Selective Image Encryption in Fractional Wavelet Domain
Selective Image Encryption in Fractional Wavelet Domain
a r t i c l e i n f o a b s t r a c t
Article history: Fractional wavelet domain inherits the virtues of wavelet and fractional domain, to provide improved
Received 23 September 2009 security. Non-consideration of data significance and emphasising on fractional order for the entire secu-
Accepted 5 April 2010 rity consumes high computational resources without any proportional effect on the security. This article
proposes an efficient selective encryption in fractional wavelet domain that encrypts only significant
Keywords: subbands using a chaotic stream cipher. Relationship between normalized information energy and per-
Arnold cat map
ceptual information of a subband is utilized to select the significant subbands. Thorough performance
Fractional wavelet transform
and security analysis reflects better perceptual and cryptographic security with less computational time.
Normalized information energy
Selective encryption
© 2010 Elsevier GmbH. All rights reserved.
1. Introduction improved security. This offers the fractional order as an extra key, in
addition to the keys offered by any wavelet domain based encryp-
Advancement in communication and networking has led to tion technique.
numerous image applications in day-to-day life. With an increase in Chen and Zhao [10] proposed image encryption in fractional
transmission and distribution of digital image data through open- wavelet transform (FRWT) domain, where fractional order of
natured wired or wireless IP networks, piracy operations have also FRFT and scaling factor of WT are used as the potential keys.
increased. To restrain these activities, security of digital data is However, considering the fractional order as the only encryp-
required at different stages of data archival, transmission and dis- tion key does not provide cryptographic security. This yields a
tribution. small key space, (0 − 2), due to the periodic property of frac-
Encryption is considered as the first line of defence in digital tional order, F 0 [f (t)] = F 2 [f (t)] = f (t). Due to this limited key
rights management security solutions. This provides data confiden- space, an approximate image can be obtained if the assumed frac-
tiality and consequently prevents illegal copying and distribution tional order is in proximity of the correct fractional order. This
of valuable data. Application specific total or selective encryption makes the encryption technique vulnerable to various cryptana-
techniques have been developed in different domains, with a major lytic attacks.
thrust on selective encryption that trade security for computational The attained security level is improved upon by encryption of
efficiency by encrypting only the most important part of multime- randomly selected subbands [11]. This consumes more compu-
dia data [1]. tational resources without any proportional improvement in the
As data significance can easily be determined in transforma- security level achieved by the encryption technique. This is due to
tion domain, it is a preferable domain for selective encryption of the fact that random selection of subbands may not always lead to
digital images. Several discrete cosine transform (DCT) domain significant subband selection.
and wavelet transform (WT) domain based encryption techniques Despite the superiority of fractional combined domain, initial
have been proposed that permutes or encrypts selected coefficients attempts of image encryption in this domain had issues relating
[2–4]. In addition to these well established domains, recent years to security keys, key space, perceptual degradation, etc. [11]. This
have also witnessed fractional Fourier transform (FRFT) domain as necessitates the development of an efficient and improved selective
a potential transformation domain for encryption [5–7]. encryption technique, that would overcome the limitations of the
Efforts have been made to integrate FRFT domain with wavelet existing techniques.
or wavelet packet domain [8,9]. This fractional combined domain This article develops a simple, yet efficient selective encryption
inherits the virtues of wavelet and fractional domain to provide technique that considers fractional order as a part of the key struc-
ture and not the entire security key. Chaos based Arnold cat map
is utilized to achieve data confidentiality, and at the same time, to
∗ Corresponding author. increase the effective key space. The subband selection has also
E-mail address: [email protected] (N. Taneja). been done on the basis of data significance, as opposed to ran-
1434-8411/$ – see front matter © 2010 Elsevier GmbH. All rights reserved.
doi:10.1016/j.aeue.2010.04.011
N. Taneja et al. / Int. J. Electron. Commun. (AEÜ) 65 (2011) 338–344 339
dom selection. Extensive experimental and comparative analysis formation matrix A is 1, the map is area preserving by nature.
