小波变换和SHA-1相结合的图像压缩加密

针对图像分层树集划分编码的安全性问题,提出一种将小波变换和SHA-1(security hash algorithm-1)相结合的图像加密算法(DSCE).首先将图像小波变换后的系数分为低频和高频两部分,然后将低频系数、初始密钥及图像像素和,通过SHA-1置乱加密SPIHT编码高频系数;将部分加密高频系数和初始密钥,通过SHA-1置乱加密Huff man编码低频系数,在压缩过程中实现低频和高频部分相互加密.仿真结果表明,DSCE算法密钥空间大,对密钥和明文敏感,同时有效提高图像存储和传输效率.     

Color image encryption scheme based on the combination of the fisher-yates scrambling algorithm and chaos theory

In order to obtain a more secure and effective image encryption scheme, a color image encryption scheme based on Fisher-Yates scrambling algorithm and chaos theory is proposed. First, the (secure hash algorithm) SHA-384 is used to generate the key by combining the plaintext image and the encrypted time point. Then, three groups of chaotic sequences are obtained by iterating the three-dimensional Chen chaotic system, and three groups of pseudo-random sequences are obtained by processing with the key. The first group of pseudo-random sequences combined with the Fisher’s algorithm for image pixel position scrambling. A new pixel value substitution method is proposed using the second group of sequences to control each pixel value substitution of the image. The last group generated the matrix after pixel substitution was used for diffusion transformation to obtain the final encrypted image. The test results show that the scheme has broad application prospects.

     

A new fast double-chaotic based Image encryption scheme

In this paper, a new scheme for image encryption based on a double chaotic pseudo random generator (DCPG), simple XOR and shift rotations operations is proposed. The DCPG is a combination of both Tent and Chebyshev chaotic and so it needs three values of control parameters which are used as shared secret keys. The encryption consists of two rounds. In the first round, the hash value of the input image is computed using SHA-512. This value also is used as a forth shared secret key and from which, 4 amounts of the shift rotations are extracted. A pseudorandom sequence is generated using the proposed DCPG with the same size of the input image. This sequence and also the input image are divided into blocks of size 1?×?8. Each block of input image is processed with the corresponding block of the pseudorandom sequence using simple shift rotation and XOR operation. To extend the effect of the original image one pixel change to all the pixels of the cipher image, a second round of XOR operation is added. The proposed scheme has many advantages. It is highly secure due to two reasons. Firstly, it uses four secret keys for encryption which provides a large key space to overcome all types of brute force attacks. Secondly, the amounts of shift rotation used are input image dependent which achieves a strong resistance against chosen plaintext attacks. Also, it is more efficient compared to other recently existing schemes as it consists only of two rounds of simple operations. Security analysis of scheme has been provided. Based on the results, our scheme is highly secure with a reduced encryption time and so it can be used for many applications which require real time secure image communications.

     

一种混沌图像加密算法的选择明文攻击和改进

在已有的四维超混沌系统的基础上构造了一个五维超混沌系统,对一种结合超混沌序列和移位密码的数字图像加密算法进行了分析,通过选择明文攻击的方法,成功破解了该算法中用于像素位置置乱以及像素值扩散和混淆的等效密钥,从而能利用破解的等效密钥解密出目标明文。为此对该算法进行了两个方面的改进。一个改进是加密系统中使用了新构造的五维超混沌系统,使得改进算法的密钥空间更大,进一步提高了安全性。另一个改进是设计混沌系统的初始值与明文图像的SHA-256哈希值有关,从而使得密钥流与明文图像相关,达到“一次一密”的效果。密钥空间分析、密钥敏感性分析、统计分析、信息熵分析、差分攻击分析、抗剪切、抗噪声、抗压缩分析等实验结果表明,改进后的图像加密算法比原加密算法更加安全有效。     

基于混沌系统和人工神经网络的图像加密算法

针对一些基于混沌的图像加密算法中存在密钥与明文不相关, 混沌序列存在周期性等问题, 提出新的加密方案. 首先基于明文图像和哈希函数SHA-384产生Lorenz混沌系统的初值, 控制混沌系统产生混沌序列, 然后引入人工神经网络对混沌序列进行训练以消除其混沌周期性, 输出新的序列. 使用新的序列对明文图像进行置乱和扩散操作, 完成加密. 实验结果表明, 该算法提高了密文的安全性, 增大了密钥空间, 同时能抵抗各种攻击方式.     

