CASDC: A Cryptographically Secure Data System Based on Two Private Key Images

Colored digital images are one of the most important types of digital data to be used in many vital applications, which require a safe way to protect them from hacking operations and the danger of intruders and data thieves. This paper presents an effective and safe method for storing digitally colored images (CASDC). A high level of protection is provided through a complex secret key agreed upon between the sender and the receiver. The secret key consists of nine decimal digits (and can be increased as needed). These digits are processed to extract three values for each color of the three color channels. A left rotation process is performed for the value of each color to produce three new values, where an exclusion process is performed between them to obtain the encrypted value for the color. CASDC is evaluated against a wide range of images to calculate its throughput to show the extent to which this method fulfills encryption and decryption requirements. The Mean Square Error (MSE) values, Peak Signal Noise Ratio (PSNR), and Correlation Coefficient for the three primary channels of the RGB coloring system were analyzed. The practical results of the proposed method are compared with other standard methods such as Data Encryption Standard (DES), Tripple-DES (3DES), Advanced Encryption Standard (AES), and Blow Fish (BF). According to the obtained results, CASDC outperforms all standard methods in terms of efficiency by reducing the time of encryption and decryption and increasing the throughput of the corresponding process. Besides, CASDC is robust against breaks, as the attempts to break the private key will require hundreds of years in the best case.


I. INTRODUCTION
Colored digital images are one of the most widely used types of digital data through various social media platforms. This wide spread of digital images is due to several reasons, the most important reasons of which are [1], [2], [3], [4]: • Ease of obtaining the digital image at a negligible cost due to the multiplicity of equipment through which images can be generated and the multiplicity of different sources available through the Internet.
• Ease of processing the digital image because the digital color image can be represented by a three-dimensional The associate editor coordinating the review of this manuscript and approving it for publication was Ramakrishnan Srinivasan . matrix (one dimension for each of the three color channels: red, green, and blue).
• The possibility of processing the matrix of each of the three colors separately.
• The use of digital color images in many critical vital applications.
• Ease of applying arithmetic and logical operations to digital color images and the matrix of each of the three colors. One of these operations is rotating to the left for a specified number of digits, as shown in Figure 1 [5], [6], [7], [8]. The colored digital image may be confidential or of a personal nature, or it may be carrying confidential data, which requires providing the necessary protection for it and preventing attempts to penetrate or eavesdrop on it, whether by  unauthorized parties or by data thieves [9], [10], [11], [12]. One of the essential methods used to protect the digital image is the data cryptography method, which means encrypting the image when sending and decrypting the image when it is received. As shown in Figure 2, data cryptography can be applied using a private secret key (PK) and performing operations to form encrypted and decrypted images. PK must be very complex in order to avoid hacking attempts. Also, it must be kept secret between the sender and receiver and should be updatable whenever a need arises [13], [14].
A good way of data encryption and decryption should destroy the data when the encryption becomes incomprehensible and useless, provided that the process of retrieval of the original data is done so that the decrypted data is precisely the same as the original data [15].
The quality of the data can be judged by using some recommended evaluation metrics, including Mean Square Error (MSE), Peak Signal to Noise Ratio (PSNR), and Correlation Coefficient (CC) for the three color channels. These parameters can be calculated between two data sets using equations 1, 2, 3, and 4, as indicated in the studies [13], [15], [16]: MSE of x channel: where m is the number of rows in the cover image, n is the number of columns in the cover image, S ij is the pixel value from the sent image, and R ij is the pixel value from original image Total MSE can be calculated as follows: PSNR is calculated as follows: where MAX I is the maximum signal value that exists in our original ''known to be good'' image Correlation coefficient (CC) is calculated as follows: where x i is the value of the first message,x is the mean of x, y i is the value of the second message, andȳ is the mean of y.
A positive correlation is measured on a 0.1 to 1.0 scale. The stronger the positive correlation, the more likely the two messages are very close. A weak positive correlation would be in the range of 0.1 to 0.3, a moderate positive correlation from 0.3 to 0.5, and a solid positive correlation from 0.5 to 1.0.
Here we have to remember the following: • Decreasing PSNR will increase the distortion degree.
• Increasing MSE will increase the distortion degree.
• Decreasing correlations will increase the distortion degree.
• MSE between the source image and encrypted one must be very high.
• MSE between the source image and decrypted one must equal to zero.
• PSNR between the source image and encrypted one must be very Low.
• PSNR between the source image and decrypted one must equal to infinity.
• CC between the source image and encrypted one must be very low.
• CC between the source image and the decrypted one must equal one. Colored digital images are considered one of the most widely used types of digital data due to their use in multiple vital applications. Therefore, the main objective of this research is to provide an easy-to-implement method to protect the digital image from the risk of penetration by using two secret keys that are difficult to penetrate. This method will be implemented using multiple images to prove its efficiency compared to the standard methods used in data encryption.
What is new in the proposed method is to raise the degree of protection for confidential digital images using a secret key that have the following characteristics: VOLUME 10, 2022 • Ease of key generation. • The generation process does not require large time or memory requirements.
• The PK will increase the key space, making the hacking attempt impossible.
The organization of this research paper is as follows: Section II presents related work. Section III demonstrates the proposed method. Implementation and experimental results are conducted in Section IV, followed by the conclusions in Section V.

