Chaotic Image Encryption Algorithm Based on Zigzag Transform With Bidirectional Crossover From Random Position

This paper proposes a Zigzag transform that starts at random positions and crosses bidirectionally (ZZBCRP) to scramble the image. The number of sequence types of this new Zigzag transform is the number of pixels in the plaintext image, which is more and more complicated than other Zigzag transform methods, and Arrangement in a bidirectional crossover method can better disrupt the pixel correlation of the plaintext image. After multiple rounds of Zigzag transformation, the Logistic system is used to generate a sorted sequence to scramble the image. Then the chaotic sequence generated by the hyperchaotic Chen system is used. Perform a reversible diffusion operation on the image, and finally analyze the security of the algorithm.


I. INTRODUCTION
In 1963, when Lorenz was simulating meteorological changes, the results were very different due to the slight errors in the input meteorological data. After further research by Lorenz, he published a paper in the ''Journal of Atmospheric Sciences'' in the same year and proposed the Lorenz system [1], a brand new discipline. Since the birth of chaos theory, more and more scholars are devoted to the research of chaos theory, and it also provides new research methods for other disciplines. Shannon's two papers published in 1948 and 1949 pioneered modern cryptography [2], [3], and pointed out two ways of information encryption, confusion and diffusion. Chaotic systems are sensitive to initial values, long-term unpredictable, and pseudo-random. They are suitable for information hiding in the encryption field. In 1989, Matthews used the chaotic system for encryption for the first time [4], linking chaos theory with cryptography. Pioneered chaotic cryptography.
The associate editor coordinating the review of this manuscript and approving it for publication was Ramakrishnan Srinivasan .
In 1997, Fridrich published a paper [5] using two steps of scrambling and diffusion to encrypt images. Since then, more people have invested in the field of chaotic image encryption [6]- [11]. New encryption ideas and encryption methods have continued to emerge [12]- [17]. Combining two-dimensional compressed sensing and embedding technology, Chai et al. [18] proposed an efficient and visually significant two-color image encryption algorithm. A color image encryption system based on improved genetic algorithm and matrix semi-tensor product (STP) is also proposed [19]. Peng et al. proposed a discrete memristor model based on the difference theory, and proved the three fingerprint characteristics of the model according to the definition of generalized memristor [20], and based on the improved two-dimensional closed-loop modulation coupling model, proposed a new two-dimensional sinusoidal improved Logistic iterative chaotic mapping (ICMIC) modulation mapping (2D-SLIM) [21]. Chen et al. [22] in order to further improve the security under limited accuracy, proposed an improved cryptosystem based on a new two-dimensional VOLUME 9, 2021 This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/ chaotic map based on sine map, Chebyshev map and linear function (2D-SCL). The common practice of Zigzag transformation is to start from one corner of the matrix, scan all elements perpendicular to the diagonal, and then to the diagonal end, generate a one-dimensional vector containing all the elements, and re-create the one-dimensional vector according to certain predetermined rules. Arrange into the original matrix size [23]- [26]. Yang et al. [27] proposed that Zigzag traversal of the matrix can be carried out from the four corners, so that Zigzag is expanded from one traversal method to four traversal methods. The traditional Zigzag transform has its natural defects. On the one hand, the initial scan position is only starting from the four corners, only four one-dimensional vectors can be generated. On the other hand, the continuous scanning of the Z word still has a great correlation between the elements [28]- [36]. Aiming at the problems of Zigzag transformation commonly used in image scrambling, such as simple transformation, few transformation methods, and high pixel correlation after transformation, this paper proposes a Zigzag transformation that starts at random positions and crosses bidirectionally. The above problems are solved through experiments and analysis.

