Generalized forgery attack to optical encryption systems

Jun Feng; Jun Feng; Jun Feng; Jun Feng; Wei Huang; Wei Huang; Wei Huang; Shuming Jiao; Xiaopeng Wang

doi:10.1364/OE.444092

1. Introduction

The research of optical image security techniques including encryption and information hiding has received much attention in recent years [1–3]. Optical encryption techniques have some potential advantages over digital encryption techniques such as high-speed parallel computation, multiple-dimensional processing and direct interaction with a physical object without digitalization. Since the pioneering work of DRPE [4] in 1995, various types of optical imaging systems such as holography [5–8], ptychography [9,10] and ghost imaging (or single-pixel imaging) [11–18] have been employed for image encryption. On the other hand, the attacking methods to optical encryption systems have been extensively investigated as well. The attacking is mainly focused on the cryptanalysis including chosen plaintext attack [19–21], known plaintext attack [22–26] and ciphertext-only attack [27–31]. In these cryptanalysis works, the objective is to recover the encryption (or decryption) key by knowing some plaintext-ciphertext pairs or only some ciphertexts. Different from these conventional approaches, a novel attacking concept was proposed in the recent work [32]. It is assumed that the key transmitted from the sender to the receiver may be secretly replaced with a forged one by an unauthorized illegal attacker. The alternative forgery attack scheme is implemented for an encrypted CGI system. If the fake key is properly designed by the attacker, the receiver with the correct ciphertext will be cheated and retrieve a fake decrypted image. However, the proposed attacking algorithm in the work [32] is only applicable to a particular situation where the recorded intensity values are binary in an encrypted CGI system.

In a CGI system, the object is sequentially illuminated by a series of random structured light patterns and the total light intensity of the object scene at each time is recorded as a single-pixel value by a single-pixel detector. After many illuminations with different patterns, the detector will record a single-pixel intensity sequence. Finally, the object image can be computationally reconstructed when both the illumination patterns and the single-pixel intensity sequence are known. If the object image is considered as the plaintext image, the illumination patterns are considered as the key and the single-pixel intensity sequence is considered as the ciphertext, a CGI system can be formulated as an optical image encryption system.

In a conventional CGI system, the recorded single-pixel values can be arbitrary. If they are forced to be binarized, the reconstructed image will be degraded by quantization noise [32]. A forgery attack scheme to a general encrypted CGI system without binarization is favorable. In addition, a forgery attack has only been implemented for a CGI system and other kinds of optical encryption systems have not yet been attempted. In this work, we implement a forgery attack scheme for the well-known DRPE system in both Fourier and Fresnel domains. Furthermore, it is a critical issue to quantitatively prove that the forged key is indistinguishable or imperceptible by the receiver from a real random key in such an attack. We propose several metrics to evaluate the imperceptibility level of the forged key in this work for the first time.

2. Principles of proposed schemes

2.1 Forgery attack to general CGI

The basic working principles of an encrypted CGI system are described below. During the data acquisition, it is assumed that the object image O consists of M pixels and it can be represented by a vector of length M, given by $O = [{{o_1},\; {o_2},\; {o_3}, \ldots ,{o_M}} ]$. Then it will be sequentially illuminated by a set of N different structured light patterns shown in Fig. 1. Each pattern consists of M pixels as well. The pixels in the nth pattern ($1 \le \textrm{n} \le \textrm{N}$) are given by ${P_n} = [{{p_{n1}},\; {p_{n2\; }},{p_{n3}}, \ldots ,{p_{nM}}} ]$. Finally, N single-pixel intensity values are recorded and each one is the inner product between the object image and the corresponding illumination pattern. The nth ($1 \le \textrm{n} \le \textrm{N}$) single-pixel intensity value is given by ${i_n} = \mathop \sum \nolimits_{m = 1}^{m = M} {o_m}{p_{nm}}$ and the entire sequence is given by $I = [{{i_1},\; {i_2},\; {i_3}, \ldots ,{i_N}} ]$. In the reconstruction stage, the object image can be reconstructed from the illumination patterns and the recorded single-pixel intensity sequence I by using different methods such as gradient descent (GD) or compression sensing (CS) [33].

Fig. 1. Optical setup of a computational ghost imaging (CGI) system

Download Full Size | PDF

In a CGI system, the unknown illumination patterns are considered as the encryption and decryption key, which is also the forgery target in a forgery attack. Specifically, it is assumed that there are totally K pairs of plaintext images and corresponding ciphertext single-pixel intensity sequences when the illumination patterns remain constant. They can be denoted as ${O_k} = [{{o_{k1}},\; {o_{k2}},\; {o_{k3}}, \ldots ,{o_{kM}}} ]$ ($1 \le \textrm{k} \le \textrm{K}$) and ${I_k} = [{{i_{k1}},\; {i_{k2}},\; {i_{k3}}, \ldots ,{i_{kN}}} ]$ ($1 \le \textrm{k} \le \textrm{K}$) . After a forgery of the key, the objective is that the reconstructed images from ${\textrm{I}_\textrm{k}}$ will be target fake images $O{^{\prime}_k} = [{o{^{\prime}_{k1}},\; o{^{\prime}_{k2}},\; o{^{\prime}_{k3}}, \ldots ,o{^{\prime}_{kM}}} ]$ . It is possible to find a set of forged key ${P_n}^{\prime}$ satisfying that ${i_{kn}} = \mathop \sum \nolimits_{m = 1}^{m = M} o{^{\prime}_{km}}p{^{\prime}_{nm}}$ (for all k) if the value of K is much smaller than M. In fact, there are usually infinitely many possible solutions for $P_n^{\prime}$ and we employ an iterative gradient descent algorithm to obtain one solution. Our proposed forgery attack scheme for a general CGI is illustrated in Fig. 2.

