Securing Images using Bifid Cipher associated with Arnold Map

Abstract

In this paper, a scheme for image data security is designed by using Bifid cipher and Arnold map. The conventional 2D-Bifid cipher is changed to handle the encryption and decryption of color images. Further, a block-based method is realized using Arnold map to encrypt and decrypt the image data of square as well as non-square sizes. The proposed scheme is constructed on a widely adopted cryptographic framework, i.e., substitution-permutation design, where Bifid cipher-based scheme acts as a substitution layer and Arnold map-based scheme acts as a diffusion layer. The designed scheme has a huge key space with key sensitivity not only to accurate keys but also to their accurate orders. The practicability and performance of the designed scheme is validated by conducting a detailed analysis along with a comparative study. This paper contributes to a simple, efficient and secure image encryption method, which outperforms to the related works.

Keywords

Image security Image encryption Image decryption Bifid cipher Arnold map

1. Introduction

In the present time of digital and internet technology, it is ever challenging and utmost required to keep the data safe from unauthorized entities. The encryption techniques, being evolved under the subject of Cryptography, provides the confidentiality of data assuming the presence of an eavesdropper. The techniques of encryption span a wide range, i.e., conventional to specialized,² depending on different data types, formats, security needs and applications etc. Due to huge growth in using the image data in digital communication, images are considered an important data type, and hence, their security becomes a topic of major concern, which is to be addressed actively.

The image encryption methods are being widely developed for various security requirements and applications. In the literature, various design strategies, obtained by combining different design primitives, are considered in determining the image encryption schemes. Arnold map¹ is one of the important primitives used commonly in design of several novel and robust methods for image data security. The image encryption methods^{3,5,7–12,14–17,19–23,27,28} have been developed using either Arnold map or Arnold map in conjunction with other design elements.

Liu et al.¹⁰ presented an optical scheme by Arnold transform and Gyrator map, where Arnold transform is used to scramble several sub-images formed by separating the amplitude and phase of Gyrator transform. Further, Liu et al.¹¹ defined an another scheme where Arnold map is associated with discrete fractional angular transform to encrypt the image data. In their scheme, Arnold map is used for diffusion of data at local area of complex function having amplitude and phase treated as two separate images. In,⁹ Li et al. considered Arnold map-based image encryption scheme for images of any size. Zhu et al.²⁸ designed a scheme for image data security by using Arnold map and Affine cipher. In their scheme, a bit-level scrambling is achieved where each pixel is first converted into 8-bits and then position of bits is changed by Arnold transform. Zhou et al.²⁷ presented an encryption scheme for image data by discrete fractional random transform and compressive sensing. In,⁸ Kumar and Sharma presented a scheme for images by using Arnold map and Two-square cipher. They modified conventional Two-square cipher for images, and designed a block-based method for Arnold map. Rawat et al.¹⁷ used compressed sensing approach to reduce the dimension of input image followed by encryption with double random phase encoding and Arnold transformation.

Vaish and Kumar²² defined a secure scheme for images using three primitives, namely, Multi-resolution Singular Value Decomposition, Discrete Wavelet and Arnold transform, where encryption keys as well as arrangements matter for correct decryption. Mishra et al.¹⁵ defined a method for image security after combining Arnold map with two dimensional discrete fractional Fourier transform. In,⁷ Kang et al. homogenized the coupling of Chebyshev and Arnold map to introduce Homogenized Chebyshev-Arnold map (HCAM), which was further used to design a scheme for images along with hash algorithms and Random Chaotic Matrix Transform. Sneha et al.¹⁹ determined a method for image security using Tent map and Arnold map ensuring permutation and diffusion of image pixels. Guleria and Mishra⁵ designed an image encryption scheme by combining Arnold transform with Diffie-Hellman key exchange and fractional discrete cosine transform. Mansouri and Wang¹⁴ considered to improve the generalized Arnold map by proposing shuffled Arnold map as obtained by divide and rotate, and pixels shuffling processes. The proposed Arnold map in single round provides confusion, which is followed by integer value manipulation for diffusion. Wu et al.²³ have used Arnold map for both confusion as well as diffusion of image pixels. In their scheme, first the positions corresponding to every input image pixel is computed using one Arnold map. Then, second Arnold map scrambles the pixels at two corresponding positions. Recently, Vaish²¹ proposed a secure encryption scheme for images using confusion and permutation framework, where Sine-powered chaotic map confuses the pixels and Arnold transform in Stockwell domain is applied for diffusion.

This paper aims to construct a new image encryption scheme having good security against statistical and cryptanalytical attacks, and also withstanding to the simplicity and practical efficiency for real-time use. Further, the scheme is also aimed to have key sensitivity not only to accurate keys but also to their accurate orders. As identified by the Claude Shannon, confusion and diffusion are two important properties in operations of a secure encryption system. Confusion aims to dissipate the relationship between key and cipher, whereas diffusion is for dissipating the relationship between plain and cipher. Due to simplicity in operations, it is proposed to use a suitably modified classical cryptographic primitive for confusion and Arnold map for diffusion.

There are several simple and efficient primitives from the classical cryptography, which are worth to explore and suitably be modified for using in image data security. In this paper, Bifid cipher, a classical cryptography primitive, is explored for its use in image encryption. The traditional 2D-Bifid cipher is modified to work for image data and ensuring confusion with proper security. There are several methods which utilize Arnold map for defining the security of image data. However, in most of these methods, key sensitivity or correct decryption is limited to only accurate keys. Further, many methods have found limitation to the image size, i.e., square sized images only, and also lack in analyzing their scheme extensively against statistical and cryptanalytical attacks. Thus, in this paper, a block-based scheme using Arnold map is considered for ensuring the diffusion of image pixels without the said limitations.

The modified Bifid cipher is combined with Arnold map-based scheme to determine a new, simple, secure and efficient image encryption scheme. The proposed scheme is examined for its practicability and security by simulating and analyzing against statistical as well as cryptanalytical attacks. The designed scheme has a vast key space with key sensitivity both to accurate keys as well as to their accurate arrangements. The designed scheme demonstrates security against statistical as well as cryptanalytical attacks. Furthermore, the comparison of designed scheme with the related works shows its superiority.

This paper contributes to determine a novel image security method, which is simple, secure and efficient. Section 2 presents a brief description of the traditional 2D-Bifid cipher as well as Arnold map. Section 3 proposes the procedure for image encryption and decryption using Bifid cipher associated with Arnold map. The simulation results of the designed scheme are demonstrated in Section 4. Section 5 presents the results for performance and security of designed scheme. Section 6 discusses the comparative analysis with related works. Finally, the wind up remarks are brought in Section 7.

2. Bifid cipher and Arnold map

In this section, traditional 2D-Bifid cipher method is briefly discussed along with Arnold map.

2.1. 2D-Bifid cipher

In 1901, Felix Delastelle invented the Bifid cipher,⁶ a digraphic cipher belonging to the class of substitution cipher systems. Bifid cipher combines the Polyabus square with the transposition and uses fractionation. A square of size $5 \times 5$ , which consists alphabets normally I and J sharing position, is used as key (Polyabus key) for encryption and decryption. Table 1 shows the example of a Bifid key square.

Table 1
An example of Bifid key square.

1 2 3 4 5

1 A D N Y G

2 P L M T Q

3 H K W O I

4 R X E V B

5 C S F U Z

	1	2	3	4	5
1	A	D	N	Y	G
2	P	L	M	T	Q
3	H	K	W	O	I
4	R	X	E	V	B
5	C	S	F	U	Z

The following procedure is adopted in Bifid cipher to encrypt a message using Bifid key square. Step 1:

Message is broken into blocks as per the chosen fixed length, called period.

Step 2:

Coordinates for each letter in each block are read from key square, and written underneath.

Step 3:

A sequence of numbers is formed after reading the blocks from left to right (the fractionating step), where the top row of each block is followed by the bottom row.

Step 4:

Sequence is enciphered from left to right after reading the numbers in pairs and substituting the corresponding letter from key square.

The message can be decrypted by adopting the reverse procedure. Figure 1 shows an example of text encryption using Bifid cipher with period 5.

For a fixed period, total possible Bifid ciphers are smaller than total possible distinct key squares, since the key square will yield the same cipher if same permutation operations are performed on both rows and columns. The distinct number of key squares and their corresponding Bifid ciphers¹³ result to $n^{2}!$ and $\frac{n^{2}!}{n!}$ , respectively, where $n^{2}$ represents the size of the alphabet used. In,¹³ based on statistical analysis, some known plaintext and ciphertext only attacks on Bifid cipher are mentioned.

Fig. 1.

An illustration of text encryption using Bifid cipher.

2.2. Arnold map

Arnold map¹ has been extensively applied for encrypting and decrypting the image data. For an image having size $M \times M$ , Arnold map permutes the pixels using a matrix transformation defined by

\begin{aligned} [\begin{matrix} r^{'} \\ s^{'} \end{matrix}] = [\begin{matrix} 1 & 1 \\ 1 & 2 \end{matrix}] [\begin{matrix} r \\ s \end{matrix}] (mod M) \end{aligned}

(1)

In using Arnold map for one iteration, the image pixel at the location

(r, s)

shifts to an another location

(r^{'}, s^{'})

, where

r, s \in {0, 1, 2, \dots, M - 1}

. For fixed

M ⩾ 2

, Arnold map has periodicity as mentioned in Table 2. The period of Arnold map⁴ can be approximated as bounded by

\frac{M^{2}}{2}

. In encrypting the image data using Arnold map, it requires applying Arnold map for several iterations, where the iteration number is always selected lesser than the Arnold map period and is kept secret as a key value.

Table 2

Arnold map period ( $T_{M}$ ) for few values of M.

M	$T_{M}$	M	$T_{M}$	M	$T_{M}$	M	$T_{M}$
3	4	25	50	100	150	150	300
4	3	32	24	125	250	256	192
5	10	64	49	128	96	512	384

3. The proposed scheme

The designed scheme has a substitution-permutation structure consisting of two phases, where each phase uses application of Bifid cipher as the substitution layer and Arnold map as the diffusion layer.

Fig. 2.

Procedure for updating Bifid key with plain image data.

3.1. Bifid cipher-based proposed scheme for images

To apply 2D-Bifid cipher for images, the traditional way of encrypting a plaintext in English is extended to function on the image pixels, which range from 0 to 255. Further, to strengthen the security of the Bifid ciphering process on images, and resistance against cryptanalytical attacks, the method is proposed to be implemented in cipher chaining mode so that it incorporates high sensitivity of keys and their arrangements.

