A New 4D Hyperchaotic System with Dynamics Analysis, Synchronization, and Application to Image Encryption

Abstract

In this paper, a new 4D hyperchaotic nonlinear dynamical system with two positive Lyapunov exponents is presented. Exhaustive dynamic analyses of the novel hyperchaotic model using several dynamical studies are described. The dynamics of the system considered are first investigated analytically and numerically to explore phenomena and the selection of hyperchaotic behavior utilized for designing image cryptosystem. Since the proposed hyperchaotic model has rich dynamics, it displays hidden attractors. It emerges from this dynamic the existence of a single unstable equilibrium point giving rise to self-excited attractors, hysteresis phenomenon, and hyperchaotic behavior strongly recommended for securing information by its character. Furthermore, the feasibility and synchronization of the proposed system are also presented by developing, respectively, Raspberry surveys and an adaptive synchronization approach of two identical hyperchaotic systems. By employing the hyperchaotic behavior of the 4D map, an image encryption scheme is proposed as well. It is one round of a pixel-based permutation and a bit-wise diffusion phase. The secret key of the 4D map is derived from the SHA-256 value of the input image. It acts as the signature of the input image. Hence, the secret key exhibits high sensitivity to single-bit alteration in the image, which makes the cryptosystem robust against chosen/known-plaintext attacks. Performance analyses prove that the proposed cryptosystem provides the best in terms of the performance/complexity trade-off, as compared to some recently published algorithms.

1. Introduction

With accelerated cybercrimes due to the rapid growth of the Internet and the latest technologies, multimedia information is increasingly transmitted online. Digital images are widely used daily due to their usefulness. Spying affects a wide range of data, notably passwords, email messages, bank codes, digital images, videos, etc. These attachments generally used daily can enter the individual or public sectors, institutions, or states in diverse sectors such as the medical, military, industrial, and many others; hence, there is an obligation to preserve and secure the data exchanged. Image encryption is one of the leading solutions. Still, due to the high correlation between the pixels of the image, the high redundancy of the exchanged images, and the particular type of image format, classic text encryption technology such as Advanced Encryption Standard (AES), IDES (International Data Encryption Standard), Data Encryption Standard (DES), and many others prove ineffective for the needs of image encryption [1,2]. Therefore, the development of new secure, robust, and efficient image encryption techniques will always be at the center of trade and communications [3,4]. Chaos-based cryptography is an occasion as a chaotic model has some fundamental features (sensitivity to primary conditions and parameters, randomness, and non-periodicity) for keeping communications secure. Therefore, there is a familiar presence among chaos and cryptography within several studies [5]. Numerous scholars have dedicated themselves to studying chaotic systems for reliable knowledge of these systems to grow nonlinear science [6,7,8,9,10,11,12,13,14,15,16,17,18]. As an outcome, chaotic models have developed, following the wanted task. Chaotic models are categorized into two classes depending on the type of equilibrium points: systems with hidden attractors and self-excited attractors. Self-excited attractors are correlated with a saddle or unstable equilibria while hidden attractors are not [19,20,21]. Other scholars have focused on the nature of nonlinearities such as hyperbolic, quadratic, cubic, and exponential nonlinearity systems [22,23]. Latterly, a class of scholars has focused on the development and study of novel chaotic models without linear features [8,24].

The stochastic properties of chaotic or hyperchaotic systems are generally utilized for securing data [25]. One-dimensional systems, chaotic or hyperchaotic models with multi-dimensions, have been used for designing various cryptosystems [26,27,28]. Image encryption techniques have vast applications in many areas of everyday life, such as electronic medical records, to name a few. Such medical records are used for diagnosis, transmission, treatment, and sometimes even to reproduce patients’ medical history. This should be performed in strict patient privacy. The use of hyperchaotic behavior in image encryption techniques can improve the security of such cryptosystems.

One-dimensional chaotic systems have a simplistic structure and are straightforward to execute. However, they have a small secret keyspace, a low chaotic behavior, a low Lyapunov exponent, and, therefore, a low-security level [29]. Accordingly, improved encryption techniques for one-dimensional chaotic maps have been presented. Thus, Wu and colleagues in their work have improved the existing one-dimensional chaotic behavior and subsequently proposed a new image encryption scheme [30]. As a result, Hua and coworkers proposed combining two chaotic one-dimensional maps in parallel to obtain a new one-dimensional chaotic map for image encryption [31], which broadened the scope of the chaotic mapping of the system. This enlargement method, similarly to many others, improves chaotic characteristics to some extent, but the system parameters remain limited.

As for chaotic or hyperchaotic multidimensional systems, their parameters have more flexibility, their phase space is complex, and their dynamic behavior is difficult to predict. In addition, dynamic systems with better hyperchaotic characteristics have two or more positive Lyapunov exponents, which are better than one-dimensional chaotic maps. Such a multidimensional system can produce several chaotic sequences (keys) at the same time, which can be used in scrambling and broadcasting images, respectively, with high-security [32].

Motivated by limits observed in one-dimensional chaotic models, a new encryption technique based on hyperchaotic behavior in addition to permutation and diffusion operations is presented in this study. It consists of pixel-based permutation and bit-wise diffusion phases under one round. The secret key of the cryptosystem is derived from the input image signature, i.e., its 256-bit long hash value. This dependence improved sensitivity to tiny changes in the original image and the initial keys, limiting the impact of known/chosen plaintext attacks.

Analytical and numerical analyzes reveal the following:

• The dynamic system is considered at a single unstable equilibrium point, with two positive Lyapunov exponents and, therefore, is hyperchaotic;
• The feasibility and synchronization of the model under investigation are, respectively, confirmed and justified.
• The proposed cryptosystem meets the criteria of a robust encryption scheme, including a large keyspace, resistance to statistical, differential, and chosen/known-plaintext attacks.

Furthermore, the proposed cryptosystem possesses a linear running time, indicating its low complexity and fitness for practical use.

The layout of this paper is as follows: Section 2 provides the investigated system. An analytical study of the system consisting of dissipativity, symmetry, fixed points, and stability is presented in Section 3. Section 4 investigates the complete dynamic performance, as well as the numerous phenomena observed and Raspberry studies for the effectiveness of the suggested hyperchaotic system. An adaptive synchronization scheme of two identical systems studied is presented in Section 5. Section 6 describes the proposed encryption image scheme, while Section 7 reports the outcomes of statistical and differential tests. Finally, Section 8 concludes the paper.

