Optical image encryption using password key based on phase retrieval algorithm

A novel optical image encryption system is proposed using password key based on phase retrieval algorithm (PRA). In the encryption process, a shared image is taken as a symmetric key and the plaintext is encoded into the phase-only mask based on the iterative PRA. The linear relationship between the plaintext and ciphertext is broken using the password key, which can resist the known plaintext attack. The symmetric key and the retrieved phase are imported into the input plane and Fourier plane of 4f system during the decryption, respectively, so as to obtain the plaintext on the CCD. Finally, we analyse the key space of the password key, and the results show that the proposed scheme can resist a brute force attack due to the flexibility of the password key.     

基于圆柱衍射与离散余弦变换的图像光学加密算法

目的为了实现多幅图像的同步加密,并增强加密系统的抗破译能力,提出一种基于圆柱衍射域的相位截断与离散余弦变换的多图像光学加密算法。方法首先引入压缩感知(CS,Compress Transform)方法,对输入明文实施压缩;基于离散余弦变换DCT(Discrete Cosine Transform)对压缩明文完成分解,获取相应的DCT系数,形成系数矩阵;构建迭代复数,将每个压缩明文对应的系数矩阵融合为一个复矩阵,通过DCT逆变换,形成一幅组合图像。联合Hilbert变换与波带片相位模型,构建调制掩码;引入圆柱衍射域的相位截断机制,联合调制掩码,对组合图像实施光学加密,获取密文与私钥。结果实验数据表明,相对于已有的多图像同步加密方法而言,所提算法具备更高的加密安全性,密文熵值以及相邻像素间的相关系数分别达到了7.998,0.0012,且具有强烈的密钥敏感性。结论所提加密算法可以抵御网络中外来攻击,在图像信息防伪领域具有一定的参考价值。     

Optical image encryption system using nonlinear approach based on biometric authentication

A nonlinear image encryption scheme using phase-truncated Fourier transform (PTFT) and natural logarithms is proposed in this paper. With the help of the PTFT, the input image is truncated into phase and amplitude parts at the Fourier plane. The phase-only information is kept as the secret key for the decryption, and the amplitude distribution is modulated by adding an undercover amplitude random mask in the encryption process. Furthermore, the encrypted data is kept hidden inside the face biometric-based phase mask key using the base changing rule of logarithms for secure transmission. This phase mask is generated through principal component analysis. Numerical experiments show the feasibility and the validity of the proposed nonlinear scheme. The performance of the proposed scheme has been studied against the brute force attacks and the amplitude-phase retrieval attack. Simulation results are presented to illustrate the enhanced system performance with desired advantages in comparison to the linear cryptosystem.     

Multiple-image encryption scheme with a single-pixel detector

Abstract

A multiple-image encryption (MIE) scheme with a single-pixel detector has been proposed according to the principle of ghost imaging. In this scheme, each of the spatially coherent laser beams is modified by a set of phase-mask keys and illuminates on a secret image. All of the transmitted lights are recorded together by a single-pixel (bucket) detector to obtain a ciphertext, but anyone of the secret images can be decrypted from the ciphertext independently without any mutually overlapped despite some noise in them. The MIE scheme will bring convenience for data storage and transmission, especially in the case that different secret images need to be distributed to different authorized users, because the ciphertext is a real-valued function and this scheme can effectively avoid the secret images being extracted mutually. The basic principle of the MIE scheme is described theoretically and verified by computer simulations. Finally, the feasibility, robustness and encryption capacity are also tested numerically.     

Lattice-Based Searchable Encryption Scheme against Inside Keywords Guessing Attack

To save the local storage, users store the data on the cloud server who offers convenient internet services. To guarantee the data privacy, users encrypt the data before uploading them into the cloud server. Since encryption can reduce the data availability, public-key encryption with keyword search (PEKS) is developed to achieve the retrieval of the encrypted data without decrypting them. However, most PEKS schemes cannot resist quantum computing attack, because the corresponding hardness assumptions are some number theory problems that can be solved efficiently under quantum computers. Besides, the traditional PEKS schemes have an inherent security issue that they cannot resist inside keywords guessing attack (KGA). In this attack, a malicious server can guess the keywords encapsulated in the search token by computing the ciphertext of keywords exhaustively and performing the test between the token and the ciphertext of keywords. In the paper, we propose a lattice-based PEKS scheme that can resist quantum computing attacks. To resist inside KGA, this scheme adopts a lattice-based signature technique into the encryption of keywords to prevent the malicious server from forging a valid ciphertext. Finally, some simulation experiments are conducted to demonstrate the performance of the proposed scheme and some comparison results are further shown with respect to other searchable schemes.     