A gray-level image or each color components (i.e., red, green and blue) of a color image can be represented using a 2D-matrix having values from 0 to 255. Thus, to extend the Bifid cipher for images, the Bifid key square or Bifid key (say $B K$ ) is required to be represented by a $16 \times 16$ matrix, which has different values from ${0, 1, \dots, 255}$ . An example of Bifid key for images is shown as follows.

\begin{aligned} B K = [\begin{array}{cccccccccccccccc} 60 & 46 & 32 & 18 & 4 & 246 & 232 & 218 & 188 & 174 & 160 & 146 & 132 & 118 & 104 & 90 \\ 91 & 61 & 47 & 33 & 19 & 5 & 247 & 233 & 219 & 189 & 175 & 161 & 147 & 133 & 119 & 105 \\ 106 & 76 & 62 & 48 & 34 & 20 & 6 & 248 & 234 & 204 & 190 & 176 & 162 & 148 & 134 & 120 \\ 121 & 107 & 77 & 63 & 49 & 35 & 21 & 7 & 249 & 235 & 205 & 191 & 177 & 163 & 149 & 135 \\ 136 & 122 & 92 & 78 & 64 & 50 & 36 & 22 & 8 & 250 & 220 & 206 & 192 & 178 & 164 & 150 \\ 151 & 137 & 123 & 93 & 79 & 65 & 51 & 37 & 23 & 9 & 251 & 221 & 207 & 193 & 179 & 165 \\ 166 & 152 & 138 & 108 & 94 & 80 & 66 & 52 & 38 & 24 & 10 & 236 & 222 & 208 & 194 & 180 \\ 181 & 167 & 153 & 139 & 109 & 95 & 81 & 67 & 53 & 39 & 25 & 11 & 237 & 223 & 209 & 195 \\ 196 & 182 & 168 & 154 & 124 & 110 & 96 & 82 & 68 & 54 & 40 & 26 & 252 & 238 & 224 & 210 \\ 211 & 197 & 183 & 169 & 155 & 125 & 111 & 97 & 83 & 69 & 55 & 41 & 27 & 253 & 239 & 225 \\ 226 & 212 & 198 & 184 & 170 & 140 & 126 & 112 & 98 & 84 & 70 & 56 & 42 & 12 & 254 & 240 \\ 241 & 227 & 213 & 199 & 185 & 171 & 141 & 127 & 113 & 99 & 85 & 71 & 57 & 43 & 13 & 255 \\ 0 & 242 & 228 & 214 & 200 & 186 & 156 & 142 & 128 & 114 & 100 & 86 & 72 & 58 & 28 & 14 \\ 15 & 1 & 243 & 229 & 215 & 201 & 187 & 157 & 143 & 129 & 115 & 101 & 87 & 73 & 59 & 29 \\ 30 & 16 & 2 & 244 & 230 & 216 & 202 & 172 & 158 & 144 & 130 & 116 & 102 & 88 & 74 & 44 \\ 45 & 31 & 17 & 3 & 245 & 231 & 217 & 203 & 173 & 159 & 145 & 131 & 117 & 103 & 89 & 75 \end{array}] \end{aligned}

Further, to introduce the security against attack based on plaintext-ciphertext pairs, Bifid key is updated with values derived from the plain data, i.e., the hash of plain data. The procedure to update the Bifid key is depicted in Figure 2. First, the n-bytes hash digest of plain data (image) is calculated by a cryptographic hash method. The hash digest is used to update the Bifid key using substitution and permutation operations performed for each byte of the hash value. In substitution operation, each value of Bifid key is substituted with another value obtained by XORing it with the hash byte X. This is followed by permuting the values of Bifid key square using Arnold map with iteration number determined by three LSB bits of byte X added with some constant (added to avoid non-zero iteration number).

The updated Bifid key functions as secret key while encrypting and decrypting the data. The encryption and decryption procedure using Bifid cipher are termed as Bifid Cipher Image Encryption (BCIE) and Bifid Cipher Image Decryption (BCID), respectively. BCIE is proposed as follows.

Input:
Updated Bifid key $B K$ and Plain Image P of size $h \times w$ .
Output:
Encrypted image C.

$A l g o r i t h m$ .
Step 1:
Choose the first order to read pixels from input image P, i.e., $e_{1}$ (either row-wise or column-wise)
Step 2:
Once $e_{1}$ (row-wise/ column-wise) is decided, choose the second order to read pixels, i.e., $e_{2}$ (either first-odd-then-even or first-even-then-odd)
Step 3:
Choose an $I V$ (8-bit)
Step 4:
Start reading row/ column from image matrix P depending upon order $e_{1}$ and $e_{2}$ in increasing order of indices, i.e., $1 ⩽ r o w ⩽ h$ and $1 ⩽ c o l u m n ⩽ w$
Step 5:
For each read row/ column, say having pixel values $p_{1}, p_{2}, \dots, p_{n}$ , obtain its encrypted values $c_{1}, c_{2}, \dots, c_{n}$ by performing Steps 6 to 8
Step 6:
For each pixel $p_{i}$ ( $1 ⩽ i ⩽ n$ ), find its coordinates, say $(x_{i}, x_{n + i})$ , from $B K$ , and write underneath each coordinate such that above and below appears the first and second value of coordinate, i.e., $x_{i}$ and $x_{n + i}$ , respectively, as shown below
$\begin{aligned} \begin{matrix} x_{1} x_{2} & \dots & x_{n - 1} & x_{n} \\ x_{n + 1} x_{n + 2} & \dots & x_{2 n - 1} & x_{2 n} \end{matrix} \end{aligned}$
(2)

Step 7:
Construct a sequence of numbers by reading the written coordinates (Eq. (2)) from left-to-right such that top row is followed by bottom row, i.e.,
$\begin{aligned} x_{1} x_{2} \dots x_{n - 1} x_{n} x_{n + 1} x_{n + 2} \dots x_{2 n - 1} x_{2 n} \end{aligned}$
(3)

Step 8:
From the sequence (Eq. (3)), read the numbers in non-overlapping pairs from left-to-right, and encrypt each pair of numbers $x_{2 i - 1} x_{2 i}$ to $c_{i}$ using $I V$ as follows
$\begin{aligned} c_{i} = B K (x_{2 i - 1}, x_{2 i}) \oplus I V, where I V is updated as I V = c_{i} \oplus c o u n t e r for 2 ⩽ i ⩽ n \end{aligned}$
(4)
Here, $B K (x_{2 i - 1}, x_{2 i})$ represents the value at $x_{2 i - 1}$ row and $x_{2 i}$ column of $B K$ . Further, $c o u n t e r$ represents a 8-bit number, which starts from 1 and is incremented by 1 for each pixel encrypted
Step 9:
Repeat Step 5 until all the rows/ columns are encrypted

Adopting the reverse procedure (BCID), the decrypted version of the image C can be obtained. The procedure can be detailed as below.
Input:
$I V$ , key parameters $B K$ , $e_{1}$ , $e_{2}$ and Cipher Image C of size $h \times w$ .
Output:
Decrypted image P.

$A l g o r i t h m$ .
Step 1:
Read row/ column from C depending upon order $e_{1}$ and $e_{2}$ in increasing order of indices, i.e., $1 ⩽ r o w ⩽ h$ and $1 ⩽ c o l u m n ⩽ w$
Step 2:
For each read row/ column, say having pixel values $c_{1}, c_{2}, \dots, c_{n}$ , obtain its decrypted values $p_{1}, p_{2}, \dots, p_{n}$ by performing Steps 3 to 5
Step 3:
Obtain $p_{i}^{'} = c_{i} \oplus I V$ for $1 ⩽ i ⩽ n$ , where $I V$ is updated as $I V = c_{i} \oplus c o u n t e r$ for $2 ⩽ i ⩽ n$ . Here, $c o u n t e r$ is a 8-bit number having initial value 1 and incremented by 1 for each pixel decrypted
Step 4:
For each $p_{i}^{'}$ ( $1 ⩽ i ⩽ n$ ), find its coordinates, say $(x_{2 i - 1}, x_{2 i})$ , from $B K$ , and construct a sequence as below
$\begin{aligned} x_{1} x_{2} \dots x_{n - 1} x_{n} x_{n + 1} x_{n + 2} \dots x_{2 n - 1} x_{2 n} \end{aligned}$
(5)

Step 5:
From the sequence (Eq. (5)), obtain the decrypted value $p_{i}$ as
$\begin{aligned} p_{i} = B K (x_{i}, x_{n + i}) for 1 ⩽ i ⩽ n \end{aligned}$
(6)

Step 6:
Repeat Step 3 until all the rows/ columns are decrypted

The encryption orders $e_{1}$ , $e_{2}$ and Bifid key are the secret keys in the Bifid cipher-based proposed construction.
3.2. Proposed Arnold map-based scheme for images

For encrypting and decrypting the images of any size, a block-based approach is considered for encryption and decryption using Arnold map.

For an image (say of size $h \times w$ ), the proposed method initially realizes the input image into a square block of size $N \times N$ , where $N = ⌊ \sqrt{h w}$ . The square-sized block of image pixels is realized by considering one out of four different orders to read the image pixels, i.e., left-to-right and top-to-bottom, left-to-right and bottom-to-top, right-to-left and top-to-bottom and right-to-left and bottom-to-top. Then, the square-sized block is encrypted using the Arnold map with an iteration key γ. Further, the encrypted block is substituted against the original image pixels in accordance with the chosen order. In the proposed procedure, the order and the iteration number γ are secret keys. In the proposed construction using Arnold map, by dividing the square-sized block, which is processed in each phase, into multiple non-overlapping blocks and having different iteration keys for each block, an additional security can be provisioned.

Let $γ^{i}$ and $D^{i}$ denote the iteration number and order selected during phase i, respectively, where $1 ⩽ i ⩽ 2$ . As the size of square block is considered floor function of square root of the product of dimension of the given image, few pixels of given image might not be processed by Arnold map at phase 1. Thus, to ensure that all the pixels are once processed with Arnold map, the order at phase 2 may be chosen different from the order at phase 1, i.e., if $D^{1} =$ left-to-right and top-to-bottom then $D^{2} =$ left-to-right and bottom-to-top. Further, during each phase, iteration number is to be considered smaller than the Arnold map period, i.e., $γ^{i} \in (1, T_{M})$ for $1 ⩽ i ⩽ 2$ .

Fig. 3(a) and Fig. 3(b) illustrate the proposed block-based method for encrypting and decrypting the images by Arnold map, called as AMIE and AMID, respectively. Decryption process can be performed assuming the inverse-Arnold map.

3.3. Combined scheme for images using Bifid cipher and Arnold map

The scheme is proposed to operate in two phases to have good confusion and diffusion of data using the procedure defined based on Bifid cipher and Arnold map. In each phase, the Bifid cipher operations are followed by the Arnold map processing. Fig. 4(a) and Fig. 4(b) depict proposed encryption and decryption method for images using Bifid cipher and Arnold map, termed as BCAMIE and BCAMID, respectively. In each phase, different set of key parameters for processing by Bifid cipher and Arnold map can be selected.

To encrypt any color image by the proposed scheme, first it is decomposed into different color channels (Red, Green and Blue). Further, each channel is encrypted or decrypted by applying the designed encryption (BCAMIE)/ decryption (BCAMID) procedure. Subsequently, encrypted/ decrypted color channels are merged together to arrive the encrypted/ decrypted image.