2. The Hyperchaotic System

The dynamic system studied in this article is obtained from the oscillator previously presented by Liu et al. [33] by replacing the cubic nonlinearity with a hyperbolic sine nonlinearity. This modification is performed to simplify the practical circuit design, given that the hyperbolic sine nonlinearity is realized by two diodes connected in antiparallel. In contrast, cubic nonlinearity is realized by analog multipliers:

$$\left\{\begin{array}{c}{\dot{x}}_1={\beta }_1\left(x_2+0.2\left(x_1-\epsilon \sinh \left(x_1\right)\right)\right),\hfill \\ {\dot{x}}_2={\beta }_2{x}_1-x_2+x_3+x_4,\hfill \\ {\dot{x}}_3=-{\beta }_3{x}_2+x_4,\hfill \\ {\dot{x}}_4=-{\beta }_4{x}_1,\hfill \end{array}\right.$$

(1)

where the state variables are $x_1$, $x_2$, $x_3$, and $x_4$ and positive parameters are ${\beta }_1$, ${\beta }_2$, ${\beta }_3$, and ${\beta }_4$. The only state variable responsible for the complex behavior is $x_1$ linked to the hyperbolic nonlinearity.

3. Characteristics of the Hyperchaotic System

3.1. Dissipativity and Symmetry

The condition to investigate the dissipation of (1) is described as in (2):

$$\nabla .V=\frac{\partial {\dot{x}}_1}{\partial x_1}+\frac{\partial {\dot{x}}_2}{\partial x_2}+\frac{\partial {\dot{x}}_3}{\partial x_3}+\frac{\partial {\dot{x}}_4}{\partial x_4}=-0.8-\epsilon \cosh \left(x_1\right)$$

(2)

by integrating (2), we obtain a unique solution as follows.

$$V\left(t\right)=V\left(0\right)\exp \left[\left(-0.8-\epsilon \cosh \left(x_1\right)\right)t\right]$$

(3)

From (3), it is evident that $V\left(t\right)\to 0$ exponentially as $t\to \infty$ when $\epsilon >0$ regardless of the model state variable. As a result, all trajectories are confined to a space for which its volume is zero; therefore, existing attractors can be chaotic. By applying the transformation $\left(x_1, x_2, x_3, x_4\right)\leftrightarrow \left(-x_1, -x_2, -x_3, -x_4\right)$ on (1), the solution settles the same. It indicates that (1) is symmetric about the entire coordinate.

3.2. Fixed Points and Stability

To examine the stability of fixed points of (1), we start by solving a system of equations ${\dot{x}}_1={\dot{x}}_2={\dot{x}}_3={\dot{x}}_4=0$. The unique solution $E_0\left(0, 0, 0, 0\right)$ represents the equilibrium point of (1). The Jacobian matrix of (1) at $E_0$ is defined by the following.

$$M=\left[\begin{array}{cccc}0.2{\beta }_1\left(1-\epsilon \right)& {\beta }_1& 0& 0\\ {\beta }_2& -1& 1& 1\\ 0& -{\beta }_3& 0& 1\\ -{\beta }_4& 0& 0& 0\end{array}\right]$$

(4)

The characteristic polynomial (det ($M-\lambda I_d$) = 0, with $I_d$ as the identity matrix $4 \times 4$) associated with the above Jacobian matrix can be expressed as follows:

$${\lambda }^4+a_3{\lambda }^3+a_2{\lambda }^2+a_1\lambda +a_0=0.$$

(5)

with $a_3=0.2{\beta }_1\epsilon -0.2{\beta }_1+1$, $a_2={\beta }_3-0.2{\beta }_1-{\beta }_1{\beta }_2+0.2\epsilon {\beta }_1$, $a_1=0.2\epsilon {\beta }_1{\beta }_3+{\beta }_1{\beta }_4-0.2{\beta }_1{\beta }_3$, and $a_0={\beta }_1{\beta }_4$. For some ranges of system parameters, the eigenvalues, as well as the stability of fixed point $E_0$, are summarized in

Table 1. Eigenvalues and stability of fixed point $E_0$ for some set parameters when keeping $\epsilon =0.5$.

System Parameters $\left({\mathit{\beta }}_1, {\mathit{\beta }}_2, {\mathit{\beta }}_3, {\mathit{\beta }}_4\right)$	Eigenvalues	Stability
$\left(1, 0.1, 1, 0.1\right)$	${\lambda }_{1,2}=0.07478\pm 0.3373i$ ${\lambda }_{3,4}=-0.5248\pm 0.7498i$	Unstable
$\left(5, 0.5, 5, 0.5\right)$	${\lambda }_{1,2}=0.4458\pm 1.033i$ ${\lambda }_{3,4}=-0.6958\pm 1.221i$	Unstable
$\left(8.5, 0.9, 8, 0.8\right)$	${\lambda }_{1,2}=1.159\pm 1.088i$ ${\lambda }_{3,4}=-1.234\pm 1.081i$	Unstable
$\left(10, 1.5, 10, 1\right)$	${\lambda }_{1,2}=1.755\pm 0.2848i$ ${\lambda }_{3,4}=-1.755\pm 0.2848i$	Unstable
$\left(15, 2, 15, 1.5\right)$	${\lambda }_1=1.199$, ${\lambda }_2=4.156$, ${\lambda }_3=-1.254$, ${\lambda }_2=-3.601$	Unstable

. In light of this table, fixed point $E_0$ is unstable and the system is, thus, classified in the category of self-excited systems.

4. Numerical Outcomes

4.1. Bifurcation Diagrams and Multistability

(1) is solved numerically by performing the standard fourth-order Runge–Kutta integration algorithm and the Lyapunov exponent the Wolf algorithm at $\Delta t={10}^{-3}$. The system shows complex and diverse dynamics, which indicates bifurcation diagrams according to the parameters of the system ${\beta }_1$ to ${\beta }_4$, respectively. Thus, Figure 1 presents bifurcation diagrams $\left(a_i\right)$ and their corresponding spectra of Lyapunov exponents $\left(b_i\right)$ for $i=1$ to 4. From these figures, each parameter has an impact on the dynamics of the system (1). In light of the different spectra of the exponents, all behaviors (periodic, chaotic, and hyperchaotic) are observed according to the nature of the Lyapunov exponents [34]. In particular, the hyperchaotic performance of which a sample is represented in Figure 2a–f by the phase portraits on all planes of coordinates system is observed (see the caption of figures for more details).

