Abstract
This research proposes a new image encryption scheme based on Lorenz hyperchaotic system and Rivest–Shamir–Adleman (RSA) algorithm. Firstly, the initial values of the Lorenz hyperchaotic system are generated by RSA algorithm, and the key stream is produced iteratively. In order to change the position and gray value of the pixel, the image data are hidden by additive mode diffusion. Secondly, the diffusion image matrix is reshaped into a onedimensional image matrix, which is confused without repetition to hide the image data again. Then, the finite field diffusion algorithm is executed to realize the third hiding of the image information. In order to diffuse the pixel information into the entire cipher image, the additive mode diffusion algorithm needs to be looped twice. Finally, the cipher image can be obtained. The experimental results prove that the image encryption scheme proposed in this research is effective and has strong antiattack and key sensitivity. Moreover, the security of this encryption scheme relies on the RSA algorithm, which has high security.
1. Introduction
With the rapid development and popularization of Internet technology, multimedia has become an important means of communication for people. Digital images, as a multimedia resource, are widely used in information communication because they can carry a large amount of information and express the information content intuitively and vividly. In the current big data era, digital images are widely used in various fields, such as business, education, medical research, aerospace, military, and politics. In order to share image information, we can easily transmit it on the Internet by computer or mobile equipment. However, people who are not authorized can also easily obtain the images, and the unauthorized cryptanalysis is a great threat to the information communication of images [1, 2]. More importantly, some images may involve national security and personal privacy, such as satellite reconnaissance or biometric passports. Therefore, the question of how to efficiently protect the security of image communication has attracted great attention from scholars and experts all over the world [2, 3]. Image data are generally different from text data. Classical cryptography provides good encryption algorithms and decryption algorithms for onedimensional text data, such as DES (Data Encryption Standard) and AES (Advanced Encryption Standard). However, due to the characteristics of digital images, such as large data volume and strong correlation between adjacent pixels, traditional ciphers are not suitable for encrypting images [2].
Accordingly, image encryption algorithms based on technologies such as DNA random coding [4], double random phase coding [5, 6], Arnold transform [7], and chaotic systems [8–10] have been proposed. The chaotic system has superior performance in the field of digital image encryption, which may be attributed to the basic characteristics of the chaotic system, such as sensitivity to initial conditions, pseudorandomness, nonlinearity, and nonperiodicity. As early as 1998, Fridrich [11] proposed a symmetric encryption scheme based on a twodimensional chaotic map. In this scheme, permutationdiffusion architecture was suggested to encrypt image content, where the permutation operation is performed to alter the positions of the image pixels, while the diffusion operation is performed to change gray values. Permutationdiffusion mechanism has been widely studied and used in chaotic encryption systems. For instance, a hyperchaosbased image encryption algorithm using pixellevel permutation and bitlevel permutation was presented by Li et al. [12], which adopted a 5D multiwing hyperchaotic system, and the key stream generated by hyperchaotic system is related to the original. Ye et al. [2] proposed an efficient pixellevel image encryption algorithm that enhanced the connection between position shuffling for pixels and the change to gray values as compared to the traditional permutationdiffusion architecture. In [13], a novel approach that uses a hyperchaotic system, pixellevel filtering with kernels of variable shapes and parameters, and DNAlevel diffusion was designed for image encryption. First, a hyperchaotic system is applied to generating hyperchaotic sequences. Second, dynamic filtering is performed on pixels to change the pixel values. Third, a global bitlevel scrambling is conducted to change the values and positions of pixels. Finally, a novel DNAlevel diffusion scheme is proposed to further change the image values simultaneously. A new permutation based on bit [14] was implemented into an image encryption algorithm. It is noted that the algorithm [14] employs a “Rubik’s cube for bit permutation strategy” to replace the traditional permutation operation. In the diffusion stage, the chaotic map is iterated and bit streams are generated which are then used for diffusion and again chaotic map is used for confusion at pixel level. Unlike the above methods that mainly encrypt gray image, a new color image encryption algorithm was proposed in [15] with a new revised onedimensional chaotic map. Compared with the traditional onedimensional chaotic map, the revised onedimensional chaotic map exhibits better chaotic performances and larger chaotic ranges. Firstly, the method [15] reshapes a color image matrix of size into an image vector , with length . Then, it produces a permutation position matrix, , from chaotic sequence to shuffle pixel positions for and obtain a permuted image, . After that, a diffusion operation for , using a diffusion matrix from , is taken to achieve . A rotating function is applied to in order to get . Finally, the cipher image is formed after reshaping into a , , and color image.
