1 Introduction

With the development of multimedia technology and internet, the security of images and videos has drawn many researchers’ attentions [25]. Until now, a variety of encryption algorithms such as advanced encryption standard (AES) and data encryption standard (DES) have been proposed. But these algorithms are not efficient for encrypting images due to image inherent features such as bulky data, high correlation among pixels and so on.

Chaotic systems have many important characteristics, such as ergodicity and sensitivity to initial condition and control parameters, and these features can be considered analogous to the desired cryptographic properties [23]. The first chaos-based encryption scheme was proposed in 1989 [15], and then many chaotic image encryption algorithms have been developed, and chaos-based image encryption has become one of efficient and excellent encryption methods [3, 21, 24].

Image encryption methods mostly use two kinds of chaotic systems, one-dimensional (1D) chaotic system and high-dimensional (HD) chaotic system [8]. The HD chaotic systems have complex structures and multiple parameters, these add to the security of encryption systems, but increase the difficulty of hardware implementations and computation complexity [22]. In contrast, 1D chaotic systems mostly contain one variable and a few parameters (Such as Logistic, Tent, Gaussian maps), have simple structures and are easy to implement, but their chaotic orbits are rather simple and can be predicted with the development of signal processing technology [11]. Hence, designing and utilizing new 1D chaotic system in encrypting images is important for the large scale practical application of encryption systems. Fortunately, some new systems with better chaotic performance have been developed and can be used in image encryption [26, 28, 29].

Image encryption is mostly divided into two stages: permutation (or confusion) and diffusion [12]. In the general permutation stage, the image pixels are permuted using some transformation method, such as baker map, Arnold map, magic square, while the pixel values remain unchanged, the histograms of the cipher image and the plain image are the same [2]. Therefore, the confusion is not resistant to the statistical analysis [6]. In the diffusion stage, the pixel values are changed, and diffusion may lead to higher security [27]. Recently, an interesting technique based on image bitplane decomposition and encryption at bit level has presented excellent encryption performance and is easily implemented in hardware [1]. Firstly, the technique decomposes an image into several binary bitplanes using traditional binary decomposition, gray code decomposition, Fibonacci p-code decomposition. Then, the pixels at bit level are manipulated using various methods, and finally bitplanes are combined into the cipher images. Some image encryption schemes have been introduced based on this technique [14, 17, 30]. However, these algorithms have a low secure level because of their predictable decomposition results and/or smaller key spaces [31]. So, new encryption methods with higher security need to be studied.

Brownian motion is the random motion of particles suspended in a fluid (a liquid or a gas) resulting from their collision with the quick atoms or molecules in the gas or liquid. The term “Brownian motion” can also refer to the mathematical model used to describe such random movements, which is often called a particle theory. At present, Brownian motion is used to analyze the financial share price in the market. In 2014, Wang and Xu [19] took each pixel of the image as a Brownian particle, used the Monte Carlo method to simulate the Brownian motion, and effectively scrambled the image. In 2015, Zhu [32] had broken the encryption algorithm of Wang et al. [19] because the permutation vector and diffusion sequence of Wang et al. [19] are not related with the plaintext image, and this make the method unfeasible to resist the chosen plaintext attack.

In this paper, we introduce an image encryption algorithm based on bit level Brownian motion and new 1D chaotic systems. Firstly, we decompose the image into 8 bitplanes, then takes the pixels at bit level as Brownian particles, uses the Monte Carlo method to simulate the Brownian motion, scrambles the image pixels, and then combines the bitplanes to get the confused image. In the algorithm, we use three new 1D chaotic systems, they have wide range of parameter settings and the uniform-distributed variant density function, and this can increase the key space and enhance the encryption security. And confusion step is manipulated at the bit level, eight bitplanes of the image are scrambled based on different Brownian motions, respectively, and this increases the ability of resisting the statistical analysis and chosen plaintext attack. In order to achieve high security, a two directional diffusion step is followed.

