#### Abstract

In this paper, we propose a new and simple method for image encryption. It uses an external secret key of 128 bits long and an internal secret key. The novelties of the proposed encryption process are the methods used to extract an internal key to apply the zigzag process, affine transformation, and substitution-diffusion process. Initially, an original gray-scale image is converted into binary images. An internal secret key is extracted from binary images. The two keys are combined to compute the substitution-diffusion keys. The zigzag process is firstly applied on each binary image. Using an external key, every zigzag binary image is reflected or rotated and a new gray-scale image is reconstructed. The new image is divided into many nonoverlapping subblocks, and each subblock uses its own key to take out a substitution-diffusion process. We tested our algorithms on many biomedical and nonmedical images. It is seen from evaluation metrics that the proposed image encryption scheme provides good statistical and diffusion properties and can resist many kinds of attacks. It is an efficient and secure scheme for real-time encryption and transmission of biomedical images in telemedicine.

#### 1. Introduction

The amazing developments in the field of network communications during the past years have created a great requirement for secured image transmission over the Internet [1]. Image data, such as medical images, military images, images of electronic publishing, and fingerprint images from authentication systems, must be kept private and confidential. The confidentiality of these images is capital and cannot be guaranteed through the Internet. To ensure the security of information during transmission, encryption techniques are used. Cryptography aims to ensure data confidentiality, integrity, and authentication during communication. In telemedicine, medical data need to be processed with total discretion. This justifies the use of encryption technology in telemedicine.

Cryptographic methods are based on two fundamental principles, namely, substitution and diffusion. Substitution involves replacing certain letters or values of the original message with others. Diffusion consists of dispersing the position of the letters or the values of the original message to scramble the message. Most encryption techniques have been developed to secure text data. Unfortunately, these techniques are not suitable for images because the images have a rather complex structure and are quite large in size compared to the text data. Yet, the images may contain private and fairly confidential information. Hence, there is a need to find an effective technique to secure images. Thus, designing less complex image encryption algorithms becomes very crucial. Much research has focused on the issue of image security. Digital images have several properties such as information redundancy, a strong correlation between pixels, and large data capacities. An image encryption algorithm must take into account all these properties.

Conventional image encryption techniques are divided into two groups, namely, asymmetric encryption (with private and public keys) and symmetric encryption (with a secret key) [2]. Several algorithms have been proposed in the past for the encryption of images. We have data encryption standard (DES), triple data encryption algorithm (TDEA), advanced encryption standard (AES), Rivest, Shamir, and Adleman (RSA), and fast image encryption algorithm (FEAL) [2–8]. In recent years, chaotic systems have been used by many researchers in image encryption. A chaos-based image encryption technique typically uses both substitution and diffusion processes. This technique generally uses an external key and one or more generators to generate chaotic sequences that will be used for the substitution/diffusion process. Ahmad and Farooq in [9] approved that the generation of high-quality key stream decides the level of security offered by the Cipher. They combined the simple logistic map with the cubic map to generate PN sequences for the proposed encryption scheme. Those PN sequences from the proposed generator have good autocorrelation and have been tested randomness. Li et al. in [10] introduced a performance-enhanced image encryption scheme based on depth-conversion integral imaging and hybrid cellular automata (CA). The aim is to meet the requirements of secured image transmission. The input image is firstly decomposed into an elemental image array (EIA) using the depth-converted integral imaging technique. The CA model and chaotic sequence are used to encrypt the elemental images. In [11], Ahmad et al. used particle swarm optimization and chaotic map to propose an optimized image encryption. Initial conditions of the chaotic map depend on the pending plain image, so the algorithm is resistant because, from one image to another, key stream will be different. Niu et al. in [12] proposed an efficient method for image encryption based on the chaos theory and a deoxyribonucleic acid (DNA) sequence database using the characteristics of chaos, such as randomness, regularity, ergodicity, and initial value sensitiveness, combined with the unique space conformation of DNA molecules and their unique information storage and processing ability. In [13], Kengnou et al. proposed an encryption algorithm using a 3D chaotic system and DNA coding. Two keys are used, an internal one and an external one. During the chaotic process, the sequences generated from the different variables of the chaotic generator are not used separately. They are combined using the zigzag process and used simultaneously. Each 3D chaotic system can be used. Twenty four DNA rules and 16 join operations of DNA coding are used during the DNA coding process. A Fast Walsh Transform (FWT) has been combined with two chaotic logistic maps by Telem et al. in [14] to propose a new scheme of image encryption. Chaotic encryption methods are combined with the two-dimensional FWT of images. Liu and Miao in [15] proposed an image encryption method based on a logistic chaotic map and dynamical algorithm. In their method, the parameter of the logistic map is varied and used to shuffle the plain image. Then, the dynamical algorithm comes to encrypt the image. Many other chaotic encryption methods have been proposed in [15–23].

