On the Security of Permutation-Only Image Encryption Schemes and Steganography

An encryption process which is a commonly used primitive in multimedia for both images and videos is permutation scheme, and many permutation-only algorithms have been proposed in recent years for the protection of multimedia data. The image matrix entries in permutation-only image ciphers are scrambled using a pseudo-random number generated permutation mapping matrix. The literature survey done on the cryptanalysis of the image ciphers in the previous works indicates that the permutation-only image ciphers are prone to cipher text-only attacks and/or known/chosen-plaintext attacks. Steganography is a type of hidden communication in which a file, message, image, or video is concealed within another file, message, image, or video. The previous works on cryptanalysis of permutation-only image encryption schemes were studied in this paper and the cryptanalysis performed on chosen-plaintext attacks were made more efficient and along with this a steganographic process is done to hide text data as well. It was proved that in all permutation-only image ciphers, nevertheless of the cipher structure, the exact permutation mapping is recovered completely by a chosen-plaintext attack. A chosen-plaintext attack is introduced in this paper that determines the exact plaintext elements perfectly using a deterministic method. When the plain-images are of size M N and with L different color potency, the number n of chosen plain-images required for breaking the permutation-only image encryption algorithm is n = [log_L (M N)]. The complexity of the proposed attack is small as permutation is used and hence the consumption time is also small. To endorse the performance of the proposed chosen-plaintext attack, an experiment was performed on a recently proposed permutation-only image/video ciphers. Both the theoretical and the experimental results exhibited that the proposed attack surpasses the state-of-the art cryptanalytic methods. The steganographic step provides an additional security to the overall system.