] follow this idea. In [8], Secure Hash Algorithm 3 (SHA-3) hash value of the plain image is used to generate
one-time keys. The algorithm proposed in [7] is a multiple-image encryption algorithm, where three images with the
same size are grouped into one virtual plain image and then encrypted normally into a virtual cipher image, which is
then divided into three parts and regarded as the corresponding cipher images. However, in encryption or decryption,
the corresponding multiple images should be at hand simultaneously, otherwise the encryption or decryption could
not be performed, even if all images except one are at hand. Therefore, such algorithms’ usability may be greatly
restricted by this stringent co-existing requirement.
The most important advantage of chaos-based algorithms is its ability to support perfect image recovery. However,
they are vulnerable to pixel errors. To be specific, one pixel error may lead to image decryption failure com-
pletely. This drawback results from its underlying operation principle, hence this problem can not be solved
unless incorporating other operation principles.
Along with the development of pure chaos based image encryption algorithms, some optical techniques have been
used for image encryption, such as fractional random transform [9], digital holography [10], Fresnel transform [13],
fractional Fourier transform [14–18], gyrator transform [19], and Hartley transform [22]. Many of these algorithms
are multiple-image encryption algorithms [9, 10, 13, 15, 19].
Compared with other transformations, fractional Fourier transform based algorithms usually achieve better diffu-
sion performance, leading to better security performance [14, 15]. The algorithm in [16] uses only the amplitude part
of complex data to convey image data to be encrypted, and two successive FrFT operations are performed in encryp-
tion. Ref. [14] extends the FrFT to a multiple fractional order version. However, these two algorithms were designed
for gray images. The algorithm in [17] operates on the hue-saturation-intensity (HSI) color model. In their algorithm,
the S channel is firstly transformed by a random-phase encoding based on FrFT to obtain a new random phase. This
random phase and the H channel are used as two phase plates to encode the I channel based on FrFT. A double-image
encryption algorithm was proposed in [18] based on iterative fractional Fourier transform, where two-coupled logistic
2
/ Image Communication 00 (2016) 1–19 3
maps are used to scramble pixels. However, by scrambling in units of rows and then in columns, the scrambling effect
is less effective. Then, two iterative FrFTs are performed on the first two channels and then followed by the third chan-
nel. The algorithm in [15] makes use of multi-channel FrFT and wavelet transform, but no scrambling operation is
performed to mix the channels. Compared with pure chaos-based algorithms, these optical algorithms are more robust
to pixel errors. However, limited by the underlying physical principles, these algorithms usually deal with color
channels in parallel instead of in thoroughly mixed mode. This fact renders the algorithms more vulnerable to
statistical attacks. Furthermore, these optical operations on real-valued plain images generate complex-valued
images, which require two times the amount of storage space to store. Additionally, optical algorithms require
optical platforms to work, which constrains their suitability in some application scenarios.
As a summary, although there have been quite a few color image encryption algorithms having specific advantages
in different aspects, no algorithms were found that jointly have the following advantages: (1) better NPCR and UACI
performance; (2) robust to pixel errors; (3)high efficiency and ease of use. In this paper, a new color image encryption
algorithm based on chaos is proposed that simultaneously has these three preferred features. (1) By introducing a
novel one-time key mechanism based on message-digest algorithm 5 value of input plain image, the algorithm is
sensitive to plain image variation and generally achieves ideal NPCR performance. Hence, it is powerful in resisting
differential attacks. (2) By utilizing FrFT, our algorithm achieves high robustness to pixel errors and noise attacks
resulted from the intrinsic feature of fractional Fourier transform. (3) By scrambling the image data thoroughly
and using software based digital discrete FrFT, the algorithm exploits the complex data manipulating ability of
FrFT efficiently and effectively, meanwhile keeping the size of the cipher image un-changed, thus eliminating the
requirement on double storage space to store complex valued cipher image. Featured by our one-time key mechanism
based on MD5 as well as FrFT, our algorithm is named as OMD5FrFT in this paper.
The core contribution of the paper is unifying the one-time key enhanced chaos-based approach and software-
based digital discrete optical technique based approach into one framework. Although this algorithm is expressed for
RGB color images here, indeed it is readily applicable or easily extendable for other color model images. Furthermore,
the underlying preliminary operations can be easily replaced with similar operations. For example, the MD5 algorithm
can be replaced with the Secure Hash Algorithm 3 (SHA-3) algorithm.