Fig. 3.

Block-based method for images with Arnold map: a. Encryption method; b. Decryption method.

Fig. 4.

Layout of the proposed method: a. Encryption method; b. Decryption method.

Fig. 5.

Simulation results: (a) original image; (b) ciphered image; (c) image decrypted using accurate keys and accurate orders; (d) image decrypted with inaccurate Bifid key (approximated) ; (e) image decrypted with inaccurate order $e_{1}^{1} = column-wise$ in phase 1; (f) image decrypted with inaccurate order $e_{2}^{1} = first-even-then-odd$ in phase 1; (g) image decrypted with inaccurate order $D^{1} = left-to-right and bottom-to-top$ in phase 1; (h) image decrypted with approximated iteration key $γ^{1} = 10$ in phase 1; (i) image decrypted with inaccurate order $e_{1}^{2} = row-wise$ in phase 2; (j) image decrypted with inaccurate order $e_{2}^{2} = first-odd-then-even$ in phase 2; (k) image decrypted with inaccurate order $D^{2} = right-to-left and top-to-bottom$ in phase 2; (l) image decrypted with approximated iteration key $γ^{2} = 10$ in phase 2.

4. Simulation

To verify and demonstrate the functional ability of the proposed scheme, the experiments are conducted, and results are obtained for an image of size $512 \times 600$ , as given in Fig. 5(a).

For the encryption and decryption by the Bifid cipher, same Bifid key is used in both phases 1 and 2. In phase 1, Bifid cipher is applied using $I V = 171$ and the orders $e_{1}^{1} = row-wise$ , and $e_{2}^{1} = first-odd-then-even$ . Further, the Arnold map is applied using iteration key $γ^{1} = 9$ and order $D^{1} = left-to-right and top-to-bottom$ . In phase 2, Bifid cipher is applied using $I V = 90$ and the encryption orders $e_{1}^{2} =$ column-wise, and $e_{2}^{2} = first-even-then-odd$ . Further, the Arnold map is applied using iteration key $γ^{2} = 11$ and order $D^{2} = right-to-left and bottom-to-top$ .

The encrypted image, obtained after applying the proposed method with the chosen key parameters, is presented in Fig. 5(b). Fig. 5(c) represents an image decrypted using all accurate keys and accurate orders in both phase 1 and 2. Figs. 5(d)–5(l) show the images obtained with all accurate keys and accurate orders except one, i.e., either wrong key or wrong order in either of phases. The given simulation results show that accurate keys with accurate orders during decryption enable the original image retrieval. Whenever, there is little change for accurate keys or accurate orders while decrypting, a totally meaningless and dissimilar image is obtained revealing no information about the original one.

To analyse the encryption results furthermore, the certain statistical measures such as Mean Square Error (MSE), Structural Similarity Index (SSIM), Peak Signal to Noise Ratio (PSNR) and correlation are calculated between the original image and its encrypted version. These results are obtained for 25 number of images from USC-SIPI database as shown in Table 3. The results indicate the higher MSE, low PSNR, low SSIM and negligible correlation with average values of MSE, PSNR, SSIM and correlation as 9388, 8.71, 0.036 and −0.0007, respectively. Whereas, the values of MSE, PSNR, SSIM and correlation are found as 0, ∞, 1 and 1, when calculated between any original image and its decrypted version. This evidents that the encrypted image largely dissimilars from the original image and the realization of statistical relationship between both is difficult, whereas the decrypted image is perfectly obtained without any loss of original information.

Table 3
Simulation results for standard images.

Statistical measures between the original and corresponding encrypted image

Image MSE PSNR SSIM Correlation

5.1.09 6245.94 10.17 0.0360 0.0044

5.1.10 7722.24 9.25 0.0744 −0.0048

5.1.11 10956.92 7.73 0.0179 −0.0006

5.1.12 12213.91 7.26 0.0299 −0.0072

5.1.13 20920.81 4.93 0.0337 −0.0051

5.1.14 7790.96 9.21 0.0524 0.0012

5.2.08 7099.21 9.62 0.0362 −0.0030

5.2.09 9832.99 8.20 0.0535 0.0012

5.2.10 8659.96 8.76 0.0565 −0.0023

7.1.01 6638.73 9.91 0.0311 −0.0042

7.1.02 8229.95 8.98 0.0139 −0.0026

7.1.03 6231.62 10.18 0.0321 0.0001

7.1.04 6789.69 9.81 0.0291 −0.0001

7.1.05 7114.48 9.61 0.0449 0.0031

7.1.06 7939.13 9.13 0.0433 −0.0011

7.1.07 6426.94 10.05 0.0409 −0.0012

7.1.08 6049.97 10.31 0.0246 0.0003

7.1.09 6764.69 9.83 0.0390 0.0006

7.1.10 6254.97 10.17 0.0305 0.0015

boat.512 7653.14 9.29 0.0386 0.0029

gray21.512 11415.77 7.56 0.0024 −0.0040

ruler.512 21633.07 4.78 0.0697 −0.0016

5.3.01 10280.03 8.01 0.0293 0.0008

5.3.02 8700.26 8.74 0.0419 0.0003

7.2.01 15123.58 6.33 0.0119 0.0022

Average Value 9387.55 8.71 0.036 −0.0007

	Statistical measures between the original and corresponding encrypted image
5.1.09	6245.94	10.17	0.0360	0.0044
5.1.10	7722.24	9.25	0.0744	−0.0048
5.1.11	10956.92	7.73	0.0179	−0.0006
5.1.12	12213.91	7.26	0.0299	−0.0072
5.1.13	20920.81	4.93	0.0337	−0.0051
5.1.14	7790.96	9.21	0.0524	0.0012
5.2.08	7099.21	9.62	0.0362	−0.0030
5.2.09	9832.99	8.20	0.0535	0.0012
5.2.10	8659.96	8.76	0.0565	−0.0023
7.1.01	6638.73	9.91	0.0311	−0.0042
7.1.02	8229.95	8.98	0.0139	−0.0026
7.1.03	6231.62	10.18	0.0321	0.0001
7.1.04	6789.69	9.81	0.0291	−0.0001
7.1.05	7114.48	9.61	0.0449	0.0031
7.1.06	7939.13	9.13	0.0433	−0.0011
7.1.07	6426.94	10.05	0.0409	−0.0012
7.1.08	6049.97	10.31	0.0246	0.0003
7.1.09	6764.69	9.83	0.0390	0.0006
7.1.10	6254.97	10.17	0.0305	0.0015
boat.512	7653.14	9.29	0.0386	0.0029
gray21.512	11415.77	7.56	0.0024	−0.0040
ruler.512	21633.07	4.78	0.0697	−0.0016
5.3.01	10280.03	8.01	0.0293	0.0008
5.3.02	8700.26	8.74	0.0419	0.0003
7.2.01	15123.58	6.33	0.0119	0.0022
Average Value	9387.55	8.71	0.036	−0.0007

5. Performance and security analysis

In this section, the several results are presented as obtained while evaluating functionality and security of the designed scheme.

Table 4
Histogram and correlation analysis.

5.1. Histogram analysis

For an ideal image encryption algorithm, it must have attribute to disseminate the statistical relationship of input image, and obtain the ciphertext image with uniformly distributed histograms. The capability of the designed scheme is first measured as regards to finding the histogram distribution. For color channels (Red, Green and Blue) of images shown in Fig. 5, histogram is shown in Table 4. Compared to the histogram of original image (Fig. 5(a)), histograms of the enciphered one (Fig. 5(b)) and the images decrypted with inaccurate keys or inaccurate orders (Figs. 5(d)–5(l)) appear uniformly distributed, thus, indicating the proposed scheme’s ability to uniformly disseminate the distribution of the original image pixels.

Table 5
$χ^{2}$ value, variance of histogram, and correlation coefficient in the proposed scheme.

Variance Correlation coefficient

Image $χ^{2}$ value Plain image Encrypted image Reduction percentage (%) Horizontal Vertical Diagonal