By carefully observing the previous bifurcation diagrams, a more or less wide window (by superimposing two datum obtained by increasing and decreasing the values of the control parameter) showing the coexistence of the attractors is highlighted according to the color difference. For the set parameters ${\beta }_1=8.15$, ${\beta }_2=0.8$, ${\beta }_3=12.5$, ${\beta }_4=0.5$, and $\epsilon =0.5$, by changing only the original condition $x_1\left(0\right)$, a coexistence of three different attractors (a chaotic attractor that coexists with two other periodic) is observed and presented in Figure 3a–d.

4.2. Raspberry Simulation

Raspberry Pi is a mini-computer that can be connected to a monitor and is used as a standard computer. It is important to note that there are multiple variations of this mini-computer. It needs a minimum number of elements to function and a micro SD memory card compatible with the chosen model, which is used as a hard disk; a keyboard to enter commands; and a monitor to view them. A 5V DC power supply is required to operate the card, not to mention power and connection cables. Raspberry Pi is used for multiple purposes as needed, particularly in computer programming and these related fields [35]. The hyperchaotic oscillator used in this work is solved by using the integration algorithm of Runge–Kutta under a Python programming environment. The phase portrait obtained is observed on the monitor of Figure 4 with a remarkable similarity to that previously observed in Figure 2b.

5. Adaptive Synchronization

In this section, the adaptive synchronization of the hyperchaotic system (1) with unknown parameters newly introduced is discussed. Thus, the master system is considered as follows.

$$\left\{\begin{array}{c}{\dot{x}}_1={\beta }_1\left(x_2+0.2\left(x_1-\epsilon \sinh \left(x_1\right)\right)\right)\hfill \\ {\dot{x}}_2={\beta }_2{x}_1-x_2+x_3+x_4\hfill \\ {\dot{x}}_3=-{\beta }_3{x}_2+x_4\hfill \\ {\dot{x}}_4=-{\beta }_4{x}_1\hfill \end{array}\right.$$

(6)

The introduced model is hyperchaotic for ${\beta }_1=9$, ${\beta }_2=0.759$, ${\beta }_3=12.5$, ${\beta }_4=0.5$, and $\epsilon =0.5$. The slave system of the previous system is given by the following:

$$\left\{\begin{array}{c}{\dot{y}}_1={\beta }_1\left(y_2+0.2\left(y_1-\epsilon \sinh \left(y_1\right)\right)\right)+u_1\hfill \\ {\dot{y}}_2={\beta }_2{y}_1-y_2+y_3+y_4+u_2\hfill \\ {\dot{y}}_3=-{\beta }_3{y}_2+y_4+u_3\hfill \\ {\dot{y}}_4=-{\beta }_4{y}_1+u_4\hfill \end{array}\right.$$

(7)

where $u_i$ and $(i=1,2,3,4)$ are the adaptive controls to be designed to ensure the synchronization of the coupled oscillators. The complete synchronization error is defined as follows.

$$e_i=y_i-x_i$$

(8)

Then, the error dynamics is expressed as follows.

$$\left\{\begin{array}{c}{\dot{e}}_1={\beta }_1\left(e_2+0.2\left(e_1-\epsilon \left(\sinh \left(y_1\right)-\sinh \left(x_1\right)\right)\right)\right)+u_1\hfill \\ {\dot{e}}_2={\beta }_2{e}_1-e_2+e_3+e_4+u_2\hfill \\ {\dot{e}}_3=-{\beta }_3{e}_2+e_4+u_3\hfill \\ {\dot{e}}_4=-{\beta }_4{e}_1+u_4\hfill \end{array}\right.$$

(9)

The adaptive control functions $u_1\left(t\right)$, $u_2\left(t\right)$, $u_3\left(t\right)$, and $u_4\left(t\right)$ are defined as follows:

$$\left\{\begin{array}{c}{u}_1={\beta }_1\left(e_2+0.2\left(e_1-\epsilon \left(\sinh \left(y_1\right)-\sinh \left(x_1\right)\right)\right)\right)-k_1{e}_1\hfill \\ u_2={\widehat{\beta }}_2{e}_1-e_2+e_3+e_4-k_2{e}_2\hfill \\ u_3=-{\widehat{\beta }}_3{e}_2+e_4-k_3{e}_3\hfill \\ u_4=-{\widehat{\beta }}_4{e}_1-k_4{e}_4\hfill \end{array}\right.$$

(10)

where ${\widehat{\beta }}_2$, ${\widehat{\beta }}_3$, and ${\widehat{\beta }}_4$ are estimates of the parameters ${\beta }_2$, ${\beta }_3$, and ${\beta }_4$, respectively, and $k_i$ (i = 1, 2, 3, 4) are positive constants. Substituting the control law (10) into (9), the closed-loop error dynamics are obtained as follows.

$$\left\{\begin{array}{c}{\dot{e}}_1=-k_1{e}_1\hfill \\ {\dot{e}}_2=\left({\beta }_2-{\widehat{\beta }}_2\right)e_1-k_2{e}_2\hfill \\ {\dot{e}}_3=-\left({\beta }_3-{\widehat{\beta }}_3\right)e_2-k_3{e}_3\hfill \\ {\dot{e}}_4=-\left({\beta }_4-{\widehat{\beta }}_4\right)e_1-k_4{e}_4\hfill \end{array}\right.$$

(11)

From (11), the errors of parameter estimations are defined as follows.

$$e_{{\beta }_2}={\beta }_2-{\widehat{\beta }}_2,e_{{\beta }_3}={\beta }_3-{\widehat{\beta }}_3, and e_{{\beta }_2}={\beta }_4-{\widehat{\beta }}_4$$

(12)

Substituting (12) into (11), the error dynamics simplifies into the following.

$$\left\{\begin{array}{c}{\dot{e}}_1=-k_1{e}_1\hfill \\ {\dot{e}}_2=e_{{\beta }_2}{e}_1-k_2{e}_2\hfill \\ {\dot{e}}_3=-e_{{\beta }_3}{e}_2-k_3{e}_3\hfill \\ {\dot{e}}_4=-e_{{\beta }_4}{e}_1-k_4{e}_4\hfill \end{array}\right.$$