The remainder of this paper is organized as follows: Section 2 introduces the preliminary operations of our algo-
rithm. Section 3 describes firstly the encryption process of OMD5FrFT in detail, and then gives a rough description
of the decryption process. In Section 4, the effectiveness, efficiency, and main security performances of OMD5FrFT
are evaluated through numerical experiments. A conclusion remark is given in the final section.
2. Preliminary Operations
By combining some preliminary operations including the Kawakami map, a new one-time key mechanism based
on message-digest algorithm 5, image reshaping, global scrambling, complex operation, and fractional Fourier trans-
3
/ Image Communication 00 (2016) 1–19 4
form, our algorithm achieves improved security performance resulting from their particular advantages of the prelim-
inary operations.
In the proposed algorithm, the Kawakami map [23] shown in Eq.(1) is used for generating the random sequences
used for scrambling the color channels of all the pixels in plain images.
xn+1 = −axn + yn
(1)
yn+1 = xn2 − b
The Kawakami map has two parameters a and b. Following a widely adopted choice in the literature, we set a=0.1
and b=1.6 here.
There are many chaotic maps that may take this position here [26]. The simulations show that they have similar
performance. The Kawakami map is used here for its simplicity and slightly better performance.
Shannon proved that only the one-time key is theoretically unbreakable. The MD5, designed by Ron Rivest
in 1991, is a widely used cryptographic hash function producing a 128-bit (16-byte) hash value. In the proposed
algorithm, a one-time key approach based on MD5 was developed. Use the MD5 algorithm to treat the plain image P
to obtain a 128-bit value MD5(P), and then obtain four values εi , i={1, 2, 3, 4}, which will be used in the encryption
process to alter other secret keys used in the proposed algorithm.
The four values εi , i={1, 2, 3, 4}, are obtained as follows. The 128 bits of MD5(P) are grouped into eight blocks
with 16-bit length. These blocks are denoted as di , i=1, 2, . . . , 8. Then, by treating the blocks as binary values, the
four values are created with the Eq.(2), where ”⊕” represents bit-wise XOR operation, ”⌊z⌋” is the maximum integer
not bigger than z. It is obvious that ε1 ∈[0, 1), ε2 ∈[0, 1), ε3 ∈[0, 1024), and ε4 ∈[0, 4).
ε1 =(d1 ⊕d3 ⊕d5 )/216
ε2 =(d2 ⊕d4 ⊕d6 )/216
(2)
ε3 =⌊(d7 )/26 ⌋
ε4 =(d8 )/214
For a RGB color image P with pixel size M×N, it is usually expressed as a nonnegative matrix with size M×N×3.
Denote the matrix as I and its elements as Ii, j,k . Ii, j,k is the value of the k-th color channel of the pixel at i-th row and
j-th column. The i-th color channel, i=1, 2, 3, corresponds to R, G, B color channel, respectively.
4
/ Image Communication 00 (2016) 1–19 5
Image reshaping operation reshapes the matrix I into a row vector Ivec =[I1,1,R , I1,1,G , I1,1,B , I1,2,R , . . . , I M,N,B ] with
length 3MN. The operation that converts the row vector Ivec back into the M×N×3-sized matrix I is called as in-
verse image reshaping operation. Use A and B to denote the image reshaping operation and its inverse operation,
respectively. Hence, Ivec =A(P) and P=B(Ivec ).
The global scrambling operation is used to re-order a given data sequence using a chaotic sequence. The data
sequence and the chaotic sequence should be of equal length.
Let d=[d1 , d2 , . . ., dL ] be the data sequence to be treated, and let u=[u1 , u2 , . . ., uL ] be the chaotic sequence gener-
ated by a chaotic map, e.g., the Kawakami map. The detailed operation process of global scrambling is as follows.
At first, we obtain a sorted sequence ū=[ū1 , ū2 , . . ., ūL ] by sorting the elements of u in ascending order. For each
element ui in the original sequence u, denote its order in the sorted sequence ū as ti , thus ui =ūti . Then, a new
sequence t=[t1 , t2 , . . ., tL ] can be obtained by collecting all ti s in the ascending order of i. At last, we obtain the
final scrambled data sequence d̄ by re-ordering the data sequence d according to the chaotic sequence t, so that
d̄=[d̄1 , d̄2 , . . . , d̄L ]=[dt1 , dt2 , . . . , dtL ].
The combined operation of obtaining the scrambled sequence d̄ from the given data sequence d using the chaotic
sequence u is defined as global scrambling operation. Denote the global scrambling operation using the chaotic
sequence u as Cu , thus d̄=Cu (d). Similarly, denote the inverse global scrambling operation using chaotic sequence u
as Du , thus d=Du ( d̄).