5.1.09 241.70 134613.30 242.65 99.8197 −0.00570 −0.00037 0.00082

5.1.10 220.95 50311.09 221.82 99.5591 0.00356 −0.00500 0.00082

5.1.11 289.32 219794.77 290.45 99.8679 0.00250 −0.00180 0.00061

5.1.12 227.60 282917.62 228.49 99.9192 −0.00209 0.00576 −0.00715

5.1.13 269.59 9094178.69 270.64 99.9970 0.00834 −0.00098 −0.00399

5.1.14 258.92 50314.62 259.93 99.4833 −0.00114 0.01023 0.00248

5.2.08 250.30 1184960.50 1005.14 99.9151 0.00333 0.00026 0.00057

5.2.09 259.62 1761826.82 1042.56 99.9408 0.00130 −0.00060 0.00160

5.2.10 272.81 382269.83 1095.54 99.7134 0.00030 −0.00278 −0.00120

7.1.01 245.15 2459315.65 984.43 99.9599 0.00116 0.00078 0.00000

7.1.02 217.03 7082853.23 871.54 99.9876 −0.00067 0.00148 −0.00348

7.1.03 258.51 3251037.64 1038.11 99.9680 −0.00018 0.00293 −0.00053

7.1.04 258.24 1867038.20 1036.99 99.9445 −0.00110 0.00297 0.00040

7.1.05 217.75 1124930.07 874.4 99.9223 −0.00192 −0.00355 0.00143

7.1.06 221.84 1195319.01 890.82 99.9254 0.00225 −0.0020 0.00032

7.1.07 237.32 2423971.45 952.98 99.9607 0.00286 −0.00082 0.00160

7.1.08 268.27 5507895.75 1077.29 99.9804 0.00520 0.00307 0.00205

7.1.09 228.01 1369551.15 915.62 99.9331 −0.00006 −0.00282 −0.00237

7.1.10 229.08 2230616.32 919.92 99.9588 −0.00137 −0.00140 0.00037

boat.512 257.61 1467806.33 1034.49 99.9295 −0.00093 0.00144 0.00098

gray21.512 263.68 11091321.56 1058.84 99.9904 0.00327 0.00305 −0.00124

ruler.512 238.88 167835706.25 959.29 99.9994 −0.00117 −0.00162 0.00097

5.3.01 248.87 10502439.48 3997.50 99.9619 −0.00087 −0.00045 −0.00056

5.3.02 261.85 31074316.16 4206.10 99.9864 −0.00081 0.00121 0.00054

7.2.01 277.05 111642857.43 4450.16 99.9960 −0.00039 −0.00003 −0.00062

		Variance	Correlation coefficient
5.1.09	241.70	134613.30	242.65	99.8197	−0.00570	−0.00037	0.00082
5.1.10	220.95	50311.09	221.82	99.5591	0.00356	−0.00500	0.00082
5.1.11	289.32	219794.77	290.45	99.8679	0.00250	−0.00180	0.00061
5.1.12	227.60	282917.62	228.49	99.9192	−0.00209	0.00576	−0.00715
5.1.13	269.59	9094178.69	270.64	99.9970	0.00834	−0.00098	−0.00399
5.1.14	258.92	50314.62	259.93	99.4833	−0.00114	0.01023	0.00248
5.2.08	250.30	1184960.50	1005.14	99.9151	0.00333	0.00026	0.00057
5.2.09	259.62	1761826.82	1042.56	99.9408	0.00130	−0.00060	0.00160
5.2.10	272.81	382269.83	1095.54	99.7134	0.00030	−0.00278	−0.00120
7.1.01	245.15	2459315.65	984.43	99.9599	0.00116	0.00078	0.00000
7.1.02	217.03	7082853.23	871.54	99.9876	−0.00067	0.00148	−0.00348
7.1.03	258.51	3251037.64	1038.11	99.9680	−0.00018	0.00293	−0.00053
7.1.04	258.24	1867038.20	1036.99	99.9445	−0.00110	0.00297	0.00040
7.1.05	217.75	1124930.07	874.4	99.9223	−0.00192	−0.00355	0.00143
7.1.06	221.84	1195319.01	890.82	99.9254	0.00225	−0.0020	0.00032
7.1.07	237.32	2423971.45	952.98	99.9607	0.00286	−0.00082	0.00160
7.1.08	268.27	5507895.75	1077.29	99.9804	0.00520	0.00307	0.00205
7.1.09	228.01	1369551.15	915.62	99.9331	−0.00006	−0.00282	−0.00237
7.1.10	229.08	2230616.32	919.92	99.9588	−0.00137	−0.00140	0.00037
boat.512	257.61	1467806.33	1034.49	99.9295	−0.00093	0.00144	0.00098
gray21.512	263.68	11091321.56	1058.84	99.9904	0.00327	0.00305	−0.00124
ruler.512	238.88	167835706.25	959.29	99.9994	−0.00117	−0.00162	0.00097
5.3.01	248.87	10502439.48	3997.50	99.9619	−0.00087	−0.00045	−0.00056
5.3.02	261.85	31074316.16	4206.10	99.9864	−0.00081	0.00121	0.00054
7.2.01	277.05	111642857.43	4450.16	99.9960	−0.00039	−0.00003	−0.00062

Further, unilateral hypothesis²⁶ and variance²⁴ are adopted to quantitatively measure the histogram distribution. For a gray-level image of size $h \times w$ , unilateral hypothesis experiment statistics $χ^{2}$ can be calculated as

\begin{aligned} χ^{2} = \sum_{i = 0}^{255} \frac{{(o b s_{i} - \exp_{i})}^{2}}{\exp_{i}} \end{aligned}

(7)

where,

{o b s}_{i}

and

\exp_{i} = \frac{h w}{256}

denote observed and expected frequency of gray-level

i \in {0, 1, \dots, 254, 255}

, respectively. Given the significance levels

α = 0.01, 0.05

and 0.1, we have

{χ^{2}}_{0.01} (255) = 310.4574

{χ^{2}}_{0.05} (255) = 293.2478

and

{χ^{2}}_{0.1} (255) = 284.3359

. For an encrypted image, the hypothesis test

χ^{2}

is considered to be passed with significance level α if

χ^{2}

value calculated for encrypted images is lesser than

{χ^{2}}_{α} (255)

. Further, the histogram distributions are better invariable for the smaller values of

χ^{2}

statistics.

$χ^{2}$ values, calculated for the encrypted images corresponding to different plain images from USC-SIPI database, are given in Table 5. The designed scheme passes the $χ^{2}$ test for all three significance levels $α = 0.01, 0.05$ and 0.1. Table 5 lists histogram variances corresponding to selected plain images and their encrypted versions. The given results show that the average percentage of reduction in variance from plain to encrypted image is about 99.91, which is very good. Hence, the designed scheme is highly robust opposed to the study of histogram as hiding original statistical information in encrypted image, and also revealing no original information from examination of histograms.

5.2. Correlation analysis

Analyzing a scheme opposed to attacks based on correlation study is important as the scheme must have characteristics to effectively eliminate the correlation of adjoining pixels. The coefficient of correlation between two pixel sequences P and Q can be calculated as

\begin{aligned} r (P, Q) = \frac{\sum_{i = 1}^{n} (p_{i} - \bar{P}) (q_{i} - \bar{Q})}{\sqrt{\sum_{i = 1}^{n} {(p_{i} - \bar{P})}^{2}} \sqrt{\sum_{i = 1}^{n} {(q_{i} - \bar{Q})}^{2}}} \end{aligned}

(8)

where,

\bar{P}

and

\bar{Q}

denote the mean of P and Q, respectively.

In analysing the proposed scheme, 3000 random pairs of adjoining pixels in each, i.e., horizontal, diagonal and vertical directions, are selected to find correlation coefficient as well as to plot the distribution of adjacent pixels. Table 4 shows the pixel intensity distribution for the images in Fig. 5. The images decrypted without accurate keys or orders and the encrypted image attain the uniform distribution of adjoining pixels in horizontal, diagonal and vertical directions. Further, the correlation coefficient for the encrypted images, corresponding to 25 images from USC-SIPI database, are calculated as given in Table 5. These correlation coefficients are observed very close to 0 in all three directions. Thus, the designed scheme is extremely functional in dissipating redundancy and relationship of plain image pixels, and strongly secures against correlation-based analysis.

5.3. Entropy analysis

Entropy¹⁸ is an efficient estimate for randomness of any encryption system, which is to be calculated as

\begin{aligned} H (S) = - \sum_{i = 0}^{2^{n} - 1} p (s_{i}) \log_{2} p (s_{i}) \end{aligned}

(9)

where,

p (s_{i})

denotes the occurrence probability of a character

s_{i}

in a message S. For image security method, encrypted image entropy is anticipated close to perfect value 8.

Entropy analysis of the images in Fig. 5 is conducted and outcomes are presented in Table 11. It is found that the values of entropy in decrypted images (Figs. 5(d)–5(l)) without accurate keys or accurate orders and the encrypted image (Fig. 5(b)) are close to 8. Furthermore, to study the proposed scheme against entropy, 25 images from USC-SIPI database are selected and entropy values are calculated corresponding to their encrypted versions as listed in Table 7. These values are again found very close to 8. Thus, it indicates that the proposed scheme successfully provides a high global randomness in the cipher images. The comparison among entropy values in related schemes is given in Table 6.

Global entropy provides a good estimate for overall randomness of the data. In,²⁵ to better capture the randomness, a new measure known as local Shannon entropy ( $L S E$ ) was defined as average of entropy of randomly selected non-overlapping blocks of image pixels. It is to be computed as

\begin{aligned} {\bar{H}}_{r, N_{B}} = \sum_{i = 1}^{r} \frac{H (m_{i})}{r} \end{aligned}

(10)

where, r number of non-overlapping blocks

m_{1}, m_{2}, \dots

, and

m_{r}

from image, having

N_{B}

number of pixels each. In a

(r, N_{B})

-local entropy experiment, statistics

\begin{aligned} z = \frac{{\bar{H}}_{r, N_{B}} (T) - μ_{{\bar{H}}_{r, N_{B}} (R)}}{σ_{{\bar{H}}_{r, N_{B}} (R)}} \end{aligned}

(11)

observes normal distribution, where

{\bar{H}}_{r, N_{B}} (T)

and

{\bar{H}}_{r, N_{B}} (R)

denote local entropy values corresponding to a test image T and a random image R, respectively. Further,

μ_{{\bar{H}}_{r, N_{B}} (R)}

and

σ_{{\bar{H}}_{r, N_{B}} (R)}

correspond to mean and standard deviation of

L S E

for a random image, respectively, which are defined as

μ_{{\bar{H}}_{r, N_{B}} (R)} = 7.90246931

and

σ_{{\bar{H}}_{r, N_{B}} (R)} = \frac{0.008694225}{\sqrt{r}}

with

N_{B} = 1936

Following recommendations,²⁵ the designed scheme is studied for $(r, N_{B})$ -local entropy test by setting $r = 30$ and $N_{B} = 1936$ . The local entropy values are obtained for encrypted versions corresponding to 25 plain images from USC-SIPI database and listed as in Table 7. For each image, P-value is obtained using the test statistics (Eq. (11)) with corresponding local entropy value. The image is considered passing the test if the calculated P-value is greater than $α = 0.05, 0.01$ and 0.001. From Table 7, it is evident that the $L S E$ test for all 25 images with $α = 0.05, 0.01$ and 0.001 is passed. Thus, it indicates that the local measure of randomness for cipher images, obtained in the designed scheme, is also high.

Table 6

Comparison of entropy in related schemes.

Scheme	Ref.¹¹	Ref.²⁸	Ref.²⁷	¹⁷	Ref.¹⁵	Ref.¹⁹	Ref.⁵	Ref.²³	Ref.¹⁴	Proposed
Entropy	7.071	7.999	-	-	7.477	7.998	1.023	7.997	-	7.999

Table 7

Local entropy comparison between ref.^[14] and the proposed scheme.

Image	Ref.¹⁴		Proposed scheme
	Local entropy	P-value	Local entropy	P-value	Global entropy
	5.1.09	7.9020	0.401	7.9028	0.574	7.9993
5.1.10	7.9028	0.599	7.9030	0.623	7.9976
5.1.11	7.9028	0.574	7.9028	0.574	7.9971
5.1.12	7.9028	0.599	7.9033	0.691	7.9972
5.1.13	7.9030	0.646	7.9033	0.691	7.9973
5.1.14	7.9021	0.426	7.9023	0.450	7.9974
5.2.08	7.9028	0.574	7.9033	0.691	7.9993
5.2.09	7.9022	0.426	7.9029	0.599	7.9993
5.2.10	7.9022	0.401	7.9024	0.475	7.9993
7.1.01	7.9022	0.426	7.9024	0.475	7.9993
7.1.02	7.9022	0.426	7.9031	0.646	7.9994
7.1.03	7.9028	0.574	7.9028	0.574	7.9993
7.1.04	7.9019	0.354	7.9032	0.669	7.9992
7.1.05	7.9026	0.377	7.9030	0.623	7.9994
7.1.06	7.9022	0.525	7.9024	0.475	7.9992
7.1.07	7.9029	0.426	7.9033	0.691	7.9993
7.1.08	7.9022	0.599	7.9027	0.550	7.9993
7.1.09	7.9028	0.426	7.9028	0.574	7.9993
7.1.10	7.9019	0.574	7.9031	0.646	7.9993
boat.512	7.9020	0.354	7.9024	0.475	7.9992
gray21.512	7.9027	0.377	7.9025	0.500	7.9994
ruler.512	7.9027	0.550	7.9027	0.550	7.9994
5.3.01	7.9021	0.401	7.9029	0.599	7.9998
5.3.02	7.9027	0.550	7.9032	0.669	7.9998
7.2.01	7.9027	0.550	7.9033	0.691	7.9998
Average value	7.9025		7.9029		7.999
Test result passed by	All images		All images

5.4. Differential analysis

In differential analysis, an attacker attempts to break an encryption scheme by analyzing the different cipher images obtained by plain images which differ very slightly. A good image encryption scheme must have resistance to differential analysis, which can be measured typically by Unified Average Change Intensity ( $U A C I$ ) and Number of Pixels Change Rate ( $N P C R$ )²⁴ defined as

\begin{aligned} N P C R = \frac{1}{h \times w} \sum_{i = 1}^{h} \sum_{j = 1}^{w} D i f f (i, j) \times 100 \end{aligned}

(12)

\begin{aligned} U A C I = \frac{1}{h \times w} \sum_{i = 1}^{h} \sum_{j = 1}^{w} \frac{| E_{1} (i, j) - E_{2} (i, j) |}{255} \times 100 \end{aligned}

(13)

where,

E_{1}

and

E_{2}

denote encrypted version of plain images differ by single pixel only, and

D i f f

is defined by

E_{1}

and

E_{2}

, i.e., if

E_{1} (i, j) = E_{2} (i, j)

then

D i f f (i, j) = 0

; else

D i f f (i, j) = 1

. The comparison of

N P C R

and

U A C I

values in related schemes are presented in Table 9.

