1 Introduction

Images are playing an increasingly important role in human life. The rapid development of sharing platforms on social networking sites has resulted in an ever-increasing amount of image data [1]. Most of the massive image data are stored in plaintext to save the cost of storage and computing resources, which poses a huge security risk. For example, some people use other people’s photos to take away the express delivery of the parties through facial recognition. Therefore, it is crucial to protect the images [2, 3]. Methods to protect digital images can be divided into two categories: (1) Information hiding, including watermarking [4], anonymity [5], and steganography [6]. (2) Encryption [7], including conventional encryption [8] and other methods, such as chaotic encryption [9]. Of the two categories, encryption is the more straightforward approach.

In order to encrypt an image, one approach is to treat the pixels of the plain image as a stream of binary data, which is then encrypted using traditional text encryption methods, such as RSA [10], data encryption standard (DES) [11], advanced encryption standard (AES) [12], and International Data Encryption Algorithm (IDEA) [13]. The purpose of this approach is to utilize the existing text encryption methods for encrypting images, as an alternative to developing new methods specifically for image encryption. However, unlike text encryption, images have some inherent characteristics, including large data volume, high correlation between adjacent pixels, and strong redundancy [14]. To solve this problem, many encryption techniques have been proposed, such as chaos encryption [15], permutation encryption [16], optical-based encryption [17], and DNA-based encryption [18]. Among these techniques, chaos encryption has received extensive attention due to its outstanding performance.

The chaos-based image encryption method draws on the sound characteristics of chaos theory to build an encryption system [19]. The advantages of a chaos-based image encryption system include large key space, simple implementation, and fast encryption speed. However, the security of most encryption schemes depends heavily on the performance of the chaotic system used by the encryption system [20].

Chaos possesses many unique properties that can satisfy the requirements of image encryption, such as good randomness, unpredictability, and initial state sensitivity [21, 22]. In a chaos-based encryption scheme, the security level strongly relies on the complexity and performance of the core chaotic system [23]. However, existing chaotic maps may exhibit shortcomings in different aspects when implemented in digital computers and digital circuits [24,25,26,27]. Firstly, most of the existing chaotic systems have a single structure and lack of change, so it is difficult to resist phase space reconstruction and parameter identification attacks [28]. Secondly, many existing chaotic systems have weak chaotic performance, which is characterized by short periods, non-ergodicity, low linear complexity, etc. Moreover, their chaotic ranges are either narrow or discontinuous. If a chaotic map has narrow or discontinuous chaotic ranges, its chaos properties may be destroyed when its parameters are disturbed by certain external factors such as noise [29].

In order to improve the above shortcomings, most of the schemes obviously increase the implementation cost. Based on this, we propose a 3D variable-structure chaotic system (3DVSCS) which is low in cost and easy to control. The 3DVSCS constructs a safe and controllable time-varying chaotic source to ensure that its output has non-stationary statistical characteristics. Compared with slow parameter changes, the structural transformations in chaotic systems reflect the abrupt change of dynamical behaviors, which can produce more complex non-stationary characteristics. Variable structure and nonstationarity make the 3DVSCS resistant to mathematical analysis and statistical analysis.

Taking 3DVSCS as the nonlinear chaotic source, a 3DVSCS-based image encryption system (3DVSCS-IES) composed of a new Rubik’s Cube-like permutation method and an iterative diffusion algorithm is presented, where permutation is used to severely scramble adjacent pixels, and diffusion is employed to completely infect the entire cipher image with a small change in the plaintext image. The contributions and novelty of this work are summarized as follows.

  1. (1)

    The 3DVSCS is first presented to obtain higher complexity and security than fixed-structure chaotic systems and variable parameter systems;

  2. (2)

    The variable-structure chaotic system is heuristic, which can be easily extended to any complex system;

  3. (3)

    A new Rubik’s Cube-like permutation is introduced, which has lower implementation cost and better pixel scrambling effect compared with other permutation schemes;

  4. (4)

    Based on the 3DVSCS, an image encryption system (3DVSCS-IES) composed of a new Rubik’s Cube-like permutation method and an iterative diffusion algorithm is proposed. Security analysis demonstrates that 3DVSCS-IES can achieve a high level of security.

