A no-key-exchange secure image sharing scheme based on Shamir’s three-pass cryptography protocol and the multiple-parameter fractional Fourier transform

Jun Lang

doi:10.1364/OE.20.002386

1. Introduction

Due to the development of Internet and the increasing requirement for image transmission, information encryption and secure communication are becoming more and more important in nowadays. Image encryption by use of optical systems has received increasing attention recently, because of their distinct advantages of processing two-dimensional complex data in parallel and at high speed. In the past decade, a number of new approaches are proposed and demonstrated with optical implementations [1–11]. Among them, the most widely used and highly successful method is the double random phase encoding (DRP) scheme in Fourier domain [1], and moreover, in the fractional Fourier transform (FRFT) domain [2], in which the original image is encrypted into stationary white noise. In this method, two random phase masks are used in the input and the Fourier or FRFT plane. Phase of these random phase masks are uniformly distributed in the interval [0, $2 π$ ] and the second random phase mask is the main encryption key. Liu et al [3] developed this work by cascading the random phase filtering operation in the fractional Fourier domain to enlarge the key space. Recently, Liu et al present two novel algorithms for sharing and hiding secret image based on the combination theory [12] or the discrete fractional random transform (DFRNT) [13]. The secret image is firstly encoded by matrix multiplications or encrypted in the DFRNT domain together with some noise images as the encryption keys to increase the security, and then the cipher text is shared into many shadow images by multiplying binary random sampling matrices. Yang and Huang construct a k out of n scalable secret image sharing scheme [14], and Islam et al [15] present a new approach for sharing images between players by exploiting the additive and multiplicative homomorphic properties of two well-known public key cryptosystems, i.e. RSA and Paillier. Furthermore, although powerful, all of these methods need encryption keys distribution between users in advance and their security relies on the difficulty or infeasibility of computation to find the plain text through enlarging the key space. The classical cryptography is losing security more and more as the computational power is increased by technical innovations. Therefore, unconditionally secure cryptography has been expected eagerly. According to Kerckhoffs' principle [16], the security of any cryptography algorithm depends crucially on keeping encryption key secret. In the case of symmetric cryptographic algorithm the key exchange or distribution was necessary and the assurance of key exchange security would not be a trivial issue in the network environment. Therefore, key distribution between users through channels is a potential risk for the security system. Shamir's three-pass protocol [16] is an interesting no-key protocol which can establish secure communication with no-key-exchange beforehand in the cost of passing the encrypted information three times between users. The key technique of this protocol is that the encryption function must be commutative. Shamir and other researchers [16, 17] described algorithms that will work with this protocol based on one-time pads, large prime decomposition and quantum mechanics. For the first time, we find that the index additive property of the fractional Fourier transform can also be employed to implement Shamir's three-pass protocol, which means one can use simple optical device to establish no-key-exchange secure communication. In this paper, we propose a novel no-key-exchange scheme for secure data communication by implementing the encrypting function of Shamir’s three-pass protocol via the multiple-parameter fractional Fourier transform, which has extra parameters provided by periodicity and vector parameters to enhance the security of information. Simulations are performed to verify the validity of the proposed method.

The remaining sections of this paper are organized as follows. Section 2 briefly reviews Shamir's three-pass cryptography protocol. The proposed no-key-exchange secure image sharing scheme and the numerical simulation results are shown in detail in Section 3. Conclusions are stated in section 4.

2. Shamir's three-pass cryptography protocol

One of the most interesting cryptographic protocols is Shamir’s three-pass protocol [16], which shows that secrecy can be obtained with no advance distribution of either secret keys or public keys. The protocol assumes two users connected by a link (such as a seamless optical fiber) that guarantees that the enemy cannot insert or tamper with messages but allows the enemy to read all messages sent over the link. The users are assumed to have a secret-key cipher system whose encrypting function $E_{k} (•)$ has the commutative property, that is, for all plaintexts X and all keys $k_{1}$ and $k_{2}$ ,

E_{k_{1}} (E_{k_{2}} (X)) = E_{k_{2}} (E_{k_{1}} (X))

i.e., the result of a double encryption is the same whether one uses first the key

k_{1}

and then the key

k_{2}

or vice versa.