Cryptanalysis evaluates the efficiency of cryptosystems to resist against attacks and therefore confirms their validity. Several studies have shown that some cryptosystems based on chaos could be cryptanalyzed [24–27]. To face this challenge, Pareek et al. in [28] proposed an image encryption system without chaos. From a 128-bit external key, it provides an efficient algorithm using 16 rounds with satisfactory results. In [29], Jolfaei et al. have demonstrated the shortcomings of the image encryption scheme proposed by Pareek et al. [28]. The method is not secured, and the secret key can be deduced by a chosen-ciphertext attack. Security flaws of the encryption scheme have been discussed and solutions have been proposed in [29]. Houas et al. proposed in [30] a new algorithm to encrypt binary images based on several steps. Firstly, they reduced the amount of data required to present the image. The next step consists to divide the image into d blocks. Those blocks are used to construct a new image of the same size as the original one but represented on a new basis. The construction of the new basis is inspired by the work of Mokhtari and Melkemi [31]. After that transformation, they obtained a key image and used it to encrypt and decrypt images. The encrypted image is the representation on a new basis. The decryption algorithm consists of subtraction between each encrypted image and the key image and the sum of them.

Some image encryption methods are based on mathematical transform such as cosine transform, and Fourier transform is proposed. The method proposed by Lima et al. in [32] is based on the cosine number transform (CNT), a mathematical tool whose application requires modular arithmetic only. A CNT is very sensitive to changes in the vector being transformed, so 2 slightly different vectors may have significantly distinct CNTs, which are desirable for cryptography applications [32]. The method consists of dividing an image into blocks that overlap horizontally and vertically the corresponding adjacent block. The blocks are then sequentially taken and submitted to the recursive computation of a two-dimensional CNT. The method is limited to noncompressed images and particularly to medical images complying with the Digital Imaging and Communications in Medicine (DICOM) standard. Lima et al. in [33] proposed a fast computation of Cosine transform over fields of characteristic 2 and the application to image encryption. Annaby et al. in [34] have proposed a cryptosystem based on Fourier transform.

In [35–38], methods to reduce the workload of the time-consuming diffusion part are proposed. The encryption process is taken over the entire image. The image is not divided into many subblocks. Those methods gain in execution time but have several security problems.

In [39–41], affine transformations combined with other mathematical functions have been used to propose image encryption methods. Zhu et al. [39] have used affine cipher and generalized Arnold map to propose an image encryption scheme. Ahmad and Hwang in [40] have combined affine transformation with the chaotic map to propose their encryption method. In [41], Shah et al. have combined affine transformation with linear fractional transformation.

In this work, affine transformations are not combined with other mathematical models or functions. We propose a new image encryption algorithm using an external key, an internal key, affine transformations (reflections and rotations), zigzag process, and substitution-diffusion processes. Each pixel of the plain image is converted into its equivalent 8-bit binary, and the bits of rank *n* (*n* = 1, 2, 3, 4, 5, 6, 7, 8) of the different pixels constitute the binary image of this rank. So, the plain image is converted into 8 binary images. From binary images, an internal key is deduced. Each binary image is submitted to the zigzag process to yield zigzag binary images. Using an external key, the zigzag binary images are mapped using affine transformations and a new image is reconstructed. The reconstructed image is then submitted to substitution and diffusion processes to produce a cipher image. The novelties of this work are(i)The use of the two keys: an internal key is extracted from the binary components of the plain image to be encrypted. In [13], an internal key is extracted directly from the pixel of plain image and not from the binary components of the plain image. In this work, an internal key is used in combination with the external key to generate the substitution and diffusion sequences. Internal keys are different from one plain image to another, and consequently, the substitution and diffusion sequences are also different even in the case of the same external key. To decrypt the cipher image, one must have the exact internal key and external key and well-known algorithm used in the cryptosystem.(ii)The proposed algorithm does not use chaotic generators or complex mathematic functions to compute the substitution-diffusion sequences. Rather, those sequences are computed from simple logical bit operation by using external and internal keys and the part of the previous result of the encryption process.(iii)The application of affine transformation on the binary component of the plain image.(iv)The method to apply zigzag process: depending on the context, it can act as a diffusion or substitution process. Previous works have applied the zigzag process on the gray-scale image. The proposed method applied the zigzag process on the binary version of the plain image. So, it acts as a substitution process.