ascertains the efficacy of the proposed technique. Iterated actions of A on a pixel form a dynamic system:
With each iteration of the Arnold cat map, the pixel value shifts
The proposed technique encrypts only few subbands selected on
to a new position. This results into a completely distorted matrix
the basis of their normalized information energy. The preliminaries
after a few iterations. Thus, making Arnold cat map, a preferable
for the selection and encryption of subbands in fractional wavelet
choice for image scrambling.
packet domain is discussed hence.
FRWT is a realization of the wavelet transform in FRFT domain The present section proposes a FRWT domain based encryption
[12,13]. FRFT has a unique property of describing the informa- technique. The schematic diagram of the proposed technique is
tion of spatial and frequency domain, due to the rotation of illustrated in Fig. 1, and the step-by-step procedure is explained
time–frequency plane over an arbitrary angle. In contrast, wavelet hereafter.
transform has a multiresolution property. A combination of these
two domains result into FRWT, that exhibits multiresolution 1. Perform ˛-order, l-level FRWT decomposition of the input
property, describing the spatial as well as frequency domain infor- image. Denote the various subbands as fl , where, 1 < l ≤ n,
mation. ∈ {A, H, V, D}.
The mathematical representation for the FRWT of a one- 2. Calculate NIE of each subband and the entire transformed image
dimensional function f (t), having a fractional order 0 < ˛ < 2, is using Eq. (2). Denote these energies as El and Etotal , respectively.
given as follows: El denotes the energy of the subband fl , and Etotal denotes the
∞
total energy of the image.
W˛ (u, s, ) = F ˛ [f (t)](x)e−jux 3. To identify the significant subbands, set the threshold energy as
s, (x)dx (1)
Eth = Q × Etotal , where Q is the user-defined threshold factor and
−∞ 0 ≤ Q ≤ 1.
where s, , and denote the dilation parameter, translation param- 4. Identify the significant subbands by comparing the subband
eter, and the mother wavelet function, respectively. As compared energy with the threshold energy.
to wavelet domain, FRWT domain provides better encryption effi- 5. For a particular subband, if El < Eth , mark it as insignificant, and
ciency [11]. leave it unencrypted.
6. For a significant subband, i.e. El ≥ Eth , encrypt it as follows:
2.2. Normalized information energy
(a) Scramble the subband using n-iterations of the Arnold cat map.
Normalized information energy (NIE), for different subbands, in (b) Generate a random binary matrix B using a seed value b. The
a transformed image is expressed as follows: size of B is same as that of the scrambled subband.
M1 M2
(c) XOR the sign bits of the coefficients in the scrambled sub-
1
2 band with the matrix B. This only modifies the sign bit of the
El = xi,j (2)
M1 × M2 coefficients and does not disturb their magnitude. This is math-
i=1 j=1
The reverse process is applied at the receiver to decrypt the To evaluate the PSNR values, all parameters of the security key,
image. To perform decryption, the encrypted image and the secu- except the fractional order, are kept constant. This is performed to
rity keys are required at the receiver end. As it is a symmetric key observe the effect of fractional order on the encrypted output. The
cryptosystem, the encryption and decryption keys are same, and obtained PSNR values are indicated in Table 1. As PSNR of 28 dB is
expressed as (key: Q, ˛, n, b), where these four parameters denote the minimum threshold for perceptual similarity between any two
the threshold factor, fractional order, Arnold iterations and the seed images, the obtained PSNR values are compared with this value. It is
value, respectively. observed that the PSNR obtained for the test images, at all fractional
The encrypted image is first transformed into FRWT domain and orders, is less than 11 dB. This is well within the satisfactory limit.
subbands for the decryption process are selected using the same High perceptual degradation and low PSNR values obtained for the
NIE criterion. Sign bit decryption followed by arnold descrambling proposed technique reflects the satisfaction of the objective and
of selected subbands is performed. Inverse FRWT is then performed subjective evaluation metrics.
to retrieve the original image.
