Image cryptography using RSA Algorithm
Sandipan Roy1, Charmie Rajan2, Darshan Savaliya3
Roll – 107118084, sroy@nitt@gmail.com
Roll – 107118026, charmier21@gmail.com
3
Roll – 107118090, darshan.nitt@gmail.com
1
2
Department of Electrical and Electronics Engineering, NIT Tiruchirappalli
Abstract- This paper mainly focuses on how it is vital for absolute protection in today's world as
it is a problematic issue to maintain the privacy of images. Encryption Decryption becomes crucial
to enhance confidentiality during communication or data transmission. Moreover, with the
changing times, the most successful and effective methodology to hide information securely by
which the sender and recipient hold the key to deciphering data would be through this method.
Concerning image security, encryption plays a significant role in the security of any form of data.
Cryptography is one such method of securing information with the help of codes that only those
concerned can access codes. With the help of a secret key that the recipient would use to decrypt
the encoded message, this protects private and sensitive data from unauthorized access, theft, or
alterations. Encryption and decryption algorithm's security depends on the algorithm, while the
internal structure of the rigor of mathematics also depends on critical confidentiality.
RSA promotes cybersecurity by being a public-key cryptosystem used to secure sensitive data
while being sent over an untrusted network with its cryptographic algorithm. Apart from ensuring
the information to be secure, it also provides authentication, secret sub-storage, system security,
digital signature, along with other facilities. This paper explores the RSA Algorithm
implementation on an image to encrypt and decrypt using two keys, private and public (where one
of the keys can be given to anyone). Image encryption being a sub-branch of image processing,
this paper focuses on decrypting images using the public-key encryption scheme, RSA.
I. INTRODUCTION
In the 21st century, the world revolves around data. The amount of data that is generated
each day is mind-boggling. According to Forbes, there are 2.5 quintillion bytes of data
generated each day at our current pace, but that pace is only accelerating with the Internet
of Things' growth (IoT). Over the last two years alone, 90 percent of the world's data was
generated [1]. With such a massive amount of data available at our fingertips, we're
accumulating to the data stockpile every time we look forward to our search engines for
answers. In the past few years, memory devices reduced size; the internet has been ever-
1
evolving, communication networks have been faster with the introduction of 5G, cloud
services have gained momentum. Social media such as Instagram, WhatsApp, Snapchat,
and Tinder have boomed in the pandemic situation. Given below are a few statistics
regarding data and information –
• It is expected that data will hit 175 zettabytes by 2025 worldwide, representing a
61% CAGR [2]. Data centers will hold 51% of the data, and 49% will be present in
the public cloud. Out of this data, 90 ZB will be from IoT devices in 2025.
• In 2018, unstructured data was growing faster than other business data, as reported
by 71% of enterprises [3].
• By 2025, 80% of data will be unstructured [4]. In addition to business documents,
audio, photos, and video are added new content such as social media, IoT,
streaming, and geodata.
• There will be 4.8 billion internet users by 2022, up from 3.4 billion in 2017 [5].
Figure 1. Data in A Day, Image Source: Raconteur
Thus, vast amounts of information are transferred and communicated every minute and
exposed to data theft and data manipulation threats. The transfer of sensitive pictorial data
such as signatures, identity proofs such as driving license, passport and Adhaar card,
private pictures have increased exponentially in the Covid lockdown. Often, we find news
2
of such data leaks, which creates panic in common people. A few days ago, there was an
alleged data breach in Mobikwik, which led to the 3.5 million people's private information
available on the dark web [6], including their Adhaar photographs, KYC, and signatures.
In another such incident, a hacker group named "Shiny Hunters" leaked 1.9 million user
records of photo editing application Pixlr [7], putting many private pictures at risk.
Therefore, it is necessary to have proper infrastructure and support to ensure information
remains private and reaches only those allowed to access them.
Fig 2. CIA Triad
Fig 3. Parkesian Hexad
Hence, cybersecurity and information security have been essential domains of the present
time. According to Cisco, Information security, often known as InfoSec, refers to the
processes and tools designed and deployed to protect sensitive business information from
modification, disruption, destruction, and inspection [8]. One of the most popular and
oldest security models is the CIA model [9], as depicted in figure 2.
The complexity of threats led to the evolution of the CIA triad into the Parkesian Hexad,
shown in figure 3. The Parkerian Hexad is an expression of a group of components in
addition to the CIA triad to create a more complete, comprehensive, and reliable security
model. It aims to change how information security is understood and implemented. The six
atomic elements of the Parkerian Hexad are confidentiality, integrity, availability,
authenticity, possession or control, and utility. It aims to fill in the gaps of the CIA model
3
to improve the security of today's information assets [10]. In order to generate such a hexad
security model, data is encrypted using several cryptographic mechanisms.
