Abstract

Attack techniques on a cryptosystem include not only cryptanalysis, but also forgery and modification of messages, deception and confusion on both sender and receiver sides, and so on. In this Letter, we show that an optical encryption system based on computational ghost imaging (CGI) has security vulnerability owing to its high tolerance for error deviation of ciphertext. It leaves a chance for a forgery attack in which attackers can forge a set of fake keys according to the intercepted ciphertext. If the forged key can be transmitted to the receiver by some disguised means, he/she may be cheated or confused by the retrieved fake images. The discovery of this vulnerability may also help upgrade the CGI-based encryption system.