On the Use of Memristive Hyperchaotic System to Design Color Image Encryption Scheme

In this article a novel encryption scheme based on memristive hyperchaotic system was proposed. Firstly, combined with SHA-512 hash function and plain image, key sequences can be generated by iterating the memristive hyperchaotic system. Then, permutation operation and diffusion operation are performed for each row and column of the plain image. Finally, a serious of simulation experiments are conducted to evaluate the proposed encryption scheme, showing that the proposed scheme has well performance. Further, NIST SP800-22 test results show that the randomness of the hyperchaotic pseudorandom sequence used by the algorithm is better than the general linear congruence pseudorandom sequence.


I. INTRODUCTION
The existence of Memristor is predicted by Chua in 1971 [1]. It was not until 2008, the nano-membrane memristive device was made by HP and immediately intrigued wide spread concern in both academia and industry [2]. After years of development, the memristive system has been applied in analog circuits [3], chaotic system [4], memory [5], neural networks [6], image encryption [7], et al.
As we can see now, there are social platforms such as Facebook, Twitter and WeChat let people connect with friends and family to share tidbits of their life. This makes large amounts of images are transmitted and stored over internet, including some with personal privacy. Thus, the demand for image encryption has become urgent. Since there are natural similarities between chaos and cryptograph, such as sensitive to initial conditions and parameters, pseudorandomness and ergodicity, it leads to a serious search to design chaos-based image encryption methods [8]- [11]. These proposed encryption methods are range from the used of chaotic system only to combined chaotic system with other interrelated fields. For example, a hyperchaotic image encryption algorithm was proposed in [9], which scrambles the image by Logistic mapping sequences, and then diffuses the image by The associate editor coordinating the review of this manuscript and approving it for publication was Szidónia Lefkovits . high-dimensional chaotic sequences. However, the security flaw is that one byte plaintext data can affect only one byte ciphertext data. In [10], an image encryption algorithm based on the memristive hyperchaotic system, cellular automata, and DNA sequence operations are proposed. In which, cellular automata DNA sequence operations are used to enhance the security of encryption algorithm. Besides, in order to improve the security, multi rounds of permutation-diffusion mechanism are used [12], [13]. And in each round, the diffusion operation can be performed only if all the permutation operations are completed. Actually, by using these two mechanisms, computational complexity will increase, but for a practical encryption algorithm should make balance between security and speed.
Based on the above analyses, a novel memristive hyperchaotic system-based color image encryption scheme is introduced. In the proposed scheme, SHA-512 and plain image are used to give the initial values of memristive hyperchaotic system, making that the generated key sequences are sensitive to the plain image. The permutation operation and diffusion operation are performed for each row and column of the plain image, after each row or column permutation operation is completed, the corresponding diffusion operation can be performed immediately.
The rest of this article is organized as follows. Section II introduces the memristive hyperchaotic system and its discretization. The image encryption scheme is described in Section III. Simulation results and security analyses are presented in Section IV. Section V discusses the performance of pseudorandom sequences. The last Section concludes the paper.

II. MEMRISTIVE HYPERCHAOTIC SYSTEM AND ITS DISCRETIZATION
According to [14], the memristive system was derived as where x, y, z and w are internal state variables, a, b, c, d, α and β are parameters. By selecting a = 24, b = 4, c = 19, d = 9, α = 1 and β = 0.02, the system behaves hyperchaos. The Lyapunov exponents are calculated as LE 1 = 0.3399, LE 2 = 0.2144, LE 3 = −0.0045, LE 4 = −33.5498, and the Lyapunov dimension is D L = 3.0164. Figure 1 shows the chaotic attractor. To implement the above system on the digital software platform, the system need to be discretized firstly. By using Euler method, the memristive system (1) can be derived as Then, one can obtain the discrete-time memristive system as where the sampling time is set as t = 0.001, and the initial values are set as x(0) = 0.01, y(0) = 0.01, z(0) = 0.01, w(0) = 0.01. Keeping the parameters a, b, c, d, α and β unchanged, the corresponding phase diagrams are shown in Figure 2. Compared with Figure 1, it can be seen that the discrete-time memristive system (3) maintains the dynamic characteristics and the complex topological structure in phase space.