There are also many other image encryption algorithms [16–23] that have been proposed to protect image information. For example, a parallel image encryption method based on compressive sensing was proposed in [16]. Memristive chaotic system, elementary cellular automata (ECA), and compressive sensing (CS) were designed for image encryption in [17]. To resist the chosen/known plaintext attacks, plaintextrelated shuffling was designed for image encryption in [19]; the algorithm mainly includes two plaintextunrelated diffusion operations and one plaintextrelated shuffling. Moreover, generalized Arnold transform and double random phase encoding were introduced for quantum image encryption [20]. In [21], dynamic DNA encryption was used for color image cryptosystem. In order to improve security needs of image content, the method [23] of encryption scheme combines the techniques of chaotic image encryption and DNA (deoxyribonucleic acid) sequence operations. In [24, 25], matrix semitensor product and Boolean network are used in the encryption scheme. First, the pixels of the initial plaintext image are randomly divided into four blocks. The pixels in each block are then subjected to different numbers of rounds of Arnold transformation, and the four blocks are combined to generate a scrambled image. Then, a set of pseudosecret keys is given and filtered through a synchronously updating Boolean network to generate the real secret key, which is used as the initial value to generate a chaotic sequence. Finally, the matrix semitensor product (STP) operation is applied to the chaotic sequences and the scrambled image to generate an encrypted image. Compared with other encryption algorithms, the algorithm is more secure and effective, and it is also suitable for color image encryption. In [26], the fractal sorting matrix is irregular, selfsimilar, and infinitely iterative. And the scrambling images or information based on this new cluster of matrices can effectively improve encryption algorithm security. In addition, the data in the antidifferential attack test are closer to the theoretical values and smaller in data fluctuation. Therefore, the proposed algorithm shows better security and resistance to various attacks. An encrypted coverless information hiding method that transfers secret images between two different image domains using generative models was proposed in [27]. In the encryption stage, firstly, a secret image was embedded into a public image (one domain) to obtain a synthetic image; then, the image was utilized as the input to the first generative model F to obtain an encrypted image (another domain). Adversarial loss and an extraction module are added to improve the quality of the encrypted images generated in this stage. In the decryption stage, a second generative model G was designed to reconstruct the synthetic images from the encrypted images. Finally, the secret image is separated from the reconstructed synthetic image.
However, the methods mentioned above are types of symmetric cryptosystems, where encryption and decryption use the same key. This may cause problems related to key management [28] and image information leakage [1]. In order to overcome the shortcomings of symmetric cryptography in key management, many asymmetric encryption algorithms have been proposed [29–37]. For example, singlechannel color image encryption based on asymmetric cryptosystem was proposed in [33]. Firstly, the color components, respectively, multiplied with three random phase encryption keys were combined into one gray image using convolution. Then, the gray image was encoded into a realvalue gray ciphertext using the asymmetric cryptosystem. Moreover, the decryption key is generated during encryption process and is different from the encryption key. In [34], Hartley transform and gyrator transform were implemented into singlechannel color image encryption with asymmetric cryptosystem. Due to the nonlinear operation of phase truncation, a oneway encryption scheme could be achieved and thus high robustness against existing attacks could be obtained. In addition, transformation angle of GT offers remarkably sensitive key, and thus the security of the system is greatly enhanced. A doubleimage encryption method based on an asymmetric algorithm is proposed in [35]. The encryption process of the method [35] was different from the decryption, and the encrypting keys were also different from the decrypting keys. During the nonlinear encryption process, the images are encoded as amplitude ciphertext, and two phaseonly masks generated based on phase truncation are retained as the decryption key. Chen et al. [36] proposed an enhanced asymmetric cryptosystem for color image, which uses equal modulus decomposition (EMD) in the gyrator transform domains, and created an effective oneway trapdoor function through EMD. To improve the security of the cryptosystem, the redgreenblue (RGB) components of color images were confused by using a Baker map. Rakheja et al. [37] proposed an asymmetric hybrid cipher scheme using a fourdimensional hyperchaotic structure by means of coherent superposition and random decomposition in hybrid multiresolution wavelet domain. The fourdimensional hyperchaotic framework’s parameters and preliminary conditions together with the fractional order expand the key space and consequently give additional strength to the system.
