Optical multiple-image encryption based on the chaotic structured phase masks under the illumination of a vortex beam in the gyrator domain

Sui Liansheng; Zhou Bei; Ning Xiaojuan; Tian Ailing

doi:10.1364/OE.24.000499

1. Introduction

As we know, the image encoding and hiding schemes based on optical techniques have attracted great attention of researchers in the area of information security during the past decades. Besides the inherent advantages of parallel and high speed processing of multi-dimensional data, optical methods have capability of arbitrary selection of optical parameters to enhance the security of the cryptosystems, in which these parameters such as focal length, imaging distance and wavelength are usually used as additional encryption keys. Enlightened by the pioneering work based on the double random phase encoding (DRPE) in Fourier transform domain proposed by Refregier and Javidi in 1995 [1], various optical methods such as coherent diffractive imaging [2], integral imaging [3], ghost imaging [4], photon-counting [5], polarized light encoding [6], interferometer [7], compressive sensing [8] and ptychography [9] have been investigated. Meanwhile, DRPE-based architecture has been developed into various canonical transform domains such as fractional Fourier transform domain [10], Fresnel transform domain [11], gyrator transform (GT) domain [12], fractional angular transform domain [13], fractional random transform domain [14] and fractional Mellin transform domain [15]. Numerous kinds of methods are summarized [16–18], which may be potential solutions to the implementation of purely optical cryptosystem in the future.

Though the architectures of DRPE-based schemes are efficient, they have some common weaknesses. First, these schemes usually involve the holographic recording of the complex valued encoded ciphertext, which is not convenient for information storage and transmission, especially for optical encryption and decryption. Second, the problems that arised from misalignment are unavoidable in the optical system that requires axial movements. Moreover, recent results have demonstrated that the DRPE-based schemes are vulnerable to some types of attacks due to inherent linearity [19–21]. To reduce the linearity, the permutation-diffusion processes based on different chaotic maps have been applied [22–24], which makes the optical cryptosystems more complicated. Qin and Peng [25] proposed an asymmetric image encryption scheme based on the phase-truncated Fourier transforms. Though the linearity of DRPE can be removed thoroughly, it cannot resist against the specific attack proposed in [26]. To avoid recording the complex valued ciphertext data, a variety of interference-based encryption systems have been investigated [27–30], in which the plain image are encoded into two or more phase-only masks (POMs) with no time-consuming iterative computation involved. Recently, some modified approaches that can reduce the effect of inherent silhouette problem have been reported by using additional transformation [31] and larger number of POMs [32, 33]. Another solution to remove silhouette thoroughly is that the target image is encrypted into POMs by using the phase retrieval algorithms [34, 35], in which the convergent speed need to be improved further. To solve the alignment difficulties between various optical elements, many encryption schemes by using structured phase masks (SPMs) based on Fresnel zone plate (FZP), toroidal zone plate (TZP) or radial Hilbert mask (RHM) have been developed. Because FZP contains a focal ring that can be aligned with the optical axis, Abuturab [36] proposed a color information security scheme based on Arnold transform in GT domain, in which the phase function of FZP is used to generate double structured phase masks. Similarly, the focusing ring of the TZP as a diffractive optical component is helpful to align with the setup axis. Sunanda et al. [37] presented an image encryption by employing the phase retrieval algorithm in the fractional Mellin transform domain, in which two structured phase masks are constructed based on TZP and RHM, respectively. Singh et al. [38] proposed the double phase-image encryption using GTs, in which the SPM is derived from DVFL in the frequency plane. However, there is an obvious drawback in these SPM based schemes, namely the randomness of the aforementioned SPMs is attenuated, which make the security of the cryptosystem reduced greatly.

In this paper, a novel multiple-image encryption scheme using the nonlinear iterative phase retrieval algorithm in the gyrator transform domain under the illumination of an optical vortex beam is proposed to overcome aforementioned weaknesses. With the help of two chaotic SPMs that have more randomness, each plain image is encoded into two POMs that are usually used as the private keys. During the nonlinear double-phase retrieval process in GT domain, the illuminating light is initially transmitted through the fixed SPM, which is generated based on FZP and RHM simultaneously, to form the vortex beam. The vortex beam is transformed by first GT and transmitted through first chaotic SPM. Then, the transmitted information is transformed by second GT and transmitted through second chaotic SPM. Before reaching the output plane that is used to record the plain image, it is transformed by third GT. Finally, all second keys of plain images are modulated into the ciphertext, which has the static white noise distribution. To the best of our knowledge, the chaotic SPMs with the property of more randomness are first proposed to encrypt multiple images, which not only can solve the problem of axis alignment in the optical implementation of the cryptosystem efficiently but also can afford more system parameters as additional keys to enhance the security of the cryptosystem. Numerical simulation results are presented to demonstrate the feasibility and effectiveness of the proposed scheme.

The rest of this article is organized as follows. In Section 2, the encryption and decryption processes are introduced in detail. In Section 3, numerical simulation results and security analysis are given. Finally, the conclusion is given in Section 4.

2. Proposed algorithm

2.1 Gyrator transform

The optical GT of the two-dimensional real function $f (x_{i}, y_{i})$ associated in first-order optics at the rotation angle $α$ has the complex field amplitude, which can be expressed as [36]

f_{o} (x_{o}, y_{o}) = G^{α} [f_{i} (x_{i}, y_{i})] (x_{o}, y_{o}) = \frac{1}{| \sin α |} \iint f (x_{i}, y_{i}) K_{α} (x_{i}, y_{i}, x_{o}, y_{o}) d x_{i} d y_{i},

where

(x_{i}, y_{i})

and

(x_{o}, y_{o})

indicate the input and output coordinates, respectively, and the transform kernel is denoted as

K_{α} (x_{i}, y_{i}, x_{o}, y_{o}) = \exp (i 2 π \frac{(x_{o} y_{o} + x_{i} y_{i}) \cos α - (x_{i} y_{o} + x_{o} y_{i})}{\sin α}) .

The kernel of GT is a product of the hyperbolic and plane waves. In the optical system, the GT can be performed by correct rotation of cylindrical lenses for any rotation angle while the distance between lens and input-output planes are fixed, which makes GT is widely used in the field of image encryption in past decades. When $α = 0$ and $α = π$ , GT corresponds to the identity transform and reverse transform, respectively. When $α = π / 2$ and $α = 3 π / 2$ , GT corresponds to the Fourier transform and its inverse transform with rotation of the coordinates at $π / 2$ , respectively. For other cases, the kernel of GT has constant amplitude and a hyperbolic phase structure. The GT is additive and periodic, which means that GT satisfies the properties such as follows

G^{α} [f (x, y)] = G^{α + 2 π} [f (x, y)] .