III. ENCRYPTION SCHEME
In this article, the encryption scheme is aimed at color RGB images. In order to improve the security performance, the scheme repeatedly performs permutation and diffusion operations during encryption and decryption.

A. GENERATION OF INITIAL VALUES FROM PLAIN IMAGE
In order to against chosen-plaintext attack, Hash function is used to change the initial values of Eq. (3). Firstly, SHA-512 is selected to obtain the hash value of the plain image. As shown in Figure 3, the hash value H , which contains 512 bits, is divided into 64 blocks h 1 , h 2 , · · · , h 64 and each block contains 8 bits.
Then, one can obtain the disturbance values k 1 ,  where ⊕ represents exclusives or operation, Finally, the initial values x(0),y(0),z(0),w(0) of the hyperchaotic memristive system (3) can be obtained by the following formulas where M , N are the number of rows and columns of the plain image respectively. So as to make sure the sequences generated by Eq.(3) are chaotic sequences, the first P iteration sequences will be omitted. In this article, P is selected as 100000, which means the first 100000 sequences of Eq.(3) will be discarded. Thus, one can obtain the chaotic sequences X , Y , Z , W as As the chaotic sequences generated by Eq.(3) are floating-point data, the sequences need to be processed before using for encryption. One can obtain the key sequences S1 = where mod(·, 256) is a modular function, and round(·) is a round down operation.

C. IMAGE ENCRYPTION ALGORITHM
The plain image is divided into three channels R, G, and B, and each channel is a M × N matrix. The key sequences S1, S2 can be divided into three components S R As shown in Figure 4, each of them is used for encrypting the three channels R, G, and B respectively. Since the encryption algorithm for three channels R, G, B are similar, here the encryption algorithm for channel R is taken as an example.
Step 1: Dividing the key sequences The key sequences S R 1 is divided into M groups in front-toback order, and the length of each group is N .
Step 2: Designing the permutation operation Each row of channel R is taking out and performed a cyclic shift. Here, a cyclic right shift is carried out, and the shift number is by the first data of each key sequence. Then, a new matrix R can be obtained.
Step 3: Designing the diffusion operation The first row of matrix R is exclusives or with first group of S R 1 byte by byte, and the first row of the diffused matrix is formed as R 1 . Then the second row of R will exclusive or with R 1 first, then exclusive or with the corresponding group of S R 1 . And the following other rows of matrix will are executed in the same way, that is exclusive or with the previous diffused  row first, and then exclusive or with the corresponding group of S R 1 . Finally, a new matrix R row can be obtained. It is worth to point out that in the proposed algorithm after each row permutation operation is completed, the corresponding row diffusion operation can be performed immediately. This feature is different from the diffusion operation performed only if all the permutation operations are completed in traditional schemes. In addition, due to the particularity of Step 3, each row of ciphertext is not only related to the corresponding row of plaintext, but also related to the previous rows of plaintext.
After performing the above row operation on image matrix, the column operation is followed, which is similar with row operation. The difference is that the input plain image and the key sequences are change to R row , S R 2 respectively, and S R 2 is divided into N groups with the length of M .
The complete process of encryption diagram is shown in Figure 5. After performing row operation and column operation, the ciphertext data R (e) corresponding to channel R can be obtained. The encryption algorithm for channel G and B are similar. By recombining cipher text data R (e) , G (e) , B (e) , the cipher image can be obtained.

IV. PERFORMANCE ANALYSIS AND COMPARISON
As shown in Figure 6, the standard color image Lena with size 512 × 512 is used as plain image to demonstrate the proposed encryption scheme.

