1. Introduction

With the widespread use of digital images in various fields, including healthcare, finance and personal communication, there is a growing need to ensure their secure communication and storage. This is especially true in terms of protecting them from unauthorized access, tampering and interception [1,2]. Encryption is the process of converting plaintext (unencrypted data) into ciphertext (encrypted data) using an encryption algorithm and a secret key. The encrypted data can only be decrypted and read by someone who has the correct key. Image encryption is a specific type of encryption that is designed to protect digital images by eradicating any symmetry between a plain image and its encrypted version. The need for image encryption arises from several factors. Firstly, digital images often contain sensitive information, such as personal photos, medical images or confidential documents. This information needs to be protected from unauthorized access or interception during transmission over the Internet or storage on a device [3]. Secondly, images can be easily tampered with and it is often difficult to detect such tampering. Encryption can help prevent unauthorized modifications of the image data by providing a way to verify the authenticity of the image [4]. Thirdly, images are often stored and transmitted in large quantities, making it difficult to ensure the security of each individual image. Image encryption algorithms can help secure large quantities of images by providing a way to efficiently and securely process their data [5].

Recent literature shows the reliance of image encryption algorithms on substitution-permutation networks (SPNs). SPNs are a popular cryptographic primitive used in symmetric key encryption algorithms. These operate by applying a series of substitution and permutation operations to plaintext blocks, producing ciphertext blocks that are difficult for an attacker to decipher without the correct key. SPNs have been widely used in image encryption research due to their ability to efficiently encrypt large amounts of data while maintaining strong security guarantees [6,7,8]. In an image encryption algorithm, the plaintext is typically represented as a matrix of pixel values and the SPN is applied to each pixel value individually or to a block of pixels simultaneously. One of the main advantages of using SPNs in image encryption is their ability to provide a high degree of confusion and diffusion, satisfying Shannon’s theory of secure communication [9]. Confusion refers to the property of the encryption algorithm that makes it difficult for an attacker to relate the ciphertext to the plaintext, while diffusion refers to the property that ensures that small changes in the plaintext lead to significant changes in the ciphertext [2].

SPNs have also been used in combination with other cryptographic techniques, such as key management and authentication, to provide a more comprehensive approach to image security [10]. For example, some image encryption algorithms based on SPNs use secret key management techniques to ensure that the encryption key is securely distributed and protected from unauthorized access [11]. Overall, the importance of SPNs in image encryption research lies in their ability to provide strong security guarantees while efficiently processing large amounts of data. As such, they have become a cornerstone of modern image encryption algorithms and continue to be an active area of research in the field of cryptography. In general, most recent literature on image encryption carries out confusion through the application of one or more substitution boxes (S-boxes), while diffusion is carried out through the application of an encryption key that is based on a pseudo-random number generated bitstream, where an appropriate logical operation is utilized [7,12,13]. The next couple of paragraphs introduce each of those steps.

Substitution boxes are an important component of many image encryption algorithms. These are used to substitute plaintext bits with ciphertext bits and they provide a key component of the confusion step in many encryption algorithms [7]. The importance of S-boxes in image encryption algorithms lies in their ability to provide strong security guarantees by introducing non-linear transformations into the encryption process. S-boxes help to ensure that changes to a single input bit have unpredictable and significant effects on the output, making it difficult for an attacker to analyze and reverse-engineer the encryption process. In image encryption, S-boxes are typically used in combination with permutation operations to form SPNs [12]. As mentioned, the SPN structure is particularly well-suited to image encryption because it provides a high degree of confusion and diffusion, which are both important properties for secure encryption. The use of S-boxes in image encryption algorithms can also help to prevent common attacks, such as differential and linear cryptanalysis, which rely on analyzing the statistical properties of the encryption process. S-boxes can help obscure these statistical properties, making it more difficult for an attacker to break the encryption [12].

Pseudo-random number generators (PRNGs) play an important role in image encryption algorithms. PRNGs are used to generate a sequence of random numbers that are used to encrypt the image data. These random numbers are combined with the original image data using various encryption techniques to produce encrypted image data that is difficult to decipher without the correct key [2]. The importance of PRNGs in image encryption algorithms lies in their ability to generate a large amount of unpredictable and uniformly distributed random numbers. These random numbers are crucial for achieving the two main goals of encryption: confidentiality and integrity [3]. Confidentiality refers to the property of the encryption algorithm that ensures that only authorized parties can access the encrypted data. Integrity refers to the property that ensures that the encrypted data has not been tampered with or modified during transmission or storage. PRNGs are designed to produce random numbers that are indistinguishable from true random numbers. However, unlike true random number generators, PRNGs are deterministic and rely on a seed value to produce the same sequence of numbers each time they are used with the same seed [12]. The seed value is typically generated from a source of true randomness, such as atmospheric noise, mouse movements or keyboard timings, to ensure that the resulting sequence of numbers is sufficiently unpredictable. In image encryption algorithms, PRNGs are used to produce a large sequence of random numbers that are combined with the original image data to produce encrypted data [2]. The strength and quality of the encryption depend on the randomness and uniformity of the PRNG output. Therefore, selecting a secure and robust PRNG is essential for ensuring the security and effectiveness of the image encryption algorithm.

