A Novel Image Encryption Scheme Based on Self-Synchronous Chaotic Stream Cipher and Wavelet Transform

In this paper, a novel image encryption scheme is proposed for the secure transmission of image data. A self-synchronous chaotic stream cipher is designed with the purpose of resisting active attack and ensures the limited error propagation of image data. Two-dimensional discrete wavelet transform and Arnold mapping are used to scramble the pixel value of the original image. A four-dimensional hyperchaotic system with four positive Lyapunov exponents serve as the chaotic sequence generator of the self-synchronous stream cipher in order to enhance the security and complexity of the image encryption system. Finally, the simulation experiment results show that this image encryption scheme is both reliable and secure.


Introduction
With the rapid development of social networking, cloud computing, and mobile network communication technology, the problem of secure storage and real-time transmission of image data is increasingly important. Encryption and digital watermarking technology play an important role in guaranteeing the security of multimedia data [1]. However, because of the high correlation and redundancy of adjacent pixels of the digital image, some international standard encryption algorithms are not suitable for image encryption, including 3DES (Triple Data Encryption Algorithm), IDEA (International Data Encryption Algorithm), and AES (Advanced Encryption Standard), etc. On the other hand, the chaotic nonlinear dynamic system has some good characteristics, such as positive Lyapunov exponents, ergodicity, sensitivity to initial conditions, topological transitivity, and unpredictability [2][3][4][5], and was widely applied in the field of cryptography and secret communication.
In recent years, in order to better solve the security transmission of digital images, some scholars have put forward a series of image security encryption schemes based on the chaotic system and the inherent characteristics of digital images [6][7][8][9]. For example, Ping et al. [10] proposed a permutation-substitution image encryption scheme with the Henon map, which can resist a chosen-plaintext attack and known-plaintext attack. Ye et al. [11] put forward an efficient symmetric image encryption algorithm based on an intertwining Logistic map. Haroun [12] came up with a real-time image encryption scheme using a low-complexity discrete 3D dual chaotic cipher.
However, these image encryption schemes generally use low-dimensional chaotic systems or high-dimensional chaotic systems with only one positive Lyapunov exponent such as Logistic, Tent, Henon, and Lorenz, etc. Compared with the high-dimensional hyperchaotic system with more than two positive Lyapunov exponents, the complexity of nonlinear dynamic characteristics of the above chaotic systems are lower. Additionally, because of the influence of the calculation precision and

The Description of Four-Dimensional Discrete Chaotic System
In this section, a four-dimensional chaotic system is constructed through the Chen-Lai algorithm [18,19]. The discrete dynamic equations of the system can be expressed as the follows: where · 2 and e represent Euclidean norm and mathematical constant, respectively. The mod is the module operations, and c is control parameter. Furthermore, matrix A is given as follows: ( When c = 3, the Lyapunov exponents of the system are given by LE 1 = 3.0128, LE 2 = 3.0454, LE 3 = 3.0717, and LE 4 = 3.0799. The number of positive Lyapunov exponents are more than two. Thus, Entropy 2018, 20, 445 3 of 13 the system is a four-dimensional hyperchaotic system. The chaotic time series of the four-dimensional hyperchaotic system are shown in Figure 1. . The number of positive Lyapunov exponents are more than two. Thus, the system is a four-dimensional hyperchaotic system. The chaotic time series of the four-dimensional hyperchaotic system are shown in Figure 1.

Binary Quantization Method
For the above chaotic system, ( ) (0,1) ∈ j x k with 1, 2, 3, 4 = j . In this paper, we adopt the binary quantization method to quantize discrete chaotic real value sequences. The corresponding quantization method is defined as follows: where ( ) j Q k is the quantized chaotic binary sequence, and d t represents the quantization threshold with = 0.5 d t .

Multi-Scale Permutation Entropy Analysis
Multi-scale permutation entropy (MPE) [20,21] has the advantages of high robustness and fast computational speed. It is widely applied in the measurement of binary sequence complexity and nonlinear system analysis. In this section, we perform a multi-scale permutation entropy analysis for the above chaotic binary sequence. The parameters of MPE have embedding dimension m , delay

Binary Quantization Method
For the above chaotic system, x j (k) ∈ (0, 1) with j = 1, 2, 3, 4. In this paper, we adopt the binary quantization method to quantize discrete chaotic real value sequences. The corresponding quantization method is defined as follows: where Q j (k) is the quantized chaotic binary sequence, and t d represents the quantization threshold with t d = 0.5.