The remainder of this paper is organized as follows. Section 2 gives the 3DVSCS model and mathematically analyzes its chaotic behavior. In Sect. 3, the performance of the chaotic map generated by 3DVSCS on a series of chaotic metrics is presented. Based on the 3DVSCS, Sect. 4 raises the model of 3DVSCS-IES. In Sect. 5, the simulation results of 3DVSCS-IES are shown. Section 6 verifies the security of the proposed encryption system and its resistance to various types of attacks. In Sect. 7, the conclusion is given.

2 3DVSCS

This section introduces the model and theoretical analysis of 3DVSCS. A concrete method to generate the 3DVSCS map is also given.

2.1 Mathematical model of 3DVSCS

3DVSCS is presented to obtain a chaotic map with a more extensive chaotic range and more complex chaotic behavior. The simple mathematical model of 3DVSCS is as follows:

$$\begin{aligned} \varvec{x}_{n+1}=W_i\varvec{x}_n \, \textrm{mod}\, 1,\,i\in \{1,2\}, \end{aligned}$$
(1)

where \(\varvec{x}=(x,y,z)^T\), is the state vector of the chaotic system, \(\textrm{mod}\) is the modulo function used to constrain the phase space of state variable. \(W_1\) and \(W_2\) are the parameter matrices of the system. Different parameter matrices correspond to different structures. \(W_i\) can be expressed as follows:

$$\begin{aligned} \left[ \begin{matrix} w_{11}^{(i)} &{} w_{12}^{(i)} &{} w_{13}^{(i)} \\ w_{21}^{(i)} &{} w_{22}^{(i)} &{} w_{23}^{(i)} \\ w_{31}^{(i)} &{} w_{32}^{(i)} &{} w_{33}^{(i)} \\ \end{matrix} \right] ,\quad i\in \{1,2\} \end{aligned}$$

Then, the above Eq. (1) can also be transformed into another form:

$$\begin{aligned} \left\{ \begin{aligned} x(n+1)&=(w_{11}^{(i)}x(n)+w_{12}^{(i)}y(n)\\&\quad +w_{13}^{(i)}z(n)) \; \textrm{mod} \; 1 \\ y(n+1)&=(w_{21}^{(i)}x(n)+w_{22}^{(i)}y(n)\\&\quad +w_{23}^{(i)}z(n)) \; \textrm{mod} \; 1 \\ z(n+1)&=(w_{31}^{(i)}x(n)+w_{32}^{(i)}y(n)\\&\quad +w_{33}^{(i)}z(n)) \; \textrm{mod} \; 1 \\ \end{aligned},\quad i\in \{1,2\}\right. \end{aligned}$$
(2)

As can be seen from the formula, 3DVSCS is first stretched by multiplying the parameter matrix of the current iteration by the state variables of the system and then folded by the boundary function. In this way, complex chaotic behavior can be obtained.

2.2 Theoretical analysis

The basic feature of chaotic system is the extreme sensitivity of the system to the initial value. The trajectories generated by two initial values that are almost the same are separated exponentially over time. The Lyapunov exponent (LE) is an indicator that quantitatively describes this phenomenon. Chaos in the sense of LE can be defined as Definition 1

Definition 1

A discrete system is said to be chaotic in the sense of LE if it satisfies the two conditions:

  1. (1)

    it has at least one positive LE;

  2. (2)

    its phase space region is globally bounded.

For a chaotic map \(x\rightarrow f(x)\), LE can be defined as follows:

$$\begin{aligned} \textrm{LE} = \lim _{n \rightarrow \infty }\frac{1}{n} \sum _{i = 0}^{n-1}\ln |f'(x_i)|, \end{aligned}$$
(3)

as for 3DVSCS, the LEs can be calculated as:

$$\begin{aligned} \textrm{LE}_k = \lim _{n \rightarrow \infty }\frac{1}{n} \sum _{j = 0}^{n-1}\ln |\lambda _k^{\varvec{x}_j}|, \end{aligned}$$
(4)

where \(\lambda _k^{\varvec{x}_j}\) is the kth eigenvalue of the Jacobian matrix at the jth iteration of 3DVSCS. The Jacobian matrix of 3DVSCS described in Eq. (2) can be expressed as:

$$\begin{aligned} \varvec{J}(\varvec{x}_j)= \left[ \begin{matrix} w_{11}^{(i)} &{} w_{12}^{(i)} &{} w_{13}^{(i)} \\ w_{21}^{(i)} &{} w_{22}^{(i)} &{} w_{23}^{(i)} \\ w_{31}^{(i)} &{} w_{32}^{(i)} &{} w_{33}^{(i)} \\ \end{matrix} \right] , \end{aligned}$$