Chaotic functions exhibit sensitive dependence on initial conditions and cycloidal behavior, making them suitable for encryption applications [6,8]. There are two main types: low-dimensional chaotic functions with two or three variables and hyperchaotic functions with four or more variables, thus spanning multiple dimensions and interacting in complex ways [14]. Low-dimensional chaotic functions, such as the Lorenz or Henon maps, have a smaller key space but simpler computational requirements, making them faster and easier to implement [13,15,16]. However, their lower dimensionality means they have weaker encryption strengths. Hyperchaotic functions, on the other hand, have a much larger key space due to their extra variables, providing stronger encryption. However, they also have greater complexity, requiring more computing power and being slower to compute. Each type has its advantages and disadvantages for image encryption. Low-dimensional chaos is suitable for real-time encryption of streaming videos or wireless communications due to its simplicity. Hyperchaos provides very high encryption strength, making it suitable for encrypting still images or large file transmissions. However, its added complexity may be impractical for some applications with limited resources. By tuning the parameters of a chaotic map, its dynamics can be made sufficiently random-like for encryption yet still deterministic for decryption [12]. Chaotic ciphers have been shown to withstand various attacks such as brute force, known plaintext and statistical analysis [12]. When combined with other techniques such as diffusion and confusion layers, chaos-based encryption schemes can achieve robust and versatile encryption of images and multimedia data [17]. Chaos provides an efficient and simple means of generating the complex, nonlinear transformations needed for strong encryption.

Recent literature in the field of image encryption provides a plethora of articles that combine the use of successive applications of PRNGs and S-boxes to carry out image encryption. In many instances, chaos theory is employed to generate the PRNGs and construct the S-boxes. In [12], the authors numerically solve the fractional-order hyperchaotic Chen system and generate a PRNG as an encryption key from its solution. They combine its use, in a multi-layer encryption algorithm, with other keys and S-boxes based on the Mersenne Twister, OpenSSL, Rule 30 cellular automata (CA) and Intel’s math kernel library. The authors of [7] make use of a tan variation of the Logistic map to carry out Deoxyribonucleic acid (DNA) coding as a first stage of encryption. Subsequent stages utilize the Lorenz chaotic system to construct an S-box, as well as the Logistic map in its original form for PRNG key generation. Recaman’s sequence, in conjunction with the Rossler chaotic system, is used to generate PRNG encryption keys in [18]. In [19], the authors employ chaotic functions, DNA computing, SHA-256, as well as the random movements of a chess piece, castle, on a hypothetical chess board, to carry out image encryption. The combination of DNA coding with chaos theory is also utilized in [20], where the authors further the image encryption abilities through SHA-2. A number of dynamical functions that exhibit chaotic behavior are utilized in [17] to generate PRNG encryption keys, including the linear congruential generator, the Arnold cat map, the Bernoulli map, the 2D Logistic sine map and the tent map. In [21], parameters are computed over the finite field $Z_N$ through the utilization of a finite field with the aim of generalizing the Logistic map and searching for an auto morphic mapping between two Logistic maps, to carry out robust image encryption. The work of [15] adopts a continuous chaotic system, with the aim of achieving diffusion and an LA-semi group, with the aim of achieving confusion, for efficient image encryption. A 6D discrete hyperchaotic system is employed in [22] to generate six PRNGs as encryption keys. Those are used in conjunction with DNA coding, to encrypt each of the color-separated RGB channels of a color image. The authors of [23] make use of the spatio-temporal chaos of the 2D nonlinear coupled map lattices and genetic operations, to carry out low-complexity image encryption. The Mandelbrot set is utilized in a color image encryption scheme proposed in [24], where the Arnold map combined with DNA sequences enhances the attained encryption security. The authors of [25] propose an innovative image encryption algorithm that draws on the distinctive concept of a rotor machine, in addition to the employment of a piece-wise linear chaotic map and a one-time key. The Logistic map is used in combination with a dynatomic modular curve, as a form of an SPN, to perform secure image encryption in [26]. In [27], the authors employ a cloud model, a Fibonacci chaotic system and a matrix convolution operation to implement a secure image cryptosystem. Interesting work involving the Josephus problem and its corresponding Josephus function is employed in [28] in combination with a 4D hyperchaotic function. Image compression and encryption is carried out in [29], where the Arnold map and Choas theory are utilized for effective and reliable image transmission over unsecured networks. The authors of [30] devise a novel chaotic map, the Salomon map and showcase its superior chaotic behavior, in terms of positive and large Lyapunov exponents, then they employ its use in image encryption in conjunction with a pixel-splitting algorithm. Another novel chaotic map is introduced in [31], where the authors conceive a Schaffer map for high complexity applications. In their work, they compare the Schaffer map with counterparts from the literature and showcase that it has the best ergodicity and erraticity characteristics. Next, they illustrate its use in generating encryption keys and apply it to carrying out permutation and diffusion in a simple image encryption algorithm. In [32], the authors focus on improving encryption efficiency. This is carried out by designing a parallel image encryption algorithm using intra bitplane scrambling. In their proposed scheme, multiple processing threads are employed to carry out image encryption at the bit-level to achieve permutation. Next, every thread scrambles two bitplanes.

