Image Encryption Based on Improved Lorenz System

This paper proposes a new method to strengthen the nonlinear kinetic complexity and ergodicity of Lorenz system. Through the analysis of auto-correlation, frequency distribution, approximate entropy and information entropy, the improved Lorenz system has better dynamical properties than Lorenz system. According to NIST-800-22 test results, the chaotic sequences generated from proposed system have passed all random tests, which denotes that the improved Lorenz system is applicable to chaotic encryption. Once the plaintext image is color, the size of scramble image is three times as big as plaintext image, so that a lot more pixel information participant in permutation and diffusion to get better encryption results. Simulation results show that the image encryption scheme provides good security and high capacity to resist common attacks.


I. INTRODUCTION
Since Lorenz proposed the first two scrolls system in 1963 [1], chaotic systems have attracted attention of scientific community due to their vast applications in many areas such as physics, biology, complex networks, economics and so on [2]- [6]. Non-predictability, ergodicity, random-like behavior, and high sensitivity to initial conditions are the main characteristics of chaotic systems, which can be used in encryption and secure communication [7]- [20]. Generally, diffusion and permutation are two significant steps in chaotic image encryption. In permutation phase, strong correlations between adjacent pixels are masked. In the diffusion phase, pixel values are replaced by mutual diffusion among different pixels, so that the important and valid information of plaintext-image are concealed. In many proposed chaotic image encryption algorithms, Lorenz system as pseudo random number generator (PRNG) to generate chaotic sequences. Obaida et al. applied Lorenz system to digital image encryption, and embedded hash value of The associate editor coordinating the review of this manuscript and approving it for publication was Jun Wang. the plain image in the proposed cryptosystem to increase the security level [21]. Amir has proposed a robust image encryption scheme for low profile applications based on chaotic Lorenz system [22]. Younas and Khan combined inverse left almost semi group with Lorenz system in image encryption scheme to obtain better confusion and diffusion effect through a modern substitution-permutation network [23]. Hussain et al. have designed a cryptographically strong systems based on proposed S-boxes and Lorenz chaotic system [24]. Girdhar and Kumar hybridized Lorenz system and Rossler system to generate the random sequence, and applied the rules of DNA cryptosystem to encrypt image [25].
However, dimension, complexity and ergodicity of Lorenz system are limited, therefore the original Lorenz system is improved or modified in many investigations to achieve better encryption results. Kaur and Kumar generated six random sequences by Lorenz-like chaotic system with varying bifurcation parameter [26]. It is obvious that, hyper-chaotic systems possess more complex dynamical characteristics and higher randomness than low-dimensional chaotic systems, so that hyper-Lorenz system is more applicable to image encryption [27]- [29]. Usman et al. proposed Walsh compressed quantum spinning chaotic Lorenz system to satisfy the need of fast computing and quantum encryption [27]. Ran et al. have coupled two Lorenz system and obtained hyper-Lorenz system, which is injected impulse during the iteration process in order to counter the degeneration of dynamics [30].
In this paper, the motivations of our work are included as follows: (1) In order to strengthen the complexity and ergodicity of Lorenz system, we have added delay coupling and mod function to Lorenz system, and enhanced complexity and ergodicity of Lorenz system effectively according to the analysis of auto correlation, frequency distribution, approximate entropy and information entropy.
(2) To avoid attacker gain the random value of the proposed system through the selection of different plaintext images, the keys derive from plaintext image. Furthermore, the key space can be enlarged greatly by increase of key number.
(3) To make the information of plaintext image participant the permutation and diffusion more sufficiently, the scramble image has three times the size of plaintext image for color plaintext image. This permutation operation will not increase the burden of transmission or storage, because we just transfer the information of R, B, G components of plaintext image to the scramble image. If the the plaintext image is gray, scramble image has the same size as plaintext image. The experimental results showed that our proposed encryption scheme has high security.
The rest of the paper is organized as follows: Section II presents basic mechanism and analysis of improved Lorenz system. Our encryption and decryption algorithm are depicted in Section III. Simulation results and security analyses are provided in Section IV and V respectively. Section VI and VII present the statistical and robust analysis respectively. Finally, this paper is concluded in Section VIII.