(13)

The candidate quadratic Lyapunov function is a positive function on ${\Re }^7$ that can be defined as the following:

$$V\left(e_i,\Delta e_{{\beta }_2}, e_{{\beta }_3}, e_{{\beta }_4}\right)=\frac{1}{2}\left(e_1^2+e_2^2+e_3^2+e_4^2+e_{{\beta }_2}^2+e_{{\beta }_3}^2+e_{{\beta }_4}^2\right).$$

(14)

where (i = 1, 2, 3, 4). With ${\dot{e}}_{{\beta }_2}=-{\dot{\widehat{\beta }}}_2$, ${\dot{e}}_{{\beta }_3}=-{\dot{\widehat{\beta }}}_3$, and ${\dot{e}}_{{\beta }_2}=-{\dot{\widehat{\beta }}}_4$, the derivative function along the trajectories of (14) is obtained by the following.

$$\dot{V}=-k_1{e}_1^2-k_2{e}_2^2-k_3{e}_3^2-k_4{e}_4^2+e_{{\beta }_2}\left({\dot{\widehat{\beta }}}_2-e_1{e}_2\right)-e_{{\beta }_3}\left({\dot{\widehat{\beta }}}_3+e_2{e}_3\right)+e_{{\beta }_4}\left({\dot{\widehat{\beta }}}_3+e_1{e}_4\right)$$

(15)

From (15), the determined parameters are modernized according to the following law.

$$\left\{\begin{array}{c}{\dot{\widehat{\beta }}}_2=e_1{e}_2+k_5{e}_{{\beta }_2}\hfill \\ {\dot{\widehat{\beta }}}_3=-e_2{e}_3+k_6{e}_{{\beta }_3}\hfill \\ {\dot{\widehat{\beta }}}_4=-e_1{e}_4+k_7{e}_{{\beta }_4}\hfill \end{array}\right.$$

(16)

Substituting (16) into (15), we obtain the following.

$$\dot{V}=-k_1{e}_1^2-k_2{e}_2^2-k_3{e}_3^2-k_4{e}_4^2-k_5{e}_{{\beta }_2}^2-k_6{e}_{{\beta }_3}^2-k_7{e}_{{\beta }_4}^2$$

(17)

This shows that $\dot{V}$ is a negative specific function on ${\Re }^7$. Thus, by Lyapunov stability theory [36], it is essential that the synchronization error and the parameter error decay to zero exponentially with time for all primary conditions. Hence, the following outcomes are established.

The parameter values of the master and response hyperchaotic dynamics are chosen as follows: for ${\beta }_1=9$, ${\beta }_2=0.759$, ${\beta }_3=12.5$, ${\beta }_4=0.5$, and $\epsilon =0.5$; the constants $k_i\left(i=1\dots 7\right)=1$. In addition, the initial conditions of the master system are fixed as follows: $x_1\left(0\right)=0.2$, $x_2\left(0\right)=0$, $x_3\left(0\right)=0$, and $x_4\left(0\right)=0$; the ones for the slave system are fixed as $y_1\left(0\right)=1,$ $y_2\left(0\right)=0.3$, $y_3\left(0\right)=0.5$, and $y_4\left(0\right)=1$. The primary values of the determined parameters are ${\widehat{\beta }}_2\left(0\right)=0.1$, ${\widehat{\beta }}_3\left(0\right)=0.03$, and ${\widehat{\beta }}_4\left(0\right)=0.01$.

The complete synchronization of the different master and slave system states is described in Figure 5. Figure 6 displays that the determined values of parameters ${\widehat{\beta }}_2$, ${\widehat{\beta }}_3$, and ${\widehat{\beta }}_4$ converge to system parameters ${\beta }_2=3$, ${\beta }_3=4.5$, and ${\beta }_4=1$.

6. Proposed Image Encryption Algorithm

6.1. Key Generation

A hash function called SHA-256 is applied to the input image to produce the secret key of (1), $(x_0,y_0,z_0,w_0)$. It generates a hash value of 256-bit, which behaves as the signature of the image. Accordingly, for two pristine images that are distinct in one bit, the corresponding hash values and the corresponding secret keys are dissimilar. The 204 first bits of the hash value are divided into four sub-sequences with the same length of 51 bits. The decimal representations of these sub-sequences are referred to as $h_1$, $h_2$, $h_3$, and $h_4$. The secret key of (1) is obtained by (18)–(21).

$$x_1=\frac{1}{2}\left(x_0+h_1\right) \mathrm{mod} 3$$

(18)

$$y_1=\frac{1}{2}\left(y_0+h_2\right) \mathrm{mod} 3$$

(19)

$$z_1=\frac{1}{2}\left(z_0+h_3\right) \mathrm{mod} 3$$

(20)

$$w_1=\frac{1}{2}\left(w_0+h_4\right) \mathrm{mod} 3$$

(21)

6.2. Encryption Procedure

In this part, the stepwise of the presented image cryptosystem, shown in Figure 7, is provided. It consists of two main phases, i.e., pixel-based permutation and bit-wise diffusion:

• Pixel-based permutation phase: the original image $\mathbf{P}$ of size $M\times N$ undergo a permutation operation that works at the pixel level as given below.
  • Iterate (1) $M\times N/4$ times with the control parameters $({\beta }_1,{\beta }_2,{\beta }_3,{\beta }_4,\epsilon )$ and the initial conditions $(x_1,y_1,z_1,w_1)$ (cf. (18)–(21)), which yields four chaotic matrices $\mathbf{X},\mathbf{Y},\mathbf{Z}$, and $\mathbf{W}$ each of size $M\times N/4$;
  • Concatenate matrices $\mathbf{X},\mathbf{Y},\mathbf{Z}$, and $\mathbf{W}$ into a matrix $\mathbf{V}$ of size $M\times N$. Then, map $\mathbf{V}$ from $\left[0,3\right]$ to $\left\{0,1,2,\dots ,255\right\}$ using (22), which produced a matrix $\mathbf{S}$:

    $$S=\left[\left(V\times {10}^{15}\right) \mathrm{mod} 256\right],$$

    (22)

    where $\left[x\right]$ refers the integer part of x;
  • Transform matrix $\mathbf{S}$ into a sequence $\mathbf{s}$ of length $MN$. The elements of $\mathbf{s}$ are then arranged in ascending order to generate a new sequence denoted by ${\mathbf{s}}_1$. Let $\mathbf{r}$ be an array that contains the indices of the elements of $\mathbf{s}$ in ${\mathbf{s}}_1$;
  • After resizing the original image $\mathbf{P}$ into a sequence $\mathbf{p}$ of length $MN$, the permuted process is applied as follows;

    $$p_r\left(i\right)=p\left(r\left(i\right)\right) i=1,2,\dots ,MN$$

    (23)
  • Next, we reshape ${\mathbf{p}}_r$ into ${\mathbf{P}}_1$, an $M\times N$ matrix. In short, the permutation process can be referred to as follows.

