Zynq芯片的三维视频混沌保密通信系统设计

本文基于具有FPGA+ARM架构的Zynq芯片,提出了一种新的实时视频混沌保密通信系统的设计方案.阐述了一种三维视频混沌加密算法的原理并且加以应用,详细介绍了系统设计方法和软硬件实现过程.利用Zynq的FPGA资源实现视频的采集和显示,ARM处理器实现混沌加密与解密和网络收发功能.最终在局域网内实现了视频的实时采集加密和自同步解密,获得了良好的安全性和实时性,为混沌保密通信的应用提供了新方向.     

Generation of grid multi-wing chaotic attractors and its application in video secure communication system

In order to study the application of chaos in video image encryption, a real-time video secure communication system based on a new grid multi-wing chaotic system is proposed in this paper. First, by introducing sawtooth wave functions to the Lorenz system, a new grid multi-wing butterfly chaotic system with complicated dynamical behaviors is obtained. Compared with the existing multi-scroll and multi-wing chaotic systems, The system structure is simple and more easier to be implemented in a digital system. Then, a chaos-based pseudorandom random number generator is developed by implementing post-processing procedure. The present video secure communication system is designed with the closed-loop feedback scheme. The corresponding hardware implementation is developed by FPGA platforms, and the experimental results are given to verify its feasibility. Furthermore, a series of widely used secure analyses are applied to prove that the system has good security performance.

     

A novel image cipher based on mixed transformed logistic maps

In this paper, a novel secure cryptosystem is proposed for direct encryption of color images, based on transformed logistic maps. The proposed cipher provides good confusion and diffusion properties that ensures extremely high security due to the mixing of colors pixels. The encryption scheme makes use of six odd secret keys and chaotic keys for each operation. The operations include initial permutation of all pixels with six odd keys, nonlinear diffusion using first chaotic key, xoring the second chaotic key with resultant values and zig-zag diffusion with third chaotic key. The proposed scheme supports key sizes ranging from 192 to 400 bits. The security and performance of the proposed image encryption technique have been analysed thoroughly using statistical analysis, key sensitivity analysis, differential analysis, key space analysis, entropy analysis and performance analysis. Results of the various types of analyses are showing that the proposed image encryption technique is more secure and fast and hence suitable for the real-time applications.     

M-TREE: A high efficiency security architecture for protecting integrity and privacy of software

Secure processor architectures enable new sets of applications such as commercial grid computing, software copy protection and secure mobile agents by providing secure computing environments that are immune to both physical and software attacks. Despite a number of secure processor designs have been proposed, they typically made trade-offs between security and efficiency. This article proposes a new secure processor architecture called M-TREE, which offers a significant performance gain while without compromising security. The M-TREE architecture uses a novel hierarchical Message Authentication Code Tree (MACTree) for protecting applications’ integrity at a minimal performance overhead. M-TREE also introduces a new one-time-pad class encryption mechanism that accelerates security computation over the existing block cipher-based schemes with high security guarantee. Based on the results of our performance simulations the performance overhead of the M-TREE integrity check mechanism is as small as 14% in the worst case, a substantial improvement over the 60% slowdown reported by previously proposed techniques. Meanwhile, the overhead of M-TREE encryption scheme is approximately 30%, compared to 50% of using block cipher encryption. In overall, our M-TREE architecture can provide a tamper-resistant and tamper-evident computing environment with low-performance impact, thereby offering a transparent and practical security computing platform.     

轻量级安全内存：RISC-V嵌入式微处理器安全增强

近年来,针对嵌入式设备中硬件的新型攻击不断出现,严重威胁嵌入式设备的安全.特别是随着非易失性存储器开始被配备到嵌入式设备中,就需要考虑如何保护配备非易失性存储器的嵌入式设备的安全.安全内存,就是这样一种通过保护内存来增强嵌入式设备安全性的有效手段.通过设计一种安全内存加密引擎来实现安全内存.在保证该安全内存加密引擎足够轻量、开销低的同时,将其集成到RISC-V嵌入式微处理器中,并通过FPGA对该安全内存加密引擎进行了评估.评估结果表明,安全内存加密引擎能够在提升RISC-V嵌入式微处理器安全性的同时,保证其合理的访存性能以及较小的面积开销.研究结果具有良好的参考价值和应用前景.     