II. INTRODUCTION TO RELATED THEORIES A. ZIGZAG TRANSFORMATION WITH TWO-WAY CROSSING AT RANDOM POSITION
Zigzag transform is an algorithm that rearranges a twodimensional matrix to weaken the correlation between its matrix elements, so it is often used to scramble the image in image encryption. Aiming at the shortcomings of traditional Zigzag, this chapter proposes a Zigzag transform that starts bidirectional crossover at random positions. The Zigzag transform is expanded from four to m × n. m × n represents the size of the matrix. The algorithm is described as follows: Let P be the n × n size matrix to be transformed.
Step 1 (Generate Initial Coordinates): Generate two random numbers 1 ≤ i, j ≤ n, where (i, j) is the starting coordinate position of the transformation.
Step 2 (Scan): Starting from position (i, j), perform Z-scanning to the upper right corner and the lower left corner respectively to generate two vectors v 1 and v 2 .
Step 3 (Cross Merge): Cross merge the vectors v 1 and v 2 to generate a vector v.
Step 4 (Arrangement): The vector v is rearranged into a matrix of size n × n according to the rule of column first, and the end is complete.
The drawing compares the two Zigzag transforms, and the results are shown in Fig. 1 and Fig. 2.
Two Zigzag transforms are used to compare the results of one round, two rounds, and three rounds of scrambling on the Boat graph. The results are shown in Fig. 3.
Next, calculate the correlation coefficients of the adjacent pixels of the image in Fig 3, and use Eq. (11) to calculate the   three of the Boat plaintext image, the Zigzag one, two, and three rounds of the ciphertext image, and the new Zigzag one, two, and three rounds of the ciphertext image. Correlation coefficients of adjacent pixels in two directions, the results are shown in Table 1.
It can be seen from Table 1 that the Zigzag transform proposed in this paper starts bidirectionally at random positions and the adjacent pixel correlation coefficient is lower than that of the Zigzag transform, indicating that the Zigzag transform proposed in this paper can effectively reduce the correlation of image pixels. The following is a summary of the advantages and disadvantages of the Zigzag transform that starts at random positions and crosses bidirectionally.
Advantage 1: Ordinary ZigZag transformation has four transformation results. The transformation result of Zigzag transformation, which starts to cross bidirectionally at a random position, is as many as the number of image pixels.
Advantage 2: It can be seen from Fig. 3 and Table 1 that the scrambling effect of the Zigzag transform that starts from a random position and crosses bidirectionally is significantly better than that of the ordinary ZigZag transform. The disadvantage is that the Zigzag transform that crosses bidirectionally at a random position needs to input the coordinates of the starting point, while the ordinary ZigZag transform does not.

B. ONE-DIMENSIONAL LOGISTIC CHAOTIC SYSTEM
One-dimensional Logistic chaotic system [37] is a system that leads from period-doubling bifurcation to chaos. Because of its simple expression, good performance, low time complexity, and the generated chaotic sequence fully meets the characteristics of non-periodic, initial value sensitive, and long-term unpredictability, it is often used for image encryption. Its mathematical expression is expressed as follows: Among them, the parameter n(n = 0, 1, 2, 3 . . . . . .) is the number of iterative steps, x n ∈ (0, 1) is the system state when the number of iterative steps is n, and µ ∈ (0, 4] is the chaotic parameter. When µ ∈ (3.5699456, 4], the system is in a chaotic state, in order to have a better chaotic performance of the system, µ ∈ (3.9, 4] is selected in this chapter.

C. HYPERCHAOTIC CHEN SYSTEM
Chen system [38] is a three-dimensional chaotic system similar to Lorenz system discovered by Professor Guanrong Chen. Although Chen system is similar to Lorenz system, the two are not equivalent, and the former has more complex VOLUME 9, 2021 dynamic characteristics than the latter. Chen system The kinetic equation of is expressed as follows.
The system is in a state of chaos when the parameters a = 35, b = 3, and c = 28.
The hyperchaotic Chen system [39] is a four-dimensional hyperchaotic system extended by Li on the Chen system. Compared with the Chen system, the hyperchaotic Chen system has more feedback control parameters and more complex chaotic behavior. The dynamic equation of the hyperchaotic Chen system is expressed as follows.
Among them, when the parameters a = 35, b = 3, c = 12, d = 7, 0 < r ≤ 0.085, the system is in a chaotic state, when the parameters a = 35, b = 3, c = 12, d = 7, 0.085 < r ≤ 0.798, the system is in a hyper-chaotic state, this chapter will take 0.085 < r ≤ 0.798 in order to obtain better chaotic characteristics.