Fig. 2. Proposed forgery attack scheme for a general CGI.

Download Full Size | PDF

Initially, all the elements in the N fake patterns ${P_n}^{\prime}$ ($1 \le \textrm{n} \le \textrm{N}$) are assigned with random values. Then, for the $kth$ plaintext image, we use an iterative gradient descent algorithm based on the following objective function to calculate ${P_n}^{\prime}$:

(1)$$\min {\left|{{i_{kn}} - \mathop \sum \nolimits_{m = 1}^M o{^{\prime}_{km}}P{^{\prime}_{nm}}} \right|^2}$$

The iterative updating formula is:

(2)$$P^{{\prime}_{nm}^{(x )}} \Leftarrow P^{{\prime}_{nm}^{({x - 1})} } + \alpha \left( {{i_{kn}} - \mathop \sum \nolimits_{m = 1}^M O{^{\prime}_{km}}P^{{\prime}_{nm}^{({x - 1})} }} \right)O_{km}^{\prime}$$

where $\alpha$ refers to the learning rate and x denotes the xth iteration. The calculation of each individual illumination pattern is independent from any other illumination pattern. For the nth pattern, the algorithm runs in the following way shown in Fig. 3:

Fig. 3. Flowchart for generating the nth fake pattern with our proposed scheme in a general CGI.

Download Full Size | PDF

For each forged illumination pattern, the algorithm will run for a number of iterations and each updated pixel intensity in the pattern will be gradually closer to an optimized value. It shall be noticed that the intensity of each pixel will be bounded within a range such as [0 1]. If the intensity of a certain pixel exceeds the range in one iteration, it will be forced to be 0 or 1. It is worth mentioning that the average pixel intensity of the forged plaintext image should be similar to that of the original plaintext image otherwise the performance of the forgery attack will be severely degraded. Statistically, the average pixel value of the original plaintext image can be approximately estimated from the known average single-pixel intensity value. The average pixel value of the forged plaintext image can be adjusted by tuning the image contrast with a power function as a preprocessing step.

2.2 Forgery attack to DRPE in Fourier domain and Fresnel domain

The forgery attack concept can be transferred to a DRPE system and a different algorithm is designed. In a Fourier domain DRPE system, the plaintext image is encrypted into a ciphertext by double random phase-only masks in a 4-f system, shown in Fig. 4. f is the focal length of the lens, and the two random phase masks are placed in the input plane and the Fourier plane of the 4-f system respectively. The plaintext image $I({x,y} )$ is modulated by the first random phase mask $RP{M_1} = exp[{j \cdot 2\pi \cdot \rho ({x,y} )} ]$ . Then the complex-amplitude light field $I({x,y} )exp[{j \cdot 2\pi \cdot \rho ({x,y} )} ]$ is transformed into the Fourier frequency domain. Another random phase mask $RP{M_2} = exp[{j \cdot 2\pi \cdot \sigma ({u,v} )} ]$ further modulates the obtained spectrum. Finally, the modulated Fourier spectrum is transformed back to the spatial domain by another lens. The final ciphertext light field $\textrm{g}({x,y} )$ can be obtained in the output plane. This process can be expressed as:

(3)$$g({x,y} )= F{T^{ - 1}}\{{FT\{{I({x,y} )\cdot exp[{j\cdot2\pi \cdot\rho ({x,y} )} ]} \}\cdot exp[{j\cdot2\pi \cdot\sigma ({u,v} )} ]} \}$$

where $\mathrm{\rho }({\textrm{x},\textrm{y}} )$ and $\mathrm{\sigma }({\textrm{x},\textrm{y}} )$ denote two random phase masks, and their values are uniformly distributed between $[{0,1} ]$. $\textrm{FT}\{{\cdot} \}$ and $\textrm{F}{\textrm{T}^{ - 1}}\{{\cdot} \}$ denote Fourier transform and inverse Fourier transform respectively.

Fig. 4. Optical setup of DRPE system in Fourier domain

Download Full Size | PDF

The decryption is the opposite process of encryption. For a given ciphertext $\textrm{g}({x,y} )\; $, the original plaintext image can be obtained by the complex-conjugate phase masks of $RP{M_1}$ and $RP{M_2}$. The decryption process is given by:

(4)$$I({x,y} )= F{T^{ - 1}}\{{FT\{{g({x,y} )\cdot conj\{{exp[{j\cdot2\pi \cdot\sigma ({u,v} )} ]} \}} \}\cdot conj\{{exp[{j\cdot2\pi \cdot\rho ({x,y} )} ]} \}} \}$$

where $conj{\cdot}$ denotes conjugate transformation.

