Bogdanov Map-based Permuted Double Image Encryption.

Chaos-based image encryption schemes shuffle the position of the pixels (confuse), change their values (diffuse), to camouflage the identity of the original image. In this paper, a symmetric image cryptosystem based on permutation is proposed. Permutation, used both to change the position of the pixel and modify its value, is undertaken using the Bogdanov map. First, the input image is permuted using the Bogdanov map so that the pixel positions are changed. Thereafter, the resultant scrambled image is sliced into bit-planes which are again separately subjected to the Bogdanov map. The encrypted image is constructed by encrypting the scrambled bit-planes with the key generated using dyadic transform. The experimental results exhibited random behavior in the distribution of the pixel values of the encrypted image. The cryptosystem is simple and fast, as it is permutation-based and, secure, it may be used in real-time transmission.


INTRODUCTION
The Internet has become an integral part of today's communication network. With the availability of abundant information communicated over the Internet, coupled with technological developments in the fi elds of visual communication and digital signal processing, there is a rapid increase in the widespread applications of digital imaging everyday. This entails security and authorized access to sensitive images such as those in the fi elds of medicine, defense, forensics, fi nance, research, etc. Consequently, with the rapid development of communication networks, there is a need to effectively protect such digital images in the open network environment. A solution to this would be to use a cryptosystem to render the information unintelligible, so an unintended recipient or intruder cannot take a chance on it. However, the traditional encryption algorithm based on the number theory may be inappropriate for digital images, given certain inherent features of these images such as large data volume, high redundancy, strong correlation among image pixels and storage characteristics. Hence, image cryptosystem has become an essential branch of cryptography. Comparatively speaking, image encryption algorithms have their own description and unique characteristics with exceptional specifications applicable to images. Chaos-based cryptosystems can provide effi cient image encryption.
To resist common attacks, a cryptosystem must satisfy two basic cryptographic properties: confusion and diffusion (Alvarez & Li 2006). As stated by Shannon (Kocarev & Lian 2011), "Diffusion means spreading out the influence of a single plaintext bit over many ciphertext bits so as to hide the statistical structure of the plaintext. Confusion refers to the use of transformations that complicate dependence of the statistics of ciphertext on the statistics of plaintext". A permutation process weakens the correlation among the pixels of the image. To secure a color watermark image from visual perception, the authors of (Agilandeeswari & Ganesan 2016), sliced the image into 24 bitplanes and permuted the pixels using the Arnold transform before embedding it into a video frame. The transform is utilized in the permutation process of the permutationdiffusion mechanism proposed by (Ye 2011). As in the case of (Ye 2011), cryptosystems proposed by (Kumar et al. 2011, Run-he et al. 2011, Zhang et al. 2012 do not require sorting to use Arnold transform-based permutation algorithms. During the process of encrypting biometric fingerprint images, (Abundiz-Pérez et al. 2014), took advantage of permutation after diffusion. An expand-and-shrink strategy to shuffle the image with reconstructed permuting plane is employed in (Zhang et al. 2013). To increase the speed of the permutation process (Guo et al. 2014) carried out a row-by-row and column-bycolumn permutation operation. Like the Arnold transform, the Lorenz system of equations is also noteworthy for producing chaotic solutions for certain parameter values and initial conditions and hence are used as a permutation technique (Gonzales et al. 2000, Radwan et al. 2004). Authors of (Baptista 1998, Pisarchik et al. 2006, Pisarchik & Zanin 2008, Som & Sen 2013, Sun et al. 2008) used conventional discrete chaotic maps in the permutation phase whereas (Zanin & Pisarchik 2014) used the logistic map. Instead of permuting pixels in the case of the literature above, (Al-Romema et al. 2012) permuted the bits of the pixels.
Certain authors combined chaotic and nonchaotic techniques to improve the security and robustness of their cryptosystem. For example, (Zhang & Xiao 2014) designed a cryptosystem based on a coupled logistic map, self-adaptive permutation, a substitution transform and combined global diffusion. A block cipher encryption system presented by (Abdeihaleem et al. 2014) used the Lorenz chaotic generation for the confusion process and a chess-based diffusion process. The image encryption scheme proposed by (Wu et al. 2015) used a coupled map lattice for permutation and a fractional-order Chen chaotic system for diffusion. A detailed study on symmetric encryption algorithms using chaotic and non-chaotic algorithms was done by (Radwan et al. 2016). They classified algorithms into three: substitution-only, permutation-only or both. Most of the image encryption algorithms available fall under permutation-only, the advantage of these systems being their speed of encryption. Nevertheless, the safekeeping of the information depends entirely on the confidentiality of the algorithm used. In addition, the encryption is done only by permuting the pixel positions and is prone to attacks.
To safeguard the content of transmitted images, an effectually simple chaos-based symmetric encryption algorithm that is specific for images is proposed and its performance analysed in this paper. Bogdanov map-based permutation is used to apply the idea of confusion and diffusion for images. Confusion shuffles the pixel positions within the image and results in a new organisation of pixels, while diffusion changes the values of the pixels. Experimental results show that it is simple, fast and robust.
Section, Bogdanov Map, of this paper portrays the basics of Bogdanov map. In section, The proposed cryptosystem, Bogdanov mapbased permuted encryption and decryption algorithms are discussed. Section, Results and discussion presents encryption outputs and evaluations. The section Conclusion summarizes the findings.

