On Known-Plaintext Attacks to a Compressed Sensing-Based Encryption: A Quantitative Analysis

Despite the linearity of its encoding, compressed sensing (CS) may be used to provide a limited form of data protection when random encoding matrices are used to produce sets of low-dimensional measurements (ciphertexts). In this paper, we quantify by theoretical means the resistance of the least complex form of this kind of encoding against known-plaintext attacks. For both standard CS with antipodal random matrices and recent multiclass encryption schemes based on it, we show how the number of candidate encoding matrices that match a typical plaintext-ciphertext pair is so large that the search for the true encoding matrix inconclusive. Such results on the practical ineffectiveness of known-plaintext attacks underlie the fact that even closely related signal recovery under encoding matrix uncertainty is doomed to fail. Practical attacks are then exemplified by applying CS with antipodal random matrices as a multiclass encryption scheme to signals such as images and electrocardiographic tracks, showing that the extracted information on the true encoding matrix from a plaintext-ciphertext pair leads to no significant signal recovery quality increase. This theoretical and empirical evidence clarifies that, although not perfectly secure, both standard CS and multiclass encryption schemes feature a noteworthy level of security against known-plaintext attacks, therefore increasing its appeal as a negligible-cost encryption method for resource-limited sensing applications.