Abstract
This paper studies the security of a chaotic cryptosystem based on Chua's circuit and implemented with State Controlled Cellular Neural Networks (SC-CNN). Here, we prove that the plaintext can be retrieved by bandpass filtering of the ciphertext or by using an imperfect decoder with wrong receiver parameters. In addition, we find that the key space of the system can be reduced notably, and the required resolution of the parameter values to recover a meaningful plaintext is as coarse as 5%, easing a brute-force attack. The system parameters can be determined with high precision through the analysis of the decoding error produced by the mismatch between the parameters of receiver and transmitter.