Image Encryption Algorithm Based on Bit-Level Permutation and Dynamic Overlap Diffusion

In order to guarantee the security of digital images, image encryption is a good tool. This article puts forward a novel image encryption/decryption algorithm based on bit-level permutation and dynamic overlap diffusion. Firstly, location information set by users is used to scramble the plain image in the bit-level, changing the pixel position of the image while changing the pixel value. Then, using the plaintext related method to control the iteration parameters of Arnold transform. These two parts together form the permutation process of the algorithm. Thirdly, the overlap steps are set according to the encryption security requirements, and dynamic overlap diffusion is performed on the permutation image. At the same time, the plaintext information entropy and variance are used to update the diffusion key in the five-dimensional hyperchaotic system to achieve the plaintext correlation of the encryption key. Arnold transform and dynamic overlap diffusion can ensure that different key streams are generated when encrypting different images. Finally, experimental analysis and numerical simulation show that our algorithm has high efficiency, high security, high sensitivity, and can effectively resist various attacks.


I. INTRODUCTION
Text information and multimedia information are the main ways of current information transmission. As an important part of multimedia information transmission, images can better reflect the static characteristics of real objects. As important data information for multimedia transmission, the security of digital images cannot be ignored. The biggest difference between images and text is the correlation between image pixels and high redundancy. Therefore, the field of image encryption has become a hot field of current research [1]- [4]. In recent years, a lot of image encryption algorithms have appeared.
An image encryption algorithm is usually processes pixel-level data [5]- [7], block-level data [8]- [10], DNA-level The associate editor coordinating the review of this manuscript and approving it for publication was Mehul S. Raval . data [11]- [13] or bit-level data [14]- [16]. Encryption algorithms associated with low-level data usually show better performance in image encryption [16]. Therefore, more and more researchers have shifted their research focus to bit-level image encryption.
In 2018, Guodong Ye et al. [5] proposed a new and efficient pixel-level image encryption algorithm, this algorithm enhances the connection between pixel position reorganization and gray value change, and a new type of permutationrewriting-diffusion structure is proposed to enhance the system's resistance to attack. Fu et al. [15] used the chaotic system to perform bit-level permutation in the literature, which overcomes the shortcoming of pixel permutation only by disturbing the pixel position. This method can simultaneously perform pixel permutation and diffusion. In 2019, Wang et al. [17] proposed an image encryption algorithm based on bit-combination scrambling and dynamic diffusion is proposed based on multiple chaotic systems. In their method, they proposed a diffusion method called dynamic diffusion, it has N modes of diffusion, where N is the number of pixel values. However, in the above encryption method, the scrambling process and the diffusion process are independent.
Traditional encryption algorithms such as AES, DES, IDEA [18]- [20] take a long time to calculate and have high computational strength, so it is not suitable for image encryption [21]- [23]. The word ''Chaos'' was first proposed by Tianyan Li and J.A. Yorke in 1975 [24]. They gave a mathematical definition of chaos in the ''Period Three Implies Chaos''. The basic characteristics of the chaotic system and the natural relationship of cryptography are mentioned in Shannon's 1949 classic ''Communication Theory of Secrecy Systems'' [25]. Chaotic systems are widely used in the field of image encryption due to its inherent complexity, sensitivity to initial values, uncertainty and so on. Since Fridrich first applied a chaotic encryption method to image encryption in 1997 [26], chaotic image encryption technology has become a hotspot in digital image encryption technology. In 2006, Indian scholars Pareek et al. [4] designed an image encryption method based on the chaotic logic mapping. In the proposed encryption process, eight different types of operations were utilized to encrypt the pixels of the image, this way can increase the complexity of the encryption process.
Chaotic systems can be divided into two types: low-dimensional chaotic systems and high-dimensional chaotic systems. Low-dimensional systems have a simple structure and fewer parameters, so it is difficult to guarantee the security of images [4], [22], [27]- [29]. High-dimensional chaotic systems have high complexity and are more prone to hyperchaotic states, so they have been widely used in the field of image encryption [13], [30]- [34]. In the literature [31], a hyperchaotic system of five-dimensional hyperchaotic is proposed, which has complex dynamic behavior, so a large encryption scheme with large keyspace can be generated using its great number of parameters. Qi Yin and co-workers [35] propose a dynamic diffusion method in order to enhance the security of the cipher system, which can ensure that encrypting each pixel is related to all other pixels and can enhance the sensitivity of the cryptosystem. In [36], a novel bit-level image encryption algorithm is proposed based on piecewise linear chaotic map. The main innovation is the cyclic shift operation of the diffusion stage, which can effectively spread the pixels, this process requires repeated operations, so the image encryption is not efficient.
Motivated by the above, we propose an image encryption algorithm which based on bit-level permutation, Arnold transform and dynamic overlap diffusion. Our contributions are summarized as follows: • A new bit-level scrambling scheme is designed, this method can make permutation and diffusion processes to proceed at the same time, which greatly improving encryption efficiency.
• A dynamic overlap diffusion method is proposed, which uses the hyperchaotic matrix to realize the dynamic overlap diffusion function of pixels.
• To ensure the relevance of the key with plaintext, a set of key update schemes are given, including a diffusion key stream update scheme for plaintext information entropy and variance and a plaintext update scheme for Arnold transform parameters. The rest of this article is organized as follows. In Section 2, the basic theories of Arnold transform and the five-dimensional hyperchaotic system are described. In Section 3, the processes of image encryption and decryption are described in detail. The simulation results and performance analysis are shown in Section 4. Finally, this article is concluded in the last section.