Shamir’s Three Pass Protocol illustrated in Fig. 1 can be described as follows:

Fig. 1 Illustration of Shamir’s three-pass protocol for secrecy sharing.

Download Full Size | PDF

1) Users Alice and Bob randomly choose their own private secret keys, $k_{A}$ and $k_{B}$ , respectively.
2) When user Alice wishes to send a secret message X to user Bob, she encrypts X with her own key $k_{A}$ , and then sends the resulting cryptogram $C_{1} = E_{k_{A}} (X)$ to user Bob.
3) User Bob, upon receipt of $C_{1}$ , treats $C_{1}$ as plaintext and encrypts $C_{1}$ with his own key $k_{B}$ . He sends the resulting cryptogram $C_{2} = E_{k_{B}} (C_{1}) = E_{k_{B}} (E_{k_{A}} (X))$ back to user Alice.
4) User Alice, upon receipt of $C_{2}$ , decrypts $C_{2}$ with her own key $k_{A}$ . Because of the commutative property (Eq. (1)), this removes the former encryption by $k_{A}$ and results in $C_{3} = E_{k_{A}}^{- 1} (E_{k_{B}} (E_{k_{A}} (X))) = E_{k_{A}}^{- 1} (E_{k_{A}} (E_{k_{B}} (X))) = E_{k_{B}} (X)$ . Then user Alice sends cryptogram $C_{3}$ back to user Bob.
5) User Bob, upon receipt of $C_{3}$ , decrypts $C_{3}$ with his own key $k_{B}$ to obtain the message X that Alice has successfully sent to him.

In short, the message is delivered in a box securely to a receiver using two padlocks without sharing keys to open the locks.

3. The proposed no-key-exchange secure image sharing scheme

As a generalization of the ordinary Fourier transform, the fractional Fourier transform (FRFT) has been used for optical information processing [18]. It is generally agreed that a FRFT operator $ℱ^{α}$ should be continuous for all real values $α$ , be reduced to an ordinary Fourier transform when $α$ is a specific integer, and satisfy the following index additive property

ℱ^{α} ℱ^{β} = ℱ^{α + β} = ℱ^{β} ℱ^{α}

which means that all FRFT operators

ℱ^{α}

intrinsically satisfy the commutative property. Therefore, any FRFT operators can be directly used as the encrypting function

E_{k} (•)

to implement Shamir’s three-pass protocol. Since the conventional fractional Fourier transform has only one free parameter (fractional order

α

), information directly encrypted by the conventional FRFT spectrum is unsafe. We need a generalized FRFT

ℱ^{α}

which possess more parameters to enlarge the key space.

3.1 Image sharing based on the multiple-parameter fractional Fourier transform

From the mathematical viewpoint, the fractional Fourier transform has multiplicity, i.e. it has different kinds of mathematical definition, which is intrinsic in a fractional operator. Lang et al [19, 20] proposed a generalized fractional Fourier transform, the multiple-parameter fractional Fourier transform (MPFRFT), which maintains all of the desired properties of FRFT meanwhile possesses periodicity parameter M and a M-dimensional integral vector parameter $N \in ℤ^{M}$ . And then they exploit its multiple-parameter feature for optical image encryption directly by the MPFRFT spectrum without the use of phase keys [9, 20] (they [20] also correct a mistake in the derivation of weighted coefficients of MPFRFT in Ref. 9, which may result in deficiencies of the cryptography based on MPFRFT [10]). They also evaluated the sensitivity of various encryption keys in the MPFRFT method and compared with several existing methods [2–5]. Simulation results all demonstrated that the proposed MPFRFT method is reliable and superior in the sensitivity to decryption parameter errors, due to periodicity and vector parameter enlarge the encryption key space. An optoelectronic hybrid setup with an iterative mechanism is also suggested to implement MPFRFT [9].