The RSA encryption algorithm is a type of publickey cryptography. It has two different keys, one of which is a public key and the other a private key. The security of RSA is based on the difficulty of decomposing large integers into two prime factors. Consequently, the RSA algorithm is widely studied and applied in the field of image encryption [38, 39]. For example, in order to enhance the strength of the cryptosystem and provide higher security, a chaotic synchronization cryptosystem combined with RSA encryption algorithm was proposed in [40]. The scheme [40] uses the RSA algorithm to encrypt the plain image to produce a cipher image. To achieve double encryption, the cipher image is reencrypted by using chaotic synchronization.
2. Related Works
In recent years, digital image encryption algorithms based on asymmetric cryptosystems have attracted the attention of experts and scholars. More and more image encryption algorithms based on asymmetric cryptosystems have been proposed. For example, Liu et al. [41] proposed a digital image watermarking model based on the scrambling algorithm logistic and RSA asymmetric encryption algorithm to ensure the security of hidden data based on a large embedding amount, strong robustness, and high computing efficiency. The system [41] involved applying the encryption algorithms of logistic and RSA to the watermark image and performing the hybrid decomposition of Discrete Wavelet Transform (DWT) and Singular Value Decomposition (SVD) on the host image, and the watermark was embedded into the lowfrequency subband of the host. In [42], elliptic curve pseudorandom and Advanced Encryption System were introduced for image encryption scheme. The proposed scheme uses elliptic curve random generator to produce a sequence of arbitrary numbers based on curves; then, the Advanced Encryption System is applied to the sequence to acquire arbitrary keys for encrypting image. Jiao et al. [43] proposed an image encryption scheme based on a generalized Arnold map and RSA algorithm. In the scheme, RSA algorithm is used to generate the parameters of the generalized Arnold map. Then, the generalized Arnold map together with permutation and diffusion algorithms is performed on original image to obtain the cipher image. To reduce the burden of transmission, a scheme based on compressive sensing and RSA algorithm was proposed in [44], where the optical compressive image system is used to sample original image. During the process of encryption, the Walsh–Hadamard transform and a measurement matrix are designed for measuring the original image in order to reduce the redundant information in the original image. Then, a pseudorandom sequence generated by onedimensional cascade chaotic system and deoxyribonucleic acid (DNA) sequence operations are utilized to change the pixel values. Finally, the cipher image can be obtained.
In order to efficiently and safely handle large volumes of encrypted data, chirp ztransform (CZT) was implemented into the asymmetric multiimage encryption system proposed in [45]. Since the system is asymmetric, decryption keys are different from encryption keys, which improves the system’s ability to resist cryptanalysis attacks. To resist chosenplaintext and chosenciphertext attacks, Henon Map, Dynamic SBoxes, and Elliptic Curve Cryptography were introduced for an image encryption scheme [46], where encryption keys are produced by elliptic curve cryptography (ECC). Moreover, a hash verification step was utilized in decryption process to resist chosenplaintext attacks. In order to improve the security of image transmission, RSA cryptosystem, reality preserving fractional discrete cosine transform, and Arnold transform were implemented into a novel approach [47] for security of multiplecolor images. In the process of encryption, firstly, color images are divided into red, green, and blue components. Then, each component is encrypted by RSA cryptosystem. Moreover, the fractional discrete cosine transform is performed on the partially encrypted image. Finally, the cipher image can be obtained after Arnold transform dislocating the processed image. In [48], the scheme combined the advantages of hyperchaotic map and RSA algorithm. Firstly, encrypt the plain image into a cipher image by utilizing the row and column encryption algorithms. Second, the secret key of image is converted into ciphertext by using the RSA algorithm; then the ciphertext is transformed into an image and permuted by using the Arnold map to obtain the key cipher image. Finally, to obtain a visually secure image, the key cipher image and the cipher image are embedded into a carrier image.
