Secure and Fast Image Encryption Algorithm Using Hyper-chaos based Key Generator and Vector Operation

To protect image data privacy, a secure and fast image encryption algorithm using hyper-chaos based key generator and vector operation is proposed. Firstly, we introduce a novel post-process method to create a key matrix for significantly reducing the iterations of the hyperchaotic system from W×H/4 to 2W for an image size of W×H. And within the post-process, a random selector driven by the piecewise linear chaotic map ensures the good randomness and unpredictability of the generated key matrix. Secondly, the vector operation is employed to accelerate the cipher block chaining based diffusion process, so the plain image can be parallel encrypted row by row and column by column with high efficiency. Thirdly, we utilize a Logistic map to quickly produce an initial vector for the vectorized diffusion process. Finally, the proposed algorithm is evaluated by some common security and performance tests. Experimental results show that the cipher image can pass all tests of NIST SP 800-22 with P-values>>0.01, its correlation coefficient between pixels is close to 0, and the entropy is greater than 7.999. Combined with other results of security tests, we can safely conclude that the proposed image encryption algorithm provides adequate protection against statistical, brute-force, chosen-plaintext, and other common types of attacks. In addition, the time complexity is in the order of O(W+H) and the average encryption time of 512×512 images is only 0.023s. The results indicate that our algorithm with high security and fast speed can meet the requirements of real-time confidential transmission of massive image data.


