#### Abstract

The image encryption schemes developing more sensitive and more chaotic maps are used as a key sequence generator, such as cascade chaotic maps and high-dimension maps. High-dimension chaotic maps can generate sequences with little correlation after hundred times of iteration. In fact, the sequence is just a flow of the manifold of the chaotic system. A fast way to select sensitive flows of the dynamic systems is introduced in the paper. Combining with the divided blocks diffusion algorithm, the novel scheme yields the cipher image more randomly. Experimental results show that the sensitive flows of the high-dimension system can generate a series with better ergodicity and less correlation compared with the common flows of the same system. The encryption efficiency is enhanced by choosing the sensitive flows of the high-dimension system. The analysis proved that the novel image encryption scheme can resist all common kinds of attacks.

#### 1. Introduction

Image encryption has been widely used in information privacy, national safety, medical image protection, and other fields where only the right person gets the exactly true message. In the recent years, many encryption theories have been used in image encryption, such as elliptic curve approach [1, 2], cellular automata theory [3], DNA encryption [4–7], secure hash algorithm [8], image compress method [9], biological operations [10], and image fusion technology, watermarking, and chaos encryption [11–15]. Among the theories mentioned above, the chaos encryption methods have been proved to be effective for its sensitivity, diffusion ability, and confusion ability. The chaos encryption approach does bifurcation analysis to the chosen nonlinear dynamic system, and then it takes advantage of the chaos nonlinear dynamic system to generate pseudorandom sequences which are used for image encryption [16, 17]. In the other way, the encryption attack methods are also developed. There are brute-force attack [18], known-plaintext attack [19], chosen-plaintext attack [20], chosen ciphertext attack [21], differential attack [22, 23], meet-in-middle attack [24–26], and so on. So more complex systems, bigger key space, and higher sensitivity methods are needed to resist different kinds of attacks.

Wu et al. introduce an encryption method based on the chaos system and the elliptic curve [1]. This method uses elliptic theory to compress the original image first and then takes advantage of the 4-dimension system to do diffusion and confusion. Although the results show that both the pixel correlation and structural similarity index metrics are good, it has poor ability for noise attack. Lan et al. combine the sharing matrix and image encryption for lossless (*k*, *n*)-secret image sharing [27]. This approach introduces the (*k*, *n*) sharing matrix producing algorithm, and it combines the sharing matrix with chaos encryption to do image encryption. The results show that it is sensitive for the initial value and has a high key space and can detect fake share. The most important is that the encrypted image has *n* shares, and only *k* shares are enough for decryption, where *k*< *n*. This means that even some information get lost in transmission, and we can still make the encrypted image decrypt without information loss. The disadvantages are that the sharing matrix computing costs too much time, and it cannot resist noise attack. Lee et al. proposed a parallel computing method for chaos encryption [12]. It divided the original image into blocks first and then did chaos encryption synchronously with multithreading. This method improved the computing speed greatly. Although it made the encryption methods with the chaos system more executable, not all the software supports multithreading operation. An approach combining DNA algorithms and chaos maps was presented in reference [8]. In that paper, the Watson–Crick complementary rule was used for bit-level changing, and chaotic maps generated a sequence to choose different biological and algebraic operations. It also introduces SHA-256 to the encryption process which increases the complexity. This method can resist noise attack, but key sensitivity is not good enough. Cellular automata (CA) and chaotic map to do encryption were employed in reference [8]. The CA rule made the “0” and “1” distribution in equilibrium in the process of iteration, and the chaotic map is used to produce a sequence to shuffle pixel position and bits confusion. A network encryption method was proposed in reference [3]. It did diffusion and confusion at the same time, and it improved the computing speed. By integrating more than one chaotic map, the chaotic ability of encryption systems was improved in reference [18] and reference [27]. The result shows that by integrating different chaotic maps, the improved system has better sensitivity and larger key space.

As high-dimension chaotic systems were introduced to the encryption system, people mainly focused on the good encryption effects of high-dimension selection. But the initiated value decision which is also important was ignored. This paper presents the common flows and the sensitive flows of the maps used in image encryption. Then, it describes how to choose the sensitive flow of the chaotic system. The sensitive flow is used to generate random sequences in this paper. Experiment results and analysis prove that the image disposed by this algorithm has ability to resist brute-force attack, differential attack, statistic attack, chosen-plaintext attack, noise attack, and so on.

The rest of the paper is organized as follows: Section 2 introduces the preliminaries of the high-dimension system; Section 3 describes the encryption scheme with sensitive flows of the high-dimension system; Section 4 presents the experimental performance evaluation and analysis; Section 5 is the summary part.