II. IMPROVED LORENZ SYSTEM
A. BASIC MECHANISM Lorenz system is one of the most widely used chaotic system, especially in image encryption. The mathematical model of Lorenz system can be described as follow: where chaos of Eq. (1) is determined by the parameters a, b and c. As shown in Figure 1, we modified the form of Eq. (1) as: The form ofx (t),ŷ (t) andẑ (t) is designed as where the function f (x(t), and f (z (t) , z (t − τ ) , t) are described as Eq. (4), and τ > 0 is delayed time.

B. EXPERIMENT RESULTS
In experiment, the initial values of Lorenz system are fixed as x 0 = 0.01, y 0 = 0.02 and z 0 = 0.02. The initial values of improved system are the same as Lorenz system. Taking parameters a = 20, b = 50 and c = 8. Delayed time τ is fixed as τ = 1. As shown in Figure 2, our proposed system can break the two scrolls attractor structure totally and make the attractor as the noise-like pattern, which denotes that proposed system has better ergodicity than Lorenz system. As shown in Figure 3, temporal evolution of proposed system oscillates more seriously than Lorenz system. The trajectories of improved system are random-like and ergodic with no apparent cycle in the phase space.

C. APPROXIMATE ENTROPY
The complexity of time series can be measured by approximate entropy (AE) [31], given a time-series of data {u (i) , i = 1, 2, · · · , N }, reconstruct this series as: where X i is a m-dimentional vector. Calculate the distance between x i and x j as Given a threshold r ∈ [0.2, 0.3], Let K be the number satisfying the equation d ij ≤ r ×SD, where SD is the standard value of the sequence, then we define where C m i (r) = K N −m , then the AE of a sequence can be calculated as φ m − φ m+1 . As shown in Figure 4, the AE of proposed system is larger than Lorenz system, Lorenz-like system [26] and coupled Lorenz system [27] with different precisions, which demonstrates that proposed system can strengthen the complexity of Lorenz system greatly.

D. INFORMATION ENTROPY
Shannon proposed information entropy in 1948 [32], and the degree of confusion can be characterized by information entropy. The system is more ordered, information entropy is  lower. It is defined as: where s is information source, N demonstrates the number of states, P (s i ) indicates the probability of occurrence of s i . The sequences x, y, z,x,ŷ andẑ are hypothesized to 256 states, in theory the maximum information entropy of each sequence is log 2 256 = 8. As shown in Figure 5, all entropy value of our proposed system is close to 7.8, which is bigger than the other systems.

E. AUTO CORRELATION
Auto correlation (AC) is also a significant factor used to evaluate the dynamical characteristics of a chaotic system. The correlation is defined as follow [33]: where x i and y i represent the ith sequences,x and y are the average of sequence x and y respectively. Figure 6 (a), (b) and (c) show the auto-correlations of Lorenz system. As shown in Figure 6 (c), the autocorrelation of z is much stronger than x and y. As shown in Figure 6 (d), (e) and (f), the autocorrelation of adjacent orbits of the proposed system is weaker than the Lorenz system. Auto-correlation function of improved Lorenz system has a small main peak, and the side lobes are rarely low and even virtually invisible, which demonstrates that our proposed system are good random. Figure 7 depicts the frequency distribution of Lorenz system and proposed system, where the whole interval is divided into 500 equal sub-intervals. It can be seen that the distribution of proposed system is much more homogeneous than Lorenz system. Therefore, the proposed perturbation method can resist frequency attack effectively.

G. NIST-800-22 STATISTICAL TESTS
The NIST-800-22 test was designed to assess the performance of Pseudo Random Number Generator (PRBG) [34]. We can judge whether or not a chaotic binary sequence is suitable to cryptographic algorithm based on the results of NIST If p < 0.01, the sequence is not random. If p = 1, the sequence is completely random. If p = 0, the sequence is not at all random. Moreover, p value is bigger, the randomness of the sequence is better. Table 1 shows NIST tests of PRNG, which can be found sequence of improved Lorenz system passes all random tests.

