This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

1. Introduction

In modern society, information security issues affect almost all aspects of human production and life. The problem of information leakage is becoming increasingly serious. Developing mechanisms to effectively protect the security of information has become a hot research field. Traditional encryption algorithms such as RSA and DES have been widely used in the encryption of text information [1, 2], but with the advancement of the semiconductor industry and computer science, human computing capabilities have achieved rapid progress. Traditional encryption algorithms are facing the risk of being cracked. At the same time, although the computing capabilities of computers have been greatly improved, humans still need higher encryption speeds. The size of image data is much larger than that of text data, and the correlation between adjacent pixels is very strong. Therefore, there is a need to develop more efficient and secure image encryption algorithms.

There are two methods for image encryption: scrambling encryption and pixel grayscale value encryption. Scrambling encryption refers to using algorithms to change the position of pixels. Scrambling encryption can reduce the correlation between pixels, but it cannot change the pixel values. Amnesh et al. proposed a scrambling encryption scheme based on RGB translation scrambling to achieve the encryption of colored images [3]. Jolfaei and Mirghadri proposed a scrambling encryption scheme based on the Henon chaotic map [4]. Alexopoulos proposed a scrambling encryption method based on the SCAN mode [5]. This scheme used different routes to scan the image to be encrypted. Pixel grayscale value encryption refers to changing the pixel grayscale values to achieve encryption. El-Zoghdy et al. used the DES algorithm to encrypt images [6]. Acharya et al. proposed a scheme based on Hill matrix encryption algorithm and used an invertible matrix to encrypt images [7]. With increasing research on image encryption algorithms, some scholars have proposed many hybrid encryption schemes. In 2019, we have proposed a chaos-based image encryption technique utilizing Hilbert Curves and H-Fractals [8].

Data encryption standard (DES) was established by the US Federal Government in 1977. It has been authorized and applied to governmental nonconfidential communications. The traditional DES algorithm [9] first groups the plaintext into many blocks, and the size of each block is 64 bits. Then, each block is divided into two parts, which are scrambled and diffused for 16 rounds. Finally, the encrypted blocks are rearranged. Encrypting images with the traditional DES algorithm faces many problems, such as complicated operation, poor encryption effect, and weak antiocclusion attack capability. For example, Silva-Garcia et al. noticed that when the traditional DES algorithm was applied to images that had large blocks of the same grayscale value [10], some regions with low encryption quality were generated. Thus, the traditional DES algorithm is not suitable for image encryption.

As a complex nonlinear dynamic system [11–14], the chaotic system has the characteristics of high initial parameter sensitivity, unpredictable orbit, and strong state ergodicity. It is usually used as a pseudorandom number generator. Applying the chaotic system to the scrambling encryption process and pixel grayscale value, encryption process can improve the security of the encryption system and overcome the shortcomings of the traditional DES algorithm. Considering this theory, a new image encryption algorithm based on the traditional DES encryption algorithm model, chaotic systems, DNA computing, and select cipher-text output is proposed. The simulation results and security analysis verified the feasibility of this algorithm.

2. Fundamental Theory

2.1. Chaotic System

To increase the antiocclusion capability of this encryption scheme, the logistic map is chosen to scramble the position of pixels [15]. The logistic map is defined in formula (1). In this equation, μ is the parameter; when μ is 4, the chaotic system is in the complete chaos state. The phase diagram of the logistic map is shown in Figure 1(a).

[figures omitted; refer to PDF]

To reduce the correlation between adjacent pixels, the 2D-LSCM chaotic system is chosen to encrypt the pixel grayscale value [16]. The 2D-LSCM chaotic system is defined as formula (2). In this equation, θ is the parameter of the chaotic system. When θ is in the interval (0, 1), the chaotic system is in the chaos state. The phase diagram of the 2D-LSCM chaotic system is shown in Figure 1(b).$$\begin{array}{}\text{(2)}& \left\{\begin{array}{c}x\left(i+1\right)=\sin \left(\pi \left(4\theta x\left(i\right)\left(1-x\left(i\right)\right)+\left(1-\theta \right)\sin \left(\pi y\left(i\right)\right)\right)\right),\\ y\left(i+1\right)=\sin \left(\pi \left(4\theta y\left(i\right)\left(1-y\left(i\right)\right)+\left(1-\theta \right)\sin \left(\pi x\left(i+1\right)\right)\right)\right).\end{array}\right.\end{array}$$