Based on these prior works, we attempt to present a novel implementation of Shamir’s three-pass protocol by utilizing the additive property and the multiple-parameter feature of MPFRFT as the encrypting function $E_{k} (•)$ . The MPFRFT has more parameters to enlarge the key space in order to enhance the safety of information, and its optical setup can be directly employed to implement the proposed image sharing algorithm.

For the sake of notation brevity, we describe only the one-dimensional case. The conventional FRFT of any function $f (x) \in L^{2} (ℝ)$ with fractional order $α$ can be defined [18] as

ℱ^{α} [f (x)] = \int_{- \infty}^{+ \infty} f (x) K_{α} (x, x_{α}) d x

where

K_{α} (x, x_{α}) = {\begin{matrix} A_{ϕ} \exp [i π (x^{2} \cot ϕ - 2 x x_{a} \csc ϕ + x_{a}^{2} \cot ϕ)] \\ δ (x - x_{α}) \begin{matrix} \begin{matrix} \begin{matrix}  \end{matrix} \end{matrix} \end{matrix} \\ δ (x + x_{α}) \begin{matrix} \begin{matrix} \begin{matrix}  \end{matrix} \end{matrix} \end{matrix} \end{matrix}, \begin{matrix} if α \neq 2 n \\ if α = 4 n \\ if α = 4 n \pm 2 \end{matrix}

and

A_{ϕ} = {| \sin ϕ |}^{- 1 / 2} \exp [- \frac{i π sgn (ϕ)}{4} + \frac{i ϕ}{2}], ϕ = \frac{α π}{2}

where

x_{α}

represents the αth fractional domain,

A_{ϕ}

is a constant phase factor that is dependent only on the transform order, and

ϕ

can be interpreted as a rotation angle in the phase plane. For an arbitrary integer M (

M \geq 2

), the multiple-parameter fractional Fourier transform (MPFRFT) with order

α

and periodicity M can be defined [19, 20] as

ℱ_{M}^{α} (N) [f (x)] = \sum_{l = 0}^{M - 1} ℌ_{l} (α, N) f_{l} (x)

where the basic functions

f_{l} (x) = ℱ^{4 l / M} [f (x)], l = 0, 1, 2, ..., M - 1

, and the corresponding weight coefficient

ℌ_{l} (α, N)

can be expressed as

ℌ_{l} (α, N) = \frac{1}{M} \sum_{k = 0}^{(M - 1)} \exp {(- 2 π i / M) [α (k + n_{k} M) - l k]}, N = (n_{0}, n_{1}, \dots, n_{(M - 1)}) \in ℤ^{M}

The vector parameter $N$ can be arbitrary M-dimensional integer vector. It’s easy to prove that the MPFRFT still satisfies the commutative property even with different periodicities and vector parameters

\begin{matrix} ℱ_{M}^{α} (N) ℱ_{N}^{β} (M) = \sum_{l = 0}^{M - 1} \sum_{n = 0}^{N - 1} ℌ_{l} (α, N) ℌ_{n} (β, M) ℱ^{4 l / M} ℱ^{4 n / N} \\ = \sum_{n = 0}^{N - 1} ℌ_{n} (β, M) ℱ^{4 n / N} \sum_{l = 0}^{M - 1} ℌ_{l} (α, N) ℱ^{4 l / M} \\ = ℱ_{N}^{β} (M) ℱ_{M}^{α} (N) \end{matrix}

The expansion of MPFRFT for two-dimensional case is straightforward as successively performing MPFRFT in x axis and y axis respectively, since the MPFRFT is separable in both x and y axis. For a two-dimensional function $f (x, y) \in L^{2} (ℝ^{2})$ , the two-dimensional multiple-parameter fractional Fourier transform (2D-MPFRFT) with periodicity $(M_{L}, M_{R})$ , fractional order $(α_{L}, α_{R})$ and parameter vectors $(N_{L}, N_{R})$ is given by