II. PRELIMINARY WORK A. ARNOLD TRANSFORM
In this article, Arnold transform is employed to change the pixel positions in the plain image, the original position of the pixel is denoted as (α, β), the position of the permutation image is denoted as (α , β ), and the definition of general Arnold transform is given in (1) [37]: where a, b are parameters, N is the height or width of the image, and t is the number of iterations. Equation (1) is a classical two-dimensional Arnold map when N = 256 and a = b = 1. Perform Arnold transform system (1) t times to ensure that the permutation process is sufficient. The inverse Arnold transform is derived according to (1), that is, the corresponding permutation inverse process for decryption is shown in (2).

III. ENCRYPTION/DECRYPTION SCHEME
This section is divided into two parts: the encryption process and the decryption process. Due to the symmetry of the algorithm, the decryption process is the reverse of the encryption process, the image encryption algorithm will be described in detail. The encryption process is divided into two aspects. One aspect is based on the scrambling process of bit-level matrix operation and Arnold transform. The other is the dynamic overlap diffusion method which based on chaotic map.

A. ENCRYPTION ALGORITHM
Take the 8-bit grayscale image as the plain image. The encryption process is shown in Fig.4. In terms of color image encryption, separate the color components of the image, and encrypt each color component separately to obtain the same encryption effect as the grayscale image.

1) PERMUTATION PROCESS
Step 1. Decompose the plain image to bit-level image matrices. The gray value of each pixel in the plain image is represented by an 8-bit binary number. Extract the last bit of each binary number to form a bit-level matrix blm (1). The seventh bit of each binary number is extracted to form a bit-level matrix blm (2). We can derive the rest from each binary number until the first bit of each binary number is used to form a bit-level matrix blm (8): where bitget() is the extracted bit value function, and P is the plain image, i = 1, 2, . . . , 8.
Step 2. The bit-level matrix blm(i) performs matrix transformation in order from top to bottom and from left to right, and then obtains a one-dimensional bit sequence Sblm(i).
Step 4. Combine every 8 elements in RasM to form a new 8-bit binary sequence and convert it to decimal. Reshape the decimal sequence into a matrix to an M × N matrix.
Step 5. Arnold transform is performed on this decimal matrix, and the matrix is scrambled to obtain a pixel-level permutation image PBimg. The specific Arnold transform is described in Section 2. The formula for the number of iterations t of the Arnold transform is defined by (6): where M and N represent the length and width of the image, respectively, P represents the plain image and rem() is the remainder function. Taking into account the following three factors, i.e., the periodicity of the Arnold transform, whether the transformation is sufficient, and the encryption/decryption time, we set 10 ≤ d ≤ 50, in which d is a positive integer set by the user to control the number of iterations. If d exceeds the upper limit of the range, excessive encryption/decryption time will be consumed. By controlling the range of parameter d, the security performance and encryption time can be balanced. Under the premise of ensuring the encryption security of the application level, the encryption time is not too long. The acquisition process of the bit-level permutation image is shown in Fig.5.