基于MB-CSLBP的手指静脉加密算法研究

为解决在传统的生物特征加密技术的安全性上的不足,对手指静脉特征加密方法进行了探讨和研究。提出了基于MB-CSLBP编码的手指静脉加密方案。首先对LBP算子以及改进的CSLBP、MB-CSLBP算子进行了研究,提取了手指静脉的MB-CSLBP二进制特征编码。然后研究了传统的模糊承诺加密方案,在此基础上将提取的手指静脉MB-CSLBP二进制特征编码作为加密特征,对加密信息进行BCH编码后与加密特征以异或的方式结合完成加密,同时使用SHA-1散列算法对加密信息进行哈希变换,保留得到的哈希值以用于解密。实验结果表明,当密钥长度为400 b时,FAR达到了0.47%,文中提出的基于MB-CSLBP编码的手指静脉加密方案具有很高的鲁棒性和安全性。     

A novel hyper-chaotic image encryption scheme based on quantum genetic algorithm and compressive sensing

Over the last few years, lots of chaotic image encryption schemes have been proposed. However, most of the schemes are permutation-diffusion architectures which still have some shortcomings, such as weak key streams, small key spaces, small information entropy, and so on. To eliminate the above weaknesses, in this paper, we propose a hyper-chaotic image encryption scheme based on quantum genetic algorithm (QGA) and compressive sensing (CS), which is a new image encryption scheme and has not been proposed so far. Firstly, QGA can update the population with the quantum rotation gate, which can enhance the randomness of the population and avoid falling into local optimum. Then compressive sensing technology is used to reduce data storage and speed up the encryption and decryption process. Moreover, we utilize the SHA-512 hash function of the plain image to calculate the initial values of the hyper-chaotic system, which is capable of enhancing the relationships between encryption schemes and plain images. The simulation experiments and security analysis reveal that the proposed scheme is more efficient in resisting statistical attack and plaintext attack and shows better performance in peak signal-to-noise ratio (PSNR) and information entropy compared with other image encryption schemes based on chaos theory.

     

一种基于USB Key的双因子身份认证与密钥交换协议

传统的USB Key只能存储数据而无法进行复杂的加／解密运算,导致基于USB Key的认证协议存在诸多不足。本文针对含智能卡芯片的USB Key可进行加／解密运算和生成随机密钥的特点,提出了一种基于USB Key的双因子身份认证与密钥交换协议DKAKEP。该协议综合运用伪随机数验证、一次性会话密钥、AES加密算法、安全哈希算法等技术,除了可提供安全快速的身份认证与密钥交换,还具有快速更改密钥、支持多种哈希算法和无需时间同步机制的特点。 多种协议攻击,具有较强的实用性、安全性和可靠性。     

基于DNA编码和超混沌系统的图像加密算法

针对DNA编码规则单一和混沌加密算法对密钥的灵敏度低等问题,提出一种基于DNA编码和超混沌系统的图像加密方案。该算法首先使用SHA-3算法计算明文图像的哈希值,用于超混沌系统的初始值,增加明文敏感性;其次将图像转换为DNA序列,并与所构建的S盒子进行DNA序列运算;最后用超混沌系统产生的序列对图像进行置乱。结果和理论分析表明,该算法不仅提高了密钥敏感性和传输数据的安全性,而且具有较好的抗穷举攻击、统计攻击和差分攻击能力。     

A novel image encryption based on hash function with only two-round diffusion process

In this paper, a novel algorithm for image encryption based on hash function is proposed. In our algorithm, a 512-bit long external secret key is used as the input value of the salsa20 hash function. First of all, the hash function is modified to generate a key stream which is more suitable for image encryption. Then the final encryption key stream is produced by correlating the key stream and plaintext resulting in both key sensitivity and plaintext sensitivity. This scheme can achieve high sensitivity, high complexity, and high security through only two rounds of diffusion process. In the first round of diffusion process, an original image is partitioned horizontally to an array which consists of 1,024 sections of size 8 × 8. In the second round, the same operation is applied vertically to the transpose of the obtained array. The main idea of the algorithm is to use the average of image data for encryption. To encrypt each section, the average of other sections is employed. The algorithm uses different averages when encrypting different input images (even with the same sequence based on hash function). This, in turn, will significantly increase the resistance of the cryptosystem against known/chosen-plaintext and differential attacks. It is demonstrated that the 2D correlation coefficients (CC), peak signal-to-noise ratio (PSNR), encryption quality (EQ), entropy, mean absolute error (MAE) and decryption quality can satisfy security and performance requirements (CC <0.002177, PSNR <8.4642, EQ >204.8, entropy >7.9974 and MAE >79.35). The number of pixel change rate (NPCR) analysis has revealed that when only one pixel of the plain-image is modified, almost all of the cipher pixels will change (NPCR >99.6125 %) and the unified average changing intensity is high (UACI >33.458 %). Moreover, our proposed algorithm is very sensitive with respect to small changes (e.g., modification of only one bit) in the external secret key (NPCR >99.65 %, UACI >33.55 %). It is shown that this algorithm yields better security performance in comparison to the results obtained from other algorithms.     

