1 Introduction

Image encryption is an unavoidable part of the image processing and information security. Image encryption is used to ensure the security of image data [33]. Common cryptographic methods such as advanced encryption standard (AES) and data encryption standard (DES) are used in image encryption, but these traditional image encryption algorithms are less efficient in image encryption, especially when a large number of images are to be encrypted and image data must be sent in real time [69, 70]. Furthermore, since the image data volume is large and the data correlation among adjacent pixels and data redundancy is high [41], researchers have been encouraged to develop new methods for image encryption [4, 16] based on well-known theories and purposes.

As another secure communication mechanism, steganography has proven to be one of the practical ways of securing data [3]. In steganography, the main message is hidden in a cover media. In other words, steganography is a technical art on how to hide messages into other media as the steganographic cover or container [13, 30].

Existing steganography methods can successfully embed secret information into the carrier media (steganographic cover) without introducing distortion into the appearance of the carrier media [30]. Steganographic cover contains secret images in which can only be extracted by the recipient [13]. Digital pictures, videos, text documents and other digital files can be used as a container or carrier as long as they contain some redundant data [22].

The difference between cryptography and steganography is that in cryptography the goal is to hide the contents of the message, but in steganography the goal is to hide any sign of the message. In cases where the exchange of encrypted information is difficult, the existence of connection must be hidden. Cryptography and steganography can be used separately or simultaneously for data security. For higher security, one message can be encrypted first and then hidden inside another message, which will increase processing overhead and memory space.

The requirements for steganographic systems are summarized in 5 groups as follows [22]:

  1. 1-

    Message requirements (Maximum message size, Message modification, Multiple message);

  2. 2-

    Container requirements (Type of container, Supported file formats, Container selection type);

  3. 3-

    Stegocontainer requirements (Imperceptibility, Fidelity, Stegocontainer size, Embedding efficiency, False positive rate, Extraction method);

  4. 4-

    Algorithm requirements (Capacity, Speed, Embedding domain);

  5. 5-

    Security requirements (Resistance against steganalysis, Robustness, Resistance against attacks, Type of secret keys).

In Ref. [12] a hybrid grasshopper optimizer has been proposed to reduce the size of the feature set in the steganalysis process. This paper results from the stagnancy of local minima and slow convergence rate by the grasshopper algorithm in optimization problems. Therefore, the grasshopper optimization performance is improved with chaotic maps to make it chaotic grasshopper optimization. Then, the chaotic grasshopper optimization is combined with adaptive particle swarm optimization to make it chaotic particle-swarm grasshopper optimization algorithm. Next, authors use the proposed optimizer with entropy to find the best feature subset of the original subtractive pixel adjacency model and spatial rich model feature set.

Although, the encryption systems consist of a pair of linear (permutation) and nonlinear (diffusion) conversion, have effective security levels; high computation cost limits the performance of whole encryption system [55].

Introducing chaos in the field of cryptography helps to design better and more efficient encryption methods [58]. Chaos-based cryptosystems are suitable for image encryption owing to the inherent properties of chaotic systems. Unpredictability, ergodicity, and initial value sensitivity are significant properties of chaotic systems [1, 73]. Common chaotic maps such as Lorenz, Sine, Tent, and Logistic maps have simple structures and are easy to be implemented [32], but they have the defects of limited chaotic ranges [7] and vulnerability [5, 54].

To withstand possible attacks, a high-security nonlinear optical cryptography with phase-truncated Fourier transform (PTFT) was used in [48], in which phase and amplitude truncation operations are used to overcome the weakness of linearity in double random phase encoding (DRPE).

Ref. [68] proposed a new chaotic and hash-based image encryption algorithm (SHA-256), which uses confusion and diffusion methods to encrypt images. In [8] authors introduced a new image encryption algorithm based on pixel position displacement and random key flow. In [56], an image encryption algorithm combining DNA sequencing with chaotic mapping is proposed. Also, the proposed scheme employed an image processing algorithm based on discrete wavelet transform and multiple chaos. In [75] Arnold deformation is used to encrypt highly secure images.

The nonlinear multi-image encryption has attracted a lot of attention due to its higher encryption efficiency. Based on the phase truncation in the Fourier range, a multi-image encoding method has been proposed to eliminate linearity and obtain a white noise-like image in [72]. Based on the classical confusion and diffusion structure, an image encryption algorithm based on two-dimensional logic-sine pair mapping is proposed in [57]. In [76], a bit-level image encryption algorithm is constructed using a piecewise linear chaotic map.

To suppress the the dynamic degradation of digital chaos, a new model was introduced in [62]. In this model, the difference between two chaotic maps of the same type but with different initial values are employed, and the state feedback function is used to improve the performance of the digital chaotic map. Furthermore, a new key selection method, in what part of information of the image would be selected by using a chaotic map to generate a special value. In Ref. [17], a cryptosystem was presented based on a novel chaotic map and compressive sensing. In this paper, the sparse coefficient matrix is acquired by discrete wavelet transform of the original image, and the SHA-512 hash value of the original image are regarded as the initial values of two novel one dimensional chaotic maps.