2) DIFFUSION PROCESS
Step 6. The pixel-level permutation image PBimg of size according to the method shown in (7): where m is a partition block size, which is a positive integer divisible by M × N .
Step 7. The matrix FM is divided into F permutation blocks ZB j (j = 0, 1, . . . , F − 1) which size is m × m. The segmentation method is as shown in (8): VOLUME 8, 2020 Step 8. Iterate the five-dimensional hyperchaotic system (3) Tc times to obtain the matrix HCM . Tc is the number of iterations of the five-dimensional hyperchaotic system.
Map the element values of the matrix HCM to a positive integer between 0 and 255, as shown in (11). Step 9. Discard the first tt r rows in HCM 255, starting from the (tt r + 1) − th row, obtain M × N elements from HCM 255, and then rearrange these elements into a matrix FCM r of size m × M ×N m , r is a counter with an initial value of 1. The diffusion process will be executed cyclically n times, each time a different diffusion key will be taken from the HCM 255 to enhance the security of the encryption algorithm. FCM r represents the r-th diffusion key obtained from HCM 255.
Step 10. The chaotic matrix FCM r is divided into F chaotic blocks BFCM j of size m × m. The segmentation method is shown as (12): where st is the segment step size of the chaotic matrix, st ≤ ST , p(r) is the starting position of the matrix FCM r intercepted from the matrix HCM 255. The calculation method of p(r) is as follows: is the variance of the histogram of the image img. Since p(r) represents the starting position of the matrix, when p(r) = 0, its value should be reassigned to 1. The information entropy and variance calculation formula are shown as (14) and (15) [38]: where L is the total number of pixels in the cipher image, s i indicates the i-th pixel value, p(s i ) represents the probability of s i , img is the vector of the histogram values and img = {img 1 , img 2 , . . . , img 256 }. img i and img j represent the gray values of the i-th and j-th pixels in the image img, respectively.
Here img indicates the plain image. Since the information entropy and variance of different images are different, we introduce them in the diffusion key, making the key related to the plaintext. In this way, even if the user uses the same encryption keys, the diffusion keys generated when encrypting different images are not the same, and the security of ''one key one time'' is truly achieved.
When the matrix block BFCM j reaches the end of the matrix FCM r and the number of FCM r columns is insufficient, continue traversing from the first column of FCM r , record this column number as (M × N )/(m + 1), and the number of subsequent columns increases sequentially.
Step 11. The permutation blocks ZB j and the chaotic block BFCM j are diffused to obtain the diffusion image block KB j as shown in (16): where ⊕ means bitwise XOR operation.
Step 12. The diffusion image block KB j is arranged in a matrix segmentation step size ST to get a diffusion matrix KC: The diffusion image blocks KB j are overlapped in the matrix KC with a step size of ST , and the part covered in the previous block by the next image block is automatically discarded. When M ×N m is not equal to m + ST × (F − 1), the number of columns res at the end of FM is not enough to form a matrix block, add the remaining matrix directly at the end of the KC matrix. Finally, a diffusion matrix KM of size Step 13. The KC is rearranged in order from top to bottom, left to right, and we get the FNimg of size M × N . Determine whether r and n are equal. If not, replace PBimg with FNimg, add 1 to r and return to Step 6. If r is equal to n, the FNimg is the final cipher image of size M × N . n is the number of diffusion cycles set by the user. The detailed process of diffusion is shown in Fig.6.

B. DECRYPTION PROCESS
The algorithm proposed in this article is a symmetric encryption algorithm, so the decryption process is the inverse of the encryption process. The specific decryption process is shown in Fig.7.

IV. EXPERIMENTAL SIMULATION AND NUMERICAL ANALYSIS A. RESULTS
In order to facilitate analysis and comparison of the security performance of the proposed algorithm, we used three grayscale images ''Baboon'', ''Peppers'', ''Lena'', and three color images ''Cornfield'', ''Flower'', ''Lena'' with the size of 256 × 256 as test images. The constant parameter values of the scrambling process are  Table 1. The following simulation experiments run on Windows 10 operating system, Intel Core 1.7G CPU, 8GB RAM, 480G hard disk and the experiment is performed using MATLAB 2015. The encryption and decryption results of the two grayscale images ''Baboon'', ''Peppers'', and the two color images ''Cornfield'', ''Flower'' are shown in Fig.8.