which is exactly the same as the parameter matrix \(W_{i}\). It can be concluded that the value of the Jacobian matrix of 3DVSCS is equal to the value of the parameter matrix of the current iteration of the system. Then the LEs of 3DVSCS can also be expressed as:

$$\begin{aligned} \textrm{LE}_k&= \lim _{n \rightarrow \infty }\frac{1}{n} \left( \sum _{j = 0}^{n_1-1}\ln |\lambda _k^{(1)}| + \sum _{j = 0}^{n_2-1}\ln |\lambda _k^{(2)}|\right) \nonumber \\&=\frac{n_1}{n}\ln |\lambda _k^{(1)}|+\frac{n_2}{n}\ln |\lambda _k^{(2)}|, \end{aligned}$$
(5)

where \(n_1\) and \(n_2\) are respectively the number of times \(W_1\) and \(W_2\) are used as parameter matrices in the iteration.

For a square matrix, the trace is equal to the sum of all eigenvalues. Therefore, the sum of all eigenvalues of the parameter matrix \(W_i\) is equal to the trace \(\textrm{tr}(W_i)\) of \(W_i\):

$$\begin{aligned} \lambda _1^{(i)}+\lambda _2^{(i)}+\lambda _3^{(i)}=\textrm{tr}(W_i) =w_{11}^{(i)}+w_{22}^{(i)}+w_{33}^{(i)}, \end{aligned}$$

where \(\lambda _1^{(i)} \ge \lambda _2^{(i)} \ge \lambda _3^{(i)}\). If \(w_{11}^{(i)}\), \(w_{22}^{(i)}\), and \(w_{33}^{(i)}\) are all greater than 1, this leads to

$$\begin{aligned} \lambda _1^{(i)}+\lambda _2^{(i)}+\lambda _3^{(i)}>3, \end{aligned}$$

which suggests that at least one of \(\lambda _1^{(i)}, \lambda _2^{(i)}, \lambda _3^{(i)}\) has a value greater than 1. It is easy to get \(\lambda _1^{(1)}>1\) and \(\lambda _1^{(2)}>1\), which means that at least one LE is positive according to Eq. (5). It can be concluded that the proposed 3DVSCS satisfies condition (1) in Definition 1 if the diagonal elements of \(W_i\) are all greater than 1.

The modulo function makes the 3D chaotic systems in Eq. (2) fold over bounded phase space. That is, the phase space region of 3DVSCS is globally bounded and thus satisfies condition (2) of Definition 1. In summary, Proposal 1 is given for the 3DVSCS parameter matrices to make sure the system exhibits chaotic characteristics.

Proposition 1

The 3D parameter matrices \(W_1,W_2\) of the 3D variable-structure chaotic system in Eq. (1) should satisfy the following two conditions, respectively:

$$\begin{aligned}{} & {} W_1:w_{ii}\ge w_{ij}+3,\quad i=[1,2,3],j\ne i,w> 1\\{} & {} W_2:w_{ii}\le w_{ij}-3,\quad i=[1,2,3],j\ne i,w> 1 \end{aligned}$$

Among the two matrices \(W_1,W_2\) in Proposition 1, \(W_1\) is characterized by larger diagonal elements, and \(W_2\) is characterized by smaller diagonal elements. Taking \(W_1\) and \(W_2\) as parameter matrices, two different structures of the chaotic system are obtained, and then by alternately using \(W_1\) and \(W_2\) in the iteration, the chaotic system with variable structure is realized.

2.3 Method to generated 3DVSCS map

In order to construct two parameter matrices \(W_1\) and \(W_2\) that satisfy Proposal 1, five parameters \(o,r_1,r_2,d_1\), and \(d_2\) are used, where \(o\in (0,\infty )\) is used as the center element \(w_{22}\) of \(W_1\) and \(W_2\). \(r_1,r_2\in (0,\infty )\) are used to generate the other two diagonal elements. The other elements of \(W_1\) and \(W_2\) are generated by \(d_1,d_2\in (0,1)\). This generation method can be described as:

$$\begin{aligned} W_1&= \left[ \begin{array}{lll} r_{1}o+4 &{} r_{1}od_{1}+1 &{} r_{1}od_{2}+1 \\ od_1+1 &{} o+4 &{} od_2+1 \\ r_2od1+1 &{} r_2od_2+1 &{} r_2o+4 \end{array}\right] \nonumber \\ W_2&= \left[ \begin{array}{lll} r_{1}o+1 &{} r_{1}o(d_{1}+1)+4 &{} r_{1}o(d_{2}+1)+4 \\ o(d_{1}+1)+4 &{} o+1 &{} o(d_{2}+1)+4 \\ r_2o(d_{1}+1)+4 &{} r_2o(d_{2}+1)+4 &{} r_2o+1 \end{array}\right] \end{aligned}$$
(6)