ℱ_{(M_{L}, M_{R})}^{(α_{L}, α_{R})} (N_{L}; N_{R}) [f (x, y)] = ℱ_{M_{L}}^{α_{L}} (x; N_{L}) f (x, y) ℱ_{M_{R}}^{α_{R}} (y; N_{R})

where

ℱ_{M_{L}}^{α_{L}} (x; N_{L})

and

ℱ_{M_{R}}^{α_{R}} (y; N_{R})

are the MPFRFT in x axis and y axis, respectively. The MPFRFT gives us more choices to represent signals in the fractional Fourier domain with extra freedom provided by periodicity and vector parameters. Therefore, we attempt to use

ℱ_{(M_{L}, M_{R})}^{(α_{L}, α_{R})} (N_{L}; N_{R})

as encrypting function

E_{k} (•)

in Eq. (1) to implement Shamir’s three-pass protocol, in which image is encrypted directly by the MPFRFT spectrum without adding random phase masks.

3.2 Simulations results

Simulations are performed to verify the validity of the proposed algorithm. The image can be encrypted simply by applying a 2D-MPFRFT $ℱ_{(M_{L}, M_{R})}^{(α_{L}, α_{R})} (N_{L}; N_{R})$ using Eq. (9) with a pair of keys ${(M_{L}, M_{R}), (α_{L}, α_{R}), (N_{L}, N_{R})}$ , i.e. the transform period pair $(M_{L}, M_{R})$ , fractional order pair $(α_{L}, α_{R})$ and parameter vectors pair $(N_{L}, N_{R})$ . The input image can be encrypted well into a randomlike encoded image as shown in Fig. 2(b) , and one can decrypt it simply by substituting $(- α_{L}, - α_{R})$ for $(α_{L}, α_{R})$ without changing other parameters. From the above discussions, the transform period pair, fractional order pair and parameter vectors constitute the keys for decryption of the proposed encryption method using 2D-MPFRFT. For the sake of simplicity, in our implementation we choose the vector parameters $(N_{L}, N_{R})$ as $(M_{L}, M_{R})$ -dimensional random integer vector whose values are independent and uniformly distributed over interval [0, 1000].

Fig. 2 Results of the proposed secure image sharing scheme based MPFRFT and Shamir’s three-pass protocol. (a) Original image. (b) Cryptogram $C_{1}$ of Alice with her private secret keys. (c) Cryptogram $C_{2}$ of Bob with his private secret keys. (d) Cryptogram $C_{3}$ of Alice with her private secret keys. (e) Cryptogram $C_{4}$ of Bob with his private secret keys.

Download Full Size | PDF

Suppose the information that Alice wants to share with Bob is the gray image ‘Lena’ as shown in Fig. 2(a). Figure 2(b) is the resulting cryptogram $C_{1}$ of Alice with her private secret keys ${(23,31), (14 .1,23 .6), (M_{L}, M_{R})}$ . After receipt of $C_{1}$ , Bob treats $C_{1}$ as plaintext and encrypts it with his own key ${(27,29), (18 .4,23 .2), (N_{L}, N_{R})}$ , then he sends the resulting cryptogram $C_{2}$ (Fig. 2(c)) back to Alice. Alice receives $C_{2}$ and decrypts it with her own keys ${(23,31), (-14 .1,-23 .6), (M_{L}, M_{R})}$ . Because of the commutative property (Eq. (8)), this removes Alice’s encryption and results in the cryptogram $C_{3}$ (Fig. 2(d)) of Bob with his private secret keys. Finally, Bob receives $C_{3}$ and decrypts it with his own key ${(27,29), (-18 .4,-23 .2), (N_{L}, N_{R})}$ to obtain the message (Fig. 2(e)) that Alice has successfully sent to him secretly now. The received message appears the same as the original image. In the proposed method, the security of information is guaranteed for reasons of all messages are transmitted in the MPFRFT cryptograms [9, 20]. We have attempted to decode the cryptograms (or the transmitted messages) with different keys and demonstrated that this method is quite successful in preventing unauthorized access (man in middle attack). Figures 3(a) to (c) illustrate the messages that Bob obtains if Alice decodes the encoded image shown in Fig. 2(c) with different wrong decryption keys ${(23,31), (-14 .098,-23 .598), (M_{L}, M_{R})}$ , ${(22,30), (-14 .1,-23 .6), (M_{L}, M_{R})}$ and ${(23,31), (14 .1,23 .6), ({M^{'}}_{L}, {M^{'}}_{R})}$ , respectively. Similar results can be obtained if someone decrypted the cryptogram $C_{3}$ shown in Fig. 2(d) with wrong keys. Figure 3(d) illustrate the message received if bob decrypted the cryptogram $C_{3}$ shown in Fig. 2(d) with wrong parameter vector $({N^{'}}_{L}, {N^{'}}_{R})$ . It means that the proposed image sharing scheme is quite sensitive to the variations of various encryption keys. Any small errors during the decryption procedure will result in the failure of information sharing.

