Image Encryption Algorithm Using 2-Order Bit Compass Coding and Chaotic Mapping

Abstract

This paper proposes a novel image encryption algorithm based on an integer form of chaotic mapping and 2-order bit compass diffusion technique. Chaotic mapping has been widely used in image encryption. If the floating-point number generated by chaotic mapping is applied to image encryption algorithm, it will slow encryption and increase the difficulty of hardware implementation. An innovative pseudo-random integer sequence generator is proposed. In chaotic system, the result of one-iteration is used as the shift value of two binary sequences, the original symmetry relationship is changed, and then XOR operation is performed to generate a new binary sequence. Multiple iterations can generate pseudo-random integer sequences. Here integer sequences have been used in scrambling of pixel positions. Meanwhile, this paper demonstrates that there is an inverse operation in the XOR operation of two binary sequences. A new pixel diffusion technique based on bit compass coding is proposed. The key vector of the algorithm comes from the original image and is hidden by image encryption. The efficiency of our proposed method in encrypting a large number of images is evaluated using security analysis and time complexity. The performance evaluation of algorithm includes key space, histogram differential attacks, gray value distribution(GDV),correlation coefficient, PSNR, entropy, and sensitivity. The comparison between the results of coefficient, entropy, PSNR, GDV, and time complexity further proves the effectiveness of the algorithm.

1. Introduction

The sharing of information is increasing in modern digital world. The information consists of text and multimedia data which require security [1]. Among these data, the digital images transmitted over the Internet are vulnerable to various attacks. Generally, securing digital images could be achieved by using image steganography [2], image encryption [3,4], and image watermarking [5]. Encryption is the most straightforward and most efficient method to ensure image security via converting the plain image into an unreadable one using a secret key [6]. Without having that secret key, nobody can restore the plain image. Many image encryption algorithms include two stages, namely, pixel scrambling and diffusion [7]. The security of cryptosystem depends on the complexity of key rather than the confidentiality of algorithm, which is the basic principle [8]. In the image encryption algorithm, whether it is the scrambling of pixel spatial position or the transformation of pixel value, it needs a complex random sequence. Therefore, the complexity of random sequence is one of the main factors that determine the superiority of encryption algorithm. Image encryption techniques are broadly classified into some categories, spatial domain, transform domain [9,10], optical [11],compressive sensing [12,13,14,15],and neural network [16,17,18]. In recent years, chaotic systems have been widely accepted because of their sensitivity to initial conditions, pseudo randomness, and ergodicity of data [19]. In 1989, Robert Matthews gave the generating function of encrypted pseudo-random number sequence based on the deformation of Logistic mapping [20]. Then chaotic cryptography and chaotic cryptanalysis are developed one after another. The image encryption algorithm based on chaotic system mainly adopts the following chaotic maps: one-dimensional logistic map, two-dimensional Henon mapping [21,22], three-dimensional Lorenz mapping [23], hybrid chaotic mapping [24], spatiotemporal chaotic [25], skew tent mapping [26,27], piecewise nonlinear chaotic mapping [28], and so on. There are some defects in the random sequence generated by chaotic system. In the limited precision, the discrete chaotic system has a simple structure, the calculation cost is very small, which can quickly generate a random sequence in the computer system. The chaotic behavior of some discrete chaotic systems is not complex, so they cannot meet the requirements of multimedia file data encryption. Therefore, these discrete chaotic system needs to transform for achieved high randomness [29]. The floating-point sequence generated by chaotic system can be applied to image encryption system only after it is converted into integer sequence. The approximation brought by data conversion will inevitably reduce the randomness and initial value sensitivity of chaotic mapping.

Generally, many image encryption processes usually include two stages. Ref [30] has proposed the application of random integer in image encryption based on chaos. There are two problems by which the block processing of the image affects the applicability of the algorithm and cyclic shift applies only permutation of pixels. Ref [31] proposes an encryption algorithm in combination with cyclic shift and sorting. But the performance of the algorithm depends on the early grouping of images. In ref [32], double chaotic systems are used to generate a random sequence, which is a non-integer. Therefore, in encryption applications, random numbers must be integer preprocessed that directly affects the effect of pixel diffusion. In the application of pixel diffusion, these methods do not apply cyclic shift to the bits of pixels. In order to avoid integer preprocessing of random numbers and improve pixel diffusion performance, this paper aims to propose pseudo-random integers generation scheme-based chaotic map and pixel diffusion method based 2-order bit compass. In the image encryption algorithm, the pixel position is scrambled by random sequence, and then the pixel diffusion is realized by using the bit compass coding. In the first section, the generation method of pseudo-random integer sequence is studied based on chaotic mapping. The binary sequences of several integers can be combined with chaotic mapping, and multiple groups of different new binary sequences can be obtained by using the XOR operation after shift. This part not only demonstrates the feasibility of the method, but also demonstrates the randomness of the random integer sequence generated by the method and its sensitivity to the initial value. The second section designs bit compass coding. The existence of Euler rings of regular bipartite graphs is demonstrated, and the reversible condition of the bit compass coding is proposed. The last section is the experimental demonstration to test the feasibility and superiority of the algorithm.

2. Pseudo-Random Integer Sequence Generator

The commonly used chaotic map in image encryption system is logistic mapping. Because of its simple structure and sufficient chaotic level, one-dimensional logistic map has become a widely used chaotic mapping. Equation (1) shows the logistic mapping [33],

$$x_{n+1}=\mathsf{\mu }\times x_n\times (1-x_n)$$

(1)

The value µ ∈ (0, 4], $x_n\in$ (0, 1). The µ is limited to a range of [3.75, 4] to ensure the chaotic behavior. Figure 1 shows the bifurcation diagram of the logistic mapping.