The complex operation is used to construct a complex-valued output data sequence from a real-valued input data
sequence. The length of the output data sequence is half of that of the input data sequence. Hence, the length of the
input data sequence should be even. This assumption is usually true for image operation in real life.
Let d=[d1 , d2 , . . ., d2L ] be the input data sequence to be treated. We construct a L-length output data sequence
e=[e1 , e2 , . . ., eL ] as follows. At first, we partition the input data sequence d into two equal length sequences d1
and d2 , where d1 contains the first half of d, and d2 contains the last half. Then, assume that the maximum
element of d2 is dmax , we normalize sequence d2 by dividing its elements with dmax . We denote the obtained
normalized sequence as d3 . And then, we construct a complex value ei =d1 (i)ejπd3 (i) , using d1 (i) and d3 (i), which
are respectively the i-th element of d1 and d3 . Collecting all ei s, we finally obtain a complex-valued sequence
e=[e1 , e2 , . . . , eL ]=[d1 (1)ejπd3 (1) , d1 (2)ejπd3 (2) , . . ., d1 (L)ejπd3 (L) ].
The combined operation of obtaining the complex-valued sequence e from the real-valued input data sequence d
is defined as complex operation.
Since that the elements of d2 are to be used as phase components of complex values, to insure the validity of
inverse complex operation, using d3 (the normalized version of d2 ) instead of d2 directly is necessary. As a result, to
5
/ Image Communication 00 (2016) 1–19 6
enable successful decryption, dmax should be used as a dummy key for the inverse complex operation in decryption.
Hence, it should be included in the key set of our algorithm. However, different from other keys, dmax is only used
as a parameter for decryption, because that it is not suitable for providing security.
Denote the complex operation with key dmax as Edmax , thus e=Edmax (d). Similarly, denote the inverse complex
operation with key dmax as Fdmax , thus d=Fdmax (e).
The FrFT was introduced to the optical community by Ozaktas and Mendolovic in [24] as an extension to the
traditional Fourier transform (FT). Compared with traditional FT, an additional parameter α called as fractional order
is introduced in FrFT. For a one-dimensional function f (x), the mathematical definition of the FrFT transform with
fractional order α is defined as Eq.(3).
∫ +∞
Fα (u) =Fα [x] (u) = f (t)Kα (t, u) dt (3)
−∞
σ(α)e jπψ(t,u,α) , α , nπ
Kα (t, u)=
δ(t−u), α=2nπ (4)
δ(t+u), α=(2n+1)π
√
In Eq.(4), ψ (t, u, α) represents ψ (t, u, α) =t2 cot α−2ut csc α+u2 cot α, σ (α) represents σ (α) = 1−j cot α(here j is
the imaginary unit), and δ(u) represents the delta function, where δ(u) equals 1 when u=0 and equals 0 otherwise.
When α=1, the FrRT is equivalent to the ordinary FT. When α=4, the FrFT result is equivalent to the original
function. FrRT is periodic in fractional order with period equals 4. Hence, α∈[0, 4) is used in our algorithm.
In the following text, we use symbol FrFTα to denote the FrFT operation with fractional order α. The inverse of
FrFTα is equal to FrFT−α , i.e., FrFT−α (FrFTα ( f (t)))= f (t).
In the proposed algorithm, instead of performing on the plain image directly, the FrFT operation is per-
formed on a vector obtained by reshaping the plain image, hence one dimensional FrFT is used. The FrFT
transformation is numerically implemented using the discrete FrFT algorithm described in [25].
Following the traditional image encryption approach, the encryption process of our OMD5FrFT contains two
operation modes: confusion and diffusion. In the confusion mode, the Kawakami map is used for scrambling color
channels of all pixels of the plain image. In the diffusion mode, FrFT is used to achieve the robustness to pixel
errors and noise attacks. Furthermore, by combining the additional preliminary operations introduced in Section
6
/ Image Communication 00 (2016) 1–19 7
x
y
m MD5(P) x
Chaotic
ε1,ε2,ε3,ε4
y map y
x
m
P
Plain Inverse Invese
Image IIR Global IGS Complex ICO IFrFT Global Cipher
image P complex IICO IGS2 image C
P reshaping scrambling operation FrFTa scrambling image
Operation reshaping
A Cx Edmax Cy C
Fdmax B
2, including one-time key mechanism based on message-digest algorithm 5, image reshaping, global scrambling,
and complex function operation, our algorithm achieves improved security performance resulting from the particular
advantages of the preliminary operations.