An image cryptography method based on lifting wavelet transform, Latin square and wide range Beta chaotic map, was introduced in [43]. The proposed method is composed of different procedures. After the creation of the Latin square S-box, the wide range Beta map is used to generate the random key. The obtained key is applied in the encryption stage. In Ref. [44] three main contributions were proposed. An image encryption framework, a new chaotic map and a pseudorandom bit generator, and as the third contribution, a novel image encryption system was introduced based on the proposed map and the proposed pseudorandom bit generator. The proposed new chaotic map is designed which will be known as the ‘RCM map’ and its chaotic property is studied based on Devaney’s theory. A scrambling algorithm was also proposed to further enhance the security of the overall system.

Ref [6], introduces a new algorithm for colour image encryption. The scheme is based on a new 3-dimensional discrete time chaos system which performs the diffusion and confusion processes. The novelty of the proposed work is the new 3-D map defined by five nonlinear terms and three control parameters to ensure better chaotic properties. Moreover, the proposed new map is used to perform 3-stage encryption algorithm which achieves better performance while preserving the traditional confusion-diffusion structure. An image encryption scheme based on a 2-dimensional chaotic Henon map has been proposed in Ref. [42]. The confusion phase is implemented by several iterations using chaotic map approach. In the subsequent stage, Edge Maps generated by edge detection filters and binary bit plane decomposition is applied to perform further confusion using a bit-xor operation to get a cipher image.

In [2], an image encryption scheme based on chaotic maps and algebraic structure has been introduced. The proposed cryptosystem is based on Lorenz chaotic system and primitive irreducible polynomial substitution box. For first step, 16 different S-boxes based on projective general linear group and 16 primitive irreducible polynomials of Galois field of order 256 has been proposed. For second step, S-boxes are utilized with combination of chaotic map in image encryption scheme. In Ref. [39], an image encryption scheme is proposed based on two dimension improved Logistic coupling map. In order to confirm the application of the proposed scheme to image encryptions, authors proposed a new image encryption algorithm which is simple in structure and combines bit level permutation, and pixel level diffusion and confirm the performance through experiments.

An image segmentation encryption scheme based on hyper chaotic system has been proposed in [15]. The authors decompose the scrambled sequence into three sequences of different lengths. Then, the initial values of the chaotic system are updated by these three sequences and using the updated initial value iterates the chaotic system and generates the key sequence. Authors in Ref. [35] proposed a new Sine powered chaotic maps generator. The proposed system uses one-dimensional chaotic maps as seed maps to produce new chaotic maps and also, a novel block-based image encryption scheme is proposed. The proposed scheme pre-processes the original image using pixels addition and blocks generation. Using the generated chaotic sequences, the columns and pixels between the generated blocks are shuffled and execute bit-level values manipulation.

An image cryptosystem based on two-dimensional hyperchaotic map, with two positive Lyapunov exponents and a phase distribution region has been proposed in [46]. Furthermore, authors introduced a novel randomized hyperchaotic image encryption algorithm based on the proposed two-dimensional hyperchaotic map. The proposed scheme is implemented in such a way that first adds randomization to the plain image, and uses the SHA-256 value of the randomized image with the key for extracting required parameters.

In Ref. [34], a heterogeneous chaotic generator has been proposed. The implementation of this scheme is done by using neural network. The heterogeneity of the generator is obtained by alternating two different chaotic maps; Logistic and piece-wise Linear chaotic map, in the neural network layers. In the paper, authors also proposed a new encryption algorithm using chaotic generator as input for its cryptographic operations including: pixel position permutation, DNA based substitution and DNA based bit permutation which was also introduced in this paper to enhance the statistical properties of the encrypted images. A novel image encryption algorithm based on the Once Forward Long Short Term Memory Structure (OF-LSTMS) and the Two-Dimensional Coupled Map Lattice (2DCML) fractional order chaotic system has been proposed in [23]. In this scheme, the original image is divided into several image blocks. According to the chaotic sequences generated by the 2DCML fractional-order chaotic system, the parameters of the input gate, output gate and memory unit of the OF-LSTMS are initialized, and the pixel positions are changed at the same time of changing the pixel values, achieving the synchronization of permutation and diffusion operations, which greatly improves the efficiency of image encryption and reduces the time consumption.

The most important limitations of reviewed papers are the processing time for encryption and decryption in high-dimensional chaotic maps, the complexity of implementation, and the vulnerability of one-dimensional chaotic maps to variety of attacks.

High Dimension (HD) maps have more complex structures and better chaotic behaviors. This makes their chaotic orbits more unpredictable [20]. However, HD chaotic maps have the drawback of high computation cost and implementation difficulty [27]. Therefore, it is necessary to design a new chaotic system to overcome mentioned problems. Since chaotic encryption algorithms have the advantages of high speed and low cost, the development and analysis of these image encryption schemes has become popular in the field of classical computing [38]. To ensure the security of image data in the process of sending and storing, some encryption algorithms based on chaos theory are proposed and applied to image encryption [64]. In this paper, an image encryption scheme based on a new hybrid chaotic system is presented. This system consists of modified Lorenz map to confusion process, and diffusion process is implemented by nonlinear combinations of three Logistic map, Tent map, and Sine map, XOR, and exchange operations. The performance analysis is performed on key spaces, key sensitivity, the capability of resisting statistical attacks, noise and cropping attacks, differential attacks and quality evaluation metrics of decrypted image. The goal of proposed method is to improve cryptography evaluating parameters.

The structure of this paper is organized as follows: Section 2 presents the basic definitions of four common chaotic maps. The proposed method is discussed in section 3. Section 4 exhibits the effectiveness of the proposed technique, security analysis, and extensive performance evaluation of the proposed cipher algorithm are analyzed in detail within this section. Section 5 presents speed analysis and finally conclusion is given in section 6.