    $$P_1=F_r\left(P\right)$$

    (24)
• Bit-wise diffusion: Apply the diffusion function $g_s$ to the elements of ${\mathbf{P}}_1$ using $\mathbf{S}$ as follows:

  $$C=P_1\oplus S,$$

  (25)

  where ⊕ indicates the bit-wise XOR process and $\mathbf{C}$ is the encrypted image. Simply, the diffusion process can be formulated as follows.

  $$C=G_S\left(P_1\right)$$

  (26)

6.3. Decryption Procedure

The decryption is usually a reverse of the encryption process. The decryption scheme corresponding to the proposed encryption approach is displayed in Figure 8. The presented algorithm is symmetric, which means that it utilizes the same cryptographic keys for both encryption of plaintext and decryption of ciphertext. Accordingly, the secret key of (1) (cf. $(x_0,y_0,z_0,w_0)$) along with the hash value of the pristine image should be communicated to the decryption part. By applying (18)–(21), the receiver produces the correct secret key and can then recover the original image by using (27):

$$D=F_r^{-1}\left(G_S\left(C\right)\right),$$

(27)

where $\mathbf{D}$ is the decrypted image, and $F_{\mathbf{r}}^{-1}$ denotes the inverse function of $F_{\mathbf{r}}$.

7. Performance and Security Analysis

7.1. Keyspace Analysis

The keyspace of the proposed scheme consists of the 256-bit hash value of the pristine image and the primary conditions of (1), i.e., $(x_0,y_0,z_0,w_0)$. Suppose that the double-precision datatype used is the 51-bit floating-point format. The possible values of $x_0$ are more comprehensive than 51 bits, as are the values of $y_0,z_0$, and $w_0$. The security claim of the best possible collision attack on the SHA-256 hash function is $2^{128}$. Consequently, the keyspace of the proposed algorithm is larger than 332 bits, which is sufficient against brute-force attacks.

7.2. Sensitivity Analysis

7.2.1. Key Sensitivity

A secure cryptosystem should be highly sensitive to even the slight changes in the secret key. Therefore, modifying a few bits in the secret key should completely alter the cipher image or the original image in case of decryption. Figure 9a depicts the result of hamming distance versus several altered bits of the proposed encryption scheme. To conduct this test [37], the indices n ($n=1,\cdots ,10$) of the modified bits and the 512 × 512 test images are generated randomly for 200 iterations. It is noted that the hamming distance is very close to the optimum value of 0.5, even for a single bit alteration in the key. Consequently, the suggested approach is highly sensitive to the slight variations in the secret keys.

7.2.2. Plaintext Sensitivity

Plaintext sensitivity refers to the change in the encrypted image with a single bit variation in the original image. Encryption schemes with better plaintext sensitivity are robust against chosen-plaintext attacks. Figure 9b depicts the plot of hamming distances versus the number of modified bits in the plain image [37]. The indices n ($n=1,\cdots ,10$) of the modified bits and the 512 × 512 images are generated randomly under 200 iterations. It can be observed that with the proposed algorithm, the hamming distances are quite close to the optimum value of 0.5, even with the modification of a single bit in the original image. Hence, we can infer that the proposed approach is extremely sensitive to the minor modification in the pristine image.

7.2.3. NPCR and UACI Tests

In a secure image cryptosystem, the cipher image is susceptible to minor modifications in the plain image. There are two well-known quantitative measures, namely UACI (Unified Average Changing Intensity) and NPCR (Number of Pixel Change Rate), employed to test sensitivity. UACI measures the difference in the average intensity while NPCR evaluates the number of distinct pixels. The equations for computing the NPCR and UACI are as follows:

$$\mathrm{NPCR}=\frac{1}{MN}\sum _{i=1}^M\sum _{j=1}^N\mathcal{D}(i,j),$$

(28)

$$\mathrm{UACI}=\frac{1}{255\times MN}\sum _{i=1}^M\sum _{j=1}^N|{\mathbf{C}}_1(i,j)-{\mathbf{C}}_2(i,j)|,$$

(29)

where M and N are the rows and columns in the image, respectively, and $\mathcal{D}(i,j)$ refers to the difference between ${\mathbf{C}}_1$ and ${\mathbf{C}}_2$, given by the following equation.

$$\mathcal{D}(i,j)=\left\{\begin{array}{cc}0,\hfill & \mathrm{if} {\mathbf{C}}_1(i,j)={\mathbf{C}}_2(i,j)\hfill \\ 1,\hfill & \mathrm{if} {\mathbf{C}}_1(i,j)\ne {\mathbf{C}}_2(i,j)\hfill \end{array}\right.$$

Table 2. NPCR and UACI (mean and variance) of the ciphered images with a single-bit alteration in the pristine image.

	NPCR $(\%)$				UACI $(\%)$
	[38]	[39]	[40]	Proposed	[38]	[39]	[40]	Proposed
Mean	99.6103	99.6100	99.2000	99.6095	33.4674	33.4526	31.9249	33.4615
Variance	0.0002	0.0002	0.0926	0.0002	0.0018	0.0020	0.4232	0.0019

displays the comparative results of the mean and the variance of UACI and NPCR employed on many grayscale images. It can be observed that the mean value of the NPCR and the UACI exceed 99.6% and 33.46%, respectively, which indicates high sensitivity to the smaller variations in the original image pixels. Consequently, the encrypted scheme can produce entirely different cipher images even with a single bit difference in the two source images.