Hence, the proposed method does not gain on execution time but gain more on efficiency, security, and robustness. The proposed method is very helpful in telemedicine to secure medical images before transmitting them from one hospital to another. The method can also be used in every domain where we need to secure images as military domain and so on.

In the rest of the work, we present the details of our encryption algorithm in Section 2. The experimental results and security analysis tests are given in Section 3. At the end of the work is a conclusion.

#### 2. Proposed Cryptosystem

##### 2.1. Block Diagram of the Proposed Algorithm

In this work, we used an external key of 128 bits long, an internal key, reflection and rotation mappings, zigzag process, substitution, and diffusion processes to propose a new image encryption method. The plain image is converted into 8 binary images. From binary images, an internal key is extracted. Each binary image is submitted to the zigzag process to yield zigzag binary images. Using an external key, the zigzag binary images are mapped and a new image is reconstructed. This new image is divided into nonoverlapping squared subblocks. Each subblock is then submitted to the substitution and diffusion processes for K round using the combination of the two keys. The originality of this method dwells on the method used to generate the internal key, the use of reflection or rotation mapping, and the method to apply the substitution and the zigzag processes, the method used to compute substitution and diffusion sequences. The internal key is provided by the image being encrypted. In [28], the zigzag operation is applied on the pixel values, and it acts to change just the position of the pixel or the pixel location in the subblock. In this work, the whole image or the considered subblock is converted into binary images or binary subblock. The bits in a binary image/subblock are then reshuffled within the image/block by a zigzag path, and a new image/subblock is reconstructed. Consequently, the zigzag process changes the value of the pixels and acts as a substitution process. After the zigzag process, an external key is used to choose the corresponding type of transformation to be applied on each zigzag binary image. In [39–41], authors combine affine transformations with other mathematical models or functions. In this work, we do not use any chaotic generator or mathematical function to generate the codes used for the substitution-diffusion processes as usually. Rather, we combine the two keys (internal and external) and pixels of the image to compute the codes used on substitution-diffusion processes. Those features are the particularities of this algorithm. The block diagram of the proposed algorithm is shown in Figure 1.

###### 2.1.1. External and Internal Keys

The proposed algorithm uses an external secret key of thirty-two hexadecimal numbers as shown in this example: «**ABCDEFGHIJKLMNOPRSTUVW αβγηθλξρτφ**». This key is used for both substitution-diffusion processes and the choice of the type of affine transformation to be applied on binary images. An original image is decomposed into 8 binary images (

*i*= 1, 2, …, 8). are submitted to “XOR” operation and yield one binary matrix. This matrix is then converted into a pixel matrix. The “XOR” operations between lines of the matrix produce the first part of the internal key named “keyi1,” and while the “XOR” operations between columns produce the second part of the internal key named “keyi2.” Table 1 presents the internal keys of two images ‘ANTAMOEBACOLI’ and ‘Lena,’ respectively. One can see the difference between the two internal keys. So, internal keys are different from image to another. “keyi1” and “keyi2” are combined with an external key to generate substitution-diffusion sequences, and consequently, substitution-diffusion sequences are also different for one image to another, and this makes the algorithm high secured and resistant against attacks.

###### 2.1.2. Zigzag Process

The zigzag process aims to scramble the image by changing the position of the pixel or the bit. Depending on the context, it can act as a diffusion or substitution process. In this algorithm, the zigzag process applied to the whole binary image acts as a diffusion process. In the case of the binary subblock, it acts as a substitution process. A zigzag process to scramble the binary images is shown in Figure 2.

###### 2.1.3. Affine Transformation Process

On the Euclidean plane, let be an affine transformation; its equation is given bywhere is the coordinate point, and are real numbers, and is the new coordinate point. We can also write this same transformation with the equivalent notations:where *A* is a real matrix and represents translations.

The matrix can also be written in the form ofwhere are the polar coordinates of the point and are the polar coordinates of the point (*b*, *d*). In other words,

Various transformations can be performed in such as dilations, reflections, translations, rotations, and similitudes. In this work, we are restricted to reflection and rotation transformations.

A reflection on the *x*-axis can be written in as , while a reflection on the *y*-axis is written as . In matrix representation, these reflections are given by

A rotation mapping has the form .

Also, it is expressed as

For the rotation angle , .