2.2. DNA Coding and Nucleotide Computing

In 1994, Adleman designed and completed the first DNA computing experiment and published his experimental results in the journal of Science [17], opening a new field, biocomputing. Many scholars have performed various studies on biocomputing. Derived from the structure of DNA, DNA computing has many excellent features, such as huge storage capacity, large parallel computing power, and ultralow power consumption. The field of biocomputing is still being explored and studied continuously. Gehani et al. proposed the first algorithm to encrypt images using DNA sequences [18]. In 2012, Chang proposed a fast parallel DNA-based algorithm. This algorithm uses the RSA public-key cryptosystem, biological cryptography, and biological parallel computing to encrypt images [19]. Although DNA computers have not been applied in practice, the encoding and computing methods of DNA computing enrich the means of encryption algorithms in cryptography. By simulating DNA calculations, various evaluation indexes of the encryption algorithm are improved [20, 21].

2.2.1. DNA Coding

Double-stranded DNA molecules consist of four nucleotides: A (adenine), T (thymine), G (guanine), and C (cytosine). Nucleotides follow the principles of complementary pairing, namely, A and T are complementary, and G and C are complementary. In DNA coding, each nucleotide can represent a 2-bit binary string. Pixels in the grayscale images are in the interval [0, 255], so they can be represented by the four nucleotides [22–24]. In binary numbers, 0 and 1 are complementary. Therefore, 00 and 11 are complementary, and 01 and 10 are complementary. When an 8-bit binary string is represented by the four nucleotides, there are 4! = 24 encoding rules, but only 8 kinds of rules satisfy the principle of complementary pairing. These rules are listed in Table 1.

Table 1

8 kinds of DNA coding rules.

When converting pixels to DNA coding, we first need to determine the rule for encoding. For example, the binary string of the decimal digit 188 is 10111100, which can be represented by the nucleotide sequence CTTA under rule 1. DNA decoding is the reverse process of DNA encoding. A different digit is obtained when decoding nucleotide sequences under a different rule. For example, if we decode the nucleotide sequence CTTA under rule 2, we will obtain a binary string 01111100, where the decimal digit of this binary string is 124, which is different from 188. In the encryption process, using different rules to encode and decode is an encryption scheme, but in the decryption process, we should ensure the consistency of encoding and decoding rules.

2.2.2. Nucleotide Computing

With the advances in biocomputing research, some scholars have proposed algebraic operations based on nucleotides [25], such as nucleotide addition and subtraction. Nucleotide addition and subtraction are variants of binary addition and subtraction. There are 8 kinds of nucleotide addition rules, and 8 kinds of nucleotide subtraction rules corresponding to 8 DNA coding rules. The nucleotide addition and subtraction rules under the first coding rule are shown in Table 2.

Table 2

Nucleotide computing rules under the first coding rule.

The nucleotide operations are adding or subtracting binary digits represented by nucleotides. Unlike binary addition or subtraction, only the last 2-bit binary digits remain for the results. For example, the nucleotide sequences TCAG and GATC are added under the first coding rule, and the result is ACTT. The sequence ACTT is used to reduce the sequence of GATC under the first rule, and the result is TCAG. The operation processes are shown in Figure 2. In the addition and subtraction operation processes, the operation results corresponding to each rule are unique.

[figures omitted; refer to PDF]

3. Design of the Encryption Scheme

To improve the security of the key, the encryption scheme uses the SHA-256 algorithm to operate the plaintext image and obtain a 256-bit hash sequence as an initial key, so there is a connection between the key and original image. To improve the antiocclusion capability of the encryption system, this encryption scheme uses the logistic map to globally scramble the pixels. Finally, the encryption scheme uses block diffusion, forward diffusion, and entropy selection methods to improve the evaluation indexes of the encryption system to resist statistical attacks and enhance the pseudorandomness of the encryption system. The details of the encryption process are shown as follows.