7.3. Statistical Analysis

7.3.1. Bit Distribution within Each Bit-Plane

Grayscale image pixels are ordinarily represented in 8-bits; hence, an image comprises eight bit-planes. The authors in [41] demonstrated that bit-planes corresponding to the most significant bits (MSBs) are highly correlated in the original images. Intruders can exploit this fact to retrieve a considerable number of bits in higher bit-planes by comprehending its neighboring bit-plane. Consequently, each bit plane in the cipher image should be highly uniform in terms of bit distribution. The uniformity is measured in the percentage of 1’s and 0’s in the bit-planes (expected value 50%).

Table 3. Percentage of 1’s (mean and variance) in several pristine images vs. their encrypted equivalents for the presented scheme.

		8th Bit	7th Bit	6th Bit	5th Bit	4th Bit	3rd Bit	2nd Bit	1st Bit
Mean	Orig.	79.0880	20.9120	73.4399	26.5601	67.6198	32.3802	63.9955	36.0045
	Encr.	50.0189	49.9811	49.9823	50.0177	49.9874	50.0126	50.0090	49.9910
Variance	Orig.	503.1185	503.1185	273.1839	273.1839	243.3089	243.3089	231.2194	231.2194
	Encr.	0.0080	0.0080	0.0092	0.0092	0.0096	0.0096	0.0102	0.0102

Orig. refers to the original images and Encr. refers to the encrypted ones.

shows the bit distributions of the original images and their encrypted counterparts. It can be observed that the mean of the bit uniformity in all the bit-planes is quite close to 50% in the encrypted images. The algorithm also exhibits almost identical variances in the percentage of 1’s with values close to zero.

7.3.2. Correlation Analysis

Adjacent pixels are highly correlated in the original images. This is because the neighboring pixel values are very close to each other in natural images. Cryptanalysts can exploit this feature to break the cipher. Therefore, neighboring pixels in the cipher image should be highly uncorrelated. Cryptanalysts can use this feature to break the cipher. The correlation coefficient between any two pixels in an image is calculated by utilizing the following equation:

$$C_{ab}=\frac{{\sum }_{i=1}^K\left(a_i-\mathbb{E}\left\{a\right\}\right)\left(b_i-\mathbb{E}\left\{b\right\}\right)}{\sqrt{{\sum }_{i=1}^K{\left(a_i-\mathbb{E}\left\{a\right\}\right)}^2}\sqrt{{\sum }_{i=1}^K{\left(b_i-\mathbb{E}\left\{b\right\}\right)}^2}},$$

(30)

where $a_i$ and $b_i$ denote grayscale values of the neighboring pixels, K is the total number of pixels taken for the calculation, and $\mathbb{E}\{.\}$ indicates the expected values of the random variables.

Table 4. Average of the absolute values of the correlation between neighboring pixel pairs in the pristine and ciphered images.

Scan Direction	Original Images	Encrypted Images
Hor.	0.9868	0.0021
Ver.	0.9889	0.0019
Dia.	0.9781	0.0021

displays the mean values of the correlation coefficients between adjacent pixels in the horizontal, vertical, and diagonal directions. We have taken 3000 random samples each from the plain and the cipher images in these directions. It can be observed from the table that the mean values of the correlation coefficient in the cipher images in all three directions are pretty close to zero. Therefore, adjacent pixels in the ciphered image’s horizontal, vertical, and diagonal directions are highly uncorrelated. Figure 10 shows this property graphically where the plots of the adjacent pixel correlation of the pristine image per direction are shown in Figure 10a–c, respectively. On the other hand, plots of their encrypted counterparts are presented in Figure 10d–f. The encryption scheme satisfies the requirement of almost zero correlation, making it resistant to various correlation-based attacks.

7.3.3. Histogram and Chi-Square Test

The histogram of an image graphically describes the distribution of pixel intensities in the image. Original images usually have non-uniform histograms because pixel intensities are limited within some range. This property can be exploited by cryptanalysts to intercept the cipher using histogram-based attacks. Therefore, a secure encryption scheme should produce cipher images with uniform histograms. Figure 11 shows two grayscale images, namely Airplane and Peppers, along with their histograms, while Figure 12 depicts the encrypted analogs of the original images along with their histograms. It can be observed that the original images exhibit non-uniform histograms while encrypted images have highly uniform distributions of pixel intensities. Histogram uniformity is usually characterized by the Chi-square test [42] quantitatively and computed using the following equation:

$${\chi }^2=\sum _{i=0}^{L_p-1}\frac{{\left(o_i-e_i\right)}^2}{e_i},$$

(31)

where L denotes the total number of pixel levels, $o_i$ indicates the frequency of occurrence of a particular pixel value (within 0–255) in the histogram, and $e_i$ denotes the predicted frequency of occurrence in the uniform distribution given by $e_i=(M\times N)/256$. The distribution in the experiment is considered to be uniform such that, when the p-value is found to be more than a significance level s ($s\in [0,1]$), the null hypothesis is accepted. p-value is the probability that summarizes the randomness strength of a test sample against the perfect sample in the experiment. A zero p-value indicates the least randomness and, hence, least amount of uniformity in the histogram, while a value more than 0.01 corresponds to sufficient randomness and uniformity.

Table 5. Chi-square test of the histograms (variance, success rate, and mean) for various image cryptosystems.

	${\mathit{\chi }}^2$ Test (p-Value)
	[38]	[39]	[40]	Proposed
Mean	0.5115	0.5113	0.3661	0.5339
Variance	0.0837	0.0781	0.0958	0.0746
Success rate (%)	95	96	77	97

shows the comparison of the mean, variance, and the success rate of the chi-square test (p-value) of different encryption schemes. The mean of the p-value is the highest (0.5339) in the proposed scheme with the success rate of 97%. Hence, the proposed encryption is found to have a uniform histogram and is robust against histogram-based attacks.

7.3.4. Global Entropy

Global entropy is the statistical test for calculating randomness in a sequence, defined as given in (32):

$$H\left(X\right)=-\sum _{i=1}^{K}p\left(x_i\right){\log }_2\left(p\left(x_i\right)\right) \left[\mathrm{bits}\right],$$

(32)

where $p\left(x_k\right)$ denotes the occurrence probability of the symbol $x_k$, and K is the number of different symbols generated by source X. The ideal entropy for an encrypted image is obtained when all pixel levels appear with an equal probability showing uniform pixel distribution. The value of ideal entropy is given as $lo{g}_2^{2^8}$ = 8 bits. The comparisons of the mean and the variances of the global entropies of different encryption algorithms are shown in

Table 6. Global entropy analysis (variance and mean).