The available reflection and rotation transformations are(0)Identity (I):(1)Orthogonal reflection around midvertical axis of block (Rmv)(2)Orthogonal reflection around midhorizontal axis of block (Rmh)(3)Orthogonal reflection around the first diagonal of block (Rfdiag)(4)Orthogonal reflection around the second diagonal of block (Rsdiag)(5)Rotation around the center of block +90° (*R* + 90)(6)Rotation around the center of block +180°(*R* + 180)(7)Rotation around the center of block −90°(*R*−90)

In the algorithm step, we use zigzag binary matrices named , *i* = 1, 2, …, 8. An external key is used to choose the corresponding type of transformation to be applied on each zigzag binary image . Let «**ABCDEFGHIJKLMNOPRSTUVW αβγηθλξρτφ**» be an external key; to choose the corresponding affine transformations, we extract eight numbers «

**D, H, L, P, U,**» from an external key. Each number is converted into its corresponding octave number. The obtained octave number gives the corresponding transformation (from 0 to 7 as describe previously) to be applied on the corresponding zigzag binary image. An external key should be chosen such as all these obtained octave number must not be null. At the end of the affine transformation process, the transformed binary images are used to reconstruct a new gray-scale image . This image is subdivided into nonoverlapping squared block before the substitution-diffusion process.

*β*,*λ*,*φ*###### 2.1.4. Substitution Process

The operation is taken into two steps, zigzag operation and substitution, using the corresponding key. The chosen subblock is converted into a binary subblock . The zigzag operation is taken on , and it is reconverted into the pixel value. A zigzag path to scramble the binary block is shown in Figure 2. The next step is to combine an external key with «*keyi1*» to generate the sequence which will be used for substitution operation. Let *L* be the size of a subblock. Having an external key «*externalkey*» and an internal key «*substitutioncode*», the algorithm to generate the sequence of each block is defined as follows:(a)For the first round and the first subblock, Lon = length (keyi1); lng = Lon/2; codesub = keyi1; cc1 = bitxor (externalkey, codesubu (1 : lng)); cc2 = bitxor (cc1, codesub ((lng + 1) : Lon)); usingcode = [cc1 cc2];(b)For the next round K and the other subblocks, codesubu = usingcode; c1 = bitxor (clefdecfin, codesubu ((lng + 1) : Lon)); cc1 = bitxor (c1, vectsub (1 : 1 : lng)); c2 = bitxor (cc1, codesubu (lng:−1 : 1)); cc2 = bitxor (c2, vectsub ((lng + 1) : Lon)); usingcode = [cc1 cc2];

« vectsub » is the last result.

The sequence «usigncode» will be used for the substitution process of the corresponding subblock. The second step of the substitution process is performed using «XOR» operation.

###### 2.1.5. Diffusion Process

The subblock coming from the substitution process is then sent through the permutation process. This process will modify the pixel location. The same algorithm used during the substitution process is used to generate the sequence for the diffusion process in which « keyi2» is used. The sequence of each subblock is rearranged in the ascending order and used to modify the position of the pixel in the subblock.

###### 2.1.6. The Overall Proposed Encryption Algorithm

Let be an original image. We can describe our encryption algorithm as follows: Step 1: generate an external secret key. Step 2: convert image images. Step 3: extract an internal secret key. Step 4: apply zigzag process on binary images. Step 5: select and apply affine transformation on each zigzag binary images using the external key. Step 6: reconstruct a new gray-scale image using transformed zigzag binary images. Step 7: subdivide a new image into many nonoverlapping squared subblock. Step 8: for each subblock and for *K* round, Step 8.1: convert each pixel into the binary vector. Step 8.2: apply scan zigzag operation to permute the position of the binary element in the binary matrix. Step 8.3: reconstruct a gray-scale subblock. Step 8.4: combine an external key and an internal key to generate the substitution sequence of the subblock. Step 8.5: take out a second part of the substitution process. Step 8.6: combine an external key and an internal key to generate the permutation sequence of the subblock. Step 8.7: take out a diffusion process.

The decryption algorithm is the inverse operations of the encryption process.

##### 2.2. Evaluation Metrics

A robust and good cryptosystem should present many features. Firstly, the key space should be large enough to make the brute-force attack infeasible [17]. Secondly, the histograms of the cipher image should be uniformly distributed. The correlation between adjacent pixels (vertically, horizontally, and diagonally) in the cipher image should be approximately zero to confirm the effectiveness of the method.

###### 2.2.1. Correlation Coefficient

The correlation metric is used to evaluate the similarity between two images. If the images are identical, the correlation value is equal to one. When the correlation value is closed to zero, there is no similarity between these images. For an efficient encryption scheme, the correlation between plain image and cipher image must be close to zero. The correlation coefficient (Co) between original and encrypted images is defined as follows:where and are gray-scale pixel values of the original and encrypted images and is the total number of pixels.