Bogdanov map
The proposed method makes use of the Bogdanov map (Arrowsmith et al. 1993), to scramble the pixel positions in an image. The Bogdanov map is a planar quadratic map with area-preserving nature. The proposed method takes the benefit of discretization and makes use of the map's symplectic form, When applied to images, Eq. (1) and Eq. (2), (x, y) represent the coordinate position of the pixels in the original image and (x', y') is the resultant coordinates position of the pixel in the altered image and k is any positive integer.

The proposed cryptosystem
A chaos-based symmetric image cryptosystem is proposed. It is a permutation image encryption algorithm. The Bogdanov map is used to permute the image pixels. The classical confusion-diffusion architecture is adopted in the design of the proposed cryptosystem. Pixel level permutation is combined with bit level permutation and chaotic transform to attain good encryption levels.

Image encryption
The image encryption process is shown in Figure  1. In the confusion stage of image encryption, the Bogdanov map is used to scramble (permute) the pixels of the input image, I. The process is repeated m times to render the image unintelligible. Let the resultant image be C s . As the pixel positions are exchanged, the correlation among the pixels in the input image weakens. In the diffusion stage, C s is sliced into eight bit-planes, B i , 1 ≤ i ≤ 8. These eight bit-planes are subjected to the Bogdanov map separately in such a way that the Bogdanov map is applied n i times on the bit-plane B i. Thereafter, the scrambled bit-planes B i are reorganised to construct the partially encrypted image C e . The scrambling of the bit-planes changes the pixel value and constructs the cipher image, C e . To make the cipher image more robust to attacks C e is again encrypted using the keys generated by dyadic transform. The procedure for encryption is as given below and the process can be defined by Eq. (3) to Eq. (7).

Encryption algorithm
Input : Plain image, I. Output : Encrypted image or cipher image, C. Procedure: Step 1: Construct the scrambled image, C s , by applying the Bogdanov map, M, m times on (3) Step 2: Separate the bit-planes of C s . Let the bit-planes be B i , 1 ≤ i ≤ 8.
Step 3: Subject the bit-planes, B i , to the Bogdanov map n i times, n i ≤ p. Let the permuted bit-planes be, B Si 1 ≤ i ≤ 8.
Step 4: Construct partially ciphered image, C e , by reorganising the permuted bit planes, B Si , where P is the reconstruction function.
Step 5: Generate a key matrix, K, using dyadic with the condition if x = 0 or 1 then x = x 0 , x 0 is the initial value.
Step 6: Encrypt C e by K.
where E is the encryption function, G is the value of color levels and C(0) is the seed for encryption. The parameter p symbolizes the Bogdanov period, the number of iterations after which the image return to its original form. The parameter vector (m, n i , K, seed), 1 ≤ i ≤ 8, forms the symmetric key and controls the encryption process.