III. ALGORITHM DESCRIPTION A. KEY GENERATION AND ACQUISITION OF CHAOTIC SEQUENCES
Let the size of the plaintext image P be M × N . First, the plaintext image is used as the input of the Hash-256 algorithm, and then a 256-bit key stream is generated, denoted as Key, and then the key stream Key is divided into a group of 32 bits and divided into 8 groups. The key stream is denoted as Key = {k 1 , k 2 , k 3 , k 4 , k 5 , k 6 , k 7 , k 8 }, and the key stream is mapped to the initial value of the system through calculations. The mapping rules are as follows.
where, Zi, Zj are the starting position of the two-way Zigzag transformation, µ, x 0 are the initial value of the onedimensional Logistic mapping, and Cx 0 , Cy 0 , Cz 0 , Cw 0 , Cr are the initial value of the Chen chaotic system. The initial value µ, x 0 is brought into the one-dimensional Logistic mapping to obtain a chaotic sequence of length M × N . Denote it as s 1 . Bring the initial value Cx 0 , Cy 0 , Cz 0 , Cw 0 , Cr into the Chen chaotic system to obtain four chaotic sequences of length Cs 1 , Cs 2 , Cs 3 , Cs 4 , denoted as Cs 1 , Cs 2 , Cs 3 , Cs 4 , and then map the five chaotic sequences. In this chapter, s 1 is mapped to the ordered sequence after sorting s 1 . The subscript sequence in the original sequence, Cs 4 is mapped to the subscript sequence of the ordered sequence elements in the original sequence after Cs 4 is sorted, and Cs 1 , Cs 2 , Cs 3 , Cs 4 s is mapped to the random number [0, 255], the mapping formula is as follows.
The sort function is a built-in function of the simulation software, which is used to sort vector elements and return two vectors, a collection of ascending vectors and index vectors.

B. SCRAMBLE
The scrambling is divided into two steps. The first step is to perform three rounds of Zigzag transformation at random positions to start bidirectional crossover, and the second step is to perform Sort.
First, take the initial value coordinate (Zi, Zj) as the starting point to perform three rounds of Zigzag transformation at random positions to start bidirectional crossing of the image P to obtain P 1 .
Then, use the s 1 sequence to sort P 1 to get the intermediate result P 2 , the formula is as follows.
Finally, use the Cs 4 sequence to sort P 2 to get the intermediate result P 3 , the formula is as follows.
The scrambling is over. Sort sorting is different from the sort function in Section 2.1. It means that the vector to be sorted is sorted by a given index, and an example of Sort sorting is drawn. The result is shown in Fig. 4.

C. DIFFUSION
In order to get a better encryption effect, this algorithm will perform three rounds of diffusion. Each round of diffusion uses accumulation operation. Each element will be accumulated with the previous element. Because the first element has no predecessor element, special processing is done here. Round diffusion uses Cs 1 and P 3 to accumulate to get the intermediate result P 4 , the formula is as follows.
Then according to Eq. (8), two rounds of diffusion are carried out to get the ciphertext Q = mod(P 6 , 256). The encryption end.
The following draws the flow chart of the chaotic image encryption algorithm based on the Zigzag transform that starts at a random position and crosses bidirectionally. The result is shown in Fig. 5.
The decryption process is opposite to the encryption process. First, the received secret key is used to find the chaotic sequence, and then the inverse process of diffusion and the inverse process of scrambling is performed on the ciphertext, and finally three rounds of inverse random positions are performed to start the biphasic cross-Zigzag transformation. Decryption is complete.

IV. SIMULATION
The following is an encryption and decryption experiment for the images in the chaotic image encryption data set. In this chapter, gray images (Tanks, Plane, Boat, Bridge, Goldhill) and color images (Baboon) are selected for simulation experiment. The results are shown in Fig 6.

