This content has been downloaded from IOPscience. Please scroll down to see the full text.

Download details:

IP Address: 140.117.111.1

This content was downloaded on 15/08/2014 at 21:20

Please note that terms and conditions apply.

Security enhancement of double-random phase encryption by iterative algorithm

View the table of contents for this issue, or go to the journal homepage for more

2014 J. Opt. 16 085401

(http://iopscience.iop.org/2040-8986/16/8/085401)

Home Search Collections Journals About Contact us My IOPscience

Security enhancement of double-randomphase encryption by iterative algorithm

Sheng-Xia Qian1, Yongnan Li1, Ling-Jun Kong1, Si-Min Li1,Zhi-Cheng Ren1, Chenghou Tu1 and Hui-Tian Wang1,2

1 School of Physics and MOE Key Laboratory of Weak Light Nonlinear Photonics, Nankai University,Tianjin 300071, Peopleʼs Republic of China2National Laboratory of Solid State Microstructures, Nanjing University, Nanjing 210093, PeopleʼsRepublic of China

E-mail: htwang@nju.edu.cn

Received 2 April 2014, revised 6 May 2014Accepted for publication 20 May 2014Published 25 July 2014

AbstractWe propose an approach to enhance the security of optical encryption based on double-randomphase encryption in a 4f system. The phase key in the input plane of the 4f system is generatedby the Yang–Gu algorithm to control the phase of the encrypted information in the output planeof the 4f system, until the phase in the output plane converges to a predesigned distribution. Onlythe amplitude of the encrypted information must be recorded as a ciphertext. The information,which needs to be transmitted, is greatly reduced. We can decrypt the ciphertext with the aid ofthe predesigned phase distribution and the phase key in the Fourier plane. Our approach canresist various attacks.

Keywords: information processing, optical encryption, optical decryptionPACS numbers: 42.30.Wb, 42.30.Kq, 42.40.Jv, 42.30.Va

(Some figures may appear in colour only in the online journal)

1. Introduction

Optical encryption techniques are a growing interest ininformation security due to high parallel processing speed andlarge memory capacity. Many optical approaches have beenproposed in the past decade. Among them, the double-randomphase encoding (DRPE) scheme proposed by Réfrégier andJavidi [1] is the most widely used. However, DRPE is vul-nerable to chosen-ciphertext attack [2], known-plaintextattack [3], and chosen-plaintext attack [4] because of thelinearity of the system [5]. To enhance security, many sys-tems have been presented based on DRPE [6–13]. Recently, aphase retrieval algorithm has been widely used in opticalencryption [14–16]. In general, ciphertext in the DRPE sys-tem is a complex function. Although it can be recorded usinga holographic recording medium [17] or digital holography[18], it is still not convenient to record or transmit. Further-more, it is often necessary to reduce the amount of the

transmitted information to enable an efficient and secureinformation exchange. The optical compression and encryp-tion methods have been discussed in detail in [19].

In this article, we propose an approach to enhance thesecurity and convenience of the DRPE system. The phase keyin the input plane of the 4f system is generated by theYang–Gu algorithm [20, 21] to control the phase of theencrypted information in the output plane of the 4f system,until the phase in the output plane converges to a predesigneddistribution. The Yang–Gu algorithm is very effective indealing with the general amplitude-phase retrieval problem inany linear unitary or nonunitary transform system [21] andhas previously been used in optical security and encryption[22]. We only need to record the amplitude of the encryptedinformation, which will be transmitted as a ciphertext. Thus,the ciphertext is more easily recorded and the amount ofciphertext is reduced. We explore the encryption anddecryption processes and demonstrate the feasibility of our

Journal of Optics

J. Opt. 16 (2014) 085401 (7pp) doi:10.1088/2040-8978/16/8/085401

2040-8978/14/085401+07$33.00 © 2014 IOP Publishing Ltd Printed in the UK1

approach. We also discuss the robustness of our approachagainst various attacks.