The correlation coefficient of each pair of adjacent pixels is calculated using [42]where

In equations (8)–(11), and are the gray values of two adjacent pixels in the image and is the total number of adjacent pairs of pixels. is the expectation of variable , is the variance, and is the covariance of two adjacent pixels in the image. For a good cryptosystem, the correlation coefficient Co between plain and cipher images should be close to zero. Likewise, the correlation coefficient of each pair of adjacent pixels in the cipher image should be close to zero.

###### 2.2.2. Entropy Information

The information entropy, introduced by Shannon, is one of the most important features of randomness. It is used to evaluate the quantity of information in the image. Information entropy is calculated in [28] usingwhere is the total number of gray levels in the image and shows the probability of appearance of the symbol . The entropy value of encrypted images should be closed to eight.

The (k, TB)-local Shannon entropy with respect to local image blocks may be computed by the following steps [43]. First, nonoverlapping image blocks S1, S2, … Sk with TB pixels for a test image *S* are randomly selected. Then, information entropy *H* (*S*_{i}) for all image blocks via equation (12) may be obtained. Finally, the local Shannon entropy over these *k* image blocks is computed using

###### 2.2.3. Differential Attacks

The change of a single pixel on a plain image should have an important effect on the cipher image. Number of Pixels Change Rate (NPCR) and Unified Average Changing Intensity (UACI) are used to test the influence of changing a single pixel in the original image on the whole encrypted image [17]. Therefore, if and are the pixels in row and column of the encrypted images A and B, with only one-pixel difference between the respective plain images, then the NPCR is calculated by using the following formula [44]:where and are the width and height of *A* or *B*. is calculated as follows:

UACI is calculated by the following formula:

The estimated score for NPCR and UACI are 99.6094% and 33.4635% for gray-scale images [45].

###### 2.2.4. Image Quality Criterion

After the encryption/decryption processes, we need to evaluate the performance of the cryptosystem and the quality of images. This is done by evaluating the mean square error (MSE), the peak signal-to-noise ratio, (PSNR) and the encryption quality.

Let *P* and *P*′, respectively, be a plain image, an encrypted image, and a decrypted image. MSE is defined as follows:where *M* is the total number of lines in the image and *N* is the total number of columns. The PSNR is defined as follows:

When the decrypted image *P*′ is identical to the plain one, MSE is zero, and consequently, PSNR is infinite.

The total changes in pixels’ values between the plain image and the encrypted image allow to confirm the encryption quality. So, encryption quality gives us the average number of changes to each gray level between plain image and its corresponding encrypted image. It is defined as follows:where *C* denotes the encrypted image, *L* is the gray level, , and is the total number of occurrence of *L* in the image.

#### 3. Experimental Results

In this work, we used medical and nonmedical images from different databases. Some of the medical images (parasite images) have been taken from different hospital laboratories. The others are from [46, 47]. Nonmedical images are from [48]. Azafack and Guefack images have been taken with a Smartphone techno-Y4. Our algorithm should be carried out using MATLAB R2014a in COMPAQ Intel ® core ™ i3-2328M CPU @ 2.20 GHz 2.20 GHz. The time for encrypting/decrypting an image of 512 × 512 is 1.1 s. The times for encrypting/decrypting of many images are presented in Table 2.

##### 3.1. Visual Test

To appreciate the effect of the zigzag and affine transformation processes, we present in Figure 3 some plain images and their corresponding transformed images. Physically, these processes have destroyed the correlations between the adjacent pixels in the plain images. Figure 4 presents some encrypted and decrypted images using our proposed cryptosystem where the external key is “A23C56789ABADEF7167DEAB6789367A9». The size of the subblock is 4 × 4 pixels and the number of rounds on one subblock is five. It is obvious from visual inspection of Figures 4(a)–4(h)) that there is no correlation between the original image and encrypted image. It is therefore impossible, by observing the encrypted image, to deduce the original image. This ensures the physical privacy of the cryptosystem. When observing original and decrypted images in Figures 4(a), 4(c), 4(d), 4(f), 4(g), and 4(i)), it is obvious that the image decrypted is similar to the original image. This test was performed on many other images using different keys, and all the results were conclusive. Thus, visually, the efficiency of the cryptosystem is guaranteed. Thereafter, we conducted a statistical analysis in order to confirm the results of the visual tests.

