Construction of S-Boxes using Different Maps over Elliptic Curves for Image Encryption

In this article, we present an encryption technique that can encrypt any digital data. The proposed scheme basically depends on a substitution-permutation network. Two separate bijective maps are used in the proposed algorithm. Firstly, the substitution boxes are used to perform the substitution process. This technique uses elliptic curves (ECs) to create several substitution boxes with good cryptographic properties. The generated substitution boxes are utilized to replace the arrange data that produces the most uncertainty in the plain image data. Further, we used the permutation process to generate strong randomness in the proposed technique. For the evaluation of the stability of the proposed algorithm; nonlinearity, linear approximation probability, bit independence criterion, strict avalanche criterion and differential approximation probability were performed on the substitution boxes. Differential attacks ( Number of Changing Pixel Rate (NPCR), Uniform Average Change Intensity (UACI)) and statistical tests ( Entropy, Correlation) were performed on the encrypted images to check their resistance against different attacks. The execution and image analysis reveals that the proposed scheme attains good encryption results while requiring minimal computing ability and has efficient potential in real-time image encryption applications.


I. INTRODUCTION
The protection of information communicated through any channel or network is a challenging problem because of the appearance of evil and doubtful users whose purpose is just to disturb the verbal exchange. Their aim is to recognize the conditions of the information transfer by authentic users. The most important history of secure direction is lying below the extent of cryptography, steganography, and watermarking. The purpose of security techniques like cryptography, steganography, and watermarking is the secure data to transmission. To ensure the secure transformation of data, fast improvement has occurred within the area of digital database generation and multimedia facts. This progress aims to protect the conditional data from any unauthenticated users. A particular dependable procedure for this intention is an image as a base, the use of general-primarily establish cryptosystems. Images themselves are extremely essential, sending someone in ordinary or uncommon pastimes concerning the private, conventional, navy group, clinical records, and so forth. To make certain the safety of comfortable image channeling, diverse techniques have been built consisting of chaotic and strategy primarily based systems ( [1] - [10]).

A. RELATED WORK
Elliptic curve-based algorithms are generally used to yield extra safety to the data. We'll focus our attention on EC-based cryptography (ECC), which employs innovative solutions proposed by several analysts. Miller [11] and Koblitz [12] were the first to suggest using the EC as a public key cryptosystem in 1985. A unique type of cryptosystem is one that is based on various mathematical systems. S-box is solely responsible for uncertainty and scattering in load facts in a variety of cryptographic algorithms. ECs are also utilized to create secure cryptographic systems. Other than the Diffie-Hellmans protocol, Miller created a cryptographic system based entirely on ECs in [11] that is 20 percent faster. Neal et al. [13] are used to create yet another fast and stable cryptographic system is entirely based on the concept of a disjoined arithmetic debate over elliptic curves. Except for RSA, Amara et al. [14] found that elliptic curve cryptography (ECC) had better certainty than RSA. The goal of this paper is to present a novel and well-organized method for constructing cryptographically secure substitution boxes (Sboxes) and securing secret images with ECs beyond prime field (PF). The x and y-coordinates of point of (ECs) are used in two bijective mappings in the new created s-box technique. The proposed image cryptosystem, on the other hand, is based on a method that generates an effective S-box. After the first stage, steganography employing the least significant bit technique was used. Traditional cryptographic methodologies, on the other hand, were not fully utilized; instead, some basic ideas and techniques were applied to the encryption of images as a building block of ciphering methodology ( [6], [32]- [36], [40], [41]). The substitute boxes also help to secure the image. It is the principle a part of the same old cryptographic algorithms like DES (facts encryption preferred) and AES (superior encryption fashionable) etc. [42]. The S-box is the only nonlinear component of block ciphers. The link between plain and ciphertext data is muddied by S-boxes. This mysterious interaction is described as "confusion." There are numerous techniques for creating non-linear components that raise the cryptosystem's uncertainty. Many scholars have used mappings on the elements of the Galois field (GF), such as the chaotic mapping, to improve the strength of S-boxes throughout the last few decades [6]. The key stream generation process, three-round scrambling process, and one-round diffusion process are the three processes that make up the encryption system by employing Josephus Traversing and mixed chaotic map [32]. Three stages of significant operations are carried out during the encryption process in [33]: DNA coded selected hyperchaotic sequence based pixel shuffling, DNA coded pixel diffusion, and DNA coded pixel shuffling. A new multi-dimensional multiple image encryption method has been developed [34]. The encryption operation does a one-round shuffling and diffusion of blocks and pixels (if any). Bitplanes decomposition and the parallel GA algorithm are used to create a new image encryption solution. GA performs permutation and substitution steps, which are the most important parts of this approach [35]. I. Khalid et al. [36] divide the image's pixels into LSB and MSB, then transform the MSB to LSB. The S-box was used to create uncertainty in the original image. The researchers used two or more methods in the majority of their studies, step-by-step approaches for improving image privacy. The author explored the consequences of the ECC-based encryption technique and compared it to other asymmetric key cryptographic protocols such as RSA and others. The authors proved the ECC scheme's security flaws. The majority of the schemes have a tiny key-space and take a long time to execute. The development of EC points is typically a timeconsuming technique that has an impact on the overall computing time; as a result, there is a desire for the approach to generate EC points relatively quickly.