	Global Entropy
	[38]	[39]	[40]	Proposed
Mean	7.999300	7.999300	7.986154	7.999306
Variance $(\times {10}^{-9})$	3.814091	3.197235	9646547	3.080179

. It is observed that the mean of the entropy is very close to the optimal value of 8 and also the highest when compared to the other algorithms. The variance is also found to be close to zero and is the lowest among other algorithms.

7.3.5. Local Entropy

The Local Shannon entropy is the qualitative tool of evaluating the randomness in contrast to the global entropy, where randomness is measured quantitatively. The evaluation of the local Shannon entropy is performed according to [37]. The comparison of the mean and variance of the local entropy is displayed in

Table 7. Local entropy analysis (variance and mean).

	Local entropy
	[38]	[39]	[40]	Proposed
Mean	7.902454	7.902396	7.832426	7.902484
Variance $(\times {10}^{-7})$	3.048803	3.820000	2080030	3.140462

. The mean of the local entropy is very close to 8 and is the highest as compared to other algorithms. Similarly, the variance is found to be almost equal to zero, which is lower than [39,40] and slightly higher than [38].

7.4. Robustness Analysis

7.4.1. Occlusion Attack

When cipher images are transferred through a communication channel, they are prone to data loss. These losses can affect the decryption process completely or partially. The occlusion attack test is employed on the cipher images to measure the strength of the presented cryptosystem in retrieving the plain image.

Table 8. The average value of PSNR among pristine and decrypted images resulting from occlusion attacks.

		Occlusion
	Algorithm	1/16	1/8	1/4	1/2
PSNR (dB)	[38]	11.6162	9.6108	8.3915	8.0663
	[39]	8.0552	8.0712	8.0885	8.0723
	[40]	8.4625	8.3750	8.6850	7.9169
	Proposed	20.2283	17.2355	14.1520	11.1497

shows the comparison of PSNR between the pristine and ciphered image after undergoing the occlusion attack. The tests are conducted with 1/16, 1/8, 1/4, and 1/2 data losses, and it is observed that the suggested algorithm defeats other cryptosystems with the highest PSNR in all cases. Figure 13a–d show the encrypted images with above mentioned losses while Figure 13e–h show analogous ciphered images. It can be observed that much of the visual information is retained even after half of the encrypted image’s information is lost. Consequently, the suggested scheme can efficiently withstand occlusion attacks.

7.4.2. Noise Attack

Digital images are transferred through various transmission media that are often subjected to the noise present in the channel. This noise can affect the quality of the decrypted image if the corresponding cipher image is subjected to it. To assess the capability of the presented cryptosystem in order to resist such noise attacks, the cipher images are contaminated by the salt and pepper noise with densities 0.005, 0.05, 0.1, and 0.3. Figure 14a–d show the analogous decrypted images. It can be seen from the figures that these images are noisy but still perceivable. Moreover,

Table 9. The average value of PSNR among the pristine and decrypted images retrieved from ciphered images that were subjected to salt and pepper noise.

		Density of the Salt and Pepper Noise
	Algorithm	0.005	0.050	0.100	0.300
PSNR (dB)	[38]	21.5400	12.4184	10.1824	8.2172
	[39]	8.0756	8.0452	8.0348	8.0473
	[40]	11.8764	8.3019	8.2093	8.0887
	Proposed	31.2223	21.0743	18.0256	13.2927

shows the comparison among different algorithms in terms of mean PSNR among the pristine and the decrypted images. The proposed scheme outperforms other algorithms with the highest value of the PSNRs, and it can withstand noise attacks.

7.4.3. Histogram Equalization

Histogram equalization is generally used to increase the image contrast utilizing the histogram of the image. This technique is carried out to make a uniform intensity distribution in the image so that the areas suffering from lower contrast can be transformed to the higher contrast. Figure 15a shows the cipher image under the histogram equalization attack, while Figure 15b depicts the corresponding decrypted image that is slightly blurry but easily recognizable. Moreover,

Table 10. The average value of PSNR among pristine and decrypted images retrieved from ciphered images that were subjected to histogram equalization attacks.

	[38]	[39]	[40]	Proposed
PSNR (dB)	39.2943	8.0455	8.0995	32.4690

reports the comparison among different algorithms in terms of PSNR among the pristine and the decrypted images subjected to the histogram equalization attack. It can be observed that the mean PSNR in the suggested algorithm is more than the schemes in [39,40] while slightly less than [38]. Therefore, the proposed scheme is well capable of handling the histogram equalization attacks.

7.4.4. Contrast Adjustment

Contrast adjustment is performed to modify the contrast of an image using a process called contrast stretching. To perform this operation, pixels with values less than a specified value are usually mapped to the lowest (pure black) value. In contrast, pixels with more than a specific value are fixed to the highest intensity (pure white). Encrypted images can undergo such contrast adjustment attacks causing considerable contamination in the corresponding decrypted images. Figure 16a,b show decrypted images that underwent the contrast adjustment of 20% and 50%, respectively. It can be observed that the recovered images are noisy but easily visible in both cases. Moreover,

Table 11. The average value of PSNR among the pristine and decrypted images retrieved from ciphered images that were subjected to the contrast adjustment attacks.

		Contrast Increased by a Percentage of
	Algorithm	$20\%$	$50\%$
PSNR (dB)	[38]	33.1248	21.0036
	[39]	8.0603	8.0614
	[40]	8.1098	8.0690
	Proposed	26.5443	19.5175

shows a comparison among different algorithms in terms of mean PSNR among the pristine image and the decrypted image, which shows better performance than the schemes proposed in [39,40].