在线混沌图像保密通信研究

本文利用像素值替代和图像位置置乱相结合的方法进行图像信息的加解密,设计并实现了一个网络在线混沌图像保密通信系统,具有保密性和实时性。系统采用Lorenz和Logistic混沌系统,通过密钥同步方案,信息被实时加密后经TCP协议传输;由于混沌映射的初值敏感性和伪随机特性,传输的信息很难被破译,具有较强的保密性。本文对系统的实现方法进行了研究,通信结果表明该系统具有较好的保密性和实用性。     

Construction of a key-dependent message secure symmetric encryption scheme in the ideal cipher model

Key-dependent message (KDM) security is an important security issue that has attracted much research in recent years. In this paper, we present a new construction of the symmetric encryption scheme in the the ideal cipher model (ICM); we prove that our scheme is KDM secure against active attacks with respect to arbitrary polynomialtime challenge functions. Our main idea is to introduce a universal hash function (UHF) h as a random value for each encryption, and then use s = h(sk) as the key of the ideal cipher F, where sk is the private key of our symmetric encryption scheme. Although many other schemes that are secure against KDM attacks have already been proposed, in both the ideal standard models, the much more significance of our paper is the simplicity in which we implement KDM security against active attacks.     

Implementation of an improved chaotic encryption algorithm for real-time embedded systems by using a 32-bit microcontroller

Currently, several embedded applications in military, industry, banking transference, e-commerce, biometric systems and others use insecure communication channels such as Internet to transmit or store confidential information. Therefore, the integrity and security of information are an important issue in continuous research. In last years, chaotic systems have been proposed in cryptography due they have several properties related with cryptography properties such as extreme sensibility on initial conditions with confusion and ergodicity with diffusion. In this paper, we present a 32-bit microcontroller implementation of an improved text encryption algorithm (based on Murillo-Escobar’s algorithm [13]) for real-time embedded systems and we present a complete security analysis such as key size analysis, key sensitivity, plain text sensitivity, floating frequency, histograms, N-grams, autocorrelation, information entropy, robustness against classic attacks, randomness analysis, and security characteristics. In addition, the digital implementation and performance are analyzed such as programming details, memory required, frequency system, implementation costs and encryption time. In contrast with recent approaches presented in literature, we present a complete security analysis in both statistical and implementation level, to justify the proposed scheme in a real application. Based in the results, the proposed embedded text encryption system is secure, effective and at low cost, and it could be implemented in real-time cryptosystem based on microcontroller.     

A hybrid encryption/hiding method for secure transmission of biometric data in multimodal authentication system

Biometric security is a fast growing area that gains an increasing interest in the last decades. Digital encryption and hiding techniques provide an efficient solution to protect biometric data from accidental or intentional attacks. In this paper, a highly secure encryption/hiding scheme is proposed to ensure secure transmission of biometric data in multimodal biometric identification/authentication system. The secret fingerprint and iris vectors are sparsely approximated using accelerated iterative hard thresholding technique and then embedded in the host Slantlet-SVD domain of face image. Experiments demonstrate the efficiency of our technique for both encryption and hiding purpose, where the secret biometric information is well encrypted and still extractable with high fidelity even though the carrier image is seriously corrupted. Our experimental results show the efficiency of the proposed technique in term of robustness to attacks, Invisibility, and security.