The DRPE scheme can be implemented in the lensless Fresnel domain as well. The Fourier transform and inverse Fourier transform are replaced with Fresnel free-space light field propagation. The optical setup of Fresnel domain DRPE system is shown in Fig. 5. In Fresnel domain DRPE, the plaintext image $I({x,y} )$ is modulated with the first random phase mask $RP{M_1} = exp[{j\cdot2\pi \cdot\rho ({x,y} )} ]$ . Then the Fresnel diffracted field at the distance ${d_1}$ is modulated again by the second random phase mask $RP{M_2} = exp[{j\cdot2\pi \cdot\sigma ({u,v} )} ]\; $. Followed by another Fresnel light field propagation with a distance of ${d_2}$, the final encrypted light field $g({x,y} )$ is obtained in the output plane. The encryption process is given by Eq. (5):

(5)$$g({x,y} )= F{D_{{d_2}}}\{{F{D_{{d_1}}}\{{I({x,y} )\cdot exp[{j\cdot2\pi \cdot\rho ({x,y} )} ]} \}\cdot exp[{j\cdot2\pi \cdot\sigma ({u,v} )} ]} \}$$

where $F{D_d}\{{\cdot} \}$ refers to Fresnel light field propagation by a distance of d . For image decryption, the plaintext image can be recovered by Eq. (6):

(6)$$I({x,y} )= F{D_{ - {d_2}}}\{{F{D_{ - {d_1}}}\{{g({x,y} )\cdot conj\{{exp[{j\cdot2\pi \cdot\sigma ({u,v} )} ]} \}} \}\cdot conj\{{exp[{j\cdot2\pi \cdot\rho ({x,y} )} ]} \}} \}$$

Fig. 5. Optical setup of DRPE system in Fresnel domain

Download Full Size | PDF

In both Fourier domain and Fresnel domain DRPE, the two random phase masks ($RP{M_1}$, $RP{M_2}$) can be considered as the encryption and decryption key. It is evident that the objective of forgery attack is that for a given ciphertext $g({x,y} )$ generated from the plaintext image $I({x,y} )$ with two random phase masks $\rho ({x,y} )$ and $\sigma ({u,v} )$, a set of forged key $\rho ^{\prime}({x,y} )$ and $\sigma ^{\prime}({u,v} )$ need to be found so that the retrieved plaintext image is a fake one $I^{\prime}({x,y} )$. It is also possible that there are multiple pairs of fake plaintexts and ciphertexts $I_1^{\prime}({x,y} ),{\; }I_2^{\prime}({x,y} ), \ldots ,{\; }I_K^{\prime}({x,y} )$ and ${g_1}({x,y} ),{\; }{g_2}({x,y} ), \ldots ,{\; }{g_K}({x,y} )$ if the same key is repetitively used for M times.

The forgery attack algorithm for Fourier domain DRPE is described below, shown in Fig. 6. Initially, all the pixels in $\rho ^{\prime}({x,y} )$ and $\sigma ^{\prime}({u,v} )$ are set to be random phase values. Then these two phase masks are iteratively updated in the following way:

Fig. 6. Flowchart for generating the forged PRMs with our proposed scheme in a Fourier domain DRPE.

Download Full Size | PDF

The working mechanism of our proposed scheme is based on the “wavefront matching” concept. For each mask, the error between the summation of forward propagating light fields at the back plane and the summation of backward propagating light fields in the front plane is minimized. More details about corresponding optical principles and mathematical derivation can be found in the work [34]. For Fresnel-domain DRPE, the forgery attacking algorithm is similar, shown in Fig. 7.

Fig. 7. Flowchart for generating the forged PRMs with our proposed scheme in a Fresnel domain DRPE.

Download Full Size | PDF

2.3 Imperceptibility of the forged keys

In these optical encryption systems, the key is represented in the form of random grayscale images (random illumination pattern or random phase mask). It is favorable that the pixel values in the forged pattern or mask have a higher degree of randomness so that the forged key is difficult to be distinguished from a real key. In this work, grayscale histogram, adjacent pixel correlation and image entropy, which are commonly used randomness metrics in image encryption, are adopted to measure the randomness of forged keys. The image histogram, as one of the important parameters describing image features, intuitively shows the number of pixels within each gray-level range in the image, and reflects the frequency of a certain gray-level intensity in the image. For a random image, the gray histogram is uniformly distributed over the whole grayscale range. The correlation of adjacent pixels reflects the correlation degree between adjacent pixels in an image, defined by:

(7)$$CC = \frac{{\mathop \sum \nolimits_{i = 1}^J \left( {{x_i} - \frac{1}{J}\mathop \sum \nolimits_{i = 1}^J {x_i}} \right)\left( {{y_i} - \frac{1}{J}\mathop \sum \nolimits_{i = 1}^J {y_i}} \right)}}{{\sqrt {\mathop \sum \nolimits_{i = 1}^J {{\left( {{x_i} - \frac{1}{J}\mathop \sum \nolimits_{i = 1}^J {x_i}} \right)}^2} \times \mathop \sum \nolimits_{i = 1}^J {{\left( {{y_i} - \frac{1}{J}\mathop \sum \nolimits_{i = 1}^J {y_i}} \right)}^2}} }}\; \; \; \; \; \; \; \; \; \; \; \; \; \; \; \; \; \; \; \; \; \; $$

where J is the number of randomly selected adjacent pixel pairs and (${x_i}$, ${y_i}$) are the intensity values of adjacent pixel pairs. Generally, the correlation of horizontal, vertical, and diagonal adjacent pixels of a 2D pixelated array (image, mask or pattern) should be analyzed at the same time. A low correlation value indicates high randomness. Entropy is a measure of disorder. In other words, the value of entropy increases as the system becomes more chaotic. For a 256-level grayscale image, the entropy is calculated by:

(8)$$H(G )={-} \mathop \sum \nolimits_{i = 0}^{{2^8} - 1} P({{G_i}} ){log _2}P({{G_i}} )\; $$

where $P({{G_i}} )$ is the probability of each grayscale value appearing in the pattern or mask, and the theoretical maximum entropy value of a 8-bit image is 8. An illumination pattern or a phase mask with a higher entropy (closer to 8) indicate that the pattern or mask has a higher degree of randomness.

3. Results and discussions

3.1 Forgery attack to general CGI

The proposed iterative gradient descent algorithm is applied to attack a general CGI in both simulation and optical experiment. In the simulation, the horizontal and vertical extent of plaintext image and illumination patterns are all 64×64 pixels. The original plaintext images and fake plaintext images are in an 8-bit grayscale format. The illumination patterns in the original key are generated by a random number generator in Matlab. Total variation regularization method (TV) [34] is adopted for image reconstruction. The sampling ratio is defined as the ratio between the number of measurements and the total number of images pixels to be reconstructed. The results of forgery attack to general CGI from one single intercepted ciphertext is shown in Fig. 8. The original plaintext image, shown in Fig. 8(a), is encrypted into a ciphertext intensity sequence by 2048 sequential illumination patterns in CGI. These original illumination patterns are regarded as the encryption and decryption key, and the first two of them are shown in Fig. 8(b) and Fig. 8(c) as examples. When the ciphertext intensity sequence is intercepted by an attacker, the corresponding forged key can be calculated by our proposed scheme based on the target fake plaintext image, shown in Fig. 8(e). It is evident that the target fake plaintext image is completely different from the original plaintext image. The first two corresponding fake illumination patterns are shown in Fig. 8(f) and Fig. 8(g) as examples. The pixel values in the fake patterns are also approximately randomly distributed between 0 and 1 as the ones in the original patterns, which makes the forgery difficult to be detected. With the original key or the fake key, the decryption results from the ciphertext intensity sequence can be totally different, shown in Fig. 8(d) and Fig. 8(h) respectively. The decrypted images are very similar to the original plaintext image or the target fake plaintext image.

Fig. 8. Examples of forgery attacking results in a general encrypted CGI system from one single intercepted ciphertext.

Download Full Size | PDF

The proposed iterative gradient descent algorithm is compared with Yuan’s method [32] under the same conditions. In the simulation, we reconstruct the forged plaintext image under different number of measurements ranging from 100 (sampling ratio is about 0.02) to 20,000 (sampling ratio is about 4.88), and calculate the PSNR and SSIM of values as quality evaluation metrics. The results shown in Fig. 9 indicate that the forged key generated by our proposed scheme can reconstruct high-quality target fake plaintext image under different sampling ratios. In comparison, the forged key obtained by Yuan’s method, cannot reconstruct a clear grayscale image even when the number of samplings is 20,000. The program running environment is Matlab 2021a in Windows 10 with CPU i7-10875H and 16GB memory. Our method requires a computation time of 4.45s. Yuan’s method requires 3.73s under the same condition. Our proposed scheme has a better performance since it is free of binarization error in the single-pixel intensity values in Yuan’s method.

Fig. 9. Comparative results of forgery attack in a general CGI encryption system from one single intercepted ciphertext

Download Full Size | PDF

If multiple ciphertexts are intercepted by an attacker when the key remains the same, the forgery can be implemented as well by our proposed scheme, shown in Fig. 10. Three different original plaintext images are shown in Figs. 10(a)-(c) and three corresponding different ciphertexts (single-pixel intensity sequences) using the same key can be obtained. The corresponding target fake plaintext images are shown in Figs. 10(j)-(l). The sampling rate in CGI is 0.6 and there are 2457 illumination patterns totally. The first three illumination patterns in the original key and the forged key are shown in Figs. 10(d)-(f) and Figs. 10(m)-(o) respectively as examples. The reconstructed images from the ciphertexts with the correct key are shown in Figs. 10(g)-(i). The reconstructed images from the ciphertext with the forged key are shown in Figs. 10(p)-(r). It can be observed that the target fake plaintext images can be clearly reconstructed without almost no crosstalk. Their SSIM (Structural Similarity Index) values with reference to original images are all above 0.9.