B. ANALYSIS OF ENCRYPTION/DECRYPTION SPEED
We use 10 different encryption keys to encrypt 8 different grayscale images, and calculate that the average encryption time of the encryption algorithm for the grayscale image is 0.178s. The average encryption time of a color image VOLUME 8, 2020  is three times of a grayscale image, which is 0.535s. Table 2 lists the encryption/decryption time and encryption/decryption speed of our algorithm. The encryption speed = the size of the image × 8bits/encryption time, and the decryption speed = the size of image × 8bits/decryption time.
It can be calculated from the table that the average encryption speed for the grayscale image is 2.95Mbps and  the average decryption speed is 2.85Mbps, both of which are three times that of the color image.
From the data in Table 2, it can be seen that the encryption algorithm proposed in this article is faster than literature [7], [14], and [39].

C. KEY SPACE ANALYSIS
The secret key of our proposed encryption algorithm is composed of Arnold transform parameters a, b, d, the initial keys, and the control parameters x 0 , y 0 , z 0 , u 0 , w 0 , h 1 , k 1 , k 2 of five-dimensional hyperchaotic system, segment step size ST and st, matrix block size m, and the number of diffusion times n. If the precision of each initial key is 10 −16 , the key space of our algorithm is (10 16 ) 15 = 10 240 2 100 . According to the average encryption speed, an exhaustive attack takes about 1.03×10 232 years to traverse the entire key space. Similarly, an exhaustive attack takes about 1.03×10 232 years to try all the key space according to the average decryption speed. So the cryptographic system can resist brute-force attacks effectively [38], [40].

D. STATISTICAL ANALYSIS
The cipher image requires certain randomness between the pixels of the image. The important indicator for statistical analysis is the histogram analysis and the correlation between adjacent pixels.

1) HISTOGRAM ANALYSIS
The frequency at which each gray level appears can be clearly seen in the histogram. The more irregular the pixel distribution, the more uniform the corresponding histogram distribution should be. The histogram of the plain image and the histogram of the cipher image of the two grayscale images and one color image tested in this article are shown in Fig.9 and Fig.10.
To further analyze the histogram, the variance of the encrypted image histogram is used to measure the uniformity of image encryption. When the keys are different, the closer the two variance values are, the higher uniformity of the encrypted image. The variance of the histogram is shown in (15).   To verify the uniformity of the encrypted image, we use the five keys key 1 , key 2 , key 3 , key 4 , and key 5 in Table 1 to encrypt four test images respectively. The analysis of the histogram variance is performed on the encrypted images, and the analysis results are listed in Table 3.
The variance stability rate is used to measure the stability of the histogram variance of different images encrypted by different keys: where v is the variance of the image histogram, AVG v is the average of the histogram variance of the corresponding image encrypted with different keys. List the value of ζ (z) in Table 4. Experimental results show that the value of ζ (z) will stabilize around 3.3%, and the histogram level of encrypted images will remain at a relatively stable level, so the algorithm can effectively resist statistical attacks [41].

2) CORRELATION ANALYSIS
There is a certain correlation between adjacent pixels in an image. An attacker can attack the encrypted image by analyzing the correlation of the horizontal, vertical, and diagonal adjacent pixels of the image. Therefore, it is necessary to reduce the pixel correlation in the encrypted image to ensure the security of the cipher image. An excellent encryption algorithm should make the correlation of adjacent pixels of the encrypted image as low as possible. The correlation coefficient formula of adjacent pixels is calculated by (20). where r xy represents the correlation coefficient between x and y, cov(x, y) is the covariance of x and y, D(x) is the variance of x, D(y) is the variance of y, E(x) is the average value of x, E(y) is the average value of y, x and y are grayscale levels of two neighboring pixels in an image, and N denotes the total number of pixels in an image.
In this test, we randomly select 5000 pairs of adjacent pixels and test the correlation between the plain images and their corresponding encrypted images in the horizontal, vertical, and diagonal directions. Fig.11(a)-(f) and Fig.12(a)-(i) illustrate the correlation analysis of plain images and encrypted images of ''Baboon'', ''Peppers'', and ''Flower'', respectively. In order to compare with other references, we also encrypted the grayscale ''Lena'' image, and the correlation coefficient results are listed in Table 5. Obviously, our encryption algorithm reduces the pixel correlation of the encrypted image, and the correlation coefficient of adjacent pixels approaches zero. The attacker cannot obtain any useful information from the correlation of the adjacent pixels of the encrypted image.