Image Decryption
Since the proposed cryptosystem is a symmetric cipher, the decryption process is the inverse of the encryption process with the same parameter vector (m, n i , K, seed), 1 ≤ i ≤ 8 and can be defined as in Eq. (8) to Eq. (11). The image decryption process is shown in Figure 2. First, the cipher image, C, is decrypted by using K and seed to get the partially deciphered image C e . C e is then separated into eight bit-planes, B ei , 1 ≤ i ≤ 8, and the inverse Bogdanov map is applied n i times on the bit-plane, B ei The unscrambled bit-planes of B ei are then reorgainsed to construct the scrambled image C S . The image C S is, however, unintelligible as the pixels are not positioned in their original position. The inverse Bogdanov map is once again applied m times on C S to unscramble the image. The resultant will be the original image, I, provided the encrypted image is not subjected to attacks.

Decryption algorithm
Input : Cipher image, C. Output : Decrypted image or plain image, I. Procedure: Step 1: Decrypt C by K to get the partially deciphered image C e .
Step 2: Separate the bit-planes of C e . Let the bit-planes be i e B , 1 ≤ i ≤ 8.
Step 3: Subject the bit-planes i e B to the inverse Bogdanov map, M'. Apply the map on the bit-planes, i e B , n i times, n i ≤ p, 1 ≤ i ≤ 8.
Step 4: Construct the scrambled image C s , by reorganising the unscrambled bit planes, Step 5: Unscramble C s using the inverse Bogdanov map 'm' times to get the plain image,