For a given color plain image P with pixel size M×N, we obtain MD5(P) using the MD5 algorithm. Then, we
randomly select proper values for x0′ ∈(0, 1), y′0 ∈(0, 1), m′ ∈[0, 1024), and α′0 ∈[0, 4). Here x0′ and y′0 are used to set the
initial iteration values of the chaotic map. m′ is used to determine the number of iteration rounds of the chaotic map to
be ignored. a′0 is used to set the fractional order of the FrFT operation. The values of x0′ , y′0 , m′ , α′0 , and MD5(P) make
up the key set of our algorithm for encrypting the plain image P. The step-wise encryption process of OMD5FrFT is
shown in Fig.1.
The steps are briefly explained as follows.
• Step 1. Obtain εi ,i={1, 2, 3, 4}, from plain image P as described in Section 2.2, then determine the plain image
dependent keys using Eq.(5). Obviously, x0 ∈[0, 1), y0 ∈[0, 1), m∈[0, 1024), α0 ∈[0, 4).
x0 = (x0′ + ε1 )/2
y0 = (y′0 + ε2 )/2
(5)
m = ⌊(m′0 +ε3 )/2⌋
α0 = (α′0 +ε4 )/2
• Step 2. Set the Kawakami map’s initial iteration values to x0 and y0 . Then, iterate the chaotic system for
m+3MN times. Thus, two chaotic sequences x̂=[x1 , x2 , . . . , xm+3MN ] and ŷ=[y1 , y2 , . . . , ym+3MN ] with length
m+3MN can be obtained. Discarding the first m elements of both x̂ and ŷ to avoid possible unwanted effects,
two remaining chaotic sequences with length 3MN are obtained, denoted respectively as x and y. The two
chaotic sequences will be used respectively in the global scrambling operations in Step 4 and Step 8.
• Step 3. Perform a image reshaping operation on plain image P to obtain a real-valued data sequence IIR =A x (P)
with length 3MN.
7
/ Image Communication 00 (2016) 1–19 8
• Step 4. Perform a global scrambling operation on IIR using the chaotic sequence x, and give rise to a real-valued
data sequence IGS =C x (IIR ) with length 3MN.
• Step 5. Perform a complex operation on IGS , a complex-valued data sequence ICO =E(IGS ) with length 3MN/2
is obtained.
• Step 6. Perform a FrFT operation on ICF using fractional order α=α0 , leading to a complex-valued data sequence
IFrFT = FrFTα0 (ICO ) with length 3MN/2.
• Step 7. Perform an inverse complex operation on IFrFT to obtain a real-valued data sequence IICO =F(IFrFT ) with
length 3MN.
• Step 8. Perform a global scrambling operation on IICO using the chaotic sequence y, then obtain a real-valued
data sequence IGS2 =C y (IICO ) with length 3MN.
• Step 9. Perform an inverse image reshaping operation on IGS2 , the final color cipher image C=B(IGS2 ) with
pixel size M×N can be obtained.
In summary, our color image encryption algorithm obtains the cipher image C from the plain image P following
Eq.(6). The key set of our algorithm is {x0′ , y′0 , m′ , α′0 , dmax , MD5(P)}.
Remarks: The FrFT operation in our algorithm on color channels are quite different from existing FrFT-based
algorithms, as listed below.
• Existing algorithms usually deal with color channels in parallel [14–17], whereas our algorithm mix all the
channels thoroughly before the FrFT operation.
• Existing algorithms use two-dimensional multiple successive FrFT operations [16, 17] or iterative FrFT opera-
tions [18], whereas our algorithm only requires a single one-dimensional FrFT operation.
• In existing algorithms, not all of the two components (amplitude and phase) of complex data are conveying
image data [14–18], whereas in our algorithm, both amplitude and phase components of complex data are
conveying image data.
• In existing algorithms, size of cipher image is two times that of the plain image [14–18], whereas in our algo-
rithm, cipher image and plain image have the same size.
8
/ Image Communication 00 (2016) 1–19 9
Fig 2. Color plain image, cipher image, and their color channel images. (a)plain image P; (b)red channel image of P; (c)green channel image of P;
(d)blue channel image of P;(e)cipher image C; (f)red channel image of C; (g)green channel image of C; (h)blue channel image of C.
The decryption process of our algorithm is similar to the encryption process except that the operations are per-
formed in the reverse order. To be specific, the image decryption process of our algorithm obtains a decrypted image
P̄ from the cipher image C following Eq.(7) using the key set {x0′ , y′0 , m′ , α′0 , dmax , MD5(P)}.