The rest of the paper is organized as follows: In Section 2, a brief description of the chaotic system and Brownian motion simulation is provided. Section 3 provides the encryption algorithm. Simulation results and security analyses are given in Sections 4 and 5. Section 6 reaches a conclusion.

2 Chaotic systems and Brownian motion simulation

2.1 Chaotic systems

Logistic map, Sine map and Tent map, illustrated as the follows, which are simple and classic dynamical equation with complex chaotic behaviors, are used in many image encryption algorithms in the past few years.

$$ {X}_{n+1}=r{X}_n\left(1-{X}_n\right) $$
(1)
$$ {X}_{n+1}=\left\{\begin{array}{l}r{X}_n/2,{X}_n<0.5\\ {}r\left(1-{X}_n\right)/2,{X}_n\ge 0.5\end{array}\right. $$
(2)
$$ {X}_{n+1}=r \sin \left(\pi {X}_n\right)/4 $$
(3)

Where r is the system parameter.

Unfortunately, these systems have the shortcomings of limited chaotic range and uneven distribution of sequences. To solving these defects, new chaotic systems are proposed to get better chaotic behaviors which are defined as following:

2.1.1 The logistic-sine system (LSS)

Combined Logistic map and Sine map, Logistic-Sine System is presented in the following equation:

$$ {u}_{n+1}=LSS\left(r,{u}_n\right)=\left(r{u}_n\left(1-{u}_n\right)+\left(4-r\right) \sin \left(\pi {u}_n\right)/4\right) \mod 1 $$
(4)

Where parameter r ∈ (0, 4].

2.1.2 The logistic-tent system (LTS)

Combined Logistic map and Tent map, Logistic-Tent System is illustrated in the following equation:

$$ {v}_{n+1}=LTS\left(r,{v}_n\right)=\left\{\begin{array}{l}\left(r{v}_n\left(1-{v}_n\right)+\left(4-r\right){v}_n/2\right) \mod 1,{v}_n<0.5\\ {}\left(r{v}_n\left(1-{v}_n\right)+\left(4-r\right)\left(1-{v}_n\right)/2\right) \mod 1,{v}_n\ge 0.5\end{array}\right. $$
(5)

Where parameter r ∈ (0, 4].

2.1.3 The tent-sine system (TSS)

Combined Tent map and Sine map, Tent-Sine System is shown in the following equation:

$$ {s}_{n+1}=TSS\left(r,{s}_n\right)=\left\{\begin{array}{l}\left(r{s}_n/2+\left(4-r\right) \sin \left(\pi {s}_n\right)/4\right) \mod 1,{s}_n<0.5\\ {}\left(r\left(1-{s}_n\right)/2+\left(4-r\right) \sin \left(\pi {s}_n\right)/4\right) \mod 1,{s}_n\ge 0.5\end{array}\right. $$
(6)

Where parameter r ∈ (0, 4].

The bifurcation diagrams of Logistic map, Sine map, Tent map, Logistic-Sine System (LSS)、Logistic-Tent System (LTS) and Tent-Sine System (TSS) are illustrated in Fig. 1. Compared with its corresponding seed maps, Logistic-Sine System (LSS)、Logistic-Tent System (LTS) and Tent-Sine System (TSS) have a wider chaotic range and chaotic behaviors, and they are more suitable for image encryption [29].

Fig. 1
figure 1

Bifurcation diagram of Logistic, Tent, Sine, LTS, LSS and TSS

Full size image

2.2 Brownian motion

The current moving distance of any one point in space can be expressed in 2D plane,

$$ X=r \sin a \cos b,Y=r \sin a \sin b $$
(7)
$$ a={u}_i\times 2\times \pi, b={v}_i\times \pi $$
(8)

Where, X and Y is the horizontal and vertical direction distance, respectively; r is the step length of the movement, 0 ≤ r ≤ + ∞; and a and b denote the movement direction of the particle, 0 ≤ b ≤ 2π, 0 ≤ a ≤ π; u i , v i is the chaotic sequences generated by chaotic systems. We simulated the Brownian motion of 300 particles, the movement trace of a particle is shown in Fig. 2, and the figures indicate that the motion has strong randomness at different times.