In,²⁴ Wu recommended to evaluate the critical values of $N P C R$ and $U A C I$ to estimate the security opposed to the differential analysis. For a significant level α, the test is considered passed if the critical value of $N P C R$ is greater than corresponding $N_{α}^{*}$ , and the critical value of $U A C I$ lies in $(U_{α}^{* -}, U_{α}^{* +})$ . In Table 8, $N P C R$ and $U A C I$ critical values²⁴ for gray-scale images are given to accept the test as passed.

Table 8

Critical values of $U A C I$ and $N P C R$ for significance level α.

	$α = 0.05$		$α = 0.01$		$α = 0.001$
Image size	$N_{α}^{*}$	$(U_{α}^{* -}, U_{α}^{* +})$	$N_{α}^{*}$	$(U_{α}^{* -}, U_{α}^{* +})$	$N_{α}^{*}$	$(U_{α}^{* -}, U_{α}^{* +})$
$256 \times 256$	99.5693%	(33.2824%, 33.6447%)	99.5527%	(33.3730%, 33.5541%)	99.5341%	(33.4183%, 33.5088%)
$512 \times 512$	99.5893%	(33.3730%, 33.5541%)	99.5810%	(33.3445%, 33.5826%)	99.5717%	(33.3115%, 33.6156%)
$1024 \times 1024$	99.5994%	(33.4183%, 33.5088%)	99.5952%	(33.4040%, 33.5231%)	99.5906%	(33.3875%, 33.5396%)

To evaluate the proposed scheme against differential analysis, $N P C R$ and $U A C I$ critical values are computed for 25 images selected from USC-SIPI database. The modification in 1-bit (randomly chosen) of a pixel (randomly chosen) of each plain image is adopted for critical values calculation. Table 10 shows the critical values corresponding to the chosen images. For significance level $α = 0.05, 0.01$ and 0.001, the designed scheme passes the $N P C R$ and $U A C I$ test in all 25 number of images. $N P C R$ and $U A C I$ result to $99.6147 %$ and $33.4717 %$ as the average values. Thus, it indicates that the proposed scheme owns well built differential characteristics, and provides good security opposed to differential analysis.

Table 9

$U A C I$ and $N P C R$ values comparison in related schemes.

Scheme	Ref.¹¹	Ref.²⁸	Ref.²⁷	Ref.¹⁷	Ref.¹⁵	Ref.¹⁹	Ref.⁵	Ref.²³	Ref.¹⁴	Proposed
$N P C R$ (in %)	-	99.6205	-	-	-	99.74	-	Close to 1	99.6105	99.6147
$U A C I$ (in %)	-	33.5516	-	-	-	33.47	-	Close to 33	33.4682	33.4717

Table 10

Differential characteristics in Ref.¹⁴ and proposed scheme.

	$N P C R$ (in %)		$U A C I$ (in %)
Image	Ref.¹⁴	Proposed scheme	Ref.¹⁴	Proposed scheme
5.1.09	99.6018	99.6216	33.4446	33.4061
5.1.10	99.6245	99.6262	33.4326	33.4466
5.1.11	99.6048	99.6185	33.4779	33.5523
5.1.12	99.5836	99.6267	33.5338	33.4013
5.1.13	99.6472	99.5855	33.4468	33.5639
5.1.14	99.6366	99.6175	33.4650	33.4038
5.2.08	99.6158	99.6195	33.4336	33.4448
5.2.09	99.6405	99.6246	33.4776	33.5348
5.2.10	99.5957	99.6165	33.4392	33.5269
7.1.01	99.5999	99.6103	33.4838	33.4019
7.1.02	99.6177	99.6016	33.5015	33.4646
7.1.03	99.5999	99.6098	33.4863	33.4634
7.1.04	99.6109	99.6223	33.4729	33.4959
7.1.05	99.6010	99.6218	33.5005	33.5199
7.1.06	99.6223	99.6105	33.4356	33.4875
7.1.07	99.6052	99.6141	33.5229	33.4595
7.1.08	99.6113	99.6193	33.4491	33.4622
7.1.09	99.5968	99.6195	33.5309	33.4674
7.1.10	99.5953	99.6152	33.4018	33.4682
boat.512	99.6265	99.6066	33.4449	33.4629
gray21.512	99.5995	99.6089	33.4765	33.4794
ruler.512	99.6086	99.6211	33.4153	33.5110
5.3.01	99.6034	99.6090	33.4760	33.4481
5.3.02	99.6079	99.6084	33.4878	33.4645
7.2.01	99.6047	99.6131	33.4670	33.4549
Average value	99.6105	99.6147	33.4682	33.4717
Test results passed at $α = 0.05, 0.01$ and 0.001	By all images		By all images

5.5. Noise and data loss analysis

Fig. 6.

Noise and cropping analysis experiments: (a) input image; (b) cipher image; (c) image decrypted under 10% Salt and pepper noise; (d) image decrypted under 5% Salt and pepper noise; (e) image decrypted under 1% Salt and pepper noise; (f) encrypted image 25% cropped at top-left corner; (g) encrypted image 25% cropped at top-right corner; (h) encrypted image 25% cropped at bottom-right corner; (i) encrypted image 25% cropped at bottom-left corner; (j) encrypted image 25% cropped at center; (k) encrypted image 25% cropped at multiple places; (l) image decrypted for Fig. 6(f); (m) image decrypted for Fig. 6(g); (n) image decrypted for Fig. 6(h); (o) image decrypted for Fig. 6(i); (p) image decrypted for Fig. 6(j); (q) image decrypted for Fig. 6(k).

It is imperative to analyse an image encryption scheme against noise and data loss attacks as an attacker may crop or add some noise to the encrypted images during transmission of these over an insecure channel. Thus, the performance of designed scheme is tested against cropping and noise-based attacks.

First, in analysing for noise-based attack, the encrypted image (Fig. 6(b)) is incorporated with Salt and pepper noise for noise intensities 0.01, 0.05, and 0.1. The noise incorporated encrypted image is decrypted using accurate keys and accurate orders as shown in Fig. 6. The designed scheme well resists the noise-based attack as the plain image (Fig. 6(a)) is easily identifiable from the images (Figs. 6(c)–6(e)), thus, demonstrating the good security against noise-based attack.

Secondly, in experimenting for data loss analysis, the encrypted image is cropped with $25 %$ pixels at left-top, right-top, right-bottom, left-bottom, center and multiple places as shown in Figs. 6(f)–6(k), respectively. The images, as shown in Figs. 6(l)–6(q), are obtained after decrypting cropped encrypted images with accurate keys and accurate orders. The decrypted images can easily reconstruct the original one. This demonstrates the proposed scheme’s capability in handling for the data loss attacks. Hence, the designed encryption scheme is found to have good resistance against the noise and cropping based analysis.

5.6. Key sensitivity

For a cryptographic scheme, key sensitivity parts the most essential characteristics of the scheme. Statistical estimators such as entropy, correlation coefficient, MSE, histogram and PSNR are adopted to analyse key sensitivity in the designed scheme.

In the simulation results presented in Section 4, the different images (Figs. 5(d)–5(l)) are obtained by decrypting the encrypted images after choosing inaccurate keys or inaccurate orders, which are approximated very near to the accurate one. It can be easily noticed that these images appear meaningless and visually reveal no original information. In Table 4, uniform distribution of the histogram as well as intensity distribution of adjoining pixels confirm high key sensitivity in the designed scheme. Further, the results calculated for MSE, PSNR, correlation and entropy for the images (Figs. 5(d)–5(l)) are presented in Table 11. Decrypted versions with slightly approximation in keys orders have high MSE, low PSNR, entropy close to 8, and negligible correlation of adjacent pixels. The obtained results indicate negligible possibilities for statistical analysis. Thus, the designed scheme observes great sensitivity to the accurate keys as well as accurate orders making it more secure and computationally hard for an adversary to attack.

Table 11
MSE, PSNR, correlation coefficient, and entropy for demonstration in Section 4.

Correlation coefficient

Image MSE with Fig. 5(a) PSNR Entropy Horizontal Vertical Diagonal

Fig. 5(a) 0 - 7.6341 0.98407 0.98507 0.97679

Fig. 5(b) 9429.49 8.39 7.9998 −0.00064 0.00137 −0.00065

Fig. 5(c) 0 - 7.6341 0.98407 0.98507 0.97679

Fig. 5(d) 9420.65 8.39 7.9996 −0.00035 0.00219 −0.00110

Fig. 5(e) 9414.47 8.39 7.9998 −0.00063 0.00216 −0.00031

Fig. 5(f) 10599.84 7.88 7.9890 0.13538 −0.08895 −0.00889

Fig. 5(g) 9415.25 8.39 7.9998 0.00007 0.00468 −0.00118

Fig. 5(h) 9423.79 8.39 7.9998 −0.00046 0.00319 0.00072

Fig. 5(i) 9431.21 8.39 7.9997 −0.00066 0.00012 −0.0007

Fig. 5(j) 9443.55 8.38 7.9998 0.00043 0.00015 0.00095

Fig. 5(k) 9427.32 8.38 7.9998 0.00095 −0.00028 0.00084

Fig. 5(l) 9436.35 8.38 7.9997 0.00131 0.00234 −0.00060

				Correlation coefficient
Fig. 5(a)	0	-	7.6341	0.98407	0.98507	0.97679
Fig. 5(b)	9429.49	8.39	7.9998	−0.00064	0.00137	−0.00065
Fig. 5(c)	0	-	7.6341	0.98407	0.98507	0.97679
Fig. 5(d)	9420.65	8.39	7.9996	−0.00035	0.00219	−0.00110
Fig. 5(e)	9414.47	8.39	7.9998	−0.00063	0.00216	−0.00031
Fig. 5(f)	10599.84	7.88	7.9890	0.13538	−0.08895	−0.00889
Fig. 5(g)	9415.25	8.39	7.9998	0.00007	0.00468	−0.00118
Fig. 5(h)	9423.79	8.39	7.9998	−0.00046	0.00319	0.00072
Fig. 5(i)	9431.21	8.39	7.9997	−0.00066	0.00012	−0.0007
Fig. 5(j)	9443.55	8.38	7.9998	0.00043	0.00015	0.00095
Fig. 5(k)	9427.32	8.38	7.9998	0.00095	−0.00028	0.00084
Fig. 5(l)	9436.35	8.38	7.9997	0.00131	0.00234	−0.00060

5.7. Key space

The collection of all feasible keys in a cryptosystem, referred as key space, is expected to be sufficiently big so that brute force analysis could not be possible. The designed scheme is composed of two phases, where each phase has combination of operations based on Bifid cipher and Arnold map.