2. Principles

To implement the optical encryption and decryption, the mainframe is a 4f system composed of a pair of identical lenseswith a focal length of f. Three coordinate systems, x y( , ),u v( , ), and ′ ′x y( , ), are attached to the input, Fourier, andoutput planes of the 4f system, respectively. A plaintextdescribed by f x y( , ), which will be transmitted and encryp-ted, is placed on the input plane of the 4f system. Two phasemasks (PMs), PM1 and PM2, are located at the input andFourier planes of the 4f system, respectively. PM1 and PM2

are expressed as ja x yexp [ ( , ) ] and jb u vexp [ ( , ) ], wherea x y( , ) and b u v( , ) are distributed within a range of π[0, 2 ].

2.1. Encryption

In our approach, the phase of the encrypted informationshould be converged to a predesigned distribution,

′ ′jc x yexp [ ( , ) ]. Thus, the phase key in the input planeja x yexp [ ( , ) ] should be generated as follows:Step 1. Encrypt a plaintext f x y( , ) in the input plane. The

complex amplitude of the phase-encoded plaintext can be written

as ⎡⎣ ⎤⎦f x y ja x y( , ) exp ( , )m

in the input plane, where the sub-

script m denotes the mth iteration. When m = 1, a x y( , )1 denotesan initial randomly distributed phase, within a range of π[0, 2 ].

Step 2. Transmit the encrypted plaintext in Step 1,⎡⎣ ⎤⎦f x y ja x y( , ) exp ( , )

m, to the Fourier plane and implement

the encryption again with another phase key jb u vexp [ ( , ) ] inthe Fourier plane. Finally, it is transformed to the output planeof the 4f system. This process can thus be expressed as

F F

′ ′ ′ ′

=

×

−

⎡⎣ ⎤⎦⎡⎣ ⎤⎦{

}{ }

g x y jc x y

f x y ja x y

jb u v

( , ) exp ( , )

( , ) exp ( , )

exp [ ( , ) ] , (1)

m m

m1

where F {} and F− {}1 indicate the Fourier transform and theinverse Fourier transform, respectively. Here,

′ ′ ′ ′⎡⎣ ⎤⎦g x y jc x y( , ) exp ( , )m mis the complex amplitude in the

output plane.Step 3. Impose the phase constraint in the output plane

by replacing ′ ′c x y( , )m with ′ ′c x y( , ), whereas the amplitude′ ′g x y( , )m

remains unchanged.

Step 4. Transform a new complex amplitude′ ′ ′ ′g x y jc x y( , ) exp [ ( , ) ]m

in the output plane backward to the

Fourier plane, in which there is a PM −jb u vexp [ ( , ) ] servingas the complex conjugation of the phase key jb u vexp [ ( , ) ]. Itis then transformed to the input plane. This process can be

expressed as

F F= ′ ′ ′ ′

× −

−

⎡⎣ ⎤⎦

}{ { }

f x y jd x y

g x y jc x y

jb u v

( , ) exp ( , )

( , ) exp [ ( , ) ]

exp [ ( , ) ] , (2)

m m

m1

where ⎡⎣ ⎤⎦f x y jd x y( , ) exp ( , )m m

is the complex amplitude

calculated in the input plane.Step 5. Appraise the correlation coefficient (CC) of

f x y( , )m

and f x y( , ), which is defined as

σ σ=( ) ( )

CC f ff f

,cov ,

, (3)m

m

f fm

where ( )f fcov ,m

is the cross-covariance of f and fmand σ is

the standard deviation. The iteration process will be stoppedwhen the CC reaches the preset value or the maximum loop isreached. Otherwise, the iteration process will be repeatedlycarried out, by replacing f x y( , )

mwith f x y( , ) and keeping

the phase d x y( , )m unchanged, and the iteration will return toStep 2. The diagram of this algorithm procedure is shown infigure 1.

The preceding steps are similar to the first level of themethod proposed in [23]. We reconstruct the entire wavefunctions in the two planes based on the known amplitudeand/or phase distributions. The main difference is that theamplitude in one plane and the phase in the other planeare known in our approach, whereas the amplitudes in twoplanes are known in [23]. For the Yang–Gu algorithmbased on a rigorous mathematical derivation, a set ofequations for determining the amplitude and phase wereobtained [20, 21]. By using these equations and theiterative algorithm, a variety of reconstruction problemscan be successfully treated. For instance, the amplitude-phase retrieval problem, i.e., using the known phase distri-bution in one plane and amplitude distribution in the otherplane to reconstruct the entire wave function in the twoplanes, can be solved [20, 21]. The Yang–Gu algorithm isa generalization of the Gerchberg–Saxton algorithm and iseffective in solving the general amplitude-phase retrieval

Figure 1. Procedure diagram of the iterative algorithm for calculatingthe phase key ja x yexp [ ( , ) ] in the input plane.