Based on the analysis above, this paper combines Lorenz hyperchaotic system and RSA algorithm to solve the problem of key exchange by using permutation and finite field diffusion algorithms.
3. Preliminaries
3.1. RSA Algorithm
RSA is an asymmetric encryption algorithm. In 1978, three mathematicians, Rivest, Shamir, and Adleman, proposed the RSA encryption algorithm for the first time. Unlike the symmetric cryptosystem, RSA algorithm has two different keys, one of which is a public key and the other is a private key. If the data are encrypted with a public key, only the corresponding private key can be used for decryption; if the data is encrypted with a private key, then only the corresponding public key can be used for decryption. Because encryption and decryption use two different keys, this algorithm is called an asymmetric encryption algorithm. Currently, RSA is the most widely used asymmetric encryption algorithm. It is based on Euler theorem in number theory, and its security depends on the difficulty of factoring large integers. RSA can be used to encrypt information and can also be used as a digital signature. The encryption and decryption process of the RSA algorithm is shown in Algorithm 1.

This algorithm can encrypt plaintext data by using the recipient’s public key. After sending the ciphertext to the receiver, the receiver uses its private key to decrypt the ciphertext to obtain the plaintext data. Only the receiver knows the private key, which reduces the transmission of the key in the channel and improves the security of communication.
3.2. Lorenz Hyperchaotic System
The Lorenz hyperchaotic system is a classic chaotic system, which is defined as follows:
A hyperchaotic system needs to satisfy the following conditions. Firstly, it has a phase space of dimension at least four. Secondly, it possesses at least two positive Lyapunov exponents [49].
In equation (1), is the control parameter. Let ; when , the system exhibits hyperchaotic behavior. According to the method proposed by Ramasubramanian et al. [50], when , the four Lyapunov exponents [51] can be obtained as follows: ; obviously, the Lorenz hyperchaotic system exhibits hyperchaotic behavior. The fourthorder Runge–Kutta method is usually used to discretize continuous chaotic systems such as Lorenz hyperchaotic systems. For example, the firstorder differential equation is defined as follows:
The discrete form of Runge–Kutta method for equation (2) is defined as
The projections of Lorenz hyperchaotic system attractor drawn by equations (1) and (3) are shown in Figure 1. And the initial value range of Lorenz hyperchaotic system is as follows: , , , and . Figure 1 shows the six strange attractors of the Lorenz hyperchaotic system, where the phase diagram of is butterfly like and is known as the butterfly attractor.
(a)
(b)
(c)
(d)
(e)
(f)
3.3. Chaotic Sequence Generator
The state values of chaotic systems are floatingpoint numbers, and the sequences composed of the state values of chaotic systems cannot be directly applied to image cryptosystems. In general, for images with a gray level of , the chaotic state value needs to be converted to an integer of . The transformed sequence can be applied to image cryptosystem, which is called chaotic pseudorandom sequence. Two methods of converting chaotic state values into integers are used in this study, as shown in the following equations:
3.4. Permutation without Repetition
Reshape the twodimensional image matrix called into a onedimensional vector in rows or columns, which is denoted as . Generate a pseudorandom sequence, with the length of by using the Lorenz hyperchaotic system, where . Only the first one of the repeated pseudorandom numbers in is preserved. Then, add the values in the set that do not appear in to the end of in ascending order. Finally, swap and .
3.5. Permutation Associated with Plaintext
Step 1. For a given pixel coordinate in image , we can use equations (6) and (7) to calculate a new coordinate of the pixel in image , as shown in the following equation: where , and are four pseudorandom matrices generated by the hyperchaotic Lorenz system; the sizes of them are all , as shown in the following equation: where , , , and () are the four pseudorandom sequences generated by the Lorenz hyperchaotic system. As for equations (6) and (7), if ( or ), ( or ), or ( or ), then the position of remains unchanged; otherwise, and swap positions. Step 2. When coordinate traverses all the pixels of image in the scanning order from left to right and top to bottom, repeat step 1; we can convert image into image .3.6. Diffusion Based on Finite Fields GF (257)
Diffusion operation hides the information of any original image pixels in as many cipher image pixels as possible without changing the position of pixels. In cryptography, the finite field called GF (p) is an important field, where p is a prime number. It is a finite set of integers and uses mode operations to perform basic mathematical operations [52]. This study uses a finite field, , where 257 is a prime number. In the multiplication operation, in order to reduce the information loss caused by element 0, element 0 can be eliminated first, and then the remaining 255 elements are used for arithmetic operations.
