Satellite Imagery Security Application (SISA)

With the large-scale research and development in space sciences, space technologies, and network communication technologies, there is a great demand of satellite imagery security system for providing secure storage and transmission of satellite imagery over internet and/or shared network environment. This brings new challenges to protect sensitive and critical satellite imagery from unauthorized access and illegal use in order to keep the storage and transmission process secure and reliable. Therefore there is strong need of satellite imagery encryption and decryption application for security. Satellite imagery security application (SISA) is an information security application developed for satellite imagery. The application supports new and modified version two most popular data encryption standards named as data encryption standard (DES) and advanced encryption standard (AES). This paper investigates the security and performance level of the new modified version DES and AES for satellite imagery. The method of application of DES and AES on the satellite imagery in each case is explained. The application provides conventional tools of measurement and analysis such as key sensitivity, statistical and performance analysis to determine the level of security, reliability and performance.


INTRODUCTION
Space sciences and technologies have recently attracted interest from researchers and industrial communities, mainly because of large number of possible applications capable to exploit remotely sensed data and images [1].Emerging of these technologies present new opportunities for users to increase productivity, reduce costs, facilitate innovation and create virtual collaborative environments for addressing the new challenges.Remote sensing technologies, along with related geospatial technologies, contribute powerful tools for preserving and protecting the nation's critical infrastructure [2].In these systems, the data storage and transmission process, mainly based on CDIDVD-ROM hardcopy and/or shared network environment, provides the user with a digital version of the satellite imagery.Therefore there is an inherent risk of unauthorized access or illegal use of the images.
Recently many text data and multimedia image encryption schemes have been proposed using DES and AES algorithms, and some of them have been extended from text data to multimedia image encryption.A direct extension of the text data and multimedia image encryption scheme works also for satellite images, but this simple modification may not provide an efficient solution to the concerned satellite image encryption 978-1-4244-2824-3/08/$25.00 ©2008 IEEE Muhammad Khurram Khan, MIEEE Department of CS&E Bahria University (Karachi Campus) 13-National Stadium Road, Karachi, Pakistan khurram.khan@scientist.comproblems because satellite imagery has its own specifications for encryption such as speed, compatibility to image format and compression standards, and real-time implementation etc., therefore requires a special design of the encryption algorithm while dealing with high resolution and multi-spectral satellite imagery.
In this paper, we address aforementioned issues and develop the satellite imagery security application to eliminate associated problems for satellite imagery.To achieve this, we investigate the simulation results of SISA encryption application to measure the security and performance level of the DES and AES encryption techniques for satellite imagery.The SISA is a powerful satellite imagery protection application, yet simple to deploy and use, extensible SISA solutions meet a variety of needs.

II. OVERVIEW ON THE ENCRYPTION ALGORITHMS
This section will provide a brief overview on the implementation and construction method of DES and AES encryption algorithms for satellite imagery.

A. DES Satellite Image Encryption
The most widely used symmetric block cipher is based on the DES which is consists of SimpleDES and TripleDES algorithms.As with any symmetric encryption technique, in DES two inputs are the subjected for encryption and decryption process.The first is plaintext/image to be encrypted and the second is secret key.In this case, the original plaintext/image data is divided into equal length 64-bit blocks then the 64 bits block passes through DES encryption/ decryption function.The encryption/decryption process is based on 64 bits complex keydependent computation operation.The encryption/decryption operation continues until all the input blocks of the plaintext/image passes through encryption/decryption function using same input secret key.

B. TripieDES Satellite Image Encryption
SimpleDES uses 56 bits key for encryption which is not suitable against attacks like brute force.TripleDES resolves this key space issue by increasing the key space without switching to another algorithm.TripleDES is more intensive and stronger then SimpleDES.The single encryption/ decryption operation of TripleDES is a combination of three SimpleDES operations.Let assume that SimpleDES encryption and decryption operations are define as EK(I) and DK(I) respectively using I as input block and K as secret key.
The TripleDES encryption of a 64-bit block I into a 64-bit block 0 is defined as [3].
The TripleDES decryption of a 64-bit block I into a 64-bit block 0 is defined as [4] 0= D K1 (E K2 (D K3 (I)))   The key length suggests number of rounds NR required by algorithm to perform encryption/decryption operation.If NR = 10 then NK = 4, if NR = 12 then NK = 6 and if NR = 14 then NK = 8.The supported key length, block size and number of rounds combinations are given in Table 1.The AES key size is long enough to resist against attacks like brute force.AES algorithm is flexible, reliable and gives good performance for its hardware implementation [5]- [8].Today, AES algorithm performs well for applications that need fast computation and processing e.g.smart cards, cellular phones, image-video encryption etc. [9] The AES algorithm uses round function for encryption/ decryption.The round function put together four .......