Fig. 3 Security analysis of the proposed secure image sharing scheme based MPFRFT and Shamir’s three-pass protocol. (a) Bob received message if Alice decrypts $C_{2}$ with wrong fractional order $({α^{'}}_{L}, {α^{'}}_{R}) = (-14 .098,-23 .598)$ . (b) Bob received message if Alice decrypts $C_{2}$ with wrong periodicity $({M^{'}}_{L}, {M^{'}}_{R}) = (22,30)$ . (c) Bob received message if Alice decrypts $C_{2}$ with wrong vector parameter $({M^{'}}_{L}, {M^{'}}_{R})$ . (d) Bob received message if Bob decrypts $C_{3}$ with wrong vector parameter $({N^{'}}_{L}, {N^{'}}_{R})$ .

Download Full Size | PDF

3.3 Security analysis

3.3.1. Sensitivity of the keys

To evaluate the security of the decrypted image, we introduce the mean square error (MSE) between the decrypted image $D = {(d_{n, m})}_{N \times M}$ and the original image $X = {(x_{n, m})}_{N \times M}$ as

MSE = ‖ X - D ‖ = (\frac{1}{N \times M} \sum_{n = 1}^{N} \sum_{m = 1}^{M} {| x_{n, m} - d_{n, m} |}^{2})

where

x_{n, m}

and

d_{n, m}

denote the pixel values of the original image and decrypted one, respectively.

N \times M

denotes the size of the image.

To evaluate the security of the algorithm against brute-force attack, we assume that incorrect keys locate in the vicinity of the correct key values, and then the relations between the keys used for decryption and encryption are given as follows

{α^{'}}_{i} = - α_{i} + δ, {β^{'}}_{i} = - β_{i} + δ, {N^{'}}_{i} = N_{i} + δ, {M^{'}}_{i} = M_{i} + δ

where

δ

denotes the deviation from correct parameter key and

(α_{i}, N_{i}), (β_{i}, M_{i})

,

i \in {L, R}

denotes the decryption keys for Alice and Bob, respectively. Figure 4 plots the MSE of the resulting decrypted images for various derivation values

δ

, in which all MSE values are the average results of 100 independent realizations. Figure 4(a) is the derivation of MSE versus transform order

α

and (b) is the derivation of MSE versus periodicity

M

. It can be seen from the curves that, the MSE approximates to zero when the image is decrypted with correct decryption parameters, whereas the MSE increases sharply when the parameters

α

or

M

depart from the correct value. When the deviation

δ

is larger than

2 \times 10^{- 4}

for fractional order or 1 for periodicity, i.e.,

| {α^{'}}_{i} + α_{i} | \geq 2 \times 10^{- 4}

or

| {M^{'}}_{i} - M_{i} | \geq 1

, we fail to distinguish the decrypted image with our naked eye, as illustrated in Fig. 3(a) and (b) respectively. One also can’t decrypt correctly without parameter vector

