Cryptanalysis of a Chaotic Neural Network Based Multimedia Encryption Scheme Chengqing Li a, Shujun Li b, Dan Zhang a and Guanrong Chen b a Zhejiang University, Hangzhou, China b City University of Hong Kong, HK, China

3 December 2004PCM 2004, Tokyo, Japan 2 Abstract  This research points out some security problems with a recently-proposed multimedia encryption scheme based on chaotic neural networks [1-5]. –It can be broken in known/chosen-plaintext attacks, with only one known/chosen plain-image. A mask image can be derived as the equivalent key. The secret key itself can be broken with a small complexity. –The security against brute-force attack was over-estimated.

3 December 2004PCM 2004, Tokyo, Japan 3 References 1. Yen, J.C., Guo, J.I.: A chaotic neural network for signal encryption/decryption and its VLSI architecture. In: Proc. 10th VLSI Design/CAD Symposium. (1999) 319– Su, S., Lin, A., Yen, J.C.: Design and realization of a new chaotic neural encryption/decryption network. In: Proc. APCCAS. (2000) 335– Yen, J.C., Guo, J.I.: The design and realization of a chaotic neural signal security system. Pattern Recognition and Image Analysis 12 (2002) 70–79 4. Lian, S., Chen, G., Cheung, A., Wang, Z.: A chaotic-neural-network- based encryption algorithm for JPEG2000 encoded images. In: Proc. ISNN 2004-II. LNCS 3174 (2004) 627– Lian, S., Sun J., Li Z., Wang, Z.: A Fast MPEG4 Video Encryption Scheme Based on Chaotic Neural Network. In: Proc. ICONIP LNCS 3316 (2004)

3 December 2004PCM 2004, Tokyo, Japan 4 The CNN-Based Cipher (1)  Given the chaotic logistic map f(x)=μx(1-x), the secret key is μ and the initial condition x(0).  Generate a secret pseudo-random bit sequence (PRBS) by iterating the logistic map from x(0): {b i }, i=0,…  Use the PRBS to control the 64 weights {w ji = ±1} and the 8 biases {θ i = ±1/2} (i, j=0~7) of a neural network and encrypt the plaintext as follows: Here, d i (n) and d’ i (n) denote the i-th bits of the n-th plain-byte and the n-th cipher-byte, respectively.

3 December 2004PCM 2004, Tokyo, Japan 5 The CNN-Based Cipher (2)  The CNN-based cipher can be simplified to the following form:  So, the CNN-based cipher is actually a simple stream cipher based on a chaotic PRBS.  This cipher was initially proposed in [1-3] for image and video encryption, and then employed in [4,5] for encrypting JPEG2000 images and MPEG-4 videos.

3 December 2004PCM 2004, Tokyo, Japan 6 Brute-Force Attack  The original claims in [1-3]: –the attack complexity is O(2 8M ), when there are M plain bytes for encryption.  Our results in this work: –the attack complexity is only O(2 2L M), when there are M plain bytes for encryption and the finite precision of the system is L; –in [1-3], L=8, which is too small to provide a sufficiently high security level.

3 December 2004PCM 2004, Tokyo, Japan 7 Known/Chosen-Plaintext Attack The requirement: one known/chosen plain signal f and the corresponding cipher signal f’.  Get a mask signal from f and f’: f m = f  f’, which can be used to (partially) decrypt other cipher signals encrypted with the same secret key. –The short cycle of the chaotic PRBS makes it possible to completely recover other cipher signals.  Break the sub-key μ and a chaotic state x(i) from f m. Then, all bytes in any cipher signals can be recovered.

3 December 2004PCM 2004, Tokyo, Japan 8 Known/Chosen-Plaintext Attack – Experiments (1)

3 December 2004PCM 2004, Tokyo, Japan 9 Known/Chosen-Plaintext Attack - Experiments (2)

3 December 2004PCM 2004, Tokyo, Japan 10 Known/Chosen-Plaintext Attack - Experiments (3)