The word "Cryptography" is made of "crypt-" meaning "hidden" or "vault" and the suffix
"-graphy" stands for "writing." In Cryptography, the techniques used to protect information
are obtained from mathematical concepts and a set of rule-based calculations known as
algorithms to convert messages in ways that make it hard to decode them. Cryptography
can be broadly classified into three categories –
• Symmetric Key Cryptography:
It is an encryption system where the sender and receiver of the message use a single
common key to encrypt and decrypt messages. Symmetric Key Systems are faster
and more straightforward; however, exchanging the key in a secure fashion is
challenging. The most popular symmetric-key cryptography system is Data
Encryption System (DES).
• Hash Functions:
There is no usage of any key in this algorithm. A hash value with a fixed length is
calculated as per the plain text, making it impossible for plain text contents to be
recovered. Many operating systems use hash functions to encrypt passwords.
Blockchain technology also uses hash functions to secure the blocks.
• Asymmetric Key Cryptography:
Under this system, a pair of keys is used to encrypt and decrypt information. A
public key is used for encryption, and a private key is used for decryption. The
public key and Private Key are different. Even if everyone knows the public key,
the intended receiver can only decode it because he alone knows the private key.
One of the popular algorithms is the RSA algorithm.
The idea of RSA is based on the fact that it is difficult to factorize a large integer. The
public key consists of two numbers, where one number is the multiplication of two large
prime numbers. And private key is also derived from the same two prime numbers.
Therefore, encryption strength lies in the key size, and if we double or triple the key size,
the strength of encryption increases exponentially. RSA keys can be typically 1024 or 2048
bits long, but experts believe that 1024 bit keys could be broken in the near future.
However, this feat has not been achieved yet. In this research work, we try to implement
4
the RSA algorithm to encrypt and decrypt any image. The encryption would take place in
the sending end, wherever the receiving end would decrypt the image. Thus, the
confidentiality and integrity of the image information would be maintained.
II. LITERATURE REVIEW
As mentioned in the previous section, the domain of cryptography has seen steep growth
over the world. Data communication majorly depends on digital data communication, in
which data security has the highest priority when using encryption algorithms for data to
reach the intended users safely without being compromised. Some literature has
demonstrated the various cryptographic techniques used in data communication, such as
symmetric and asymmetric methods [11]. One such technique is implemented using the
RSA algorithm and Least Significant Bit image steganography concept to securely
propagate data [12]. The symmetric cryptographic technique of the Data Encryption
System has been formulated and analysed in [13]. The sender and recipient share a private
key between them, which must be distributed first before actual communications occur.
The analysis shows how very complicated and difficult this is to do correctly. An improved
graphical password authentication using the Two-fish Encryption and Visual Cryptography
(TEVC) method has been proposed in [14].
The DNA-based encryption method is one of the recent techniques embedded into the
cryptographic field. In order to get better security in message transfer, several DNA-based
encryption schemes have been proposed [15-16]. Some of them used DNA computing,
while others applied the biological property of DNA strands and DNA sequence after
modification [17]. A DNA-based cryptographic algorithm with a strong key of 256 has
been proposed in [18] along with a new method of round key selection to provide better
security in the message.
With the introduction of blockchain technology, hash cryptography mechanisms have
become a trending research topic. A hash function is a versatile one-way cryptographic
algorithm that maps an input of any size to a unique output of a fixed length of bits [19].
The most well-known hash algorithms are MD4, MD5, SHA, JH, Skein, Grøstl, Blake,
Hamsi, Fugue, Crush, Whirlpool, and Tav. A deep analysis of the various types of hash
algorithms and the possible attacks has been studied in [20]. Popular algorithms such as
SHA-256 and MD4 functions have also been analysed [21-22].
The RSA algorithm has been widely used in many different applications of cryptography.
In [23], a complete and practical RSA encrypt/decrypt solution based on the study of the
5
RSA public key algorithm has been implemented, whereas an improved file encryption
technique using RSA algorithm has been researched in [24]. In this work, we try another
RSA implementation for image encryption/decryption.
Sadkhan, S. B. [25] pointed to the primary process and trends of the fields in cryptography
from the time of Julius Cesar till the modern era, as well as mentioning the current status
of the Arabic industrial and academic efforts in this field in the past that is related to the
existing cryptographic and search for new evaluation methods for the security of
information.