G^{α} {G^{β} [f (x, y)]} = G^{α + β} [f (x, y)] .

The inverse GT corresponds to the GT at the rotation angle

- α

.

2.2 Chaotic structured phase mask

In most DRPE-based optical encryption schemes, the RPMs employed as the private keys are usually generated based on different chaotic maps. The simple one-dimensional nonlinear chaos function is the logistic map, and its iterative form can be written as

x_{n + 1} = p \times x_{n} \times (1 - x_{n}),

where

p

is known as the bifurcation parameter,

x_{n} \in (0, 1)

denotes an iterative value and

x_{0}

is the initial value. When

p \in [3.5699456, 4]

, the generated iterative value sequence is in chaotic state. When

x_{0}

has a slight variation, a totally different random value sequence with non-periodic and non-convergent properties can be engendered. Let the size of the RPM is

M \times N

pixels. In order to obtain a chaotic RPM, an one-dimensional random value sequence is generated by using Eq. (5) initially, which is denoted as

X = {x_{1}, x_{2}, \dots, x_{M \times N}}, x_{i} \in (0, 1)

. Then, a two-dimensional matrix denoted as

Y = {y_{i, j} | i = 1, 2, \dots, M; j = 1, 2, \dots, N}, y_{i, j} \in (0, 1)

is formed by rearranging the sequence

X

, with which a chaotic RPM can be calculated as

R (x, y) = \exp (j 2 π y_{i, j}),

where

(x, y)

is the coordinates of the RPM. Though the use of the chaotic RPMs makes the management of the private keys convenient, it causes the serious problem of axis alignment in the optical setup. To solve this problem, the encryption methods based on the SPM such as FZP and RHM have been proposed. The SPM possesses characteristics of various system parameters in a single mask, in which these parameters are usually used as the additional keys to enhance the security of the cryptosystem.

As a diffractive optical element, the complex field amplitude distribution of FZP can be written as

F (r) = \exp (- j \frac{π}{λ f} r^{2}),

where

r

is the radius,

f

is the focal length and

λ

is the illuminating wavelength. The optical axis is supposed to coincide with the z-direction. When the sample values of the system parameters are set to

r = 3

mm,

f = 40

mm and

λ = 632.8

nm, respectively, the resultant SPM generated is shown in Fig. 1(a).

Fig. 1 (a) Generated SPM based on FZP, (b) generated SPM based on RHM, (c) generated SPM based on FZP and RHM and (d) the proposed chaotic SPM.

Download Full Size | PDF

As a method to make the edges of an image enhanced, the radial Hilbert phase function in log-polar coordinates $(ρ, θ)$ of RHM can be expressed as

H (ρ, θ) = \exp (j P θ),

where

P

is the order of transformation, also called as topological charge. The SPM generated based on the RHM has the apparent characteristic that the opposite halves of any radial line of the mask have a relative phase difference of

P π

radians, which is helpful in aligning the axis of the optical setup. When the order is set to

P = 5

, the resultant SPM is shown in Fig. 1(b).

In order to enhance the security of the encryption schemes, a mixed SPM can be generated based on FZP and RHM simultaneously, which can expressed by taking the product of the two functions $F (r)$ and $H (ρ, θ)$ as follows

M (x, y) = F (r) \times H (ρ, θ) .

The mixed SPM is shown in Fig. 1(c). Usually, the parameters such as

f

,

λ

of FZP and

P

of RHM are considered as private keys.

From the patterns shown in Fig. 1(a) and 1(c), an obvious defect that the randomness of the SPMs is reduced greatly can be observed. To solve this problem, the chaotic SPM is proposed based on the logistic map, which can be formed by using Eqs. (7) - (9) as follows

C (x, y) = \exp {j {\arg {R (x, y)} \times \arg {F (r)} \times \arg {H (ρ, θ)}}},

where

\arg {\cdot}

denotes the phase extraction operation of the argument. The chaotic SPM generated with the same system parameters by using Eq. (10) is shown in Fig. 1(d), from which it is apparent that the chaotic SPM is more random than other ones.

2.3 Encryption and decryption processes

The proposed multiple-image encryption scheme is based on a nonlinear iterative phase retrieval process in GT domain and the chaotic SPMs, in which each plain image is encrypted into two POMs individually. In order to have a clear illustration, a backcasting approach is utilized to explain this scheme, namely the optical implementation of the decryption process is firstly introduced as shown in Fig. 2. Let that $f_{i} (x, y) i = 1, 2, \dots, N$ denotes a original plain image and the number of plain images is $N$ , two encrypted POMs are denoted as two functions $D_{i}^{1} (x_{1}, y_{1})$ and $D_{i}^{2} (x_{2}, y_{2})$ which are recorded into two spatial light modulators (SLMs), respectively, namely SLM1 and SLM2. Simultaneously, a predefined mixed SPM denoted as $P (x_{0}, y_{0})$ is recorded into the SLM0, which is generated by using Eq. (9).

Fig. 2 The optoelectronic setup of the decryption process.

Download Full Size | PDF

In the process of decryption, a coherent beam is incident vertically on the SLM0 to generate the vortex beam as follows

G_{0} (x_{0}, y_{0}) = A_{0} (x_{0}, y_{0}) P (x_{0}, y_{0}),

where the amplitude

A_{0} (x_{0}, y_{0})

is constrained to unit function, i.e.

A_{0} (x_{0}, y_{0}) = 1

. Before reaching the SLM1, the complex wavefront

G_{0} (x_{0}, y_{0})

is optically transformed by first GT with the rotation angle

α_{1}

. In the SLM1, the transformed result is digitally multiplied with first POM

D_{i}^{1} (x_{1}, y_{1})

. Then, the multiplication result is optically transformed by second GT with the rotation angle

α_{2}

before reaching the SLM2. Similarly, the transformed result is digitally multiplied with second POM

D_{i}^{2} (x_{2}, y_{2})

, and then the multiplication is optically transformed by third GT with the rotation angle

α_{3}

. Finally, by superimposing the transformed result on the plane reference beam, the original image

f_{i} (x, y)

can be decrypted in the output plane by recording the holographic interference fringe as an off-axis hologram with the intensity detector such as CCD camera. The decryption process can be mathematically expressed as

f_{i} (x, y) = | G^{α_{3}} {G^{α_{2}} {G^{α_{1}} {G_{0} (x_{0}, y_{0})} D_{i}^{1} (x_{1}, y_{1})} D_{i}^{2} (x_{2}, y_{2})} |,

where

G^{α} {\cdot}

represents the GT of the argument with the rotation angle

α

, and

| \cdot |

represents the modulus computation of the argument.