Within the limited precision, the randomness of the sequence $x_n$ will decrease. For example, 100 $\times x_n$ can be rounded to obtain the sequence of integers. The statistical results of the random integer sequence are shown in Figure 2. When there are different initial values and parameters, appearing frequency of 0~20 and 90~100 in the random integer sequence is very few. It is necessary to recombine the integer sequence generated by chaotic mapping to improve the randomness. Here, we give a scheme to generate pseudo-random integer sequence by combining chaotic mapping with XOR. $r_1$ and $r_2$ are binary sequences with length n of two random integers $R_1$ and $R_2$, respectively. The pseudo-random integer generated by chaotic mapping is used as the shift amount of cyclic shift of sequence $r_1$ and $r_2$, and then XOR operation is performed to generate a new binary sequence with length of n.

In the Algorithm 1,the initial value of chaos $x_0$ ∈ (0, 1), µ ∈ (3.75, 4], two integers $R_1$, $R_2$, times are the length of the generated integer sequence, and n is the bit number of the integer. The output result is times integers R. In the fourth step in the Algorithm 1, the formula $r_1$ (end) ⇐ abs($r_2$ (end) − 1) is the inverse of the last bit of $r_2$. This formula can achieve two purposes, one is to increase the randomness of the generated integers, and another is to avoid the situation that the bits of two integers are all 1 or 0. The sixth step of the floor is the integer operation. In the eighth step, mod() is a modular operation, circshift(a, b) is a binary sequence cyclic shift of b bits, and bitxor(a, b) is the XOR operation of two bit sequences. The results of five different parameters are given in Figure 3. It can be found that there are great differences in the generated integer sequence when the parameters change slightly. The pseudo random integer sequence will be applied to pixel scrambling of proposed image encryption scheme. The logistic map in Algorithm 1 can be replaced, and pseudo-random integer sequences can also be generated. Generally, one-dimensional chaotic systems include Tent mapping, Chebyshev mapping, Sine mapping, and Cubic mapping [34].

Algorithm 1 Random Integer Sequence

Require: µ ∈ [3.7, 4] ∨$x_0$ ∈ (0, 1) ∨ $R_1$, $R_2$ ∈ N ∨ times, n ∈ N+

1 $r_1,r_2$ ⇐ Convert $R_1$, $R_2$ to binary sequence of long n. 2 for i = 1: times do 3 $r_2$ ⇐ ∼$r_2$; 4 $r_2$ (end) ⇐ abs ($r_2$(end) − 1); 5   1 ⇐ µ ∗ $x_0$ ∗ (1 − $x_0$); 6   $x_{\mathrm{i}0}$ ⇐ floor($x_0$ ∗ 100)); /*Extract two integers after the decimal point.*/ 7    $x_{\mathrm{i}1}$ ⇐ floor($x_1$ ∗ 100)); 8    $R_1$ ⇐ bitxor(circshift($r_1$, mod($x_{\mathrm{i}0}$, n)), circshift(${\mathrm{r}}_2$, mod($x_{\mathrm{i}1}$, n))); 9    $R_{}$ ⇐ Convert $R_{\mathrm{i}}$ to a decimal; 10    $x_0$ ⇐ $x_1$; $r_0$ ⇐ $r_1$; $r_1$ ⇐ $R_{\mathrm{i}}$ 11 Output: R ⇐ unique(R, ‘stable’)

Chebyshev mapping:

$$x_{n+1}=\cos (\mathrm{n}\times {\cos }^{-1}(x_n\left)\right),x_n\in [-1,1],\mu \ge 2$$

(2)

Tent mapping:

$$x_{n+1}=\left\{\begin{array}{c}\frac{x_n}{\mathsf{\mu }},x_n<\mathsf{\mu }\\ \frac{1-x_n}{1-\mathsf{\mu }},x_n\ge \mathsf{\mu }\end{array}\right.,\hspace{1em}{x}_n\in \left[-1,1\right],\mathsf{\mu }\in \left(0,1\right)$$

(3)

Sine mapping:

$$x_{n+1}=\frac{\mathsf{\mu }}{4}\times sin\left(\pi \times x_n\right),\mathsf{\mu }\in [0,1]$$

(4)

Cubic mapping:

$$x_{n+1}=\frac{\mathsf{\mu }}{4}\times x_n\left(1-x_n^2\right),\mathsf{\mu }\in [0,1]$$

(5)

The experimental results of pseudo-random integer sequence under four different mappings are given in Figure 4.

3. Bit-Compass Coding

An image with 1 bpp will use only 1 bit for each pixel, therefore each pixel will beat a certain point 1 or 0 [35]. If input bits are the same, then the output will be false(0) else true(1),which is XOR. The encryption scheme in this paper is to generate a new data set by using the XOR operation of the data set. First, two integers are converted into two group codes, binary codes with the same length. After a group of binary codes are shifted circularly once, a cipher-text is generated by XOR operation that applying to bits in the same position. The original two groups of binary codes are plaintext, the shift is the key, and the new binary codes are cipher-text. The paper proposes a rotating compass to describing the generation process of cipher-text. Supposed $x_1$, $x_2$, $x_3$, $x_4$ and $y_1$, $y_2$, $y_3$, $y_4$ are 4-bit binary codes of integers x and y respectively. Here,$x_i$, $y_i$ ∈ {0, 1}. Two sets of bits are arranged according to the pattern of Figure 5a. The pattern is named of four 2-order bit compass ($B{C}_{4,2}$). The $B{C}_{4,2}$ has an inner disk and an outer disk, the inner disk is the binary array of x and the outer disk is the binary array of y. In the encryption process, the inner disk remains stationary and the outer disk can rotate freely. Turn one angle θ (0^°, 90^°, 180^°, 270^°), a new 4-bit code $C$ can be generated after XOR operation. It is easy to know that a $B{C}_{4,2}$ can generate up to four different binary codes. Where, $x$ and $y$ are plain-text, $\theta$ is the key and $C$ is the cipher-text. For simplicity, $k$ = 0, $k$ = 1, $k$ = 2, $k$ = 3 respectively represent the counterclockwise rotation angle of the outer disk. The processing structure is shown in Figure 5a.