Schneier [26] concluded that secrecy of security as a good thing is a myth and that it is not
suitable for security to be secret, as security entirely relying on secrecy can be fragile. If
that secrecy were lost, regaining it would be impossible. Schneier further expressed that
cryptography based on short secret keys that can be easily transferred and changed must
rely on a basic principle, which is for the cryptographic algorithms to be simultaneously
strong and public in order to offer good security. The only reliable way to make more
improvements in security is to embrace public scrutiny.
III. ALGORITHM
The proposed cryptography method for image encryption is using the RSA algorithm in its
core. The algorithm can be broadly divided into 2 parts, namely pre-processing and
encryption/decryption. The brief details about each task are as follows:
1. Pre-processing
1.1. Choose two different large random prime numbers, P and Q.
1.2. Calculate N such that 𝑵 = 𝑷 ∗ 𝑸. N is the modulus for both the public key as
well as the private key.
1.3. Calculate the totient: 𝜱(𝒏) = (𝑷 − 𝟏) ∗ (𝑸 − 𝟏)
1.4. Choose an integer such that 𝟏 < 𝑬 < 𝜱(𝒏) and E is co-prime to 𝜱(𝒏). E is
the public key exponent.
1.5. Calculate D to satisfy the congruence relation 𝑫 ∗ 𝑬 ≡ 𝟏(𝒎𝒐𝒅(𝜱(𝒏))).
2. Encryption/Decryption
2.1. Encryption:
6
The public key is made up of the modulus of N and E as an exponent. For
example, assume a pixel value m(x,y) located at (x, y) in the original image. Now
the encrypted value of the given pixel will be c(x,y) such that:
𝒄(𝒙,𝒚) = (𝒎(𝒙,𝒚) )𝑬 𝒎𝒐𝒅(𝑵) – Encryption key
2.2. Decryption:
The private key is made up of the modulus of N and D (co-prime of E) as an
exponent. For example, take a pixel value c(x,y) located at (x, y) in the encrypted
image. Now the decrypted value of the given pixel will be m(x,y) such that:
𝒎(𝒙,𝒚) = (𝒄(𝒙,𝒚) )𝑫 𝒎𝒐𝒅(𝑵) – Decryption key
The pre-processing part should be done at the client's side and generate two random
prime numbers. These values should be kept hidden during the whole process. The
client should also generate D, E, and N values from the two randomly generated prime
numbers. D is a private key exponent and should be kept hidden on the client's side and
has to be used to decrypt the images received from the server-side. E is a public key
exponent and should be shared with the server to generate the encrypted images. N is a
modulus for the keys, and it should also be shared along with the public key exponent.
The given flow chart explains the whole process in brief.
Figure 4. RSA Encryption/Decryption Procedure
7
IV. IMPLEMENTATION
The discussed algorithm was implemented using Python programming language with the
additional help of different python libraries. The python version used is: 3.6.9, and the
open-source python libraries having the following specifications:
Library
Version
OpenCV
4.3.0
NumPy
1.19.5
SymPy
1.7.1
With the help of sequential programming, the step was algorithm was implemented as it is.
The pseudo-code for the same is shown here:
1. Import necessary modules
2. Import an image using OpenCV's imshow function
3. Define the range of prime numbers
4. Using SymPy's random prime number generator, generate two random prime numbers
from the specified range and store them as P and Q
5. Calculate N using formula N = PQ
6. Calculate totient and store it in a variable
7. Specify the limits and generate E
8. Compute D using extended Euclidean algorithm
9. Encryption: Iterate over the image's pixel values and calculate the number using pow
pre-build function with the help of an encryption key.
10. Store it in a list.
8
11. Decryption: Iterate over the list again and use the Decryption key to re-generate the
original image
V. RESULTS
The algorithm was tested on different image resolutions with different sizes of prime
numbers. The local system was used with the following specifications: HP EliteBook
having an Intel i5 vPro processor with 4GB memory.
The results were inferred using the time taken by the algorithm to encrypt and decrypt one
image. The below table shows the time taken in seconds by the algorithm when given
different image dimensions as an input with the four different prime number ranges. Each
value was averaged over 100 iterations on each image.
Rows:
Image Dimension
Columns: Encryption and decryption time (in seconds) with respect to the different prime
number ranges.
10-100
100-1000
1000-10000
10000-100000
Image
Dimension
Encryption
Time
Decryption
Time
Encryption
Time
Decryption
Time
Encryption
Time
Decryption
Time
Encryption
Time
Decryption
Time
40x40
0.0157
0.0114
0.0218
0.0176
0.0305
0.0236
0.0457
0.0433
80x80
0.0650
0.0454
0.0853
0.0720
0.1073
0.0895
0..1792
0.1677
160x160
0.2579
0.1806
0.3306
0.2856
0.4146
0.3647
0.6971
0.6394
320x320
1.0076
0.7151
1.3354
1.1587
1.6370
1.4946
2.8183
2.6618
640x640
4.0078
2.8440
5.3516
4.6324
6.5330
5.8290
11.0811
10.6071
An example of an encrypted image and the decrypted image is shown below. The overall
information of an original image is rarely inferred from the encrypted image alone.