**(a)**

**(b)**

**(c)**

**(a)**

**(b)**

**(c)**

**(d)**

**(e)**

**(f)**

**(g)**

**(h)**

**(i)**

**(j)**

**(k)**

**(l)**

##### 3.2. Key space Analysis

The key space of a good image encryption algorithm should be large enough to make any brute-force attack ineffective [17, 42]. The proposed algorithm used two keys. Firstly, an external key of 128 bits is long; thus, the cipher image has different combinations of the secret key. Secondly, we use an internal secret key of 32 or 64 gray values which are long coming from the decomposition of an original image. So, the size of the key is large enough.

##### 3.3. Correlation Tests

###### 3.3.1. Correlation between Plain and Cipher Image

In Table 3, the correlation coefficients between plain and cipher images of several medical gray-scale images are given. It is observed that all the correlation coefficients are negligible. The highest value (0, 00348) is obtained for the “*ossify*” image. The cipher images are not correlated with plain images. The correlation between the decrypted and the original images is always “1” confirming that both images are identical. The algorithm has been applied on other types of nonmedical images. We have used the USC-SIPI image database which is a collection of the digitized image available and maintained by the University of Southern California [42]. Table 4 shows the results of those images. The same as for medical images, correlation coefficients of images in Table 4 are closed to zero. The maximum value (−0, 00504) of the correlation coefficient is very low compared to the critical value (1). This confirms that the proposed algorithm is efficient for every type of image.

###### 3.3.2. Correlation of Adjacent Pixels

Table 5 shows the correlation coefficients between two vertically, two horizontally, and two diagonally adjacent pixels in several medical plain images and also in their corresponding encrypted images. A high correlation is noted between vertically, horizontally, and diagonally adjacent pixels of original images. The lower value (0.67636) is obtained between diagonal adjacent pixels on the image «ANTAMOEBACOLI». For encrypted images, these values are approximately zero showing that two vertically, two horizontally, and two diagonally adjacent pixels of encrypted images are not correlated. The highest value (*−*0, 00514) is obtained in the case of medical images «article*_oeuf_taeniaC2*». This is a significant feature proving the effectiveness of our cryptosystem. The same observation is made in the case of nonmedical images in Table 6. The proposed cryptosystem produces encrypted images completely different from original images. In Figure 5, we have presented the distribution of horizontally and vertically adjacent pixels in the plain image and its corresponding encrypted image.

**(a)**

**(b)**

**(c)**

**(d)**

##### 3.4. Histograms

The histograms of both the plain and the encrypted images using our proposed method are shown in Figure 6. The histograms of the encrypted images are uniformly distributed while those of plain images are not. This confirms the toughness of the method over any statistical attack. The security of the encryption method is therefore very strong.

**(a)**

**(b)**

**(c)**

**(d)**

**(e)**

**(f)**

**(g)**

**(h)**

**(i)**

**(j)**

**(k)**

**(l)**

**(m)**

**(n)**

**(o)**

**(p)**

##### 3.5. Key Sensitivity Test

An ideal cipher image should be extremely sensitive with respect to the key used in the algorithm during the encryption and decryption processes.

###### 3.5.1. Key Sensitivity Test of Encryption Process

An insignificant change in the encryption key should be sensitive to the cipher images. We take out the key sensitivity test during the encryption process by using different keys to encrypt the same image. The difference between keys is a single bit change. The procedure is described as follows:(a)We used «A23C56789ABADEF7167DEAB6789367A9» as first external key to encrypt«S-Hematobium egg» image. The encrypted image is presented on Figure 7(b).(b)We change a single bit on the external key by substituting the fourth character “C” into “D.” The external key in this case becomes «A23D56789ABADEF7167DEAB6789367A9». The obtained encrypted image is presented on Figure 7(c).(c)In the second case, we change the sixteenth character 7 in the external key into 6. The used external key is then **«**A23C56789ABADEF6167DEAB6789367A9». The encrypted image is shown in Figure 7(d).(d)In the test number 3, the used external key is changed into **«**A23C56789ABADEF7167DEAB6789367AA». Here, the last character 9 in the first external key is changed into A. Figure 7(e) presents a cipher image obtained.(e)For the last test, the second character 2 in the external key is changed into 3. The used external key becomes «A33C56789ABADEF7167DEAB6789367A9». Figure 7(f) presents a cipher image obtained.

**(a)**

**(b)**

**(c)**

**(d)**

**(e)**

**(f)**

For a quantitative assessment of the similarity between those images, we present in Table 7 the correlation coefficients between the different cipher images.