Obviously, two POMs $D_{i}^{1} (x_{1}, y_{1})$ and $D_{i}^{2} (x_{2}, y_{2})$ must be known in advance before the plain image $f_{i} (x, y)$ is reconstructed in the decryption process. These POMs can be obtained by using the following nonlinear iterative phase retrieval algorithm. The related optical implementation is shown in Fig. 3, in which the architecture of optical setup is similar to that in Fig. 2, except that two initial phase functions denoted as $C_{i}^{1} (x_{1}, y_{1})$ and $C_{i}^{2} (x_{2}, y_{2})$ are respectively recorded in the SLM1 and SLM2 in the beginning of the retrieval process, and the output plane is used to detect the estimation ${\hat{f}}_{i} (x, y)$ of the plain image in each of iteration. The core of the iterative process is to optimize two retrieved phase functions of the frequency planes in the GT domains, which act as complex functions back and forth between SLM1 and SLM2 under the known constraint conditions. With the iteration number increasing, these phase functions and the estimation ${\hat{f}}_{i} (x, y)$ will be updated. When the convergent criterion is achieved, the iteration is stopped. The final phase functions $C_{i}^{1} (x_{1}, y_{1})$ and $C_{i}^{2} (x_{2}, y_{2})$ can be used to generate the POMs $D_{i}^{1} (x_{1}, y_{1})$ and $D_{i}^{2} (x_{2}, y_{2})$ used in Eq. (12).

Fig. 3 The optoelectronic setup of the iterative phase retrieval process.

Download Full Size | PDF

Initially, after the vortex beam $G_{0} (x_{0}, y_{0})$ is transformed by first GT with the rotation angle $α_{1}$ , the generated complex result $G_{1} (x_{1}, y_{1})$ can be expressed as

G_{1} (x_{1}, y_{1}) = G^{α_{1}} {G_{0} (x_{0}, y_{0})} .

Notably, this complex function will be kept unchanged in the iterative phase retrieval process. Supposing that phase functions

C_{i}^{1, k} (x_{1}, y_{1})

and

C_{i}^{2, k} (x_{2}, y_{2})

are known in the

k - th

iteration according to the plain image

f_{i} (x, y)

, the iterative process can be explained as follows

(1) In the SLM1, $G_{1} (x_{1}, y_{1})$ is digitally multiplied with the function $C_{i}^{1, k} (x_{1}, y_{1})$ , which result is transformed by the second GT with the rotation angle $α_{2}$ . Denoting the transformed output as $G_{2}^{k} (x_{2}, y_{2})$ , its phase function $C^{2} (x_{2}, y_{2})$ can be extracted by the following way $G_{2}^{k} (x_{2}, y_{2}) = G^{α_{2}} {G_{1} (x_{1}, y_{1}) C_{i}^{1, k} (x_{1}, y_{1})},$ $C^{2} (x_{2}, y_{2}) = \exp {j \arg {G_{2}^{k} (x_{2}, y_{2})}},$
where $C^{2} (x_{2}, y_{2})$ is an interim function.
(2) In the SLM2, the amplitude of the complex function $G_{2}^{k} (x_{2}, y_{2})$ is digitally multiplied with the function $C_{i}^{2, k} (x_{2}, y_{2})$ , and then is transformed forward to the output plane by third GT with the rotation angle $α_{3}$ . Denoting the transformed result as $G_{3}^{k} (x, y)$ , its phase function $C^{3} (x, y)$ is extracted as bellows $G_{3}^{k} (x, y) = G^{α_{2}} {| G_{2}^{k} (x_{2}, y_{2}) | C_{i}^{2, k} (x_{2}, y_{2})},$ $C^{3} (x, y) = \exp {j \arg {G_{3}^{k} (x, y)}} .$
where $C^{3} (x, y)$ is an interim function.
(3) Replacing the amplitude part of the complex function $G_{3}^{k} (x, y)$ with the plain image $f_{i} (x, y)$ that is considered as the known constraint, the modified function in the output plane is transformed backward to SLM2 by the inverse third GT. In other words, the $G_{2}^{k} (x_{2}, y_{2})$ is updated to form a new wave function ${\hat{G}}_{2}^{k} (x_{2}, y_{2})$ , which can be mathematically expressed as ${\hat{G}}_{2}^{k} (x_{2}, y_{2}) = G^{- α_{3}} {f_{i} (x, y) C^{3} (x, y)} .$
(4) Similarly, keeping the amplitude part of the wave function ${\hat{G}}_{2}^{k} (x_{2}, y_{2})$ unchanged and replacing the phase part with the function $C^{2} (x_{2}, y_{2})$ computed with Eq. (15), the modified wave function is transformed inversely back to SLM1 by the inverse second GT. Denoting the obtained wave function as ${\hat{G}}_{1}^{k} (x_{1}, y_{1})$ , the transformation is described as ${\hat{G}}_{1}^{k} (x_{1}, y_{1}) = G^{- α_{2}} {| {\hat{G}}_{2}^{k} (x_{2}, y_{2}) | C^{2} (x_{2}, y_{2})} .$
(5) The phase functions $C_{i}^{1, k + 1} (x_{1}, y_{1})$ and $C_{i}^{2, k + 1} (x_{2}, y_{2})$ used in the next iteration can be updated by the following ways $C_{i}^{1, k + 1} (x_{1}, y_{1}) = \exp {j \arg {\frac{{\hat{G}}_{1}^{k} (x_{1}, y_{1})}{G_{1} (x_{1}, y_{1})}}},$ $C_{i}^{2, k + 1} (x_{2}, y_{2}) = \exp {j \arg {{\hat{G}}_{2}^{k} (x_{2}, y_{2})}} .$