II. RELATED WORKS
Image cryptology is the science that studies image cryptography and image cryptanalysis. Image cryptology conceptually resembles data cryptography. However, crucial differences exist due to the intrinsic characteristics of image format. While data is directly encrypted in either block or stream pattern, image encryption differs. Image is stored in a twodimensional array in C ij form, 1 ≤ i ≤ H and 1 ≤ j ≤ W , such that H and W represent the height and the width of the image. C ij represents the color intensity of the image pixel at position (i, j). Intensity depends on the coloring system in use. The grayscale coloring system uses 8 bits to encode an image's pixels, making cryptographic algorithms deal with (8 × H × W ) input. Similarly, the RGB coloring system uses three color channels (i.e., Red, green, and Blue) which make the cryptographic algorithm deal with (3 × 8 × H × W ) input [17].
The nature of images is different from regular data (e.g., system files, text messages, input fields in web pages). Images preserve relationships in bulks alongside multidirections (i.e., horizontal, vertical, and diagonal). Moreover, the coloring system deals with more values than conventional alphabet encoding systems. All these complications bring extra challenges to image cryptography. Any cryptographic image algorithm should scramble intrinsic characteristics in all directions to encounter well-known attacks such as statistical and differential attacks [17], [18]. Additionally, it should maintain a trade-off between robustness and efficiency as image size may grow due to the improvement in the capturing devices and the use of real-time applications [19], [20].
All algorithms mentioned above are defined according to multiple characteristics as follows as in [44], [45], and [46]: • Block size: the data to be encrypted must be divided into equal blocks; block size is fixed.
• Private key: these methods use a fixed-length private key, and this key is used to generate other subkeys needed in the encryption process.
• Efficiency: these methods are used to protect shortlength data, and they are effective, but when used to encrypt digital images, they become inefficient.
• Quality of cryptography: these methods provide good values for the quality parameters (MSE, PSNR, and CC) in both phases: the encryption and decryption phases as declared in the studies [14], [47], [48], [49], [50] • Confusion and Diffusion: these methods alternate between diffusion and confusion to thwart cryptanalysis efforts as proposed by Claude Shannon [51], [52].
• Rounds: Different operation rounds are conducted to perform data cryptography.
• Used data: these methods deal with binary numbers; thus, the data to be encrypted must be converted to binary.
• Simplicity: It is easy to implement and modify.
• Symmetry: These methods are symmetric and use the same key in the encryption and decryption phases.
• Level of protection: Some of these methods can be hacked easily.
RC4 stream cryptographic algorithm approved to be vulnerable to differential attacks exploiting 2 44 chosen plaintext. This is due to the key repetition inherited in the pseudorandom number generator utilized to synchronize key generation between sender and receiver [17].
Chaos-based cryptography algorithms emerged as the trending approach for image encryption [53], [54]. A wide range of variations and hybrid schemes was proposed to enhance its performance [55], [56], [57]. However, many studies advocate the superiority of chaos-based cryptography techniques in terms of robustness [17], [18], [58], [59], [60], [61], [62]. Many other researchers question these claims, raising efficiency and robustness concerns. In many cases, the simplicity of chaotic maps resulted in security breaks [63], [64]. Choosing a chaotic map remains a crucial aspect of any chaos-based cryptography scheme. Simple representations such as logistic maps and tent maps result in less complex and relatively faster schemes. However, such efficiency comes at the expense of robustness. In contrast, sophisticated chaotic maps improve security at the expense of time efficiency [17]. Murillo-Escobar et al. [65] proposed an integral analysis approach to analyze the robustness of chaos-based image cryptography approaches.
We are focusing only on the standard data cryptography methods, which is why we compare the results obtained by the proposed method, namely CASDC, with traditional methods' results. CASDC can encrypt-decrypt any colored image, including medical images; replacing the selected images for implementation with medical images is very easy and does not require any change in the proposed algorithm.