In Bifid cipher-based operations, the Bifid key of size $16 \times 16$ , acts as the secret key along with the encryption orders. As Bifid key consists all 256 different numbers from the set ${0, 1, \dots, 255}$ , the total possibility of Bifid keys results to $256!$ ( $\approx 2^{1683}$ ) in numbers. Further, 2-bit can exhibit the encryption orders $e_{i}^{1}$ and $e_{i}^{2}$ ( $i \in {1, 2}$ ). Thus, the total possible keys in the designed Bifid cipher-based scheme, considering phases 1 and 2, can be approximated to $2^{1683} \times 2^{4} = 2^{1687}$ .

In Arnold map-based scheme, the iteration number $γ^{i}$ serves as the secret parameter in addition to order $D^{i}$ , where $i \in {1, 2}$ . The iteration number $γ^{i}$ is selected lesser than the period ( $T_{N}$ ) of Arnold map, i.e., $γ^{i} \in (1, T_{N})$ for $i \in {1, 2}$ . Thus, the total possible keys (iteration numbers) considering phases 1 and 2 are $T_{N}^{2}$ . Further, 3-bit can be used to represent the division orders $D^{1}$ and $D^{2}$ , i.e., 2-bit for $D^{1}$ and 1-bit for $D^{2}$ . Thus, the total possible keys in Arnold map-based scheme, considering phases 1 and 2, results to $2^{3} \times T_{N}^{2}$ .

Accordingly in the designed scheme, the total possible keys can be approximated to $2^{1690} \times T_{N}^{2}$ . For a $512 \times 512$ sized image, the total keys in the designed scheme can be approximated to $2^{1690} \times 2^{17} = 2^{1707}$ . Thus, the designed scheme has a key space of enormous size, which is computationally secure opposed to brute force analysis.

5.8. Time complexity

As the designed scheme is a combination of operations based on Bifid cipher and Arnold map, the time complexity of Bifid cipher and Arnold map-based encryption operations are to be first analyzed, individually for arriving the total time complexity of the designed scheme.

In the operations based on Bifid cipher, the encryption of pixels executes mainly subject to lookup operations performed twice. In the first occasion, a sequence of numbers is established by looking the positions (coordinates) of the image pixels (say, image size $h \times w$ ) being encrypted using Bifid key. The complexity of this determination is $O (h w)$ . In the second occasion, the pixels are determined from Bifid key corresponding to the positions determined by a sequence. The complexity of this operation is also $O (h w)$ . Thus, considering both phases 1 and 2, the time complexity of the encryption operation based on Bifid cipher results to $O (4 h w)$ .

In Arnold map-based encryption function, the pixels in a square block of size $N \times N$ are scrambled for several times depending upon the selected iteration key. In,⁸ it is shown that the complexity of applying Arnold map to a $N \times N$ block for one iteration is similar to first finding transformation of $N^{2}$ locations ( $(r, s)$ , where $1 ⩽ r ⩽ N$ , $1 ⩽ s ⩽ N$ ) and subsequently, scrambling the image pixels according to the transformation determined. The transformation of the locations of pixels can be calculated using Eq. (14)

\begin{aligned} [\begin{matrix} 0 & . . & N - 1 & . . & N - 1 & . . & N - 2 \\ 0 & . . & N - 2 & . . & N - 1 & . . & N - 3 \end{matrix}] \\ = [\begin{matrix} 1 & 1 \\ 1 & 2 \end{matrix}] [\begin{matrix} 0 & . . & 0 & . . & N - 1 & . . & N - 1 \\ 0 & . . & N - 1 & . . & 0 & . . & N - 1 \end{matrix}] (mod N) . \end{aligned}

(14)

Hence, determination of the transportation has complexity similar to the complexity of multiplication of a $2 \times 2$ Arnold map matrix with a $2 \times N^{2}$ matrix corresponding to $N^{2}$ locations, i.e., $O (2.2. N^{2}) = O (4 N^{2})$ . Further, the transformation of pixels has complexity $O (N^{2})$ . The complexity of applying Arnold map for single iteration comes to $O (4 N^{2} + N^{2})$ , i.e., $O (5 N^{2}) = O (5 h w)$ , since $N = \sqrt{h w}$ . Considering both phases 1 and 2, the time complexity of encryption operations based on Arnold map results to $O (5 (γ_{1} + γ_{2}) h w)$ .

Accordingly, the encryption process time complexity in the designed scheme computes to $O (4 h w + 5 (γ_{1} + γ_{2}) h w)$ . Hence, the time complexity has a linear relationship with input image size. In the proposed scheme, the time complexity of the decryption process has also similar time complexity, as uses inverted primitives having similar operations.

Further, three standard color images, varying in sizes from USC-SIPI database, are chosen for computing the running speed of the encryption process. To obtain the results, the scheme is implemented using Java on a desktop PC having Core i5 processor and 4 GB RAM. The running speed corresponding to each chosen image is obtained for complete process, which involves first decomposition of the image into color channels (Red, Green and Blue), and then encrypting each channel followed by combining each encrypted channel into the final encrypted image. Table 12 lists the encryption running time (in seconds) for the selected images. The proposed scheme is found to have a good running speed, which grows linearly with image size.

Table 12

The encryption process running time (unit: second).

	Image size
Image	$64 \times 64$	$128 \times 128$	$192 \times 192$	$256 \times 256$	$384 \times 384$	$512 \times 512$	$768 \times 768$	$1024 \times 1024$
4.2.03	0.080	0.189	0.311	0.401	0.831	1.173	2.280	3.505
4.2.05	0.082	0.193	0.331	0.397	0.737	1.110	2.303	3.634
4.2.06	0.083	0.194	0.329	0.379	0.719	1.154	2.317	3.525

5.9. Security against cryptanalytical attacks

In cryptanalyzing the ciphered data, the objective of adversary is to infer the secret key or plain data, generally, by working around either the brute force attack or common attack models like ciphertext only attack (COA), chosen plaintext attack (CPA), known plaintext attack (KPA), chosen ciphertext attack (CCA). COA assumes the most difficult one, where adversary has to look for algorithm level weakness or trying with brute force attack. In brute force attack, an enemy has to try for half of size of key space on average. The enormous sized key space in the designed scheme eliminates the possibilities of brute force attack and COA.

Under CPA, KPA and CCA, an enemy works with numerous pairs of plaintext and ciphertext to infer the secret key or to obtain plaintext for ciphertext generated with same key. The measures adopted in the design of the proposed scheme can confirm its security against CPA, KPA and CCA.

a)
The Bifid key is updated with hash digest of the plain image prior to its use in the encryption function. Thus, choosing a collision resistant hash function, it is computationally infeasible to get the same updated Bifid key for two different plain images even varying very slightly.
b)
Size of block in Arnold map-based function, and further, iteration numbers depending upon the size of plain image.
c)
Bifid cipher-based function applied in Cipher chaining mode inducing the affect of pixels in encryption of each other.
d)
Accurate decryption process is designed to have sensitivity not only to accurate keys but to accurate orders also.

Thus, considering the aforesaid facts, the designed scheme can be considered secure enough withstanding to brute force and plaintext-ciphertext pairs-based attacks.

To furthermore verify the security against cryptanalytical attacks, four plain images are chosen as shown in Fig. 7. Each plain image has high data redundancy, i.e., consists almost similar pixels. Further, all plain images differ very slightly from each other. Second plain image differs from first image by one pixel, i.e., pixel value at location $(257, 257)$ in second image is 255 instead of 0. Third image differs from first plain image by one row, i.e., row 129. In the third plain image, each pixel value at row 129 is 255 instead of 0. Whereas, the fourth plain image differs from first plain image by one column, i.e., column 385, as each pixel has value 255 instead of 0. The encrypted images, as in Fig. 7, are corresponding to plain images by choosing the similar set of keys and orders. The obtained encrypted images are evaluated with respect to statistical measures like correlation, MSE and SSIM as given in Table 13. It is easily noticed that the enciphered images notably differ from each other with almost zero correlation despite having input plain images with high data redundancy and almost similarity. It shows the resistance opposed to analysis based on plaintext and ciphertext pairs. Hence, the designed scheme is considered secure against cryptanalytical attacks.

Fig. 7.
Cryptanalytical attack simulations: (a) first plain image; (b) second plain image; (c) third plain image; (d) fourth plain image; (e) first encrypted image ; (f) second encrypted image ; (g) third encrypted image ; (h) fourth encrypted image.

Table 13
Experimental results for cryptanalytical attacks.

Between plain images MSE SSIM Correlation coefficient Between encrpyted images MSE SSIM Correlation coefficient

Fig. 7(a) and Fig. 7(b) 0.2487 0.9997 0.9990 Fig. 7(e) and Fig. 7(f) 10989 0.1550 0.0043

Fig. 7(a) and Fig. 7(c) 127.0039 0.9805 0.7064 Fig. 7(e) and Fig. 7(g) 10733 0.1538 −0.0001

Fig. 7(a) and Fig. 7(d) 126.7350 0.9807 0.7608 Fig. 7(e) and Fig. 7(h) 11039 0.1535 −0.0007

Fig. 7(b) and Fig. 7(c) 127.2526 0.9803 0.7057 Fig. 7(f) and Fig. 7(g) 10726 0.1546 −0.0002

Fig. 7(b) and Fig. 7(d) 126.9837 0.9805 0.7061 Fig. 7(f) and Fig. 7(h) 11036 0.1534 −0.0013

Fig. 7(c) and Fig. 7(d) 253.2409 0.9616 0.4993 Fig. 7(g) and Fig. 7(h) 10717 0.1533 0.0001

Table 14
The designed scheme comparison with the related works.