Fig. 10. Examples of forgery attack results in a general CGI encryption system from three intercepted ciphertexts.

Download Full Size | PDF

Similarly, our proposed scheme is compared with Yuan’s method for a multiple-ciphertext situation. The results shown in Fig. 11 indicate that our proposed scheme still has evident advantages in terms of decrypted image quality. The computational time of our method is 6.72s, which is slightly higher than that of Yuan's method, i.e. 4.17s.

Fig. 11. Comparative results of forgery attack to a general CGI encryption system from two intercepted ciphertexts.

Download Full Size | PDF

In a forgery attack, the randomness of the forged key will directly affect the concealment of the deception action. Grayscale histogram, adjacent pixel correlation and image entropy are used to evaluate the imperceptibility of forged keys [35]. It can be observed that the grayscale histograms of one illumination pattern in the original key and corresponding pattern in the forged key have similar statistical appearance. The pixel values in the two patterns are both roughly uniformly distributed in the range between 0 and 1, shown in Fig. 12. The intensity distribution diagrams of adjacent pixels in the vertical, horizontal and diagonal directions of the first illumination pattern in the fake key indicates that there is little correlation between adjacent pixels, similar to those in the original key, shown in Fig. 13. The absolute average correlation coefficients of adjacent pixelated values in the vertical, horizontal and diagonal directions of the patterns in the fake key are very close to zero, slightly higher than those of the patterns in the original key, shown in Table 1. From Table 1, it can also be observed that the average entropy of all the patterns in the fake key is 7.94435, approaching to the maximum entropy 8. The results above illustrate that the patterns in the forged key generated by our proposed algorithm are extremely close to random gray-scale images and do not carry any information about the forged plaintext images. These patterns not only visually appear to be random but also proves to be highly random quantitatively in statistics.

Fig. 12. Grayscale histograms of the first illumination pattern in the original key and the one in the corresponding fake key.

Download Full Size | PDF

Fig. 13. Intensity distribution diagrams of adjacent pixels in the vertical (a) (e), horizontal (b) (f) and diagonal (c) (g) directions of the first illumination pattern in the original key and the one in the corresponding fake key.

Download Full Size | PDF

Table 1. Average correlation coefficients of adjacent pixelated values in different directions and average entropy of all the patterns in original key and the ones in the fake key.

View Table | View all tables in this article

Furthermore, the feasibility of our proposed scheme is verified by the data collected in an optical experiment. The optical setup is shown in Fig. 14. Limited by the experimental imaging efficiency, the sampling rate is set to be 10 and there are totally 40960 illumination patterns. In the optical experiment, the original plaintexts are images with 64×64 pixels containing Arabic numerals 1, 2 and 3 shown in Fig. 15(a)-(c) and three grayscale images shown in Fig. 16(a)-(c). The experimentally reconstructed images (or decrypted plaintexts) will be enviably contaminated with some noise even when the decrypted key is fully correct, shown in Fig. 15(g)-(i) and Fig. 16(g)-(i). To make the forgery attack more imperceptible, fake Arabic numerals images and fake gray scale images reconstructed from optical experiments with noise contamination are used as the target fake plaintext images shown in Fig. 15(j)-(l) and Fig. 16(j)-(l). The experimental results of forgery attack are shown in Fig. 15(p)-(r) and Fig. 16(p)-(r). It can be observed that the decrypted results using the forged key have totally different pictorial content compared with the ones using the correct key shown in Fig. 15(g)-(i) and Fig. 16(g)-(i). However, they have similar noise characteristics and it is hard for an observer to detect the forgery. The results above verify that our proposed scheme is feasible in a CGI optical experiment as well.

Fig. 14. Optical setup of single-pixel imaging experiment.

Download Full Size | PDF

Fig. 15. Experimental examples of forgery attack results in general CGI encryption system from three intercepted ciphertexts of binary images.

Download Full Size | PDF

Fig. 16. Experimental examples of forgery attack results in general CGI encryption system from three intercepted ciphertexts of grayscale images.