A. KEY SPACE AND SENSITIVITY ANALYSIS
Analyzing the key space is to calculate the size of the key. Generally speaking, if the key space is larger than 2 100 , it is enough to resist brute force attacks; the sensitivity analysis of the key means that when the key is slightly changed, it cannot be decrypted correctly. Plain text, and the decryption result is chaotic. This requirement for image encryption security coincides with the initial sensitivity of the chaotic system [40].
This algorithm uses Hash-256 to generate a 256-bit key stream. Different plaintext images can generate different key streams. It meets the encryption algorithm requirements of ''one time one key'' and can effectively resist selected ciphertext attacks. The key space size is 2 256 (2 256 > 2 100 ), it can be seen that this encryption algorithm can completely resist brute force attacks.
Make subtle changes to the key stream and conduct a sensitivity test. The correct key Key 1 of the Tanks graph algorithm and the wrong key Key 2 , Then use the correct secret key Key 1 and the wrong secret key Key 2 after changing the last bit to decrypt, and the result is shown in Fig 7. Experiments show that this algorithm meets the requirements of secret key sensitivity. In the simulation experiment, the algorithm running time of the encryption process is calculated, and compared with other publicly published algorithms. The time unit is second. The running environment of this algorithm is i5 8400 processor, 8G memory, Win10 operating system, respectively for different sizes the pictures are tested, and the results are shown in Table 2.

C. ANALYSIS OF THE ABILITY TO RESIST DIFFERENTIAL ATTACKS
Differential attack means that the attacker has obtained the plaintext image and the black box encryption algorithm. By making subtle pixel value changes to the plaintext, the two plaintext images are passed through the encryption algorithm to obtain two ciphertext images, and then the ciphertext image is obtained. Analyze to get information about the key, or find the defects of the encryption algorithm. In order to counter the differential attack, when the image encryption algorithm requires slight changes in the plaintext image, the difference between the obtained ciphertext image should be as close to the theoretical value as possible. The general method is to associate the civilized image with the key, and different plaintext The image corresponds to different keys. Even if the plaintext image has a small change, the corresponding key will change greatly; or iterative operation is performed on the pixel value to expand the small change of the plaintext pixel value, and for other pixel values Impact. In order to judge whether the encryption algorithm can resist differential attacks, it is necessary to test the ratio of the number of pixel changes (NPCR) and the average change intensity of pixel values (UACI). The intensity of pixel value change, the theoretical value of NPCR is 99.609375%, and the theoretical value of UACI is 33.4635%. The evaluation formulas of NPCR and UACI are given below: Among them, M × N represents the size of the image, D(i, j) represents whether the pixel value at the coordinate (i, j) position has changed, D(i, j) = 1 represents a change, D(i, j) = 0 represents no change, p 1 (i, j) represents the pixel value of the ciphertext after the original plaintext is encrypted, p 2 (i, j) represents the ciphertext after changing the plaintext encryption The pixel value of [49].
In order to prove whether this algorithm can resist differential attacks, the absolute value of the first pixel of the plaintext image is changed to 1, and the values of NPCR and UACI are calculated according to Eq. (9) and Eq. (10), and then combined with other algorithms Comparison, the results are shown in Table 3.
Experimental data shows that this algorithm has the ability to resist differential attacks.

D. HISTOGRAM ANALYSIS
There are 256 types of pixel values in a grayscale image. In a plaintext image, because the image expresses a certain meaning, the number of pixel values is often uneven, which makes it easy for an attacker to obtain plaintext information by analyzing the number of pixel values. The purpose of the encryption algorithm is to distribute the number of pixel values as evenly as possible, and the purpose of hiding the information of the pixel value has been achieved. Generally, the pixel value is diffused to achieve an even distribution of the number of pixel values.
Select Tanks chart, Plane chart, Boat chart to analyze the histogram. First, draw the histogram of the plaintext image and compare it with the histogram of the ciphertext image. The result is shown in Fig 8. It can be seen from Figure 8 that the pixel histogram of the plaintext image, the number of pixel values is unevenly VOLUME 9, 2021 distributed, and there is obvious image information. The ciphertext image obtained by the encryption algorithm has a uniform number of pixel values, which hides the image information well. Which can effectively resist the attack method of statistical analysis.