Although the difference from one key to the other is a single bit, we note from Table 7 that the values of the correlations’ coefficients between the different encrypted images obtained are closed to zero. The highest correlation value obtained is 0.0041. This test was performed on several other images and all the results are conclusive. This implies that the encrypted images produced from the proposed cryptosystem are different. This means that the proposed cryptosystem is very sensitive to the encryption key.

###### 3.5.2. Key Sensitivity Test of Decryption Process

In a robust encryption scheme, an insignificant change in the key should not let to the decryption of the cipher image successfully [17]. The key sensitivity test was performed using a slightly different external key to decrypt the encrypted images. Some examples are given below. A “*ultrasound of fetus of 3 months*” image (Figure 8(a)) has been encrypted using the proposed cryptosystem where the external key is “A23C56789ABADEF7167DEAB6789367A9». The encrypted image is shown in Figure 8(b).(a)Firstly, the encrypted image (Figure 8(b)) is decrypted with a decrypted external key «A23D56789ABADEF7167DEAB6789367A9» which is different to the encryption external key «A23C56789ABADEF7167DEAB6789367A9» by a single bit. The fourth character C in the encryption external key is changed into D in the decryption external key. The decrypted image is shown in Figure 8(c).(b)In the second test, the encrypted image (Figure 8(b)) is decrypted by using «A23C56789ABADEF6167DEAB6789367A9» as the external key. The sixteenth character **7** in the encryption external key is changed into **6** in the decryption external key. The decrypted image is shown in Figure 8(d).(c)In this case, the encrypted image (Figure 8(b)) is decrypted using the decrypted external key «A23C56789ABADEF7167DEAB6789367AA». The last character 9 in the encryption external key is changed into A in the decryption external key. Figure 8(e) shows the decrypted image which is not correlated with the original image.(d)In Figure 8, Figure 8(b) has been decrypted using «A33C56789ABADEF7167DEAB6789367A9» as the decrypted external key. The second character 2 in the encryption external key is changed into 3 in the decryption external key.

**(a)**

**(b)**

**(c)**

**(d)**

**(e)**

**(f)**

Physically, the decrypted images are not similar to a plain image “*ultrasound of fetus of 3 months*,” as we can see in Figure 8. The correlation coefficients between the plain image and the decrypted images using a slightly different key have been calculated. They are all closed to zero as we can see in Table 8. Any change on an external secret key affects the angle of the eight used rotations and changes an internal key. Consequently, the resulting substitution-diffusion key is modified. It comes out that, without an exact key, one cannot succeed in the decryption process. This confirms the effectiveness and key sensitivity of the proposed algorithm.

So, the proposed cryptosystem is very sensitive to the encryption and decryption of external keys.

##### 3.6. Attack Analyses

###### 3.6.1. Entropy Information Analysis

It comes out from Tables 3 and 4 that the values of entropy information obtained with our new proposed scheme on medical and nonmedical images are very close to 8. The highest value is 7.9998 and the lowest one is 7.9991 for medical images, while the lowest value is 7.9992 and the highest value is 7.9994 for nonmedical images. These values are very close to eight (ideal value) compared to the entropy of the original images. This indicates that the proposed algorithm has hidden information randomly, and information leakage in the encryption process is negligible. We evaluated the local entropy of many images using TB = 1936 as in [43], and the results are presented in Table 9. We conclude the effectiveness of the algorithm considering the high values of entropy information and the local entropy.

###### 3.6.2. Differential Attacks

Tables 10 and 11 present the values of the Number of Pixels Change Rate (NPCR) and Unified Average Changing Intensity (UACI) for medical and nonmedical images.

In all the cases tested, the NPCR values are closed to 99.6% and the UACI is found close to 33.33%. Our new algorithm is very sensitive with respect to a small percentage of pixels’ change in the plain image and the rate of influence because one-pixel change in the plain image is very high. According to Tables 10 and 11, the correlation coefficients between the cipher images are negligible. So, a minor pixel change in the plain image has an important effect on the cipher image. The proposed encryption scheme is sensitive to a minor change in the plain image.

We have evaluated MSE and PSNR on all test images; the MSE is zero in all the cases and the PSNR is infinite, as we can see in Tables 10 and 11. The original and the decrypted image are identical in all cases.