7.5. Classical Attacks

According to Kerkhoff’s law of the cryptology [43], assuming all the encryption/decryption algorithms are well known to the attackers, the confidence of the cryptosystem relies only on the secret keys. Cryptanalysts can rebuild the secret key or its equivalent form to decrypt a partial or total content effectively. They can even find a process to recover the pristine image from the cipher image without seeing the key by analyzing the correlations between the encrypted image and the pristine image or the secret key. These search methods resulted in two well-known attacks: the known-plaintext attack and chosen-plaintext attack. A robust cryptosystem should be capable of withstanding these attacks. In the suggested scheme, the SHA256 hash function is adopted to derive the primary values of the hyperchaotic system and its control parameters. Hence, they are sensitive to even a tiny bit of modification in the key and the plain image. This ensures completely different chaotic sequences for the distinctive plain images even if the same secret keys are used. Therefore, a cryptanalyst would not retrieve helpful information about the keys or the decrypted image by analyzing the proposed algorithm. This is because this information highly depends on the input plain image. Consequently, the proposed scheme can resist both the known-plaintext and the chosen-plaintext attacks.

In the case of an attack, the cryptanalysts use all-black and all-white pixel images to make the cipher’s substitution and/or permutation processes invalid and infer valuable information. Figure 17 shows the encrypted images and their histograms related to the all-black and all-white images. It is observed that the encrypted images provide no helpful information as they are random-like images, and also, their histograms are quite uniform. The adjacent pixel correlation per direction is displayed in Figure 18 for the all-white and the all-black images, and they all are found to be very close to zero. The p-value in the chi-square test is sufficiently larger to pass the null hypotheses, and the global and the local entropies are very close to the ideal value of 8 for both all-black and the all-white images, as reported in

Table 12. Statistical analyses of ciphered full-white and full-black images.

		${\mathit{\chi }}^2$ Test of Histogram	Correlation			Entropy
Image	Algorithm	p-Value	Hor.	Ver.	Dia.	Global	Local
Full-white	[38]	0.7837	0.0043	−0.0007	0.0003	7.9993	7.9022
	[39]	0.2299	0.0043	0.0028	0.0003	7.9993	7.9030
	[40]	0	0.9991	0.0381	0.0366	3.1642	1.9065
	Proposed	0.8086	0.0022	−0.0009	0.0009	7.9994	7.9015
Full-black	[38]	0	0.0002	−0.0009	0.0046	2.0000	1.9989
	[39]	0	−0.0015	0.0004	−0.0004	0.0384	0.0381
	[40]	0	NaN	NaN	NaN	0.0012	0.0002
	Proposed	0.5935	−0.0048	0.0004	0.0018	7.9993	7.9025

. Moreover,

Table 13. Differential analyses of ciphered full-white and full-black images.

Image	Algorithm	NPCR (%)	UACI (%)
Full-white	[38]	99.5861	33.4615
	[39]	99.5983	33.4682
	[40]	62.5015	10.9806
	Proposed	99.6113	33.3647
Full-black	[38]	75.0347	00.4900
	[39]	0.7969	0.0031
	[40]	12.5031	00.0505
	Proposed	99.6227	33.4161

shows that UACI and NPCR values are very close to the typical values of 99.6% and 33.4%, respectively, in both cases. This ensures the ability of the proposed scheme to resist differential attacks effectively. Moreover, the proposed encryption scheme can successfully encipher full-black and full-white images resisting the known and chosen-plaintext attacks.

7.6. Time Complexity

A comparison of the time complexity and their magnitude for a $512\times 512$ grayscale image is provided in

Table 14. Orders of time complexity and their magnitude for a grayscale image of dimension $M\times N=512\times 512$. For the presented simulation outcomes in [38,40], $L=MN$ and $n=1$, respectively.

Algorithm	Complexity Order	Order of Magnitude $(\times {10}^6)$
[38]	$O\left(MN\left(34+\log \left(L\right)+2\sqrt{L}\right)\right)$	282
[39]	$O\left(108MN+72L^4\right)$	45
[40]	$O\left(\left(36n+2\right)MN\right)$	10
Proposed	$O\left(\left(9.25+\log \left(MN\right)\right)MN\right)$	5

. The complexities of the comparative algorithms [38,39,40] are reported in [37,44].

Table 15. Time complexity analysis for the suggested image cryptosystem.

Process	Time Complexity
Addition	$1.5MN+4$
Multiplication	$2.5MN+8$
Trigonometric functions	$\frac{MN}{4}$
Mod	$2MN+4$
Rounding functions	$MN$
XOR	$MN$
Substitutions	$MN+4$
Sorting vector of length	$MN$
SHA-256 operations	$\frac{8}{512}MN$

shows a count of frequencies for each elementary operation according to the number of pixels in the image $MN$. The encryption schemes in [38,39] demand sorting operations. Let v be a vector with l elements; the sorting of a such vector requires, on average, a time complexity of $l\log \left(l\right)$ when considered the quicksort algorithm [45]. After collecting the frequencies shown in Table 15 and then disregarding lower-orders terms, the complexity orders are summarized as follows [38,39,40].

$$\left\{\begin{array}{cc}O\left(MN\left(34+\log \left(L\right)+2\sqrt{L}\right)\right)\hfill & \\ O\left(108MN+72L^4\right)\hfill & \\ O\left(\left(36n+2\right)MN\right)\hfill & \\ O\left(65MN+3\times \left(M+N\right)\right)\hfill & \mathrm{proposed}.\hfill \end{array}\right.$$

(33)

It is observed that the suggested algorithm has the lowest complexity order compared to the ones in [38,39,40].

8. Concluding Remarks

Exultant implementation of an image cryptosystem using the randomness of hyperchaotic system with hyperbolic nonlinearity and permutation and substitution operations is presented. First, the system is investigated numerically and analytically for exploration and the selection of hyperchaotic behavior utilized for encryption. From this examination appears a rich dynamic, namely, the existence of a single unstable equilibrium point, the hysteresis phenomenon giving rise to the coexistence of three different attractors, and period-doubling bifurcation. Then, an encryption method is designed by using both the hyperchaotic character well chosen previously and one round of permutation and diffusion operations. The SHA-256 hash value of the original image is used to generate the secret key of the cryptosystem, which renders chosen/known-plaintext attacks impossible. The feasibility and synchronization of the proposed system are also presented by developing, respectively, Raspberry surveys and an adaptive synchronization scheme of two identical hyperchaotic systems. Experiment results were presented to show that the proposed algorithm satisfied all required properties of a secure cryptosystem, in addition to its low complexity and its merit for practical use. Comparisons with some state-of-the-art algorithms demonstrated that the proposed algorithm offers the best performance/complexity trade-off. In future work, we aim to utilize the presented hyperchaotic system in designing video cryptosystems for the Internet of Things applications.