A. EXPERIMENT RESULT
The encrypted image and the decrypted is shown in Figure 7. From Figure 7(a), we can see that the encrypted is completely noisy without any obvious textural features. Form Figure 6 and Figure 7(b), the decrypted image is consistent with the original one, indicating that the decrypted image can recover the features of the original image. Thus, the proposed encryption scheme achieves a good effect.
Even though the original image is pure white or pure black, the proposed encryption scheme can also achieve a good performance. Figure 8 shows the corresponding encrypted and decrypted images of pure white image and pure black image, respectively. VOLUME 8, 2020

B. HISTOGRAM ANALYSIS
The histograms of the plain image and encrypted image are shown in Figure 9. From Figures 9(a), 9(c) and 9(e), we can see the distribution of histograms of original image is extremely uneven and have spikes. However, after encrypted, the histograms have a completely uniform distribution, which indicated that the statistical properties of the plain image are disturbed by the proposed encryption scheme.

C. CORRELATION ANALYSIS
Generally, there is strong correlation between the adjacent pixels of an image. Analysts often use this feature to crack the encryption scheme. So, one of the important aspects of a secure encryption scheme is to reduce the correction between the adjacent pixels.
The correlation between the plain image and its corresponding encrypted image can be calculated via The expressions of cov(x, y) and D(·) are as follow: where x, y represent the adjacent pixels of images, and N is the number of randomly selected pixels, which is equal to 10,000 in here. Noted that the correlation coefficients of uncorrelated sequences should be zero theoretically. As shown in Table 1, the correlation of the original image is strong. After encrypted, the correlation coefficients are closed to 0. On the other hand, by randomly taking pixels from the image, the pixel values distributions of adjacent pixels in horizontal, vertical and diagonal direction of plain image and its corresponding encrypted images are shown in Figure 10. We can see from Figures 10(a), 10(c) and 10(e) that the correlation between adjacent pixels of the plain image is high, which is densely arranged on a linear function like.  And the pixel values of adjacent pixels of the encrypted image are uniformly distributed in the plane as shown in Figures 10(b), 10(d), 10(f). Combined with the results shown in Table 1 and Figure 10, the proposed encryption scheme has good performance to against statistical attacks.

D. DIFFERENTIAL ANALYSIS
When performing a differential attack, the attacker usually makes a slight adjustment to the plaintext, and then performs the attack by comparing the difference between the ciphertext of original plaintext and the ciphertext of slightly adjusted plaintext. For image encryption differential analysis, the number of changing pixel rate (UACI) and the unified averaged changed intensity (NPCR) are two quantities used for evaluation, which can be calculated by where M , N are the number of rows and columns of an image, C 1 (i, j) and C 2 (i, j) are the pixel values of two images in coordinate point (i, j) respectively. And D(i, j) is defined as In order to avoid accidental test results, 100 coordinate points of the original image are randomly selected for this test. By changing only one pixel once in the original image, 100 plain images with slight changes can be obtained. The encrypted image of original image and the encrypted image of one slight change plain image are formed as a pair of test sample. So that 100 pairs of test samples can be obtained. The NPCR and UACI results are shown in Figure 11.
As shown in Figure 11, the NPCR values of the proposed encryption scheme are approximately stable at 99.6%, and the UACI values are approximately stable at 33.4%. For two random image data, the ideal values of NPCR and UACI are 99.6094% and 33.4635%, respectively. As shown in Figure 11, the values of NPCR and UACI are very close to these ideal values, which show that the encryption algorithm has excellent performance to against differential attack.