2 Preliminaries

This section summarizes the four maps used in this article namely Lorenz map, Sine map, Tent map and Logistic map.

2.1 Lorenz chaotic map

Equation (1) shows the mapping equation of the Lorenz two-dimensional discrete chaotic system. When the parameters iϵ [0.9, 1] and jϵ [0.9, 1], the mapping is in the chaotic range [51]. For image encryption, when we use a Lorenz two-dimensional discrete chaotic system, parameters can be selected in this parameter range, which is difficult to break [51].

$$ \left\{\begin{array}{*{20}c}{\mathrm{a}}_{\mathrm{n}+1}=\left[\left(1+\mathrm{ij}\right){\mathrm{a}}_{\mathrm{n}}-\mathrm{j}{\mathrm{a}}_{\mathrm{n}}{\mathrm{b}}_{\mathrm{n}}\right]\\ {}{\mathrm{b}}_{\mathrm{n}+1}=\left[\left(1-\mathrm{j}\right){\mathrm{a}}_{\mathrm{n}}+\mathrm{j}{\left({\mathrm{a}}_{\mathrm{n}}\right)}^2\right]\end{array}\right. $$
(1)

In this paper we use modified Lorenz map to confuse the pixel coordinates according to Eq. (2), and this equation is employed to convert plain image coordinates to new coordinates.

$$ \left\{\begin{array}{*{20}c}{\mathrm{x}}_{\mathrm{n}+1}=\mathrm{floor}\left(\operatorname{mod}\left(|\left[\left(1+\mathrm{ij}\right){\mathrm{x}}_{\mathrm{n}}-\mathrm{j}{\mathrm{x}}_{\mathrm{n}}{\mathrm{y}}_{\mathrm{n}}\right]\times {10}^{14}|,\mathrm{Q}\right)\right)\\ {}{\mathrm{y}}_{\mathrm{n}+1}=\mathrm{floor}\left(\operatorname{mod}\left(|\left[\left(1-\mathrm{j}\right){\mathrm{x}}_{\mathrm{n}}+\mathrm{j}{\left({\mathrm{x}}_{\mathrm{n}}\right)}^2\right]\times {10}^{14}|,\mathrm{Q}\right)\right)\end{array}\right. $$
(2)

(xn, yn) is the location of pixels in the Q × Q plain image matrix, so that (xn, yn), (xn + 1, yn + 1)ϵ{0,1,2,…, Q-1}, and (xn + 1, yn + 1) is the transformed position after applying Lorenz map. Also, mod Q and floor operations are used to bring x, y in unit Q × Q matrix. This chaotic map is employed to confuse the pixel locations, which i, j are two secret keys.

2.2 Sine map

Sine map is one of the most widely used one-dimensional chaotic map and has a simple dynamic structure, but it can create complex and chaotic sequences with amplitudes [0, 1]. The definition of Sine map is:

$$ {\mathrm{x}}_{\mathrm{n}+1}=\mathrm{S}\left(\mathrm{x}\right)={\mathrm{u}}_{\mathrm{s}}\sin \left(\uppi {\mathrm{x}}_{\mathrm{n}}\right) $$
(3)

Where us is a parameter and according to the bifurcation diagram [28, 40], us ϵ [0.87, 1] and s0 is the initial value for xn, (x0 = s0).

2.3 Tent map

Tent mapping is a one-dimensional chaotic map that is used in many applications [28, 40]. The diagram of this map is similar to a tent, which is why it is known by this name. The definition of a tent map is as follows:

$$ {\mathrm{x}}_{\mathrm{n}+1}=\mathrm{T}\left(\mathrm{x}\right)=\left\{\begin{array}{*{20}c}2{\mathrm{u}}_{\mathrm{t}}{\mathrm{x}}_{\mathrm{n}}\kern5.5em {\mathrm{x}}_{\mathrm{n}}<0.5\\ {}2{\mathrm{u}}_{\mathrm{t}}\left(1-{\mathrm{x}}_{\mathrm{n}}\right)\kern2.75em {\mathrm{x}}_{\mathrm{n}}\ge 0.5\end{array}\right. $$
(4)

Where ut is a parameter and according to the bifurcation diagram utϵ [0.5, 1] and t0 is the initial value for xn, (x0 = t0) [17, 62].

2.4 Logistic map

Logistic map is obtained using sine map, so it has some similar properties [28, 40]. In order for this mapping to be in the range [0, 1], the Logistic map is mathematically defined as follows

$$ {\mathrm{x}}_{\mathrm{n}+1}=\mathrm{L}\left(\mathrm{x}\right)=4{\mathrm{u}}_{\mathrm{l}}\ {\mathrm{x}}_{\mathrm{n}}\left(1-{\mathrm{x}}_{\mathrm{n}}\right) $$
(5)

Where ul is a parameter and according to the bifurcation diagram ulϵ [0.9, 1] and l0 is initial value for xn, (x0 = l0) [17, 62].

3 The proposed scheme

The proposed scheme is shown in Fig. 1. This method is designed for gray scale images of different sizes, but can also be used for color images and consists of two fundamental steps: chaotic confusion and diffusion. The confusion step is implemented to change the coordinates of the pixels, using the modified Lorentz mapping according to Eq. (2).