III. ENCRYPTION AND DECRYPTION ALGORITHMS A. ENCRYPTION ALGORITHM
Suppose that a plaintext image P with a size of M × N is given. If plaintext image is a color image, P is converted into R, G and B components, and we can obtain three matrixes P r , P g and P b , the size of each color's matrix is M × N , where the pixel values range from 0 to 255. The encryption process is as follows.
Step 1. When plaintext image is color, construct a big matrix S = P r , P g , P b , so that the information of P r , P g and P b is transferred to a big matrix S; when plaintext image is gray, the matrix S is built as S = P to avoid additional burdens of transmission or storage.
We apply sequencing index function to S as follow: where [·, ·] = sort(·) is the sequencing index function, is the new sequence after ascending to S, and q = [q 1 , q 2 , · · · , q M ×3N ] is the index value of H . Then, we have We utilize Eq. (11) to generate K keys as VOLUME 8, 2020  where k ∈ [1, 2, · · · , K ], and average value d = K k=1 d k /K is obtained, K is assumed as K ≥ 3 to satisfy the inequality 10 14K > 2 100 .
In this article, the keys are associated with plaintext images, if plaintext images are different, the keys will be updated. The update of keys may bring encryption inconvenience, but which will improve security of algorithm, because the attacker cannot obtain the random value of the improved system by selecting different plaintext images [35].
The initial values, and parameter a, b and c of the Eq. (2) can be calculated by the follows: , and sum is calculated as Step 2. Generate three sequencesx,ŷ andẑ with the length of M × N and reshapex,ŷ andẑ as Eq. (12), then spliced them together into two big matrixes W 1 and W 2 as Eq. (13): If plaintext image is gray, matrixes W 1 and W 2 are built as: Step 3. Create a new matrix by using the following method: where i = 1, 2, · · · , M and j = 1, 2, · · · , 3N . If plaintext image is gray, j = 1, 2, · · · , N .
Step 4. Replace the values of the first column of W with D, and obtain a new matrix , where D is calculated as: and Step 5. Apply sequencing index function to each row of according to Eq. (9), and obtain the index matrix U , then select the pixels of S according to the follow law: Step 6. Replace the values of the first row of W with D, and obtain a new matrix .
Step 7. Apply sequencing index function to each column of according to Eq. (9), and obtain the index matrix V , then select the pixels of T 1 according to Eq. (17): As shown in Figure 8, an example with the color image size of 3 × 4 is used to better explain the process of permutation. A good diffusion property of encryption should make cipher-text image sensitive to the change of plaintext. Usually, XOR operation is a manipulation on the level of bit, but addition operation is a manipulation on the level of pixel. We combine XOR operation with addition operation to enhance the effectiveness of diffusion.
Step 8. We generated three chaotic sequences as: then reshape three matrixesX 1 ,X 2 andX 3 as Step 9. We build two big matrixesW 1 andW 2 according to Eq. (13) byX 1 ,X 2 andX 3 , and regenerate the matrixW as: The manipulation diffusion is defined as If plaintext image is gray, the diffusion operation is defined as where ⊕ is the bit wise XOR operation, and θ is the maximum value of pixel in plaintext-image.
Step 10. Let C = reshape(C, [M , 3N ]), and split the matrix C into three equal-sized small matrixes as R, G and B components. Combine R, G and B components into an image, and cipher-image is obtained. If plaintext image is gray, let C = reshape (C, [M , N ]), and obtain the cipher-image.
The image encryption scheme is shown by Figure 9.

B. DECRYPTION ALGORITHM
The decryption procedure is a reverse process of encryption procedure.
Step 1. We remove the diffusion effect from the last pixel to the first pixel using the following formulae.  where M × N is the size of of cipher-image C.
Step 3. Eliminate the row confusion effect as follow: Step 4. If cipher-image is color, split the matrix S into three small matrixes with the same size as the three components of a color image, which are combined together, and a color  plaintext-image is obtained; If cipher-image is gray, S is equal to P, and gray plaintext-image is obtained.

IV. EXPERIMENTAL RESULTS
A good image encryption algorithm should encrypt different kinds of image into unrecognized cipher-image. As shown in Figure 10 (b), the four types of plaintext-image have different properties of histograms, but their cipher-images are all random-like. As shown in Figure 10 (d), the distribution of pixel values of cipher-images is harmonious, and attracters can't obtain useful information from histograms of cipher-images. VOLUME 8, 2020   Figure 11 (d), the cipher-images are completely different even if the change in the keys is very slight. As Figure 12 (b) demonstrates, the decrypted image was exactly the same as the original plaintext image with the correct keys d k , where k = 1, 2, · · · , 5. The decrypted images are randomlike although the change of keys is slight as shown in Figure 12 (c), (d) and (e).