#### 4. Discussion

This work proposes a new image encryption algorithm which does not use chaotic functions or mathematical functions which are time-consuming and make the algorithm too complex. It uses an external key of 128 bit size and an internal key. The originality of this method dwells on the combination of external and internal keys and the use of reflection or rotation mapping and the method to apply substitution and zigzag processes. An internal key comes from the decomposition of an image to be encrypted. The method to extract an internal key has been explained in Section 2. This internal key is the first level to ensure the security of the proposed system. To increase the security of this system, we combine the two keys to produce the diffusion-substitution sequences. These two aspects are the first novelty of the work. The second novelty comes from binary image processing. Each binary image is reshuffled within the block by the zigzag path. The corresponding reflections and rotations are applied to binary images obtained from the decomposition of the original image. It is also the case during the subblock substitution process. The scan zigzag process is applied not on the pixels of the subblock but on the bits of the pixel. The new pixel block is reconstructed. Consequently, the zigzag operation changes the values of the pixels and acts as a substitution process. In image encryption algorithm, the size of the external key, the size of subblock, the number of the subblock, the number of the rounds on each subblock, the variation of the key from one subblock to another one and from one round to another one, the generator used to generate sequences for the substitution-diffusion process, and the encryption scheme are the factors that provide to the security, efficiency, and robustness to the method. The encryption method proposed in this work is based on these parameters; when they are not enough, one can easily cryptanalyse the cipher image during transmission. These features and the obtained results make the proposed system resistant to any kind of attack while complicating the task of cryptanalysis. Certainly, our algorithm is not very fast as the others, but we fight against cryptanalysis, and we gain on efficiency and security. Table 12 presents the comparison of the results with those obtained in [28, 33, 37, 38, 44] by presenting the correlation coefficient between vertically, horizontally, and diagonally adjacent pixels of plain and cipher image, entropy, NPCR, and UACIA of “*Lena, Airplane and Baboon*” images.

Our algorithm gives the best vertical correlation coefficient (9.09*e−*05 for “Lena” image, −0.000767 for “Airplane “image, and 0.00136 for “Baboon” image). In terms of horizontal correlation coefficient, the proposed algorithm also gives the best results (0.000257 for “Lena” image and −0.000584 for “Baboon” image). In [44], the horizontal correlation coefficient on “Airplane “image is low (0.0017 compare to ours 0.00228), but we have a high entropy value (7.994 compared to theirs 7.990). For diagonal correlation coefficient obtained in [37] is the lowest (−0.00018) on «Lena» image, but the proposed algorithm also gives the highest entropy value (7.9993 for “Lena” image, 7.9994 for “Airplane” image, and 7.9993 for “Baboon” image). In [44], the nearest value of the entropy 7.9992 has been obtained, but chaotic sequences are used and the algorithm used to obtain these sequences is too complex. In terms of NPCR and UACIA, the values are very close in all cases. According to the results, the proposed method provides better performance than the method based on CNT proposed in [33] in terms of correlation, NPCR, and UACI. Table 13 presents the comparison results in medical images. It comes from Table 13 that the proposed method provides better performance than the method based on CNT proposed in [32]. The single difference is in “OT-MONO2-8-colon” image, where the vertical correlation value (−0.0003) in [32] is higher than ours (−2,33*e*−03). It comes from this table that the proposed method has a performance similar to that achieved by other recently proposed techniques. The advantages of the proposed method are the originality, the simplicity of algorithm, the efficiency, and the lower number of the round. We use five rounds instead of sixteen as in [28].

#### 5. Conclusion

In this work, a new image encryption algorithm has been proposed in order to secure images during transmission. The cryptosystem uses affine transformations (reflections and rotations), an external secret key of 128 bits long, and an internal secret key coming from the decomposition of the plain image, zigzag process, and substitution-diffusion processes. The particularity of this algorithm is the method to extract the internal secret keys, the use of reflection and rotation mappings on the binary images obtained from the decomposition of the plain image to be encrypted, and the zigzag process not on the gray-scale image but on the binary image and binary block, and finally the method used to combine external and internal keys to generate substitution-diffusion sequences without complex mathematical functions or complex chaotic generators. The size of an internal secret key depends on the size of the original image. The substitution process is also taken in two steps. We have evaluated the proposed algorithm on statistical analysis and key sensitivity analysis. The new proposed system is efficient and robust. The main features of the encryption scheme are its simplicity, its efficiency, and a high security order. Our method also has better confusion, diffusion, and security compared to recent methods in the literature. The combination of external and internal secret keys, the changing of the substitution-diffusion key for one subblock to another, makes the method to be robust against brute-force attacks. The newly proposed method is expected to be useful for real-time encryption and transmission of images in many domains such as telemedicine.

#### Data Availability

The data used to support the findings of the study are available within the article.

#### Conflicts of Interest

The authors declare that they have no conflicts of interest.