Fig. 1
figure 1

Proposed scheme based on plain image correlation rate and using chaotic maps, XOR and exchange operations

Full size image

Diffusion phase is ruled by means of plain image matrix expansion, XOR, and exchange operations, aiming to elevate the sensitivity to plain image and accelerate the diffusion mechanism of the whole cipher algorithm. The original image, which is the input image of the proposed cryptographic system, is called the plain image. In this paper, 2000 pixels of the plain image are randomly selected and the average absolute value of the correlation coefficients of horizontally, vertically and diagonally adjacent pixels with randomly selected pixels, is calculated using relationships (9) to (11), and thus the correlation rate of the plain image is calculated (r). We know that the absolute value of r is an integer number between 0 and 1, if r was between 0 and 0.8, then a Logistic chaotic mapping is selected to develop the input image matrix with larger size. If r was between 0.8 and 1, then Tent’s chaotic mapping is chosen to develop the original image matrix. The detailed description of the encryption algorithm is given in 6 steps as follows:

  1. Step 1:

    Let I be M × N gray scale plain image. In this step, the average absolute value of correlation coefficient (r) for 2000 randomly horizontaly, verticaly, and diagonal adjacent pairs of pixels in plain image is calculated. If 0 ≤ r ≤ 0.8 let u = 1 and if 0.8 < r ≤ 1 let u = 2.

  2. Step 2:

    Suppose the maximum value of M, N is equal to Q, we expand original image I from M × N to square Q × Q matrix (Fig. 2b). If the original image is N × N according to the Fig. 2a, N + u number of rows and columns is added for expanding original matrix from N × N to Q × Q, (u obtained from step 1).

Fig. 2
figure 2

a Extended matrix AQ × Q for N × N plain image. b Extended matrix AQ × Q for M × N plain image (M > N)

Full size image
  1. Step 3:

    According to the features of bifurcation diagram of Logistic and Tent map, if u = 1 Logistic map is selected, and if u = 2, Tent map is selected to generate chaotic sequences. The generated sequences by using Eqs. (4) and (5), are replaced by the empty components of the expanded matrix after being placed in the [0, 255] range from left to right, and up to down (Matrix AQ × Q is generated). Chaotic sequences generated in the [0, 1] interval (Yi), are converted to integer sequences (Pi) in the [0, 255] interval by using Eq. (6).

$$ {\mathrm{P}}_{\mathrm{i}}=\left[\left({10}^{\mathrm{v}}\times {\mathrm{Y}}_{\mathrm{i}}\ \right)\right] \operatorname {mod}\ 256. $$
(6)

The developed matrix AQ × Q contains the original image data and the data from the chaotic sequence, v is the number of floating point of generated chaotic sequences and Yi are chaotic components with a range of [0, 1], and i ϵ {1, 2, 3, ..., number of added components ([(u×Q) + u × (Q-u)] or [Q×(M-N)]}.

  1. Step 4:

    Modified Lorenz map (Eq. (2)) is applied k times on the coordinates of AQ × Q for scrambling the location of pixels by means of confusion. This generates matrix BQ × Q, and k is one of the other secret keys.

  2. Step 5:

    Bitwise XOR applies on scrambled BQ × Q matrix and binary Q × Q matrix (CQ × Q) generated by sine map with a range of [0, 255] by using Eqs. (3), (6). This step generates DQ × Q, and is calculated according to Eq. (7).

$$ {\mathrm{D}}_{\mathrm{Q}\times \mathrm{Q}}={\mathrm{B}}_{\mathrm{Q}\times \mathrm{Q}}\oplus {\mathrm{C}}_{\mathrm{Q}\times \mathrm{Q}}. $$
(7)
  1. Step 6:

    Matrix DQ × Q is changed to matrix EQ × Q by exchanging the values of u and u + 1 positions in every 8 bit binary numbers, the value of u is obtained from step 1. EQ × Q is the final encrypted image.

The decryption procedure is the same as that of the encryption one described above, unless it must be performed in the reverse order.

To clearance the workflow of data in Fig. 1, we summarize the proposed scheme as follows:

In Fig. 1, random pixels of the plain image with size M × N are selected and the absolute value of the average correlation coefficient between these random pixels and their adjacent pixels, is calculated. In this paper, we place the original M × N matrix completely inside a larger square matrix with larger dimensions Q × Q (AQ × Q) and fill the empty components with Logistic or Tent chaotic sequences as shown in Fig. 2. We define new variable u, and according to the step 1, if u = 1, in this case the sequences generated by Logistic map are used to fill the empty components of the developed matrix AQ × Q. And if u = 2, in this case the sequences generated by Tent’s chaotic map are filled in empty components od developed matrix after normalization by Eq. (6) and using the initial values. These initial values are secret keys. After forming the matrix AQ × Q, the coordinates of this matrix are disturbed by modified Lorenz’s two-dimensional map. Now we form another new matrix with dimensions Q × Q called CQ × Q and its components are filled with sequences generated by chaotic Sine map according to the initial values ​​which are the secret keys. Then the bitwise XOR operation is applied between the disrupted AQ × Q and CQ × Q and the DQ × Q matrix is ​​obtained. Finally, in all pixels of the DQ × Q matrix, the contents of the bits u and u + 1 are swapped together to obtain the final matrix EQ × Q, which contains the encrypted image.