3.1. Key Generator

SHA-256 is a type of hash algorithm [26, 27] that can convert any length of data into a 256-bit binary sequence. The hash sequences generated by the SHA-256 algorithm are irreversible, so the plaintext information cannot be inversely calculated from the hash sequences. In this paper, the 256-bit binary sequence H is generated by the SHA-256 algorithm as the initial key. To calculate the initial values of the logistic map and the 2D-LSCM chaotic system, the hash sequence is divided into 32 equal-sized parts k₁, k₂, …, k₃₂. They are integers in the interval [0, 255] when they are converted into decimal digits. Then, the initial values are obtained through formula (3). Pseudorandom sequences are calculated through chaotic systems.$$\begin{array}{}\text{(3)}& \left\{\begin{array}{c}{\text{init}}_1=\frac{\left(k_1\oplus k_2\oplus k_3\oplus k_4\oplus k_5\oplus k_6\oplus k_7\oplus k_8\right)}{256},\hfill \\ {\text{init}}_2=\frac{\left(k_9\oplus k_{10}\oplus k_{11}\oplus k_{12}\oplus k_{13}\oplus k_{14}\oplus k_{15}\oplus k_{16}\right)}{256},\hfill \\ {\text{init}}_3=\frac{\left(k_{17}\oplus k_{18}\oplus k_{19}\oplus k_{20}\oplus k_{21}\oplus k_{22}\oplus k_{23}\oplus k_{24}\right)}{256},\hfill \\ {\text{init}}_4=\frac{\left(k_{25}\oplus k_{26}\oplus k_{27}\oplus k_{28}\oplus k_{29}\oplus k_{30}\oplus k_{31}\oplus k_{32}\right)}{256},\hfill \\ {\text{init}}_5=k_{25}\oplus k_{26}\oplus k_{27}\oplus k_{28}\oplus k_{29}\oplus k_{30}\oplus k_{31}\oplus k_{32},\hfill \\ a\left(1\right)={\text{init}}_4,\hfill \\ x\left(1\right)=\frac{\left({\text{init}}_1+{\text{init}}_5\right)}{256},\hfill \\ y\left(1\right)=\frac{\left({\text{init}}_2+{\text{init}}_5\right)}{256},\hfill \\ \theta =\frac{\left({\text{init}}_3+{\text{init}}_5\right)}{256}.\hfill \end{array}\right.\end{array}$$

3.2. Pixel Position Scramble

Scrambling is a method of changing pixel locations [28, 29]. In this paper, to reduce the correlation between adjacent pixels, the logistic map is applied to scramble the position of pixels. Scrambling has three steps. The first step is mapping the positions of the elements in the pseudorandom sequence one by one with the positions of the pixels in the pixel sequence. The second step is arranging the elements in the pseudorandom sequence in ascending order. The third step is changing the position of the elements in the pixel sequence following the position of the elements in the pseudorandom sequence. We only need to obtain the original pseudorandom sequence and the scrambled pixel sequence to complete the decryption process because the decryption process is the reverse process of the scrambling process. Details of the scrambling and decryption processes are shown in Figure 3. To encrypt the entire image, first, we should use the logistic map to generate two matrices A₁ and A₂ which are the same size as the original image. Second, we should use every row of matrix A₁ to scramble every row of the original image. Third, we should use every column of matrix A₂ to scramble every column of the image whose rows are scrambled.

[figure omitted; refer to PDF]

3.3. Grayscale Encryption

3.3.1. DES Diffusion

To increase the randomness of the cipher images, we adopt a block diffusion scheme similar to the DES structure. This diffusion scheme ignores the grouping operation, and it directly divides the images to be encrypted into two equal-sized matrices as left matrix L₀ and right matrix R₀. Then, we use a 2D-LSCM chaotic system to generate sixteen matrices with the same size of L₀ and R₀ as K₀, K₁, …, K₁₆. Finally, matrices L₀ and R₀ are operated with matrices K₀, K₁, …, K₁₆ through formula (4). We will reserve the matrices L₁₃, …, L₁₆ and R₁₃, …, R₁₆ for other purposes.$$\begin{array}{}\text{(4)}& \left\{\begin{array}{cc}{L}_i=R_{i-1},R_i=\text{bitxor}\left(L_{i-1},\text{bitxor}\left(R_{i-1},K_i\right)\right),\hfill & 1\le i\le 8,\hfill \\ L_i=R_{i-1},R_i=\text{nucleotides\hspace{0.17em}subtraction}\left(L_{i-1},\text{nucleotides\hspace{0.17em}addition}\left(R_{i-1},K_i\right)\right),\hfill & 9\le i\le 16.\hfill \end{array}\right.\end{array}$$