Assigning the new SPM function

C_{i}^{1, k + 1} (x_{1}, y_{1})

to an interim matrix

P_{i}^{1} (x_{1}, y_{1})

, another matrix

P_{i}^{2} (x_{2}, y_{2})

is calculated by the following equations

P_{i}^{1} (x_{1}, y_{1}) = C_{i}^{1, k + 1} (x_{1}, y_{1}),

G^{2} (x_{2}, y_{2}) = G^{α_{2}} {G_{1} (x_{1}, y_{1}) P_{i}^{1} (x_{1}, y_{1})},

C^{2} (x_{2}, y_{2}) = \exp {j \arg {G^{2} (x_{2}, y_{2})}},

P_{i}^{2} (x_{2}, y_{2}) = C_{i}^{2, k + 1} (x_{2}, y_{2}) c o n j {C^{2} (x_{2}, y_{2})},

where

G^{2} (x_{2}, y_{2})

represents an complex function. Then, the estimation

{\hat{f}}_{i} (x, y)

of the plain image is calculated as

{\hat{f}}_{i} (x, y) = | G^{α_{3}} {G^{2} (x_{2}, y_{2}) P_{i}^{2} (x_{2}, y_{2})} | .

Repeat aforementioned steps until the convergent criterion is achieved. In order to decide whether the iteration is stopped, the correlation coefficient (CC) or the mean square error (MSE) between the plain image and its estimation is used as the convergent criterion, which can be respectively expressed as

CC = \frac{E {[f (x, y) - E [f (x, y)]] [\hat{f} (x, y) - E [\hat{f} (x, y)]]}}{\sqrt{E {{[f (x, y) - E [f (x, y)]]}^{2}} \sqrt{E {{[\hat{f} (x, y) - E [\hat{f} (x, y)]]}^{2}}}

MSE = \frac{\sum_{0}^{M - 1} \sum_{0}^{N - 1} {[f (x, y) - \hat{f} (x, y)]}^{2}}{M \times N},

where

f (x, y)

and

\hat{f} (x, y)

denote the plain image and the estimation which size is

M \times N

pixels, and

E {\cdot}

denotes the expected value operator. In the process of iteration, if CC is larger than a predefined threshold which is close to 1 or MSE is lower than a predefined threshold which is close to 0, the iterative phase retrieval process will be ended. It is should be pointed out that the initial phase functions

C_{i}^{1, 1} (x_{1}, y_{1})

and

C_{i}^{2, 1} (x_{2}, y_{2})

in the beginning of the iterative process are chaotic SPMs generated by using Eq. (10), respectively, in which one is defined with the system parameters such as focal length

f_{1}

, illuminating wavelength

λ_{1}

of FZP, transformation order

P_{1}

of RHM and initial values

x_{1}

of logistic map as well as another is defined with

f_{2}

,

λ_{2}

,

P_{2}

and

x_{2}

. With the rotation orders

α_{1}

,

α_{2}

and

α_{3}

of GT, most parameters can be used as the private keys to enhance the security of the cryptosystem.

Through above phase retrieval process, each plain image $f_{i} (x, y)$ can be encoded to two POMs $P_{i}^{1} (x_{1}, y_{1})$ and $P_{i}^{2} (x_{2}, y_{2})$ . In the proposed multiple-image encryption scheme, the first POM $P_{i}^{1} (x_{1}, y_{1})$ is kept unchanged and considered as the first private key to decrypt the plain image $f_{i} (x, y)$ , while all second POMs $P_{i}^{2} (x_{2}, y_{2})$ are directly multiplied and formed to the ciphertext $C i p h e r (x_{2}, y_{2})$ as

C i p h e r (x_{2}, y_{2}) = \prod_{k = 1}^{N} P_{k}^{2} (x_{2}, y_{2}) .

Meanwhile, the POM

P_{i}^{2} (x_{2}, y_{2})

is converted to the second private key

{\hat{P}}_{i}^{2} (x_{2}, y_{2})

as follows

{\hat{P}}_{i}^{2} (x_{2}, y_{2}) = \exp {j (\sum_{k = 1, k \neq i}^{N} \arg {P_{k}^{2} (x_{2}, y_{2})})} .

For representation consistently, the POM $P_{i}^{1} (x_{1}, y_{1})$ is re-denoted as

{\hat{P}}_{i}^{1} (x_{1}, y_{1}) = P_{i}^{1} (x_{1}, y_{1}) .

According to an authorized user who can access the image

f_{i} (x, y)

, he should possess correct private keys

{\hat{P}}_{i}^{1} (x_{1}, y_{1})

and

{\hat{P}}_{i}^{2} (x_{2}, y_{2})

. In this way, the security of the cryptosystem is enhanced greatly, because the second private key

{\hat{P}}_{i}^{2} (x_{2}, y_{2})

is not only depended on its plain image but also relative to other ones. With the help of the ciphertext saved in the computer, two POMs

D_{i}^{1} (x_{1}, y_{1})

and

D_{i}^{2} (x_{2}, y_{2})

used in the process of decryption can be calculated from the private keys as

D_{i}^{1} (x_{1}, y_{1}) = {\hat{P}}_{i}^{1} (x_{1}, y_{1}),

D_{i}^{2} (x_{2}, y_{2}) = C i p h e r (x_{2}, y_{2}) c o n j {{\hat{P}}_{i}^{2} (x_{2}, y_{2})} .

When decrypting the plain image

f_{i} (x, y)

, the only thing to do is that the related POMs

D_{i}^{1} (x_{2}, y_{2})

and

D_{i}^{2} (x_{2}, y_{2})

are replaced into the SLM1 and SLM2 as shown in Fig. 2, respectively.

The related fowcharts for the encryption and decryption processes are shown in Figs. 4(a) and 4(b), respectively. In the process of encryption, a plain image $f_{i} (x, y)$ is encrypted to two POMs $P_{i}^{1} (x_{1}, y_{1})$ and $P_{i}^{2} (x_{2}, y_{2})$ by using Eqs. (13)–(26) in the nonlinear iterative phase retrieval process, in which $P_{i}^{1} (x_{1}, y_{1})$ is used as the first phase key. The ciphertext is formed by multiplying all $P_{i}^{2} (x_{2}, y_{2})$ by using Eq. (29), and the second phase key is generated by using Eq. (30). The decryption process is very simple, in which only three GT are employed to recover original images with the help of two POMs $D_{i}^{1} (x_{1}, y_{1})$ and $D_{i}^{2} (x_{2}, y_{2})$ . These phase functions can be easily obtained by using Eqs. (32) and (33). In order to verify the feasibility and robustness of the proposed scheme, a test set including three plain images is used in the subsequent simulation, in which three images are encrypted into one ciphertext with the same size. So, So, it can be safe to say that the compression ration of the proposed scheme can achieve to 1:3. Factually, the decrypted images still have high quality when the test set includes nine plain images, which means the proposed scheme has high encryption capacity. Because the ciphertext is formed by using the phase modulation operation, in which all second POMs of plain images are directly multiplied, the affection of cross-talk can be avoided thoroughly.

