Security analysis of an audio data encryption scheme based on key chaining and DNA encoding

TL;DR

This paper critically analyzes a recent audio encryption scheme based on DNA encoding and key chaining, revealing it is highly vulnerable to chosen plaintext and ciphertext attacks, thus unsuitable for secure applications.

Contribution

The paper provides a cryptanalysis demonstrating the scheme's weaknesses and offers lessons for future secure design of DNA-based encryption methods.

Findings

The scheme is vulnerable to chosen plaintext and ciphertext attacks.

Two plaintexts of 32 bytes can recover the encryption key.

Repeated encryption can recover the original plaintext.

Abstract

Fairly recently, a new encryption scheme for audio data encryption has been proposed by Naskar, P.K., et al. The cryptosystem is based on substitution-permutation encryption structure using DNA encoding at the substitution stage, in which the key generation is based on a key chaining algorithm that generates new key block for every plain block using a logistic chaotic map. After some several statistical tests done by the authors of the scheme, they claimed that their cryptosystem is robust and can resist conventional cryptanalysis attacks. Negatively, in this paper we show the opposite: the scheme is extremely weak against chosen ciphertext and plaintext attacks thus only two chosen plaintexts of 32 byte size are sufficient to recover the equivalent key used for encryption. The cryptosystem's shuffling process design is vulnerable which allow us recovering the unknown original plaintext by applying repeated encryptions. Our study proves that the scheme is extremely weak and should not be used for any information security or cryptographic concern. Lessons learned from this cryptanalytic paper are then outlined in order to be considered in further designs and proposals.