4. Experimental Results
A series of numerical experiments were performed on Matlab 8.0.1 to evaluate the validity, efficiency, and security
performance of the proposed algorithm.
The widely used color Lena image with pixel size 256×256 is used as the plain image to test the effectiveness of
our algorithm. Encryption keys are set as x0′ =0.8927, y′0 =0.7035, m′ =300, α′0 =0.50. The plain image P and its color
channel images are shown in Fig.2 (a)-(d), whereas the corresponding cipher image C and its color channel images
are shown in Fig.2 (e)-(h). The results show that our algorithm effectively hides the information in the plain image,
and the three color channel images are similar.
9
/ Image Communication 00 (2016) 1–19 10
Fig 3. Key sensitivity test results. (a)decrypted image with correct keys; (b)decrypted image with xb0′ =x0′ +10−15 ; (c)decrypted image with
yb′0 =y′0 +10−15 ; (d)decrypted image with m̂′ =m′ +1; (e)decrypted image with αb′0 =α′0 +0.02; (f)decrypted image with MD5=MD5(P)+2
[ −128 .
10
/ Image Communication 00 (2016) 1–19 11
Square Error (MSE) between plain image and its corresponding decrypted image provides a quantitative measure for
key sensitivity. The MSE between two color images I1 and I2 with pixel size M×N and 3 color channels is defined as
Eq.(8), which is extended for color images from Eq.(17) in [16].
∑
[I1 (i, j, k) − I2 (i, j, k)]2
i, j,k
MSE(I1 , I2 )= (8)
M×N×3
To quantitatively inspect the key sensitivity of our algorithm, MSE(P, P̄) was tested using Lena image P as the
plain image. Here P̄ represents the decrypted images obtained using keys with different slight deviations from the
correct keys. Tests for all keys were conducted. However, only the plot of MSE for α′0 is shown in Fig.4 because of
space limitation. The test results show that our algorithm is sensitive to keys x0′ and y′0 . A slight deviation 10−15 of
the two keys make the MSE increase sharply from 0 to about 7000. Compared with other keys, our algorithm is less
sensitive to key α′0 : the deviation of α′0 should be larger than 0.004. Since m′ is an integer, the deviation of m′ can
only be integers.
7,000
6,300
5,600
4,900
4200
MSE
3500
2800
2100
1400
700
0
0.4 0.45 0.5 0.55 0.6
fractional order α used for decryption (correct α=0.5)
Fig 4. MSE(P, P̄) VS. fractional order αb′0 used for decryption (correct α′0 =0.5).
For color images with 256 gray level, the MSE should fall in the range of [0, 2552 ]=[0, 65025]. However, it should
be noted that MSE does not improve with larger size. By averaging MSEs between the Lena image and 100 randomly
generated images, we found that the ideal MSE respect to the Lena image is about 9000. Hence, we assume that,
when MSE≤9000, the larger the MSE is, the better the algorithm is. Whereas when MSE>9000, the smaller the MSE
is, the better the algorithm is. we also found that, if P is the Lena image, maxP′ (P, P′ )=32539. This maximum value is
obtained at argmaxP′ (P, P′ )=P̃ where P̃(i, j, k)=P(i, j, k) if P(i, j, k)>127 otherwise P̃(i, j, k)=255−P(i, j, k). However,
P̃ and P are visually similar and thus not a good cipher for P.
11
/ Image Communication 00 (2016) 1–19 12
∑
i, j,k I1 (i, j, k)2
SNR(I1 , I2 )= ∑ (9)
i, j,k [I1 (i, j, k) − I2 (i, j, k)]2
In order to select a suitable chaotic map for the algorithm, we calculate SNRs for our algorithms respect to dif-
ferent chaotic maps. The typical maps selected for comparison are the Logistic map, the VanderPol oscillator, the
Kawakami map, and the Complex squaring map. They are typical maps representing sets of discrete one-dimensional
real maps, continuous one-dimensional real maps, discrete two-dimensional real maps, and discrete one-dimensional
complex maps, respectively. Interested readers can refer to [26] for the definitions of the chaotic maps. We calculated
c ) for key α=α0 +0.02 using the Lena image as P. Here SNR(P, C) represents
SNR(P, C), SNR(P, P̄), and SNR(P, P̄key
the SNR between P and its corresponding cipher image; SNR(P, P̄) represents the SNR between P and the corre-
sponding decrypted image using correct keys; SNR(P, P̄key
c ) represents the SNR between P and the corresponding
c but all other keys are correct. The collected results shown in Table
decrypted image using a wrong key with value key
1 are averaged over 10 trials. The cases when the denominator of SNR(P, P̄) is zero are omitted. The results show that
the Kawakami map has slightly better performance; hence it is used in the proposed algorithm.