If correct keys are employed at the time of decryption, then 4.2. Statistical attack analysis
the decrypted image would be a replica of the original image. In
the case of an incorrect decryption key, the output may vary. The This attack is launched by exploiting the predictable relation-
next section analyzes the effect of key-sensitivity of the proposed ship between data segments of the original and the encrypted
technique. It also evaluates the performance and security of the image [16]. Histogram of an image reflects the distribution of pix-
proposed technique for different attack scenarios. els at different gray levels. Hence, this is analyzed to investigate the
existence of any relationship between the image-pair.
Histogram for the original and the encrypted image is indicated
4. Results and discussion in Fig. 3. A significant change in the gray level distribution of pixels
illustrates non-existent correlation between the two images. This
To assess the performance of the proposed technique, extensive does not leave enough scope to launch a statistical attack on the
analysis is performed on various grayscale images, using different proposed technique.
combinations of the security key. The values so obtained are an
indicative measure of the performance and security level attained
4.3. Key sensitivity analysis
by the proposed technique. For experimental purposes, the key
structure (Q, ˛, n, b) is fixed at (0.65, 1, 15, 6345921). Discussion A highly key sensitive encryption algorithm protects the
and conclusion are based on the analysis of numerous test images, encrypted data against various cryptanalytic attacks. While devel-
however visual results for only two images are shown here. In the oping a cryptosystem, it is assumed that an intruder knows the
entire analysis, the original image and its corresponding encrypted encryption structure and a-priori probability of the used key k ∈ K.
image are referred to as an ‘image-pair’. As per the Kerckhoff’s principle, only secrecy of the used key is
required. Even a strong or well designed cryptosystem can be bro-
4.1. Perceptual security and peak signal to noise ratio ken easily if the key is poorly chosen or the key space is too small.
This makes the encryption or decryption key as the most important
Subjective evaluation of the encrypted images is performed part of any cryptosystem. Thus, a good cryptosystem should satisfy
to assess the amount of information leakage. Fig. 2 shows the the following two conditions to verify the key sensitivity and key
encrypted output for the two test images, ‘Huts’ and ‘Mandril’. It space:
is observed that the obtained images are completely unintelligible,
and do not reveal any information about the original image. The • The key space should be discretized in such a way that two cipher-
degradation introduced is also objectively evaluated using PSNR texts encrypted by two slightly different keys k1 , k2 ∈ K should
[16]. be completely different.
Table 1
PSNR obtained for proposed technique.
Fr. order Crowd Barbara Lena Mandril Pillars Butterfly Alonehut Peppers
Table 2
Edge ratio and edge deviation ratio for test images encrypted with key 1.
ascertains and validates the high perceptual security attained by [2] Tang L. Methods for encrypting and decrypting MPEG video data efficiently. In:
the proposed technique. Proc. of the int. multimedia conf., Boston, MA, November. 1996. p. 219–30.
[3] Torrubia A, Mora F. Perceptual cryptography on MPEG layer III bit-streams. IEEE
Trans Consumer Electron 2002;48(4):1046–50.
5. Comparative analysis [4] Lian S, Sun J, Wang Z. A novel image encryption scheme based on JPEG encoding.
In: Proc. of the 8th IEEE int. conf. inform. visualisation, London, UK, July. 2004.
p. 217–20.
This section presents a comparative analysis of the proposed [5] Xin Y, Tao R, Wang Y. Image encryption on a novel reality-preserving fractional
technique with other FRWT and FRWPT based encryption tech- Fourier transform. Proc. of the int. conf. innovation computing, inform. and
niques. Chen and Zhao [10] have suggested the use of fractional control, Beijing, September. 2006. p. 22–5.