Download Full Size | PDF

3.2 Forgery attack to DRPE in Fourier domain and Fresnel domain

A forgery attack to DRPE in Fourier domain and Fresnel domain is simulated. The attacking results for a DRPE system in Fourier domain and Fresnel domain are shown in Fig. 17 and Fig. 18. For DRPE in both Fourier domain and Fresnel domain, the size of plaintext image, ciphertext light field and random phase masks is set to 256×256 pixels. The plaintext image is shown in Fig. 17(a) and the target forged one is shown in Fig. 17(e). With a Fourier transform and an inverse Fourier transform, the plaintext image is encrypted into a ciphertext by two RPMs, shown in Fig. 17(b) and Fig. 17(c). The forged RPMs in our proposed scheme are visually similar to the original ones, shown in Fig. 17(f) and Fig. 17(g). The decrypted images with the correct key and the forged key are shown in Fig. 17(d) and Fig. 17(h). For DRPE in Fresnel domain, the plaintext image is shown in Fig. 18(a) and the target forged plaintext image is shown in Fig. 18(e). The first and second light-field propagation distance are 0.05 m. The ciphertext with original PRMs, shown in Fig. 18(b) and Fig. 18(c), can be decrypted into Fig. 18(d). The ciphertext with PRMs forged by our proposed scheme, shown in Fig. 18(f) and Fig. 18(g), can be decrypted into Fig. 18(h). It can be observed both in Fourier domain DRPE and Fresnel domain DRPE, the decrypted image with forged RPMs has good fidelity. As shown in Fig. 19, the numbers of pixels with different gray levels (corresponding to different phase values) are evenly distributed for the RPMs in the fake key, similar to the results of the original key. The adjacent pixelated values in the fake key are irrelevant, and the entropy of the fake keys exceeds 7.99, shown in Table 2. The results indicate that the forged key is almost imperceptible both visually and statistically.

Fig. 17. An example of forgery attack results in Fourier domain DRPE.

Download Full Size | PDF

Fig. 18. An example of forgery attack results in Fresnel domain DRPE.

Download Full Size | PDF

Fig. 19. The gray histograms of original RPMs & the corresponding fake RPMs in DRPE in (a)Fourier domain; (b)Fresnel domain.

Download Full Size | PDF

Table 2. The average correlation coefficients of adjacent pixels in the different directions and the average entropy of the fake PRMs in DRPE in Fourier domain and Fresnel domain.

View Table | View all tables in this article

Likewise, we simulate the forgery attacks for the situation of two pairs of plaintexts and ciphertexts obtained under the same original PRMs in Fourier and Fresnel domain DRPE respectively, shown in Fig. 20 and Fig. 21. It can be observed that the fake RPMs [shown in Fig. 20(h)&(k) and Fig. 21(h)&(k)] appear to be random as well in both Fourier and Fresnel domain. The results in Table 3 demonstrate that the pixel values in fake RPMs generated from two intercepted ciphertexts are generally randomly distributed. When the forged PRMs are used to decrypt the ciphertexts, the decrypted images can be obtained, shown in Fig. 20(i)&(l) and Fig. 21(i)&(l). The forged decrypted images are similar to the corresponding target fake plaintext images but some crosstalk noise can be observed. The SSIM values are relatively lower. The attacking performance for DRPE is not as good as that for CGI when there are multiple pairs of plaintexts and ciphertexts simultaneously. The reason is that the key in DRPE only contains two phase masks but the ciphertext has many pixels. In comparison, the key in CGI contains many illumination patterns but only one single-pixel value in the ciphertext corresponds to one pattern. The degree of encoding freedom in the former one is much lower than the latter one. Therefore, it is difficult to perform a forgery attack to DRPE for multiple pairs of plaintexts and ciphertexts simultaneously with very low crosstalk noise.

Fig. 20. Simulated examples of forgery attack results in Fourier domain DRPE from two intercepted ciphertexts.

Download Full Size | PDF

Fig. 21. Simulated examples of forgery attack results in Fresnel domain DRPE from two intercepted ciphertexts.

Download Full Size | PDF

Table 3. The average correlation coefficients of adjacent pixels in the different directions and the average entropy of the fake PRMs generated from two intercepted ciphertexts in Fourier and Fresnel domain DRPE.

View Table | View all tables in this article

4. Conclusion

In summary, a generalized forgery attack scheme is proposed for both encrypted CGI and DRPE in Fourier domain & Fresnel domain. In a general CGI system, an iterative gradient descent algorithm is adopted for grayscale single-pixel intensity values. In Fourier & Fresnel domain DRPE, two similar iterative attacking algorithms based on the “wavefront matching” concept are employed. The simulated and experimental results verify the feasibility of our proposed scheme. Furthermore, the evaluation results by several metrics demonstrate that the forgery attack is almost imperceptible. The security flaws of existing optical encryption systems revealed by our proposed general forgery attacking scheme can be further investigated for enhancing the system security in the future.

Funding

National Natural Science Foundation of China (61805145).

Disclosures

The authors declare no conflicts of interest.

Data availability

Data underlying the results presented in this paper are not publicly available at this time but may be obtained from the authors upon reasonable request.

References

1. S. Liu, C. Guo, and J. T. Sheridan, “A review of optical image encryption techniques,” Opt. Laser Technol. 57, 327–342 (2014). [CrossRef]

2. S. Jiao, C. Zhou, Y. Shi, W. Zou, and X. Li, “Review on optical image hiding and watermarking techniques,” Opt. Laser Technol. 109, 370 (2019). [CrossRef]

3. O. Matoba, T. Nomura, E. Perez-Cabre, M. S. Millan, and B. Javidi, “Optical techniques for information security,” Proc. IEEE 97(6), 1128–1148 (2009). [CrossRef]

4. P. Refregier and B. Javidi, “Optical image encryption based on input plane and Fourier plane random encoding,” Opt. Lett. 20(7), 767 (1995). [CrossRef]