N

, even if

α

and

M

are known. Figure 4(c) is the derivation of MSE versus error numbers occurred in the vector parameters. It can be seen from the curves that, when no error occurs, the MSE reaches zero. But as errors increase in number, the value of MSE quickly increases. The result of using incorrect parameter vector

N^{'}

in decryption is shown in Fig. 3(c). An estimation of the strength of the proposed scheme in comparison to the earlier encryption scheme [2–5] in the fractional domain have already been presented in Ref [20], and the results show that transform order

α

and periodicity

M

have a significant improvement in sensitivity to results of these methods. For the sake of brevity, we do not illustrate them again in this paper.

Fig. 4 Mean Square Error plotted as a function of error in the decryption keys. (a) The MSE for deviation of fractional order $α$ . (b) The MSE for deviation of periodicity $M$ . (c) Derivation of the MSE versus error numbers occurred in vector parameters $N$ .

Download Full Size | PDF

3.3.2 Statistical analysis

In order to verify the reliability of the proposed algorithm, statistical analysis has been performed on the proposed encryption algorithm using different images and different keys, which is shown by a test on the histograms and autocorrelations of the original and encrypted images as shown in Fig. 5 . Figures 5(a) and (b) show that there is distinct difference between the histogram of the original image and the encryption. That is because the original image and the encrypted image are in the spatial domain and the MPFRFT domain respectively, but not a simple permutation in the same domain. This can be considered as diffusion in the classical cryptology, which diffuses the statistic characteristic of original image to the whole space. In addition, we find that the cipher text of different original images have similar histogram after encrypted with independent encryption keys after a number of parallel experiments. This can be considered as confusion in the classical cryptology. It is difficult for attackers to obtain useful information from the statistic characteristic, thus it can bring us considerable capacity of resisting statistic cryptanalysis. Figure 5(c) shows the autocorrelation of the image Lena, there is strong self-correlation between the pixels. By contrast, Fig. 5(d) shows that the correlation of the encrypted image is much weaker than that of the original image, and the input image can be encrypted into a nearly white distributed image. So the proposed method has an excellent decorrelation capability to realize good diffusion and confusion.

Fig. 5 Autocorrelation and histogram of the original and encrypted images. (a) Histogram of the original image. (b) Histogram of the encrypted image. (c) Autocorrelation of the original image. (d) Autocorrelation of the encrypted image.

Download Full Size | PDF

3.3.3. Middle attack

If an attacker filches all of the messages sent over the link, it means

Alice -> Bob: $C_{1} = A \cdot X \cdot B$
Bob -> Alice: $C_{2} = C \cdot A \cdot X \cdot B \cdot D = A \cdot C \cdot X \cdot D \cdot B$ (because of commutative property)
Alice->Bob: $C_{3} = C \cdot X \cdot D$

where

A, B, C, D

denotes the discrete multiple-parameter fractional Fourier transform matrix (DMPFRFT) [20]. From ciphertext

C_{2}

and

C_{3}

, the adversary can obtain the following equation:

A \cdot C_{3} \cdot B = C_{2}

Since the DMPFRFT matrices $A, B, C, D$ are unitary matrix, there will be at most $\frac{N (N + 1)}{2} + \frac{M (M + 1)}{2}$ variables in the above equation for a $N \times M$ pixel image X. But we have only N or M linear equations, so it is difficult to recover $A$ and $B$ both. Furthermore, these matrices are usually singular (the condition number is extremely large) because they may have many nearly zero eigenvalues. It is also hard to recover the secret image X by simple matrix inversion, due to the noise influence or computational error.

3.3.4. Resistance to data loss

We also perform computer simulations to check the tolerance of our method to loss of encrypted data. We occlude 25%, 50% and 75% of the encrypted image pixels. Figure 6 shows the occluded encrypted images of Fig. 2(b) and the corresponding recovered images with correct decryption keys. All recovered images with correct keys are visual recognizable, however, it is possible to perform digital post-processing technique to further improve the quality of these recovered images. The proposed method distributes the input image over the entire output plane, thus providing robustness to the distortions due to loss of encrypted data. This will be useful when transmit images through network, especially for only loading part of the encrypted image in the case of heavy traffic.