Multi-Scale Permutation Entropy Analysis
Multi-scale permutation entropy (MPE) [20,21] has the advantages of high robustness and fast computational speed. It is widely applied in the measurement of binary sequence complexity and nonlinear system analysis. In this section, we perform a multi-scale permutation entropy analysis for the above chaotic binary sequence. The parameters of MPE have embedding dimension m, delay factor τ, and scale factor s. For the choice of the parameter values of the multi-scale permutation entropy with the purpose of calculating the complexity of chaotic binary sequences, Sun et al. [22] and Xu et al. [23] give the recommended parameter range in order to obtain more accurate entropy values. On the basis of the theoretical research of the above references, in this experiment, we set m = 3, τ = 2, and s ∈ [3,7], respectively. The experimental results are shown in Table 1. As can be seen from Table 1, all MPE values of chaotic binary sequences are more than 0.9 and display good sequence complexity. Table 1. The multi-scale permutation entropy (MPE) value of chaotic binary sequences with Q 1 (k), Q 2 (k), Q 3 (k), and Q 4 (k). For these tests, each p-value is the probability that a perfect random number generator would have produced a sequence less random than the sequence that was tested, given the kind of non-randomness assessed by the test. A significance level (α) can be chosen for the tests. If p − value ≥ α, then the null hypothesis is accepted; i.e., the sequence appears to be random. If p − value < α, then the null hypothesis is rejected; i.e., the sequence appears to be non-random. Typically, α is chosen in the range [0.001, 0.01]. Common values of α in cryptography are about 0.01 based on the NIST-800-22 test standard [24]. The experimental results of NIST-800-22 test are shown in Table 2. Table 2 shows that the chaotic binary sequences Q 1 (k), Q 2 (k), Q 3 (k), and Q 4 (k) passed all the tests. These sequences show good randomness and meet the requirements of the stream cipher. Table 2. NIST-800-22 test of chaotic binary sequences.

The Design of Self-Synchronous Chaotic Stream Cipher
The self-synchronous stream cipher is also known as the asynchronous stream cipher. The generation of the key stream of self-synchronous stream cipher is not independent of the plaintext and ciphertext stream but is related to the seed key and some ciphertext that has been generated before.
It has the advantages of limited error propagation, self-synchronous and ciphertext statistical diffusion. In this section, the encryption and decryption block diagram of the self-synchronous stream cipher based on the four-dimensional hyperchaotic system is shown in Figure 2.

The Design of Self-Synchronous Chaotic Stream Cipher
The self-synchronous stream cipher is also known as the asynchronous stream cipher. The generation of the key stream of self-synchronous stream cipher is not independent of the plaintext and ciphertext stream but is related to the seed key and some ciphertext that has been generated before.
It has the advantages of limited error propagation, self-synchronous and ciphertext statistical diffusion. In this section, the encryption and decryption block diagram of the self-synchronous stream cipher based on the four-dimensional hyperchaotic system is shown in Figure 2. Where K ,   (1) and (2), can be given as Equation (4). Where K, (K 1 s , K 2 s , K 3 s , K 4 s ), ⊕ and function g(·) represent the seed key, subkey, exclusive OR (XOR) operational character and subkey generation function, respectively. C i−1 and C i are the ciphertext stream generated at two adjacent moments. Q 1 , Q 2 , Q 3 , and Q 4 are the quantized chaotic binary sequence. P 1 i , P 2 i , P 3 i , and P 4 i are the adjacent plaintext stream with the purpose of parallel encryption. According to Equations (1) and (2), f 1 (·), f 2 (·), f 3 (·), and f 4 (·) can be given as Equation (4). The encryption process of the self-synchronous chaotic stream cipher can be described as follows: 1.
The subkey (K 1 s , K 2 s , K 3 s , K 4 s ) is generated by function g(·) and K j s ∈ (0, 1) with j = 1, 2, 3, 4. Where K and C i−1 are the 0-1 binary sequence with length of 32 bits. The function g(·) is given as follows: ) of the four-dimensional hyperchaotic system. The key stream Q 1 , Q 2 , Q 3 and, Q 4 with length of 8 bits are generated by hyperchaotic Equation (4) and a binary quantization operation with the purpose of parallel encryption.

3.
Ciphertext C i is generated by the Equation (6). At the same time, the C i will feedback to the function g(·) with the purpose of generating the next round subkey (K 1 The decryption process of the self-synchronous chaotic stream cipher is similar to the encryption process, which is not repeated here.