Fig. 2
figure 2

Single Brownian particle motion path

Full size image

3 The encryption algorithm

The novel image encryption algorithm is presented in Fig. 3. The algorithm first decomposes the plain image into 8 bit planes. Then confusion at bit level based on Brownian motion changes all bit locations, and after k1 iterations, the 8 bit planes can be combined. After k2 iterations of a two directional diffusion, the encrypted image appears. The confusion and diffusion can be manipulated k3 rounds in order to get a required security level. The parameters (encryption keys) used in confusion and diffusion are generated through the plain image, and we can get “one plain image, one key”, so the security level of our algorithms increased a lot. The detailed encryption algorithm is presented as follows.

Fig. 3
figure 3

the flow chart of encryption schemes

Full size image

3.1 Confusion

First, we decompose the plain image into 8 binary bit level images, and then scramble the 8 images using Brownian motion. Confusion at bit level not only changes the position of each pixel, but also changes its values. Besides, the permutation vector depends on the plain image, and the ability of resisting the chosen plaintext attack increases.

For a M × N plain image P, the Logistic-Sine System (LSS) and Logistic-Tent System (LTS) are both used in the confusion. The confusion process can be described as follows.

  1. Step 1

    the SHA256 hash function is used to generate the 256-bit key stream based on the plain image, the key stream is represented in hexadecimal number.

  2. Step 2

    Dividing the 256-bit key stream into 32 groups denoted by k l , K = {k l }, (l = 1, 2, ⋯ 32), then the sum of the 32 groups is computed using the equation \( sum={\displaystyle \sum_{l=1}^{32}{k}_l} \), denoted by sum.

  3. Step 3

    the 8 system parameters and 16 initial values of the Logistic-Sine System and Logistic-Tent System are computed according to the following formula:

    $$ {r}_{i0}= \mod \left(\left({k}_{3i-2}\oplus {k}_{3i-1}+{k}_{3i}+ sum\right)/{2}^8,1\right)/5+3,i=1,2,\cdots, 8 $$
    (9)
    $$ {u}_{i0}={v}_{i0}= \mod \left(\left({k}_{38-6i}\oplus {k}_{36-6i}+{k}_{34-6i}+ sum\right)/{2}^8,1\right),i=1,2,3,4,5 $$
    (10)
    $$ {u}_{i0}={v}_{i0}= \mod \left(\left({k}_{6i-35}\oplus {k}_{6i-33}+{k}_{6i-31}+ sum\right)/{2}^8,1\right),i=6,7,8 $$
    (11)

    Where, r 10, r 20,…, r 80 present the system parameters of LSS and LTS used for the bit plane 1, 2, …, 8; u 10, u 20,…, u 80 denote the initial values of LSS used for the bit plane 1, 2, …, 8; v 10, v 20,…, v 80 are the initial values of LTS used for the bit plane 1, 2, …, 8, respectively. For the sake of computation, the system parameters of LSS and LTS used for each plane are equal, and the initial values of LSS and LTS for every plane are the same.

  4. Step 4

    the plain image is decomposed into 8 bit planes, every bit plane is converted to one-dimensional sequence (from left to right, up to down). For each bit plane, use the corresponding initial value and system parameters and the LSS and LTS to generate two chaotic sequences u i , v i (i = 1, 2, …, MN).

  5. Step 5

    Taking the bit pixel in each bit plane as Brownian motion particle, set the step length r of the movement in every bit plane, use Eqs. (7) and (8) to get the current horizontal and vertical direction distance, iterate the movement for R rounds, record the positions of all particles, establish a one-to-one map between the bit plane sequence and the positions, then the confused bit plane image can be gotten. After the 8 bit planes have been scrambled, the bit planes are combined to a confused image. The bit plane confusion can be iterated k1 times in order to get better encryption effect.