E. ADJACENT PIXEL CORRELATION
An image is a way to represent information, which determines that the pixels of an image must be related to each other and cannot be messy, so that the image can express a certain meaning. The encryption algorithm is to break this correlation, so as to achieve the purpose of hiding image information. In this article, qualitative and quantitative methods are used to measure the correlation of adjacent pixels. One is to use the values of two adjacent pixels as coordinates in the plane space to trace the points and visually observe the correlation of adjacent pixels. One method is to find the average correlation coefficient of adjacent pixels through a mathematical formula, and carry out quantitative analysis and comparison. The mathematical formula for solving the correlation coefficient is expressed as follows. As the correlation coefficient r of adjacent pixels decreases, the correlation of pixels also decreases, and the encryption effect of the algorithm is better [52].
Select Tanks map, Plane map, Boat map to analyze the correlation of adjacent pixels, and draw the correlation scatter plots of adjacent pixels in the three directions of the plaintext image and the ciphertext image. The results are shown in Fig 9. It can be seen from the above experimental results that the pixel values of the encrypted image are evenly distributed.
Next, calculate the correlation coefficients of adjacent pixels in the Tanks map, Plane map, and Boat map. Use Eq. (11) to calculate the correlation coefficients of adjacent pixels in the three directions of the plaintext image and the ciphertext image. The results are shown in Table 4.
It can be seen from the table that, compared with the adjacent pixel correlation coefficient of the plaintext image, the adjacent pixel correlation coefficient of the ciphertext image is significantly reduced, making it difficult for the attacker to obtain value from the analysis of the relationship between the pixels of the ciphertext image. The information can effectively resist ciphertext-only attacks, and the effect is better when compared with data from other documents.

F. χ 2 TEST
The χ 2 test can be said to be a quantification of the histogram, which is used to indicate whether the histogram is evenly distributed. The average number of different pixel values in an image is different from the number of each pixel value. Its mathematical expression is as follows.
Among them, v i represents the number of pixels with a pixel value of i, v represents the average number of pixels for each pixel value, the smaller the value of χ 2 , the more even the distribution of the number of pixels of each pixel value, the better the encryption effect of the algorithm, and the more secure the algorithm [53].
Quantify the histogram, analyze whether the pixel value distribution is uniform, use Eq. (12) to calculate the χ 2 value of the plaintext image and the ciphertext image of the Tanks map, the Plane map, and the Boat map, and compare it with other documents. The results are shown in Table 5.
It can be seen from the table that the χ 2 value of the ciphertext is significantly reduced compared with the χ 2 value of the plaintext. The average χ 2 value of the three ciphertext images is better than the theoretical value, and the effect is better compared with the data of other documents.

G. INFORMATION ENTROPY AND LOCAL INFORMATION ENTROPY
In information theory, information entropy is defined as the average amount of information in a message. The more random the source, the greater the average amount of information expressed. Therefore, information entropy can be used to characterize the degree of randomness of information. In image encryption, it can be used Information entropy quantitatively calculates the degree of randomness of the pixel value distribution. The more random the pixel value distribution, the greater the information entropy. Like the χ 2 test, it is also a supplement to the quantitative analysis of histogram analysis. The maximum value of information entropy in a grayscale image It is 8. In actual measurement, the closer the information entropy is to 8, the better the encryption effect of the algorithm. When the information entropy is equal to 8, the histogram is uniformly distributed, and the χ 2 value is equal to 0. The formula of gray image   information entropy can be expressed as: Among them, the parameter s i represents the number of pixels with a value of i, and p(s i ) represents the proportion of pixels with a pixel value of i in the image.
The information entropy of the entire image does not fully reflect the random distribution of local pixel values in an image. Therefore, Wu et al. [56] proposed local information entropy. The formula for local information entropy can be expressed as. In Eq. (14), S i represents the i-th selected pixel group of the image, T B represents the number of pixels in S i , k represents the number of selected pixel groups, and H (S i ) represents the information entropy of S i .
Calculate the information entropy, check whether the pixel value histogram is evenly distributed, use Eq. (13) to calculate and analyze the information entropy of the plaintext image and the ciphertext image of the Tanks, Plane, and Boat diagrams. The results are shown in Table 6.
According to the definition of local information entropy, when, and, the local information entropy is between, it means that the local information entropy meets the target requirement. Use Eq. (14) to compare the plaintext image and ciphertext of Tanks, Plane, and Boat. The local information entropy of the image is calculated and analyzed, and the results are shown in Table 7.
From the data in Table 6 and Table 7, it can be seen that the information entropy in Table 6 is close to the theoretical value of 8, and the local information entropy in Table 7 is in the theoretical interval, indicating that the encryption algorithm meets the security requirements of randomness.