I. INTRODUCTION
With the vigorous development of information technology and online social media, digital images have become part of our daily living [1], [2]. However, numerous images are produced and transmitted daily without adequate protection over the Internet [3]- [5]. Meanwhile, with the gradual popularization of IoT, devices are creating more and more digital images at an alarming rate, securing image data in complex open transmission channels has become a common concern [6]- [8]. At present, encryption and watermarking techniques have become the two major thrusts of image security research. But the small capacity of data hiding makes the watermarking technique more suitable to protect the copyright of digital images [9], [10]. Certainly, the encryption technique makes it possible for us to transmit massive image data without leaking any useful information whether in wireless or wired communications [7]. Although block ciphers, such as 3DES and AES, are commonly adopted [11], [12], extensive practical results [13], [14] indicate that these algorithms designed for textual data cannot effectively encrypt images partially given the low processing speed due to the large amount and high redundancy of image data [15]. Hence, many novel image orientated encryption algorithms have been proposed [16]- [19] with chaos-based image encryption being the most representative approach.
In 1989, Matthews [20] proposed the first stream cipher algorithm using a Logistic map. Since the development of chaos control and chaos synchronization in 1990 [21], the application of chaotic systems to cryptosystems has been 2 increasingly explored. In 1998, Fridrich [22] used a twodimensional Baker's map to develop a common permutation-diffusion structure to fully hide the relationship between a plain image and its corresponding cipher image. Although various techniques have been introduced to enhance the algorithm security [23]- [26], some inevitable risks, such as the small key space, low linear complexity, and short periodic orbit [27], [28], limit the application of low-dimensional chaotic map to image encryption algorithms. However, the theory of hyper-chaos may be helpful to overcome these limitations [29]- [32]. In general, a hyperchaotic system with more than two positive Lyapunov exponents can exhibit more complex attractors, higher unpredictability, and stronger randomness. Moreover, it typically needs more than four state values for iteration, naturally providing a large key space for the corresponding cryptosystem.
In 2008, Gao et al. [33] proposed the first hyperchaotic image encryption algorithm, but it was vulnerable to the chosen-plaintext attacks [34] because its key sequence was independent of the plain image. Thereafter, Li et al. [35] proposed a plaintext-related image encryption algorithm that obtains the initial values of the hyperchaotic system from nine original pixels. However, the sensitivity to variations in other pixels by the application of one-round diffusion was inadequate. A more secure approach should adopt at least two-round cipher block chaining (CBC) based diffusion for the cipher image to relate to every original pixel. But on the other hand, the CBC based diffusion process was serial in common, which led to a practical problem of low encryption speed [36], [37]. Thus, in 2017, Yuan et al. [38] introduced a pixel classification method to parallelize the CBC based diffusion process. However, the insufficient parallelism degree and the usage of rotation resulted in an unsatisfactory efficiency. Then, in 2019, Çavuşoğlu et al. [39] depended on the multi-thread technique to accelerate encryption after dividing the plain image into several subsequences, but the lack of diffusion between threads would cause security issues. In 2020, Zhou et al. [40] converted the original image into multiple 4×4 blocks to encrypt 16 pixels in parallel using a key mask and XOR operation. But only one-round diffusion rendered the proposed algorithm vulnerable to the chosen-plaintext attack and chosen-ciphertext attack. Also in 2020, Zhao et al. [41] presented a highly parallelized algorithm by extending the CBC technique from pixel level to row level, the diffusion process in column remained serialized, and the overall diffusion process could only let pixel information influence its lower-right corner. In general, there is still no appropriate image encryption algorithm to balance security and speed.
Moreover, few studies are available on the time consumption of hyper-chaos based key generators, but it is quite important to improve the efficiency of the image encryption algorithm. On closer inspection, we find that the key generation process even takes longer than the diffusion process [38]- [41]. In order to solve the above problems, we propose a secure and fast image encryption algorithm using hyper-chaos based key generator and vector operation. Firstly, the key generation process is redesigned to produce a key matrix according to the size of the plain image. By applying a post-process method, the number of iterations in the hyperchaotic system can be substantially reduced from W×H/4 to 2W. Taking the two-dimensional structure of the image into consideration, we introduce the vector operation into the CBC based diffusion process, then pixels on a row or column can be encrypted in parallel. Furthermore, the cipher image is highly sensitive to every pixel change through four-round chained diffusion in the vertical direction and horizontal direction. Detailed results and analyses of the security and efficiency performance show that the proposed algorithm can provide fast encryption and can resist various cryptographic attacks such as statistical, brute-force, and chosen-plaintext attacks.
Briefly, the main contributions of this paper can be summarized as follows.
(1) Based on a hyperchaotic system and vector operation, we propose a novel image encryption algorithm that can provide high security protection and fast encryption speed for massive image data transmission on the public channel.
(2) A novel post-process method for the hyper-chaos based key generator is presented. By using bitwise XOR operation and circular shift operation on key stream, a W×H key matrix can be obtained with a 4D hyperchaotic system only iterating 2W times. More importantly, a random selector within the post-process guarantees the randomness and unpredictability of the key matrix.
(3) We utilize the vector operation to accelerate the CBC based diffusion process. Hence, the plain image can be encrypted by row in the vertical direction and by column in the horizontal direction. Moreover, the update of initial vector between two diffusion rounds during the fourround encryption process ensures adequate diffusion, and thus even minor changes of any pixel can significantly influence the results of the encryption. The remainder of this paper is organized as follows. Section II presents the preliminaries for this study. In Section III, we introduce the proposed image encryption algorithm. In Section IV, we report and analyze the experimental results of the proposed algorithm. In Section V, we further test the proposed algorithm on color images. Finally, we draw conclusions in Section VI.

II. PRELIMINARIES
In this section, all the chaotic systems for constructing the proposed image encryption algorithm are presented, and the mechanism of vector operation is also described.

A. HYPERCHAOTIC LORENZ SYSTEM
Nowadays, various new types of hyperchaotic systems [42]- [45] have emerged. But as one of the most often used hyperchaotic systems to construct secure image encryption algorithms, the hyperchaotic Lorenz system (HCLS) has been proved to have good inherent randomness, high initial sensitivity, and large key space [46], [47]. Moreover, many observations have verified that HCLS keeps chaos character with long period in the digital system [29], [33], [35]- [37], [46], [47]. In this study, we add a nonlinear controller 4 2 3 4 x x x dx    on the original Lorenz system [47], then the HCLS equation is given by where a, b, c, and d are control parameters of HCLS.
For a=10, b=8/3, c=28, and d=−1, the system contains two positive Lyapunov exponents [48]: LE1=0.3381 and LE2=0.1586. Hence, the system evolves into a hyperchaotic state and can generate an extremely complex and dense motion trajectory, as shown in Fig. 1. Therefore, we can rely on the HCLS to implement a secure pseudorandom number generator with a long period and high linear complexity.
where p is a control parameter and y(i)∈(0,1).
The PWLCM evolves into a chaotic state, when p is in the range of 0 and 0.5. In this paper, we let p=0.25 for the research. Since the PWLCM has a very simple structure, and can rapidly generate a sequence of uniform distribution, we employ it in a fast random selector for post-processing the pseudorandom numbers to obtain a secure key matrix according to the size of the plain image.