It is clear from the literature review that there are an abundance of techniques and algorithms that may be utilized to successfully implement secure, robust and efficient image encryption frameworks. However, almost all of the mentioned algorithms are only able to offer two of those three vital encryption traits. Such that the offering of higher security, through more encryption stages, is counteracted with higher design complexity and software implementations. In some cases, efficiency is capitalized on, but security is not fully achieved, such that key spaces are rather small. In order to achieve all three traits of security, robustness and efficiency, this work proposes and accomplishes the following:

• A chaos-based, three-stage, dual-acting image encryption framework is proposed. In every stage, a novel S-box is constructed and applied. This is followed by the generation and application of the logical XOR operation between a generated PRNG key and the image bits.

• In the first stage, a 7D hyperchaotic system of differential equations is numerically solved and its solution is utilized both for PRNG key generation and S-box construction.

• In the second stage, a single neuron model is numerically solved and its solution is utilized both for PRNG key generation and S-box construction.

• In the third stage, a 4D hyperchaotic system of differential equations is numerically solved and its solution is utilized both for PRNG key generation and S-box construction.

• With the utilization of three different systems, two of which are hyperchaotic, as well as the selection of three S-boxes that satisfy certain criteria, a rather wide key space of $2^{2551}$ is achieved, providing sufficient resistivity to brute-force attacks.

• The software implementation of the proposed image encryption framework making use of advanced parallel processing techniques allows for an average encryption rate of $8.54$ Mbps to be achieved.

This article is organized as follows. Section 2 makes reference to the foundational systems of differential equations that are to be employed for PRNG key generation and outlines the adopted methodology for the construction of S-boxes. Section 3 introduces the image encryption and decryption processes of the proposed framework. Section 4 provides the numerical results and performance evaluation of the proposed framework. A comparative study of the state-of-the-art is also carried out in this section. Section 5 concludes this research work and provides some suggestions for possible future areas of research.

2. Preliminary Mathematical Constructs

A number of mathematical constructs are used in the proposed image encryption framework to generate the PRNG keys and S-boxes. These are presented in this section.

2.1. The Single Neuron Model

The single neuron model (SNM) is a mathematical model that describes the behavior of a single neuron with an adaptive feedback synapse. The model consists of two differential equations: one that describes the membrane potential of the neuron and one that describes the dynamics of the feedback synapse. The authors of [33] have shown that an SNM with an adaptive feedback synapse has two coexisting chaotic attractors. In this work, we make use of this SNM because of its rich, complex dynamics and its suitability with respect to inducing randomness in a simple and deterministic manner. The SNM is described as follows:

(1)$\left\{\begin{array}{c}\dot{u}=-\frac{u}{\tau }+f\left(qs\right)f\left(pu\right)+I,\hfill \\ \dot{s}=-\alpha s+\alpha f^2\left(pu\right),\hfill \end{array}\right.$

2.2. The 4D Hyperchaotic System

A 3D hyperchaotic system was proposed for the first time by the authors of [34]. This system was later improved by the authors of [35], who added a linear controller, resulting in the following 4D system of differential equations:

(2)$\left\{\begin{array}{c}\dot{u}=a(\nu -u)+e\nu w,\hfill \\ \dot{\nu }=cu+d\nu -uw+mp,\hfill \\ \dot{w}=-bw+u\nu ,\hfill \\ \dot{p}=-ku-k\nu ,\hfill \end{array}\right.$

2.3. The 7D Hyperchaotic System

The authors in [36] presented a 7D hyperchaotic system. In their work, they propose coupling the classical Lorenz 3D system with a 6D hyperchaotic system. This 6D system is obtained through the addition of a nonlinear feedback controller to the first equation and a linear feedback controller to the second equation of the classical Lorenz 3D system. Such coupling results in a novel 7D hyperchaotic system as follows:

(3)$\left\{\begin{array}{c}\dot{x_1}=a(x_2-x_1)+x_4+b{x}_6,\hfill \\ \dot{x_2}=c{x}_1-x_2-x_1{x}_3+x_5,\hfill \\ \dot{x_3}=-d{x}_3+x_1{x}_2,\hfill \\ \dot{x_4}=e{x}_4-x_1{x}_3,\hfill \\ \dot{x_5}=-f{x}_2+x_6,\hfill \\ \dot{x_6}=g{x}_1+h{x}_2,\hfill \\ \dot{x_7}=l{x}_7+m{x}_4,\hfill \end{array}\right.$

2.4. S-Box Construction

In this work, the main aim of the S-box construction process is to involve the S-box evaluations in the generation process. In other words, the numerical values produced by the techniques used in evaluating the performance of S-boxes are utilized as part of the key space of the S-box generation step (which is reflected in the overall key space of the proposed image encryption framework). Moreover, the process adopted here makes use of the generated PRNG bitstreams discussed in Section 2.1 through Section 2.3. Accordingly, two mechanisms are applied to achieve that, with one of them being a sub-routine to the other.