H. ROBUSTNESS ANALYSIS
Robustness is also called robustness. In cryptography, the ciphertext may be damaged due to environmental interference or man-made destruction. A robust cryptographic system should resist this attack to a certain extent. Clipping and noise are generally used in image encryption. To test the system, the system should still be able to decrypt the approximate plaintext under a certain cutting and noise attack intensity, saying that the cryptographic system is robust.
In order to perform robustness tests, the Tanks map is tested using cropping attack, salt and pepper noise, and Gaussian noise. The cropping attack uses quarter cropping, half cropping, and quarter intermediate cropping. The coefficients of salt and pepper noise are selected as 0.1, 0.05, 0.01 for testing, Gaussian noise coefficients were selected as 0.001, 0.0005, 0.0001 for testing, the results are shown in Fig. 10,  Fig. 11, and Fig. 12.
For the above three different types of attacks, calculate the NPCR and UACI of the plaintext image and the decrypted image after the attack, analyze the pixel change ratio and the change intensity of the pixel value of the decrypted image after attacking the ciphertext image, and then illustrate the robustness of the algorithm The strength of sex, the values of NPCR and UACI are calculated according to Eq. (9) and Eq. (10), and the results are shown in Table 8.
The experimental image results and Table 8 show that under a certain intensity of cropping attacks, salt and pepper noise and Gaussian noise attacks, it is still possible to decrypt clear and identifiable images.

I. NIST
The NIST random number statistical test [58] is a method commonly used in cryptography to detect the randomness of a binary sequence. The test method consists of 15 sub-test methods. Many of the tests in the test use the standard normal distribution and chi-square as the reference distribution. If the tested sequence is actually non-random, the calculated test statistic will fall in the extreme region of the reference distribution. During testing, statistical hypothesis testing is a process of generating conclusions with two possible outcomes, either accept or reject. Calculate a test statistical value P-value for the tested sequence. Compare this test statistic with the critical value α. If the test statistic exceeds the critical value, the null hypothesis of randomness is rejected. Otherwise, accept the null hypothesis of randomness. In practice, statistical hypothesis testing is effective because the reference distribution and critical value depend on and are generated under the randomness of the hypothesis. In this paper, the test critical value α is set to 0.01, and the Tanks chart is tested. The test results are shown in Table 9.

VI. CONCLUSION
The Zigzag transform that starts at random positions and crosses bidirectionally is proposed in this paper to scramble the image. It can be seen from the experimental data that compared with other Zigzag transforms, the Zigzag transform scrambling that starts at random positions and crosses bidirectionally is better because it has more transform types. The two-way crossover sorting method is more obvious than the traditional Zigzag transform to reduce the intensity of pixel correlation. After multiple rounds of Zigzag transformation with two-way cross at random positions, the pixel matrix is sorted by the sorting array. In the diffusion stage, multiple rounds of coupling diffusion are used to achieve the purpose of changing the pixel value. Finally, through the analysis of algorithm security, it can be concluded that the chaotic image encryption algorithm of Zigzag transform that starts to cross bidirectionally at random position has good security and time efficiency, and it fully meets the requirements of image encryption. The image encryption algorithm proposed in this paper can only be applied to the encryption of bitmap images. The focus of future work is to expand the scope of application of the algorithm in this paper, so that it can be applied to the encryption of bitmap images, as well as the encryption of other information carriers such as sound and text.