C. LOGISTIC MAP
The Logistic map (LM) [50] is a famous one-dimensional chaotic system given by ( 1) where μ is the control parameter that must be in the range of 3.56 and 4 for chaotic behavior [51].
In this study, we utilize LM, and set μ=4 to get the largest Lyapunov exponent, as a producer to quickly generate an initial vector for the vectorized CBC based diffusion process.

D. Vector Operation
A vector operation refers to the simultaneous application of an operation to a set of values. Thus, it allows to operate on aggregates of data without resorting to loops to handle individual scalar operations. Nowadays most CPUs combined with a modern programming language and single instruction multiple data extension (SIMD) can accelerate the program execution speed by implicit parallelization using vector operation. Suppose i=1,2,…,n-1,n, 1 are two row vectors with length n, 1 are two column vectors with height n, and s is a scalar. We define function vec_opr() as a kind of operation between two vectors (or between a vector and a scalar) and function opr() as a kind of operation between two scalars, then the vector operations are described in Eq. (4). At present, SIMD has evolved from SSE 128 bits to AVX 512 bits [52] endowing vector operations with a more powerful parallel computing ability. Furthermore, vectorization is requisite to implement algorithms in parallel computing platforms, such as the graphics processing unit (GPU) and the field-programmable gate array (FPGA). As digital image data are stored in matrix form, many image processing algorithms have been vectorized to improve the operating efficiency [53], [54].
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/ This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication.

III. THE PROPOSED SECURE AND FAST IMAGE ENCRYPTION ALGORITHM
In this section, the proposed image encryption algorithm is detailed regarding a key matrix generation method, an initial vector generation method, and a four-round vectorized diffusion method. The flow diagram of our algorithm is shown in Fig. 2, where W and H are the width and height of the plain image respectively, functions vec_add(), vec_mod(), and vec_bxor() represent the vectorized operations of addition, modulus, and bitwise XOR (bitxor). It must be noted that, for the sake of simplification, although we use common operations in the following subsections to calculate vectors (or a vector and a scalar), they represent the vectorized operations.

A. THE KEY MATRIX GENERATION METHOD
To obtain the key stream for encrypting an image, the realvalued chaotic sequence must be converted into an integer sequence. The general process to get the key stream is shown in Fig. 3. Thus the HCLS must perform at least WH/4 iterations to obtain a key stream with enough length for encryption.  However, the high complexity of the hyperchaotic system imposes a tradeoff between security and efficiency in a cryptosystem. By introducing a key schedule method to post-process the key stream, a W×H key matrix can be quickly obtained, as shown in Fig. 4, with the HCLS only iterating 2W times.  [1,2,3,4] I n , n∈ [5,6,7,8]  Then, the Algorithm and descriptions of the key matrix generation method are detailed below: Step 1: (1), then use the fourthorder Runge-Kutta method to iterate the HCLS pre1 times to overcome the transient effect.
Step 2: Initialize an empty sequence B of length 8W.
Step 3: Continue to iterate HCLS 2W times and fill new state values into B.
Step 4: Transform the real-valued sequence B into an integer sequence I.
Step 6: Initialize an empty sequence S of length 2H.
Step 7: Continue to iterate the PWLCM 2H times and fill new state values into S.
Step 8: Transform the real-values sequence S into integer sequence S'.
Step 10: Initialize an empty matrix K with the size of W×H.
Step 12: Apply bitxor operation between temp1 and temp2, and fill the result into K, then update In using cyclic right shift (circshift) operation.
Step 13: Repeat Step 11 and Step 12 H times to obtain key matrix K.