Starting with the inner process, the aim is to transform a bit stream of length 2048 into an S-box. This is performed by, first, converting the 2048 bits into 256 integers. As these integers are randomly generated, they are expected to be unsorted and to contain duplicates. Hence, this set of integers is utilized as a selection function applied to a sorted set [0–255], where the selected element from the set is removed. Therefore, the selected integers are re-adjusted to the length of the sorted set using the modulus operator. As a result of the selection and the re-adjustment processes being applied sequentially, values are shifted from the sorted set (which descends in size) into the S-box, generating an S-box by the time the length of the sorted set reaches 0.

Based on the inner process discussed above, the role of the outer process is to generate a set of S-boxes, evaluate each one individually and select the S-box with performance evaluation values closest to a provided set of values. In consequence, a bitstream of size $2048\times n$ is needed as an input, such that n is the number of S-boxes to be generated and evaluated, and from which one is selected. Given such input, the bitstream is partitioned into sections of length 2048, transformed into S-boxes (using the inner process) and evaluated and the performance evaluation values are subtracted from the given target evaluations yielding the S-box with the smallest difference.

3. Proposed Image Encryption Framework

The encryption process is described in Section 3.1, while the decryption process is described in Section 3.2. Section 3.3 presents algorithms that are employed as part of the encryption and decryption processes.

3.1. The Encryption Process

The following sequence of steps outlines the proposed three-stage encryption process.

• A color image I of length M and width N is chosen and the pixel values of its RGB channels are arranged as a single bitstream d, of length $L_d$, where:

  (4)$L_d=M\times N\times 3\times 8.$

• Encryption stage 1: The 7D hyperchaotic system encryption key and S-box.

  • (a). The 7D hyperchaotic system is numerically solved for the S-box seeds, then the numerical solution is utilized in Algorithm 1, resulting in an S-box $S_{HC7D}$ (shown in Table 1). Table 1

    Seven-dimensional hyperchaotic system based S-box.

    30	62	124	248	235	148	35	202	143	22	43	85	170	76	161	48
    129	2	253	231	190	93	153	60	50	100	198	75	151	11	61	212
    4	228	167	111	220	142	13	89	210	118	237	168	25	51	101	197
    174	38	78	152	54	41	17	65	105	183	29	64	112	215	94	214
    10	125	74	56	16	242	136	6	122	147	132	251	146	28	18	34
    69	130	95	217	52	102	191	126	113	79	0	119	223	40	82	141
    3	120	236	109	162	159	137	115	45	177	239	222	86	171	63	186
    241	21	42	200	175	123	12	68	110	234	218	145	221	199	149	24
    47	91	179	88	157	55	140	255	14	250	213	138	194	66	58	108
    207	131	172	70	165	71	187	44	240	107	243	227	67	182	232	211
    7	23	32	73	133	184	163	173	98	192	117	230	208	158	128	225
    196	81	144	9	33	247	39	169	185	104	77	31	164	114	229	204
    189	103	226	166	57	46	96	249	15	178	181	155	49	106	244	209
    26	201	135	20	139	246	238	245	180	176	156	72	193	116	84	83
    252	254	195	53	27	134	205	87	97	219	127	150	121	99	188	154
    160	37	216	80	224	19	233	59	1	90	206	36	203	8	5	92

  • (b). A replacement process is applied to the image I, employing $S_{HC7D}$ and resulting in image $I_{11}$.

    (5)$I_{11}=S_{HC7D}\left(I\right).$

  • (c). The pixels of the encrypted image $I_{11}$ are transformed into a 1D bitstream $d_{11}$.

  • (d). The 7D hyperchaotic system is numerically solved for the key seeds. Algorithm 2 is utilized to generate an encryption key $k_{HC7D}$ from the obtained solution, such that the length of this key is equal to $L_d$.

  • (e). The plaintext bitstream $d_{11}$ is XORed with the encryption key $k_{HC7D}$.

    (6)$d_{12}=d_{11}\oplus k_{HC7D}.$

  • (f). The resulting bitstream $d_{12}$ is transformed back into an image $I_{12}$.

• Encryption stage 2: The single neuron model encryption key and S-box.

  • (a). The single neuron model is numerically solved for the S-box seeds, then the numerical solution is utilized in Algorithm 1, resulting in an S-box $S_{SNM}$ (shown in Table 2).

  • (b). A replacement process is applied to image $I_{12}$, employing $S_{SNM}$, resulting in image $I_{21}$.

    (7)$I_{21}=S_{SNM}\left(I_{12}\right).$

  • (c). The pixels of the encrypted image $I_{21}$ are transformed into a 1D bitstream $d_{21}$.

