Towards accurate keyspace analysis of chaos-based image ciphers

Abstract

AbstractIn recent years, there has been a surge in new chaos-based cryptographic algorithms, many of which claim to have unusually large keyspaces. Although cryptographic primitives such as symmetric-key ciphers should have a secret keyspace large enough to resist brute force attacks, simply increasing the size of a secret key may not lead to improved security margins. An n-bit key may not necessarily have a keyspace of $$2^n-1$$ 2 n - 1 due to the key scheduling algorithm or how the key is used. In this paper, we cryptanalyse several chaos-based algorithms from the perspective of their key schedules. Our numerical analysis is based on the known-plaintext attack model, Kerckhoff’s principle and considers the number representations used for real number computation. Our analysis reveals that the actual security margins for these ciphers are significantly lower, some by a factor of over $$2^{100}$$ 2 100 than what was claimed. We then provide accurate keyspace estimates for these ciphers. Finally, we highlight alternative solutions for how secret keys can be used in the context of chaos-based cryptography and propose a simple key schedule as a proof of concept. Despite its simplicity, the proposed key schedule not only ensures that the keyspace matches the key length but also passes both the NIST and ENT statistical test suites, making it a viable option for generating secure cryptographic keys. Our work contributes towards addressing one of the fundamental problems in chaos-based cryptography that limits its real-world impact and reputation within the cryptographic community.