B. THE INITIAL VECTOR GENERATION METHOD
Similar to most CBC based diffusion algorithms, an initial vector is required in the proposed encryption algorithm to start diffusion. However, the initial vector for the vectorized diffusion process is longer than that for existing algorithms, consequently increasing the storage and transmission costs.
As the LM can rapidly produce many random numbers from few initial values, we use it to generate the required initial vector as follows: Step 1: Input z(1), then iterate the LM pre3 times to overcome the transient effect.
Step 2: Initialize an empty sequence V with length of W.
Step 3: Continue to iterate the LM W times and fill new state values into V.
Step 4: Transform real-valued sequence V into the initial vector IV1 consisting of integer numbers by 15 1 floor ( 10 )  Step 1: Input plain image P, key matrix K, and initial vectors IV1 as shown in Fig. 5(a).
Step 2: Use K for row-by-row encryption of P from top to bottom, as defined in Eq. (6). Let encrypted row to influence the next row and IV1 to encrypt the first row.
After the first round of diffusion, temporary cipher image TC1 is created, as illustrated in Fig. 5(b).  (6) Step 3: Use K for column-by-column encryption of TC1 from left to right, as defined in Eq. (7). Let encrypted row to influence the next column and IV2=TC1(:,W) encrypt the first column. After the second round of diffusion, temporary cipher image TC2 is created, as illustrated in Fig.  5(c).  TC  IV TC  temp TC  TC  TC K temp (7) Step 4: Use K for row-by-row encryption of TC3 from top to bottom, as defined in Eq. (8), and IV3=TC2(H,:) to encrypt the first row. After the third round of diffusion, temporary cipher image TC3 is created, as illustrated in Fig.  5(d).
IV TC temp TC TC TC K temp (8) Step 5: Use K for column-by-column encryption of TC3 from left to right, as defined in Eq. (9), and IV4=TC3(:,W) to encrypt the first column. After the fourth round of diffusion, temporary cipher image TC4 is created, as illustrated in Fig. 5(e).
IV TC temp TC TC TC K temp (9) Step 6: Output TC4 as the final cipher image C as shown in

D. THE DECRYPTION PROCESS
The decryption process is the converse of the encryption process, as shown in the flow diagram in

IV. EXPERIMENTAL RESULTS AND ANALYSES
We used common tests to thoroughly evaluate the security and performance of the proposed algorithm.  The first column and second column of Fig. 7 show that the proposed algorithm can encrypt a meaningful image as an unordered image without leaking useful information. The third column of Fig. 7 shows that the encrypted images can be successfully recovered using the decryption algorithm and a correct session key. The simulation results demonstrate the feasibility of the proposed algorithm.
Below, we report the results of common test methods that verify the security and operational efficiency of the proposed image encryption algorithm.

A. HISTOGRAM ANALYSIS
The grayscale histogram shows the distribution of a digital image's pixels. An ideal cipher image should have a uniformly distributed histogram with all the pixels being equiprobable to hide the pixel frequency of the plaint image. Fig.8 shows the histograms of the plain and cipher images. In the second column of Fig.8, the histograms of the plain images have noticeable distribution characteristics. After applying the proposed encryption algorithm, the histograms of the corresponding cipher images are uniformly distributed, as shown in the fourth column of Fig.8.
In addition, we calculate chi-square (χ 2 ) values of the above images by Eq. (10) to further analyze the distributions of pixels.  Table 1. Since all the P-values are greater than 0.05, it indicates that any plain image encrypted by our algorithm has a good random distribution to resist frequency attacks.

B. STATISTICAL ANALYSIS
In this subsection, we use the NIST SP 800-22 test suit, which consists of 15 statistical tools to check the randomness of a sequence, to verify the statistical performance of the proposed algorithm. Both the key matrix used in the encryption and final cipher images are converted to binary sequences for the test. And the significant level α is set to 0.01, which means the result of each test must be greater than 0.01 to consider a sequence to be random with a confidence of 99%. In Table 2, it can be observed that all the P-values exceed the threshold of randomness statistical tests. Hence, we can conclude that the proposed image encryption algorithm has strong robustness against statistical attacks.