2

J. Opt. 16 (2014) 085401 S-X Qian et al

problem in any linear unitary or nonunitary transformsystem [21]. Therefore, after performing m iterations,

′ ′c x y( , )m and f x y( , )m

will converge to ′ ′c x y( , ) and

f x y( , ), respectively. We then set the phase distribution in

PM1 to be ⎡⎣ ⎤⎦ja x yexp ( , )m

, whereas the phase distribution

in PM2 is still set to be jb u vexp [ ( , ) ]. The plaintextf x y( , ) is encrypted by PM1 and PM2. This process canbe realized optically. The encrypted information

′ ′ ′ ′ ′g x y jc x y( , ) exp [ ( , ) ] can be obtained in the outputplane, but only the amplitude ′ ′g x y( , ) is extracted as a

ciphertext. Here, | ′ ′ |g x y( , ) 2 is easily recorded by acharged-coupled device (CCD). This greatly reduces theciphertext to be transmitted, which can be further reducedby the method proposed in [24]. The ciphertext can thenbe conveniently processed, by processes such as permuta-tion or watermarking.

2.2. Decryption

Legal users have already known the predesigned phase dis-tribution ′ ′jc x yexp [ ( , ) ] and the complex conjugation of thephase key in the Fourier plane. Combing the receivedciphertext ′ ′g x y( , ), the complex amplitude in the outputplane can be expressed as ′ ′ ′ ′g x y jc x y( , ) exp [ ( , ) ]. Thus, theamplitude in the input plane, which is the decrypted image

f x y( , )d , can be obtained as follows

F F= ′ ′ ′ ′× −

−f x y g x y jc x y

jb u v

( , ) { { ( , ) exp [ ( , ) ] }

exp [ ( , ) ] } . (4)

d 1

Although f x y( , )d maybe not exactly the same as theplaintext f x y( , ), they have a very high similarity.

3. Results

We now numerically simulate the feasibility and performanceof our approach. It should be noted that frame images are256 × 256 pixels for simulations. Figure 2 shows the simu-lation results for a binary plaintext. Figure 2(a) is the originalbinary plaintext f x y( , ), which will be encrypted anddecrypted. Figure 2(b) is a predesigned phase distribution ofthe encrypted information in the output plane, i.e., a phaseconstraint ′ ′jc x yexp [ ( , ) ] with 256 gray levels. After per-forming 500 iterations, we obtained the phase distribution

⎡⎣ ⎤⎦ja x yexp ( , )500

on PM1, as shown in figure 2(c). The

amplitude and phase distributions of the encrypted informa-tion by PM1 and PM2 are shown in figures 2(d) and 2(e),respectively. The CC between figures 2(e) and 2(b) isCC = 0.39. Figure 2(d) is transmitted as a ciphertext. Clearly,figure 2(d) has no hint of figure 2(a) and the CC betweenthem is CC = 0.04. To confirm the ciphertext to be a

Figure 2. Encryption and decryption of a binary plaintext. (a) Original binary plaintext, (b) predesigned phase distribution in the output plane(image taken from http://sipi.usc.edu/database/database.php?volume=misc), (c) calculated phase distribution on PM1 by iterative algorithm,(d) amplitude distribution of the encrypted information in the output plane, (e) phase distribution of the encrypted information in the outputplane, and (f) decrypted image.