For example, the 4-bit binary of plaintext $\mathrm{x}$ = 14 and $y$ = 3 is 1110,0011. The pseudo-random integer sequence generation algorithm can refer to the diagram in Figure 5b. In Figure 5b it is shown that we can get four different cipher-text C. Cipher-text C is 1101,0111,0010,1000 respectively under four different rotations. Using the above method, plaintext 14 and 3 can generate cipher-text 13, 7, 2, 8. The decoding of 2-order m-bit compass uses cipher-text to generate plaintext through appropriate operation. The number of disks and bits are increased to improving randomness of the generated sequence. A 2-order bit-compass program is provided in Algorithm 2. Higher-order bit-compass is defined as follows.

Algorithm 2 A Time Coding of $B{C}_{m,2}$

Require: $R_1$, $R_2$ is two plaintext binary sequence of long m. k is rotation angle of outer wheel disc.

1: $R_p$ ⇐ bitxor($R_1$, circshif t($R_2$, mod(k, m)));

Definition 1.

(n-order bit-compass) Let $x_1$, $x_2$, …, $x_n$ are n integers. Converting them into m-bit binary code, and seting $x_{i,j}$ is the j-th bit of $x_i$. Arranged as shown in Figure 6 below, the compass formed is called n-order bit-compass ($B{C}_{4,2}$). The counterclockwise rotation angle k of the i-th disk is recorded as $ke{y}_{i,k}$.

The outer n − 1 discs can rotate, and each disc has m different rotation angles. Therefore, there are mⁿ⁻¹ different rotation combinations. If a rotation can generate a cipher-text, there are mⁿ⁻¹ cipher-texts in total. Due to the different rotation modes of n − 1 outer disks, up to mⁿ⁻¹ different cipher-text combinations can be generated. The arbitrary rotation of the n − 1 outer disks can generate a set of pseudo-random numbers, such as Algorithm 3.

Algorithm 3 Pseudo-Random Sequence of the ${\mathrm{BC}}_{\mathrm{m},\mathrm{n}}$

1 Input → Vector A with length n.

2  Abit ⇐ Each element of vector A is transformed into a binary sequence of length m. 3  z ⇐ Abit(1,:); 4  k ⇐ mn−1; 5  for i = 0: k − 1 do 6  c = n − 2; 7    for j = 2: n do 8     t ⇐ floor(i/mc); 9 z ⇐ bitxor(z, circshif t(Abit(j,:), t)) 10 c = c − 1; 11 $\mathrm{i}$ ⇐ i − t × mc; 12 end for 13 z ⇐ [r; z]; 14  end for 15  B ⇐ Each row of the matrix r converts m bits into a decimal number. 16 Output → Vector B with length mn − 1

Where, floor(i/m^c) is the rounding of i/m^c, representing shift value of the j-th vector group Abit. bitxor(z, circshif t(Abit(j,;), t))is an XOR operation after the shift of the vector group Abit. For example, let ${\mathrm{BC}}_{8,4}$ composed of four numbers 118, 93, 102, 230. The plaintext is [01110110; 01011101; 01100110; 11100110]. They can generate 512 integers with variance of 6800.5. The histogram and frequency distribution of cipher-text array show in Figure 7 that these data have strong randomness. The next section will show the decoding conditions and methods of the bit-compass.

4. Bit-Compass Decoding

Based on the $B{C}_{m,2}$, we decode the bit-compass one by one from the outside to the inside. The internal n − 1 disks in the n-order bit-compass are regarded as an internal disk, that is, the n-order bit-compass can be regarded as a 2-order bit-compass. The outermost disc can be decoded according to the 2-order bit-compass decoding method. In the same way, the remaining n − 1 disks in the inner layer are decoded in turn. Therefore, the decoding process needs n − 1 times to end. The following contents of this chapter mainly describe the decoding of 2-order bit-compass and the problems encountered in decoding. The encryption processing shows that each bit of the cipher-text indicates the relationship between the two bits in the plaintext. If the logical relationship of all bits in the plaintext can be found, the plaintext can be determined. In the $B{C}_{4,2}$, the external disk rotate twice, and each rotation will produce a one-to-one correspondence between bits, which is indicated by the bits of the cipher-text. If each bit is set as a vertex and the correspondence between bits is taken as an edge, the correspondence after each rotation of the 2-order bit-compass can be described as a bipartite graph, depicted in Figure 8. All vertices are on a loop in Figure 8a, which is not the case in Figure 8b. Therefore, it shows that the success of decryption is conditional.

Theorem 1.

(Sufficient conditions for the existence of Euler loop) Undirected graph G = ($V_1$, $V_2$, E) is a 2-regular bipartite graph, and the number of vertices of $V_1$ is the same as that of $V_2$. If the number of vertices of $V_1$ is a prime number, then the undirected graph G has an Euler loop.

Proof of Theorem 1.