Fig. 4 (a) Flowchart of encryption process and (b) Flowchart of the decryption process.

Download Full Size | PDF

For the proposed multiple-image encryption, the following obvious properties can be summarized. First, the chaotic SPMs based on logistic map, FZP and RHM are employed in the process of encryption, which can solve the problem of axis alignment in the optical implementation of the cryptosystem efficiently. Second, the authorized user only needs to store and transmit the real-valued phase functions of the private keys ${\hat{P}}_{i}^{1} (x_{1}, y_{1})$ , ${\hat{P}}_{i}^{2} (x_{2}, y_{2})$ and the ciphertext $C i p h e r (x_{2}, y_{2})$ , whereas the RPMs used as the private keys and the ciphertext in other DPRE-based optical encryption methods usually are complex functions that are difficult to record. So, the storage and transmission of the private keys and the ciphertext in the proposed scheme is very convenient. Third, the phase key ${\hat{P}}_{i}^{2} (x_{2}, y_{2})$ derived in the encryption process is directly related to all plaintext images, which means the scheme has high resistance against various potential attacks such as the classic chosen plaintext attack. The proposed scheme can be considered as the asymmetric method because two phase keys are not identical to two initial chaotic SPMs which are usually employed as the encryption keys. Additionally, the use of the vortex beam formed with FZP and RHM can improve the security levels, which can offer more system parameters as the additional keys such as focal length and illuminating wavelength of FZP, transformation order of RHM. With the rotation orders of GT, the key space of the cryptosystem is enlarged widely.

3. Numerical simulation and security analysis

Due to the limited resource of the optical elements in our laboratory, only numerical simulations are performed to verify the feasibility and security of the proposed scheme. So, the influence of practical parameters on some elements in the imaging process is not considered such as SLM dimensions, pixel size of CCD camera, and so on. In the simulations, three images “Lena”, “Baboon” and “Zelda” with the size of $256 \times 256$ pixels, which are selected from USC-SIPI image database [39], are chosen as examples to be encrypted. Initial values of two logistic maps are set to different values as $x_{1} = 0.32$ and $x_{2} = 0.68$ , and other parameters are set as $μ = 3.9995$ and $K = 2000$ . For three GTs, the rotation orders are set to $α_{1} = 0.2$ , $α_{2} = 0.5$ and $α_{3} = 0.7$ , respectively. For simplicity, other parameter pairs are set to identical values, namely $f_{1} = f_{2} = 40$ mm, $λ_{1} = λ_{2} = 632.8$ nm and $P_{1} = P_{2} = 5$ . Actually, these parameter pairs of two FZPs and RHMs can be used with different values to enhance the security of the cryptosystem further. Figure 5(a) shows the plain image “Lena” and Fig. 5(b) shows the ciphertext image with stationary white noise distribution. Figure 5(c) shows the decrypted image with all correct private keys, from which the difference between the plain image and the decrypted ones cannot be discerned visually. Similarly, the decrypted images “ Baboon” and “Zelda” with high quality can be reconstructed.

Fig. 5 (a) Image “Lena”, (b) ciphertext and (c) decrypted “Lena”.

Download Full Size | PDF

To weight the difference between the plain images and their decrypted ones, the MSE defined by Eq. (28) is employed. The sensitivity of the proposed multiple-image encryption scheme is mainly depended on the additional system parameters, such as focal length and illuminating wavelength of FZP, transformation order of RHM and rotation orders of GTs. So, the sensitivity of the system parameters to the tiny change is demonstrated. Figures 6(a)–6(f) show the decrypted images of “Lena” when one of the parameters is incorrect and others correct, from which any original information cannot be recognized visually. Figures 6(a) and 5(b) show the decrypted results when the focal length has the deviation of 0.05mm and the illuminating wavelength has the deviation of 8nm, respectively. Figure 6(c) shows the decrypted result when the transformation order equals to 6. Figures 6(d)–6(f) show the decrypted results when the rotation orders $α_{1}$ , $α_{2}$ and $α_{3}$ , have the deviations of $5 \times 10^{- 7}$ , $4 \times 10^{- 6}$ and $4 \times 10^{- 4}$ , respectively. The calculated MSE values between the plain image and the reconstructed one are $5.032 \times 10^{3}$ , $5.187 \times 10^{3}$ , $5.953 \times 10^{3}$ , $4.953 \times 10^{3}$ , $4.953 \times 10^{3}$ and $5.168 \times 10^{3}$ , respectively, which are very high. Similar results can be obtained for other decrypted images.

Fig. 6 Decrypted “Lena” with (a) incorrect $f$ , (b) incorrect $λ$ , (c) incorrect $P$ , (d) incorrect $α_{1}$ , (e) incorrect $α_{2}$ and (f) incorrect $α_{3}$ .

Download Full Size | PDF

To evaluate the quality of decrypted images more accurately, the relationship curves of the MSE values between the plain image “Lena” and the corresponding results versus the variation of the system parameters are plotted in Figs. 7(a)–7(f), respectively. In all cases, when the deviation of the parameter approaches to correct value, the related MSE value approximates to zero, whereas the parameter departs from the correct value slightly, the MSE value increases highly. Similar results can be obtained for other decrypted images. Obviously, the proposed scheme is very sensitive to the variation of the system parameters.

Fig. 7 MSE versus the deviation of the (a) focal length $f$ , (b) wavelength $λ$ , (c) transformation order $P$ , (d) rotation order $α_{1}$ , (e) rotation order $α_{2}$ and (f) rotation order $α_{3}$ .