     

一种适于移动计算的快速组合混沌加密方法

提出了用两种类随机性良好的混沌系统进行组合叠加产生混沌密钥信号的加密方案。该方案利用了混沌序列初值、系统参数和叠加系数的秘密性,算法高效快速、时空开销小。通过仿真实验分析,该系统能有效抵抗系统识别攻击,且密文加密效果好,非常适合于资源开销有限和实时性要求较高的安全通信场合。     

混沌系统和DNA编码的并行遥感图像加密算法

目的 针对传统基于混沌系统的图像加密算法在加密遥感图像时存在速度差、安全性不足等问题,提出一种混沌系统和脱氧核糖核酸（deoxyribonucleic acid,DNA）编码的并行遥感图像加密算法,提升图像加密的效率和安全性。方法 利用明文图像的安全散列算法256（secure Hash algorithm 256,SHA-256）哈希值修改混沌系统的参数和初始值,提高算法的明文敏感性,并通过2维Hénon-Sine映射置乱图像,打乱像素之间的分布规律;然后利用图形处理器（graphics processing unit,GPU）并行计算密钥序列,缩短加密时间,通过选择多个高维混沌系统和修改混沌系统初始值确保密钥序列的随机性;最后利用密钥序列和GPU对图像进行DNA并行加密,得到最终的密文图像。在DNA并行加密过程中,生成一种DNA-S盒,对DNA编码进行非线性替换。结果 在遥感图像以及普通彩色图像上的仿真实验和安全性分析结果表明,本文算法在加密遥感图像上速度达到80 Mbit/s以上,密钥空间大于10²⁰⁰,信息熵趋近于8,密文图像直方图平坦均匀,且通过了美国国家标准与技术研究院（National Institute of Standards and Technology,NIST）随机测试以及卡方检验;与其他算法相比,本文算法在密钥空间、相邻像素相关性、像素改变率（number of changing pixel rate,NPCR）、统一平均变化强度（unified averaged changed intensity,UACI）和信息熵等评价指标上更接近理想值。结论 本文算法在大幅提升加密速度的同时,保证算法足够安全,能够抵抗各种攻击,适合遥感图像以及大容量图像的保密存储和网络传输。     

FPGA based unified architecture for public key and private key cryptosystems

Recently, security in embedded system arises attentions because of modern electronic devices need cautiously either exchange or communicate with the sensitive data. Although security is classical research topic in worldwide communication, the researchers still face the problems of how to deal with these resource constraint devices and enhance the features of assurance and certification. Therefore, some computations of cryptographic algorithms are built on hardware platforms, such as field program gate arrays (FPGAs). The commonly used cryptographic algorithms for digital signature algorithm (DSA) are rivest-shamir-adleman (RSA) and elliptic curve cryptosystems (ECC) which based on the presumed difficulty of factoring large integers and the algebraic structure of elliptic curves over finite fields. Usually, RSA is computed over GF(p), and ECC is computed over GF(p) or GF(2 ^p ). Moreover, embedded applications need advance encryption standard (AES) algorithms to process encryption and decryption procedures. In order to reuse the hardware resources and meet the trade-off between area and performance, we proposed a new triple functional arithmetic unit for computing high radix RSA and ECC operations over GF(p) and GF(2 ^p ), which also can be extended to support AES operations. A new high radix signed digital (SD) adder has been proposed to eliminate the carry propagations over GF(p). The proposed unified design took up 28.7% less hardware resources than implementing RSA, ECC, and AES individually, and the experimental results show that our proposed architecture can achieve 141.8MHz using approximately 5.5k CLBs on Virtex-5 FPGA.     