3

J. Opt. 16 (2014) 085401 S-X Qian et al

stationary white noise, we introduce the normalized meansquare error (NMSE) as follows

∑ ∑

∑ ∑=

−= =

= =

⎡⎣ ⎤⎦f i j f i j

f i j

NMSE

( , ) ( , )

[ ( , ) ]

. (5)i

M

j

N

m

i

M

j

N

1 1

2

1 1

2

where M and N are the pixel sizes of the image in twoorthogonal dimensions. The NMSE between figure 2(a) and2(d) is 0.84. If figure 2(a) is encrypted using traditionalDRPE, the NMSE between the plaintext and the ciphertext isapproximately 0.64. The CC and the NMSE between theplaintext and the ciphertext in our approach prove that theciphertext is stationary white noise. Although the decryptedimage in figure 2(f) by equation (4) contains some noise, itcan still be easily recognized. The CC between figures 2(f)and 2(a) is CC = 0.85, whereas the NMSE between themis 0.13.

Figure 3 shows other simulation results for a grayscaleplaintext. Figure 3(a) is the original grayscale plaintext with256 gray levels. The other parameters for the simulations arethe same as in figure 2. Figure 3(b) is the predesigned phasedistribution in the output plane and is the same as figure 2(b).Figure 3(c) is the calculated phase distribution on PM1 afterimplementing 500 iterations. Figures 3(d) and 3(e) are the

amplitude and phase distributions of the encrypted informa-tion, respectively. The CC between figure 3(d) and 3(a) isCC = 0, whereas the NMSE between them is 0.69. Figure 3(f)is the decrypted image, which has a CC of CC = 0.89 withfigure 3(a). The NMSE between figures 3(a) and 3(f) is 0.03.Clearly, our approach is valid for encrypting both binary andgrayscale plaintexts.

4. Discussions

4.1. Effect of iteration times

We first explore the effect of iteration times on the performanceof our approach. As shown in figure 4, the NMSEs betweenf x y( , ) and f x y( , )

mconverge quickly in the initial dozens of

iterations. It can be found that the good results can be obtainedwithin about the first 50 iterations. For better performance,however, we still use 500 iterations for all the iterations given.

4.2. Occlusion and noise attacks

For the occlusion attack, 25% of a ciphertext is obstructed, asshown in figure 5(a) for the binary plaintext and in figure 5(b)for the grayscale plaintext, and the corresponding decryptedresults are shown in figures 5(e) and 5(f), respectively. TheCC between figure 5(e) and figure 2(a) is CC = 0.59, whereas

Figure 3. Encryption and decryption of a grayscale plaintext. (a) Grayscale image plaintext (© Playboy Enterprises, Inc.,), (b) predesignedphase distribution in the output plane (image taken from http://sipi.usc.edu/database/database.php?volume=misc), (c) calculated phasedistribution on PM1 by iterative algorithm, (d) amplitude distribution of the encrypted information in the output plane, (e) phase distributionof the encrypted information in the output plane, and (f) decrypted image.

4

J. Opt. 16 (2014) 085401 S-X Qian et al

that between figure 5(f) and figure 3(a) is CC = 0.54.Figures 5(c) and 5(d) show the ciphertexts with a zero-meanGaussian white noise with a variance of 0.01 for the binaryand grayscale plaintexts, respectively, and figures 5(g) and5(h) show the corresponding decrypted results. The CCbetween figure 5(g) and figure 2(a) is CC = 0.67, whereas thatbetween figure 5(h) and figure3(a) is CC = 0.57.

Figures 6(a) plots the influence of the percentage ofoccluded ciphertext on the CC between the decrypted imageand the original plaintext. Figures 6(b) depicts the depen-dence of the CC between the decrypted image and the originalplaintext on the variance of zero-mean Gaussian white noiseadded to the ciphertext. The solid line and the dotted line infigures 6(a) and 6(b) correspond to a binary plaintext infigure 2(a) and a grayscale plaintext in figure 3(a), respec-tively. The results demonstrate that our approach couldindeed resist occlusion and noise attacks for a binary plain-text, but it is relatively vulnerable to occlusion and noiseattacks for a grayscale plaintext.