Reshape the twodimensional image matrix into a onedimensional vector in rows or columns, which is denoted as . Let and be the cipher vector; then the forward diffusion algorithm, from 1 to MN, and its inverse operation are shown in equations (9) and (10), where M is the number of rows in the matrix and N is the number of columns in the matrix.
The reverse diffusion algorithm, from MN to 1, and its inverse operation are shown in equations (11) and (12), respectively:
The multiplication and division used in the above four equations are arithmetic operations that satisfy the finite field of GF (257).
4. The Proposed Image Encryption Scheme
4.1. Image Encryption Process
This research uses Lorenz hyperchaotic system, RSA algorithm, nonrepetitive permutation, and finite field diffusion algorithm to realize a new asymmetric image encryption scheme. The flowchart of image encryption is shown in Figure 2, where the encryption process is described as follows: Step 1: select prime numbers and ; calculate and . Step 2: generate public key and private key by using RSA algorithm. Step 3: four large positive integers are randomly selected as confidential information; then the public key is used to calculate , which is sent to the receiver. Step 4: equation (13) is utilized to calculate the parameters of the Lorenz hyperchaotic system. Step 5: substitute parameters into equations (1) and (3) to generate pseudorandom sequence , , and , and convert the generated values into the range of 0 to 255: Step 6: record the plain image as and perform the following additive mode diffusion operation twice with the generated key stream to obtain image : where , , and represent the elements of , , and . Step 7: use the key stream and conduct nonrepetitive permutation of image to obtain image . Perform permutation associated with plaintext. Step 8: according to equations (9) and (11), use the key stream and conduct finite field diffusion of image to obtain image : where , , and represent the elements of , , and . Step 9: finally, transform to get an encrypted image matrix .
As to the color image, it can be treated as three gray images by three channels R, G, and B. So, the encryption is the same for each channel.
4.2. Image Decryption Process
Image decryption is the reverse process of image encryption, as follows: Step 1: the receiver decrypts the original image with a private key based on the received ciphertext information , calculate , and then equation (13) is used to calculate the parameters of the Lorenz hyperchaotic system. Step 2: substitute parameters into equations (1) and (3) to generate pseudorandom sequence , , and , and convert the generated values into the range of 0 to 255: Step 3: according to equations (10) and (12), use the key stream and conduct finite field diffusion of image to obtain image : where , , and represent the elements of , , and . Step 4: use the key stream and conduct nonrepetitive permutation of image to obtain image . Perform permutation associated with plaintext. Step 5: perform the following additive mode diffusion operation twice on with the generated key stream to obtain image : where , , and represent the elements of , , and . Step 6: transform to get the original image matrix .
5. Analysis of Experimental Results
5.1. Random Tests for Chaotic Sequence
We used NIST SP80022 to test the randomness of the Lorenz hyperchaotic system’s sequences (see Table 1). NIST SP80022 test gives a total of 15 test methods to test the random characteristics of the sequence. Each test produces a value in [0, 1]. If the value is higher than a preset threshold , it means that the chaotic sequence passes the test [53]. In our tests, we set , and the length of the chaotic sequence is .
5.2. Experimental Results
This paper selects some different images from the USCSIPI database. And Windows 10 operating system was used with the MATLAB R2020a software. An Intel (R) Core (TM) i51035G processor was used, and 16 GB of RAM was required to simulate the work. For the experimental procedure, the private key consisted of large prime numbers , and . Four positive integers were separately selected as , , , and . And the public key consisted of , , , , and . The obtained results were as follows: , , , and . As it can be seen, the results of encryption and decryption for the test image are shown in Figure 3. The encrypted image in Figures 3(i)–3(p) reveals that no information could be obtained from it. The decrypted image (Figures 3(q)–3(x)) also shows that the plain image information could be correctly restored. This proves that the proposed scheme is effective for image encryption. Table 2 shows the time cost of encryption, which uses different size images. As it can be seen, the encryption time of our scheme is shorter than that of the other schemes. Therefore, the proposed scheme is efficient.