Download Full Size | PDF

Additionally, the cases having partially known data of the real-valued phase keys are considered when analyzing their affection to the decrypted images. Figures 8(a) and 8(b) show the decrypted images of “Lena” when the phase keys ${\hat{P}}_{i}^{1} (x_{1}, y_{1})$ and ${\hat{P}}_{i}^{2} (x_{2}, y_{2})$ are randomly generated, respectively. Figure 8(c) shows the decrypted image when the left 50% data of phase key ${\hat{P}}_{i}^{1} (x_{1}, y_{1})$ is unknown. Figure 8(d) shows the decrypted one when the left 25% data of phase keys ${\hat{P}}_{i}^{2} (x_{2}, y_{2})$ is unknown. Apparently, all decrypted results have the noise-like distribution, from which no valid information can be obtained. Similarly, the same conclusion can be deduced for the decrypted “Baboon” and “Zelda”.

Fig. 8 (a) Decrypted “Lena” with the random ${\hat{P}}_{i}^{1} (x_{1}, y_{1})$ , (b) decrypted “Lena” with the random ${\hat{P}}_{i}^{2} (x_{2}, y_{2})$ , (c) decrypted image when the left 50% data of ${\hat{P}}_{i}^{1} (x_{1}, y_{1})$ is unknown, (d) decrypted image when the left 25%data of ${\hat{P}}_{i}^{2} (x_{2}, y_{2})$ is unknown.

Download Full Size | PDF

Like most optical encryption methods, the robustness against the noise attack on the encrypted image should be verified in case that the ciphertext is contaminated in the process of storage and transmission. In order to evaluate the proposed scheme, supposing that the contaminated model of the ciphertext is built with the Gaussian random noise with zero-mean and identity standard deviation, which can be expressed as

C^{'} = C (1 + k G),

where

C

and

C^{'}

represent the original ciphertext and the noise-contaminated one, respectively, and the coefficient

k

represents the noise strength. Figure 9 shows the decrypted images of “Lena” with correct private keys when the noise strenght

k

equals to 0.4, 0.6, 0.8 and 1.0, respectively. The calculated MSE values between the plain image and the decrypted one are

2.055 \times 10^{3}

,

2.953 \times 10^{3}

,

4.953 \times 10^{3}

and

3.565 \times 10^{3}

, respectively. Though the MSE value becomes larger gradually with the noise strength increasing, the basic content of the original image “Lena” can be discerned visually. Similar results can be obtained for other decrypted images. So, it can be concluded that the proposed scheme has high robustness against the noise attack.

Fig. 9 Decrypted “Lena” with the coefficient: (a) $k = 0.4$ (b) $k = 0.6$ (c) $k = 0.8$ (d) $k = 1.0$ .

Download Full Size | PDF

As an important evaluation in the optical encryption schemes, the verification of the robustness against the occlusion attack also is necessary, due to partially lost of the ciphertext which is usually happened in the process of transmission. Supposing that the lost data of the ciphertext are replaced with 0, the decrypted image is recovered by using the remaining of the ciphertext with all correct private keys. Figures 10(a) and 10(b) show the occluded ciphertext with 25% and 50% occlusion sizes from the left side, respectively. Figures 10(c) and 10(d) show the decrypted image “Lena”, where the MSE value are $3.379 \times 10^{3}$ and $4.801 \times 10^{3}$ , respectively. Though the quality of the decrypted result becomes more blurry with the occluded data increasing, the basic structure information of the original image can be recognized visually. Similar results can be obtained for other decrypted images. So, it can be safe to say that the proposed scheme has high robustness against the occlusion attack.

Fig. 10 Ciphertext with (a) 25% occlusion, (b) 50% occlusion, (c) decrypted result from (a) and (d) decrypted result from (b).

Download Full Size | PDF

As we all know, there are four types of attacks such as cipher only attack, chosen cipher attack, known plaintext attack and chosen plaintext attack, which cause serious threat to image encryption algorithms. Especially, the chosen plaintext attack is the most efficient. If an encryption scheme is immune to this kind of attack, it can resist against other attacks [40]. So, only the chosen plaintext attack is performed to verify the proposed scheme on these attacks. Supposing an unauthorized user has known the system parameters considered as private keys, he encrypts other three plain images which also are selected from USC-SIPI image database. Then, he obtains three groups of two real-valued phase keys denoted as fake keys, where each group of fake keys can be used to decrypt the original ciphertext shown in Fig. 5(b), respectively. Figures 11(a)–11(c) show the decrypted images with three groups of fake keys, respectively, from which no valuable information on images “Lena”, “Baboon” and “Zelda” can be retrieved. Moreover, no content of “Goldhill”, “Cameraman” and “Barb” can be discerned visually. Obviously, the proposed scheme can efficiently resist against the potential types of attacks such as chosen plaintext attack.

Fig. 11 (a) decrypted image with first group of fake keys, (b) decrypted image width second group of fake keys and (c) decrypted image with third group of fake keys.

Download Full Size | PDF

To avoid attracts on the proposed multiple-image encryption scheme, two aspects of statistical tests are performed, in which one is analyzing the correlation coefficients between adjacent pixels of the ciphertext and another is regarding their histograms. As an important tool that is usually utilized to estimate the information of an image, the correlation coefficients on one group of adjacent pixels $(x_{i}, y_{i})$ in an image are calculated as

C o r = \frac{\sum_{i = 1}^{N} (x_{i} - \bar{x}) (y_{i} - \bar{y})}{\sqrt{(\sum_{i = 1}^{N} {(x_{i} - \bar{x})}^{2}) (\sum_{i = 1}^{N} {(y_{i} - \bar{y})}^{2})}},

where

\bar{x} = 1 / N \sum_{i = 1}^{N} x_{i}

and

\bar{y} = 1 / N \sum_{i = 1}^{N} y_{i}

. The 3000 pairs of adjacent pixels in the vertical, horizontal and diagonal directions are randomly chosen from three plain images and the ciphertext, respectively. Table 1 depicts the correlation coefficients on these pixel pairs, from which it can be known that the correlation values between adjacent pairs in the plain images are high whereas the correlation values in the ciphertext are low. As shown in Fig. 5(b), the distribution of the encrypted result is noise-like and the original structure contents are broken thoroughly, which means that an unauthorized user cannot obtain any valid information from this analysis.

Table 1. Correlation coefficients of the plain images and the ciphertext.