B. MOTIVATION
Because of the widespread use of ECC-based image encryption techniques, the inspiration for our research article is presented below.
i. By using ECC we get not only diffusion in cryptosystem, but it also helps us to create confusion for a strong cryptosystem. ii. Furthermore, the traditional transformation of EC points into (x,y) affects the algorithmic complexity, necessitating a constructive and productive process for conversion. iii. The creation of EC points is mostly a time taking technique that affects the entire computing time, hence the approach must generate EC points relatively quickly.

C. OUR CONTRIBUTION
The goal of this work is to demonstrate a new and productive method for constructing cryptographically well-built S-boxes with high Non-linearity, as well as the security of independent images depends on ECs above PF. The newly proposed S-box approach employs the x and y component of points in a finite EC, as well as the modulo 256 operation. The suggested s-box production scheme depends on the generality of two separate maps, along with the suggested image cryptographic technique is based on S-boxes produce by newly discovered methods.
The rest of the paper is laid out as follows: Preliminaries are included in Section 2. Section 3 provides an overview of existent S-box generating schemes. Section 4 presents a new method for the production of S-boxes across EC while section 5 contains their analysis and comparison. The proposed S-box algorithm is used to create a new image encryption system in Section 6. In addition, Section 7 carries a full examination and observation of the proposed image secure system. Finally, Sections 8 and 9 discusses the conclusion and future directions respectively.

II. PRELIMINARIES
Let F p be the PF with p elements, and let p be a prime. The non-singular EC(a, b, p) across the field F p is describe as follows a, b ∈ W where a, b ≤ p.
if the ECs discriminant (4a 3 + 27b 2 )(modp) is not zero. The parameters of the E(a, b, p) are denoted by a,b and p. Unless otherwise stated, an EC over a PF is referred to as simply an elliptic curve, and the no. of entries in set B(finite) is indicated by #B, and its ith entry is represented by i. The no. of elements #E(a, b, p) on an EC is extremely valued. In general, determining the correct #E(a, b, p) is a difficult project. However, Hasse's Theorem [15] may be used to determine a border on #E(a, b, p) as follows: The injective function rho(x, y) → (x p , y p )(modp) through E(a, b, p) to ρ is termed as Frobenius function.

A. ELLIPTIC CURVE POINTS ADDITION
We can define Elliptic curve addition over the extraordinary subject like R and addition modulo P.
Addition over R [15] An EC over the field R is representing by E(R) and describe by having two points Define a new point p 3 as follows An expression below will show that this is not the same as adding coordinates of the points. We assume that the first point p 1 = p 2 and that neither point is ∞. Its slope is Suppose we have two points R 1 , R 2 ∈ E(R) with R 1 = (x 1 , y 1 ) and R 2 = (x 2 , y 2 ), we want to add these two points for this we discuss some cases. case 1 case 2 if case 1 and case 2 do not meet each other then we discuss case 3 for the addition of two points. case 3 where m is