RESULTS AND DISCUSSION
The proposed cryptosystem abide by the basic principles of a chaotic cryptosystem: confusion and diffusion by changing both the position and value of the pixels. Both the operations take in permutation processes, where-in they take the advantage of the Bogdanov map. Unlike Arnold transform, which applies only to square images, Bogdanov map applies to images of arbitrary size. As the cryptosystem is symmetric, it uses the same set of keys for both encryption and decryption.
In the confusion phase, the input image is subjected to the Bogdanov map m times. The Bogdanov map shuffles the pixel positions however does not change the value of the pixels. Its repeated application on the input image results in a scrawled image. Figure 3a-d depict the jet plane image of size 384 x 512, its histogram, the scrambled image and its histogram respectively. The scrambled image was obtained by applying Bogdanov map eight times (m = 8) on the jet plane image when k = 2. As a histogram reveals the distribution of pixel values with the image, it can be seen that the frequencies of the pixels are not altered by the application of the Bogdanov map. The changed pixel positions, however, offer a visual perception of encryption.
The change in pixel positions weakens the correlation among the adjacent pixels in the image. The correlation distributions of the jet plane image and the scrambled image in horizontal, vertical and diagonal directions are plotted in Figure 4. It is evident that there is a high correlation among the adjacent pixels in the plain image, as the dots are located surrounding the diagonal in Figure 4a  In the diffusion phase, the scrambled image is sliced into eight bit planes. In Figure  6a-h represents the bit-planes of the jet plane image and i-p represents the bit-planes of the scrambled image. Even though the corresponding bit planes of the original and scrambled image are not similar, the percentage of information provided by the i th bit of the pixels is the same. The computation (Zhu et al. 2011) is given by Eq. (12). The data pertaining to the same is listed in Table I.
Thus, only the confusion phase is not enough to attain a good encryption as the actual information content of the image remains unaltered. Only the perceptual information apparent to the human eye differs.
Each bit-plane of the scrambled image was individually subjected to the Bogdanov map n i times, 1 ≤ i ≤ 8. The image is reconstructed by reorganising the scrambled bit planes. As the n i are not the same for all the bit-planes, the bits of the pixels change, resulting in changes in the pixel value. At this stage, the image pixel positions and values are changed, resulting in an encrypted image. The encrypted jet plane image and the corresponding histogram are shown in Figure 7a, b respectively. The encrypted image was constructed with scrambled bit planes, where the bit planes 1 to 8, are subjected to Bogdanov map 5,4,8,6,5,9,3,8 and 8 times respectively.
An ideal encrypted image should avert the adversary from extracting any meaningful information from it. Hence, to make it more robust, the resultant image was again subjected to encryption by the keys generated using dyadic transform presented in Step 5 of the encryption algorithm. The encryption process of each pixel encompasses the previous encrypted pixel with a randomly generated initial seed value. This leads to a change in the pixel values once again, culminating in a doubly encrypted image.  Table II. The table also presents the correlation coefficient between the plain and the encrypted images. Smaller the correlation, gives better encryption effect and higher the security (Shuqin et al. 2018).
A histogram graphically represents the frequency of distribution of pixel values within an image. Histogram analysis illustrates the quality of an encrypted image. A good image encryption method produces an encrypted image having uniformly-distributed histogram. The plain images listed in Table II, their histogram, the corresponding encrypted images and the respective histograms are depicted in Figure 8 a-e, f-j, k-o and p-t respectively.
The error in the encrypted image compared to that of the original image can be measured using MSE (Mean Square Error) metric (Al-Romema et al. 2012). The MSE is computed using the mathematical formula where I and C are the plain and cipher images of size M x N respectively. The values of the MSE and the error are directly proportional, that is the lower value of MSE indicates lesser error and the higher value of MSE indicates more error. The MSE measured during encryption is depicted in Table III. The MSE value increases with the processes of encryption resulting in a noisy image.
To acquire the information from the ciphered data, the adversary may observe the difference between the results after making minor modifications on the encrypted image (Chen et al. 2004). This will help them to derive relationship between the plain and the encrypted image. If a trivial change in plain image causes significant variation in the encrypted image, makes these attacks inefficient. The number of pixels change rate (NPCR) and the unified averaged changing intensity (UACI) are the two most quantities used to evaluate the strength of the image encryption algorithms with respect to differential attacks (Wu et al. 2011). Let C 1 and C 2 be the two encrypted images corresponding to the plain images having a pixel difference between them. The NPCR measure the number of pixels which changes value between C 1 and C 2 in percentage whereas UACI measures the average intensity difference between C 1 and C 2 in percentage. The NPCR and UACI are defined by the equations Eq. (14) and Eq. (16) respectively.
where (i, j) defines the position of the pixel and T is the total number of pixels in the image.
The Lena image of size 512 x 512 is subjected to above test with one pixel variation at position (1,1). The pixel value at (1,1), 162 was changed to 163 by modifying the least significant bit from 0 to 1. i.e., "10100010" to "10100011". Then, the images are encrypted using the same set of parameters and key to get the cipher images C 1 and C 2 respectively. The value of the parameter k = 2. The size of the key is same as the size of the image. The other parameters used for encryption are presented in Table IV.
The computed values of NPCR and UACI for the 5 rounds are compared with the results produced by (Zhu et al. 2011) and the same is presented in Table V and Table VI respectively. The results show that the proposed method performs better.
Also, the average time taken to execute the encryption algorithm is much lesser than that of Zhu's method. The average time taken by Zhu's method to encrypt the Lena image is 36.1 ms whereas the proposed system is 2.59 ms. The average was computed by encrypting the Lena image by each cryptosystem ten times.

CONCLUSION
A chaos-based simple image cryptosystem is proposed, using the Bogdanov map to accomplish the permutation process both at the pixel level and bit-level. In the confusion phase, the pixel positions are shuffled. The pixel values are modified twice in the diffusion phase: once by shuffling the bits of the bit-plane using Bogdanov map followed by encryption with the keys generated using dyadic transform. As a result, the permutation has the effects of both confusion and diffusion, and employs the Bogdanov map for permutation (shuffling). The cryptosystem is simulated using Matlab and its performance analysed. The result of the analysis shows that the proposed double image encryption model is simple, fast and secure with a sufficiently large keyspace. This guarantees its use in real-time image transmission and in e-commerce transactions.