Visually meaningful image encryption using data hiding and chaotic compressive sensing

A visually secure multiple image encryption using chaotic map and compressive sensing is proposed. The existing image encryption algorithms transform a secret image into a random noise like cipher image which can lead to cryptanalysis by an intruder. In the proposed method, compressive sampling is done using a chaos based, key controlled measurement matrix. An image dependent key generation scheme is used to generate the parameters of the chaotic map. The secret images are transformed into wavelet coefficients, and scrambled along a zigzag path, so that the high correlation among them can be reduced and thereby provide increased security level. The sparse coefficients are measured using the chaotic map-based measurement matrix, whose initial parameters are obtained from the keys generated. Then the reduced measurements are embedded into the sub-bands of the wavelet transformed cover image. Therefore, the proposed algorithm is highly sensitive to the secret images and can effectively withstand known-plaintext and chosen-plaintext attacks. Additionally, the cipher image and the secret images are of same size and do not require additional transmission bandwidth and storage space.

     

A secure image encryption based on spatial surface chaotic system and AES algorithm

We propose a secure image encryption method using the combination of spatial surface chaotic system(SSCS) and the improved AES algorithm structure. In this scheme, the key of cryptosystem is obtained from the SSCS, this system has better encryption characteristics and its model structure fits the image exactly, and it is designed for image cryptosystems contrasted with the existing a lot of low-dimensional chaotic maps and couple map lattices. The plain image is encrypted with the improved AES algorithm and by performing each round encryption, the key is generated by SSCS in each round, an improved permutation algorithm(IPA) and a reverse diffusion have been presented. The proposed scheme not only improves the efficiency because of the same key stream is shared, but also increases the diffusion effect which can resist differential attack. The presented scheme provides huge key space to deal with the brute-force attacks using the round keys obtained by SSCS, and also very sensitive to initial values of SSCS and plain image. The results of simulation analysis and performance evaluation show that the presented cryptosystem provides strong security performance and may be used as a candidate for real-time implementations.

     

A image encryption algorithm based on chaotic Lorenz system and novel primitive polynomial S-boxes

We have proposed a robust, secure and efficient image encryption algorithm based on chaotic maps and algebraic structure. Nowadays, the chaotic cryptosystems gained more attention due to their efficiency, the assurance of robustness and high sensitivity corresponding to initial conditions. In literature, there are many encryption algorithms that can simply guarantees security while the schemes based on chaotic systems only promises the uncertainty, both of them can not encounter the needs of current scenario. To tackle this issue, this article proposed an image encryption algorithm based on Lorenz chaotic system and primitive irreducible polynomial substitution box. First, we have proposed 16 different S-boxes based on projective general linear group and 16 primitive irreducible polynomials of Galois field of order 256, and then utilized these S-boxes with combination of chaotic map in image encryption scheme. Three chaotic sequences can be produced by the disturbed of Lorenz chaotic system corresponding to variables x, y and z. We have constructed a new pseudo random chaotic sequence k_i based on x, y and z. The plain image is encrypted by the use of chaotic sequence k_i and XOR operation to get a ciphered image. To show the strength of presented image encryption, some renowned analyses are performed.

     

基于混沌序列的RFID安全加密机制

针对现有RFID系统读写器和标签之间通信安全性低、易受到各种攻击的安全问题,介绍基于Logistic混沌序列的动态实时密钥方法,提出一种基于混沌序列RFID的安全加密机制,采用动态实时密钥对RFID系统中的读写器与电子标签通信消息进行加密。仿真实验结果表明,该方法能够解决RFID系统中非法存取、伪造哄骗、数据泄露、位置跟踪等安全问题。     

Commentary on “A block chaotic image encryption scheme based on self-adaptive modelling” [Applied Soft Computing 22 (2014) 351–357]

Ye and Zhou [Appl. Soft. Comput. 22 (2014) 351–357] proposed an efficient chaotic based image encryption scheme which only employs diffusion, while usually both confusion and diffusion are used for encryption structures. We present both chosen-plaintext and chosen-ciphertext attacks against the scheme for any number of its rounds r by exploiting r-round differentials with probability 1. The result shows that the encryption structure proposed by Ye and Zhou does not fulfill basic requirements of a secure image encryption scheme.     