III. QUICK OVERVIEW OF S-BOX CONSTRUCTION APPROACHES
The Rijndael block cipher [16] has been adopted as the Advanced Encryption Standard by the National Institute of Standards and Technology (NIST) (AES). One of the most used cryptosystems is AES. Because of AES's importance, several cryptographers have looked into the cryptographic features of the S-box. In [17], authors find an analytical description of the AES S-box. Also, authors discovered that the AES may be described by a quadratic equation system. Rosenthal investigates the non-linear aspect of AES in [19] by looking at its polynomial representation. Because the AES S-box has few non-zero terms in its linear polynomial, it is concluded that it has low algebraic complexity, and so AES may be vulnerable against algebraic attacks. The EC function is used in the image encryption technique [19]. The approach in [19] alters the dimension of the original image by using the constant k, which is the ECs starting reservations and control parameter. The security assessments show that the encryption strategy based on the chaotic elliptic map is advantageous and resistant to well-known attacks. The article [20] presents an image encryption system for ECC based on a fastmapping scheme with matrix method. The researchers exploited various attributes of the matrix and EC in the proposed work to transform alphanumeric character values to elliptic curve coordinates (x,y) using a nonsingular matrix. A novel scheme in [43] based on modified Pascal's triangle and elliptic curve. A new transformation and suggested a novel method to construct efficient S-Boxes using cubic fractional transformation are define in [44]. Authors [45] suggested an effective image encryption method based on three dimensional chaotic dynamical systems and confusion components. The confusion and diffusion were added by utilizing Rabinovich-Fabrikant chaotic system and nonlinear component based on discrete two-dimensional S8 Sboxes. In article [46], using a new nonlinear mapping (cubic polynomial mapping), the authors suggested an innovative and simple method to design efficient S-Boxes. Some others techniques for S-box construction and image encryption schemes are discuss in ( [47] - [51]). Many of the methods have small key-space and high level execution times.

IV. THE PROPOSED APPROACH FOR GENERATING S-BOXES
In this section, we'll present a quickly and easily method to generate a large number of different, unrelated objects and comfy injective m × n s-boxes primarily based on the x,y coordinates of an EC for the encryption of distinctly correlated data. The proposed method take inputs integers a,b,p s.t a, b ≤ p − 1, where p is taken so large that we get our required result with the best statistical analysis.

A. THE ALGORITHM
The five main steps of the proposed S-box generating method are listed below.
Step 1: Choose any a, b ∈ W as well as a prime number p such that a, b ≤ p − 1.
Step 2: The p-value is chosen to ensure that the EC E(a, b, p) contains minimum 256 different elements. Because an s-box on the GF (2 8 ) contains 256 different entries, this restriction is required necessary.
Step 3: In the third step, take the EC defined in eq. (1) to generate the points on it: Step 4: In this step, we take a EC point (x,y) and apply bijective transformations and get two different output values about each point on the EC E(a, b, p) except the point having x coordinate is zero. Bijective mappings [21] are defined as follows: Step 5: Finally, the first 256 different numbers in each of the above two relations that are defined in eqs. (5) and (6) are selected to form an S-boxes S u(a,b,p) and S v(a,b,p) . If the element in (5) and (6) does not have 256 distinct numbers following it, the proposed approach will not find an S-box. The newly created S-box is bijective, as seen in step 5. The proposed approach is used to generate S-boxes on various ECs. Table 1 shows the S-boxes S u(a,b,p) , S v(a,b,p) produce by the new suggested approach in 16 × 16 standard form.

V. S-BOX ANALYSIS AND COMPARISON
We analyze the experimental findings of randomly generated S-boxes using the suggested methodology in this section. The Sboxes formed by the proposed technique is particularly efficient for secure communication, as can be seen. Randomly generated distinct S-boxes, various standard security analysis tests are adapted on S u(909,230,1723) ,S v(431,1148,1723) ,S v(431,1159,1723) by the suggested scheme. One can examine the S-boxes formed by the proposed technique are extremely efficient for secure communication. In addition, the experimental outturn are analyze to several of the previously published sboxes [ [22], [23], [36]- [41]]