E. KEY SENSITIVITY AND KEY SPACE ANALYSIS
The secure encryption scheme is not only sensitive to changes in the plaintext, but also to slight modifications in keys. To this end, a key with tiny change is used to decrypt the cipher image Figure 7(a). The decrypted key is set as follow  As shown in Figure 12, the corresponding decrypted image is quite different from the plain image. Based on some similar experiments, the sensitivity for initial values are shown in Table 2. The results indicated that the proposed encryption scheme is extremely sensitivity to keys.
In order to resist brute force attack, a secure should have a key space of at least 2 100 ≈ 1.3 × 10 30 . When initial values x(0), y(0), z(0) and w(0) are at the range of [−10, 10] and parameter d is at the range of [6,10], the memristive system (3) can generate hyperchaos. Assume that precision of floating-point numbers is 10 −10 , so the key space of initial values is (20 × 10 10 ) 4 = 1.6 × 10 45 . After adding parameter d, the total key space is 6.4 × 10 55 , which is much larger than 2 100 . According to the IEEE-754 floating-point arithmetic standard, the precision of floating-point numbers is 10 −15 . And the sensitivity for initial values is at least 10 −14 . Therefore, the key space will be larger in practical applications.

F. INFORMATION ENTROPY
The image entropy reflects the average amount of information in the image, which can be used to measure the randomness of the image. The formula is as follows where n is the bit-length of s i , p(s i ) is the probability of s i . For grayscale images, which consist of 2 8 pixel values, the ideal value of information entropy is 8. The information entropy of gray image obtained by different entropy scheme is compared in Table 3. Table 4 compared the RGB channel information entropy of color image. We can see from Tables 3, 4 that the information entropy of the proposed encryption scheme is closed to the ideal value and the performance of the proposed scheme is similar to that of others. This indicates that the encrypted image has good randomness.

G. SPEED ANALYSIS
Besides security, speed is an important aspect for an encryption scheme. For a good encryption scheme, it should make balance between security and speed. In the proposed encryption scheme, the iteration number of the memristive hyperchaotic system is M × N × 3 + P. The permutation operation and the diffusion operation for row and column are single-round operations without any iteration. Therefore, for the scale of question is the size of image, the order of magnitude for time complexity is O(n). The comparison of computation time between the proposed encryption scheme and some exciting schemes is show in Table 5. From this table, we can see that the computation time of the proposed one is shorter when the image size is 256 × 256, which indicated that the time complexity is lower. In addition, the computation time for the image size of 512 × 512 is 1.187s. It can be seen that increasing the image size will reduce the encryption speed, because a larger image has more data, which increases the calculation time of the algorithm. In summary, the proposed encryption scheme is good for practical application.

V. NIST SP800-22 TEST
The security of a stream cipher is closely related to the randomness of the generated sequence. Thus, how to design a pseudorandom sequence with good statistical properties is important. At present, linear congruence generator is one of the most used pseudorandom number generators, which can be described as where m is the modulus, a is the multiplier, and c is the increment. The pseudorandom sequence obtained by linear congruence and the memristive hyperchaotic system (3) are both floating-point numbers. After performing amplitude expansion, rounding, and modulo 2, the generated pseudorandom sequences are quantized to the range of (0, 1). NIST SP800-22 Test Suite is the widely used standard in industry, which included 15 tests. The official documentation of NIST test states that the P-VALUE of the test result greater than 0.01 means the test passes. Moreover, the larger the value of P-VALUE is, the better the result is. By performing NIST SP800-22 test to the above pseudorandom sequences, the test results are shown in Table 6. We can see from Table 6 that both pseudorandom sequences pass all 15 tests. As the P-VALUE of 10 tests of the hyperchaotic pseudorandom sequence is larger than the linear congruence pseudorandom sequence, which indicated that the hyperchaotic pseudorandom sequence has better randomness.

VI. CONCLUSION
This article studies the discretization of memristive hyperchaotic system. On this basis, an encryption scheme combining permutation and diffusion is proposed. In which, after each row or column permutation operation is completed, the corresponding diffusion operation can be performed immediately. Based on a serious of performance analysis, it was found that the proposed scheme has good statistical properties and is sensitive to keys. By compared with some other encryption schemes, the results show that the proposed scheme is more secure and higher speed. Furthermore, the NIST SP800-22 test results show that the randomness of the hyperchaotic pseudorandom sequence is better than the general linear congruence pseudorandom sequence. Therefore, the proposed encryption scheme has the value of practical application.