3.2 Diffusion

The flow chart of diffusion process is shown in Fig. 4. The diffusion step is mainly made up of row diffusion (RD) and column diffusion (CD). The RD consists of random pixel insertion, row separation, forward row mapping (FRM), reverse row mapping (RRM) and row combination. The CD consists of random pixel insertion, column separation, downward column mapping (DCM), reverse column mapping (RCM) and column combination. Firstly, set the diffusion encryption rounds as k2. When k2 % 2 = 0, the confused image is manipulated by column diffusion (CD). When k2 % 2 ≠ 0, the confused image is processed by row diffusion (RD). Then k2 = k2-1, the diffusion process continues until k2 = 0, the diffusion process is completed.

Fig. 4
figure 4

Flow chart of diffusion step

Full size image

3.2.1 Row diffusion (RD)

The detailed steps of RD are as follows:

  1. Step 1

    Random pixel insertion

    Insert two random numbers at the beginning and end of every row in the confused image, respectively, 2 M random numbers are needed, then the image is changed to M×(2 + N). Random numbers can be produced by any random generators, and that is unpredictable for each encryption round.

  2. Step 2

    Row separation

    Separate every row in the image and transfer the image row by row into 1D matrices.

  3. Step 3

    Forward row mapping (FRM)

    FRM process is used to change the pixel values in every 1D matrix. It is defined by the following equations:

    $$ {c}_{i,j}=\left\{\begin{array}{l}{p}_{i,j},j=1\\ {}{c}_{i,j-1}\oplus {p}_{i,j}\oplus s\left(i,j\right),N+1\ge j\ge 2\\ {}{p}_{i,j},j=N+2\end{array}\right. $$
    (12)
    $$ s\left(i,j\right)=\mathrm{T}\mathrm{S}\mathrm{S}\left(r,s\left(i,j-1\right)\right) $$
    (13)

    Where p i,j denotes jth pixel of the ith row of the plain image, c i,j is the jth pixel of the ith row of the cipher image, and s(i, j) is the chaotic sequences produced by TSS, i = 1, 2, …, M; j = 1, 2, …, N + 2, the parameter r r0 and the initial value s r0 can be gotten by the following equations,

    $$ {r}_{r0}= \mod \left(\left({k}_{25}\oplus {k}_{26}+{k}_{27}+ sum\right)/{2}^8,1\right)/5+3 $$
    (14)
    $$ {s}_{r0}= \mod \left(\left({k}_{19}\oplus {k}_{21}+{k}_{23}+ sum\right)/{2}^8,1\right) $$
    (15)
  4. Step 4

    Reverse row mapping (RRM)

    In order to increase the encryption effect, RRM process is taken. RRM is illustrated as the following equations:

    $$ {c}_{i,j}^{\prime }=\left\{\begin{array}{l}{c}_{i,j},j=N+2\\ {}{c}_{i,j+1}^{\prime}\oplus {c}_{i,j}\oplus s\left(i,j\right),N+1\ge j\ge 2\\ {}{c}_{i,j},j=1\end{array}\right. $$
    (16)

    Where c i,j denotes the jth pixel of the ith row of the cipher image after FRM, c i,j is the jth pixel of the ith row of the cipher image after RRM, and s(i, j) is the same chaotic sequences produced by TSS as that of FRM process, i = 1, 2, …, M, j = 1, 2, …, N + 2.

  5. Step 5

    Row combination

    After all the pixel values have been changed, the first and last pixel in each row is removed, and then we combine all 1D matrices back into a 2D image. The RD process is finished.

3.2.2 Column diffusion (CD)

The steps of column diffusion (CD) are as follows:

  1. Step 1

    Insert two random numbers at the beginning and end of every column in the confused image, respectively, 2 N random numbers are needed, then the image is changed to (M + 2) × N. Afterwards, separate every column in the image and transfer the image column by column into 1D matrices.