C. STRICT AVALANCHE CRITERION (SAC)
Webster et al. [26] proposed this criterion based on a mix of the avalanche outcomes and integrity. When one input bit is inverted, the test determines the probability of a shift of cipher bit. An 8×8 dependence matrix is used to calculate the SAC (eq.10) of an S-box matrix where α(h k ) is the number of non-zero bits in h k . If all of the self-reliance matrix entries are close to 0.5, the SAC is satisfied. In addition, we ran the SAC test on a variety of different planned and current S-boxes, with the results shown in Table 5. The proposed S-boxes have an average SAC maximum and minimum of 0.5914 and 0.4111, respectively. As a result, the S-boxes created using the suggested method pass the SAC test. Furthermore, the SAC results of freshly designed S-boxes are equivalent to the SAC results of S-boxes that are already listed.

D. BIT INDEPENDENCE CRITERION (BIC)
The BIC test was proposed by author in [26] to evaluate how distinct a pair of outcome bits is when one input bit is complemented. In BIC, one bit is commended, and the influence on the output bits is measured using the CC (correlation coefficient). An S-box is regarded to pass the BIC test if its BIC value is close to 0.5. The BIC is based on the recommended and some already surviving S-boxes. Table 5 lists the BIC minimum and maximum for proposed S-boxes and already exist various S-boxes. The proposed S-boxes' average BIC values 0.500419,0.49909, and 0.504225 which are very close to 0.5. Table 3 shows the Sboxes. The results of the BIC test ensure that the suggested S-boxes are resistant to common attacks.

E. DIFFERENTIAL APPROXIMATION PROBABILITY (DP)
In [27] authors used this DP test to find out the probability effect of a specific input bit change on the difference of the consequent output bits. The DP(defined in eq. (11)) of an S-box S is calculated using the following mathematical formula where ∂s, ∂t ∈ GF (2 8 ).
If it has a low DP, an S-box can effectively resist differential attacks. Table 5 lists the DP of the proposed and already existing S-boxes employed in this article. Some of the suggested S-boxes have a DP value of 0.0390, which is lower than the S-boxes in [7], [8]. When compared to some of the current S-boxes, this means that the S-boxes constructed by the suggested approach may withstand differential attacks more successfully.

VI. PROPOSED IMAGE ENCRYPTION SCHEME
Without loss of generality, we assume that the plain-image is a 256 × 256 gray-scale image with a dimension of T = N 1 × N 2 and that the plain-image is an integer matrix with N1 rows and N2 columns, with values ranging from [0-255]. Convert the gray-scale image pixels into n × n squares matrices each of which contains 256 elements, and proposed s-boxes also contain 256 different elements range from [0-255].
In the first phase, we use the obtained s-box to Substitute the image's scrambled component (the procedure is the same as AES substitution). In the next phase, we take another obtained s-box (which is not used in the first phase) as a key k and perform an addition operation with n × n squares matrix of scrambled image (obtained in the first phase) under mod 256.

A. ENCRYPTION ALGORITHM
In this subsection, we discussed the process of image encryption in detail. z n = mod(z n , 256) Now we substitute the obtained permuted pixels of image to enhance the nonlinearity of the proposed scheme.
The scrambled image(Is) after substitution is shown in Fig. 2b . Let x ∈ I s as an input entry and corresponding k ∈ M s is a secret key for the proposed scheme. Now we compute this mathematical expression to get cipher image entries as follows where we take p = 256 to restrict the range of entries between 0 and 255. vi. In the last step, we get cipher image entries illustrated in figure 2(c).
The suggested encryption scheme is used to encrypt images of various sizes, including dimension, intensity levels, and encryption parameter range. Figure 2 displays some of the encrypted images.

B. DECRYPTION ALGORITHM
In this subsection, we discussed the process of image decryption in detail. First, VOLUME 4, 2016 we take cipher image that's obtained from the encryption process which is defined in the previous subsection. The cipher image is shown in fig 2c. Then we convert this cipher image into 16 × 16 squares matrices and substitute the inverse s-box used in the encryption substitution process. To produce inv (S u (a, b, p)) of (S u (a, b, p)) the parameters a,b,p and of the S-box generating method must be sent to the receiver as keys.
If the channel is assumed to be noiseless, applying inv(S u (a, b, p)) to I c yields I s −1 . Now in the next step, we take proposed s-box(S v (a, b, p)) and by repeating entries of this s-box we get matrix M s of size 256 × 256. In the last step, we take one by one entry from I s −1 and corresponding entries from M s as a key. Now compute this mathematical expression to get plain image entries as follows where we take p = 256 to restrict the range of entries between 0 and 255.