The Description of the Image Encryption Scheme
In this section, a novel image encryption scheme is proposed based on self-synchronous chaotic stream cipher, Arnold mapping, and two-dimensional discrete wavelet transform (DWT). The encryption process of the proposed scheme is shown in Figure 3. Firstly, the spatial domain of the image is transformed into the frequency domain by two-layer DWT. Secondly, Arnold mapping is implemented with the purpose of obtaining good diffusion effectiveness. Finally, on the basis of self-synchronous chaotic stream cipher, the scrambled image is encrypted to ensure its security. implemented with the purpose of obtaining good diffusion effectiveness. Finally, on the basis of self-synchronous chaotic stream cipher, the scrambled image is encrypted to ensure its security.

Discrete Wavelet Transform
The DWT plays an important role in image compression and image information processing. The decomposition process of signal S o by the two-dimensional DWT is shown in Figure 4. A two-dimensional matrix S o can be decomposed into four groups of coefficients [cA, cD (h) , cD (v) , cD (d) ]. Where cA, cD (h) , cD (v) , and cD (d) represent approximate coefficient (low frequency component), horizontal detail coefficient, vertical detail coefficient, and diagonal detail coefficients, respectively. Furthermore, the approximate coefficient cA can continue to be decomposed by the same method. On the basis of the above image encryption scheme, in order to obtain the transformation coefficient, the pixel value of the grayscale image is processed by two-dimensional discrete wavelet transform. Thereafter, the spatial domain of the digital image is transformed into the frequency domain with the purpose of enhancing the pixel scrambling effect. implemented with the purpose of obtaining good diffusion effectiveness. Finally, on the basis of self-synchronous chaotic stream cipher, the scrambled image is encrypted to ensure its security.

Arnold Mapping
Arnold mapping [25], also known as cat mapping, is a chaotic mapping method for repeated folding and stretching transformation in a limited area. It is widely applied to pixel scrambling of images. The mathematical equation of Arnold mapping is given as follows: where (X n , Y n ) and (X n+1 , Y n+1 ) represent the pixel coordinates of the original image and the pixel coordinates of transformed image, respectively. In addition, X n , Y n , X n+1 , Y n+1 ∈ {0, 1, · · · , N − 1}, and a = 1, b = 1. The variable M is the size of the image.

Security Analysis of Image Encryption Scheme
In this section, the Lena, fruits, and airplane gray images with a size of 256 × 256 are encrypted using the above image encryption scheme based on self-synchronous chaotic stream cipher. The security analysis results of image encryption are shown below.

Histogram Analysis
The histogram of the image is an important statistical feature of the image. It can be considered as the gray density function of the image. One of the evaluation criteria of image encryption effect is whether the gray histogram of the ciphertext image has the characteristics of uniform distribution. The results of the grayscale histogram are shown in Figure 5, and the horizontal and vertical coordinates of the gray histogram represent the pixel values and number of pixel values, respectively. As can be seen from the Figure 5g-i, the pixel values of the ciphertext images are so evenly distributed that it is difficult for the attacker to extract the plaintext pixel statistical characteristics from the ciphertext. Therefore, this image encryption scheme can resist statistical attacks well.

Arnold Mapping
Arnold mapping [25], also known as cat mapping, is a chaotic mapping method for repeated folding and stretching transformation in a limited area. It is widely applied to pixel scrambling of images. The mathematical equation of Arnold mapping is given as follows: where ( , ) n n X Y and

Security Analysis of Image Encryption Scheme
In this section, the Lena, fruits, and airplane gray images with a size of 256 6 25 × are encrypted using the above image encryption scheme based on self-synchronous chaotic stream cipher. The security analysis results of image encryption are shown below.

Histogram Analysis
The histogram of the image is an important statistical feature of the image. It can be considered as the gray density function of the image. One of the evaluation criteria of image encryption effect is whether the gray histogram of the ciphertext image has the characteristics of uniform distribution. The results of the grayscale histogram are shown in Figure 5, and the horizontal and vertical coordinates of the gray histogram represent the pixel values and number of pixel values, respectively. As can be seen from the Figure 5g-i, the pixel values of the ciphertext images are so evenly distributed that it is difficult for the attacker to extract the plaintext pixel statistical characteristics from the ciphertext. Therefore, this image encryption scheme can resist statistical attacks well.

Correlation Analysis of Adjacent Pixels
Correlation analysis refers to the analysis of two variables with correlation so as to measure the correlation degree of two variables. The correlation of adjacent pixels can reflect the scrambling effect of image pixels. The mathematical equation for the correlation of adjacent pixels is shown as follows [26]: x y D x D y ρ = (11) where k x and k y represent the grey values of two adjacent pixels, and N is the number of randomly selected adjacent pixels from the original or encrypted image. The xy and cov( , ) x y represent the correlation coefficient, mean value, variance, and covariance, respectively. For the correlation analysis experiment, we randomly selected 2000 pairs of adjacent pixels in horizontal, vertical, and diagonal directions from the plain and encrypted images of Lena. The experimental results are shown in Figure 6. Where ( , ) i j represents the position coordinates of this pixel in the image. As can be seen from the figure, the correlation of cipher-images is much lower than that of plain-images. Furthermore, Table 3 shows the correlation analysis of the adjacent pixels with the Lena, airplane, and fruits image. Obviously, the correlation coefficient of the plain-image is close to 1. On the contrary, the correlation coefficient of the cipher-image is close to 0, which indicates a good performance.