B. KEY SPACE
The key space should be large enough to resist exhaustive attacks. According to Figure 11 and 12, the operational precision of d k was fixed as 10 −14 . When we considered the precision of d k , the key space size was 10 14K (K = 5), it is approximately 2 232 and much larger than the security  requirement for a key space of 2 100 [36]. It's obvious that, brute-force attacks on our encryption algorithm is infeasible. Furthermore, the key space can be enlarged greatly by increase of K .

VI. STATISTICAL ANALYSIS A. CORRELATION COEFFICIENT
In general, there are strong correlations between adjacent pixels in a plaintext image, the correlations between two adjacent VOLUME 8, 2020  pixels need to be decreased in the ciphered image to resist statistical attacks. The correlations between the horizontal, vertical, and diagonal adjacent pixels can be calculated by 3000 randomly selected pairs of adjacent pixels from the plaintext image and encrypted image as follows [37]: where The correlations between adjacent pixels in the plaintext image and encrypted image are shown in Table 2, which demonstrates that the correlations of ciphered image were much smaller than the plain image of ''Lena''.
The correlation between R, G, B components of an image can be measured intuitively and amply by AC [38]. Similar to Eq. (8), it is defined as: where X i and X i+1 is a pixel sequence and another pixel sequence from different components respectively, E [·] is the mathematical expectation. Figure 13 and 14 depicts the correlations between R, G, B components of the plain color image Lena and its cipherimage respectively. It's obvious that, the correlation values between R, G, B components of cipher-image is much smaller than plaintext-image, it means that the proposed encryption algorithm can mask the correlations between R, G, B components effectively.

B. INFORMATION ENTROPY
Randomness of an image is measured by information entropy. Similar to Eq. (7), it can be calculated as follows:  where ν(s i ) is the probability of symbol s i and N is the bit depth of the image. The information entropies for the encrypted ''Lena'', ''Pepper'' and ''Baboon'' images are listed in Table 3. The experimental results showed that the information entropies of the encrypted images were close to 8.

C. DIFFERENCE ATTACK ANALYSIS
An excellent image encryption tactics should differential attacks sensitively, which can be measured based on NPCR and NPCR as follows [39]: (29) where the width and height of the image is represented by F and G respectively, E (i, j) and E (i, j) are the ith row and jth pixel values from ciphered images before and after one pixel of the plain image been changed respectively, and ω (i, j) is determined as The keys of our proposed encryption scheme are based on the plaintext image, so even if only one pixel of plaintext image is changed, the change in the ciphered image is significant, which can make differential attacks ineffective. Table 4 shows the NPCR and UACI results for ''Lena'', ''Pepper'' and ''Baboon'' where all the NPCR and UACI scores are close to the expected values, where the expected values of NPCR and UACI are as NPCR = 99.6094%, UACI = 33.4635% [37]. Figure 15 denotes the experimental results of data loss attack to the encrypted images. The quality of the decrypted images decreases as the data loss size increases as shown in Figure 15 (e)-(g). As shown in Figure 15 (h), the main information of the plaintext images can be recognized despite of some date modification, because there are correlations between loss data and reserved data.

VII. ROBUSTNESS ANALYSIS
In order to test the resistance of noise attack, we add salted pepper noise to the encrypted images. As the Figure 16 shown, quality of the decrypted images is degraded with the increase of noise intensity, but the decrypted images still be identified. Therefore, the proposed encryption scheme can highly robust against noise and loss attacks.

VIII. CONCLUSION
In this study, we have proposed an image encryption scheme based on improved Lorenz system. The proposed system has more complex kinetic properties than Lorenz system, therefore it is more suitable to encrypt image. In encryption algorithm, the keys are associated with plaintext-image to update the keys with the change of plaintext image, and key space is large enough to resist attacks of brute-force. Through the analysis of key security, protection against differential attack, information entropy and correlation, we can see that our proposed system can encrypt different kinds of images into random-like cipher-images with high security level.