III. SECURITY ANALYSIS
A good encryption algorithm or technique should resist all kinds of known attacks, such as known-plain-text, cipher-text, statistical analysis and brute-force attacks.Therefore quantitative measuring techniques are needed to be considered for evaluation of satellite imagery encryption quality.Some of the statistical analysis techniques described in this paper are most well-suited for security and performance level of satellite imagery.The methods described here are found in SISA application for measuring security and performance level of the SimpleDES, TripleDES and AES.In this paper, we use the gray-scale Boston image of size 1000 x 1000, gray-scale as the original image depicted in Figure 7

B. Keyspace Analysis
A good encryption algorithm should be sensitive to the secret key, and the keyspace should be large enough to make brute-force attack infeasible and impracticable.For the SimpleDES, TripleDES and AES satellite image encryption algorithm, some basic analysis and test results are summarized as follows:

1) Number ofControl Parameters
The SimpleDES is designed to encrypt/decrypt blocks of input data of 64-bits using 56-bits key.The small 56-bits key of DES can be broken by brute force in a relatively short time.To prove the robustness of the AES algorithm, the key sensitivity analysis has been performed.Assume that a 32character secret key is used.This means that the key consists of 256-bits.A typical key sensitivity test is performed according to the following steps: First, a 512 x 512 image in Figure 9(a) is encrypted by using the test key "12345678901234567890123456789012" in ASCII.The output encrypted image is shown in Figure 9(b) referred as Image A. Then, the least significant bit of the key is Finally, the above three encrypted images A, Band C, encrypted by the three slightly different secret keys, are compared for analysis with original image.It is not easy to compare these images visually.So for comparison, we have calculated the correlation coefficient and maximum deviation between the pixel values of the three encrypted images (is given in Table 2).

D. Information Entropy Analysis
The information entropy H(m) of the image m can be calculated as: The computed correlation coefficient values of the adjacent pixels of experimental images using SimpleDES, TripleDES and AES under CBC mode of operation are given in Tables 3 Correlation is a measure of the relationship between two variables.The correlation coefficient is measured using equation (3)  [11].To test the correlation between pixel values of the encrypted and original images, the procedure is as follows: Where P(m; ) represents the probability of symbol m; and the entropy is expressed in bits.Let us suppose that the source emits 2 8 symbols with equal probability, Le.
m ={ml' m2 , m28 }.After evaluating above equation, we obtain its entropy H(m) =8, corresponding to a truly random source.However, when the images are encrypted, their entropy should ideally be 8.If the output of such encryption emits symbols with entropy less than 8, there exists certain degree of predictability, which threatens its security.
Let us consider the encrypted images of SimpleDES, TripleDES and AES algorithms under CBC mode of operation, the number of occurrence of each encrypted image is recorded and the probability of occurrence is computed.The computed entropies of encryption and decryption processes are listed in Tables 3, 4, 5, 6 and 7.The values obtained of encryption process are very close to the theoretical value 8.This means that information leakage in the encryption process is negligible and the encryption system is secure upon the entropy attack.Apart from the security analysis by evaluating statistical analysis and measurements, some other very important issues on satellite image encryption/decryption are needed to be considered.These issues include the performance and efficiency for real-time application while doing satellite image encryption/decryption.The application of proposed algorithm is implemented using the Matlab, Microsoft C# .Net programming language and performance of algorithm is observed on a Pentium-IV  Due to the increasing use of satellite imagery in research, academics, industries etc, we need an application which can protect sensitive, critical and secret data from the unauthorized access and illegal use, in order to keep the data storage and transmission process secure and reliable over shared network environment or Internet.The security of high resolution and multi-spectral satellite imagery is very difficult from text and images because of its intrinsic characteristics, features and formats.In such case the encryption/decryption speed and algorithm simplicity are usually considered more important for any security application.In this paper, comprehensive theoretical and experimental analysis of modified SimpleDES, TripleDES and AES encryption techniques for satellite imagery using SISA application have been described in brief.The analysis tools of the SISA application such as keyspace, key sensitivity, correlation coefficient, information entropy and performance evolution analysis have been performed to measure the security and performance level of these algorithms for satellite imagery.The experimental results demonstrate that AES is very fast symmetric block cipher and operates with 128, 192 or 256 bits keys.Therefore, we can conclude that SISA application has provided a low-maintenance way to safeguard sensitive satellite imagery while proactively laying the foundation for future security needs.Detail analysis and experiment results prove that application provides strong and long-term data security solution for satellite imagery.