III. CASDC CRYPTOGRAPHIC SCHEME
CASDC is a novel, colored image encryption algorithm. It suits the RGB-coloring system. The key motive behind CASDC is to improve the efficiency of confidential colored image transmission among communication networks, e.g., social media, while maintaining the same levels of robustness similar to standard data encryption schemes. (i.e., DES, 3DES, AES, and BF). CASDC is based on rotation left and XORing operations. The encryption-decryption phases use two PKs to calculate the number of rotation left digits (RLD). RLDs are required to rotate the color value; this PK contains nine decimal digits, three digits for each color (R1, R2, and R3 for the red color, G1, G2, and G3 for the green color, and B1, B2, and B3 for the blue color), these parameters can be calculated from PK by applying remainder and modulus operations. The range of the PK is from (0 to 777777777) decimal, or from 0 to 2E5BF271) hexadecimal, and this range will make the hacking process very difficult. The sequence of colors must be determined and agreed upon between the sender and the receiver. RGB coloring system has 6 different color combinations. Each combination will require 9 decimal digits to encrypt/decrypt the three coloring channels. The size of the key space will be calculated according to Equation 5.
The private key is agreed upon between the sender and the receiver. The PK is kept confidential, with the possibility of modifying it at any moment and when needed without modifying the proposed method. PK can be expanded to more than nine digits, adding extra time to the encryptiondecryption processes. Figure 3 depicts a high-level abstraction of CASDC cryptographic schema. The colored image to be encrypted is split into three matrices, one for each color channel; red, green, and blue. Each pixel of these matrices then undergoes an RLD operation three times using three values of PK; the results of this operation are XORed to obtain a new value for the pixel, which will be padded to the color matrix in the decrypted image. Finally, the three new color matrices are combined to obtain the decrypted colored image.
As indicated in Figure 3, CASDC is a symmetric cryptographic schema, such that the same process can be used for both encryption and decryption phases. The only change is the used key. The agreed key is used in the encryption phase to encrypt the input image. However, in the decryption phase, the decryption key is derived at the recipient part according to Table 1. There are two approaches to implementing the calculation of the decryption key. Either by maintaining a lookup table matching values given Table 2. Alternatively, implement an inline process that calculates the decryption key on the fly. The process has to replace each digit in the key with the corresponding result of subtracting it out of eight. The newly resulted in nine digits number becomes the decryption key.
The key advantage of the symmetric design of CASDC schema is the simpler implementation, particularly for telecommunication devices. Both encryption and decryption phases may utilize the same process regardless of the implementation type (software vs. hardware). The same process used to encrypt images to be sent may be used for decrypting

Algorithm 1 Encryption Phase
Input: Source color image (S), PK Output: Encrypted image (E) 1. Get the image to be encrypted 2. Extract each color matrix (R, G, and B) 3. Get the PK 4. Use PK to find the RLDs(R1, R2, R3, G1, G2, G3, B1, B2, and B3) for each pixel in each color matrix do i. Get A by rotating left the color byte value using the first associated RLD ii. Get B by rotating left the color byte value using the second associated RLD iii. Get C by rotating left the color byte value using the third associated RLD iv. Apply XORing of A, B, and C to get the encrypted color value 5. Combine the obtained color matrices to form the encrypted color image (E). end for received images. At the same time, such a character has a limited benefit for software implementation. It is greatly desirable when considering hardware implementation for limited resources devices such as devices utilized in the Internet of Things (IoT) and smart city applications. Encryption and decryption phases are best described in Algorithm 1 and Algorithm 2, respectively. Figure 4 and Figure 5 show the diagrams of encryption-decryption, while Figure 6 and Figure 7 illustrate an example of encrypting-decrypting a color value.