3) INFORMATION ENTROPY
Image entropy is a statistical form of features that reflects the average amount of information in an image. The information entropy of an image represents the amount of information contained in the aggregated features of the gray distribution in the image. The gray level entropy of the gray image is defined as (14).
According to the calculation method shown in (14), the ideal information entropy of an 8-bit grayscale image is 8. The closer the value of the information entropy is to the ideal value, the more the encrypted image looks like white noise, and the higher the degree of confusion. The information entropy of the encrypted images of the grayscale images ''Baboon'', ''Peppers'', ''Lena'', and the color images ''Cornfield'', ''Flower'', ''Lena'' are given in Table 6, compared with other similar algorithms, it can be seen that the entropy of the encrypted image of our encryption algorithm is very close to the ideal value, which can effectively resist the entropy attack.
In this section, we not only calculated the information entropy of the encrypted image, but we also analyzed and  calculated the relative entropy, redundancy, and local entropy of the encrypted and decrypted image.
Relative Entropy, also known as Kullback-Leibler divergence, is a measure of the asymmetry of the difference between two probability distributions [44].
VOLUME 8, 2020   where P(i) and Q(i) are the two probability distributions of the value of i. For the probability distribution or probability density function, if the values are all greater than 0, the relative entropy can measure the difference between the two random distributions. For an 8-bit grayscale image, its information entropy divided by 8 is called its relative entropy. If the probability distribution of the encrypted image and the ideal white noise image is closer, the relative entropy is closer to 1.
The difference between 1 and relative entropy is called redundancy, and the smaller the redundancy value, the lower the information redundancy of the image. At the same time, we also calculated the values of the local entropy of 16 × 16 and 32 × 32 image blocks, respectively.
The information entropy, the relative entropy and the redundancy of four images ''Baboon'', ''Peppers'', ''Cornfield'', and ''Flower'' are shown in Table 7 and Table 8. It is noticeable that the cipher image encrypted by the proposed algorithm has good statistical characteristics.

4) PEAK SIGNAL-TO-NOISE RATIO
In this section, to provide more detailed verification information, we calculated the peak signal-to-noise ratio (PSNR) to measure the similarity between plain images and encrypted images. The PSNR value of two identical images is infinite. If the value of PSNR is low depicts that there is a significant difference between the plain and encrypted images. We record the plain image as P and the encrypted image as C. The mean square error (MSE) between them is defined as for formula (23) [7]: PSNR is defined as follows [32]: where MAX I represents the maximum value of the pixel. The PSNR results of four tested images are listed in Table 9.   Structural similarity (SSIM) is an index that measures the similarity of two images. Given two images x and y, the structural similarity of the two images can be obtained as formula (25): where µ x is the mean of x, µ y is the mean of y, σ 2 x is the variance of x, σ 2 y is the variance of y, σ xy is the covariance of x and y, c 1 = (k 1 L) 2 and c 2 = (k 2 L) 2 are constants used to maintain stability, k 1 = 0.01, and k 2 = 0.03 are the default values, L is the range of pixel values. The value range of SSIM is [0,1], the larger the value, the smaller the image distortion. When the two images are exactly the same, the SSIM value is equal to 1. Record the value of SSIM between the plain images and the encrypted images as SSIM (a), the value of SSIM between the plain images and the decrypted images as SSIM (b), and the calculation results are listed in Table 10.
It can be seen from Table 10 that the algorithm proposed in this article is lossless encryption.