Let two integers x and y, and their m bits binary codes are $x_0$, $x_1$, …, $x_{m-1}$ and $y_0$, $y_1$, …, $y_{m-1}$, in which $x_i$, $y_i$ ∈ 0, 1. Figure 9 shows that k = p and q are respectively used to represent the different two rotations of the outer disk of ${\mathrm{BC}}_{4,2}$,. 0 ≤ p ≠ q ≤ m−1, p, q ∈ ℤ +. Let p > q. A 2-regular bipartite graph can be constructed in Figure 9. Let $x_i$ is a bit of x, 0 ≤ i ≤ m − 1. The 2-regular bipartite graph is as follows.

$$x_i\stackrel{\oplus }{\to }{y}_{mod\left(i+p,m\right)}\stackrel{\oplus }{\to }{x}_{mod\left(mod\left(i+p,m\right)-q,m\right)}$$

Since $x_i$ = $x_{mod\left(i,m\right)}$, we have

$$x_{mod\left(mod\left(i+p,m\right)-1,m\right)}=x_{mod\left(mod\left(i+p,m\right)-mod\left(q,m\right),m\right)}=x_{mod\left(i+p-q,m\right)}$$

so

$$x_i\stackrel{\oplus }{\to }{y}_{mod\left(i+p,m\right)}\stackrel{\oplus }{\to }{x}_{mod\left(i+p-q,m\right)}$$

Similarly, we can be obtained

$$x_{mod\left(i+p-1,m\right)}\stackrel{\oplus }{\to }{y}_{mod\left(mod\left(i+p-1,m\right)+p,m\right)}\stackrel{\oplus }{\to }{x}_{mod\left(i+2\left(p-q\right),m\right)}$$

Repeat the above operation to get a circuit.

$$\begin{array}{c}{x}_i\stackrel{\oplus }{\to }{y}_{mod\left(i+p,m\right)}\stackrel{\oplus }{\to }{x}_{mod\left(i+p-q,m\right)}\stackrel{\oplus }{\to }{y}_{mod\left(mod\left(i+p-q,m\right)+p,m\right)}\stackrel{\oplus }{\to }{x}_{mod\left(i+2\left(p-q\right),m\right)}\\ \stackrel{\oplus }{\to }\dots \dots \stackrel{\oplus }{\to }{x}_{mod\left(i+\left(m-2\right)\left(p-q\right),m\right)}\stackrel{\oplus }{\to }{x}_{mod\left(i+\left(m-2\right)\left(p-q\right),m\right)}\stackrel{\oplus }{\to }{y}_{mod\left(mod\left(i+\left(m-2\right)\left(p-q\right),m\right)+p,m\right)}\\ \stackrel{\oplus }{\to }\dots \dots .\stackrel{\oplus }{\to }{x}_{mod\left(i+\left(m-1\right)\left(p-q\right),m\right)}\stackrel{\oplus }{\to }{y}_{mod\left(mod\left(i+\left(m-1\right)\left(p-q\right),m\right)+p,m\right)}\stackrel{\oplus }{\to }{x}_{mod\left(i+m\left(p-q\right),m\right)}\stackrel{\oplus }{\to }{x}_i\end{array}$$

(6)

If m is prime, then $x_{mod\left(i+s\left(p-q\right),m\right)}\ne x_{mod\left(i+t\left(p-q\right),m\right)}$, when $\mathrm{s}\ne t$. It is now easy to show that the loop contains all 2m vertices. Therefore, the loop is an Euler loop (6).  □

A 2-order bit-compass decoding program is provided in Algorithm 4. With the above analysis, the number of bits of integers $x,y$ needs to be primes to successfully realize decoding. After determining the relationship between plaintext bits, all bits can be obtained as long as it is determined that a bit is 0 or 1. In the image encryption algorithm in this paper, we extract the first bit of the outermost disk as the key to realize the successful decoding of the Algorithm 4.

Algorithm 4 Random Integer Sequence

Require: µ ∈ [3.7, 4] ∨$x_0$∈ (0, 1) ∨$R_1$,$R_2$∈ N ∨ times, n ∈ N+ Require:$R{p}_1$,$R_{p2}$is two cipher-text binary sequence of long n.$ke{y}_1$,$ke{y}_2$is rotation angle of outer disk$R_1$,$R_2$. First bit$F_{bit}$,$R_2$of inner disk$R_{p1}$

1   i ⇐ 1; n1 ⇐ n;$R_1$⇐ zeros(1, l); 2 while i < n do 3    $n_2$ ⇐ mod($n_1$ + $ke{y}_1$, n); 4    if $n_2$ == 0 then 5    $n_2$ ⇐ n; 6    end if 7    temp ⇐ mod($n_2$ − $ke{y}_2$, n); 8    if temp == 0 then 9    temp ⇐ 1; 10   end if 11   if $R{p}_1$ ($n_2$) == $R{p}_2$ ($n_2$) then 12    $R_1$ (temp) ⇐ $R_1$ ($n_1$); 13    else 14    $R_1$ (temp) ⇐ $mod(R_1$($n_1$) + 1,2); 15    end if 16    $n_1$ ⇐ temp; i ⇐ i + 1; 17    end while 18 b ⇐ [$R_1$(n − $ke{y}_1$ + 1: n), $R_1$ (1: n − $ke{y}_1$)] 19 $n_2$ ⇐ mod($n_1$ + $ke{y}_1$, n); 20  for i = 1: n do 21   if $R{p}_1$(i) == 1 then 22    $R_2$(i) ⇐ mod(b(i) + 1, 2) 23   else $R_2$(i) ⇐ b(i) 24   end if 25  end for 26 temp ⇐ $R_2$ 27 $R_2$ ⇐ $R_1$ 28 $R_1$ ⇐ $temp$ 29 if $F_{bit}$ == 1 then 30   $R_2$ ⇐ mod($R_1$ + 1, 2); 31   $R_1$ ⇐ mod($R_2$ + 1, 2); 32 end if 33 Output: R $R_1$

5. Proposed Scheme of Image Encryption

In this section, we focus on the application of 2-order bit-compass encryption method in image encryption and decryption, which is called bit-compass image encryption system(BCIES). Encryption is divided into two processes including pixel scrambling and pixel diffusion. The decryption algorithm is reverse of the encryption algorithm.