3.3.2. Forward Diffusion

The purpose of diffusion is to correlate adjacent pixels [30–33]. Using forward diffusion to the encrypt image with the size of M × N, we first rearrange the pixel matrix into a pixel sequence of length M × N and label the pixel points as $P\left(1\right)$, $P\left(2\right)$,…, $P\left(M\times N\right)$. Then, we calculate the encrypted pixels $P^{\prime }\left(1\right)$, $P^{\prime }\left(2\right)$,…, $P^{\prime }\left(M\times N\right)$ through formula (5). Finally, we rearrange the pixel sequence into a matrix of size M × N to obtain the encrypted image.$$\begin{array}{}\text{(5)}& \left\{\begin{array}{c}{P}^{\prime }\left(1\right)=P\left(1\right),\\ P^{\prime }\left(i\right)=\text{bitxor}\left(P\left(i\right),P^{\prime }\left(i-1\right)\right),\hspace{1em}i\ge 2.\end{array}\right.\end{array}$$

Using forward diffusion can increase the information entropy of the image and reduce the correlation between adjacent pixels. The Lena image and forward diffused Lena image are shown in Figure 4. It can be seen from the comparison that the diffused image still retains some features of the original image, so the encryption algorithm cannot only use forward diffusion. The forward diffusion must be used in conjunction with other methods.

[figures omitted; refer to PDF]

3.4. Encryption Scheme

The flow chart of the encryption scheme is shown in Figure 5. The 256 × 256 Lena image is encrypted as an example. Suppose that the original image is I, and the encryption scheme is as follows:

Step 1. The original image I is input into the SHA-256 algorithm to obtain a 256-bit binary hash sequence H.

[figure omitted; refer to PDF]

3.5. Decryption Process

The process of the encryption algorithm proposed in this paper is reversible, but because it is uncertain which round of cipher the image C is generated, the collision process needs to be added in the decryption process. The steps of the decryption process are summarized as follows:

Step 1. Decrypt cipher image C by forward diffusion decryption operations as C₁, C₂, C₃, and C₄. Decrypt DES and scramble decryption operations through the reverse process of encryption process to obtain decrypted images I₁, I₂, I₃, and I₄. Because the encryption process is reversible, the decryption process will not be repeated.

4. Simulation Results and Security Analysis

Some common images were used to verify the feasibility and security of the encryption algorithm. The original images, the encrypted images, and the decrypted images are shown in Figure 6. In our simulation, the cipher images have completely lost the characteristics of the original images. After decrypting the cipher images, each decrypted image is exactly the same as the original image, so the algorithm is lossless.

[figures omitted; refer to PDF]

4.1. Key Sensitivity Analysis

4.1.1. Key Space Analysis

A good encryption scheme should have enough key space to resist a brute force attack. The keys used in this paper include the hash sequence a(1), x(1), y(1), and θ. The key space of the SHA-256 algorithm is 2¹²⁸, and the precision of the initial value is calculated by 10⁻¹⁵. Then, the total key space of the SHA-256 algorithm is $2128\ast 1015\ast 1015\ast 1015\ast 1015=3.4028\ast 1098$. Thus, the algorithm has enough key space to resist a brute force attack and has strong security.

4.1.2. Key Sensitivity Analysis

A good encryption scheme should be sensitive to the key. The decrypted image obtained by changing one key by 10⁻¹⁵ with the other keys unchanged is shown in Figure 7; the encryption algorithm cannot be cracked. By comparison, it can be concluded that the encryption scheme is very sensitive to the key.