E. DIFFERENTIAL ATTACK
Differential attack attacks the encryption algorithm by comparing and analyzing the propagation of different plaintext after encryption. An excellent image encryption algorithm should be sensitive to the plain image, that is, changing one  pixel or one bit in the plain image can get two completely different encrypted images. Three important indicators of differential attack analysis are the number of pixels change rate (NPCR), the unified average changing intensity (UACI), and block average changing intensity (BACI). NPCR refers to the rate of change between two encrypted images after a small change in the plain image. That is the ratio of grayscale values of different encrypted images at the same position.
where P 1 (i, j) and P 2 (i, j) are the ciphered images before and after one pixel of the plain image is changed, Sign(·) is a symbolic function, as shown in (27): UACI indicates the degree to which the two encrypted images correspond to pixel differences.
The ideal values for NPCR, UACI, and BACI are 99.6094%, 33.4635%, 26.7712%, respectively [40], [46]. The NPCR, UACI, and BACI results of four test images used in this article are listed in Table 11. The closer the calculation result is to the ideal value, the more sensitive the encryption algorithm is to the slight changes in plaintext. Otherwise, the encryption algorithm is insensitive to the change in plaintext. The NPCR and UACI results of this algorithm are compared with the grayscale images in literature [1] and [7] and the color images in literature [42] and [47]. It can be seen from Table 11 that the proposed algorithm can effectively resist the differential attack.

F. KEY SENSITIVITY ANALYSIS
A good encryption and decryption algorithm should be highly sensitive to the key. Given key = {x 0 , y 0 , z 0 , u 0 , w 0 ,  h 1 , k 1 , k 2 , a, b, d, ST , st}. For the value of key, see the key 1 column in Table 1.  Assume that the parameters in key are slightly changed to obtain the mismatch key Ekey1, Ekey2, Ekey3, Ekey4, Ekey5: u 0 , w 0 , h 1 , k 1 , k 2 , a, b, d, ST , st  Ekey4 = x 0 , y 0 , z 0 , u 0 + , w 0 , h 1 , k 1 , k 2 , a, b, d, ST where = 10 −16 . To verify the key sensitivity of this algorithm, we conduct the following experiments: where encrypt() and decrypt() represent the encryption and decryption algorithms function proposed in this article. P is the plain image. C, C1, C2, C3, C4, and C5 are encrypted images using key, Ekey1, Ekey2, Ekey3, Ekey4, Ekey5 to encrypt the image ''Peppers'', respectively. D is the correct decrypted image decrypted using the legal key. R1, R2, R3, R4, and R5 are the error decrypted images obtained by using the mismatched keys Ekey1, Ekey2, Ekey3, Ekey4, Ekey5 to perform the decryption operation. Fig.13 shows the plain image ''Peppers'' and encrypted images C1 − C5. Fig.14 shows the histogram of the plain image ''Peppers'' and encrypted images C1 − C5. Fig.15 shows the plain image ''Flower'' and encrypted images C1 − C5. Fig.16 shows the histogram of the three color components of the encrypted images C1 − C5. Fig.17 illustrates correctly decrypted image D and incorrectly decrypted images R1 − R5 of the encrypted image ''Peppers''. Fig.18 illustrates the histogram of the encrypted image ''Peppers'''s correctly decrypted image D and incorrectly decrypted images R1−R5. Fig.19 illustrates correctly decrypted image D and incorrectly decrypted images R1 − R5 of the encrypted image ''Flower''.  To further analyze the key sensitivity characteristics of our algorithm, we calculated the NPCR, UACI, and BACI values between the encrypted images using different encryption keys based on the same plain image. The calculation results are listed in Table 12 to Table 14.
It can be seen from Table 12 to Table 14 that when we use different keys to encrypt the same plain image, even if the encryption keys are only slightly different from each other by 10 −16 , we will get completely different encrypted images. In other words, the tiny difference in the keys of 10 −16 results in an average value of NPCR between two encrypted images is 99.03%. This shows that our encryption algorithm is key sensitive during the encryption process.
In addition, to further illustrate the key sensitivity of the algorithm in the decryption process, Table 15 to  Table 17 compare the NPCR, UACI, and BACI values used to decrypt the image using mismatched decryption keys.
It can be seen from the data in the table that when decrypting with 10 −16 mismatched error keys, the average value of NPCR between the error decrypted image and the correct decrypted image is 99.03%, the average value of NPCR between two error decrypted images is 98.96%. Our decryption algorithm is highly sensitive to the decryption key, even if the decryption key only changes 10 −16 , it cannot be decrypted correctly. According to Table 11 to Table 17, it can be seen that the proposed image cryptosystem has strong sensitivities to secret key and plaintext images. Therefore, the proposed system can not only resist the differential attack but also has the ability to resist the known-plaintext attack and chosen-plaintext attack.