C. KEY SPACE ANALYSIS
Owing to the rapid development of computing devices, exhaustive attacks threaten symmetric encryption algorithms.
The key space of a secure encryption algorithm must be larger than 2 128 to resist brute-force attacks [38], [39]. In our algorithm, the session key has two parts: 1) pre-iterations of the chaotic systems with 16-bit unsigned integers, and 2) initial values of the chaotic systems with double-precision floating-point numbers. Thus, the key space of the proposed algorithm is (2 16 ) 3 × (10 15 ) 6 ≈ 2 345 . Table 3 lists the comparison of key spaces between various image encryption algorithms. Although a larger key space provides higher resistance against brute-force attacks, it also means harder transmission. Since NIST declares the key space more than 256 is enough for most encryption scenarios [12], our algorithm can achieve the same protective effect against brute force attacks as some algorithms with larger key space.

D. PLAINTEXT SENSITIVITY ANALYSIS
To resist a differential attack, a secure encryption algorithm must be sensitive to minor changes in the plain image. In other words, even one bit change in any position of a plain image should make the encryption generate a totally different cipher image. There are two common standards given by Eq. (11), NPCR (number of pixel change rate), and UACI (unified average changing intensity), to measure the sensitivity to one bit change in plain images.
where C1 and C2 are cipher images. We evaluated the ability of the proposed encryption algorithm to resist a differential attack as follows. First, we 12 changed one bit of a randomly selected pixel in the original plain image. Then, we used the same session key to encrypt both the original and modified plain images. Thus, we obtained two cipher images, C1 and C2. Finally, we used Eq. (11) to calculate NPCR and UACI between C1 and C2. We evaluated all the test images 100 times and obtained the average NPCR and UACI listed in Table 4. Our algorithm can effectively resist a differential attack because the experimental results are close to the expected values: NPCRE = 99.6094% and UACIE = 33.4636% [1], [2]. Furthermore, the results of the other algorithms indicate the superior performance of the proposed algorithm. Thus, the proposed encryption algorithm can provide higher security for image communication under strong differential attacks.

E. KEY SENSITIVITY ANALYSIS
A secure encryption algorithm must also be sensitive to minor changes in the session key. In other words, even one bit change in the session key should make the same plain image to be encrypted in a different cipher image. We divided the key sensitivity test into two stages: encryption and decryption.
In the first stage, we slightly modified the seven values of the session key. In each round of the test, we slightly changed the least significant digit of the value. Then, we encrypted the test image using the original and modified session keys. Finally, we obtained NPCR and UACI to compare the two cipher images. Table 5 lists the results of this stage. The values of pre1, pre2, and pre3 were only increased by 1, while those of x1(1), x2(1), x3(1), x4(1), y(1), and z(1) were only increased by 10 −15 . The NPCR and UACI values indicate that each pair of cipher images encrypted using slightly different session keys are highly dissimilar. Thus, the proposed image encryption algorithm is sensitive to the encryption key. In the second stage, we used the abovementioned session keys to evaluate the decryption key sensitivity of the proposed algorithm. Unlike the previous test, we used the original and modified session keys to decrypt the same cipher image, and then we obtained a correctly decrypted image and an incorrectly decrypted image, as illustrated for the Lena image in Fig. 9. Fig. 9(a) and (b) show that even by only adding 10 −15 to x1, the cipher image fails to be correctly decrypted and results in salt-and-pepper noise. Only using the exact decryption key allows the cipher image to be recovered as the original plain image, as shown in Fig. 9(c) and (d). The NPCR and UACI values between pairs of incorrectly decrypted images and plain images are listed in Table 6. Any minor change in the decryption key leads to failed decryption.
Thus, the proposed decryption algorithm has high key sensitivity and can resist brute-force attacks.