  2. Step 2

    Downward column mapping (DCM) process and reverse column mapping (RCM) process are successively operated as the following equations, respectively,

    $$ {c}_{i,j}=\left\{\begin{array}{l}{p}_{i,j},i=1\\ {}{c}_{i-1,j}\oplus {p}_{i,j}\oplus s\left(i,j\right),m+1\ge i\ge 2\\ {}{p}_{i,j},i=m+2\end{array}\right. $$
    (17)
    $$ {c}_{i,j}^{\prime }=\left\{\begin{array}{l}{c}_{i,j},i=m+2\\ {}{c}_{i+1,j}^{\prime}\oplus {c}_{i,j}\oplus s\left(i,j\right),m+1\ge i\ge 2\\ {}{c}_{i,j},i=1\end{array}\right. $$
    (18)
    $$ s\left(i,j\right)=\mathrm{T}\mathrm{S}\mathrm{S}\left(r,s\left(i-1,j\right)\right) $$
    (19)

    Where p i,j denotes the ith pixel of the jth column of the plain image, c i,j is the ith pixel of the jth column of the cipher image after DCM, c i,j is the ith pixel of the jth column of the cipher image after RCM, and s(i, j) is the chaotic sequences produced by TSS, i = 1, 2, …, M + 2; j = 1, 2, …, N, the parameter r l0 and the initial value s l0 can be attained by the following equations,

    $$ {r}_{l0}= \mod \left(\left({k}_{28}\oplus {k}_{29}+{k}_{30}+ sum\right)/{2}^8,1\right)/5+3 $$
    (20)
    $$ {s}_{l0}= \mod \left(\left({k}_{25}\oplus {k}_{27}+{k}_{29}+ sum\right)/{2}^8,1\right) $$
    (21)
  3. Step 3

    After changing the entire pixel values, remove the first and last pixel in each column, and combine all 1D matrices back into a 2D image. The CD process is ended.

4 Simulation results

We use Matlab 2014a to run the encryption and decryption process in computer with 3 GHz CPU, 4 GB memory and Windows 7 operating system. We choose the Lena.bmp (512 × 512) as the plain image. The key is set as: SHA256(‘Lena.bmp’) = 2D74A6D08182A5B41E4ADD30C9A6CEEF4AE5822D7462224996D71877E8314F1A, The rounds of Brownian motion R = 100, the step length of the movement in every bit plane is 2, the rounds of confusion k1 = 1, the rounds of diffusion k2 = 4, the rounds of the complete encryption process k3 = 1. Figure 5 illustrates the encryption and decryption results. Figure 5a is the plain image, Fig. 5b is the cipher image and Fig. 5c is the decryption image.

Fig. 5
figure 5

Encryption result

Full size image

5 Security analyses

5.1 Key analysis

5.1.1 Key space analysis

It is generally known that a good encryption scheme should have big key space and be sensitive to the key. In this algorithm, 256-bit key stream based on the plain image is designed, and all initial conditions, parameters are produced by the secret key. Besides, the step length of the movement in every bit plane, the rounds of Brownian motion R, confusion k1, diffusion k2 and complete encryption process k3 are all keys. Suppose the precision of a floating-point number is 10−10, then our cryptosystem key space is larger than 2256, sufficiently larger than 2128 [5]. Therefore, a sufficiently large key space makes the brute force attack infeasible and is ensured for practical applications.

5.1.2 Key sensitivity analysis

A test image ‘Baboon (512 × 512)’ is encrypted, and its 256-bit key stream key1 is ‘31ED9B78FA294E49148EB892E0801C4E85F5183B8B929D0E971C6ACD5331CB66’. Two slightly changed keys are: key2 = ‘32ED9B78FA294E49148EB892E0801C4E85F5183B8B929D0E971C6ACD5331CB66’ and key3 = ‘32ED9B78FA294E49148EB892E0801C4E85F5183B8B929D0E971C6ACD5331CB6F’. We use the slightly changed keys to encrypt the plain image, and the results are shown in Fig. 6. Otherwise, the changed keys and the correct key are used to decrypt the cipher image, respectively. The results can be seen in Fig. 7. It is clear that the encrypted image using a slight different key is completely different and the decryption process using a different key completely fails to obtain the plain image.