The transformation of the chaotic system structure is achieved by using different parameter matrices in different iterations. \(W_1\) is set as the parameter matrix when \(x_i<0.5\), and \(W_2\) is set as the parameter matrix when \(x_i\ge 0.5\). The two matrices \(W_1\) and \(W_2\) constitute a dual form, so the generated variable-structure chaotic system can possess relatively balanced dynamics. The detailed chaotic map generated by 3DVSCS is as follows:

$$\begin{aligned} \varvec{x}_{n+1}= {\left\{ \begin{array}{ll} W_1\varvec{x}_n \; \textrm{mod}\; 1,&{} x_n<0.5 \\ W_2\varvec{x}_n \; \textrm{mod}\; 1,&{} x_n\ge 0.5 \end{array}\right. } \end{aligned}$$
(7)

3 Performance evaluation of 3DVSCS map

This section shows the performance of the chaotic map generated by 3DVSCS on different aspects, including phase diagram, bifurcation diagram, lyapunov exponent, approximate entropy and randomness test.

Fig. 1
figure 1

Phase diagrams of 3DVSCS map

Full size image

3.1 Phase diagram

Phase diagram is a method to describe the dynamic behavior of a chaotic system directly. The phase diagram of a chaotic system is its unclosed trajectory in a two-dimensional phase plane or a three-dimensional phase space. Systems with complex phase diagrams usually have complex chaotic behaviors. For the 3DVSCS map in Eq. (7), the initial values \((x_0,y_0,z_0)\) are set as (0.01, 0.02, 0.03), and the parameters \((o,r_1,r_2,d_1,d_2)\) are set as (101, 5.1, 3.8, 0.8, 0.6). The 2D and 3D phase diagrams of the 3DVSCS map presented in Fig. 1 are all noise-like patterns, which means that the chaotic behavior of this variable structure system is sufficiently complex.

3.2 Bifurcation diagram

The bifurcation diagram shows the dynamical evolution of the system under different control parameters by plotting the values of system variables under different parameters. By observing the bifurcation diagram, we can clearly get the chaotic range of the system on certain parameter. For 3DVSCS in this section, the initial values \((x_0,y_0,z_0)\) are set as (0.01, 0.02, 0.03), and the values of parameters \((o, r_1, r_2, d_1, d_2)\) are set to (101, 5.1, 3.8, 0.8, 0.6) by default. Figure 2 gives the bifurcation diagrams of 3DVSCS for different parameters. It can be seen from the figure that 3DVSCS exhibits chaotic behavior under all parameters within the value range, which means that when the parameters of 3DVSCS can be used as equally strong keys in the encryption system without weak keys.

Fig. 2
figure 2

Bifurcation diagrams of 3DVSCS map with different parameters

Full size image

3.3 Lyapunov exponent

The Lyapunov exponent (LE) is an important quantitative index to measure the chaotic characteristics of the system, which characterizes the average exponential rate of convergence or divergence of the system between adjacent orbitals in the phase space. Whether there is dynamic chaos in the system can be judged intuitively by whether the maximum LE is greater than zero. A positive LE means that in the phase space of the system, no matter how small the initial distance between the two trajectories is, the difference will become unpredictable with an exponential rate increase over time, which is the phenomenon of chaos. Figure 3 depicts the Lyapunov exponents of 3DVSCS map for different parameters and compares them with the Lyapunov exponents of different multidimensional maps. For 3DVSCS in this section, the initial values \((x_0,y_0,z_0)\) are set as (0.01, 0.02, 0.03), and the values of parameters \((o, r_1, r_2, d_1, d_2)\) are set to (101, 5.1, 3.8, 0.8, 0.6) by default. Figure 3a–e are the Lyapunov exponent plots for the five parameters, respectively. Figure 3f–h are the Lyapunov exponent diagrams of LSM [43], CSCM [33] and LSCM [20], respectively. As can be seen from the figure, 3DVSCS possesses three positive and high Lyapunov exponents for all parameters. This illustrates that the newly generated chaotic map exhibits hyperchaos. And compared with different chaotic systems, 3DVSCS always exhibits hyperchaos in its parameter range, and the Lyapunov exponents of 3DVSCS are larger, which means higher chaos. It can be concluded that 3DVSCS can generate chaotic maps with hyperchaotic behavior.