F. ANALYSIS OF THE CORRELATION BETWEEN ADJACENT PIXELS
A high correlation between adjacent pixels hinders the effective hiding of plain image information. Hence, a secure encryption algorithm should minimize the correlation between adjacent pixels, with a low correlation between adjacent pixels in cipher images indicating the high security of an encryption algorithm.
For the pixel correlation test, we randomly selected 10,000 pairs of adjacent pixels along with the horizontal, vertical, and diagonal directions from the plain image of Lena and its corresponding cipher image. Fig. 10 shows the correlation distribution. In Fig. 10(b)-(d), the distributions of adjacent pixels on the plain images are highly concentrated. In contrast, the distributions of adjacent pixels in the cipher images are randomly distributed, as shown in Fig. 10(f)-(h). Therefore, the proposed encryption algorithm can substantially reduce the correlation between adjacent pixels for increased security. We further used correlation coefficient rxy to measure the robustness of the proposed image encryption algorithm against statistical attacks given by , (12) where N = 10,000 and xi and yi (i = 1, 2, …, N) are pairs of adjacent pixels randomly selected from the image. Table 7 lists the correlation coefficient between adjacent pixel pairs on test images. The value of rxy in all the plain images is close to one along each direction, and that in all the cipher images is close to zero along each direction. Comparison results of the correlation coefficient on the Lena image are listed in Table 8. The proposed encryption algorithm provides a low correlation between adjacent pixels. Overall, the proposed algorithm provides satisfactory encryption for high resistance to correlation attacks. -0.0052 0.0031 -0.0003 Ref. [39] 0.0052 0.0052 0.0052 Ref. [40] -0.0381 -0.0291 0.0027 Ref. [41] 0.0052 -0.0001 -0.0022 Ref. [42] -0.0019 0.0105 -0.0019 Ref. [43] 0.0010 -0.0026 0.0017 Ref. [44] 0.0015 -0.0090 -0.0120 Ref. [45] 0.0055 -0.0053 -0.0100

G. INFORMATION ENTROPY ANALYSIS
Information entropy is an important measure of randomness on an image. A higher entropy indicates more information and more randomness, and the entropy reaches its maximum only if the probabilities of all the information elements are equal. The information entropy is defined as (13) where L denotes the number of possible elements gi and p(gi) represents the frequency of element gi, with the entropy of an ideal random 8-bit grayscale image being 8. Table 9 lists the information entropy values for various encryption algorithms. The information entropy of the cipher images is close to eight, indicating that the proposed algorithm can resist entropy attacks. Compared with existing algorithms, our proposal has made some progress regarding information entropy.

H. CHOSEN-PLAINTEXT ATTACK ANALYSIS
A secure encryption algorithm must resist chosen-plaintext attacks by preventing an attacker from distinguishing two encryptions even if the attacker can elaborately choose the corresponding plain images. An all-black or all-white image is often used to analyze the vulnerability of encryption algorithms [1], [2], [40], [44]. The proposed algorithm uses four-round vectorized diffusion to ensure that any pixel information spreads to the entire cipher image, thus having a high sensitivity to any plain image. Fig. 11 shows the histogram of all-black and all-white images of 512×512 pixels, and Table 10 lists the experimental measures. In Fig.  11, the pixel distributions of the all-black and all-white images are uniform after encryption. Thus, an attacker cannot obtain useful information from the cipher images to break the encryption algorithm. More importantly, the plaintext sensitivity, entropy, and correlation results listed in Table 8 indicate that the proposed algorithm provides an excellent performance regarding the corresponding measures, even when using these specific plain images. Therefore, the proposed image encryption algorithm can resist chosenplaintext attacks.   Fig. 12 shows the results of noise attacks applied to the proposed image encryption algorithm. The cipher image can be decrypted even when it is polluted by different types and intensities of noise, and the recovered Baboon image is recognizable. Fig. 13 shows the decrypted results of the cipher image with data lost 1/16, 1/8, 1/4, and 1/2. Although the cipher image can be decrypted to a meaningful image, we observe that the noise mainly concentrates somewhere. It means in some special situations, such as satellite image encryption and medical image encryption, the receiver has a certain probability of missing some key information. Alternatively, a solution to this problem is adding a scrambling process before or after the diffusion process, but the time consumption may cost even more than the diffusion process [43]. Therefore, our algorithm can recover a useful image from data loss in most real-time communication scenarios. Furthermore, decrypted images with pollution and data loss are evaluated by the PSNR (Peak Signal to Noise Ratio). 2 (14) In Table 11, the PSNRs of images decrypted from cipher images with different pollution and data loss are presented. By comparison with previous works, our algorithm still has good performance despite the above-mentioned weakness. It indicates that the proposed image encryption algorithm has strong robustness to protect data transmission on the Internet.  For the programming environment considered in this study, the execution time of the proposed algorithm on test images from the USC-SIPI Image Database [55] is listed in Table 12. Although MATLAB has low efficiency, the proposed encryption algorithm is still fast. The improvements in key generation and diffusion process substantially increase the running speed of the proposed algorithm compared with existing algorithms even when considering programming environment differences. Hence, the proposed encryption algorithm can guarantee image real-time transmission as well as image security.

