梁颖,张绍武(西北工业大学自动化学院, 信息融合技术教育部重点实验室, 西安 710072)
目的 针对基于位平面信息量分布的选择性加密算法安全性不高、像素置换加密算法不能很好抵抗统计攻击问题，提出一种基于位级同步置乱扩散和像素级环形扩散的图像加密算法（BSPDPAD算法），提高图像加密效率和安全性。方法 BSPDPAD算法首先通过分段线性混沌映射产生两组混沌序列，其中一组混沌序列对图像进行随机分块，另一组混沌序列分解到位平面构成位级密钥流；然后，将各像素块分解到位平面，利用位级密钥流同步置乱扩散高位平面、置乱低位平面，实现位平面上块内置乱扩散及块间扩散；最后，再次迭代分段线性混沌映射产生新的密钥流，利用该密钥流对经过位级加密的中间密文图像进行横向顺序扩散和纵向逆序扩散，完成图像加密。结果 灰度图像及彩色图像上的计算机仿真实验与性能分析表明：BSPDPAD算法密钥空间大于2100，信息熵接近于8，密文图像直方图趋近于均匀分布；与其他加密算法相比，BSPDPAD算法密文图像相邻像素相关性系数绝对值减小约12数量级，像素变化率和归一化平均强度明显提高，说明BSPDPAD算法在密钥、明文敏感性、抵抗多种攻击能力等性能上优于其他加密算法，且算法扩散效果好，仅一轮加密就能获得较理想的加密效果。结论 将位级选择性加密与像素级环形扩散相结合的BSPDPAD算法可有效抵抗各种攻击，安全性高，适合各种类型的灰度及彩色图像加密，潜在应用价值大。
Image encryption algorithm based on bit-level synchronous permutation diffusion and pixel-level annular diffusion
Liang Ying,Zhang Shaowu(Key Laboratory of Information Fusion Technology of Ministry of Education,, School of Automation, NorthwestPolytechnical University, Xi'an 710072, China)
Objective With the rapid development and popularity of the Internet and information technologies, computers and mobile phones have become an important part of the daily lives of people. Through these electronic devices, a large number of pictures that may contain private information are transmitted and stored. Image information security is becoming increasingly important. However, the use of traditional encryption algorithms (e.g., data encryption standard, advanced encryption standard, and international data encryption algorithm) to encrypt images will result in low efficiency and poor security because of the data size and high redundancy among the pixels of digital images. An effective approach to deal with this issue is to develop secure and effective digital image encryption algorithms. The existing image algorithms can be categorized into pixel-permutation-based, chaotic-system-based, and bitplane-based methods. The image encryption algorithms of the pixel-permutation-based method change the pixel position to destroy adjacent pixel dependencies by performing the permutation operation on the pixel matrix, thereby generating noise-like and meaningless cipher images. However, only the encryption algorithms that use pixel permutation have weak resistance to statistical attacks and poor security. The image encryption algorithms of the chaotic-system-based method take advantage of the excellent intrinsic properties of a chaotic sequence, such as ergodicity, pseudorandomness, and sensitivity to initial conditional and control parameters, to enable diffusion and confusion encryption. These methods have a large key space, strong keystream adaptivity, and high security and often combine with other encryption methods to achieve effective image encryption. The image encryption algorithms of the bitplane-based method decompose the pixels into bit levels, implementing the permutation and diffusion operations on the bitplanes. Bitplane matrix transformation, selective encryption based on bitplane information distribution, and integrating bit-level encryption with pixel-level encryption are the typical bitplane encryption algorithms. The bitplane encryption operation can enhance the sensitivity of the algorithm to small changes in the original image, thus improving the capability to resist differential attack. Moreover, the bitplane permutation operation can change the position and value of a pixel simultaneously, thereby reducing the computational complexity of the image encryption algorithm. Most bitplane encryption algorithms have desirable encryption performance with only one round. Therefore, a novel image encryption algorithm with the bit-level synchronous permutation diffusion and pixel-level annular diffusion (called BSPDPAD) was proposed in this study to improve image encryption efficiency and security to solve the security problem of the selective encryption algorithms with the bitplane information distribution, the statistical attack problem of pixel permutation encryption algorithms, and the problem of sequential diffusion producing stop point mechanism and nonuniform plaintext sensitivity effectively. Method BSPDPAD uses the chaotic sequence generated by the piecewise linear chaotic map (PWLCM) to construct bit-level and pixel-level keystreams and simultaneously encrypts the image at the bit and pixel levels. At the bit-level encryption stage, BSPDPAD first generates two sets of chaotic sequences by iteratively executing the PWLCM. One set is used to block an image randomly, and the other set is decomposed into bitplanes to obtain the binary keystream sequences. For the four lower bitplanes that contain few information, only the circular shift operation is performed on them. However, for the four higher bitplanes that contain abundant information, exclusive disjunction of the binary elements of the four higher bitplanes with the binary elements of the four lower bitplanes and bit-level keystream is necessary in addition to the cyclic shift operation. Thus, BSPDPAD synchronously permutes and diffuses the four higher bitplanes with the binary keystream sequences and permutes the four lower bitplanes to achieve intra-block and inter-block diffusion. At the pixel-level encryption stage, BSPDPAD iterates the PWLCM again to generate a new keystream. We use the new keystream to perform horizontal sequential diffusion and vertical inversion diffusion of the intermediate encryption image, which completely underwent the bit-level encryption operation, thereby avoiding the problem of stop point mechanism and nonuniform plaintext sensitivity. In addition, the initial value of the PWLCM is modified according to the plain image information at the bit-level and pixel-level encryption stages to enhance the adaptation and the plaintext sensitivity of BSPDPAD. Result Simulation experiments on several gray-scale images and color images show that the key space of BSPDPAD is more than 2100, indicating that the BSPDPAD algorithm can effectively resist the exhaustive attack. The histogram of the cipher image tends to be evenly distributed, which can cover the distribution of image pixels well and ensure that the algorithm is effective against statistical attack and known cipher attack. The absolute value of the adjacent pixel correlation coefficient of the cipher image encrypted by the BSPDPAD is lower than that of the plaintext image and that of similar encryption algorithms. The entropy of the BSPDPAD ciphering image is close to the theoretical value of 8. Therefore, BSPDPAD has a strong capability to resist entropy attack. The key sensitivity analysis shows that BSPDPAD has satisfactory key sensitivity in the encryption and decryption phases. BSPDPAD also has high NPCR and UACI values, thereby indicating that BSPDPAD has strong plaintext sensitivity and high capability to resist differential attack. Moreover, color image encryption experiments show that BSPDPAD is also suitable for color image encryption, and its encryption performance is excellent. In summary, BSPDPAD is superior to other state-of-the-art encryption algorithms in terms of correlation, information entropy, key space, sensitivity, and capacity to resist multiple attacks. In addition, BSPDPAD has a better diffusion effect, which can obtain excellent encryption performance with only one round of encryption. Conclusion By integrating bit-level selective encryption and pixel-level annular diffusion, BSPDPAD can effectively resist various attacks and exhibit high security. Therefore, BSPDPAD is suitable for all kinds of grayscale and color images and has a large potential application value in the image encryption field.