Cracking a hierarchical chaotic image encryption algorithm based on permutation

TL;DR

This paper critically analyzes the security of a hierarchical chaotic image encryption algorithm, revealing its vulnerabilities to known-plaintext attacks and overestimation of its resistance to ciphertext-only attacks.

Contribution

It provides a detailed security analysis of HCIE, demonstrating its susceptibility to known-plaintext attacks and comparing its security to non-hierarchical algorithms.

Findings

Hierarchical permutation encryption is less secure than non-hierarchical methods.

Only a few known plaintexts are needed to break HCIE.

Security against ciphertext-only attack was overestimated.

Abstract

In year 2000, an efficient hierarchical chaotic image encryption (HCIE) algorithm was proposed, which divides a plain-image of size $M\times N$ with $T$ possible value levels into $K$ blocks of the same size and then operates position permutation on two levels: intra-block and inter-block. As a typical position permutation-only encryption algorithm, it has received intensive attention. The present paper analyzes specific security performance of HCIE against ciphertext-only attack and known/chosen-plaintext attack. It is found that only $O(\lceil\log_T(M\cdot N/K) \rceil)$ known/chosen plain-images are sufficient to achieve a good performance, and the computational complexity is $O(M\cdot N\cdot \lceil\log_T(M\cdot N/K) \rceil)$, which effectively demonstrates that hierarchical permutation-only image encryption algorithms are less secure than normal (i.e., non-hierarchical) ones. Detailed experiment results are given to verify the feasibility of the known-plaintext attack. In addition, it is pointed out that the security of HCIE against ciphertext-only attack was much overestimated.