4 Security analysis

4.1 Histogram analysis

Histogram is an important tool for analyzing the original image and the encrypted image. The image histogram shows how the grayscale level of image pixels are distributed [9, 18]. One of the main goals of the image encryption method is to turn the non-uniform histogram of the original image into a uniform histogram after encryption. The horizontal axis of the image histogram represents the gray levels from 0 to 255 and the vertical axis represents the number of pixels with a specified gray level. Here are some standard gray scale images in Figs. 3, 4 and 5 as examples. The results show that the histogram of the encrypted images just in one round, has a uniform distribution compared to the original images which are unevenly distributed. These results show that the proposed algorithm has a good performance in breaking the correlation of image pixels and achieving a satisfactory image encoding performance. As shown in the histograms of the original image and the encrypted image, it is clear that the proposed method can withstand statistical attack [21, 22].

Fig. 3
figure 3

a is “256×256 Camera man” plain image, b is plain image histogram, c is encrypted image in 1 round, d is encrypted image uniform histogram. e is decrypted image, f is decryped image histogram

Full size image
Fig. 4
figure 4

a is standard “256 × 256 Lena” plain image, b is plain image histogram, c is encrypted image in 1 round, d is encrypted image uniform histogram. e is decrypted image, f is decryped image histogram

Full size image
Fig. 5
figure 5

a is “256 × 256 Female” plain image, b is plain image histogram, c is decrypted image, and d is encrypted image histogram with uniform histogram

Full size image

4.2 Information entropy analysis

The histogram uniformity and the randomness of the gray scale of the encrypted image can be measured by the entropy of the information [2, 21, 47, 74]. When the probability function follows a uniform probability distribution, the information entropy for an image with a 256 level gray is 8. The XOR operation can randomly change the pixel values ​​and then evenly distribute the pixel distribution of the highly encoded image. The data of a two-dimensional gray scale image M × N can be placed in an M × N matrix, so that the value of each component is an 8-bit number that is a decimal number between 0 and 255. The number 0 indicates black and the number 255 indicates white, and the rest of the gray levels are between 1 and 254. In general, each pixel in an image is adjacent to the other 8 pixels horizontally, vertically and diagonally. For example, if there is a large, completely white area in an image, then the adjacent pixels in this area all have a value of 255, and therefore there is a high correlation between adjacent pixels in this area and according to relationships (9) to (11), the correlation coefficient in this area is 1. In this case, if an attacker accesses the value of a pixel, he can easily guess the values ​​of adjacent pixels. In contrast, if in an image the adjacent pixels have completely different levels of gray, then the average correlation coefficient in this image is low and its value is close to 0. Therefore, one of the important goals in designing an effective cryptographic system is to have a low and close to zero correlation between adjacent pixels in the encrypted image to reduce the likelihood of an attacker guessing the values of adjacent pixels. In this case, the entropy of the information will be close to 8. The data entropy of encrypted images by proposed scheme is over 7.9 which is very close to 8. The result shows that the probability of information leakage is very low and the pixel of the image encryption is highly random. Therefore, the proposed image encryption scheme can withstand statistical attack [24, 50, 52].

The plain image information entropy I is defined as Eq. (8). The ideal information entropy for an 8-bit gray scale image is 8, in which the image does not show any useful information to attackers. Equation (8) shows that the uniform distribution of the algorithm leads to a better entropy. Figures 3, 4, and 5 show that the histograms of standard encrypted images are uniform, so the proposed method has a good information entropy index.

$$ \mathrm{H}\left(\mathrm{s}\right)=\sum_{\mathrm{i}=0}^{255}\mathrm{P}\left({\mathrm{s}}_{\mathrm{i}}\right){\mathrm{Log}}_2\frac{1}{\mathrm{P}\left({\mathrm{s}}_{\mathrm{i}}\right)} $$
(8)

Where si denotes the gray-level and P(si) is the probability of the occurrence si. Shannon entropy of different statndard images encrypted by the proposed scheme, is listed in Table 1 and it shows that the Shannon entropy of the proposed encrypted images is all close to 8. Table 2 shows comparison of the entropy value between proposed scheme and some other methods. The information entropy results show that, proposed scheme is an effective method to change the values and positions of an input image, so the pixel values and positions in an image will get well-disturbed after encryption, therefore the diffusion and confusion of encrypted image is significantly enhanced.

Table 1 Information entropy test results for standard images
Full size table
Table 2 Comparison of the entropy value between proposed scheme and other methods
Full size table

4.3 Correlation analysis

One feature of plain image data is that the correlation coefficients of adjacent pixels are often high, while an efficient encryption algorithm must significantly reduce the correlation coefficients of the neighboring pixels in encrypted image. We select 2000 adjacent horizontal (vertical and diagonal) pixels in plain image and experimental cryptography to analyze their correlation coefficients according to Eq. (12). An efficient encryption algorithm should reduce the correlation between adjacent pixels in the encrypted image as much as possible to zero [11, 29, 65]. Table 3 shows the results obtained from the correlation coefficient values of the standard test images, and Table 4 illustrates the comparison of propsed scheme correlations with some recent image encryption schemes. From the results of the obtained correlation coefficient, it is obvious that high relationships between adjacent pixels of plain images (correlation coefficient close to 1) are effectively reduced in encrypted images (correlation coefficient close to 0).