[6] Liu Z, Da J, Sun X, Liu S. Triple image encryption scheme in fractional Fourier
order and scaling factor, as the keys to provide complete security. transform domains. Opt Commun 2009;282(4):518–22.
This offers less security and small key space, due to the periodic- [7] Joshi M, Shakher C, Singh K. Logarithms-based RGB image encryption
ity property of fractional order. The limited key space makes the in the fractional Fourier domain: a non-linear approach. Opt Lasers Eng
2009;47(6):721–7.
encryption technique vulnerable to various cryptanalytic attacks.
[8] Mendlovic D, Zalevsky Z, Mas D, Garcya J, Ferreira C. Fractional wavelet trans-
As compared to this, the proposed technique employs fractional form. Appl Opt 1997;36(20):4801–6.
order, Arnold iterations and seed value, as the different components [9] Huang Y, Suter B. The fractional wave packet transform. Multidimensional Syst
Signal Process 1998;9(4):399–402.
of the security key. This yields a large key space. The large key space,
[10] Chen L, Zhao D. Optical image encryption based on fractional wavelet trans-
combined with the high key sensitivity, makes the proposed tech- form. Opt Commun 2005;254:361–7.
nique resistant against various cryptanalytic attacks (demonstrated [11] Chen L, Zhao D. Image encryption with fractional wavelet packet method. Opt
in Section 4). Int J Light Electron Opt 2008;119(6):286–91.
[12] Wickerhauser M. Adapted wavelet analysis from theory to software. A.K. Peters
In another technique introduced by Chen and Zhao [11], Wellesley; 1994.
randomly selected subbands are encrypted to achieve data confi- [13] Tao R, Qi L, Wang Y. Theory and applications of the fractional Fourier transform.
dentiality. However, it is demonstrated in Section 4.6, that random Beijing: THU Press; 2004.
[14] Taneja N, Raman B, Gupta I. Security solutions for still visual data. Ph.D. Thesis.
selection of subbands is not an appropriate approach. The randomly Indian Institute of Technology Roorkee, India.
selected subbands may not always lead to selection of significant [15] G. Peterson, Arnold’s cat map, 1997. Available from:
subbands. Hence, this does not ensure perceptual security in all http:online.redwoods.cc.ca.us/instruct/darnold/maw/catmap3.htm.
[16] Marion A. An introduction to image processing. London: Chapman and Hall;
encryption rounds (Fig. 8: 1st–3rd columns). The proposed tech- 1991.
nique, however, selects subbands on the basis of their NIE content. [17] Schneier B. Applied cryptography, second edition: protocols, algorithms and
Encryption of selected significant subbands yields perceptually source code in C. New York: Wiley Publications; 1996.
[18] Mao Y, Wu M. A joint signal processing and cryptographic approach to multi-
secure output in every encryption cycle (Fig. 8: 4th column).
media encryption. IEEE Trans Image Process 2006;15(7):2061–75.
Further, the technique introduced in [11] exhibits low key [19] Taneja N, Raman B, Gupta I. Chaos based partial encryption of SPIHT compressed
sensitivity. Details of the original image are visible, even when images. Int J Wavelets, Multiresolution and Information Processing; in press.
decryption is performed using an incorrect key [11]. However, the
proposed technique overcomes this weakness, and demonstrates Nidhi Taneja received her B.E. degree in Electronics &
Communication and M.Tech degree in Digital Communi-
that decryption with a slightly different security key does not reveal cation in 2001 and 2006, respectively. At present, she is
any information of the original image (Fig. 5: 1st–3rd columns). pursuing her Ph.D. in Department of Electrical Engineering
This proves an improvement by the proposed technique, over the at Indian Institute of Technology Roorkee, India. Her area
of interest includes Wireless Communication, Multime-
existing fractional combined domain based encryption techniques. dia Transmission over Packet Networks, Image Encryption
and Visual Cryptography.
6. Conclusion