VII. IMAGE ANALYSIS
A cryptosystem's security is evaluated to see if it can withstand malicious attacks. It should be able to withstand all types of known attacks to be considered good encryption. For this, we employ a variety of ways to counter different forms of attacks. We address the security examination of suggested image encryption in this section, including statistical analysis, histogram analysis, entropy, key-space analysis, and so on, to show that the suggested scheme prevents from the prevalent attacks. After passing through the proposed encryption technique, the simulations are run using various input images of Lena, baboon, deblur, house, and cameraman. Figures 2(a) show the Lena, baboon, deblur, house, and cameraman in their plain form, while Figures 2(b), show their encrypted versions with substitution, and Figures 2(c), show their cipher image's respectively. The results of encryption are visually strong, as can be seen from the encrypted image.

A. KEY ANALYSIS
The key area plays an important role in the encryption and decryption process's security. Cryptoanalysts frequently utilize key attacks to compromise the security of a cryptosystem. As a result, having a high key strength is essential for a robust security system.

1) Key spacing analysis
When the key size of the set of rules is large, it is difficult to use a brute force attack to obtain any information about the encryption or decryption method. If a cryptosystem's key spacing is greater than 2 128 , it usually attracts key space analysis. We employed a 512-bit in our proposed method, which means that the keyspace analysis of our suggested method is considerably greater than 2 128 . We employed seven keys a, b, p, a , b , p , k, and each one is 512-bits, which means that our proposed algorithm's key spacing analysis is significantly bigger than 2 128 . As a result, our suggested scheme has enough key size to withstand any attack from exclusive attackers.

2) Key sensitivity analysis
The keys should be highly sensitive in a secure cryptosystem. This means that a small  The parameters of the ECs employed in the proposed cryptosystem are dependent on the plain images, as shown in Equations (5), (6), (12), and (13). Furthermore, because ECs are extremely sensitive to their parameters, the dynamic S-boxes generated by the suggested approaches are also extremely sensitive to the keys. In the end, this means that the suggested encryption scheme passes the key sensitivity analysis.

B. DIFFERENTIAL ATTACK
An encryption method is stable in opposition to differential attacks if it can create successfully distinct encrypted images from two marginally different simple images. Various techniques are applied to as-sess the robustness of an encryption scheme to a differential attack. The NPCR (Number of pixel change rate) analysis counts how many pixels alternate when one byte of the plain picture is modified. When modifying original data, a precise cryptosystem's NPCR value is near 100. The UACI represents the average difference in strength between the simple gray-scale image and the cipher image. The cryptosystem's strength to differential attacks better as UACI analysis better. The NPCR and UACI analyses are represented in eqs. (14,15) as The original image and one-pixel alteration picture are represented by N 1 (γ 1 , γ 2 ) and N 2 (γ 1 , γ 2 ). The proposed and already exist cryptosystems were analyzed using NPCR and UACI, as shown in Table 6. Table  6 shows that the suggested approach performs well and is resistant to differential attacks.

C. STATISTICAL CRYPTANALYSIS
The entropy test and correlation test are used to evaluate the security of an image encryption technique against statistical attacks. Each of these tests, as well as the outcomes of our proposed methodology for these tests, are discussed below.

1) Entropy test
The entropy of a data collection is a measure of its randomness. Letp x (η) signify the probability of occurrence of the symbol η ∈ ϕ in x for a data collection x over symbols ϕ . The entropy of x is thus defined as H(x) in eq (17) The chance of the pixel x occurring is represented by p(x).  Table 7 shows the entropy findings of the proposed system as well as some of the existing schemes. The outcomes of the new scheme are almost equivalent to 8, which is significantly better than the results of the present scheme, as shown in table 7. As a result, the system can well withstand statistical analysis.