#### 2. Preliminaries

High-dimension systems have complex performance in space. To describe the character well, the Lorenz system is used as an example to do the analysis.

##### 2.1. Three-Dimension Lorenz System

The Lorenz system is defined as

The Lyapunov exponents (LE) are shown in Figure 1. Figure 1(a) presents the LE value of in the interval [0, 100], while keeping . Figure 1(b) refers to the LE value of in the interval [0, 100], while keeping . Figure 1(c) shows the LE value of in the interval [0, 100], while keeping . The Lorenz system has good chaotic behavior when because the LE values of the three parameters are all positive at that point. Figure 1 shows that the chaotic behavior happens not just at that point. As long as the parameters’ LE satisfy LE1>0, LE2>0, and LE3>0, where LE1 denotes’s LE, LE2 means ’s LE, and LE3 stands for ’s LE.

**(a)**

**(b)**

**(c)**

##### 2.2. Manifold Computing for Sensitive Flows

Chaotic maps have good ability to generate a sequence with little correlation. But there is no reference describing the essence of the sequence used for encryption. In fact, the sequences are discrete points on flows in manifold of the maps. Taking Lorenz equations as an example, we find no analytical solutions of Lorenz equations in three-dimension space. The only way to describe the system is by numerical fitting by equation (1). Figure 2(a) shows the global manifold of the Lorenz system in three-dimension space by numerical fitting. The global manifold consists of lots of flows starting from the local manifold, as show in Figure 2(b). The sequences that we used for encryption are just a segment of one flow after hundred times iteration by equation (1) with an initiate value. Equation (2) defines the manifold of the chaotic system:where is the manifold, is the equation of the system, is the local manifold, is the singular point of the system, and stands for infinite iterations.

**(a)**

**(b)**

**(c)**

From Figure 1(c) and Table 1, we can see that the flows starting from the local manifold are not in uniform distribution. Most flows are from a little angle range as shown in reference [5, 28, 29]. This means that the flows starting from a small angle range have less correlation compared with others. It also shows that the flows from the small angle range are sensitive. It has been proved in reference [29] that the sensitive flows start from the direction of the eigenvector of the manifold. So, the small angle range is just the directions of eigenvectors. The eigenvalues and eigenvectors of the Lorenz system are given in the following equation:

The local manifold can be decided aswhere and are the eigenvectors of the manifold and and are the corresponding eigenvalues.

The flows starting from the local manifold can be computed as

For every encryption chaotic system, scrambling and diffusing by the sequences of the sensitive flows can achieve better effect. The way to get the most sensitive flows follows the steps given below (take the Lorenz system as an example): *Step 1*. Get the eigenvalues and eigenvectors as equation (3) by the Jacobian matrix of the system. *Step 2*. Decide the local manifold by equation (4), as seen as the blue ellipse in Figure 2(b). *Step 3*. Choose the initiate value on the ellipse in the eigenvector direction and do iteration along that flow. The initiate value sensitivity is for the Lorenz system. *Step 4*. Choose a segment of the flow computed in step 3 and have the right points which the key sequence need.

The sequence of the chaotic map from the sensitive flows of the maps for the encryption system can be obtained.

As can be seen from Figure 2, the global manifold is composed of flows in two small angle regions (1.5708–1.5709 and 4.7124–4.7125). The flows of these two regions are intertwined in space but never intersect. After these streams are discretized, these discrete points are of confusion and complexity, which are convenient to become the initial sequence of the encryption system.

#### 3. The Encryption and Decryption Algorithms

Image encryption refers to pixel transformation based on different schemes. The transformation can be divided into position scrambling and value diffusion, generally both position and value of pixels will be changed in the encryption process. One scheme of the transformation indicates finding the right ways to choose sequences, which will be used to position scrambling and value diffusion. The less the relationship among the sequence, the harder for the attackers to find rules of the encryption. The chaotic system can generate sequence with little relationship. Another scheme for transformation is to get the right computation algorithm, which can do computation with pixels and sequences. In the paper, the high-dimensional manifold computing will generate a sequence and block dividing algorithm which can do transform computations.

The encryption process is as shown in Figure 3. It contains sensitive flow computing to produce key sequences, two scrambling operations, and one divided blocks matching diffusion operation.