$$ \mathrm{E}\left(\mathrm{x}\right)=\frac{1}{\mathrm{N}}\sum_{\mathrm{i}=1}^{\mathrm{N}}{\mathrm{x}}_{\mathrm{i}} $$
(9)
$$ \mathrm{D}\left(\mathrm{x}\right)=\frac{1}{\mathrm{N}}\sum_{\mathrm{i}=1}^{\mathrm{i}=\mathrm{N}}{\left[{\mathrm{x}}_{\mathrm{i}}-\mathrm{E}\left({\mathrm{x}}_{\mathrm{i}}\right)\right]}^2 $$
(10)
$$ \mathrm{Cov}\left(\mathrm{x},\mathrm{y}\right)=\frac{1}{\mathrm{N}}\sum_{\mathrm{i}=1}^{\mathrm{N}}\left[{\mathrm{x}}_{\mathrm{i}}-\mathrm{E}\left({\mathrm{x}}_{\mathrm{i}}\right)\right]\left[{\mathrm{y}}_{\mathrm{i}}-\mathrm{E}\left({\mathrm{y}}_{\mathrm{i}}\right)\right] $$
(11)
$$ {\mathrm{R}}_{\mathrm{xy}}=\frac{\operatorname{cov}\left(\mathrm{x},\mathrm{y}\right)}{\sqrt{\mathrm{D}\left(\mathrm{x}\right)\mathrm{D}\left(\mathrm{y}\right)}}, $$
(12)

where x and y are two adjacent pixels in the horizontal, vertical, and diagonal directions.

Table 3 Correlation test results for 256 × 256 standard images
Full size table
Table 4 Comparison of correlations with some recent image encryption schemes
Full size table

4.4 Resistance to differential attacks

The number of pixels changing rate (NPCR) and the unified average change intensity (UACI) are two common indicators for evaluating the sensitivity of image encryption algorithms. A powerful attacker may be able to find a significant relationship between the original image and the encrypted image [19, 71]. In order to ensure the effectiveness and resistance to differential attacks, the standard Lena image is encrypted by the proposed method (T1). The six modified images are then obtained by changing only the least significant bit (LSB) of randomly matched pixels in the selected location (x, y), namely Lena (x, y). These modified images are shown with Lena (15,35), Lena (60,65), Lena (110,80), Lena (145,120), Lena (180,160), Lena (230, 220). Equations (13), (14) and (15) are used to calculate the NPCR and UACI values. These values ​​are shown in Table 5.

$$ \mathrm{NPCR}=\frac{\sum_{\mathrm{i},\mathrm{j}}\mathrm{C}\left(\mathrm{i},\mathrm{j}\right)}{\mathrm{W}\times \mathrm{H}}\times 100\% $$
(13)
$$ \left\{\begin{array}{*{20}c}\mathrm{C}\left(\mathrm{i},\mathrm{j}\right)=0\kern0.5em \mathrm{if}\kern0.5em {\mathrm{T}}_1\left(\mathrm{i},\mathrm{j}\right)={\mathrm{T}}_2\left(\mathrm{i},\mathrm{j}\right)\\ {}\mathrm{C}\left(\mathrm{i},\mathrm{j}\right)=1\kern0.5em \mathrm{if}\kern0.5em {\mathrm{T}}_1\left(\mathrm{i},\mathrm{j}\right)\ne {\mathrm{T}}_2\left(\mathrm{i},\mathrm{j}\right)\end{array}\right. $$
(14)
$$ \mathrm{UACI}=\frac{1}{\mathrm{W}\times \mathrm{H}}\left[\sum_{\mathrm{i},\mathrm{j}}\frac{\mid {\mathrm{T}}_1\left(\mathrm{i},\mathrm{j}\right)-{\mathrm{T}}_2\left(\mathrm{i},\mathrm{j}\right)\mid }{255}\right]\times 100\% $$
(15)
Table 5 NPCR and UACI tests results for cipher Lena standard image
Full size table

Where T1 represents the encoded image obtained from the original plain image, while T2 represents the plain image encryption after 1 bit modification on plain image, and W × H is the image size. NPCR and UACI are calculated after a random change of one pixel in the original image. NPCR and UACI for different plain images are listed in the Tables 5 and 6. According to the Eq. (13), the ideal value for NPCR is 100%, which indicates that 100% of the pixels are different in the encypted image. For gray images, the average value for UACI is 33.33%, because if we consider on average all the components of T1 equal to 10,101,010, which is equivalent to 170 decimal, for maximum difference we expect all components of T2 to be equal to 01010101, which is equivalent to 85 decimal. Therefore, |170–85| is equal to 85, and according to Eq. (15), if we sum W × H components with the value of 85, we will finally reach (85/255) × 100 = 33.33%.

Table 6 NPCR and UACI tests results for cipher standard 256 × 256 grayscale images
Full size table

It is clear that any pixel that changes in the original image, will result in significantly different encrypted images. The results show the effective performance of the proposed encryption algorithm to differential attacks.

Table 7 shows the obtained results of experimental values for different standard cipher images attained under the application of certain existing methods including ours. These results indicates that our method is highly sensitive to plain image bit modification, therefore render differential attacks void.

Table 7 Comparison of the NPCR and UACI values between our proposed approach and the other methods
Full size table

4.5 Security key space

In order to resist against a variety of attacks, an effective encryption scheme must have a key space larger than 2100 [40]. In our scheme, the secret keys are as follows: the parameters M, N, k, r (M, N are the image size parameters for M × N image, k is Lorenz map iteration, and r is the correlation coefficient of plain image), and the initial values (us, s0), (ut, t0), (ul, l0) of Sine map, Tent map, and Logistic map respectively. Also, i and j the two parameters related to Lorenz map are other secret keys. If the length of every key is set to 14 decimals, the key space is 10168 which is more greater than 2100. Thus, the proposed algorithm can provide a high level security in key space. As a disadvantage, the number of secret keys is high and increases the key management overhead.