View Table

In order to explain that the proposed scheme has good randomness on correlation coefficients, the relationship between adjacent pixels in plain images and the ciphertext are imagined. Figures 12(a)–12(c) show the horizontal, vertical and diagonal correlation between pixel pairs of the plain image “Lena”, respectively. Additionally, the corresponding correlations of the ciphertext are shown in Figs. 12(d)–12(f), respectively, from which it can be seen that the correlation coefficients in three directions all have the uniform distribution.

Fig. 12 (a) Horizontal correlation of “Lena”, (b) vertical correlation of “Lena”, (c) diagonal correlation of “Lena”, (d) horizontal correlation of ciphertext, (e) vertical correlation of ciphertext and (f) diagonal correlation of ciphertext.

Download Full Size | PDF

As another important statistical evaluation parameter, the histogram of an image shows the distribution of the pixels’ gray level. Ideally, an unauthorized user cannot retrieve any useful information from this statistical data on the ciphertext and two phase keys if the curves on their histograms are similar. Figure 13(a) shows the histogram of the ciphertext encrypted with images “Lena”, “Baboon” and “Zelda”, while Figs. 13(b) and 13(c) show the histograms of two phase keys of “Lena”, respectively. Figure 13(d) shows the histograms of the ciphertext encrypted with images “Goldhill”, “Cameraman” and “Barb”, while Figs. 13(e) and 13(f) show the histograms of two phase keys of “Goldhill”. Compared with these results, two conclusions can be deduced. One is that the histograms of the ciphertext data encrypted by different group of plain images have uniform distribution. Another is that the histograms of the phase keys on the different plain images have similar distribution, especially the histograms of the second phase keys have uniform distribution. Obviously, it seems to be impossible to distinguish the difference not only between ciphertext images but also between the corresponding phase keys of different plain images by performing this statistical analysis.

Fig. 13 Histogram of (a) ciphertext encrypted with images “Lena”, “Baboon” and “Zelda”, (b) first phase key of “Lena”, (c) second phase key of “Lena”, (d) ciphertext encrypted with images “Goldhill”, “Cameraman” and “Barb”, (e) first phase key of “Goldhill” and (f) second phase key of “Goldhill”.

Download Full Size | PDF

4. Conclusions

In summary, a novel optical multiple-image encryption scheme is proposed based on the chaotic structured phase masks in the gyrator domains. Two chaotic SPMs are employed to retrieve two private phase keys for all plain images by using the nonlinear iterative phase retrieval process, and then all second phase keys are formed to the ciphertext with stationary white noise distribution. Application of the SPMs can solve the problem of axis alignment in the optical implementation efficiently. Two private phase keys to decrypt the ciphertext are not only depended on its related original image but also relative to all plain ones, which makes the cryptosystem has asymmetric features and high resistance against various potential attacks. Moreover, the use of the vortex beam formed with FZP and RHM can improve the security levels greatly, which can offer more system parameters as the additional keys such as focal length and illuminating wavelength of FZP, transformation order of RHM and rotation orders of GT. Numerical simulation results have demonstrated the feasibility and effectiveness of this method such as key sensitivity, statistical analysis, and robustness against noise attack, occlusion attack and other pontential attacks.

Acknowledgments

This work was supported by Xi’an Science and Technology Bureau under grant CXY1509(3), and Shaanxi Educational Science Research Plan under grant Number 2013JK1137.

References and links

1. P. Refregier and B. Javidi, “Optical image encryption based on input plane and Fourier plane random encoding,” Opt. Lett. 20(7), 767–769 (1995). [CrossRef] [PubMed]

2. W. Chen, X. Chen, and C. J. R. Sheppard, “Optical color-image encryption and synthesis using coherent diffractive imaging in the Fresnel domain,” Opt. Express 20(4), 3853–3865 (2012). [CrossRef] [PubMed]

3. X. W. Li and I. K. Lee, “Robust copyright protection using multiple ownership watermarks,” Opt. Express 23(3), 3035–3046 (2015). [CrossRef] [PubMed]

4. M. Zafari, R. Kheradmand, and S. Ahmadi-Kandjani, “Optical encryption with selective computational ghost imaging,” J. Opt. 16(10), 105405 (2014). [CrossRef]

5. D. Maluenda, A. Carnicer, R. Martínez-Herrero, I. Juvells, and B. Javidi, “Optical encryption using photon-counting polarimetric imaging,” Opt. Express 23(2), 655–666 (2015). [CrossRef] [PubMed]

6. S. K. Rajput and N. K. Nishchal, “Image encryption using polarized light encoding and amplitude and phase truncation in the Fresnel domain,” Appl. Opt. 52(18), 4343–4352 (2013). [CrossRef] [PubMed]

7. J. Li, J. Li, L. Shen, Y. Pan, and R. Li, “Optical image encryption and hiding based on a modified Mach-Zehnder interferometer,” Opt. Express 22(4), 4849–4860 (2014). [CrossRef] [PubMed]

8. N. Rawat, B. Kim, I. Muniraj, G. Situ, and B. G. Lee, “Compressive sensing based robust multispectral double-image encryption,” Appl. Opt. 54(7), 1782–1793 (2015). [CrossRef]

9. Y. Shi, T. Li, Y. Wang, Q. Gao, S. Zhang, and H. Li, “Optical image encryption via ptychography,” Opt. Lett. 38(9), 1425–1427 (2013). [CrossRef] [PubMed]

10. S. Liansheng, X. Meiting, and T. Ailing, “Multiple-image encryption based on phase mask multiplexing in fractional Fourier transform domain,” Opt. Lett. 38(11), 1996–1998 (2013). [CrossRef] [PubMed]

11. S. K. Rajput and N. K. Nishchal, “Known-plaintext attack-based optical cryptosystem using phase-truncated Fresnel transform,” Appl. Opt. 52(4), 871–878 (2013). [CrossRef] [PubMed]

12. J. X. Chen, Z. L. Zhu, C. Fu, L. B. Zhang, and H. Yu, “Analysis and improvement of a double-image encryption scheme using pixel scrambling technique in gyrator domains,” Opt. Lasers Eng. 66, 1–9 (2015). [CrossRef]

13. L. Sui, K. Duan, and J. Liang, “Double-image encryption based on discrete multiple-parameter fractional angular transform and two-coupled logistic maps,” Opt. Commun. 343, 140–149 (2015). [CrossRef]