##### 3.1. The Encryption Algorithm

The encryption process follows the steps given below: *Step 1*. Generating sequences: by selecting sensitive flows of the manifold, we can get three sequences , , and with the size where is the number of rows of the image and refers to the column numbers of the image. satisfies and satisfies . Transformation is performed using the following equations: *Step 2*. Image scrambling: the scrambling matrices will be produced by the following equation: The image was transformed to by expanding the size as . Then, the scrambling can be finished by *Step 3*. Block matching: we divide image into 16 blocks . The sequence was changed into matrix and then divided into 16 blocks . For each block, it has the size of . We also have different diffusion rules for each block as the following: The pixels in different blocks can be encrypted by different rules. After the diffusion section, we can get the new image . *Step 4*. Image scrambling: the scrambling matrices will be produced by the following equation:

##### 3.2. The Decryption Process

Decryption is the reverse of encryption. It can be finished as given in the following steps: *Step 1*. Encrypted image scrambling: by equation (11), we can get the diffusion image: *Step 2*. We divide the diffusion image into 16 blocks and do block decryption with different rules as following: After the block decryption by equation (12), we can get image . *Step 3*. Image scrambling: by equation (13), we can restore the expanded image : *Step 4*. By removing the redundant rows and columns, we will get the plain image in normal size.

#### 4. Experiment and Analysis

The encryption algorithm should withstand different kinds of attacks such as brute-force attack, statistical attack, differential attack, chosen-plaintext attack, chosen chipper text attack, known plaintext attack, and known chipper attack. Different kinds of attack refer to different kinds of performance indicators of the encryption system. To be easily compared to the results in references, “lena,” “baboon,” “peppers,” and “airplane” are chosen as the plain text in this paper. They all have the same size 512 512. Several experiments and different kinds of security analysis are presented to evaluate the robustness of the proposed encryption method.

##### 4.1. Statistical Analysis

Histogram is always used for statistical analysis. A histogram is a graphical method for displaying the image’s exposure accuracy by using the graphical parameter and describes image’s distribution curve. As we all know that the confusion operation does not change the histogram, but the diffusion makes the distribution of the histogram uniform. Taking the image “airplane” as an example, we can see the results as following.

Figure 4(a) is the original image, and Figure 4(d) is the histogram of the original image. Figure 4(b) is the confusion image, and Figure 4(e) is the histogram of the confusion image. We can see that the scrambling operation did not change the histogram distribution. Figure 4(c) is the diffusion image, and Figure 4(f) is the histogram of the diffusion image. The distribution of the histogram is uniform in Figure 4(f), which means the pixels value is changed to be equal in numbers.

**(a)**

**(b)**

**(c)**

**(d)**

**(e)**

**(f)**

##### 4.2. Correlation Analysis

A good encryption algorithm should have the ability to break correlations between adjacent pixels. It may cause information leakage by statistical attacks if this feature is ignored. The correlation coefficient of an image is calculated aswhere , denote the pixel values of two adjacent pixels, is the function for mean value, is for the variance and is the function for correlation, and denotes the correlation coefficient of the image.

Taking image “lena” as an example, Figure 5(a) shows the correlation in the horizontal direction of the plain image. Figure 5(b) shows the correlation in the vertical direction of the plain image. Figure 5(c) shows the correlation in the diagonal direction of the plain image. We can see that in all the three directions, the pixels have strong correlation in the plain image. Figures 5(d)–5(f) show correlation in the horizontal direction, vertical direction, and diagonal direction of the cipher image. Pixels of the encrypted image in all three directions have little correlation, which means there are no rules for attackers to find.

**(a)**

**(b)**

**(c)**

**(d)**

**(e)**

**(f)**

Table 2 shows the correlation value in three directions of different images. It has proved that the novel encryption scheme proposed in this paper has generality for all images.

##### 4.3. Key Sensitivity Analysis

Key sensitivity is an important feature for any good encryption system.

“The good sensitivity means that the encrypted image cannot get the right image even though there is a tiny change in the secret key.” Taking the image “couple” as an example, tiny changes Δ = , Δ = , and Δ = are chosen as the key disturbance, and the experiment results are shown as the following.

Figure 6(a) is the plain image, and Figure 6(b) is the cipher image. Figure 6(c) is the decrypted image with the right key, and Figure 6(d) is the decrypted image with tiny change Δ = . Figures 6(e) and 6(f) are the decrypted images with tiny changes Δ = and Δ = . We can see that the slight change Δ = leads to a complete wrong result, but Δ = and Δ = make the right result. It can be proved that the sensitivity of the encryption system is Δ = .

**(a)**

**(b)**

**(c)**

**(d)**

**(e)**

**(f)**

Table 3 shows the difference rate of the slightly changing key with different images. For all the images chosen as plain images, the sensitivity always keeps as Δ = .