G. KNOWN PLAINTEXT ATTACK AND CHOSEN PLAINTEXT ATTACK
For an image, its information entropy and variance value are unique. The algorithm proposed in this article uses the information entropy and variance of the plain image as the terms of the calculation formula (13) for the starting position p(r) of the chaotic matrix in the diffusion stage, so the key streams generated when different images are encrypted are different. Therefore, the algorithm proposed in this article realizes that the key is related to the plain image. From the data in Table 11, it can be seen that the proposed image cryptosystem has strong sensitivities to plaintext images. Besides, we performed two rounds of the diffusion process and tested the plaintext sensitivity of all-black and all-white images. The NPCR and UACI values of an all-black image are 99.6017% and 34.7739%, respectively, and the NPCR and UACI of an all-white image are 99.5605% and 34.0198%, respectively. So the proposed system can resist known-plaintext attack and chosen-plaintext attack effectively [45].

H. NIST TEST
NIST SP800-22 [48] is a series of guidelines on information security issued by the National Institute of Standards and Technology (NIST) in the United States. It is a statistical test suite for random and pseudorandom number generators for cryptographic applications. We performed a NIST test for 65536 × 8 bits binary numbers of the generated encrypted image ''Peppers''. The test results are listed in Table 18. It can be seen from the table that the generated cipher image passed all 16 tests, which shows that the sequence generated by our algorithm is random.

I. CROPPING AND NOISE ATTACKS
If the cipher image is damaged during data transmission, image information will not be completely transmitted. So an excellent encryption algorithm should have good shear resistance. In this experiment, the encrypted images ''Peppers'' and ''Flower'' are cropped 1/16, 1/8, 1/4, and 1/2, and the cropped position and size are shown in Fig.21(a)-(d) and Fig.22(a)-(d). The corresponding decryption results are shown in Fig.21(e)-(h) and Fig.22(e)-(h). To further observe the difference between the cropped decrypted image and the normal decrypted image, each picture in Fig.21 Table 19 and Table 20. From the experimental results, we can see that our encryption algorithm can recover the cropped image, and has a good ability to resist the cropping attack. Noise attacks can tamper with the pixels of an image. Although it may only change a few individual pixels in the encrypted image, it also has a certain impact on image recovery. Therefore, a good encryption algorithm needs to have the ability to resist noise attacks. We use the 0.01,     Table 21 and Table 22.
The experimental results demonstrate that the proposed image encryption algorithm is robust against noise and cropping processing, which makes the proposal suitable for harsh transmission conditions.

V. CONCLUSION
In this article, a new image encryption algorithm based on bit-level scrambling and dynamic overlap diffusion is proposed. To achieve a better scrambling effect, Arnold transform is used to scramble and change the position and pixel value of image pixels after the bit-level permutation stage. The chaotic matrix generated by the five-dimensional hyperchaotic system is used for the dynamic overlap diffusion step of the image. Because the method of plaintext controlling Arnold iterative times and the method of information entropy and variance updating of diffusion key are used, the attacker cannot crack this algorithm via known-plaintext and chosen-plaintext attacks. We also perform security analyses, such as an information entropy analysis, a statistical analysis, a sensitivity analysis, a differential attack analysis, a noise attack analysis, and so on. The experimental results show that the algorithm proposed in this article has high security, and can be applied to commerce, medical, and other fields to encrypt digital images.
In view of the large amount of image information, when a large number of encrypted images are transmitted or stored, they may face the problem of occupying more bandwidth during the transmission process. Therefore, the future work is to increase the transmission rate of large batches of images while ensuring the security of the cryptographic system, such as reducing the network transmission pressure by compressing cryptographic images before transmission.