Fig. 6
figure 6

Key sensitivity at encryption process

Full size image
Fig. 7
figure 7

Key sensitivity at decryption process

Full size image

5.2 Statistical analysis

In order to prove the security of our algorithm resisting statistical analysis, some tests are analyzed.

5.2.1 Histogram

An image histogram illustrates that how pixels in an image are distributed by plotting all the pixels intensity level. ‘Lena (512 × 512)’ is used as the plain image, the encryption and decryption results are shown in Fig. 5, and the histogram analysis is shown in Fig. 8. It is shown that the histogram of the cipher image is uniformly distributed in contrast to that of the plain image and the histogram of the decryption image is similar to that of the plain image.

Fig. 8
figure 8

Histogram of plain image, cipher image and decryption image

Full size image

5.2.2 Correlation of two adjacent pixels

Five thousand pairs of adjacent pixels from the plain image and cipher image are selected randomly to compute the correlation coefficients. The formulas of correlation coefficients are given as:

$$ {r}_{x,y}=\frac{E\left(\left(x-E(x)\right)\left(y-E(y)\right)\right)}{\sqrt{D(x)D(y)}} $$
(22)
$$ E(x)=\frac{1}{N}{\displaystyle \sum_{i=1}^N{x}_i} $$
(23)
$$ D(x)=\frac{1}{N}{\displaystyle \sum_{i=1}^N{\left({x}_i-E(x)\right)}^2} $$
(24)

Where E(x) and D(x) are the expectation and variance of variable x, respectively. Table 1 lists the results of the correction coefficients. Moreover, the correlation of 5000 pairs of adjacent pixels from the plain image and cipher image of ‘Lena (512 × 512)’ are shown in Fig. 9. From Table 1 and Fig. 9, we can see that there are no detectable correlation existing between the plain image and the cipher images.

Table 1 Correlation coefficients of two adjacent pixels in the plain and cipher images
Full size table
Fig. 9
figure 9

Correlations of two adjacent pixels, a horizontal direction in plain image, b vertical direction in plain image, c diagonal direction in plain image, d horizontal direction in cipher image, e vertical direction in cipher image, f diagonal direction in cipher image

Full size image

5.3 Resisting differential attack analysis

In differential attack analysis, two performance indices are usually used to investigate the influence of a 1bit change in the plain image to the corresponding cipher image. They are number of pixels change rate (NPCR) and unified average changing intensity (UACI). NPCR is the number of pixels change rate while one pixel of plain image is changed. The closer NPCR reaches 100 %, the more sensitive the cryptosystem is to the changing of the plain image. UACI is the average intensity of differences between the plain image and cipher image. The bigger UACI is, the more effective is the encryption scheme in resisting differential attack. We calculate the values of NPCR and UACI according to the following formula:

$$ \mathrm{NPCR}=\frac{{\displaystyle \sum_{i,j}D\left(i,j\right)}\ }{W\times H}\kern0.5em \times 100\% $$
(25)
$$ \mathrm{UACI}=\frac{1}{W\times H}\ \left[{\displaystyle \sum_{i,j}\frac{\left|{C}_1\left(i,j\right)-{C}_2\left(i,j\right)\right|}{255}}\right] \times 100\% $$
(26)

Where D(i, j) is defined as

$$ D\left(i,j\right)=\left\{\begin{array}{l}1,{C}_1\left(i,j\right)\ne {C}_2\left(i,j\right)\\ {}0, otherwise\end{array}\right. $$
(27)

Where, W and H denotes the width and height of the image respectively, and C 1and C 2 represent the cipher images before one pixel of the plain image is changed.