2) Correlation test
Plain-pixels images are highly correlated with each other, allowing them to form a meaningful shape. To create a secure cryptosystem cipher images must have the extremely least correlation between the pixels in such a way the cryptanalyst cannot extract any details. The encryption scheme's major goal is to distort the pixels so that there is the least amount of connection between neighboring pixels in the image's horizontal, diagonal, and vertical axes. An VOLUME 4, 2016 image encryption approach is resilient and well-being enough for security reasons if the ciphered image's correlation coefficient is around zero. The correlation coefficient of two adjacent pixels m and n is represented by the equation below. Table 8 displays the experimental findings of the correlation test of different plain and cipher images along each channel. It is easy to see in this study that the correlation between two neighboring pixels of original images in the vertical, horizontal, and diagonal directions is nearly equal to 1. While the suggested scheme's correlation coefficient results in all directions of two neighboring pixels in encrypted images are approximately 0. Furthermore, in correspondence to some already current related literature, the correlation coefficient results suggest that the suggested encryption system is substantially more efficient and immune to statistical attacks (Figs.3,4 and 5).

3) Histogram test
If the histogram of the cipher image is consistently distributed, a cryptosystem can effectively resist statistical attacks. We ran this test on a number of images, and the results of a few of them are given in Fig. 6. The histogram of images after encryption using the suggested technique is uniformly distributed, as shown in Fig. 6, and thus the proposed security system satisfies the histogram requirement.

D. MEAN SQUARE ERROR (MSE) AND PEAK SIGNAL-TO -NOISE RATIO (PSNR)
Image compression quality is measured using the mean-square error (MSE) and peak signal-to-noise ratio (PSNR where P is the plain image, E is the encrypted image, and D is the decrypted image and M, N and max(P) represent the image's height, width, and maximum feasible value, respectively. Table 9 presents the MSE and PSNR results, which reveal that there is a significant difference between plain and encrypted images for the proposed technique, but no difference between plain and decrypted images.

E. CHI-SQUARE TEST
The histogram analysis is used to visualize the pixels distribution of digital images. This gives image pixels a visual representation. The chi-square test can be used to interpret the uniformity of the pixels distribution numerically. It is calculated using the following formula: where ob(f i ) represents the observed frequency i(i = 0to255) and ex(f 0 ) represents the estimated frequency. The chi-square test results for cipher images are shown in Table 10. According to the chi-square distribution table, X 2 255,0.01 = 311.570 and X 2 255,0.05 = 294.1572 indicate that the chisquare test hypothesis is accepted and a significant level for both values is 1% and 5% respectively. As a result of this, we can say that distribution of pixels is uniform.

F. COMPUTATIONAL COMPLEXITY
The number of bit operations necessary to complete the algorithm is the computational complexity of the scheme. The    ×N 1 ) for the rowcolumn permutation stage. The computational complexity of the diffusion operation of row column is 8(M 1 + N 1 ) resulting in an overall total computational time complexity of the encryption algorithm [36] of O(M x + 9(M 1 + N 1 )) which is nearly equivalent to the suggested algorithm.

