Paper 2023/1031

Security Analysis of a Color Image Encryption Scheme Based on a Fractional‑Order Hyperchaotic System

George Teseleanu
Abstract

In 2022, Hosny et al. introduce an image encryption scheme that employs a fractional-order chaotic system. Their approach uses the hyper-chaotic system to generate the system's main parameter, namely a secret permutation which is dependent on the size and the sum of the pixels of the source image. According to the authors, their scheme offers adequate security (i.e. $498$ bits) for transmitting color images over unsecured channels. Nevertheless, in this paper we show that the scheme's security is independent on the secret parameters used to initialize the hyper-chaotic system. More precisely, we provide a brute-force attack whose complexity is $\mathcal O(2^{10.57}(WH)^3)$ and needs $2^{9.57}WH$ oracle queries, where $W$ and $H$ are the width and the height of the encrypted image. For example, for an image of size $4000 \times 3000$ ($12$ megapixels image) we obtain a security margin of $81.11$ bits, which is six times lower than the claimed bound. To achieve this result, we present two cryptanalytic attacks, namely a chosen plaintext attack and a chosen ciphertext attack.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. ICISSP 2025
Keywords
image encryptioncryptanalysischaos based encryption
Contact author(s)
george teseleanu @ yahoo com
History
2024-12-23: last of 5 revisions
2023-07-03: received
See all versions
Short URL
https://ia.cr/2023/1031
License
Creative Commons Attribution-NonCommercial-ShareAlike
CC BY-NC-SA

BibTeX

@misc{cryptoeprint:2023/1031,
      author = {George Teseleanu},
      title = {Security Analysis of a Color Image Encryption Scheme Based on a Fractional‑Order Hyperchaotic System},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1031},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1031}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.