  • (d). The single neuron model is numerically solved for the key seeds. Algorithm 2 is utilized to generate an encryption key $k_{SNM}$ from the obtained solution, such that the length of this key is equal to $L_d$. Table 2

    SNM-based S-box.

    36	119	247	239	72	35	152	117	47	126	236	87	11	241	183	98
    67	15	61	127	90	217	198	139	159	106	167	101	177	197	20	170
    163	109	165	99	235	173	216	134	26	238	17	16	34	229	110	212
    69	150	196	86	180	115	192	209	146	203	223	95	22	137	120	71
    189	129	74	154	114	200	246	80	6	46	214	59	97	65	77	176
    108	62	224	14	213	29	226	172	242	0	89	84	195	33	4	23
    118	245	116	252	174	96	40	48	240	148	227	54	78	164	38	104
    131	64	205	100	142	52	169	215	178	157	51	66	222	237	91	37
    138	30	207	123	234	149	221	219	230	50	175	155	141	125	12	92
    60	187	251	8	93	105	83	179	121	41	181	171	5	124	19	225
    250	185	166	85	112	130	10	228	73	42	18	253	190	79	7	249
    220	147	218	156	248	161	107	182	94	53	208	82	136	13	133	63
    145	231	31	143	135	202	255	2	43	56	28	103	199	201	232	70
    39	122	1	160	58	111	233	194	44	206	210	24	193	76	211	191
    49	88	102	244	27	45	57	81	188	254	32	128	153	3	68	204
    21	132	243	140	151	113	55	168	25	75	144	184	162	186	9	158

  • (e). The bitstream of the encrypted image $d_{21}$ is XORed with the encryption key $k_{SNM}$.

    (8)$d_{22}=d_{21}\oplus k_{SNM}.$

  • (f). The resulting data bits $d_{22}$ are transformed back into an image $I_{22}$.

• Encryption stage 3: The 4D hyperchaotic system encryption key and S-box.

  • (a). The 4D hyperchaotic system is numerically solved for the S-box seeds, then the numerical solution is utilized in Algorithm 1, resulting in an S-box $S_{HC4D}$ (shown in Table 3).

  • (b). A replacement process is applied to image $I_{22}$, employing $S_{HC4D}$ and resulting in image $I_{31}$.

    (9)$I_{31}=S_{HC4D}\left(I_{22}\right).$

  • (c). The pixels of the encrypted image $I_{31}$ are transformed into a 1D bitstream $d_{31}$.

  • (d). The 4D hyperchaotic system is numerically solved for the key seeds. Algorithm 2 is utilized to generate an encryption key $k_{HC4D}$ from the obtained solution, such that the length of this key is equal to $L_d$.

  • (e). The bitstream of the encrypted image $d_{31}$ is XORed with the encryption key $k_{HC4D}$

    (10)$d_{32}=d_{31}\oplus k_{HC4D}.$

  • (f). The resulting data bits $d_{32}$ are transformed back into an image $I_{32}$. $I^{\prime }=I_{32}$ is the final output encrypted image.

A flow chart illustrative of the proposed three-stage encryption process is provided in Figure 6.

Four-dimensional hyperchaotic system-based S-box.

3.2. The Decryption Process

The following sequence of steps outlines the proposed three-stage decryption process. They are in a reverse order to those applied in the encryption process.

• Beginning with the three-stage encrypted image $I^{\prime }=I_{32}$ of length M and width N.

• Decryption stage 3: The 4D hyperchaotic system decryption key and inverse S-box.

  • (a). The pixel values of the encrypted image $I_{32}$ are transformed into a bitstream $d_{32}$.

  • (b). The encrypted data bits $d_{32}$ are XORed with the decryption key $k_{HC4D}$.

    (11)$d_{31}=d_{32}\oplus k_{HC4D}.$

  • (c). The resulting encrypted data bits $d_{31}$ are converted into an image $I_{31}$.

  • (d). A reverse replacement process is applied to image $I_{31}$, employing $S_{HC4D}^{-1}$ and resulting in image $I_{22}$

    (12)$I_{22}=S_{HC4D}^{-1}\left(I_{31}\right).$

• Decryption stage 2: The single neuron model decryption key and inverse S-box.

  • (a). The pixel values of the encrypted image $I_{22}$ are transformed into a bitstream $d_{22}$.

  • (b). The encrypted data bits $d_{22}$ are XORed with the decryption key $k_{SNM}$.

    (13)$d_{21}=d_{22}\oplus k_{SNM}.$

  • (c). The resulting encrypted data bits $d_{21}$ are converted into an image $I_{21}$.

  • (d). A reverse replacement process is applied to the image $I_{21}$, employing $S_{SNM}^{-1}$ and resulting in image $I_{12}$.

    (14)$I_{12}=S_{SNM}^{-1}\left(I_{21}\right).$

• Decryption stage 1: The 7D hyperchaotic system decryption key and inverse S-box.

  • (a). The pixel values of the encrypted image $I_{12}$ are transformed into a bitstream $d_{12}$.

  • (b). The encrypted data bits $d_{12}$ are XORed with the decryption key $k_{HC7D}$.