We should note that the plaintext f x y( , ), the two phasekeys ja x yexp [ ( , ) ] and jb u vexp [ ( , ) ], the predesigned phasedistribution ′ ′jc x yexp [ ( , ) ], and the ciphertext ′ ′g x y( , ) mustbe displayed on spatial light modulators in a practical opticalsystem. The spatial light modulators usually have 256 graylevels. Therefore, all parameters used in all the precedingsimulation are quantized to 256 gray levels. As previouslymentioned, the phase key ja x yexp [ ( , ) ] in the input plane isgenerated by the computer, whereas the encryption anddecryption are implemented optically. If the phase key

ja x yexp [ ( , ) ] must also be generated optically, however, the

complex amplitudes ′ ′ ′ ′⎡⎣ ⎤⎦g x y jc x y( , ) exp ( , )m mand

⎡⎣ ⎤⎦f x y jd x y( , ) exp ( , )m m

in the iterations should be recorded

holographically. Here, we use phase-shifting digital holo-graphy [25] to record the complex amplitudes in the input andoutput planes. As described in [25], a plane reference fieldwith the phase shift ϕ

Ris superimposed upon the measured

object field ϕ( )A iexpO O, i.e., ′ ′ ′ ′⎡⎣ ⎤⎦g x y jc x y( , ) exp ( , )m m

and ⎡⎣ ⎤⎦f x y jd x y( , ) exp ( , )m m

. To reconstruct the object field,

we record four interference fringes I1, I2, I3, and I4 using aCCD camera for different phase shifts ϕ π π= 0, /2,

R, and

π3 /2. Here, I1, I2, I3, and I4 are quantized to 256 gray levels.The object field can be obtained by

ϕ = − + −⎡⎣ ⎤⎦( ) ( )A i I I j I Iexp1

4. (6)O O 1 3 2 4

Thus, ′ ′ ′ ′⎡⎣ ⎤⎦g x y jc x y( , ) exp ( , )m mand

⎡⎣ ⎤⎦f x y jd x y( , ) exp ( , )m m

can be obtained using phase-shift-

ing digital holography, as described previously, and arequantized to 256 gray levels again, as both must be displayedon the spatial light modulators in the real optical system. After500 iterations, we obtain the phase key ja x yexp [ ( , ) ]. Theiteration is the same as shown in figure 1, except that

′ ′ ′ ′⎡⎣ ⎤⎦g x y jc x y( , ) exp ( , )m mand ⎡⎣ ⎤⎦f x y jd x y( , ) exp ( , )

m mare

obtained using phase-shifting digital holography and havebeen quantized here. Our results show that there is almost nodifference whether ja x yexp [ ( , ) ] is generated optically or bythe computer, as shown in table 1.

4.3. Chosen-Ciphertext attack [2]

A chosen-ciphertext attack should construct a set of cipher-texts, which should have the following form

ψ π π

π π

′ ′ = ′ ′

+ ′ ′

⎡⎣⎤⎦

( )( )

( )

( )

x y j x f j y f

j x f j y f

( , )1

2exp 2 exp 2

exp 2 exp 2 , (7)

x y

x y

1 1

2 2

where fx1, f

y1, f

x2, and f

y2are spatial frequencies and all are

known. The corresponding intensity distribution in the inputplane is

π

π

= + −

+ −

+ −

⎡⎣

⎤⎦( )

( ) ( )

( )f x y x f f

y f f

b f f b f f

( , )1

2

1

2cos 2

2

, , . (8)

x x

y y

x y x y

21 2

1 2

2 2 1 1

The phase difference ( )b f f,x y2 2

− ( )b f f,x y1 1

can be

computed and the phase difference between any value of thephase key b u v( , ) can be computed when keeping one of thespatial frequencies fixed as a reference. In our approach,however, constructing the ciphertext with the form ofequation (7) is forbidden. In the decryption process, only theamplitude in the output plane can be arbitrarily constructed,whereas the phase is predesigned as a key and is fixed. Thus,our approach can resist chosen-ciphertext attack.

Figure 4. Effect of iteration times on the quality of the decryptedimage. Solid line shows the influence of iteration times on NMSEbetween f x y( , ) and f x y( , )

mwhen the plaintext is the example

given in figure 2(a). Dotted line shows the influence of iterationtimes on NMSE between f x y( , ) and f x y( , )

mwhen the plaintext is

the example given in figure 3(a).