To evaluate the effectiveness of our algorithm, we compared the SNR results of our algorithm with the algorithms
proposed in [8, 15, 17, 18, 22]. They are good representatives of existing related algorithms. The algorithm in [8] is
a latest pure chaos based algorithm without using mathematical transformation, and it adopts the one-time key idea.
The algorithm in [22] utilizes the hartley transform and the gyrator transform. The latter three algorithms use two-
dimensional FrFTs but in slightly different ways. In [17], the HSI color model is used and the three color channels are
conveyed in two complex data in FrFT domain. The algorithm in [18] scrambles the color channels, and then performs
two FrFTs on channel pairs of three reconstructed channels. However, the scrambling there is performed in units of
rows and then in columns. Hence, the scrambling effect there is not very effective. The algorithm in [15] makes use
of multi-channel FrFT and wavelet transform, but no scrambling operation is performed to mix the channels. Some
other FrFT based algorithms [14, 16] are not included since that they are only for gray images. This set of algorithms
{OMD5FrFT,Ref.[8],Ref.[22],Ref.[17],Ref.[18], Ref.[15]} will also be used in other comparative tests in the following
12
/ Image Communication 00 (2016) 1–19 13
text.
The comparative tests on SRN performances were performed respect to the key x0′ in our algorithm, which has
correspondents in other algorithms. Please note that better SNR performance corresponds to smaller SNR(P, C) and
SNR(P, P̄key
c ), meanwhile larger SNR(P, P̄). SNR(P, P̄) is not valid for [8] since that pure chaos based algorithm
usually achieves perfect decryption P=P̄ using correct keys, thus the denominator of SNR(P, P̄) is zero. The results
are shown in Table 2. It can be seen that: (1) the pure chaos based algorithm attains highly performance; (2) the
proposed algorithm achieves performance similar to the pure chaos based algorithm; (3) FrFT based algorithms in
[15], [17], and [18], generally perform better in turn. This trend may be a consequence of the joint effect of mixing
level of the scrambling operations as well as the FrFT iterations in the algorithms; (4) the two rounds of thoroughly-
mixing global scrambling operations help our algorithm outperform the other FrFT-based algorithms; (5) the hartley
transform and gyrator transform based algorithm generally performs worst.
13
/ Image Communication 00 (2016) 1–19 14
cov (x, y)
r xy = √ √ (10)
D (x) D (y)
∑
L ∑
L ∑
L
E(x)= L1 xi , D(x)= L1 (xi −E(x))2 , cov(x, y)= L1 [(xi − E(x))(yi − E(y))] (11)
i=1 i=1 i=1
For RGB color images, the three color channel images can be catenated along the row direction and thus obtain a
gray image with pixel size M×3N. Then, pixel correlations of the new gray image can be calculated following above
the process. The obtained results are regarded as pixel correlations of the original color image.
Using Lena image as input plain image and letting L=2000, we compared the pixel correlation performances of the
selected algorithms. The results are shown in Table 3. The algorithm generally achieves the lowest correlation values,
which may mainly be because the two rounds of global scrambling operation in the encryption process. Algorithms
with better scrambling operations and more operation iterations tend to have smaller pixel correlations.
Fig 5. Results of robustness test against occlusion and noise attacks. The sub figures are indexed in the format of (char, num). Here, char={a, b}
respectively related to occlusion test and noise test; num=1 corresponds to attacked cipher images of OMD5FrFT(the cipher images of other
algorithms are omitted for space limitation); num={2, 3, 4} corresponds to OMD5FrFT, Ref.[8], and Ref.[18], respectively.
∑
D(i, j, k)
i, j,k
NPCR= (12)
M×N×3
∑
i, j,k |C(i, j, k)−C ′ (i, j, k)|
UACI= (13)
M×N×3×255
In Eq.(12) and Eq.(13), M and N are respectively the width and height of the images in unit of pixel; C and C ′ are
the two cipher images corresponding to a plain image before and after the change of one pixel; The function D(i, j, k)
is defined as follows: for each (i, j, k), if C(i, j, k)=C ′ (i, j, k), then D(i, j, k)=0, otherwise D(i, j, k)=1.