Text Encryption Using Pell Sequence and Elliptic Curves with Provable Security

The demand for data security schemes has increased with the significant advancement in the field of computation and communication networks. We propose a novel three-step text encryption scheme that has provable security against computation attacks such as key attack and statistical attack. The proposed scheme is based on the Pell sequence and elliptic curves, where at the first step the plain text is diffused to get a meaningless plain text by applying a cyclic shift on the symbol set. In the second step, we hide the elements of the diffused plain text from the attackers. For this purpose, we use the Pell sequence, a weight function, and a binary sequence to encode each element of the diffused plain text into real numbers. The encoded diffused plain text is then confused by generating permutations over elliptic curves in the third step. We show that the proposed scheme has provable security against key sensitivity attack and statistical attacks. Furthermore, the proposed scheme is secure against key spacing attack, ciphertext only attack, and known-plaintext attack. Compared to some of the existing text encryption schemes, the proposed scheme is highly secure against modern cryptanalysis.     

A ciphertext-only attack on Polly Two

Polly Two is a public key encryption scheme that builds on the conceptual public key encryption scheme Polly Cracker. We describe a heuristic attack on Polly Two, which aims at recovering the plaintext from a given ciphertext without revealing the secret key. The attack has been applied successfully to solve the latest “Polly Two challenge”.     

基于混合幅度-相位检索技术与二维耦合混沌映射的光学图像加密算法

目的为了解决当前光学图像加密算法主要将单色光束直接作用于明文,使其在解密过程中易出现丢失颜色信息等问题。方法文中设计基于混合幅度-相位检索技术与二维耦合混沌映射的光学图像加密算法。首先,提取彩色图像的R, G, B分量;随后,引入Logistic映射与Sine映射,通过对二者进行非线性耦合,形成二维复合混沌映射;利用彩色图像的像素信息来迭代复合映射,获取3个混沌序列,通过构建位置引擎混淆机制,对R,G,B分量进行置乱;基于Logistic映射,利用明文像素生成的初值条件对其进行迭代,输出一个混沌随机掩码;最后,基于幅度-相位截断方法和Gyrator变换,设计混合幅度-相位检索技术,利用单向二进制相位函数和随机掩码,对置乱后的R, G, B分量进行加密,获取相应的检测振幅,再将其进行组合,形成实值函数的加密密文。结果实验结果显示,与当前光学图像加密机制相比,所提算法具有更高的安全性与解密质量,具备较强的抗明文攻击能力。结论所提加密技术具有较高的抗攻击能力,能够安全保护图像在网络中传输,在信息防伪等领域具有较好的应用价值。     

Multiple-image encryption scheme via compressive sensing and orthogonal encoding based on double random phase encoding

We propose an optical multiple-image encryption scheme based on compressive sensing and double random phase encoding. The orthogonal encoding method is used for integrating and extracting multiple-image compressed sampling data. In the encryption process, each plain image is sampled by compressive sensing and the sampled data of all the images are integrated into a synthesized ciphertext by orthogonal encoding method. The synthesized ciphertext is re-encrypted through the double random phase encoding technique to form final ciphertext. In order to reduce the data of keys, chaotic matrix, of which only the initial value should be memorized, is employed in the compressive sampling process and double random phase encoding process. Numerical simulation and the analysis of attacks on encrypted image are implemented to demonstrate the security and validity of the proposed approach.     

Optical encryption system that uses phase conjugation in a photorefractive crystal

We implement an optical encryption system based on double-random phase encoding of the data at the input and the Fourier planes. In our method we decrypt the image by generating a conjugate of the encrypted image through phase conjugation in a photorefractive crystal. The use of phase conjugation results in near-diffraction-limited imaging. Also, the key that is used during encryption can also be used for decrypting the data, thereby alleviating the need for using a conjugate of the key. The effect of a finite space-bandwidth product of the random phase mask on the encryption system's performance is discussed. A theoretical analysis is given of the sensitivity of the system to misalignment errors of a Fourier plane random phase mask.     