(a)
(b)
(c)
(d)
(e)
(f)
(g)
(h)
(i)
(j)
(k)
(l)
(m)
(n)
(o)
(p)
(q)
(r)
(s)
(t)
(u)
(v)
(w)
(x)
6. Analysis of System Performance
6.1. Histogram Analysis
A histogram is utilized to show the distribution of image pixel intensity. An ideal encrypted image usually has a uniform frequency distribution and will not provide any useful statistical information to the attacker. Figure 4 shows the histogram distribution of some images, showing the uniformity of gray values in the results. Simultaneously, a chisquared test can be used to evaluate the uniformity of the histogram, which is calculated aswhere is the intensity level and and represent the observed occurrence frequency and the expected occurrence frequency for each gray value, respectively. The uniformity of histogram is assessed with the help of the chisquared test. Table 3 shows the histogram uniformity results of the test for gray images by Lena, Baboon, and Peppers. In the table, at 255 degrees of freedom and 5% and 1% significance level, the chisquare test results are tested. At 5% and 1% significance level, the chisquare values are and , respectively [56]. It can be seen that, at both 5% and 1% significance levels, cipher images have fairly uniform distribution for gray values, different from that of their respective plain images. This means that it is difficult to apply histogram attacks.
(a)
(b)
(c)
(d)
For quantity analyses of each key, variances of histograms are employed to evaluate uniformity of ciphered images. The lower value of variances indicates the higher uniformity of ciphered images. We also calculate the two variances of ciphered images which are encrypted by different secret keys on the same plaintext image. The closer of the two values of variances indicates the higher uniformity of ciphered images when the secret keys are varying. The variance of histograms is presented as follows:where is the vector of the histogram values and and and are the numbers of pixels where gray values are equal to and , respectively. In simulating experiments, we calculate two variances of histograms of two ciphered images by equation (21) from the same plaintext image with different secret keys. Only one parameter of secret keys is changed in such different secret keys. Table 4 lists the variances of histograms of ciphered Lena, BARB, and Boat images. In Table 4, the variances in the first column are obtained by the secret key ; the variances in next columns are obtained by only changing one parameter of , , , and , respectively, compared with the secret key . The variance values are about 1000, which indicates that the average fluctuation of the number of pixels in each gray value is about 114 pixels. However, the variance value is 634576.2901 for histogram of the plaintext image Lena. And the variance value is 5335.8309 for histogram of ciphered image of Lena in Zhang’s paper [57], which is greater than any of the variances in Table 4. Therefore, the proposed algorithm is efficient.
6.2. Correlation Coefficient
The correlation coefficient is a linear correlation between adjacent image pixels. In general, plain images have a strong correlation between adjacent pixels in horizontal, vertical, and diagonal directions, but there should be no correlation between adjacent pixels in cipher images. In the experiment, we randomly selected 2000 pairs of adjacent pixels from the original images and the encrypted images and analyzed the correlations at horizontal, vertical, and diagonal directions. The calculation formula is defined aswhere is the correlation coefficient, and are the gray values of two adjacent pixels, and is the total quantities of . The correlation coefficient value is between −1 and +1. And the correlation coefficient of two independent and uncorrelated random sequences (adjacent pixels) is more close to zero [58]; the effect of encryption is better. The correlation coefficient between the original image (Male) and the encrypted image is shown in Figure 5. Table 5 calculates the correlation coefficients of some images from horizontal, vertical, and diagonal directions. Table 6 takes the color Lake image as an example to analyze the correlation coefficient between the plain image and the cipher image. Table 7 compares the correlation coefficient results of gray Boat image by different encryption algorithms. The results show that the proposed encryption algorithm breaks the strong correlation in the original image and can effectively resist statistical attacks.