[figures omitted; refer to PDF]

4.2. Antistatistical Attack Capability Analysis

The histogram of the image and the correlation between adjacent pixels are used to characterize the image. The feature of the original image is obvious, and the pixel values in some blocks of the image are distributed in concentration. When this phenomenon is reflected in the histogram, the elements are unevenly distributed. When this phenomenon is reflected in the correlation, the correlation between adjacent pixels is very strong. A good encryption algorithm can break the distribution characteristics of pixels in the original image, make the distribution of pixels in the cipher image more uniform, and reduce the correlation between adjacent pixels in the cipher image. Thus, attackers cannot attack cipher images by statistical means, and the encryption algorithm can effectively resist statistical attacks. In this paper, the histograms of original images and cipher images and the correlation between adjacent pixels are listed to show the ability of the algorithm to resist statistical attacks. At the same time, we add some comparisons with other image encryption algorithms to prove the advantages of the image encryption algorithm.

4.2.1. Histogram Analysis

In Figure 8, some histograms of the original images and histograms of the corresponding encrypted images are listed. In the histograms of the plaintext images, the pixel values are not uniform; it has certain statistical characteristics and cannot resist brute force attacks. However, in the cipher images, the distributions of pixel values are very uniform, and there is no statistical rule. The comparison between the histogram of the original image and the histogram of the encrypted image proves that the encrypted algorithm can break the statistical rule of the original images and has a good antistatistical attack ability.

[figures omitted; refer to PDF]

4.2.2. Correlation Analysis

The correlation between adjacent pixels of the plaintext image is very strong. Breaking the correlation between adjacent pixels can enhance the ability of the encryption algorithm to resist statistical attacks. We randomly selected 10000 pixels from the original Lena image and the encrypted Lena image in the horizontal, vertical, and diagonal directions and listed these pixel values and their adjacent pixel values in Figure 9. There are strong correlations between adjacent pixels in the original Lena image, but there are almost no correlations between adjacent pixels in the encrypted Lena image. We can quantify the correlation between adjacent pixels with mathematical indicators. The correlation coefficient between adjacent pixels is calculated using formula (6), where $E\left(x\right)$ is the mean, $D\left(x\right)$ is the variance, and $\mathrm{cov}\left(x,y\right)$ is the covariance. The correlation coefficients are shown in Table 3. By comparing the correlation coefficients of the original images and cipher images in Table 3, it can be seen that the algorithm can resist statistical attacks very well, and its ability is not weaker than those of references [34] and [35].$$\begin{array}{}\text{(6)}& \left\{\begin{array}{c}E\left(x\right)=\frac{1}{N}\sum _{i=1}^N{x}_i,\\ D\left(x\right)=\frac{1}{N}\sum _{i=1}^N{\left(x_i-E\left(x\right)\right)}^2,\\ \mathrm{cov}\left(x,y\right)=\frac{1}{N}\sum _{i=1}^N\left(x_i-E\left(x\right)\right)\left(y_i-E\left(y\right)\right),\\ r_{xy}=\frac{\mathrm{cov}\left(x,y\right)}{\sqrt{D\left(x\right)}\sqrt{D\left(y\right)}}.\end{array}\right.\end{array}$$

[figures omitted; refer to PDF]

Table 3

Correlations of original images and encrypted images.

4.2.3. Information Entropy Analysis

In 1948, Shannon put forward the concept of information entropy. The concept of information entropy solves the problem of quantifying and measuring information and can be used to judge the randomness of information. When the information entropy of a piece of information is close to its ideal value, we can judge that the information has good randomness. The information entropy of the image can be used to measure the degree of randomness of the image. The calculation method of information entropy is shown in formula (7), where $p\left(i\right)$ represents the probability that each situation may occur in a model:$$\begin{array}{}\text{(7)}& H\left(s\right)=-\sum _{i=1}^{n}p\left(i\right){\log }_{2}p\left(i\right),\end{array}$$

Pixel values are distributed in the interval [0, 255], and the probability of each case is $1/256$, so the information entropy of a gray image is 8 in an ideal case. If the information entropy of a grayscale image is close to 8, the image has good randomness. The information entropies of the cipher images encrypted by this algorithm and some other algorithms are shown in Table 4. The information entropy of the cipher image of this algorithm is close to 8, and the result is not inferior to other algorithms. Therefore, it can be considered that the randomness of the cipher image of this algorithm meets the encryption requirements.

Table 4

Entropy of images.