Pixel scrambling changes the correlation between adjacent pixels, in which using the XOR operation between adjacent pixels is more conducive to pixel diffusion processing. The proposed Algorithm 5 presents the process of pixel scrambling.

Algorithm 5 Pixel Scrambling

R equire: Original image I with size M × N and the vector R longer than M × N

1 k ⇐ 1; 2 for i= 1:M do 3    $for j=1:N do$ 4     if $n_2$ == 0 then 5      $Ir\left(i,j\right)$ ⇐ I(R(k), R(k + 1)); 6    k ⇐ k + 2; 7    end for 8  end for Output Ir

In Algorithm 5, the vector R is given by Algorithm 1. The pixel diffusion part includes image transformation, key generation, and encryption.

• Step 1: Each element of Ir is transformed into an 8-bit binary code to generate $I{b}_{M\times 8N}$ matrix.
• Step 2: Any even number greater than 2 can be written as the sum of two prime numbers [36]. Decompose an even number 8N into the sum of two prime numbers.

  $$8N=c_1+c_2. s.t.argmin\left|c_1+c_2\right|$$

  (7)
• Step 3: Extract the first and ($c_1$ + 1)-th bit from the odd rows of matrix $I{b}_{M\times 8N}$ to construct the matrix $Ib{f}_{\frac{M}{2}\times 2}$. In the decoding process, the first code of the external roulette comes from the matrix $Ib{f}_{\frac{M}{2}\times 2}$.
• Step 4: Keep the order of elements in $Ib{f}_{\frac{M}{2}\times 2}$ unchanged and construct the matrix $Ike{y}_{\frac{M}{16}\times 16}$. The missing number can be replaced by 0.
• Step 5: 16 bits 0 and 1 in each row of matrix $Ike{y}_{\frac{M}{16}\times 16}$ are converted into a decimal integer to generate a key vector key with a length of m¹⁶. The vector key is saved as a key. In later decryption, the first element of the bit compass code and the rotation angle of the outer disk (cyclic shift amount) can be determined from the vector key. The algorithm can refer to Algorithm 6.

  Algorithm 6 Key Generation

  1 Input → The image Ir with size M × N 2: Convert image Ir into 8-bit binary matrix$I{b}_{M\times 8N}$ 3$zeros{I}_k$⇐ [Ib(2: 2: r, 1); Ib(2: 2: r, c1 + 1)]

  4  Ikey ⇐ reshape($zeros{I}_k$, floor(length($zeros{I}_k$)/16), 16) 5 for i = 1: length($zeros{I}_k$)/16 do 6  key(i) ⇐ ConverteIkey(i,:) to decimal integer. 7  end for 8 Output → key

When encrypting an image with the size of M × N by using the 2-order bit-compass coding, if there are four rotation angles per two lines, there will be 2M in total.

• Step 1: Extract $n=lo{g}_{16}^{2M+1}$ elements from key, and use the Algorithm 4 to generate vectors Ekey with length of 2M, where $m=16,n=lo{g}_{16}^{2M+1}$.
• Step 2: The adjacent two rows of the matrix $I{b}_{M\times 8N}$ are encrypted in turn.

After M/2 times of the same encryption, the image encryption is completed. Refer to Algorithm 7.

Algorithm 7 Data Encryption

1 Input → the matrix$I{b}_{M\times 8N}$and the vectors Ekey. 2 while i< M do 3 Select four consecutive numbers from the vector Ekey. The first two modulo operations with$c_1$get $k_1$, $k_2$ and the last two modulo operations with$c_2$get $k_3$, $k_4$;

4  $I_2$ (i + 1, 2: 2: $c_1$) ← abs($I_2$ (i + 1, 2: 2: $c_1$) − 1) 5   $I_2$ (i + 1, $c_1$ + 2: 2: c ∗ n) ←abs($I_2$ (i + 1, $c_1$ + 2: 2: c ∗ n) − 1)/*Change the correlation of adjacent pixels.*/ 6   if $k_1\ne k_2$ then 7  EIB ← The first $c_1$ numbers of i-line and (i + 1)-line of Ib are encrypted by $B{C}_{c_1,c_2}$ and the keys are $k_1$, $k_2$ 8  else EIB ← The first c1 numbers of i-line and (i + 1)-line of Ib are encrypted by $B{C}_{c_1,c_2}$ and the keys are $k_1$, $k_2$ + 1; 9 end if 10   if $k_3\ne k_4$ then 11   EIB ← The first $c_1$ numbers of i-line and (i + 1)-line of Ib are encrypted by $B{C}_{c_1,c_2}$ and the keys are $k_3$, $k_4$ 12  else EIB ← The first c1 numbers of i-line and (i + 1)-line of Ib are encrypted by $B{C}_{c_1,c_2}$ and the keys are $k_3$, $k_4$ + 1; 13   end if 14  i ← i + 2; 15   Delete the first four numbers from the vectors Ekey. 16 end while 17  EI ← Every 8 bits in matrix EIB are converted into a decimal number. 18 Onput → The matrix EI

This encryption method is based on the recoding of two rows of pixels. Due to the high local correlation of the image, the effect of one-time encryption may not be good, so multiple encrypted can be used, or the selection method of two lines can be changed. The decryption algorithm is reverse of the encryption algorithm. Different from encryption, the $B{C}_{m,2}$ in decryption uses Algorithm 4.