Schemes

²⁸ ²⁷ ¹⁷ ²² ¹⁵ ¹⁹ ⁵ ²³ ¹⁴ Proposed scheme

Image size Any Square Square Any Any Square Square Square Any Any

Accurate reconstruction requirement Accurate keys Accurate keys Accurate keys Accurate keys and accurate orders Accurate keys and accurate orders Accurate keys Accurate keys Accurate keys Accurate keys Accurate keys and accurate orders

Key sensitivity Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes

Security against noise analysis NA Yes Yes NA NA Yes NA NA Yes Yes

Security against cropping analysis NA Yes Yes NA Yes NA Yes NA Yes Yes

Adjoining pixels correlation Almost zero Almost zero NA NA Almost zero Almost zero Almost zero Almost zero Almost zero Almost zero

Entropy analysis 7.999 NA NA NA 7.477 7.998 1.023 7.997 NA 7.999

Differential characteristics NPCR: 99.6205% NA NA NA NA NPCR: 99.74% NA NPCR: close to 100% NPCR: 99.6105% NPCR: 99.6147%

UACI: 33.5516% UACI: 33.47% UACI: close to 33% UACI: 33.4682% UACI: 33.4717%

Key space NA $2^{213}$ NA NA NA $2^{235}$ $2^{233}$ $2^{48 k + 16}$ k-iteration number $2^{122}$ $2^{1706}$

Time complexity NA Real time NA NA NA NA NA Real time Real time Real time linear with size

Security against cryptanalytic attack models NA NA NA NA NA Presented NA Presented NA Presented

NA - Not Available
6. Comparative analysis

Between plain images	MSE	SSIM	Correlation coefficient	Between encrpyted images	MSE	SSIM	Correlation coefficient
Fig. 7(a) and Fig. 7(b)	0.2487	0.9997	0.9990	Fig. 7(e) and Fig. 7(f)	10989	0.1550	0.0043
Fig. 7(a) and Fig. 7(c)	127.0039	0.9805	0.7064	Fig. 7(e) and Fig. 7(g)	10733	0.1538	−0.0001
Fig. 7(a) and Fig. 7(d)	126.7350	0.9807	0.7608	Fig. 7(e) and Fig. 7(h)	11039	0.1535	−0.0007
Fig. 7(b) and Fig. 7(c)	127.2526	0.9803	0.7057	Fig. 7(f) and Fig. 7(g)	10726	0.1546	−0.0002
Fig. 7(b) and Fig. 7(d)	126.9837	0.9805	0.7061	Fig. 7(f) and Fig. 7(h)	11036	0.1534	−0.0013
Fig. 7(c) and Fig. 7(d)	253.2409	0.9616	0.4993	Fig. 7(g) and Fig. 7(h)	10717	0.1533	0.0001

	Schemes
Image size	Any	Square	Square	Any	Any	Square	Square	Square	Any	Any
Accurate reconstruction requirement	Accurate keys	Accurate keys	Accurate keys	Accurate keys and accurate orders	Accurate keys and accurate orders	Accurate keys	Accurate keys	Accurate keys	Accurate keys	Accurate keys and accurate orders
Key sensitivity	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Security against noise analysis	NA	Yes	Yes	NA	NA	Yes	NA	NA	Yes	Yes
Security against cropping analysis	NA	Yes	Yes	NA	Yes	NA	Yes	NA	Yes	Yes
Adjoining pixels correlation	Almost zero	Almost zero	NA	NA	Almost zero	Almost zero	Almost zero	Almost zero	Almost zero	Almost zero
Entropy analysis	7.999	NA	NA	NA	7.477	7.998	1.023	7.997	NA	7.999
Differential characteristics	NPCR: 99.6205%	NA	NA	NA	NA	NPCR: 99.74%	NA	NPCR: close to 100%	NPCR: 99.6105%	NPCR: 99.6147%
UACI: 33.5516%					UACI: 33.47%		UACI: close to 33%	UACI: 33.4682%	UACI: 33.4717%
Key space	NA	$2^{213}$	NA	NA	NA	$2^{235}$	$2^{233}$	$2^{48 k + 16}$ k-iteration number	$2^{122}$	$2^{1706}$
Time complexity	NA	Real time	NA	NA	NA	NA	NA	Real time	Real time	Real time linear with size
Security against cryptanalytic attack models	NA	NA	NA	NA	NA	Presented	NA	Presented	NA	Presented

The efficacy of the designed scheme is further evaluated by conducting the comparative study^{5,14,15,17,19,22,23,27,28} for numerous functionality and security parameters. The results as listed for the corresponding schemes are considered and presented for comparative study.

The designed scheme has no limitation to image size, whereas the schemes^{5,17,19,23,27} are limited to only square-sized images. In comparison to,^{5,14,17,19,23,27,28} the proposed scheme improves for key sensitivity and accurate decryption requirements as not specific to accurate keys but also to accurate orders. The proposed scheme has good performance under the noise and cropping attacks, whereas the schemes^{5,15,22,23,28} and^19,22,23,28 lack in providing the performance under noise and cropping attacks, respectively. The presented scheme effectively eliminates the adjoining pixels correlation and data redundancy while the schemes^17,22 do not evaluate it.

The proposed scheme achieves ideal values of local as well as global entropy for enciphered data. The entropy values comparison among the related works is presented in Table 6. The schemes^14,17,22,27 and^{5,15,17,19,22,23,27,28} do not evaluate for entropy and local entropy, respectively. Mansouri and Wang’s scheme¹⁴ is found to have evaluation with respect to local entropy. The local entropy values in the presented scheme, and Mansouri and Wang’s scheme are compared in Table 7. The proposed scheme withstands to Mansouri and Wang’s scheme in passing all the tests for local entropy, and further achieving the better average value for local entropy. The proposed scheme also achieves good differential characteristics as evaluated against the $N P C R$ and $U A C I$ , and their critical values also. The schemes^{5,15,17,22,27} do not provide their security against differential attack, while other^19,23,28 provide security by computing the differential characteristics. The $U A C I$ and $N P C R$ values in related schemes are compared in Table 9. Mansouri and Wang’s scheme¹⁴ supports the Differential attack’s resistance by also evaluating $U A C I$ and $N P C R$ critical values. Table 10 shows comparison of $U A C I$ and $N P C R$ critical values in the designed scheme and Mansouri and Wang’s scheme. Compared to Mansouri and Wang’s scheme, the designed scheme similarly passes total tests for $N P C R$ and $U A C I$ critical values, and further, obtains higher average of critical values for $U A C I$ and $N P C R$ .

In,^15,17,22,28 the schemes do not approximate and present their size of key space, i.e., number of all possible keys. Compared to the presented schemes,^{5,14,19,23,27} the designed scheme advantages in providing an enormous-sized key space. Further, the presented scheme gets its speed validation in both theoretical and practical sense, whereas none of the related schemes found to have analyzed their scheme for theoretical time complexity. Whereas, the schemes^{5,15,17,19,22,28} even do not evaluate and present the results for their running speed. Similar to the presented schemes, the designed scheme obtains a real-time encryption speed with linear dependency to size of input image. Further, the proposed scheme has security validation against the common cryptanalytical attacks, i.e., based on brute force and assumption of plaintext and ciphertext pairs. The schemes presented in,^{5,14,15,17,22,27,28} lack their security validation against the common cryptanalytical attacks.

The comparative study among the designed and related works is listed in Table 14. In the designed scheme, an extensive validation of its performance and security is provided. The proposed scheme achieves great performance and provides very good security. The proposed scheme is found greatly close as well as outperforming to the allied works.

7. Conclusion

In this study, two primitives, Bifid cipher and Arnold map, are combined together in substitution-permutation design to arrive an image data security method. Traditional 2D-Bifid cipher is extended to work on image data with additional security settings, and further, associated with block-based procedure using Arnold map. The scheme is designed to have higher sensitivity not only to keys but to their orders also. Several simulation results are conducted to confirm the functionality and security of the presented scheme. The designed scheme is found to have good randomness, local as well as global, strong differential characteristics, uniformly distributing encrypted pixels, negligible correlation of adjacent encrypted pixels, data loss and noise resistance, good running speed, and a huge key space with resistance against brute force and cryptanalytical attack models. Further, the proposed method positions well to the related works. The proposed scheme has application in securing the image data pertaining to areas such as medical science, aerospace network, secure web browsing, satellite communication, military communication, remote sensing, securing personal photos, wireless sensor network etc.

References

Arnold

V.I.

Avez

, Ergodic Problems of Classical Mechanics, New York, 1968. Benjamin [Translated from Russian].

Bkakria

, Robust, revocable, forward and backward adaptively secure attribute-based encryption with outsourced decryption, Journal of Computer Security 31(6) (2023), 727–760. doi:10.3233/JCS-220129.

Chen

Zhao

, Image encryption based on singular value decomposition and Arnold transform in fractional domain, Optics Communications 291 (2013), 98–103. doi:10.1016/j.optcom.2012.10.080.

Dyson

F.J.

Falk

, Period of a discrete cat mapping, The American Mathematical Monthly 99 (1992), 603–614. doi:10.1080/00029890.1992.11995900.

Guleria

Mishra

D.C.

, A new multi-layer RGB image encryption algorithm based on Diffie–Hellman cryptography associated with FrDCT and Arnold transform, Multimedia Tools and Applications 79 (2020), 33119–33160. doi:10.1007/s11042-020-09615-w.

Kahn

, The Codebreakers: The Story of Secret Writing, Macmillan, New York, 1967.

Kang

Luo

Zhang

Jiang

, Homogenized Chebyshev–Arnold map and its application to color image encryption, IEEE Access 7 (2019), 114459–114471. doi:10.1109/ACCESS.2019.2930183.

Kumar

Sharma

R.K.

, Securing color images using two-square cipher associated with Arnold map, Multimedia Tools and Applications 76 (2016), 8757–8779. doi:10.1007/s11042-016-3504-1.

Liang

Y.J.

, Arnold transform based image scrambling method, in: 3rd International Conference on Multimedia Technology(ICMT 2013), 2013, pp. 1309–1316.

10.

Liu

Chen

Liu

Dai

Liu

, Image encryption by using gyrator transform and Arnold transform, Journal of Electronic Imaging 20 (2011), 013020. doi:10.1117/1.3557790.

11.

Liu

Gong

Dou

Liu

Lin

Ahmad

M.A.

Dai

Liu

, Double image encryption by using Arnold transform and discrete fractional angular transform, Optics and Lasers in Engineering 50(2) (2012), 248–255. doi:10.1016/j.optlaseng.2011.08.006.

12.

Liu

Chen

Lin

Liu

, Color image encryption by using Arnold transform and color-blend operation in discrete cosine transform domains, Optics Communications 284(1) (2011), 123–128. doi:10.1016/j.optcom.2010.09.013.

13.

Machiavelo

Reis

, Automated ciphertext-only cryptanalysis of the Bifid cipher, Technical report, pp. 1–12, 2006.

14.

Mansouri

Wang

, Image encryption using shuffled Arnold map and multiple values manipulations, The Visual Computer 37 (2021), 189–200. doi:10.1007/s00371-020-01791-y.

15.

Mishra

D.C.

Sharma

R.K.

Suman

Prasad

, Multi-layer security of color image based on chaotic system combined with rp2dfrft and Arnold transform, Journal of Information Security and Applications 37 (2017), 65–90. doi:10.1016/j.jisa.2017.09.006.