9
Original Image
Encrypted Image
Decrypted Image
Figure 5. Results of RSA Encryption/Decryption
VI. CONCLUSION
In today's modern era, the confidentiality and security of images and data have become
more crucial with increased unsecured channels and communication necessity. Thus, it
prompts to create and evolve existing cryptosystems. Image encryption is increasingly
becoming an irresistible area of study in the domains of information security. Considerably,
encrypting a text is quite different from that of an image due to its features. Conventional
procedures and methodologies cannot be used to operate image encryption due to its
complexity. Initially, multiple encryption methodologies were based on chaotic systems
that were introduced to secure digital images from cyber-attacks that offer limited security.
Among the existing algorithms, very few provide computational hardness, making it
challenging to find the original message. The RSA algorithm used to encrypt increases
security during the transmission of data and image files. With this paper, image encryption
has been explored and implemented with the RSA encryption algorithm with the help of
the Python programming language (3.6.9) and its open-source libraries. The image
encryption algorithm introduced a secure and efficient process with less computation.
Therefore, this approach of encrypting and decrypting images with the RSA algorithm
makes it immune to any attacks in its transmission under information technology. The
analysis consisted of two parts of pre-processing and encryption/decryption. The preprocessing part calculates a private key exponent D that is hidden on the client's side that
satisfies congruence relation and the encryption/decryption involves the computation of
the public and private key.
In this paper, multiple image resolutions were tested with different prime numbers. Varying
dimensions of images and the time taken in seconds to encrypt and decrypt were tabulated,
10
and it was observed that the encryption and decryption time was observed to be increasing
with an increase in the image dimensions with respect to their prime numbers.
VII. FUTURE SCOPE
A methodology capable of faster encryption/decryption suited for real-time Internet
encryption and transmission process could be experimented based on Rubik's cube's
principle to permute image pixels. Improvised image encryption based on Rubik cube's
principle where the original image is encrypted and with two secret keys, XOR operator
could be applied to rows and columns of this encrypted images.
In the case of a grayscale image, DES and Blowfish cryptosystems algorithms could be
experimented upon. Blowfish is an algorithm that iterates the encryption function sixteen
times, including a complex initialisation phase before the encryption begins, with
promising actual encryption of data to be highly efficient on larger microprocessors. On
the other hand, the data encryption standard being one of the early symmetric encryption
algorithms might make it insecure for applications but boosts the advancement of
cryptographic techniques.
Apart from Python, Image encryption with RSA Algorithm could be implemented with
MATLAB to apply upon grey and coloured images. This would result in two algorithms
for encryption and decryption, which could be applied over the cipher and plain image after
analysing them in the matrices form. Applying this cryptosystem over images with
increasing number of primes would be a modified RSA cryptosystem based on the number
of used prime numbers aiming towards better security.
ACKNOWLEDGEMENT
We are incredibly thankful to our professor, Dr. Balaji Ganesh, and colleagues at the
Computer Applications department, who have encouraged us to make this paper an
unforgettable experience in scientific research.
REFERENCES
[1] PC Reviews, "90% of the Big Data We Generate is an Unstructured Mess."
https://www.pcmag.com/news/364954/90-percent-of-the-big-data-we-generate-is-an-unstructured-me
[2] IDC, "Data Age 2025". https://www.seagate.com/our-story/data-age-2025/
11
[3] 451
Research,
"Addressing
the
Role
of
Unstructured
Data
Storage". http://pages.westerndigital.com/can-data-liveforever.html?_ga=2.187031656.1344938602.1559148404-2088377377.1559148404
with
Object
[4] IDC, as quoted by Data Management Solutions Review, "80 Percent of Your Data Will be Unstructured
in
Five
Years". https://solutionsreview.com/data-management/80-percent-of-your-data-will-beunstructured-in-five-years/
[5] Cisco, as quoted by Network World, "Cisco Predicts Nearly 5ZB of IP Traffic Per Year by
2022". https://www.networkworld.com/article/3323063/cisco-predicts-nearly-5-zettabytes-of-iptraffic-per-year-by-2022.html
[6] "Mobikwik Data Breach: 3.5M Users
https://techviral.news/mobikwik-data-breach/
Personal
Data
on
Sale
on
Darknet"
-
[7] "Hacker leaks 1.9 million user records of photo editing app Pixlr" - https://www.businessstandard.com/article/current-affairs/hacker-leaks-1-9-million-user-records-of-photo-editing-app-pixlr121012100664_1.html
[8] "What is Information Security?"