混沌密钥调制DFRFT旋转因子的视频加密

现有分数阶傅里叶变换（FRFT）由于旋转因子的单一性很少应用于视频实时加密,而当前单纯混沌加密算法的安全性又存在着诸多缺陷。为此,提出一种新的视频实时加密算法——混沌密钥调制DFRFT旋转因子。该算法将混沌加密与分数阶傅里叶变换进行了有机结合。首先将离散分数阶傅里叶变换（DFRFT）的旋转因子用混沌密钥进行调制,然后用调制后的旋转因子对视频数据进行分数阶傅里叶变换,最终完成了对视频数据的加密系统。该加密系统在技术上实现了视频数据在客户端的实时采集、实时加密;密文在网络上的实时传输、密文在接收端的接收、实时解密和播放。实验结果表明,加、解密效果很好,满足了实时性与安全性的要求。对实验结果的理论、安全性分析表明,该算法简单易行、安全性高。该算法的安全性优于单纯的混沌加密算法或单纯傅里叶视频加密算法,且满足了实时性要求。为解决实时性与安全性冲突问题提供了一条新的途径。     

HPAC-sbox- a novel implementation of predictive learning classifier and adaptive chaotic s-box for counterfeiting sidechannel attacks in an IOT networks

Today, embedded systems are augmented with the Internet of things and more with the artificial intelligence to make world even connected with aliens. With an IoT networks are getting its insight since it deals with large number of data information, security has considered to be more important and needs to be a diagnosis for every minute. To enhance the security in the network, a mathematically secure algorithms were formulated and runs on the cryptographic embedded chips to counterfeit the risks which are caused by the different attacks such as side channel attacks (SCA) on the networks. Even though many cryptographic encryption algorithms such as AES, DES, RC4 algorithms were gaining its importance, fixed encryption keys, non-intelligent detection of attacks, cognitive countermeasures are some of the real-time challenges in an existing system of encryption. Following the limitations of existing systems, this research article focuses on design of new AES with HPAC-SBOX (Hybrid Prediction and Adaptive Chaos) which integrates powerful predictive learning algorithms and adaptive chaotic logistic S-Box. The following contributions of this research articles are: a) Preparation of Data Sets from the Power consumption traces captured from Multi Core Embedded boards while running the Advanced Encryption Systems(AES) on it b) Implementation of High Speed and High Accurate Prediction learning machines for the prediction of side-channel attacks c) Design of Adaptive Chaotic S-Box using 3-Dlogistic Hyperbolic maps for attacked bits. To evaluate the proposed architecture, experimentation in carried out in an IoT networks and various performance parameters were calculated and analyzed. The results show that the proposed architecture outperforms the other existing algorithms in terms of prediction and performance.     

The secure wavelet transform

There has been an increasing concern for the security of multimedia transactions over real-time embedded systems. Partial and selective encryption schemes have been proposed in the research literature, but these schemes significantly increase the computation cost leading to tradeoffs in system latency, throughput, hardware requirements and power usage. In this paper, we propose a light-weight multimedia encryption strategy based on a modified discrete wavelet transform (DWT) which we refer to as the secure wavelet transform (SWT). The SWT provides joint multimedia encryption and compression by two modifications over the traditional DWT implementations: (a) parameterized construction of the DWT and (b) subband re-orientation for the wavelet decomposition. The SWT has rational coefficients which allow us to build a high throughput hardware implementation on fixed point arithmetic. We obtain a zero-overhead implementation on custom hardware. Furthermore, a Look-up table based reconfigurable implementation allows us to allocate the encryption key to the hardware at run-time. Direct implementation on Xilinx Virtex FPGA gave a clock frequency of 60 MHz while a reconfigurable multiplier based design gave a improved clock frequency of 114 MHz. The pipelined implementation of the SWT achieved a clock frequency of 240 MHz on a Xilinx Virtex-4 FPGA and met the timing constraint of 500 MHz on a standard cell realization using 45 nm CMOS technology.