To verify the robustness against differential attack, a comparative test was conducted using the Lena image P as
the plain image. We made a copy of the Lena image and altered the value of P(128, 128, 1) from 185 to 186. The plain
image and its altered one are encrypted using selected algorithms. Then, NPCR and UACI are calculated for cipher
15
/ Image Communication 00 (2016) 1–19 16
images were generated by the algorithms. To better reveal the effect of the one-time key mechanism, the algorithm in
[3], which is a pure chaos based algorithm but without the one-time key mechanism, is also tested. Compared with
[3], the main enhancement in [8] is the inclusion of a one-time key operation. Hence, the performance differences on
the two metrics NPCR and UACI between these two algorithms can be assumed to mainly come from the one-time
key mechanism.
The final results shown in Table 4 are the average of 10 trials. By using the one-time key mechanism, the pro-
posed algorithm generally has the best performance on NPCR and UACI. The relatively larger differences on UACI
metric provide a clearer view on the performance of the algorithms. By including one-time key mechanisms, the
proposed algorithm and that in [8] outperform other algorithms. The great differences on NPCR and UACI between
the algorithms in [8] and [3] confirm that one-time key mechanism is powerful for resisting differential attacks.
5. Conclusion
A novel color image encryption algorithm based on chaotic has been presented in this paper. Using FrFT and a
novel one-time key mechanism based on the MD5 hash value, an encryption strategy for color image has also been
developed. The proposed encryption scheme has certain advantages as follows.
• Introducing a novel one-time key mechanism based on the MD5 hash value of input plain image, the proposed
algorithm is robust in resisting differential attacks.
16
/ Image Communication 00 (2016) 1–19 17
• Utilizing FrFT, the proposed strategy achieves high robustness to pixel errors and noise attacks resulted from
the intrinsic feature of FrFT.
• Scrambling the image data thoroughly and using software based on digital discrete FrFT, the proposed scheme
exploits the complex data manipulating ability of FrFT efficiently.
Thus, the proposed algorithm achieves better NPCR and UACI, high efficiency as well as ease of use.
Although this algorithm is expressed for RGB color images here, indeed it is readily applicable or easily extendable
for other color model images. Furthermore, the underlying preliminary operations can be easily replaced with similar
operations. For example, the MD5 algorithm can be replaced with the Secure Hash Algorithm 3 (SHA-3) algorithm.
Acknowledgment
This work is supported by Natural Science Foundation of China(No.61073183); Fundamental Research Funds for
the Central Universities (No.HEUCFX41311).
We are sincerely grateful to Megan McKenney and JH Wang for their helpful discussions and for polishing the
manuscript in great patience, which have improved the quality of the manuscript considerably.
References
[1] Uhl A P. Image and video encryption from digital rights management to secured personal communication, Springer, NY, USA, 2004.
[2] Behnia S, Akhshani A, Mahmodi H. A novel algorithm for image encryption based on mixture of chaotic maps. Chaos, Solitons & Fractals,
2008, 35(2): 408-419.
[3] Wang X, Teng L, Qin X. A novel colour image encryption algorithm based on chaos. Signal Processing, 2012, 92(4): 1101-1108.
[4] Ghebleh M, Kanso A, Noura H. An image encryption scheme based on irregularly decimated chaotic maps. Signal Processing Image Com-
munication, 2014, 29: 618-627.
[5] Liu H, Kadir A, Niu Y. Chaos-based color image block encryption scheme using S-box. AEU-International Journal of Electronics and
Communications, 2014, 68(7): 676-686.
[6] Li C Q, Zhang L Y, Ou R, Wong K W, Shu S. Kwok-Wo Wong, Shi Shu. Breaking a novel color image encryption algorithm based on chaos.
Nonlinear Dynamics, 2012, 70(4): 2383-2388.
[7] Liu H, Wang X. Triple-image encryption scheme based on one-time key stream generated by chaos and plain images. Journal of Systems &
Software, 2013, 86(3): 826-834.
[8] Dong C. Color image encryption using one-time keys and coupled chaotic systems. Signal Processing Image Communication, 2014, 29(5):
628-640.
[9] Zhang Y, Xiao D. Double optical image encryption using discrete Chirikov standard map and chaos-based fractional random transform.
Optics & Lasers in Engineering, 2013, 51(4): 472-480.
[10] Shi X, Zhao D, Huang Y. Double images hiding by using joint transform correlator architecture adopting two-step phase-shifting digital
holography. Optics Communications, 2013, 297(12): 32-37.
[11] Alfalou A, Brosseau C. Implementing compression and encryption of phase-shifting digital holograms for three-dimensional object recon-
struction. Optics Communications, 2013: 67-72.