    (15)$d_{11}=d_{12}\oplus k_{HC7D}.$

  • (c). The resulting encrypted data bits $d_{11}$ are converted into an image $I_{11}$.

  • (d). A reverse replacement process is applied to the image $I_{11}$, employing $S_{HC7D}^{-1}$ and resulting in a plain image I.

    (16)$I=S_{HC7D}^{-1}\left(I_{11}\right).$

A flow chart illustrative of the proposed three-stage decryption process is provided in Figure 7.

3.3. Utilized Algorithms

Algorithm 1 describes the generation of an S-box given a pseudo-random bitstream generated using one of the three PRNGs proposed earlier in Section 2. As discussed in Section 2.4, by treating the evaluation values of the S-box as part of the key space, Algorithm 1 attempts to achieve a certain set of provided values for S-box evaluations. The approach towards that is to generate an agreed upon number of S-boxes (which is a part of the key space as well), then each S-box is evaluated separately and the chosen S-box is the one with performance evaluation values closer to the target values. Accordingly, it may come naturally to always provide optimal S-box evaluation values for every attempt at S-box generation. Nevertheless, to fulfill the need to complicate any cryptanalysis efforts, other sub-optimal values may be provided, resulting in the generation of different S-boxes. Such a decision would not affect the overall encryption process much as each generated S-box is only one component out of many stages. Therefore, the performance evaluation of the encryption process is based on the integration of all the components in all three stages of the proposed encryption framework. Algorithm 2 elaborates on the procedure for generating a PRNG bitstream given the solution of a chaotic system.

4. Numerical Results and Performance Evaluation

The performance of the proposed image encryption framework is provided in this section. A number of common performance evaluation metrics from the literature are utilized in this work [2,7,12]. Their mathematical expressions are provided in Table 4. The tests carried out aim to gauge the security, robustness and efficiency of the proposed framework in eradicating any identifiable information from the output encrypted images, such that they are completely asymmetric to their plaintext versions. The proposed framework is implemented on a machine running macOS Catalina v.10.15.7 with a 2.9 GHz 6-Core Intel^® Core^TM i9 and 32 GB of 2400 MHz DDR4 RAM. The software of choice is Wolfram Mathematica^® v.13.2. Common images found in the state-of-the-art are also utilized in this work to allow for a comparative analysis. All images are 256 pixels in length and 256 pixels in width, unless stated otherwise.

4.1. Visual and Visual-Statistical Analyses

The first measure employed for testing the output encrypted images is an examination through the human visual system (HVS). It is clear from Figure 8, Figure 9, Figure 10, Figure 11, Figure 12 and Figure 13 that no relation whatsoever can be observed between the plain images and their encrypted versions (i.e., complete asymmetry is achieved). The same can be noticed for their respective histograms. The histograms of the encrypted images depict a rather uniform distribution of values, which characterizes excellent encryption.

4.2. Statistical Analyses

The statistical analysis starts with the computation of the mean squared error (MSE), the peak signal-to-noise ratio (PSNR) and the maximum absolute error (MAE) between input plain images and output encrypted images. These are quantitative metrics that measure the degree of change between two images and are very common in the literature on image encryption. The computed values are reported in Table 5, Table 6 and Table 7, respectively. It is clear from each of the tables that the computed values for the proposed image encryption algorithm are comparable or superior to the state-of-the-art, with high MSE and MAE values and thus low PSNR values, indicating excellent scrambling and randomization performance of the proposed image encryption framework.

As for Shannon’s information entropy, Table 8 displays the computed values for various encrypted images and compares those values with the state-of-the-art. Excellent entropy performance of $7.999$ is showcased for the proposed image encryption framework, being superior or comparable to counterpart algorithms.

The pixel cross-correlation coefficient $\rho$ is a measure of the linear dependency between neighboring pixel values in an image. It quantifies how well the encryption process has scrambled the pixels and eliminated any spatial relationships. For a well-encrypted image, $\rho$ should have a value close to 0, indicating little or no correlation between adjacent pixel values. Table 9 provides the $\rho$ values for various images, each computed in three directions (horizontal, vertical and diagonal). While the plain images have $\rho$ values close to 1, their encrypted versions have $\rho$ values close to 0. A visual illustration of this metric is provided as a set of 2D plots in Figure 14 for the House image, as well as in Figure 15, Figure 16 and Figure 17, respectively, for each of its RGB channels, while sub-figures (c) and (f) of Figure 13 provide 3D plots of the same metric for the House image. It is clear that the plots of encrypted images exhibit a uniform distribution of values, unlike those of their plain versions. Table 10 and Table 11 display a comparison of $\rho$ with the state-of-the-art, utilizing the Lena image and each of its RGB channels, respectively. The computed $\rho$ values are shown to be near 0, as is the case in the state-of-the-art, in each of the tables.