Correlation Analysis of Adjacent Pixels
Correlation analysis refers to the analysis of two variables with correlation so as to measure the correlation degree of two variables. The correlation of adjacent pixels can reflect the scrambling effect of image pixels. The mathematical equation for the correlation of adjacent pixels is shown as follows [26]: where x k and y k represent the grey values of two adjacent pixels, and N is the number of randomly selected adjacent pixels from the original or encrypted image. The ρ xy , E(x), D(x) and cov(x, y) represent the correlation coefficient, mean value, variance, and covariance, respectively. For the correlation analysis experiment, we randomly selected 2000 pairs of adjacent pixels in horizontal, vertical, and diagonal directions from the plain and encrypted images of Lena. The experimental results are shown in Figure 6. Where (i, j) represents the position coordinates of this pixel in the image. As can be seen from the figure, the correlation of cipher-images is much lower than that of plain-images. Furthermore, Table 3 shows the correlation analysis of the adjacent pixels with the Lena, airplane, and fruits image. Obviously, the correlation coefficient of the plain-image is close to 1. On the contrary, the correlation coefficient of the cipher-image is close to 0, which indicates a good performance.

Peak Signal-To-Noise Ratio (PSNR) Analysis
The peak signal-to-noise ratio is an objective criterion for evaluating images, and its mathematical equation is given as follows: PSNR = 10 log 10 (L 2 /MSE) (12) where M × M is the size of image, I (i, j), and I(i, j) represent the pixel value of encrypted and original images, respectively. MSE is mean squared error, and L is the range of gray values in the image. Generally speaking, the better the encryption effect is, the smaller the PSNR of the image becomes. The results of the PSNR test is shown in Table 4. For the test result of our scheme, it is the average PSNR of the Lena, airplane, and fruits images. Similarly, for the image encryption method of Yin et al. [27] and Zhu [28], this PSNR represents the average value of multiple images. As can be seen from the table, our scheme has a smaller PSNR value, which shows a good encryption effect. Table 4. Peak signal-to-noise ratio (PSNR) test with different methods.

Information Entropy Analysis
Information entropy can measure the distribution of gray values in images. The more random the gray value distribution, the greater the information entropy of the image. According to the information theory of Shannon, the information entropy can be defined as follows: H(s) = − 2 n −1 ∑ i=0 P(s i ) log 2 (P(s i )) (14) where P(s i ) represents the probability of symbol s i , n is the number of bits required to store each pixel value, 2 n is the total states of the information source s. When n = 8, the theoretical value of information entropy is 8. The information entropy test was performed for the encrypted images of Lena, airplane, and fruits. Table 5 shows the experimental results of the entropy test. The test result of our scheme is the average entropy value of the Lena, airplane, and fruits images. For the scheme of Liu et al. [29], Liu et al. [30], and Niyat [31], these entropy values represent the average value of multiple images. As can be seen from the table, the entropy value of encrypted image of our scheme is closer to the theoretical value 8. Therefore, this scheme can effectively resist the information entropy attack.

Discussion
In this paper, we proposed a novel image encryption scheme with the purpose of ensuring secure transmission of image data. A four-dimensional hyperchaotic system is constructed to act as the chaotic sequence generator. Moreover, the performance of chaotic binary sequences is analyzed by multi-scale permutation entropy and the NIST-800-22 test. The test results show that the binary sequence has good randomicity and security. On the basis of the chaotic sequence generator, a self-synchronous stream cipher is designed to encrypt the image data. The generation of the key stream of the chaotic stream cipher is related to the seed key and a certain number of bits ciphertext that has been generated previously. It has the advantages of limited error propagation, self-synchronous and ciphertext statistical diffusion, which can satisfy the security and stability of image encryption system. Finally, a novel image encryption scheme is designed based on the self-synchronous stream cipher. Arnold mapping and wavelet transform are used to obtain a good scrambling effect for the digital image. Some simulation results show that the proposed scheme is both reliable and secure.
Author Contributions: C.F. conceived and wrote the paper, which devoted to the simulation experiments. Q.D. gave some theoretical guidance. All authors have read and approved the final manuscript.