6. Results and Analysis

The encryption algorithm runs in a personal computer with a CPU 2.3 GHz and the operating system is Microsoft Windows 10. The program is based on MATLABR2021 platform. The proposed image encryption algorithm has been implemented on 5 benchmark images; the circles image($\mathrm{I}1.{\mathrm{png}}_{256\times 256}$), the cameraman image($\mathrm{I}2.{\mathrm{tiff}}_{256\times 256}$), the concordorthophoto image ($\mathrm{I}3.\mathrm{png}.{\mathrm{png}}_{2215\times 2956}$), the trailer image($\mathrm{I}4.{\mathrm{jpg}}_{256\times 256}$) and the westconcordorthophoto image($\mathrm{I}5.{\mathrm{png}}_{263\times 366}$).The key space, histogram, ${\lambda }^2$ text, correlation coefficient, PSNR, information entropy, GVD, differential attack and speed performance of the algorithm are tested. On the far left in Figure 10a–e are five original images I1, I2, I3, I4, I5 of different sizes. The second of Figure 10a–e is a scrambled image of them. Here µ = 3.8, $x_0$ = 0.49, $R_1$ = 100, $R_2$ = 210, times = 6000, n = 12. The third in Figure 10a–e is encryption image of them respectively. The pixel diffusion operation of the image applies twice 2-order bit-compass. The last image is the decrypted image. The decrypted image here is exactly the same as the original image. Figure 10 shows that the information of any original image cannot be obtained from the encrypted image.

6.1. Key Space

For every encryption system, the key space is very important. The security analysis based on the simulation results are as follows. The key space of the proposed mode image encryption using pixel scrambling and diffusion consist of four key factors. In pixel scrambling, chaotic system needs five initial conditions µ, $x_0$ = 0.49, $R_1$, $R_2$, n. Where number µ, $x_0$ retain four digits after the decimal point, and there are at least 108 different choices. If n = 12, 12-bit integers $R_1$ and $R_2$ have at most 224 different choices. In pixel diffusion, the number of first bits extracted from plaintext images with different sizes is also different. The number of bits increases with the length of size that is determined by the image size and the times of encryption. The length of one-time encryption key of image $I_{M\times N}$ is $\frac{M\times 2}{2}$. According to this formula, the key length generated by p-time of the encryption is $2^{M\times p}$.

Table 1. Key space.

Image	The Total Key Space2
$\mathrm{I}1.{\mathrm{png}}_{256\times 256}$	108 × 224 × 2256 × 2
$\mathrm{I}2.{\mathrm{tiff}}_{256\times 256}$	108 × 224 × 2256 × 2
$\mathrm{I}3.\mathrm{png}.{\mathrm{png}}_{2215\times 2956}$	108 × 224 × 22956 + 2215
$\mathrm{I}4.{\mathrm{jpg}}_{256\times 256}$	1 (108 × 224 × 2256 × 2)3
$\mathrm{I}5.{\mathrm{png}}_{263\times 366}$	108 × 224 × 2256 + 366

¹ The three channels(RGB) of the image are encrypted respectively.

presents the total key space of the proposed algorithm of the above five images. With the increase of encryption times, the total key space will also increase. The total key space of the proposed algorithm is 2^16×16(>2¹²⁸), which protects brute-force attacks efficiently [17].

6.2. Histogram Analysis

Histogram is used to describe the pixel distribution of image. Image encryption algorithm should ensure that the pixel distribution of different encrypted images is uniform, that is, their probability of occurrence is equal. Figure 11 shows the histogram analysis results of our algorithm. The upper figure of Figure 11 is the histogram of the original image, and the below of Figure 11 is the histogram of the encryption image. The second line of Figure 11 shows that compared with the histogram of the plaintext image, the histogram of the cipher-text image is very uniform, with significant differences, which makes it difficult for attackers to analyze the information of the cipher-text image through statistical methods.

6.3. The ${\lambda }^2$ Text

Similar to histogram, ${\lambda }^2$ test is another method used to evaluate the uniformity of pixel value distribution of encrypted images. The small value of the ${\lambda }^2$ indicates a better uniformity of pixel distribution. For a confidence level α = 0.05, the ${\lambda }^2$ value should not be greater than 295.25 [37]. The smaller the variance, the higher the uniformity of image pixels, and the better the diffusion effect in the encryption algorithm [38,39]. The following Formula (8) is used to calculate the ${\lambda }^2$ value of an image with 256 Gy-levels [37]:

$${\lambda }^2={\displaystyle \sum }_{i=0}^{255}\frac{{\left(n_i-\frac{n}{256}\right)}^2}{\frac{n}{256}}$$

(8)

$$var\left(I\right)=\frac{1}{2n}{\displaystyle \sum }_{i=0}^n{\displaystyle \sum }_{j=0}^n{\left(x_i-x_j\right)}^2$$

(9)

where n is the number of all the pixels in an image, n_i is the occurrence frequency of gray level i, i ∈ {0, 1,…, 255}. Here,$x_i$ and $x_j$ are the numbers of pixels in which gray values are equal to i and j. Compared with algorithm of Refs [13,40], the ${\lambda }^2$ and variance of the proposed algorithm are better, as shown in

Table 2. ${\mathsf{\lambda }}^2$ and $\mathrm{var}$.

Image	Original		BCIES		Ref [40]		Ref [13]
	${\mathit{\lambda }}^{\mathbf{2}}$	$\mathit{v}\mathit{a}\mathit{r}$	${\mathit{\lambda }}^{\mathbf{2}}$	$\mathit{v}\mathit{a}\mathit{r}$	${\mathit{\lambda }}^{\mathbf{2}}$	$\mathit{v}\mathit{a}\mathit{r}$	${\mathit{\lambda }}^{\mathbf{2}}$	$\mathit{v}\mathit{a}\mathit{r}$
I1	1.097 × 107	2.119 × 104	266.2	312.2	289.4	453.2	290.3	1022.3
I2	1.102 × 105	1.089 × 105	242.9	240.8	277.7	543.1	277.9	729.5
I3	5.635 × 106	5.630 × 108	287.1	7974.6	290.2	8472.7	1075.4	121,821.5
I4	8.769 × 104	2.631 × 105	223.9	717.9	278.2	1206.3	* -	-
I5	3.427 × 104	6.938 × 104	252.6	513.6	254.1	723.1	289.3	1295.6

* The encryption method of color image is not given in Ref [13].