VIII. COMPARISON AND DEBATE WITH OTHER ENCRYPTION METHODS
Comparison of our suggested encryption method to other current cryptosystems based on different mathematical structures. Structures like chaotic and dynamic-based image encryption [6] is presented in this subsection. First, apply the confusion step on each pixel and transforms each pixel value into a diffusion step. Apply burgers map on the image of size 256 × 256 to generate a sequence. Now apply this map to permute all rows and columns but this cipher image has not enough resistance against security analysis. The Logis-tic chaotic map is used to create a diffusion mechanism to improve resilience to the above-mentioned attacks. To generate dynamic s-boxes logistic map is iterated. Now divide a permuted image into 16×16 blocks and substitute each block via dynamic sbox. Finally, these substituted blocks are combined into one matrix to get cipher images. While in our proposed image encryption scheme we first obtained dynamic s-boxes through two different maps mentioned in subsection (5.1). We have a grayscale image of size 256 × 256 convert this image into 16 × 16 blocks and apply any one of the above-proposed s-box that's generated with two different techniques to perform the substitution on each block of the image. Now pick another proposed sbox as a key and execute a mathematical operation which is defined in eq. (12) in the proposed image technique to get cipher image entries. For practical applications, the speed of encryption systems is an important consideration. Our proposed technique takes less execution time than the technique defined in [6]. Image encryption schemes based on chaos [1], [2], [4], [9] and [14] which are extremely sophisticated and memory intensive. Similarly, the methodology in [6], [36] and [41] are based on numerous S-boxes and a random no. of increments of different S-boxes, which increases the computational time, but the suggested approach has less computing timing complexity than the current methodology in [ [6], [36], [41]]. The majority of researchers have attempted to combine improved methodologies in order to eliminate the flaws in past work. In this paper, we investigate and compare the proposed cryptosystem to several previous studies, such as ECCs ( [6], [9], [32] - [36]) Entropy, correlation, NPCR, UACI, PSNR, MSE and other evaluation metrics are used to make the comparison. The wellknown encryption algorithms are used to assess all of these criteria on the digitized lena,baboon,house images. Tables [7,8,6,9] show the results of the above-mentioned tests' analysis. The tables [6,7,8,9] clearly show that the suggested system outperforms the specified encryption approaches in terms of security. Similarly, the examination of each channel's correlation coefficient scores in all three directions outperforms the other correlation coefficient scores of various current encryption methods in the table [36]. This demonstrates that the suggested image encryption technique is capable of breaking the correlation between neighboring pixels in the original image in a variety of ways. As a result, the suggested technique is very resistant to standard statistical attacks. Furthermore, in comparison to the most current existing cryptosystems available in ( [6], [32]- [36]), the proposed encryption scheme is preferable for security application reasons because it is endowed with a strong dynamic S-box in terms of non-linearity. Finally, the studies show that the suggested method's diffusion property is surprisingly much superior than methods reported in [ [6], [32]- [36]] in terms of entropy and NPCR security analysis. The proposed encryption algorithm was compared to other recent encryption algorithms are discussed below.
i. The proposed algorithm's entropy information is approximately equivalent to 8, indicating that the proposed cryptosystem increases the randomness of pixel values. When compared to other cryptosystems ( [6], [9], [32] - [36]) have less randomness given in table 6. ii. The value of the correlation analysis can be determined by considering the correlation analysis. The coefficients of correlation are almost 0, indicating that the suggested cryptosystem outperforms when compared to ( [32] - [36]) Other cryptographic algorithms which is discuss in table 7. iii. Table 5 shows that the findings of the proposed cryptosystem's differential attack analysis (NPCR and UACI) are superior to those of other good existing algorithms ( [6], [9], [32]- [36]). iv. Our method X 2 test analysis result in table 10 is lower and higher than the chi-square value of [36], indicating that the suggested work has a high gray scale uniformity. v. Table 11 shows the time complexity of Our proposed scheme are comparatively less than the recent existing encryption method in [36]. This prove our scheme need minimum time for execution. vi. Table 9 shows that plain and cipher images have high MSE and low PSNR when compared to other recently developed encryption techniques in ( [6], [36]), which ensure that the decryption process is completed without information loss.

IX. CONCLUSION
To secure the layout of the digital image, this work provides an asymmetric key cryptosystem primarily based on an EC. We constructed S-box using elliptic curves in the first section of this article. In comparison to the known ECC S-boxes, the newly discovered S-boxes offer improved statistical and algebraic properties. For the newly constructed S-boxes, we put both x and y-coordinates in two different maps and followed by modulo 256 operation.
In the newly constructed image cryptosystem, the plain gray-scale image divides into 16 × 16 blocks and each block contains a 16 × 16 matrix. While using one of the S-box (substitution-box), which has a high nonlinearity value and meets the extreme avalanche conditions, the message image confirmed higher randomness and immunity against different attacks. The other one dynamic S-box provides a key role and creates more confusion in the substituted image by using the proposed image algorithm. Different analyses are used to examine the scheme's security strength, and the results show that the suggested scheme is secure enough to withstand entropy, brute force, and differential attacks. In comparison to other existing image encryption systems, the suggested technique has proved to be resistant to malicious attacks and to have a low time complexity. Finding a way to encrypt a color image using only one cycle of the suggested scheme except increasing processing complexity will be interesting future work.