面向区块链溯源的链下扩展存储方案

在基于区块链的供应链管理溯源系统中,由于区块链技术是一种基于分布式的系统,对于区块链中存储的数据所有节点都会进行备份,如果直接把溯源数据存储在链上,这会导致数据占用大量内存,增加溯源系统维护成本和降低系统响应速度的问题。因此提出一种链下扩展存储方案,该方案首先利用SHA-256哈希算法的单向性对明文数据进行哈希运算得到哈希值,然后采用SM2加密算法产生的私钥对哈希值进行签名,保证信息上传者身份的可靠,最后把哈希值和签名值通过智能合约保存在区块链中,明文数据和其哈希值与签名值在区块链上存储的地址则存储在数据库中。通过结合中心化存储和区块链技术各自的优势,既可以保证溯源数据不可被篡改又可以有效减少区块链网络中溯源数据所占内存的大小。最后,在所提方案的基础上,对溯源系统进行详细设计并采用以太坊区块链平台对其进行实现。     

整合ChaCha20哈希运算的分块扩散自适应图像加密算法

目的 针对数字图像网络传输安全性和混沌加密算法自适应差的问题,提出一种基于ChaCha20哈希运算的分块扩散自适应图像加密算法(BDCH)。方法 BDCH算法首先通过分段线性混沌映射(PWLCM)产生的混沌序列填充明文图像,使其成为方形图像;其次,利用初始输入密钥及明文图像总和,通过ChaCha20哈希运算生成8×8的初始哈希矩阵,并与PWLCM混沌映射生成的伪随机序列作用,联合产生哈希密钥矩阵,PWLCM的迭代初值选取为初始密钥矩阵均值、初始密钥及明文图像归一化均值;然后,利用Arnold和PWLCM映射同步置乱扩散整幅图像,并分成互不重叠的8×8大小图像块;最后,采用哈希密钥矩阵对图像块进行两轮扩散,完成图像加密。结果 灰度及彩色图像的计算机仿真与性能分析表明,BDCH算法的信息熵、峰值性噪比、密钥敏感性指标优于其他加密算法,并且解决了直接使用初始哈希矩阵会产生的弱密钥问题,密钥空间大。结论 结合同步置乱扩散和哈希密钥矩阵非线性分块扩散的BDCH算法可有效抵抗各种攻击,安全性高、自适应性强,适合各种类型的灰度及彩色图像加密,潜在应用价值大。     

标准模型下可证安全的无证书全同态加密体制

针对现有全同态加密体制普遍存在的公钥尺寸大的缺陷,结合无证书公钥加密的思想,提出一种无证书全同态加密体制设计方案,无需对公钥进行身份认证,因而有效提高密码系统的整体应用效率。体制利用满秩差分矩阵实现身份信息的嵌入,摆脱了对于哈希函数的依赖,因而在安全性证明中无需引入随机谕示假设;借助一对彼此对偶的正态分布采样函数实现部分私钥的提取,进而结合容错学习问题实例生成体制私钥;通过双重加密使服务器失去对用户密文进行解密的能力,从而杜绝密钥托管问题。体制的安全性在标准模型下归约到容错学习问题的难解性。     

A fast chaos-based image encryption scheme with a novel plain image-related swapping block permutation and block diffusion

In the paper, a fast image encryption scheme with block permutation and block diffusion is introduced. Considering the increasing size of the image, encryption process is manipulated by block, and the encryption of every block image consists of block permutation and block diffusion. A novel plain image-related swapping block permutation strategy is presented, the swapping operation of the block image is controlled by the random chaotic sequences, and the initial value and parameter of the chaotic system are produced by SHA 256 hash value of the plain image, thus our algorithm is highly sensitive to changes of the plain image. Diffusion method within the block image (DMWBI) and diffusion method between two block images (DMBTBI) are presented to effectively eliminate the correlation of adjacent pixels in the plain image. The correlated chaos is employed to enhance the relationship of chaos, and take fully use of chaotic maps. One-dimensional Logistic-Sine System (LSS) is used to generate pseudo-random sequences during the whole encryption process. Experiment results and security analysis have proved the proposed image encryption algorithm is secure and effective.     