##### 4.4. Key Space Analysis

The key space reflects the ability of the encryption algorithm to resist brute-force attack. If the key space is larger than , it means the system can stand for brute-force attack. It has been proved that the sensitivity is . The sensitive flow computing make the space to be . The encrypted system is three dimensional with two confusion steps. The image is divided into 16 blocks in diffusion operation. So the key space can be calculated as

For , the presented schemes can resist brute-force attack.

##### 4.5. Differential Attack Analysis

The following equations are used to analyze the effectiveness of the differential attack resistant:where refers to the number of pixels changed, stands for the average changing intensity, is the Boolean function, is equal to the row number of each color field matrix, is equal to the line number of each color field matrix, and is the encrypted plain text, while is one pixel changed encrypted plain text.

Table 4 shows the comparison of NPCR and UACI of the image “lena” with the method in this paper and the methods in the references. It demonstrates that our encryption method has strong ability of withstanding the differential attack. We got a larger NPCR value than that in Reference [30] and Reference [5] and a slightly smaller UACI value than that of Reference [30] and Reference [5].

##### 4.6. Noise Attack

An efficient image encryption algorithm should be robust against different kinds of the noise. In this experiment, we first add salt and pepper noise, speckle noise, and Gaussian noise with density 0.000001 to the cipher image to see if the algorithm can decrypt the right plain text.

Figure 7(a) shows the salt and pepper noise which was added to the encrypted image, and Figure 7(d) shows the decryption result. Figure 7(b) shows the speckle noise which was added to the encrypted image, and Figure 7(e) shows the decryption result. Figure 7(c) shows the Gaussian noise which was added to the encrypted image, and Figure 7(f) shows the decryption result. We can see that the scheme can fight agaist salt and pepper noise and speckle noise and can resist the Gaussian noise attack.

**(a)**

**(b)**

**(c)**

**(d)**

**(e)**

**(f)**

##### 4.7. Information Entropy Analysis

Information entropy is employed to measure the uncertainty in a random variable, which can be described aswhere represents the probability of the symbol . For an 8 bit truly random image, the ideal entropy is 8. The closer gets to 8, the better the randomness of . Table 5 shows the Shannon entropy analysis of different images by this algorithm.

##### 4.8. Quality Evaluation Metrics of Decryped Image

A general requirement for all image encryption schemes is that the encrypted image should be greatly different from the plain image, while the decrypted image should be as same as the plain image. We use peak signal-to-noise ratio (PSNR) to measure the difference between the plain image and the decrypted image and the normalized cross correlation (NCC) and structural similarity index metric (SSIM) to see if there is information leakage in the encryption process:

The PSNR is used to see if the encrypted image contains useful information. The higher the peak signal-to-noise ratio, the more confusing the encrypted image. If the peak signal-to-noise ratio approaches infinity, the encrypted image approximates to noise. NCC and SSIM are used to measure whether the decrypted encrypted image was the same as the original plain text image. Their intervals are [0, 1], and if their values are 1, then the information is 100% reserved in the both encryption and decryption process. This indicator measures the efficiency and accuracy of the decryption process [31–33].

is the plain image. refers to the decrypted image. and stand for the row numbers and the column numbers. and are the mean value and variance value of , while and are the mean value and variance value of . is the covariance of and . and are constants to avoid zero value of the denominator. We made in this experiment.

From Table 6, we can see that PSNR is close to , which means the plain image and the decrypted image are completely the same. NCC and SSIM are both equal to 1, which means there is no information loss through the encryption and decryption process.

#### 5. Conclusion

In this paper, the sensitive flows of the manifold in the chaotic system which is always ignored were presented first. The way to get the sensitive flows was shown then. By the sensitive flows, the sequences were generated as the keys of the encryption system. The encryption process contains two scrambling steps and one diffusion step. In the diffusion section, the image was divided into 16 blocks, and different encrypted rules were used for different blocks. In this way, the key space was improved and the correlation was reduced. In the encryption process, the high-dimensional manifold is taken to do calculation, and only the local manifold region with the best sensitivity is used as the initial secret key to generate the pseudorandom sequence. The scrambled image is processed in blocks, and different random sequences are used to encrypt different regions, which makes the encryption system more complicated. The decryption process is the reverse of the encryption process. The final original image can only be obtained by partitioning the ciphertext image and then restoring the position. Simulation results and analysis show that the novel algorithm has ability to encrypt the image into random-like cipher images. It can also resist common kinds of attack.

#### Data Availability

The data used to support the findings of this study are available from the corresponding author upon request.

#### Conflicts of Interest

The author declares that there are no conflicts of interest.

#### Acknowledgments

This research was jointly supported by the National Natural Science Foundation of China (Grant 61501391) and Natural Science Foundation of Henan Province (182300410258).