Fig. 6 Robustness performance against data loss. (a) When 25% pixels of $C_{1}$ (Fig. 2b) are occluded. (b) Recovered message (PSNR = 16.34 dB). (c) When 50% pixels of $C_{1}$ (Fig. 2b) are occluded. (d) Recovered message (PSNR = 10.97 dB). (e) When 75% pixels of $C_{1}$ (Fig. 2b) are occluded. (f) Recovered message (PSNR = 9.38 dB).

Download Full Size | PDF

3.3.5. Noise attack

Simulations are also performed to test the robustness of the proposed method against additive noise, which has a white Gaussian distribution with a zero mean in simulation. For the noise attack, we assume that the noise interferes the encrypted image in the following way

E^{'} = E (1 + σ G)

where

E

and

E^{'}

are the ideal encrypted image and the noise-affected encrypted image respectively,

σ

is a coefficient on noise strength, and

G

represents Gaussian random data with zero-mean and identity standard deviation. Figure 7 shows the decrypted images when

σ

equals to 0.05, 0.1, 0.2, 0.5, 0.8 and 1. And the corresponding MSE curves between the original image and decrypted one with different

σ

are illustrated in Fig. 8 . From Fig. 7 and 8, the decrypted images can be recognized despite of some noise interference. Even when

σ = 1

, the contour of the image can still be recognized.

Fig. 7 Decrypted images with different $σ$ : (a) $σ = 0.05$ (PSNR = 37.76 dB), (b) $σ = 0.1$ (PSNR = 31.66 dB), (c) $σ = 0.2$ (PSNR = 25.73 dB), (d) $σ = 0.5$ (PSNR = 18.52 dB), (e) $σ = 0.8$ (PSNR = 16.57 dB), and (f) $σ = 1$ (PSNR = 10.69 dB).

Download Full Size | PDF

Fig. 8 Robustness performance of the proposed method against noise perturbation with different $σ$

Download Full Size | PDF

From Figs. 3 to 8, we can conclude that the proposed image sharing scheme is sensitive to the variations of various encryption keys during decryption, and robust against the loss of data, noise perturbation.

4. Conclusion

In summary, we have proposed a novel no-key-exchange secure image sharing method based on the multiple-parameter fractional Fourier transform. This approach makes full use of the advantage of the classical Shamir’s three-pass protocol and the properties of the multiple-parameter fractional Fourier transform. Information can be shared between users through transmitting the encrypted messages three times without any key distribution in advance. Simulations results demonstrate the validity and reliability of the proposed method.

Acknowledgment

The authors would like to thank the anonymous reviewers for their great efforts and valuable comments that are greatly helpful to improve the clarity and quality of this manuscript. This work was supported by the Northeastern University Talents project under Grant (No. 28720521), “985 Project” of Northeastern University (No. 26311005) and the Fundamental Research Funds for the Central Universities (N110404027).

References and links

1. P. Refregier and B. Javidi, “Optical image encryption based on input plane and Fourier plane random encoding,” Opt. Lett. 20(7), 767–769 (1995). [CrossRef] [PubMed]

2. G. Unnikrishnan, J. Joseph, and K. Singh, “Optical encryption by double-random phase encoding in the fractional Fourier domain,” Opt. Lett. 25(12), 887–889 (2000). [CrossRef] [PubMed]

3. S. Liu, L. Yu, and B. Zhu, “Optical image encryption by cascaded fractional Fourier transforms with random phase filtering,” Opt. Commun. 187(1-3), 57–63 (2001). [CrossRef]

4. B. Zhu, S. Liu, and Q. Ran, “Optical image encryption based on multifractional Fourier transforms,” Opt. Lett. 25(16), 1159–1161 (2000). [CrossRef] [PubMed]