K
of length NK = 4, 6 or 8 respectively, which reflects the number of 32-bits or number of columns in the Key.: Size 128.192 and 256 Bits)

Figure 2 .
Figure 2. Structure of AES Encryption algorithm for Satellite Imagery

Figure 3 .
Figure 3. Encrypted Satellite Image.transformation operations Byte substitution transformation, Shifting rows transformation, MixColumns transformation and AddRoundKey transformation.The decryption structure has exactly the same sequence with inverse transformation as the one in the encryption structure.The encryption procedure consists of several steps as shown by Figure.2.
(a).The encrypted and decrypted images are depicted in Figures 4, 5 and 6.As shown, the encrypted images are totally scrambled and invisible.The decryption process takes encrypted image as input, together with the same sized (which is 256 bits) secret key the output decrypted images are shown in Figures 4(b), 5(b) and 6(b).
234 A. Histograms AnalysisThe histogram of a Boston image (shown in Figure7(b)) contains very high heels of spikes.The encrypted images and the corresponding histogram images using these algorithms under CBC mode are shown in Figure8.These histograms are more uniform, significantly different from that of the original Boston image, and have no similarity with the original Boston image.Hence does not have any clue for statistical attack.

-Figure 4 .Figure 7 .Figure 5 .Figure 6 .Figure 8 .
Figure 4. Encrypted and Decrypted image of SimpleDES under eBe Mode with 64-bits Key and Block size.(a) Original Image (b) Histogram of original Image Figure 7. Boston satellite image and its corresponding histogram

4, 5
, 6 and 7.All the experiment results of encryption process have less or greater values from zero and no one have 1 or -1 values its means these encryption algorithms are secure from statistical attacks.The computed correlation coefficient values of decryption process are approximately near to 1 (little change is computed values is negligible) which mean that decryption process executed successfully.The original image and decrypted images are identical to each other.

Figure 9 .
Figure 9. Key sensitive test of AES algorithm

andK3 are the input keys for TripleDES encryption and decryption operation and can be used with
AES algorithm supports 128, 192 or 256 bits input block, output block and State.The State is divided into four operational blocks and organized in 4x4 bytes of array where number of columns in state matrix is NC = 4 and with key size

TABLE 1 .
[10-BLOCK-ROUNDCOMBINATIONS.[10 TripleDES resolves key space issue of the Simple-DES by increasing the key space without switching to another algorithm and it operates with 64, 128 and 192 bits key whose

TABLE 2 .
MAxIMUM DEVIATION AND CORRELATION COEFFICIENTS CALCULATION OF THE THREE ENCRYPTED IMAGES USING AES ALGORITHM SHOWN IN FIGURE 9.

TABLE 3 :
QUALITY MEASURES FOR SIMPLEDES UNDER CBC OPERATIONAL MODE.

TABLE 4 :
QUALITY MEASURES FOR TRIPLEDES ENCRYPTION PROCESS UNDER CBC OPERATIONAL MODE.

TABLE 7 :
QUALITY MEASURES OF AES DECRYPTION OPERATION UNDER CBC MODE WITH DIFFERENT BLOCK AND KEY SIZES.
1.8 MHz PC with 1.46 GB RAM running Microsoft Windows 2003 server Enterprise Edition.Results of some experiments are given to prove the good performance, efficiency and security of AES algorithm for satellite images.The modified AES satellite image algorithm is very fast as compare to other traditional satellite image encryption algorithms like SimpleDES and TripleDES algorithms.In addition, to improve the accuracy of our timing measurements of proposed algorithm, each set of the timing tests shown in Table8, was executed 5 times, and we report the average of the times thereby obtained.

TABLE 8 :
COMPARATIVE SPEED TEST OF EXPERIMENT RESULTS ON BOSTON SATELLITE IMAGE.(TIME IN SEXONDS)