5. N. K. Nishchal, J. Joseph, and K. Singh, “Fully phase encryption using digital holography,” Opt. Eng. 43(12), 2959 (2004). [CrossRef]

6. B. Javidi and T. Nomura, “Securing information by use of digital holography,” Opt. Lett. 25(1), 28–30 (2000). [CrossRef]

7. Y. Su, W. Xu, T. Li, J. Zhao, and S. Liu, “Optical color image encryption based on fingerprint key and phase-shifting digital holography,” Opt. Lasers Eng. 140, 106550 (2021). [CrossRef]

8. P. W. Tsang, A. Yan, T. C. Poon, and H. Lam, “Asymmetrical and biometric encrypted optical scanning holography (ABE-OSH),” IEEE Trans. Ind. Inf. 16(2), 1094–1101 (2020). [CrossRef]

9. Y. Shi, T. Li, Y. Wang, Q. Gao, S. Zhang, and H. Li, “Optical image encryption via ptychography,” Opt. Lett. 38(9), 1425 (2013). [CrossRef]

10. A. Pan, K. Wen, and B. Yao, “Linear space-variant optical cryptosystem via Fourier ptychography,” Opt. Lett. 44(8), 2032 (2019). [CrossRef]

11. P. Clemente, V. Durán, E. Tajahuerce, and J. Lancis, “Optical encryption based on computational ghost imaging,” Opt. Lett. 35(14), 2391 (2010). [CrossRef]

12. Z. Zhang, S. Jiao, M. Yao, X. Li, and J. Zhong, “Secured single-pixel broadcast imaging,” Opt. Express 26(11), 14578–91 (2018). [CrossRef]

13. S. Jiao, J. Feng, Y. Gao, T. Lei, and X. Yuan, “Visual cryptography in single-pixel imaging,” Opt. Express 28(5), 7301 (2020). [CrossRef]

14. C. Zhang, W. He, B. Han, M. Liao, D. Lu, X. Peng, and C. Xu, “Compressive optical steganography via single-pixel imaging,” Opt. Express 27(9), 13469–78 (2019). [CrossRef]

15. J. Wu, Z. Xie, Z. Liu, W. Liu, Y. Zhang, and S. Liu, “Multiple-image encryption based on computational ghost imaging,” Opt. Commun. 359, 38–43 (2016). [CrossRef]

16. K. Yi, Z. Leihong, and Z. Dawei, “Optical encryption based on ghost imaging and public key cryptography,” Opt. Lasers Eng. 111, 58–64 (2018). [CrossRef]

17. S. Liansheng, D. Cong, X. Minjie, T. Ailing, and A. Anand, “Information encryption based on the customized data container under the framework of computational ghost imaging,” Opt. Express 27(12), 16493–506 (2019). [CrossRef]

18. Y. Qin and Y. Zhang, “Information encryption in ghost imaging with customized data container and XOR operation,” IEEE Photonics J. 9(2), 1–8 (2017). [CrossRef]

19. Y. Zhang, D. Xiao, W. Wen, and H. Liu, “Vulnerability to chosen-plaintext attack of a general optical encryption model with the architecture of scrambling-then-double random phase encoding,” Opt. Lett. 38(21), 4506 (2013). [CrossRef]

20. J. F. Barrera, C. Vargas, M. Tebaldi, and R. Torroba, “Chosen-plaintext attack on a joint transform correlator encrypting system,” Opt. Commun. 283(20), 3917–3921 (2010). [CrossRef]

21. L. Wang, Q. Wu, and G. Situ, “Chosen-plaintext attack on the double random polarization encryption,” Opt. Express 27(22), 32158–67 (2019). [CrossRef]

22. H. Hai, S. Pan, M. Liao, D. Lu, W. He, and X. Peng, “Cryptanalysis of random-phase-encoding-based optical cryptosystem via deep learning,” Opt. Express 27(15), 21204–13 (2019). [CrossRef]

23. U. Gopinathan, D. S. Monaghan, T. J. Naughton, and J. T. Sheridan, “A known-plaintext heuristic attack on the Fourier plane encryption algorithm,” Opt. Express 14(8), 3181 (2006). [CrossRef]

24. S. Jiao, Y. Gao, T. Lei, and X. Yuan, “Known-plaintext attack to optical encryption systems with space and polarization encoding,” Opt. Express 28(6), 8085 (2020). [CrossRef]

25. X. Peng, P. Zhang, H. Wei, and B. Yu, “Known-plaintext attack on optical encryption based on double random phase keys,” Opt. Lett. 31(8), 1044 (2006). [CrossRef]

26. L. Chen, B. Peng, W. Gan, and Y. Liu, “Plaintext attack on joint transform correlation encryption system by convolutional neural network,” Opt. Express 28(19), 28154–63 (2020). [CrossRef]

27. M. Liao, W. He, D. Lu, and X. Peng, “Ciphertext-only attack on optical cryptosystem with spatially incoherent illumination: from the view of imaging through scattering medium,” Sci. Rep. 7(1), 1–9 (2017). [CrossRef]