[12] Wang Q, Guo Q, Lei L. Single-beam image encryption using spatially separated ciphertexts based on interference principle in the Fresnel
domain. Optics Communications, 2014, 333: 151-158.
17
/ Image Communication 00 (2016) 1–19 18
[13] Wang Y, Quan C, Tay C J. Nonlinear multiple-image encryption based on mixture retrieval algorithm in Fresnel domain. Optics Communi-
cations, 2014, 330: 91-98.
[14] Ran Q, Zhao T, Yuan L. Vector power multiple-parameter fractional Fourier transform of image encryption algorithm. Optics & Lasers in
Engineering, 2014, 62(6): 80-86.
[15] Kong D, Shen X. Multiple-image encryption based on optical wavelet transform and multichannel fractional Fourier transform. Optics &
Laser Technology, 2014, 57(4): 343-349.
[16] Singh N, Sinha A. Optical image encryption using fractional Fourier transform and chaos. Optics & Lasers in Engineering, 2008, 46(2):
117-123.
[17] Zhou N R, Wang Y X, Gong L H, He H, Wu J H. Novel single-channel color image encryption algorithm based on chaos and fractional
Fourier transform. Optics Communications 2011, 284(12): 2789-2796.
[18] Sui L S, Gao B. Single-channel color image encryption based on iterative fractional Fourier transform and chaos. Optics & Laser Technology,
2013, 48: 117-127.
[19] Wang Q, Guo Q, Lei L. Multiple-image encryption system using cascaded phase mask encoding and a modified Gerchberg-Saxton algorithm
in gyrator domain. Optics Communications, 2014, 320(2): 12-21.
[20] Abuturab M R. Securing color information using Arnold transform in gyrator transform domain. Optics & Lasers in Engineering, 2012, 50:
772-779.
[21] Abuturab M R. Noise-free recovery of color information using a joint-extended gyrator transform correlator. Optics & Lasers in Engineering,
2013, 51: 230-239.
[22] Abuturab M R. Color image security system based on discrete Hartley transform in gyrator transform domain. Optics & Lasers in Engineering,
2013, 51(3): 317-324.
[23] Kawakami H, Kobayashi K. Computer experiments on chaotic solutions of x(t+2)−ax(t+1)−x2 (t)=b. Bulletin of the Faculty of Engineering,
Tokushima University. 1979.
[24] Mendlovic D, Ozaktas H M. Fractional fourier-fransforms and their optical implementation. Journal of the Optical Society of America A,
1993,10(9): 1875-1881.
[25] Pei S C, Yeh M H, Tseng C C. Discrete fractional Fourier-transform based on orthogonal projections. IEEE Transactions on Signal Processing,
1999, 47(5): 1335-1348.
[26] Wikipedia. List of chaotic maps. https://en.wikipedia.org/wiki/List of chaotic maps. [2015-08-15].
Zhenguo Gao, Ph.D. He is now a Professor in College of Automation, Harbin Engineering University, Harbin,
China. He had been a visiting scholar in University of Illinois at Urbana-Champaign and University of Michigan in
2010 and 2011. He is a senior member of China Computer Federation. He received National Science Foundation
Career Award of China in 2007 and Outstanding Junior Faculty Award of Harbin Engineering University in 2008.
He is serving as a reviewer for some refereed Journals including IEEE/ACM Transactions on Networking, IEEE
Transactions on Mobile Computing, Wireless Networks and Mobile Computing, Journal of Electronics, Journal of
Astronautics.
Wei Zhang, received the B.E.degree in control science and engineering from the school of Astronautics, Harbin
Institute of Technology (HIT), Harbin, China, in 2008 and the M.E. degree in control engineering from the school
of Automation, Harbin Engineering University (HEU), Harbin, China, in 2013. He is currently working toward the
Ph.D. degree at HIT, Harbin, China.His interests are image processing, automation control and power electronics for
renewable systems.
18
/ Image Communication 00 (2016) 1–19 19
Danjie Chen, is now a postgraduate student pursing for her Master degree in College of Software in Beijing
University of Technology. Her main research interests include cooperative communication, cognitive radio networks.
Yunlong Zhao, Ph.D. He is now a Professor in College of Computer Science and Technology, Harbin Engineering
University, Harbin, China. His main research interests include wireless communications, image processing.
Lihua Liang, Ph.D. He is now a Professor in College of Automation, Harbin Engineering University, Harbin,
China. His main research interests include signal processing, control methods.
19