information-security-infosec.html
-
https://www.cisco.com/c/en_in/products/security/what-is-
[9] Y. Bhaiji (2008), Chapter1: Overview of Network Security[online].
http://www.networkworld.com/subnets/cisco/072508-ch1-net-security-technologies.html
Available:
[10] “The
Parkerian
Hexad”
Georgie
Pender-Bey
http://cs.lewisu.edu/mathcs/msisprojects/papers/georgiependerbey.pdf
Available:
[Online].
[11] N. Jirwan, A. Singh and S. Vijay , "Review and Analysis of Cryptography Techniques," International
Journal of Scientific & Engineering Research, vol. 3, no. 4, pp. 1-6, 2013.
[12] Shenoy, K. M., & Shaikh, S. G. (2019, July). An Approach to secure data transmission through the
use of cryptography and steganography. In 2019 International Conference on Communication and
Electronics Systems (ICCES) (pp. 1039-1043). IEEE.
[13] Khalifa, O. O., Islam, M. R., Khan, S., & Shebani, M. S. (2004, October). Communications
cryptography. In 2004 RF and Microwave Conference (IEEE Cat. No. 04EX924) (pp. 220-223). IEEE.
[14] Gulsezim, D., Zhansaya, S., Razaque, A., Ramina, Y., Amsaad, F., Almiani, M., ... & Oun, A. (2019,
October). Two Factor Authentication using Twofish Encryption and Visual Cryptography Algorithms
for Secure Data Communication. In 2019 Sixth International Conference on Internet of Things:
Systems, Management and Security (IOTSMS) (pp. 405-411). IEEE.
[15] G. Xiao, M. Lu, L. Qin and X. Lai, "New field of cryptography: DNA cryptography", Chinese Science
Bulletin, vo1.51, no.12, pp.1413-140, 2006.
[16] "A Pseudo DNA Cryptography Method" Section 3- Motivation and method Kang Ning, Email:
albertnk@gmail.com.
[17] G. Cui, L. Qin, Y. Wang and X. Zhang, "Information security technology based on DNA computing",
Proc. of the 2007 IEEE International Workshop on Anti-counterfeiting, Security, Identification,
Xiamen, China, pp.288-291, 2007.
[18] Majumder, A., Majumdar, A., Podder, T., Kar, N., & Sharma, M. (2014, May). Secure data
communication and cryptography based on DNA based message encoding. In 2014 IEEE International
Conference on Advanced Communications, Control and Computing Technologies (pp. 360-363).
IEEE.
12
[19] Alkandari, A. A., Al-Shaikhli, I. F., & Alahmad, M. A. (2013, September). Cryptographic hash
function: A high level view. In 2013 International Conference on Informatics and Creative Multimedia
(pp. 128-134). IEEE.
[20] Sharma, A. K., & Mittal, S. K. (2019, January). Cryptography & Network Security Hash Function
Applications, Attacks and Advances: A Review. In 2019 Third International Conference on Inventive
Systems and Control (ICISC) (pp. 177-188). IEEE.
[21] Selvakumar, A. L., & Ganadhas, C. S. (2009, February). The evaluation report of sha-256 crypt
analysis hash function. In 2009 International Conference on Communication Software and
Networks (pp. 588-592). IEEE.
[22] Abdel-Azeem, E., Seireg, R., & Shaheen, S. I. (1996, March). Cryptographic security evaluation of
MD4 hash function. In Thirteenth National Radio Science Conference. NRSC'96 (pp. 345-354). IEEE.
[23] Zhou, X., & Tang, X. (2011, August). Research and implementation of RSA algorithm for encryption
and decryption. In Proceedings of 2011 6th international forum on strategic technology (Vol. 2, pp.
1118-1121). IEEE.
[24] Wang, S., & Liu, G. (2011, October). File encryption and decryption system based on RSA algorithm.
In 2011 International Conference on Computational and Information Sciences (pp. 797-800). IEEE.
[25] Sadkhan, S. B. (2004, April). Cryptography: Current status and future trends. In Proceedings. 2004
International Conference on Information and Communication Technologies: From Theory to
Applications, 2004. (pp. 417-418). IEEE.
[26] B. Schneier, "The Non-Security of Secrecy," Communications of the ACM, vol. 47, no. 10, pp. 120120, 2004
13