28. X. Chang, A. Yan, and H. Zhang, “Ciphertext-only attack on optical scanning cryptography,” Opt. Lasers Eng. 126, 105901 (2020). [CrossRef]

29. S. Jiao, G. Li, C. Zhou, W. Zou, and X. Li, “Special ciphertext-only attack to double random phase encryption by plaintext shifting with speckle correlation,” J. Opt. Soc. Am. A 35(1), A1–6 (2018). [CrossRef]

30. H. Wu, X. Meng, X. Yang, X. Li, P. Wang, W. He, and H. Chen, “Ciphertext-only attack on optical cryptosystem with spatially incoherent illumination based deep-learning correlography,” Opt. Lasers Eng. 138, 106454 (2021). [CrossRef]

31. C. Guo, S. Liu, and J. T. Sheridan, “Iterative phase retrieval algorithms. Part II: Attacking optical encryption systems,” Appl. Opt. 54(15), 4709 (2015). [CrossRef]

32. S. Yuan, L. Wang, X. Liu, and X. Zhou, “Forgery attack on optical encryption based on computational ghost imaging,” Opt. Lett. 45(14), 3917 (2020). [CrossRef]

33. L. Bian, J. Suo, Q. Dai, and F. Chen, “Experimental comparison of single-pixel imaging algorithms,” J. Opt. Soc. Am. A 35(1), 78–87 (2018). [CrossRef]

34. G. Yang, S. Jiao, J. Fang, T. Lei, Z. Xie, and X. Yuan, “Multiple-image encryption and hiding with an optical diffractive neural network,” Opt. Commun. 463, 125476 (2020). [CrossRef]

35. Z. Liu, C. Wu, J. Wang, and Y. Hu, “A color image encryption using dynamic DNA and 4-D memristive hyper-chaos,” IEEE Access 7, 78367–78378 (2019). [CrossRef]

	Correlation coefficients			entropy
	Horizontal	vertical	diagonal	entropy
Original key	−0.00083	−0.00083	−0.00119	7.94768
Fake key	0.00030	−0.00226	−0.00148	7.94435

		Correlation coefficients			entropy
		horizontal	vertical	diagonal	entropy
Fourier	1^st original RPM	−0.01566	0.04514	−0.02611	7.98975
	2^nd original RPM	0.02532	0.00807	0.02178	7.98988
	1^st fake RPM	−0.00943	−0.06111	0.01611	7.98996
	2^nd fake RPM	0.00201	−0.00089	−0.03064	7.99017
Fresnel	1^st original RPM	0.03298	−0.05317	0.06377	7.99001
	2^nd original RPM	0.00228	−0.02073	−0.07500	7.99001
	1^st fake RPM	0.01564	−0.00750	0.01335	7.99013
	2^nd fake RPM	−0.04702	−0.04254	0.03277	7.99013

		Correlation coefficients			entropy
		horizontal	vertical	diagonal	entropy
Fourier	1^st original RPM	0.03569	0.01427	0.00800	7.99011
	2^nd original RPM	0.00688	0.05203	0.01134	7.99033
	1^st fake RPM	−0.03441	0.03218	0.02316	7.99018
	2^nd fake RPM	−0.03011	0.00181	−0.03700	7.98979
Fresnel	1^st original RPM	0.02181	0.00353	0.01404	7.98980
	2^nd original RPM	−0.02658	0.00444	0.01297	7.99019
	1^st fake RPM	0.06527	0.00628	0.03962	7.99002
	2^nd fake RPM	−0.04579	−0.03227	0.05644	7.98943

	Correlation coefficients			entropy
	Horizontal	vertical	diagonal	entropy
Original key	−0.00083	−0.00083	−0.00119	7.94768
Fake key	0.00030	−0.00226	−0.00148	7.94435

		Correlation coefficients			entropy
		horizontal	vertical	diagonal	entropy
Fourier	1^st original RPM	−0.01566	0.04514	−0.02611	7.98975
	2^nd original RPM	0.02532	0.00807	0.02178	7.98988
	1^st fake RPM	−0.00943	−0.06111	0.01611	7.98996
	2^nd fake RPM	0.00201	−0.00089	−0.03064	7.99017
Fresnel	1^st original RPM	0.03298	−0.05317	0.06377	7.99001
	2^nd original RPM	0.00228	−0.02073	−0.07500	7.99001
	1^st fake RPM	0.01564	−0.00750	0.01335	7.99013
	2^nd fake RPM	−0.04702	−0.04254	0.03277	7.99013

Generalized forgery attack to optical encryption systems

Abstract

1. Introduction

2. Principles of proposed schemes

2.1 Forgery attack to general CGI

2.2 Forgery attack to DRPE in Fourier domain and Fresnel domain

2.3 Imperceptibility of the forged keys

3. Results and discussions

3.1 Forgery attack to general CGI

3.2 Forgery attack to DRPE in Fourier domain and Fresnel domain

4. Conclusion

Funding

Disclosures

Data availability

References

Data availability

Cited By

Figures (21)

Tables (3)

Equations (8)

Optics Express