A Cryptograph Domain Image Retrieval Method Based on Paillier Homomorphic Block Encryption

With the rapid development of information network, the computing resources and storage capacity of ordinary users cannot meet their needs of data processing. The emergence of cloud computing solves this problem but brings data security problems. How to manage and retrieve ciphertext data effectively becomes a challenging problem. To these problems, a new image retrieval method in ciphertext domain by block image encrypting based on Paillier homomophic cryptosystem is proposed in this paper. This can be described as follows: According to the Paillier encryption technology, the image owner encrypts the original image in blocks, obtains the image in ciphertext domain, then passes it to the third party server. The server calculates the difference histogram of the image in ciphertext domain according to the public key and establishes the index database. The user passes the retrieved image to the server. The server computes the differential histogram of the retrieved image by public key. Then, compares the similarity of it with the histogram in index database and selects larger similarity images in ciphertext and send them to the user. The user obtains the target image with the private key. The experimental results show that the method is feasible and simple.     

一个新的类FEISTEL密码方案

分析了RSA和DES的算法优点和安全弱点，设计了一个新的密码算法方案。该方案以类FEISTEL结构为基础增强了左右两半部分结构的安全设计，利用了RSA进行密钥分配，并以序列密码算法的生成原理改变了固定密钥的缺点。该新方案具有一次一密的特点，给破译者获得大量的明密文对造成了很大的困难，可较好地抵抗差分分析与线性分析，是一种安全性较强的加密方案。     

基于新型多环多翼超混沌系统的图像加密算法

目的 为提高图像加密算法的安全性,提出一种新型多环多翼超混沌系统的图像加密算法.方法 对超Lorenz混沌系统进行分形变换,得到多环多翼超混沌系统,设计一种基于该混沌系统的查表运算扩散算法.算法采用典型的置乱-扩散模式,借助Logistic混沌系统对明文图像进行无重复索引置乱,将新型多环多翼超混沌系统产生的密钥序列结合明文信息,对一次扩散图像的每个像素值进行正逆向扩散,得到最终的加密图像.结果 置乱图像的平均不动点比为0.003％,密文直方图分布均匀,相邻像素相关性几乎为零,信息熵达到了7.999,且NPCR,UACI和BACI的值分别为99.61％,33.46％和26.7％,与同类加密算法相比,该算法加密效果更优.结论 算法具有较强的密钥敏感性,能有效抵抗剪切、噪声等攻击,所提出的图像加密算法具有较高的安全性.     

基于变参混沌的异位异或图像加密算法

目的 解决混沌序列的混沌性能退化,加密算法不能较好地抵御选择明文攻击等问题。方法 提出一种基于变参混沌系统,采用密文反馈的方式,对明文块依次加密的图像加密算法,并在扩散部分摒弃常规的按位异或扩散方式,提出一种按块异位异或算法。结果 对算法进行仿真的结果表明,文中算法对密钥敏感,测试对象的NPCR值分别为99.59%,99.61%,99.61%,UACI值分别为33．44%,33.46%,33.45%,信息熵分别为7.9872,7.9989,7.9977,相较于其他类似算法,文中算法的综合效果更好,密钥空间为(1016)6+1014×9。结论 密文对明文敏感,能抵抗选择明文攻击,该算法不仅有效解决了问题,还具有较高的安全性能。     

An Efficient Ciphertext-Policy Attribute-Based Encryption Scheme with Policy Update

Ciphertext-policy attribute-based encryption (CP-ABE) is a promising cryptographic solution to the problem for enforcing fine-grained access control over encrypted data in the cloud. However, when applying CP-ABE to data outsourcing scenarios, we have to address the challenging issue of policy updates because access control elements, such as users, attributes, and access rules may change frequently. In this paper, we propose a notion of access policy updatable ciphertext-policy attribute-based encryption (APU-CP-ABE) by combining the idea of ciphertext-policy attribute-based key encapsulation and symmetric proxy re-encryption. When an access policy update occurs, data owner is no longer required to download any data for re-encryption from the cloud, all he needs to do is generate a re-encryption key and produce a new encapsulated symmetric key, and then upload them to the cloud. The cloud server executes re-encryption without decryption. Because the re-encrypted ciphertext is encrypted under a completely new key, users cannot decrypt data even if they keep the old symmetric keys or parts of the previous ciphertext. We present an APU-CP-ABE construction based on Syalim et al.’s [Syalim, Nishide and Sakurai (2017)] improved symmetric proxy re-encryption scheme and Agrawal et al.’s [Agrawal and Chase (2017)] attribute-based message encryption scheme. It requires only 6 bilinear pairing operations for decryption, regardless of the number of attributes involved. This makes our construction particularly attractive when decryption is time-critical.     