V. PERFORMANCE ANALYSIS OF COLOR IMAGES
In this section, the proposed algorithm is evaluated by security tested on color images.

A. SIMULATION AND HISTOGRAM RESULTS
The color image consists of pixels in the R channel, G channel, and B channel. Since it is more expressive than the grayscale image, it has more extensive application prosperity. The simulation and histogram results of the Lean color image are shown in Fig. 14. The encryption and decryption results are respectively shown in the third row and fifth row of Fig. 14 And by comparison with the second row and fourth row of Fig. 14, we can conclude that the distributions of pixels in all channels have been hidden after being encrypted by the proposed algorithm. Hence, the results indicate that our algorithm is also suitable to deal with color images.

B. OTHER ANALYSES
In this part, we utilize γxy, χ 2 , NPCR, UACI, and information entropy tests to evaluate the security performance of our algorithm on color images, and obtain the time consumption of color image encryption (execution time and throughput are 0.063s and 12.6 Mbps). Table 13 shows the results of all the tests, and also demonstrates the comparisons with the results of other algorithms. Since the results are all close to ideal values and are superior to the previous algorithms, we can safely conclude that the proposed image encryption algorithm also has good security and speed performance for color images, not just for grayscale images.

VI. CONCLUSIONS
We proposed a secure and fast image encryption algorithm using hyper-chaos based key generator and vector operation. Aiming to reduce the time consumption of key stream generation, we present a novel method to post-process key stream generated from the general method. As a result, the HCLS only iterates 2W times rather than W×H times to create a key matrix with the same size as the plain image (W and H are the width and height of the plain image respectively). During the key matrix generation process, a PWLCM is employed as a random selector to control the bitwise XOR operation between the quantified hyperchaotic sequences, which can further enhance the randomness and unpredictability of the key matrix. Then, considering twodimensional images, we introduce the vector operation into the CBC based diffusion process, so the plain image can be implicit parallel encrypted row by row and column by column with high efficiency. Furthermore, by using an initial vector as a chain between two diffusion rounds, any pixel information and key information can be diffused to the whole cipher image. Thus, even a minor change of the session key or the plain image completely changes the resulting cipher image. In addition, we apply an LM to fast generate an initial vector for the first diffusion round, which can facilitate the storage and transmission of the initial vector. Experimental results show that the proposed encryption algorithm has a large key space of 2 345 , high plaintext sensitivity with NPCR near 99.6094 and UACI near 33.4636, and high session key sensitivity to resist statistical, brute-force, differential, and some other common attacks. Besides, it achieves high performance regarding information entropy>7.999, and noise and data loss robustness with PSNR>10db. Moreover, tests on all-black and all-white images verify the chosen-plaintext attack resistance of our algorithm. In addition, the positive results of tests on color images indicate that our algorithm has a wide application perspective. Finally, the time complexity of our algorithm is in the order of O(W + H), which supports the algorithm to encrypt a 512×512 image in 0.03s. Overall, despite some respects, such as key space and data loss resistance, show slightly insufficiently, the proposed image encryption algorithm still meets the security, efficiency, and robustness requirements for most daily image confidential communications.