(a)
(b)
(c)
(d)
(e)
(f)
6.3. Information Entropy
Information entropy reflects the uncertainty of image information; it is generally believed that the greater the value of information entropy, the greater the uncertainty (the more information). It can be used to measure the randomness of data series. It is mathematically defined aswhere is the grayscale of the image and is the probability that the gray value will appear. For digital images with 256 grayscale levels, the theoretical value of entropy is 8. The higher the entropy value of the cipher image, the more uniform the distribution of pixel value. In addition, local Shannon entropy measures the randomness of image by calculating the sample mean of Shannon entropy on randomly selected image blocks and multiple nonoverlapping, so it can overcome the disadvantages of global information entropy, such as low efficiency, inconsistency, and inaccuracy [59]. Table 8 shows the local entropy of the cipher image and the information entropy of the image. And the average information entropy value of the three channels is calculated as the information entropy value of color image. It can be seen from the results that the entropy value of cipher image is very close to the theoretical value of 8, while the information entropy of plain image is significantly different from the theoretical value.
We make the comparison with some color images by information entropy [60, 61]. Table 9 shows the results. It can be seen that the proposed algorithm has good performance to resist differential attacks.
6.4. Differential Attack Analysis
In general, two encrypted images (the original cipher image and the new cipher image by changing one pixel in the original image) are compared to analyze the relationship between the original image and the corresponding cipher image in differential attack. The Number of Pixels Change Rate (NPCR) and the Unified Average Changing Intensity (UACI) are two common indicators of attack resistance [62–66]. NPCR measures the rate of change of pixel values in a cipher image by changing a pixel value in the original image, while UACI measures the average changing intensity between the original image and the corresponding cipher image. They can be defined aswhere is the width of an image, is the height of an image, and is the grayscale of an image. Moreover, is the cipher image and is the modified cipher image after a pixel value of the original image is changed. Table 10 shows the NPCR and UACI values of some images. Table 11 lists the results of NPCR and UACI when the pixel values at different positions of Lena image are changed. All values of NPCR and UACI of our method are close to ideal values 99.6094% and 33.4635%, respectively.
6.5. Key Space Analysis
A key space is a collection of all valid keys. For the digital image cryptosystem proposed in this paper, the keys, , are the initial value of Lorenz hyperchaotic system, where , , , and . The steps of , , and are all , and the steps of are . Therefore, the space size of the key is about , which is equal to the length of the key .
If the eavesdropper uses an exhaustive search of the key to crack the encryption or decryption of the cryptosystem, it only needs to attempt half of the keys in the key space. Since the methods of encryption and decryption are reciprocal, it is sufficient to discuss the case of encryption. For the known plaintext and ciphertext pairs, if the ciphertext is exactly the same as the known ciphertext, the randomly selected key is the true key. And the time needed to crack it by an exhaustive search of the key can be approximated by the product of the number of keys in half of the key space and the time of a single encryption, which is about years. That is to say, the key space of Lorenz chaotic system is large enough.
6.6. Key Sensitivity Analysis
Key sensitivity analysis is to analyze the difference between two cipher images obtained by encrypting the same plain image when the key changes slightly. If there are significant differences between the two cipher images, the key sensitivity of the image encryption system is strong; if there are small differences between the two cipher images, the key sensitivity is poor. A good image encryption system should have strong key sensitivity. The test process is as follows.
Suppose the initial set of keys is recorded as keys 1, denoted aswhere the values of represent the private key and are the public key. Keys 1 is used to encrypt the gray image (Lena). Figure 6(a) shows the gray Lena image, and Figure 6(b) shows the corresponding cipher image. Suppose a value in keys 1 changes slightly; then keys 2 is expressed as
(a)
(b)
(c)
(d)
(e)
(f)
Keys 2 is used to encrypt the gray Lena image to obtain a new cipher image shown in Figure 6(c). Figure 6(d) is a different image of Figures 6(b) and 6(c). When the wrong decryption key, keys 2, is used to decrypt the image in Figure 6(b), the decrypted image can be obtained as shown in Figure 6(e). Figure 6(f) shows the correct decrypted image. And the NPCR and UACI values of Figures 6(b) and 6(c) were, respectively, 99.60785% and 33.50445%, which indicates that more than 99% of the pixels could be changed with just a single key change. Therefore, the proposed algorithm is highly sensitive to the key.
6.7. Security Analysis
Currently, a method that involves an exhaustive search of the key is used to crack a password, which attempts all possible key combinations. However, the RSA algorithm uses exponential calculations in both the encryption and decryption processes, which has a huge computational workload. Therefore, it is impossible to decipher by using an exhaustive search. Cryptographic analysis is the only means to decipher the RSA algorithm. However, cracking RSA cryptography needs to factor two large integers, which is difficult. Moreover, Lorenz hyperchaotic system is sensitive to initial conditions, pseudorandomness, nonlinearity, and nonperiodicity. Therefore, the proposed encryption scheme can safely and effectively hide information.
