Cryptanalysis of an Image Encryption Algorithm Based on a 2D Hyperchaotic Map

. 2022 Oct 28;24(11):1551. doi: 10.3390/e24111551

Algorithm 2 The proposed chosen-ciphertext attack

Input:
The ciphertext C of size $H \times W$
Output:
The plaintext P of C
1:
// step1: construct $⌈ \log_{L} (H W) ⌉ + 1$ ciphertext-plaintext pairs and compute the differentials respectively
2:
$C 0$ = rand $(H, W)$ ;
3:
$P 0$ = decrypt $(C 0)$ ;
4:
for $i = 1$ to $⌈ \log_{L} (H W) ⌉$ do
5:
// construct $⌈ \log_{L} (H W) ⌉$ ciphertexts and obtain the corresponding plaintexts
6:
$Δ S i$ = JolfaeiAlgorithmGeneration(i);
7:
$Δ C i$ = diffusionAttack $(Δ S i)$ ;
8:
$C i = C 0 + Δ C i$ ;
9:
$P i$ = decrypt $(C i)$ ;
10:
// compute $⌈ \log_{L} (H W) ⌉$ differentials of plaintexts
11:
$Δ P i = P i - P 0$ ;
12:
end for
13:
// step2: get the equivalent permutation matrix by the differential of plaintexts and intermediate differential results
14:
for $i = 1$ to $⌈ \log_{L} (H W) ⌉$ do
15:
JolfaeiAlgorithmAdd $(Δ P i, Δ S i)$ ;
16:
end for
17:
$p e r m u t a t i o n M a t r i x$ = JolfaeiAlgorithm();
18:
// step3: obtain an intermediate result with the permutation matrix
19:
$S 0$ = permute $(P 0, p e r m u t a t i o n M a t r i x)$ ;
20:
// step4: obtain the equivalent key stream matrix of the diffusion process from the intermediate results and the corresponding ciphertext.
21:
$T = C -$ diffusionAttack $(S 0)$ ;
22:
// step5: recover the plaintext of the target ciphertext with the equivalent key stream elements
23:
$S C$ = inverseDiffusionAttack $(C - T)$ ;
24:
P = inversePermute $(S C, p e r m u t a t i o n M a t r i x)$ ;