基于明文相关的混沌映射与SHA-256算法数字图像的加密与监测

针对数字图像的传播安全性问题,以及数字图像加密脱离明文、过分依赖混沌系统的问题,提出了基于明文相关的混沌映射与SHA-256算法数字图像的加密与监测算法。算法通过使用SHA-256算法计算明文图像的哈希值,作为摘要来监测数字图像的传播;使用前向扩散、关联明文的置乱与后向扩散的方法对数字图像进行加密,Lorenz混沌映射产生相应的密码。结果表明该算法具有较好的抵抗各种攻击的能力,达到了图像传播的安全性与隐蔽性的目的。     

欧洲分组密码标准SHACAL-2算法的研究分析

由标准哈希算法SHA-2演变面来的SHACAL-2是新当选的3个欧洲分组密码标准算法中分组长度和密钥长度最长的算法,其安全强度被认为最高。提案沿袭单向哈希函数的形式来描述算法,文章以分组密码传统的规范形式刻画SHACAL-2算法的完整加密过程,指出算法扩散特性较差的缺点,给出分组密码算法加密过程与哈希算法压缩过程的对应关系,并提供了算法的详细解密过程和相应的加解密数据,为算法实现提供参照：补充了相应的轮常数;进一步研究了长分组长度和密钥长度的必要性。指出算法加解密结构不具有相似性。最后,对欧美4个分组密码标准进行了比较分析。     

一种新的基于部署知识的WSN密钥分配方案

在正六边形模型的基础上,利用素域中Blom矩阵和对称多项式的阈值及哈希密钥链的不可逆特性提出了一种新的密钥分配方案.该方案在网络部署之初建立对密钥时,同一区域中节点利用分配的哈希链中的值构造一系列Blom矩阵来建立对密钥并保证相同矩阵的个数不超过各自的阈值,不同区域中相邻节点利用随机分配的密钥构造出的多项式建立对密钥,...     

对一种基于比特置乱的超混沌图像加密算法的选择明文攻击

最近,一种基于比特置乱的超混沌图像加密算法被提出,其核心思想为:首先,用混沌序列对明文图像进行像素置乱操作;然后,根据一个随机序列中相邻两个元素的大小关系对像素进行不同的比特位置乱;最后,把经过比特置乱后的序列与另一个混沌序列进行扩散、混淆运算得到最终的密文图像,从而使明文图像达到更好的加密效果。对该加密算法进行了安全性分析,发现该算法的安全性完全依赖于3个混沌序列,通过选择明文攻击依次破解出原算法中的3个混沌随机序列,恢复出了明文图像。理论分析和实验结果验证了所选择明文攻击策略的可行性,同时对该算法进行了改进,在改进算法中混沌系统的初始值与明文图像的SHA-256哈希值有关,从而使得密钥流与明文图像相关,因此算法可以抵抗选择明文的攻击。     

基于混沌系统的对称图像加密方案

采用基于外部密钥的复合混沌系统对数字图像进行对称加密,由外部密钥产生混沌系统的初始值。复合混沌系统由2个Logistic系统构成,一个用来产生置换矩阵,对图像进行像素置换操作,另一个用来产生灰度扰乱序列。在对灰度扰乱过程中,使用基于外部密钥导出的子密钥对灰度扰乱序列进行采样。在置换过程中,通过加入置换矩阵信息,使位置置换和像素替代过程以简单有效的方式复合,提高系统的耦合性。     

密钥动态选择机制的图像加密算法

构造了一个六维离散混沌系统，并在此混沌系统的基础上设计了一个伪随机数生成器。基于该伪随机数生成器提出了一种密钥动态选择机制的图像加密方案。该加密方案采用了经典的置乱-扩散加密结构。在该加密方案中，置乱序列与明文图像的像素总和相关，而在扩散阶段的扩散密钥流是根据每个像素值动态变化的，因此算法能抵抗选择明文（密文）的攻击。解密时的密钥只是混沌系统的初始值，明文图像的像素的总和是不需要的，因此克服了“一次一密”加密方案（加密不同明文所用密钥不同）中密钥管理的难度。实验结果和安全性分析表明：该算法具有密钥空间大、密文没有明显的统计特性、密文对明文和密钥非常敏感、能够抵抗差分攻击和选择明（密）文的攻击等优点，具有良好应用前景。