. We can draw another conclusion: the variance of the five images is smaller than that of the original image. The minimum variance of the original image is about 2.1193 × 10⁴, while the minimum variance of the password image decreases to about 7974.6, which shows that the histogram distribution of the password image is evenly distributed, and our algorithm is highly secure. In the scheme proposed in the paper, the average value of the ${\lambda }^2$ is only 254.5, which is lower than that of Refs [13,40].

6.4. Correlation Coefficient Text

Usually, the adjacent pixels of the original image have high correlation, which will cause its adjacent (horizontal, vertical, or diagonal) pixel values to have strong similarity. Therefore, excellent image encryption algorithms should try their best to eliminate these correlations. In general images, each pixel and its adjacent pixels will show high correlation. Encryption algorithm has the stronger ability to resist attack if the correlation between adjacent pixels of cipher-text image is lower. The correlation coefficient is calculated as [40]:

$$\begin{array}{c}cov\left(x,y\right)=\frac{E((x-E\left(x\right)\left(y-E\left(y\right)\right)}{\sqrt{var\left(x\right)var\left(y\right)}},E\left(x\right)=\frac{1}{n}{\displaystyle \sum _{i=0}^n}{x}_i, var\left(x\right)\\ =\frac{1}{n}{\displaystyle \sum _{i=0}^n}{(x_i-E\left(x\right))}^2\end{array}$$

(10)

where, $cov\left(x,y\right)$ is the covariance of $x$ and $y$, $E\left(x\right)$ and $var\left(x\right)$ are the expectation and variance of the variable $x$, respectively. The comparison results show the superiority of the algorithm. $n$ is the total number of pixels chosen from the image. To illustrate the correlation, randomly select 10,000 pairs of pixels adjacent to the cipher-text image and their distribution is plotted in Figure 12, Figure 13, Figure 14, Figure 15 and Figure 16. As the figures show, the distributions of original image are close to line $y$ = $x$ due to the correlation between adjacent pixels. However, the distribution of the cipher-text image spreads to the whole plane.

Table 3. Comparison of correlation coefficients between two adjacent pixels.

Image	Original			Bcies			Ref [40]			Ref [13]
	$H$	$V$	$D$	$H$	$V$	$D$	$H$	$V$	$D$	$H$	$V$	$D$
I1	0.9520	0.9612	0.9643	0.0102	0.0180	0.0126	0.0012	0.0332	−0.0214	0.0010	0.0014	0.0081
I2	0.9632	0.9323	0.9129	0.0070	−0.0078	0.0034	−0.0841	0.0103	0.0064	0.0131	0.0039	0.0056
I3	0.9078	0.9073	0.8430	0.0120	0.0102	−0.0206	0.0237	0.0100	0.0081	0.0060	−0.0092	0.0044
I4	0.9408	0.9399	0.9338	−0.0171	0.0062	0.0023	−0.0037	0.0106	0.0085	-	-	-
I5	0.8743	0.9200	0.8446	0.0027	−0.0078	0.0016	0.0083	−0.0127	0.0027	0.0065	−0.0109	0.0028

presents the correlation coefficient results of three groups of original and encrypted images along all the directions. The results show that the encrypted images coefficient is close to 0. Compared with the high correlation coefficient in the original image, the proposed algorithm strongly resists statistical attack. We can also find that with the increase of pixel diffusion times, the correlation coefficient is closer to 0. The comparative test results are given in the Table 3, which shows that the value of the algorithm in this paper is closer to 0 compared with similar encryption algorithms of Refs [13,40].

6.5. Peak Signal-to-Noise Ratio

Peak signal-to-noise ratio (PSNR) is often used as a measurement method of signal reconstruction quality in image compression and other fields. It is often simply defined by mean square error (MSE) [41]:

$$MSE=\frac{1}{M\times N}{\displaystyle \sum }_{i=1}^M{\displaystyle \sum }_{j=1}^N{(I\left(i,j\right)-EI\left(i,j\right))}^2, PSNR=20\times log\frac{{255}^2}{\sqrt{MSE}}$$

(11)

where, I and EI represent plain and ciphered images. The average PSNR results of proposed system is 8.7317 for image I2, I3, I4, I5 shown in

Table 4. $\mathrm{Entropy}$, $\mathrm{GVD},$ and $\mathrm{PSNR}$ comparison of different method.

Image	BCIES			Ref [40]			Ref [13]
	Entropy	GVD	PSNR	Entropy	GVD	PSNR	Entropy	GVD	PSNR
I1	7.9999	0.9976	51.1714	7.9645	0.9231	55.2192	7.9951	0.9122	51.9992
I2	7.9972	0.9263	8.324	7.9130	0.9111	8.6530	7.9014	0.9862	8.3452
I3	7.9997	0.9493	9.5822	7.9968	0.9298	9.4089	7.9921	0.8907	9.4582
I4	7.9991	0.9295	8.1895	7.9903	0.9029	0.9875	-	-	-
I5	7.9985	0.8953	8.7628	7.9977	0.8929	8.9982	7.9900	0.9145	8.7322
Average	7.9989	0.9396	-	7.9559	0.9234	-	7.9697	0.9259	-

that is equal to rest of the Refs [13,40]. I1is a binary image, so its PSNR is a little higher.