Another interesting manner of examining the pixel cross-correlation among pixels would be to do so in the Fourier domain by generating the discrete Fourier transform (DFT) of the plain and encrypted House images, as shown in sub-figures (b) and (e) of Figure 13 and visually examining them. The presence of a bright star-like shape at the center of the DFT plain image is characteristic of a normal plain image which has pixels depicting edges and corners. This is unlike the DFT of the encrypted image, which lacks any identifying visual characteristics.

Since randomness is an integral measure of any image encryption algorithm, an objective quantitative measure of it should be utilized. This is best carried out through a National Institute of Standards and Technology (NIST) SP 800 analysis [37]. In brief, a NIST analysis tests a bitstream for a number of characteristics, including its randomness, quantifies its randomness and detects structural weaknesses. Such an analysis provides empirical evidence of the suitability of a PRNG’s use in cryptography applications. Table 12 presents the results of a NIST analysis carried out on a bitstream depicting the data of an encrypted Girl image. All NIST tests are successfully passed, with scored p-values greater than $0.01$.

MSE values for various images, for the proposed framework and the state-of-the-art.

PSNR values for various images, for the proposed framework and the state-of-the-art.

MAE values for various images, for the proposed framework and the state-of-the-art.

Entropy values for various images, for the proposed framework and the state-of-the-art.

Correlation coefficient values for various plain and encrypted images.

Correlation coefficient values comparison with the state-of-the-art, for an encrypted Lena image.

Color channel separated correlation coefficient value comparison with the state-of-the-art, for the Lena image.

NIST analysis on Girl encrypted image.

4.3. Differential Attack Analysis

A differential attack analysis is a type of cryptanalytic attack on encryption algorithms where an attacker analyzes the effect of specific changes in the input plaintext on the output ciphertext. For example, the change of a single bit in the input plain image. By analyzing these differences, the attacker may be able to deduce information about the key or algorithm used. Two tests are commonly employed in the literature for such an analysis: The number of pixel change ratios (NPCR) for pixel-by-pixel comparison and the unified averaged change intensity (UACI) for the evaluation of the mean average difference [41] have ideal values for well-encrypted images of $100\%$ and $33.33\%$, respectively. The mathematical expressions corresponding to each of those metrics are provided in Table 4. The computed NPCR and UACI values for various images are displayed in Table 13, with achieved average values of $99.6186\%$ and $31.4857\%$, respectively, reflecting excellent performance. Table 14 compares the computed values with the state-of-the-art for the RGB channels of various images. As expected, a comparable performance is achieved. Moreover, Table 15, displays another comparison with counterpart algorithms for the Lena image. Once again, a comparable performance is achieved.

4.4. Key Space Analysis

It is of vital importance to carry out a key space analysis of any image encryption technique. Such an analysis quantifies how much information (in bits) is required to specify an encryption key. The more bits needed, the larger the key space. Consequently, a large key space makes brute-force attacks infeasible. The larger the number of possible keys, the greater the resources and time required to try every key. This helps ensure encryption is secure against brute-force cracking. In the proposed image encryption framework, the attained key space is vast, mainly due to the utilization of the hyperchaotic maps. The 4D hyperchaotic map employs four initial values and seven constants; the 7D hyperchaotic map employs seven initial conditions and 10 constants; and the SNM employs a total of five variables only. For each of the three S-boxes, five specific values for the metrics are chosen. This gives a total of $4+7+7+10+5+3\times 5=48$ variables in the computation of the key space. The computer and software package used to implement the proposed image encryption framework have a machine precision of ${10}^{-16}$. Ultimately, this gives a key space of ${10}^{48\times 16}={10}^{768}\approx 2^{2551}$. This computed value far surpasses the threshold suggested earlier in the literature [45], of $2^{100}$, for successful resistance to brute-force attacks. A comparative analysis is carried out with the state-of-the-art in Table 16, showcasing the superior key space of the proposed image encryption framework.

4.5. Histogram Dependency Tests

In this testing perspective, the histograms of the plain and encrypted images are statistically compared in order to show the lack of statistical dependence between the two. Table 17 shows the five utilized tests (Blomqvist $\beta$, Goodman–Kruskal $\gamma$, Kendall $\tau$, Spearman $\rho$ and Pearson r) and their mathematical expressions [46]. Table 18 demonstrates the results of applying these tests to a variety of images. As seen in the table, most of the resulting values approach 0, which shows a lack of any statistical dependency between every plain image and its encrypted version.

4.6. Execution Time Analysis

The execution time of an image encryption algorithm is an important metric, as it allows for a comparison of the efficiency and performance of different algorithms as well as an estimation of the computational resources required for software and hardware implementation. Moreover, an analysis of the execution time reveals the applicability of an algorithm for real-time image encryption applications. The software implementation of the proposed image encryption framework is carried out over Wolfram Mathematica^® v.13.2. The algorithm’s execution time is optimized through parallel processing over the six cores of the Intel^® Core^TM i9 processor. The full details of the computing environment are provided in the first paragraph of Section 4. Table 19 reports the attained execution times of the Lena image at various dimensions. These times result in an average encryption rate of $8.54$ Mbps. Moreover, Table 20 provides a comparative analysis of the state-of-the-art algorithms. The superiority of the proposed framework is clear, with the attained encryption times being much shorter in comparison to their counterparts, irrespective of the machine specifications.