Fig. 3
figure 3

Lyapunov exponents of different maps. a–e 3DVSCS; f LSM; g CSCM; h LSCM

Full size image

3.4 Complexity analysis

Approximate entropy (ApEn) is a nonlinear dynamic indicator used to quantify the regularity and unpredictability of fluctuations in time series. It uses a non-negative number to represent the complexity of a time series, reflecting the possibility of new information occurring in the time series. The more complex the time series, the larger the approximate entropy. ApEn is defined as follows:

Definition 2

Given a time series \( \{x_1,x_2,\ldots ,x_N\}\) and pre-specified parameters m and r, where m is the embedding dimension, and r is the similarity tolerance, also known as the filtering level, the ApEn of this series is defined as:

$$\begin{aligned} {\left\{ \begin{array}{ll} \textrm{ApEn} &{} =\lim _{N \rightarrow \infty }[\phi ^m(r)-\phi ^{m+1}(r) ], \\ \phi ^m(r) &{} =\frac{1}{N-m+1}\sum \nolimits _{i = 1}^{N-m+1} \ln C_i^m(r), \end{array}\right. } \end{aligned}$$
(8)

where \(C_i^m\) is obtained by counting the number of vectors having d[X(i), X(j)] less than r for each value of i and then calculating the ratio of this number to the total number of distances. d[X(i), X(j)] is the Chebyshev distance between X(i) and X(j).

Figure 4 shows the comparison of ApEn values of 3DVSCS and different chaotic maps. For 3DVSCS in this section, the initial values and the parameter settings are the same as in Sect. 3.3. Figure 4a–c describes the ApEn values when the parameters o, \(r_1\), and \(d_1\) are changed while other parameters remain unchanged, respectively. Figure 4d–f are the ApEn values of LSM, CSCM and LSCM, respectively. As can be seen from the figure, 3DVSCS has high ApEn values in all parameter ranges, which are more stable than those of different chaotic maps. The conclusion is that the novel 3DVSCS map can generate sequences with high complexity over a wide range of parameters.

Fig. 4
figure 4

Approximate entropy of different maps. a–c 3DVSCS; d LSM; e CSCM; f LSCM

Full size image

3.5 Randomness test for 3DVSCS

In this section, two test suites NIST SP800-22 and TestU01 are used to verify the randomness of the chaotic sequences generated by 3DVSCS. NIST SP800-22 is a standard for the randomness of test sequences published by the National Institute of Standards and Technology. At present, this standard has been internationally recognized, including 15 items such as runs test and linear complexity test. Each test result corresponds to a calculated normalized P value, and the P value is compared with 0.01. If the P value is greater than 0.01, it means that the test requirements are met, otherwise it is a failure. Selecting random parameters and initial values, the 3DVSCS map generates 1000 sequences of length \(10^6\), and the values in the sequences are simply quantized, where values greater than 0.5 are quantized to 1, and other values are quantized to 0. These sequences are subjected to the NIST test suite, and the test results are shown in Table 1. TestU01 is a more stringent randomness test suite that contains multiple sets of tests, each of which assesses the randomness of the sequence from a different aspect. The sets of tests used for testing the randomness of binary sequences are Alphabit, Rabbit, and BlockAlphabit. In this experiment, limited to the storage of the computer, the binary sequences of length \(2^{20}\), \(2^{25}\), and \(2^{28}\) generated by 3DVSCS are used to carry out the TestU01 test, and the results are shown in Table 2. From the results in the two tables, it can be concluded that the sequences generated by 3DVSCS pass all the tests. In summary, the proposed 3DVSCS can generate sequences with high randomness, which are obviously adequate for image encryption.

Table 1 Results of the NIST SP800-22 test suite
Full size table
Table 2 Results of the TestU01 test suite
Full size table

4 3DVSCS-IES

By using the 3D chaotic system, this section raises a 3DVSCS-based image encryption system (3DVSCS-IES). It uses the classic confusion–diffusion structure, which is well-known for its high-security performance. The structure of 3DVSCS-IES is illustrated in Fig. 5, in which the security key generates the initial states and control parameters of 3DVSCS. 3DVSCS is iterated to obtain chaotic sequences (xyz), which together with the security key generate the initial values and parameters of the logistic map. Then the sequences (xyz) generated by 3DVSCS are converted into \((x_a, y_a, z_a)\) and \((x_b, y_b, z_b)\), these two sequences are used to control the cyclic shift distance in the proposed Rubik’s Cube-like confusion and the pixel change in the iterative diffusion method, respectively. The sequence generated by the logistic map is sorted to obtain the sequence c that controls the rotation order of the Rubik’s Cube-like confusion method. 3DVSCS-IES performs confusion–diffusion operation two times in total, which is enough to result in high cryptographic security.