6.8. ChosenPlaintext Attacks or ChosenCiphertext Attacks
The capacity of resisting chosenplaintext attack or chosenciphertext attacks is a significant standard to measure security of image encryption [70–72]. Plaintext sensitivity analysis refers to using the same key to encrypt two original images with little difference with the help of the image encryption system to obtain two corresponding cipher images and then compare the differences between the two cipher images. If the difference between the two cipher images is relatively large, it is said that the image encryption system has good plaintext sensitivity, which means that the cryptographic system can resist chosenplaintext attacks. The general process of plaintext sensitivity is as follows:(1)For a certain original image , with the help of a given key, use the image encryption system to encrypt to obtain the corresponding cipher image, denoted as (2)Randomly select a pixel from , change the value of the selected pixel, the amount of change is 1, the changed image is marked as , and the same key is used to encrypt to obtain the corresponding cipher image, denoted as (3)Compare the difference between and ; calculate the values of NPCR and UACI(4)Repeat steps (2) and (3) 200 times, calculate the value of a group of NPCR and UACI each time, and finally calculate the average value of 200 groups
Table 12 shows that the NPCR and UACI of test images are approximately equal to the ideal values. In other words, the digital image encryption system proposed in this paper has good plaintext sensitivity; it can resist chosenplaintext attacks. Chosenciphertext attacks are the same as chosenplaintext attacks because the image encryption system adds permutation associated with the plaintext, which can enhance the ability of the image encryption scheme to resist chosenplaintext attacks or chosenciphertext attacks.
Table 13 shows that the cryptosystem can resist chosenciphertext attacks.
6.9. Noise and Data Loss Attacks
It is inevitable that the digital signal may be corrupted by noise or data loss during the transmission. In this situation, we hope to acquire the content of the original images as much as possible so it is not necessary to transmit the encrypted images again. When the image information is tampered or destroyed by others after being attacked by noise (such as Gaussian noise and salt and pepper noises), the algorithm proposed in this paper can detect that the image has been tampered or destroyed by others. However, the algorithm cannot reconstruct the cipher images, because the algorithm is actually very sensitive to the ciphertext; if the ciphertext changes slightly, the decrypted image will also change greatly. If the cipher image is artificially destroyed or tampered with during transmission, the algorithm cannot reconstruct the cipher images to obtain the content of the original images as much as possible. As for data loss attacks, the algorithm cannot also reconstruct the cipher images well. In the future, I will study the impact of noise attacks on image encryption and improve the robustness of the algorithm.
7. Conclusions
This study proposes a new image encryption scheme based on Lorenz hyperchaotic system and Rivest–Shamir–Adleman (RSA) algorithm. Firstly, the initial values of the Lorenz hyperchaotic system are generated by RSA algorithm, and the key stream is produced iteratively. Then, the image data are hidden by performing additive mode diffusion. Secondly, the diffusion image matrix is confused without repetition to hide the image data again. Then, the finite field diffusion algorithm is executed. In order to diffuse the pixel information into the entire ciphertext image, the additive mode diffusion algorithm needs to be looped twice. Finally, the ciphertext image can be obtained. The experimental results prove that the image encryption scheme proposed in this research is effective and has strong antiattack and key sensitivity. In the future, we will study how to improve the efficiency of the scheme for color images.
Data Availability
This paper uses some different images from the USCSIPI database through http://sipi.usc.edu/database/.
Conflicts of Interest
The authors declare no conflicts of interest.
Authors’ Contributions
Riguang Lin and Sheng Li contributed to methodology, validation, data curation, and review and editing; Riguang Lin contributed to software, formal analysis, resources, and original draft preparation; Sheng Li contributed to investigation, supervision, and funding acquisition. All authors have read and agreed to the published version of the paper.
Acknowledgments
This work was supported by the Natural Science Foundation of Guangdong Province (2018A030307062) and the Fund of Southern Marine Science and Engineering Guangdong Laboratory (Zhanjiang) (ZJW201904).