4.6 Key sensitivity analysis

In a good encryption scheme, if an attacker did not have the original secret key, but had a key very close to the secret key, he should not be able to decrypt the original image. The resistance of the cryptographic design to minor changes in the secret key is indicated by the sensitivity of the secret key. Key sensitivity analysis is usually used to test the ability of resisting inimical deciphering, which detects the variation of encryption results when a slight change (like 10−14) caused in the encryption keys [59, 61]. In the other words, the cryptosystem should produce completely different encrypted image when slightly different secret keys are used to encrypt the image. Also, the cryptosystem should be unable to decrypt cipher text even for the slight difference in the encryption and decryption keys. In addition, the difference between failure reconstruction images is distinct.

The key sensitivity simulation results are shown in Fig. 6. Ke1, Ke2, Ke3 are three encryption keys. The corresponding decrypted results with incorrect decryption keys Ke1 + 10−14, Ke2 + 10−14, and Ke3 + 10−14 for standard “Lena” image, are shown in Fig. 6.These results show that a tiny difference makes great changes between decrypted images. Therefore, we can conclude that proposed method has a high sensitivity to security keys in both encryption and decryption process. Additionally, only a tiny difference of 10−14 can result in significant changes in encryption/decryption results, which means the proposed algorithm has a large key space to defend the inimical deciphering.

Fig. 6
figure 6

Decryption of standard “Lena” with incorrect keys: a Ke1 + 10−14, b Ke2 + 10−14, c Ke3 + 10−14

Full size image

4.7 Cropping and noise attack

A good cryptosystem should be robust enough to resist different types of noise and cropping attacks. The analysis of cropping attack aims to check the robustness of the encryption algorithm against cutting of cipher image [25, 26]. To check the robustness of the proposed scheme, we perform some experiments on the noise attack and the data loss.

To evaluate the resistance of proposed scheme against noise attack, encryption image of standard grayscale image is attacked by a 5% ‘salt & pepper’ noise (Fig. 7). Then the corresponding decrypted image is given in Fig. 7c. To evaluate the resistance of the proposed method against cropping and data loss attacks, grayscale plain images in Figs. 8, 9, 10 and 11, encrypt by proposed algorithm, then encrypted image is attacked by a data cut of different sizes. The results show that decipher images of cropped cipher images are still recognized visually, therefore proposed scheme is robust against cropping and noise attacks.

Fig. 7
figure 7

Standard plain image (a), encrypted image in 1 round damaged by 5% Salt and Pepper noise (b), decryption of damaged cipher image (c)

Full size image
Fig. 8
figure 8

a Standard test image, b histogram of plain image, c encrypted image with 1 iteration, d \( \frac{1}{16} \) damaged of encrypted image, e decryption of damaged image, f histogram of damaged image decryption

Full size image
Fig. 9
figure 9

a Lena standard test image, b histogram of test image, c encrypted image with 1 iteration, d 25% damaged of encrypted image, e decryption of damaged image, f histogram of damaged image decryption

Full size image
Fig. 10
figure 10

a Standard test image, b histogram of plain image, c encrypted image with 1 iteration, d 50% damaged of encrypted image, e decryption of damaged image, f histogram of damaged image decryption

Full size image
Fig. 11
figure 11

a Standard test image, b histogram of plain image, c encrypted image with 10 iteration, d 50% damaged of encrypted image, e decryption of damaged image, f histogram of damaged image decryption

Full size image

4.8 The structural similarity (SSIM) index

The structural similarity (SSIM) index is a method for measuring the similarity between two images. In this research, we use SSIM index between plain image and decrypted image after cropping attack. Structural information is the idea that the pixels have strong inter-dependencies especially when they are spatially close [13]. These dependencies carry important information about the structure of the objects in the visual scene. The resultant SSIM index is a decimal value between −1 and 1, and value 1 is only reachable in the case of two identical sets of data. SSIM is defined as Eq. (16).

$$ \mathrm{SSIM}\left(\mathrm{x},\mathrm{y}\right)=\frac{\left(2{\upmu}_{\mathrm{x}}{\upmu}_{\mathrm{y}}+{\mathrm{C}}_1\right)\left(2{\upsigma}_{\mathrm{x}\mathrm{y}}+{\mathrm{C}}_2\right)}{\left({\upmu}_{\mathrm{x}}^2+{\upmu}_{\mathrm{y}}^2+{\mathrm{C}}_1\right)\left({\upsigma}_{\mathrm{x}}^2+{\upsigma}_{\mathrm{y}}^2+{\mathrm{C}}_2\right)} $$
(16)

μx is the average of x, μy is the average of y, \( {\upsigma}_{\mathrm{x}}^2 \) is the variance of x, \( {\upsigma}_{\mathrm{y}}^2 \) is the variance of y, σxyis the covariance of x and y, C1 = (k1L)2, C2 = (k2L)2, L the dynamic range of the pixel values, k1 = 0.01 and k2 = 0.03.