IV. IMPLEMENTATION AND EXPERIMENTAL RESULTS
The proposed method has been implemented using MATLAB on a computer with an i5 processor, a 2.4 GHz machine, and 8 G Bytes RAM. Multiple images of different sizes were used (up to 6 million bytes), and multiple keys were used to calculate all the values necessary to evaluate the performance and efficiency of the proposed method. Figure 8 depicts the image set used in the implementation, while Table 3 lists the basic information of the images.
As indicated in Table 3, the set of used images varies greatly in dimension and size. All images are colored,   maintaining the same coloring system, which is the RGBcoloring system. The value 345172463 was selected as a PK. Encryption RLDs were calculated as illustrated in Table 2 (R1 = 3, R2 = 4, R3 = 5, G1 = 1, G2 = 7, G3 = 2, B1 = 4, B2 = 6, B3 = 3). Similarly, corresponding decryption RLDs were calculated (R1 = 5, R2 = 4, R3 = 3, G1 = 7, G2 = 1, G3 = 6, B1 = 4, B2 = 2, B3 = 5). Each image was encrypted-decrypted using this key; Figure 9 shows the characteristics of an input image. Figure 10 shows the result of the encryption phase. Plotted histograms provide concrete evidence that CASDC affects the three color channels equally.   The key expected benefit of CASDC schema is to improve the efficiency of encryption-decryption operations.   The efficiency of the CASDC schema was studied in terms of encryption time and throughput. Encryption time is measured in seconds (sec), while throughput is measured in bytes per second (bps). Table 4 compares the set of used images, Figure 8, in terms of both metrics. Encryption time varies significantly, which is explainable due to the variation in image size. When considering the throughput metric, results are very close among all images, with average encryption throughput equivalent to 3237.2 bps.
Robustness remains the key requirement of any cryptographic schema. The robustness of the CASDC schema was investigated by studying its performance against MSE, PSNR, and CC metrics. MSE, PSNR were calculated to each image according to the equations 1, 2, and 3. CC was computed three times for each image, once for each color channel, according to the equation 4. Table 5 shows the obtained quality parameter results. All images attain extremely high values of MSE and PSNR, indicating irrelevance between plain and encrypted images. Similarly, CC values of the three color channels were too low for all images. This indicates no correlation between input images and corresponding encrypted images. The MSE, PSNR, and CC values between the original images and the decrypted image were 0, infinite, and 1, respectively, which means that the original image was completely recovered and the decrypted image is identical to the source image.
From Tables 4 and 5 we can draw the following facts: • The values of MSE were very high, meaning that the original image was fully destructed, and the proposed method meets the data encryption requirement.
• The values of PSNR were very low, meaning that the original image was fully destructed, and the proposed method meets the data encryption requirement.
• The values of CC were very low, meaning that the original image does not match the encrypted one, and it was fully destructed, and the proposed method meets the requirement of data encryption.
• The proposed method has good throughput, and the average throughput was equal to 3237.2 byte per second.
• The encryption time will increase when increasing the image size, and there is a linear relationship between the image size and the encryption (decryption) time; see Figure 11.
• A regression analysis was implemented between the image size and the encryption time, and equation 6 shows the relationship between them: where tt is the total time of the encryption process, and IS is the image size. From equation 6, we can see that the time complexity of the proposed method is O(N ), where N is the image size. In addition to the facts mentioned above, it is challenging to hack the PK; below is the hacking time calculation in the best case: Average penetration (hacking) time per attempt = 509.6630 sec.
Total   The same images were encrypted and decrypted using another PK with a value of 725134264. Figure 12 and Figure 13 show sample outputs, while Tables 6 and 7 show the obtained experimental results.
From the results shown in Tables 4, 5, 6, and 7, we can see that when using another PK, the proposed method keeps the efficiency and quality parameters excellent and acceptable.
For comparisons purposes, the standard methods of data cryptography methods (DES, 3DES, AES, and BF) were tested using the same images; Table 8 lists the encryption time for each image in the used dataset in addition to the throughput for each of the standard methods. Table 9 summarizes the throughput for the standard and proposed methods. Here we can see that the proposed method drastically decreases the encryption time (thus increases the cryptography throughput significantly), and the proposed method has a significant speedup compared with other methods that reach up to 8.41, as shown in Table 10. Speedup is

V. CONCLUSION
A secure method has been proposed to protect color digital images from unauthorized users, intruders, and data thieves. The high degree of digital image security was achieved through a special key that was used to generate three values for each of the three color channels. These values of the private key are used to determine the RLDs for each color and were used to produce three values that are the product of the left rotation process for the color value and a specified number of digits. The resulting three values were XORed to get the encrypted pixel. The proposed method minimized the encryption and decryption time, the results of the proposed method were compared with the results of standard methods of data cryptography, and it was shown that the proposed method has a significant speedup. Thus it maximizes the cryptography process throughput.
Furthermore, it was shown that there is a linear relationship between the image size and the encryption time; the time complexity of the proposed method is O (N ). The proposed method was tested using various color images and PKs, and the obtained experimental results showed that the proposed method provided good MSE, PSNR, and CC; thus, it satisfied the requirements of robust and secure cryptography. ZIAD ALQADI received the B.E., M.E., and Dr.Eng. degrees from the Kiev Polytechnic Institute, in 1980, 1983, and 1986, respectively. Since 1986, he has been a Researcher with the Department of Electrical Engineering, Amman Applied College, where he has been an Assistant Professor, since 1991. He has been an Associate Professor at the Faculty of Engineering Technology, since 1996. He has been a Professor at Al-Balqa Applied University, since 2010. His research interests include signal processing, image processing, data security, and parallel processing.