基于量子Logistic映射的图像加密算法研究

目的提出将量子Logistic混沌映射与三维Arnold混沌映射相结合的图像加密算法,以提高图像加密的复杂度。方法首先利用量子Logistic混沌映射生成置乱用的伪随机序列与明文进行整体置乱,再利用三维Arnold混沌映射生成一个整数序列,与置乱后的密文进行扩散运算。结果通过仿真实验,加密图像的相关性系数接近于0,密钥敏感性的NPCR和UACI的测试值分别约等于99.60和33.4,信息熵的测试结果约等于7.999,都非常接近于理论值。结论加密算法充分体现了量子混沌映射高复杂度的非线性力学特性。通过仿真实验测试可知,加密算法具有密钥空间大、敏感性强、安全性好的特点。     

Generalised key delegation for hierarchical identity-based encryption

The authors introduce a new primitive called identity-based encryption with wildcard key derivation (WKD-IBE or `wicked IBE?) that enhances the concept of hierarchical identity-based encryption by allowing more general key delegation patterns. A secret key is derived for a vector of identity strings, where entries can be left blank using a wildcard. This key can then be used to derive keys for any pattern that replaces wildcards with concrete identity strings. For example, one may want to allow the university?s head system administrator to derive secret keys (and hence the ability to decrypt) for all departmental sysadmin email addresses sysadmin@*.univ.edu, where _ is a wildcard that can be replaced with any string. The authors provide appropriate security notions and provably secure instantiations with different tradeoffs in terms of ciphertext size and efficiency. The authors also present a generic construction of identity-based broadcast encryption (IBBE) from any WKD-IBE scheme. One of their instantiations yields an IBBE scheme with constant ciphertext size.     

随机振幅-相位编码虚拟光学加密系统

通过对双随机相位编码光学加密系统中空域的随机相位模板进行置换,提出采用随机振幅-相位模板对图像进行加密的新方法。理论分析表明,当随机振幅板为零均值白噪声且与频域相位板统计独立时,被加密图像的自相关函数为二维冲击函数,表明原始图像被加密为平稳的复随机白噪声,因而可以抵御盲反卷积攻击。采用计算机进行模拟,证实了所提方法的有效性。最后讨论了该方法相对于双随机相位编码系统的优越性:对空域密钥的统计学要求更低、在频域密钥泄露情况下系统鲁棒性更强。但是,由于物理上不存在幅度为负值的光波,因此该系统只能使用数字虚拟的方法来实现。     

基于3D-CS混沌系统的双DNA编码图像加密算法

目的为解决加密算法中明文与混沌系统密钥关联小,且置乱扩散不能同步进行造成的安全性低的问题。在结合Chebyshev和Sine映射的基础上,新建三维Chebyshev-Sine混沌映射系统(3D-CS),提出一种基于3D-CS混沌系统的双DNA编码图像加密算法。方法设定二进制与四进制双重DNA编码,利用约瑟夫环变换对经过二进制DNA编码的图像RGB各层进行位置索引,同时完成置乱和扩散,然后将混沌系统产生的序列值经过处理后进行四进制DNA编码,最后将2种DNA序列进行加法运算后解码得到密文。结果仿真实验表明,索引序列和混沌序列通过了随机性检验,密文各层NPCR值分别为99.63%,99.61%,99.59%,UACI值分别为33.43%,33.44%,33.40%,信息熵分别为7.9992,7.9991,7.9993。结论所设计的混沌序列相较于其他混沌序列有一定优势,针对提出的问题有效提高了加密算法的安全性,密文能有效地抵御各种统计攻击与差分攻击。     

Partial decryption attacks in security-mediated certificateless encryption

Certificateless encryption refers to public key encryption with implicit certification. Security-mediated certificateless (SMC) encryption takes one-step further, such that every decryption requires a securitymediator (SEM) to partially decrypt the ciphertext. One major benefit is that instant revocation can be done by simply instructing the SEM to reject any further decryption request. Similar to the conventional chosenciphertext attack, it is reasonable to assume that an adversary can obtain the partial decryption of many ciphertexts. The authors show that the schemes proposed by Yang-Wang-Wang in AINAW 2007, Lo-Hwang-Li in IET Information Security, 1(3) and Yang-Xiong-Su in Computer Applications, 28(11) are insecure against partial decryption attacks, and hence cannot be classified as SMC encryption according to the original Chow? Boyd?Gonzalez Nieto's formulation in PKC 2006.