4.9 Peak signal to noise ratio (PSNR)

Peak signal to noise ratio is a measure of the impact of noise on original data. Higher value of PSNR is good, because it shows that the cropping attack has low effect on the decrypted image [13]. In this article we use PSNR between original plain image and decrypted image after cropping attack to evaluate the efficiency of proposed method against cropping attack. PSNR is calculated by Eq. (17).

$$ \mathrm{PSNR}=10\log 10{\left(\frac{255}{\sqrt{\mathrm{MSE}}}\right)}^2\ \left(\mathrm{db}\right) $$
(17)
$$ \mathrm{MSE}=\frac{1}{\mathrm{M}\mathrm{N}}\sum_{\mathrm{y}=1}^{\mathrm{M}}\sum_{\mathrm{x}=1}^{\mathrm{N}}{\left[\mathrm{I}\left(\mathrm{x},\mathrm{y}\right)-{\mathrm{I}}^{\prime}\left(\mathrm{x},\mathrm{y}\right)\right]}^2 $$
(18)

I is plain image and I is decrypted image after cropping attack, and MSE is Mean Square Error. If I and I′ were exactly the same, then the value of PSNR value will be infinite.

4.10 Signal to distortion ratio (SDR)

To evaluate the quality of the decrypted image after cropping attack, we use an other parameter: the Signal to Distortion Ratio (SDR) between the plain image and the decrypted image after cropping attack. Higher value of SDR is good [13], because it indicates that the cropping attack has low effect on the decrypted image. The SDR in db (decibel) is calculated as Eq. (19).

$$ \mathrm{SDR}=10{\log}_{10}\frac{\sum_{\mathrm{x},\mathrm{y}}\mathrm{I}{\left(\mathrm{x},\mathrm{y}\right)}^2}{\sum_{\mathrm{x},\mathrm{y}}{\left(\mathrm{I}\left(\mathrm{x},\mathrm{y}\right)-{\mathrm{I}}^{\prime}\left(\mathrm{x},\mathrm{y}\right)\right)}^2}\kern0.75em \left(\mathrm{db}\right) $$
(19)

I is plain image, and I is decrypted image after cropping attack. If I=I′, then SDR will be infinite.

Figure 8 and Table 8, demonstrate the result of histograms and evaluating parameters for different iterations and \( \frac{1}{16} \) cropping attack.

Table 8 Encryption evaluating parameters for \( \frac{1}{16} \) cropping attack and different iterations
Full size table

Figure 9 and Table 9 show the results of histograms and evaluating parameters for different iterations and 25% cropping attack.

Table 9 Encryption evaluating parameters for 25% cropping attack and different iterations
Full size table

Figures 10, 11, and Table 10 illustrate the results of histograms and evaluating parameters for different iterations and 50% cropping attack.

Table 10 Evaluating parameters for different iterations and 50% cropping attack
Full size table

Implementation results show that, higher value of cropping attacks, causes lower evaluating parameters, and in some iterations, some parameters have better values. In Table 10 it is clear that the value of PSNR in 40 th iteration is better.

Figures 12, 13, and 14 show the PSNR, SSIM, SDR, and SNR evaluating parameters for different value of cropping attacks. The horizontal axis is the number of iterations.

Fig. 12
figure 12

PSNR, SSIM, SDR, and SNR evaluating parameters for \( \frac{1}{2} \) cropping attack

Full size image
Fig. 13
figure 13

PSNR, SSIM, SDR, and SNR evaluating parameters for \( \frac{1}{4} \) cropping attack

Full size image
Fig. 14
figure 14

PSNR, SSIM, SDR, and SNR evaluating parameters for \( \frac{1}{16} \) cropping attack

Full size image

Table 11 shows the comparision of PSNR for different cropping attacks in some references and maximum values of proposed method.

Table 11 Comparision of average PSNR for different cropping attacks, in some references and proposed method
Full size table

5 Speed analysis

In order to illustrate the speed performance, simulation results are given in this section. The experiment is conducted via MATLAB R2016b in a computer with 64 bit Windows 10 operating system, Intel(R) Core(TM) i7–6700 CPU @ 3.60GHz and 8GB RAM. All 26 images in the USC SIPI image database (http://sipi.usc.edu/database), are chosen as test images.

Execution-time is also an important factor with respect to security level. The duration of the proposed cipher algorithm in 1 round is evaluated and compared with some schemes under grayscale images of different sizes.

Table 12 shows the average encryption time of various methods. This comparision shows that speed of proposed scheme is proper considering that the proposed method is based on hybrid chaotic maps that possesses more complexity chaotic structures.

Table 12 The running time performance test (ms)
Full size table

6 Conclusions

In this paper, a new image encryption method was introduced for different kind of grayscale image sizes. In the proposed method, images with different correlation coefficients are encrypted by different methods, and also the value of the correlation coefficient of the input plain image is involved in the whole encryption process. The confusion phase is governed by modified Lorenz map and the diffusion operation is controlled by extension of plain image matrix, XOR, and exchange operations. The uses of chaotic maps and XOR operation provide a dual layer of security. The key space of the encryption scheme is large enough to resist brute-force attacks, but as a disadvantage, the number of secret keys is high and increases the key management overhead. Also, the encrypted image has a uniform histogram, so the entropy value is close to the maximum value. Comparisons of the proposed method with some of the existing methods show that, this method has a proper processing time and has reasonable resistance to differential attacks, noise attacks and cropping attacks, so it can be used as a secure method for image encryption. Compared to our previous work in [40], and according to Table 12, processing time has been reduced due to the use of the new structure, and the key space has also been increased from 10112 to 10168.