Imad El Hanouti

Imad El Hanouti, Hakim El Fadili

Fairly recently, a new encryption scheme for audio data encryption has been proposed by Naskar, P.K., et al. The cryptosystem is based on substitution-permutation encryption structure using DNA encoding at the substitution stage, in which the key generation is based on a key chaining algorithm that generates new key block for every plain block using a logistic chaotic map. After some several statistical tests done by the authors of the scheme, they claimed that their cryptosystem is robust and can resist conventional cryptanalysis attacks. Negatively, in this paper we show the opposite: the scheme is extremely weak against chosen ciphertext and plaintext attacks thus only two chosen plaintexts of 32 byte size are sufficient to recover the equivalent key used for encryption. The cryptosystem's shuffling process design is vulnerable which allow us recovering the unknown original plaintext by applying repeated encryptions. Our study proves that the scheme is extremely weak and should not be used for any information security or cryptographic concern. Lessons learned from this cryptanalytic paper are then outlined in order to be considered in further designs and proposals.

Imad El Hanouti, Hakim El Fadili, Khalid Zenkouar

Fairly recently, a novel image encryption based on Arnold scrambling and Lucas series has been proposed in the literature. The scheme design is based on permutation-substitution operations, where Arnold map is used to permute pixels for some T rounds, and Lucas sequence is used to mask the image and substitute pixel's values. The authors of the cryptosystem have claimed, after several statistical analyses, that their system is "with high efficiency" and resists chosen and known plaintext attacks. Negatively, in this paper we showed the opposite. The key space of the scheme under study could be reduced considerably after our equivalent keys analysis, and thus the system is breakable under reasonable brute force attack. After all, the design of the scheme has several weaknesses that make it weak against chosen and known plaintext attacks. Consequently, we do not recommend the use of this system for any cryptographic concern or security purpose.

Imad El Hanouti, Hakim El Fadili, Khalid Zenkouar

Fairly recently, a new encryption scheme for embedded systems based on continuous third-order hyperbolic sine chaotic system was proposed by Z. Lin et al. The cryptosystem's main objective is to provide a faster algorithm with lowest computational time in order to be qualified for use in embedded systems especially on a program of UAV (unmanned aerial vehicle). In this paper, we scrutinize the design architecture of this recently proposed scheme against conventional attacks e.g., chosen plaintext attack, differential attack, known plaintext attack. We prove in this paper that, negatively, the studied system is vulnerable. For differential attack, only two chosen plain images are required to recover the full equivalent key. Moreover, only one 3x400 size image is sufficient to break the cryptosystem under chosen plaintext attack considering stability of sort algorithm. Therefore, the proposed scheme is not recommended for security purposes.