4.3. Antidifferential Attack Capability Analysis

The number of pixel change rate (NPCR) and unified average changing intensity (UACI) are two indices used to measure the correlation degree between a cipher image and an original image as well as the antidifferential attack ability of the encryption algorithm. The closer the NPCR and UACI are to the ideal values, the stronger the antidifferential attack ability of the encryption algorithm. The calculation methods of NPCR and UACI are shown in formula (8):$$\begin{array}{}\text{(8)}& \left\{\begin{array}{c}\text{NPCR}=\frac{{\sum }_{i,j}\left|\text{Sign}\left(P_1\left(i,j\right)-P_2\left(i,j\right)\right)\right|}{M\times N}\times 100\%,\\ \text{UACI}=\frac{{\sum }_{i,j}\left|P_1\left(i,j\right)-P_2\left(i,j\right)\right|}{255\times M\times N}\times 100\%,\end{array}\right.\text{(9)}& \text{Sign}\left(x\right)=\left\{\begin{array}{cc}1,& x>0,\\ 0,& x=0,\\ -1,& x<0.\end{array}\right.\end{array}$$

$\text{Sign}\left(x\right)$ is a symbolic function, and its calculation method is shown in formula (9). $P_1\left(i,j\right)$ is the pixel value of the cipher image, and $P_2\left(i,j\right)$ is the pixel value of the cipher-text image encrypted after a slight change in the original image. The theoretical expectations of NPCR and UACI were 100% and 33.4635%, respectively. The NPCR and UACI values of the two cipher images are shown in Table 5. By comparison, we can see that the cipher image of this algorithm has a strong correlation with the original image, and it can resist the differential attack very well.

Table 5

NPCR and UACI.

4.4. Antinoise Attack Capability Analysis

The antinoise attack ability of an encryption system is one of the standards for measuring the robustness of the encryption system. In the process of transmission, information will inevitably be disturbed by noise, which will distort the cipher image and affect the decrypted image. The common noises are Gauss noise, Poisson noise, salt and pepper noise, etc. In this section, the antinoise attack ability of the encryption system is analyzed. Different intensities of salt and pepper noise are added to the cipher image using MATLAB software and then decrypted. The simulation results are shown in Figure 10. The correlation of the image is used as an index to compare the decrypted image with the original image. The correlations are shown in Table 6. Based on this analysis, the encryption algorithm has a good antinoise attack ability.

[figures omitted; refer to PDF]

Table 6

Correlations of decrypted images with different intensities of noise attack.

4.5. Antiocclusion Attack Capability Analysis

The antiocclusion attack ability of the encryption algorithm can reflect the scattered degree of cipher text. If the scrambling degree of the encryption algorithm is insufficient, the occlusion area in the decrypted image may completely lose its original characteristics after decryption. The occlusion attack test is to occlude the cipher image and then observe the degree of restoration of the decrypted image. The clipped cipher images are shown in Figures 11(a)–11(d). The cipher images with cutting areas of $1/64$, $1/16$, $1/4$, and $1/2$ are decrypted. The results are shown in Figures 11(e)–11(h). With the correlation of the image as an indicator, the decrypted image and the original image were compared and analyzed. The results are shown in Table 7. By analyzing the correlation, we can see that when the cipher image is attacked by clipping, the algorithm can restore the original image features to some extent. Therefore, the algorithm has a good antiocclusion attack ability.

[figures omitted; refer to PDF]

Table 7

Correlations of decrypted images with different intensities of noise attack.

5. Conclusions

In this paper, an image encryption algorithm based on block diffusion and the chaotic system is proposed by means of a traditional DES encryption algorithm combined with chaotic system and DNA coding technology. This method compensates for the problems of high computational complexity and inconvenient key management when the traditional text encryption algorithm is used in the digital image encryption algorithm by using DNA coding operation, selecting cipher-text output, and key verification. The experimental results show that the algorithm has a large key space to resist statistical attacks, differential attacks, occlusion attacks, noise attacks, etc. It can be widely used for the secure transmission of image information.

Conflicts of Interest

The authors declare that they have no conflicts of interest.

Acknowledgments

This paper was supported by the National Natural Science Foundation of China (grant nos. 61572446, 61602424, and U1804262), Key Scientific and Technological Project of Henan Province (grant nos. 174100510009 and 192102210134), and Key Scientific Research Projects of Henan High Educational Institution (18A510020).