6.6. Information Entropy

Image information entropy refers to the degree of confusion of pixels. Entropy analysis is a mathematical criterion, which determines the level of randomness of an image. The randomness of encrypted images will improve the security of image information. Therefore, the information entropy is very useful for analyzing the randomness of encryption algorithm. In the following equation:

$$MSE=-{\displaystyle \sum }_{i=0}^{n-1}p\left(x_i\right)lo{g}_2\left(\frac{1}{p\left(m_i\right)}\right)$$

(12)

where, n is the number of different pixels, and $p\left(x_i\right)$ denotes the probability of the occurrence of pixel value $x_i$. The Entropy($x$) of the encrypted image at 256 Gy-level should be infinitely close to 8. The information entropies for different encrypted images are measured and average value 7.9989 is also showed in the last row of Table 4. The comparison of entropies clearly indicates that proposed system has good entropies with Refs [13,40].

6.7. Gray Value Distribution

The gray value distribution (GVD) is the distribution of gray value of gray image. GVD will be 0 if two images are completely same or else 1. Suppose that the size of the original image I is M × N; hence, GVD is described by following expression [42]:

$$\begin{array}{c}GVD\left(I,EI\right)=-\frac{{\sum }_{i=2}^{M-1}{\sum }_{i=2}^{N-1}\left(G{N}_I\left(i,j\right)-G{N}_{EI}\left(i,j\right)\right)}{{\sum }_{i=2}^{M-1}{\sum }_{i=2}^{N-1}\left(G{N}_I\left(i,j\right)+G{N}_{EI}\left(i,j\right)\right)}\\ G{N}_I\left(i,j\right)=\frac{{\sum }_{\left(i^{\prime },j^{\prime }\right)}{(I\left(i,j\right)-I\left(i^{\prime },j^{\prime }\right))}^2}{4}\\ G{N}_{EI}\left(i,j\right)=\frac{{\sum }_{\left(i^{\prime },j^{\prime }\right)}{(EI\left(i,j\right)-EI\left(i^{\prime },j^{\prime }\right))}^2}{4}\\ G\left(i^{\prime },j^{\prime }\right)\in \left\{\left(i+1,j\right),\left(i-1,j\right),\left(i,j+1\right),\left(i,j-1\right)\right\}\end{array}$$

(13)

There, EI is a cipher-text image, ($i_0$, $j_0$) are neighborhood gray value of ($i,j$)-pixel. The GVD of encrypted images of I1, I2, I3, I4 and I5 is given in Table 4 and average is 0.9369, which is very close to 1. The GVD score is comparable to Refs [13,40].

6.8. Differential Attack Analysis

Differential attack analysis is a method for attackers to extract encrypted data by slightly changing the input data and considering the change of output. Usually, the opponent utilizes monochromatic images as special original images to attack the encryption algorithms, for the first pixel of the special image which is regularly arranged, and the attacker may get the secret keys and make the algorithm invalid. The Figure 17 shows the experimental result of white and black images. Only one pixel of the full black image is modified and re encrypted. The encryption result is shown in Figure 18. It can be seen that the difference between the encrypted images is very obvious.

At the same time, we also draw horizontal, vertical, and diagonal adjacent pixels of the cipher-text Image, so the proposed algorithm can resist statistical attacks.

6.9. Speed Performance

The time complexity of the algorithm is evaluated for several images of different sizes. The results are shown in

Table 5. The time complexity comparison of different method.

Image	BCIES		Ref [40]		Ref [13]
	Encryption	Decryption	Encryption	Decryption	Encryption	Decryption
I1	0.52	0.42	1.12	0.99	0.72	0.43
I2	1.62	1.20	1.66	1.13	3.12	3.14
I3	15.00	12.34	16.26	16.43	30.11	28.09
I4	5.35	5.11	8.01	8.43	-	-
I5	2.01	2.21	3.12	3.14	4.01	3.05

which illustrate that the time complexity of the proposed scheme is similar to Refs [13,40] in images with same length and width, however have superiority on images with different length and width.

7. Conclusions

This paper mainly solves the problem of random integer generation based on chaos and the problem of encoding and decoding of 2-order bit compass. The bit shift XOR operation of input and output enhances the randomness of integer sequence in chaotic system. The precision of random integers can be set by parameters in this scheme. This pseudo-random integer sequence provides a basis for image pixel scrambling. The second research content is disc coding based on bit rotation shift and XOR operation. The inner and outer discs of disc coding are composed of every two rows of elements of image pixels to complete the diffusion of pixels. In diffusion processing, the bit shift value as the key comes from the plaintext image, and the cipher-text image can effectively hide the key to ensure the security of the key.

Experiment results of five different types of original images illustrate that the proposed algorithm has good encryption results and may be applied for encrypting all kinds of images, such as, gray image, color image, and binary image of different sizes. In addition, we have made the security analyses on key space, key sensitivity, histogram, information entropy, correlation, the peak signal-to-noise ratio, differential attack, and gray value distribution. Compared with existing schemes, the proposed scheme has more advantages in information entropy, correlation, gray value distribution, peak signal-to-noise ratio, computation, and complexity.

The algorithm proposed in the paper has two limitations, which limit the operation speed. In image encryption, 2-order bit compass can only encrypt two lines of data at a time. The other is that pixel diffusion may be performed twice or more.

We mainly propose the random integer generation and 2-order bit compass. In the generation of integer sequences in chaotic systems, the larger the integer range, the better the random performance of the sequences. Nevertheless, this property will reduce the computational efficiency. The 2-order bit compass can effectively apply the diffusion of image pixels. However, the encryption of the 2-order bit compass can only process two lines of the image at a time. If the compass order is increased, the operation speed will be faster and the pixel diffusion effect will be better. Our main research directions are smaller range random integer sequence and the high-order bit compass decoding method in the future.