In the experiment, a pixel of the plain image is randomly changed, and we can have a new plain image. The new plain image and original plain image are chosen to calculate the NPCR and UACI. For every test image, 500 new plain images are gotten, 500 cipher images appear after encryption, the average value, the minimum and the maximum value of NPCR and UACI are calculated through comparing the new cipher image and the old cipher image. The results are illustrated in Table 2. We can see that our algorithm has good properties in resisting differential attacks. In order to compare with other algorithms, the average NPCR and UACI values of each image encrypted by different algorithms are shown in Tables 3 and 4. It can be seen that our method has the same excellent performance as the methods in Refs. [4, 20, 24] and is better than Ref. [9]. Moreover, the two quantitative metrics are used to quantify the key sensitivity, and the results are shown in Table 5. From these results, it can be found that the proposed encryption scheme is highly sensitive to the secret keys.

Table 2 NPCRs and UACIs between different ciphers while plain images only have one different pixel
Full size table
Table 3 NPCR comparison between different algorithms
Full size table
Table 4 UACI comparison between different algorithms
Full size table
Table 5 Quantified key sensitivity
Full size table

5.4 Information entropy

We use H(m) to represent the information entropy of an information source m, and it can be calculated as

$$ H(m)={\displaystyle \sum_{i=0}^{2^n-1}p\left({m}_i\right) \log \frac{1}{p\left({m}_i\right)}} $$
(28)

Where p(m i ) denotes the probability of symbol m i and the entropy is expressed in bits. For a random image with 256 grey levels, the entropy should ideally be 8. Actually, given that a practical information source seldom generates random messages, then its information entropy value is smaller than 8. The value obtained is very close to 8, and this means information leakage in the encryption process is negligible and the encryption system is secure against entropy attack. The information entropy results are shown in Table 6. By the comparison with Ref. [7, 9, 18, 19], it can be seen that the information entropy of our algorithm are closer to eight, so our scheme is very secure, stable and efficient.

Table 6 Information entropies of the plain and cipher images
Full size table

5.5 Computational speed analysis

The encryption speed is an important parameter to evaluate an encryption method. The tests are implemented in Matlab on a personal computer with 3 GHz Intel(R) Core2Duo CPU, 4 GB RAM, the operating system is Windows 7. The speeds of the proposed algorithm and other algorithms are shown in Table 7. From Table 7, we can see that the speed of our algorithm is quicker. Besides, in the proposed encryption method, the computational cost of each round encryption depends on the permutation and diffusion operations. In the permutation process, the plain image is decomposed into 8 bitplanes, then the confusion of 8 bitplanes based on Brownian motion can be implemented in parallel, and this can save much time. Moreover, in the diffusion process, in the detailed steps of row diffusion (RD) and column diffusion (CD), every row or every column can be mapped in parallel. And so our encryption scheme can run fast.

Table 7 Encryption speed comparison
Full size table

6 Conclusions

In the paper, a new image encryption algorithm based on bit level Brownian motion and chaotic systems is proposed and the security of the algorithm is analyzed. SHA256 hash function is used to produce 256 bit key stream, the initial values and system parameters of the new 1D chaotic systems for the confusion and diffusion are generated, they are related to the plain image and so the scheme can resist the known plaintext and chosen plaintext attack. Moreover, the plain image is decomposed into 8 bitplanes, the pixel position is scrambled based on Brownian motion in every plane, the bitplanes are combined to get the confused image, the positions and values of all pixels are changed simultaneously in confusion process, and then our algorithm has high security. In addition, two directional diffusions consisting of row diffusion (RD) and column diffusion (CD) are introduced, the change of any pixel may have impact on all pixels, and then our method has higher security. Besides, many security analysis experiments are carried out, including key space analysis, key sensitivity analysis, histogram analysis, correlation analysis, resisting differential attack analysis, information entropy and speed analysis. The results show that the proposed image encryption scheme is secure and has important practical application in secure communication.