4.7. S-Box Performance Analysis

The proposed S-boxes are evaluated in this section independently of the proposed framework’s performance as a whole. This is because an S-box is a consistent element that is nearly always at the core of image encryption algorithms and is tasked with applying Shannon’s property of confusion. In order to evaluate the ability of an S-box to cause confusion, five metrics are commonly computed [47]. These are the non-linearity (NL), linear approximation probability (LAP), differential approximation probability (DAP), bit independence criterion (BIC) and strict avalanche criterion (SAC). They are calculated for the proposed S-boxes (shown in Table 1, Table 2 and Table 3) and compared to those reported in the state-of-the-art as well as to the ideal values, in Table 21. While all three proposed S-boxes exhibit performances comparable to counterpart algorithms from the literature, it is clear that the S-boxes constructed from the hyperchaotic functions perform better than the S-box constructed from the SNM. This is an advantage of hyperchaotic functions [48]. As in [12] and as described earlier in Section 3.3, upon designing and constructing each of the proposed S-boxes, the aim is not to reach the ideal values of the metrics but rather to reach a set of target metrics that are in close proximity to the ideal ones. This was carried out so as to include this set of target values as part of the key space, expanding it by $5\times 3=15$ variables and allowing it to reach a key space of $2^{2551}$, as explained earlier in Section 4.4.

5. Conclusions and Future Works

This work attempted to propose a novel framework for image encryption, capitalizing on the inherent characteristics of hyperchaotic functions and the simplicity of the single neuron model. Encryption was carried out over three stages, where in each stage the solution of one of the systems was numerically computed and used to generate a PRNG and construct an S-box. Next, the S-box was applied to scramble the image data, while an XOR operation with the encryption key was applied to randomize it. The main advantages of the proposed framework could be summarized as attaining a vast key space of $2^{2551}$ and a high encryption rate of $8.54$ Mbps. Reaching such a key space is attributed to the usage of hyperchaotic functions, while the efficiency of the framework is attributed to the optimization of its software implementation and making use of parallel processing over six cores. Moreover, the proposed framework was tested against an array of security tests, both quantitative and qualitative in nature and was shown to exhibit comparable or even superior performance, in comparison to the state-of-the-art. Average achieved values for the quantitative metrics include MSE of 9626, PSNR of $8.3$ dB, MAE of $80.99$, entropy of $7.999$, NPCR of $99.6\%$ and UACI of $31.49\%$.

Future research efforts could be dedicated to attempting to improve the efficiency of the proposed image encryption framework even more. This could be carried out through an enhanced parallel processing architecture by running it over a network of connected machines or, better yet, by implementing it in hardware (i.e., on an FPGA, for example).

Footnotes

Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Enlarge this image.

Figure 1. A plot of [Forumla omitted. See PDF.].

Enlarge this image.

Figure 2. The connected chaotic attractor for the SNM at [Forumla omitted. See PDF.].

Enlarge this image.

Figure 3. Lyapunov exponent plot for the SNM at [Forumla omitted. See PDF.].

Enlarge this image.

Figure 4. Hyperchaotic attractors for system (2) with [Forumla omitted. See PDF.], shown for various 3D spaces.

Enlarge this image.

Figure 5. Hyperchaotic attractors for system (3) with [Forumla omitted. See PDF.], shown for various 3D spaces.

Enlarge this image.

Figure 5. Hyperchaotic attractors for system (3) with [Forumla omitted. See PDF.], shown for various 3D spaces.

Enlarge this image.

Figure 6. Flow chart of the proposed three-stage encryption process.

Enlarge this image.

Figure 7. Flow chart of the proposed three-stage decryption process.

Enlarge this image.

Figure 8. Mandrill image and RGB-separated histogram comparison of the plain and encrypted versions.

Enlarge this image.

Figure 9. Peppers image and RGB-separated histogram comparison of the plain and encrypted versions.

Enlarge this image.

Figure 10. Sailboat image and RGB-separated histogram comparison of the plain and encrypted versions.

Enlarge this image.

Figure 11. Tree image and RGB-separated histogram comparison of the plain and encrypted versions.

Enlarge this image.

Figure 12. House2 image and RGB-separated histogram comparison of the plain and encrypted versions.

Enlarge this image.

Figure 13. House image, its DCT, and 3D plot of its pixel cross-correlation matrix pre- and post-encryption.

Enlarge this image.

Figure 14. Two-dimensional plot of pixel cross-correlation matrices of the House image pre- and post-encryption.

Enlarge this image.

Figure 15. Two-dimensional plot of pixel cross-correlation matrices of the red channel of the House image pre- and post-encryption.

Enlarge this image.

Figure 16. Two-dimensional plot of pixel cross-correlation matrices of the green channel of the House image pre- and post-encryption.

Enlarge this image.

Figure 17. Two-dimensional plot of pixel cross-correlation matrices of the blue channel of the House image pre- and post-encryption.