16.

Patel

Vaish

, Dna coding and chaos based image encryption using compressive sensing in msvd domain, Multimedia Tools and Applications (2023).

17.

Rawat

Kim

Kumar

, Fast digital image encryption based on compressive sensing using structurally random matrices and Arnold transform technique, Optik 127 (2016), 2282–22861. doi:10.1016/j.ijleo.2015.11.064.

18.

Shannon

C.E.

, A mathematical theory of communication, Bell System Technical Journal 27 (1948), 379–423. doi:10.1002/j.1538-7305.1948.tb01338.x.

19.

Sneha

P.S.

Sankar

Ashok

S.K.

, A chaotic colour image encryption scheme combining Walsh–Hadamard transform and Arnold–Tent maps, Journal of Ambient Intelligence and Humanized Computing 11 (2020), 1289–1308. doi:10.1007/s12652-019-01385-0.

20.

Sui

Gao

, Color image encryption based on gyrator transform and Arnold transform, Optics and Laser Technology 48 (2013), 530–538. doi:10.1016/j.optlastec.2012.11.020.

21.

Vaish

, An error free and key sensitive color image Encryption using Sine powered map and Arnold transform in Stockwell domain, Multimedia Tools and Applications (2023).

22.

Vaish

Kumar

, Color image encryption using msvd, dwt and Arnold transform in fractional Fourier domain, Optik 145 (2017), 273–283. doi:10.1016/j.ijleo.2017.07.041.

23.

Liu

Wang

Liu

, A compact image encryption system based on Arnold transformation, Multimedia Tools and Applications 80 (2021), 2647–2661. doi:10.1007/s11042-020-09828-z.

24.

, Npcr and uaci randomness tests for image encryption, Cyber Journals: Journal of Selected Areas of Telecommunication 2 (2011), 31–38.

25.

Zhou

Saveriades

Agaian

Noonan

J.P.

Natarajan

, Local Shannon entropy measure with statistical tests for image randomness, Information Sciences 222 (2013), 323–342. doi:10.1016/j.ins.2012.07.049.

26.

Zhang

, The unified image encryption algorithm based on chaos and cubic s-box, Information Sciences 450 (2018), 361–377. doi:10.1016/j.ins.2018.03.055.

27.

Zhou

Yang

Tan

Pan

Zhou

, Double-image encryption scheme combining dwt-based compressive sensing with discrete fractional random transform, Optics Communications 354 (2015), 112–121. doi:10.1016/j.optcom.2015.05.043.

28.

Zhu

Cheng

Zhang

Yang

, An image encryption scheme using generalized Arnold map and affine cipher, Optik 125 (2014), 6672–6677. doi:10.1016/j.ijleo.2014.06.149.

	Statistical measures between the original and corresponding encrypted image
Image	MSE	PSNR	SSIM	Correlation
5.1.09	6245.94	10.17	0.0360	0.0044
5.1.10	7722.24	9.25	0.0744	−0.0048
5.1.11	10956.92	7.73	0.0179	−0.0006
5.1.12	12213.91	7.26	0.0299	−0.0072
5.1.13	20920.81	4.93	0.0337	−0.0051
5.1.14	7790.96	9.21	0.0524	0.0012
5.2.08	7099.21	9.62	0.0362	−0.0030
5.2.09	9832.99	8.20	0.0535	0.0012
5.2.10	8659.96	8.76	0.0565	−0.0023
7.1.01	6638.73	9.91	0.0311	−0.0042
7.1.02	8229.95	8.98	0.0139	−0.0026
7.1.03	6231.62	10.18	0.0321	0.0001
7.1.04	6789.69	9.81	0.0291	−0.0001
7.1.05	7114.48	9.61	0.0449	0.0031
7.1.06	7939.13	9.13	0.0433	−0.0011
7.1.07	6426.94	10.05	0.0409	−0.0012
7.1.08	6049.97	10.31	0.0246	0.0003
7.1.09	6764.69	9.83	0.0390	0.0006
7.1.10	6254.97	10.17	0.0305	0.0015
boat.512	7653.14	9.29	0.0386	0.0029
gray21.512	11415.77	7.56	0.0024	−0.0040
ruler.512	21633.07	4.78	0.0697	−0.0016
5.3.01	10280.03	8.01	0.0293	0.0008
5.3.02	8700.26	8.74	0.0419	0.0003
7.2.01	15123.58	6.33	0.0119	0.0022
Average Value	9387.55	8.71	0.036	−0.0007

		Variance			Correlation coefficient
Image	$χ^{2}$ value	Plain image	Encrypted image	Reduction percentage (%)	Horizontal	Vertical	Diagonal
5.1.09	241.70	134613.30	242.65	99.8197	−0.00570	−0.00037	0.00082
5.1.10	220.95	50311.09	221.82	99.5591	0.00356	−0.00500	0.00082
5.1.11	289.32	219794.77	290.45	99.8679	0.00250	−0.00180	0.00061
5.1.12	227.60	282917.62	228.49	99.9192	−0.00209	0.00576	−0.00715
5.1.13	269.59	9094178.69	270.64	99.9970	0.00834	−0.00098	−0.00399
5.1.14	258.92	50314.62	259.93	99.4833	−0.00114	0.01023	0.00248
5.2.08	250.30	1184960.50	1005.14	99.9151	0.00333	0.00026	0.00057
5.2.09	259.62	1761826.82	1042.56	99.9408	0.00130	−0.00060	0.00160
5.2.10	272.81	382269.83	1095.54	99.7134	0.00030	−0.00278	−0.00120
7.1.01	245.15	2459315.65	984.43	99.9599	0.00116	0.00078	0.00000
7.1.02	217.03	7082853.23	871.54	99.9876	−0.00067	0.00148	−0.00348
7.1.03	258.51	3251037.64	1038.11	99.9680	−0.00018	0.00293	−0.00053
7.1.04	258.24	1867038.20	1036.99	99.9445	−0.00110	0.00297	0.00040
7.1.05	217.75	1124930.07	874.4	99.9223	−0.00192	−0.00355	0.00143
7.1.06	221.84	1195319.01	890.82	99.9254	0.00225	−0.0020	0.00032
7.1.07	237.32	2423971.45	952.98	99.9607	0.00286	−0.00082	0.00160
7.1.08	268.27	5507895.75	1077.29	99.9804	0.00520	0.00307	0.00205
7.1.09	228.01	1369551.15	915.62	99.9331	−0.00006	−0.00282	−0.00237
7.1.10	229.08	2230616.32	919.92	99.9588	−0.00137	−0.00140	0.00037
boat.512	257.61	1467806.33	1034.49	99.9295	−0.00093	0.00144	0.00098
gray21.512	263.68	11091321.56	1058.84	99.9904	0.00327	0.00305	−0.00124
ruler.512	238.88	167835706.25	959.29	99.9994	−0.00117	−0.00162	0.00097
5.3.01	248.87	10502439.48	3997.50	99.9619	−0.00087	−0.00045	−0.00056
5.3.02	261.85	31074316.16	4206.10	99.9864	−0.00081	0.00121	0.00054
7.2.01	277.05	111642857.43	4450.16	99.9960	−0.00039	−0.00003	−0.00062

				Correlation coefficient
Image	MSE with Fig. 5(a)	PSNR	Entropy	Horizontal	Vertical	Diagonal
Fig. 5(a)	0	-	7.6341	0.98407	0.98507	0.97679
Fig. 5(b)	9429.49	8.39	7.9998	−0.00064	0.00137	−0.00065
Fig. 5(c)	0	-	7.6341	0.98407	0.98507	0.97679
Fig. 5(d)	9420.65	8.39	7.9996	−0.00035	0.00219	−0.00110
Fig. 5(e)	9414.47	8.39	7.9998	−0.00063	0.00216	−0.00031
Fig. 5(f)	10599.84	7.88	7.9890	0.13538	−0.08895	−0.00889
Fig. 5(g)	9415.25	8.39	7.9998	0.00007	0.00468	−0.00118
Fig. 5(h)	9423.79	8.39	7.9998	−0.00046	0.00319	0.00072
Fig. 5(i)	9431.21	8.39	7.9997	−0.00066	0.00012	−0.0007
Fig. 5(j)	9443.55	8.38	7.9998	0.00043	0.00015	0.00095
Fig. 5(k)	9427.32	8.38	7.9998	0.00095	−0.00028	0.00084
Fig. 5(l)	9436.35	8.38	7.9997	0.00131	0.00234	−0.00060

	Schemes
	²⁸	²⁷	¹⁷	²²	¹⁵	¹⁹	⁵	²³	¹⁴	Proposed scheme
Image size	Any	Square	Square	Any	Any	Square	Square	Square	Any	Any
Accurate reconstruction requirement	Accurate keys	Accurate keys	Accurate keys	Accurate keys and accurate orders	Accurate keys and accurate orders	Accurate keys	Accurate keys	Accurate keys	Accurate keys	Accurate keys and accurate orders
Key sensitivity	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Security against noise analysis	NA	Yes	Yes	NA	NA	Yes	NA	NA	Yes	Yes
Security against cropping analysis	NA	Yes	Yes	NA	Yes	NA	Yes	NA	Yes	Yes
Adjoining pixels correlation	Almost zero	Almost zero	NA	NA	Almost zero	Almost zero	Almost zero	Almost zero	Almost zero	Almost zero
Entropy analysis	7.999	NA	NA	NA	7.477	7.998	1.023	7.997	NA	7.999
Differential characteristics	NPCR: 99.6205%	NA	NA	NA	NA	NPCR: 99.74%	NA	NPCR: close to 100%	NPCR: 99.6105%	NPCR: 99.6147%
Differential characteristics	UACI: 33.5516%					UACI: 33.47%		UACI: close to 33%	UACI: 33.4682%	UACI: 33.4717%
Key space	NA	$2^{213}$	NA	NA	NA	$2^{235}$	$2^{233}$	$2^{48 k + 16}$ k-iteration number	$2^{122}$	$2^{1706}$
Time complexity	NA	Real time	NA	NA	NA	NA	NA	Real time	Real time	Real time linear with size
Security against cryptanalytic attack models	NA	NA	NA	NA	NA	Presented	NA	Presented	NA	Presented

Securing Images using Bifid Cipher associated with Arnold Map

Abstract

Keywords

1. Introduction

2. Bifid cipher and Arnold map

2.1. 2D-Bifid cipher

Table 1 An example of Bifid key square. 1 2 3 4 5 1 A D N Y G 2 P L M T Q 3 H K W O I 4 R X E V B 5 C S F U Z

3.3. Combined scheme for images using Bifid cipher and Arnold map

Table 4 Histogram and correlation analysis.

5.8. Time complexity

7. Conclusion

References

Table 1
An example of Bifid key square.

1 2 3 4 5

1 A D N Y G

2 P L M T Q

3 H K W O I

4 R X E V B

5 C S F U Z

Table 4
Histogram and correlation analysis.