5. B. Hennelly and J. T. Sheridan, “Optical image encryption by random shifting in fractional Fourier domains,” Opt. Lett. 28(4), 269–271 (2003). [CrossRef] [PubMed]

6. J. Lang, R. Tao, and Y. Wang, “Image encryption based on the multiple-parameter discrete fractional Fourier transform and chaos function,” Opt. Commun. 283(10), 2092–2096 (2010). [CrossRef]

7. X. Wang and D. Zhao, “Double-image self-encoding and hiding based on phase-truncated Fourier transforms and phase retrieval,” Opt. Commun. 284(19), 4441–4445 (2011). [CrossRef]

8. Z. Liu, M. A. Ahmad, and S. Liu, “Image encryption scheme based on the commutation and anti-commutation rules,” Opt. Commun. 279(2), 285–290 (2007). [CrossRef]

9. R. Tao, J. Lang, and Y. Wang, “Optical image encryption based on the multiple-parameter fractional Fourier transform,” Opt. Lett. 33(6), 581–583 (2008). [CrossRef] [PubMed]

10. Q. Ran, H. Zhang, J. Zhang, L. Tan, and J. Ma, “Deficiencies of the cryptography based on multiple-parameter fractional Fourier transform,” Opt. Lett. 34(11), 1729–1731 (2009). [CrossRef] [PubMed]

11. R. Tao, J. Lang, and Y. Wang, “The multiple-parameter discrete fractional Hadamard transform,” Opt. Commun. 282(8), 1531–1535 (2009). [CrossRef]

12. Z. Liu, M. A. Ahmad, and S. Liu, “Image sharing scheme based on combination theory,” Opt. Commun. 281(21), 5322–5325 (2008). [CrossRef]

13. Z. Liu, S. Liu, and M. A. Ahmad, “Image sharing scheme based on discrete fractional random transform,” Optik (Stuttg.) 121(6), 495–499 (2010). [CrossRef]

14. C. N. Yang and S. M. Huang, “Constructions and properties of k out of n scalable secret image sharing,” Opt. Commun. 283(9), 1750–1762 (2010). [CrossRef]

15. N. Islam, W. Puech, K. Hayat, and R. Brouzet, “Application of homomorphism to secure image sharing,” Opt. Commun. 284(19), 4412–4429 (2011). [CrossRef]

16. J. Massey, “An introduction to contemporary cryptology,” Proc. IEEE 76(5), 533–549 (1988). [CrossRef]

17. L. Yang, A. W. Ling, and S. H. Liu, “Quantum three-pass cryptography protocol,” Proc. SPIE 4917, 106–111 (2002). [CrossRef]

18. H. M. Ozaktas, Z. Zalevsky, and M. A. Kutay, The Fractional Fourier Transform with Applications in Optics and Signal Processing (John Wiley & Sons, Chichester, 2001).

19. J. Lang, R. Tao, Q. Ran, and Y. Wang, “The multiple-parameter fractional Fourier transform,” Sci. China Ser. F, Inf. Sci. 51(8), 1010–1024 (2008). [CrossRef]

20. J. Lang, R. Tao, and Y. Wang, “The discrete multiple-parameter fractional Fourier transform,” Sci. China Ser. F, Inf. Sci. 53(11), 2287–2299 (2010). [CrossRef]

A no-key-exchange secure image sharing scheme based on Shamir’s three-pass cryptography protocol and the multiple-parameter fractional Fourier transform

Abstract

1. Introduction

2. Shamir's three-pass cryptography protocol

3. The proposed no-key-exchange secure image sharing scheme

3.1 Image sharing based on the multiple-parameter fractional Fourier transform

3.2 Simulations results

3.3 Security analysis

3.3.1. Sensitivity of the keys

3.3.2 Statistical analysis

3.3.3. Middle attack

3.3.4. Resistance to data loss

3.3.5. Noise attack

4. Conclusion

Acknowledgment

References and links

Cited By

Figures (8)

Equations (13)

Optics Express