14. L. Sui, K. Duan, J. Liang, and X. Hei, “Asymmetric double-image encryption based on cascaded discrete fractional random transform and logistic maps,” Opt. Express 22(9), 10605–10621 (2014). [CrossRef] [PubMed]

15. N. Zhou, H. Li, D. Wang, S. Pan, and Z. Zhou, “Image compression and encryption scheme based on 2D compressive sensing and fractional Mellin transform,” Opt. Commun. 343, 10–21 (2015). [CrossRef]

16. A. Alfalou and C. Brosseau, “Optical image compression and encryption methods,” Adv. Opt. Photonics 1(3), 589–636 (2009). [CrossRef]

17. W. Chen, B. Javidi, and X. Chen, “Advances in optical security systems,” Adv. Opt. Photonics 6(2), 120–155 (2014). [CrossRef]

18. A. Alfalou and C. Brosseau, “Chapter two – Recent advances in optical image processing,” Progress in Opt. 60, 119–262 (2015). [CrossRef]

19. A. Carnicer, M. Montes-Usategui, S. Arcos, and I. Juvells, “Vulnerability to chosen-cyphertext attacks of optical encryption schemes based on double random phase keys,” Opt. Lett. 30(13), 1644–1646 (2005). [CrossRef] [PubMed]

20. X. Peng, H. Wei, and P. Zhang, “Chosen-plaintext attack on lensless double-random phase encoding in the Fresnel domain,” Opt. Lett. 31(22), 3261–3263 (2006). [CrossRef] [PubMed]

21. X. Peng, P. Zhang, H. Wei, and B. Yu, “Known-plaintext attack on optical encryption based on double random phase keys,” Opt. Lett. 31(8), 1044–1046 (2006). [CrossRef] [PubMed]

22. H. Liu and X. Wang, “Color image encryption using spatial bit-level permutation and high-dimension chaotic system,” Opt. Commun. 284(16–17), 3895–3903 (2011). [CrossRef]

23. J. X. Chen, Z. L. Zhu, C. Fu, H. Yu, and L. B. Zhang, “An efficient image encryption scheme using gray code based permutation approach,” Opt. Lasers Eng. 67, 191–204 (2015). [CrossRef]

24. X. Wang, L. Liu, and Y. Zhang, “A novel chaotic block image encryption algorithm based on dynamic random growth technique,” Opt. Lasers Eng. 66, 10–18 (2015). [CrossRef]

25. W. Qin and X. Peng, “Asymmetric cryptosystem based on phase-truncated Fourier transforms,” Opt. Lett. 35(2), 118–120 (2010). [CrossRef] [PubMed]

26. X. Wang and D. Zhao, “A special attack on the asymmetric cryptosystem based on phase-truncated Fourier transforms,” Opt. Commun. 285(6), 1078–1081 (2012). [CrossRef]

27. Y. Zhang and B. Wang, “Optical image encryption based on interference,” Opt. Lett. 33(21), 2443–2445 (2008). [CrossRef] [PubMed]

28. S. Yuan, T. Zhang, X. Zhou, X. Liu, and M. Liu, “Optical authentication technique based on interference image hiding system and phase-only correlation,” Opt. Commun. 304, 129–135 (2013). [CrossRef]

29. I. Mehra and N. K. Nishchal, “Asymmetric cryptosystem for securing multiple images using two beam interference phenomenon,” Opt. Laser Technol. 60, 1–7 (2014). [CrossRef]

30. L. Chen, J. Liu, J. Wen, H. Mao, F. Ge, and D. Zhao, “Pseudo color image encryption based on three-beams interference principle and common vector composition,” Opt. Commun. 338, 110–116 (2015). [CrossRef]

31. P. Kumar, J. Joseph, and K. Singh, “Optical image encryption using a jigsaw transform for silhouette removal in interference-based methods and decryption with a single spatial light modulator,” Appl. Opt. 50(13), 1805–1811 (2011). [CrossRef] [PubMed]

32. Q. Wang, “Optical image encryption with silhouette removal based on interference and phase blend processing,” Opt. Commun. 285(21–22), 4294–4301 (2012). [CrossRef]

33. X. Wang and D. Zhao, “Optical image hiding with silhouette removal based on the optical interference principle,” Appl. Opt. 51(6), 686–691 (2012). [CrossRef] [PubMed]

34. A. Alfalou and A. Mansour, “Double random phase encryption scheme to multiplex and simultaneous encode multiple images,” Appl. Opt. 48(31), 5933–5947 (2009). [CrossRef] [PubMed]

35. X. Wang, W. Chen, and X. Chen, “Fractional Fourier domain optical image hiding using phase retrieval algorithm based on iterative nonlinear double random phase encoding,” Opt. Express 22(19), 22981–22995 (2014). [CrossRef] [PubMed]

36. R. Abuturab, “Color information security system using Arnold transform and double structured phase encoding in gyrator transform domain,” Opt. Laser Technol. 45, 524–532 (2013).

37. S. Vashisth, H. Singh, A. K. Yadav, and K. Singh, “Image encryption using fractional Mellin transform, structured phase filters, and phase retrieval,” Optik (Stuttg.) 125(18), 5309–5315 (2014). [CrossRef]

38. H. Singh, A. K. Yadav, S. Vashisth, and K. Singh, “Double phase-image encryption using gyrator transforms and structured phase mask in the frequency plane,” Opt. Lasers Eng. 67, 145–156 (2015). [CrossRef]

39. Original images: http://sipi.usc.edu/database/database.php.

40. Y. Zhang and D. Xiao, “Double optical image encryption using discrete Chirikov standard map and chaos-based fractional random transform,” Opt. Lasers Eng. 51(4), 472–480 (2013). [CrossRef]

Correlation coefficients	Plain images			Ciphertext
Correlation coefficients	Lena	Baboon	Zelda	Ciphertext
Horizontal	0.9396	0.8826	0.9716	−0.0013
Vertical	0.9749	0.8287	0.9817	0.0283
Diagonal	0.9198	0.7966	0.9554	0.0465

Optical multiple-image encryption based on the chaotic structured phase masks under the illumination of a vortex beam in the gyrator domain

Abstract

1. Introduction

2. Proposed algorithm

2.1 Gyrator transform

2.2 Chaotic structured phase mask

2.3 Encryption and decryption processes

3. Numerical simulation and security analysis

4. Conclusions

Acknowledgments

References and links

Cited By

Figures (13)

Tables (1)

Equations (35)

Optics Express