5

J. Opt. 16 (2014) 085401 S-X Qian et al

4.4. Known-Plaintext Attack [3]

A known-plaintext attack should construct a plaintext f x y( , )and its ciphertext ψ ′ ′x y( , ). Thus, the amplitude in theFourier plane ψ u v( , ) can be expressed as

Fψ =×

u v f x y ja x yjb u v

( , ) { ( , ) exp [ ( , ) ] }exp [ ( , ) ] . (9)

ψ u v( , ) can also be derived from the ciphertext

Fψ ψ= ′ ′u v x y( , ) { ( , ) } . (10)

The issue for finding the phase key ja x yexp [ ( , )] in theinput plane with a given plaintext-ciphertext pair of f x y( , )and ψ ′ ′x y( , ), can be converted to an equivalent issue: for agiven amplitude information f x y( , ) in the input plane and agiven amplitude information ψ u v( , ) in the Fourier plane,how to find the phase information ja x yexp [ ( , ) ] in the inputplane? This issue can be solved by the phase retrieval fromtwo intensity measurements. After recovering the phase keyin the input plane, another phase key in the Fourier plane canbe derived by

F

ψ=⎡⎣ ⎤⎦ ⎡⎣ ⎤⎦{ }jb u v

u v

f x y ja x yexp ( , )

( , )

( , ) exp ( , ), (11)

r

r

where ⎡⎣ ⎤⎦ja x yexp ( , )r

and ⎡⎣ ⎤⎦jb u vexp ( , )r

are the recovered

phase keys in the input and Fourier planes, respectively. Inour approach, however, only the amplitude ψ∣ ′ ′ ∣x y( , ) istransmitted as the ciphertext and may be intercepted by theattackers. The amplitude in the Fourier plane ψ u v( , ) cannotbe obtained only from ψ ′ ′x y( , ) , and the phase information

in the input plane also cannot be recovered by the phaseretrieval from two intensity measurements. Thus, ourapproach can resist known-plaintext attack.

4.5. Chosen-Plaintext attack [4]

A chosen-plaintext attack should construct a series of specialplaintexts and obtain the corresponding ciphertexts. Assum-ing that the attackers choose a series of impulse functionsδ − −x x y y( , )0 0

as the plaintexts, we have

F

F

F

ψδ

δ

== − −

×

= − −

×=

⎡⎣ ⎤⎦

⎡⎣ ⎤⎦

{ }

{ }u v f x y ja x y jb u v

x x y y ja x y

jb u v

x x y y ja x y

jb u v

ja x y jb u v

( , ) { ( , ) exp [ ( , ) ] } exp [ ( , ) ]

( , ) exp [ ( , ) ]

exp [ ( , ) ]

( , ) exp ( , )

exp [ ( , ) ]

exp ( , ) exp [ ( , ) ]. (12)

0 0

0 0 0 0

0 0

If the corresponding ciphertext ψ ′ ′x y( , ) is known,ψ u v( , ) can be obtained by Fψ ψ= ′ ′u v x y( , ) { ( , ) }. Thus,the phase key jb u vexp [ ( , ) ] can be obtained fromequation (12). In our approach, however, as previouslymentioned, ψ u v( , ) cannot be yielded from ψ ′ ′x y( , ),because the phase of ψ ′ ′x y( , ) is not known for the attackers.In fact, our approach cannot encrypt the plaintext when it isan impulse function, because the phase in the output planewill not converge to the predesigned distribution. Therefore,our approach can resist chosen-plaintext attack.

Figure 5. Robustness of our approach against occlusion and noise attacks in the ciphertext process. (a) and (b) are the ciphertext attacks witha 25% occlusion for the binary and grayscale plaintexts, respectively. (e) and (f) are the retrieved images from (a) and (b), respectively. (c)and (d) are the ciphertexts with zero-mean Gaussian white noise for the binary and grayscale plaintexts, respectively. (g) and (h) are theretrieved images from (c) and (d), respectively.

6

J. Opt. 16 (2014) 085401 S-X Qian et al

4.6. Benefits

As previously described, our approach has three main bene-fits. First, the ciphertext is easily recorded. Second, theciphertext that must be transmitted is greatly reduced. Third,the security is enhanced.

5. Conclusion

We proposed an approach based on DRPE, by carefullydesigning the phase distribution in the input plane using theYang–Gu algorithm. The phase distribution of the encryptedinformation in the output plane is converged to a predesigneddistribution and only the amplitude of the encrypted infor-mation is extracted as the ciphertext. Our approach simplifiesthe procedures for obtaining and transmitting the ciphertext.Conversely, our approach greatly enhances the security of theDRPE system, which can resist chosen-ciphertext attack,known-plaintext attack, and chosen-plaintext attack.

Acknowledgments

This work is supported by the National Basic Research Pro-gram (973 Program) of China under Grant No.

2012CB921900, and the National Natural Science Foundationof China under Grant No. 10934003.

References

[1] Réfrégier P and Javidi B 1995 Opt. Lett. 20 767[2] Carnicer A, Montes-Usategui M, Arcos S and Juvells I 2005

Opt. Lett. 30 1644[3] Peng X, Zhang P, Wei H and Yu B 2006 Opt. Lett. 31 1044[4] Peng X, Wei H and Zhang P 2006 Opt. Lett. 31 3261[5] Frauel Y, Castro A, Naughton T J and Javidi B 2007 Opt.

Express 15 10253[6] Unnikrishnan G, Joseph J and Singh K 2000 Opt. Lett. 25 887[7] Situ G and Zhang J 2004 Opt. Lett. 29 1584[8] Cheng X C, Cai L Z, Wang Y R, Meng X F, Zhang H, Xu X F,

Shen X X and Dong G Y 2008 Opt. Lett. 33 1575[9] He M, Tan Q, Cao L, He Q and Jin G 2009 Opt. Express 17

22462[10] Zang J, Xie Z and Zhang Y 2013 Opt. Lett. 38 1289[11] Shi Y, Li T, Wang Y, Gao Q, Zhang S and Li H 2013 Opt.

Lett. 38 1425[12] Rajput S K and Nishchal N K 2013 Appl. Opt. 52 871[13] Li J, Li J, Shen L, Pan Y and Li R 2014 Opt. Express 22 4849[14] Shao Z, Shu H, Wu J, Dong Z, Coatrieux G and Coatrieux J L

2014 Opt. Express 22 4932[15] Liu Z and Liu S 2007 Opt. Commun. 275 324[16] Hwang H E, Chang H T and Lie W N 2009 Opt. Lett. 34 3917[17] Javidi B, Zhang G and Li J 1996 Opt. Eng. 35 2506[18] Schnars U and Jüptner W 1994 Appl. Opt. 33 179[19] Alfalou A and Brosseau C 2009 Adv. Opt. Photon 1 589[20] Yang G Z, Gu B Y and Dong B Z 1993 Int. J. Mod. Phys. B

7 3153[21] Yang G Z, Dong B Z, Gu B Y, Zhuang J and Ersoy O K 1994

Appl. Opt. 7 209[22] Liu W, Liu Z and Liu S 2013 Opt. Lett. 38 1651[23] Alfalou A and Mansour A 2009 Appl. Opt. 48 5933[24] Alfalou A, Brosseau C, Abdallah N and Jridi M 2011 Opt.

Express 19 24023[25] Yamaguchi I and Zhang T 1997 Opt. Lett. 22 1268

Figure 6. Dependences of the CC on the percentage of occluded ciphertext and the variance of zero-mean Gaussian white noise added to theciphertext. (a) Dependence of the CC on the percentage of occluded ciphertext, where the solid line and the dotted line correspond to a binaryplaintext in figure 2(a) and a grayscale plaintext in figure 3(a), respectively. (b) Dependence of the CC on the zero-mean Gaussian white noiseadded to the ciphertext plaintext, where the solid line and the dotted line correspond to a binary plaintext in figure 2((a) and a grayscaleplaintext in figure 3(a), respectively.

Table 1. Calculated CC and NMSE when ja x yexp [ ( , ) ] is obtainedby the computer (CC1 and NMSE1) and when ja x yexp [ ( , ) ] isobtained optically (CC2 and NMSE2).

Parameters CC1 NMSE1 CC2 NMSE2

figures 2(a) and 2(d) 0.04 0.84 0.04 0.84figures 2(a) and 2(f) 0.85 0.13 0.85 0.13figures 3(a) and 3(d) 0 0.69 0 0.68figures 3(a) and 3(f) 0.89 0.03 0.89 0.03

7

J. Opt. 16 (2014) 085401 S-X Qian et al