Fig. 5
figure 5

The structure of 3DVSCS-IES

Full size image
Fig. 6
figure 6

Key structure of 3DVSCS-IES

Full size image

4.1 Generate initial states and parameters

A security key that is too short makes the image encryption system vulnerable to brute-force attacks. In this paper, the length of the secure key is set to 256 bits, and its structure is illustrated in Fig. 6. The security key is divided into eight parts: \(K=\{x_0,y_0,z_0,o,r,d,a,m\}\), each of which is 32 bits long, and rdam all conclude two 16-bit strings, \(r=(r_1,r_2)\), \(d=(d_1,d_2)\), \(a=(a_1,a_2)\), \(m=(m_1,m_2)\).

The variables \(x_0,y_0,z_0\) are all fixed-point numbers within [0, 1), the value of them can be obtained from a 32-bit sequence by \(V = \sum _{n = 1}^{32}\textrm{Bit}_n\times 2^{-n} \). o is fixed-point number with eight binary digits before the decimal point, the value of it is obtained by \(V = \sum _{n = 1}^{8}\textrm{Bit}_n\times 2^{8-n}+ \sum _{n = 9}^{32}\textrm{Bit}_n\times 2^{-(n-8)}\). Moreover, \(r_1,r_2\) are fixed-point numbers with one binary digit before the decimal point, which can be calculated by \(V = \textrm{Bit}_1+ \sum _{n = 2}^{16}\textrm{Bit}_n\times 2^{-(n-1)}\). \(d_1,d_2\) are fixed-point numbers in the range of [0, 1), each of them can be obtained by \(V = \sum _{n = 1}^{16}\textrm{Bit}_n\times 2^{-n} \). \(a_1,a_2,m_1,m_2\) are all integer numbers which can be gained by \(V = \sum _{n = 1}^{16}\textrm{Bit}_n\times 2^{16-n} \).

\((x_0,y_0,z_0)\) and (ord) are the initial values and the parameters of the 3DVSCS chaotic map, respectively. The initial value \(a_0\) of the logistic map is generated by a as follows.

$$\begin{aligned} a_0=\frac{x(a_1)+y(a_1)+z(a_1)+x(a_2)+y(a_2)+z(a_2)}{6}. \end{aligned}$$

And the parameter of the Logistic map will be obtained by the following formula.

$$\begin{aligned}&\mu =3.57+0.43\\&\quad \times \frac{x(m_1)+y(m_1)+z(m_1)+x(m_2)+y(m_2)+z(m_2)}{6}, \end{aligned}$$

since the logistic map has chaotic behavior when the parameter \(\mu \in (3.5699456,4]\). Using all the initial states and parameters obtained by these methods above, sufficiently complex chaotic sequences can be generated for image confusion and diffusion.

4.2 Rubik’s Cube-like confusion method

The Rubik’s Cube-like confusion is raised with reference to the rotation of the Rubik’s Cube in three planes. Figure 7 shows the rotation of a third-order Rubik’s Cube in three planes. As is depicted in this figure, the operation of the Rubik’s Cube can be divided into three types, (a) rotate the x0z plane; (b) rotate the y0z plane; (c) rotate the x0y plane.

Fig. 7
figure 7

Three types of operations on the Rubik’s Cube

Full size image
Fig. 8
figure 8

Rubik’s Cube-like rotation

Full size image

For an \(M\times N\times 3\) color RGB image, the rotation method of the Rubik’s Cube cannot be used directly because M and N are generally not equal to 3. In order to implement a Rubik’s Cube rotation operation on the image, a Rubik’s Cube-like rotation (RCLR) is raised. As shown in Fig. 8, each matrix can be divided into \(\lfloor \min (M,N)/2\rfloor \) rings, and if \(\min (M,N)\) is odd, there is also a one-dimensional array in the matrix. Let d denote the total number of rings and one-dimensional arrays of a matrix T, and then use a sequence s of length d to set the cyclic shift distance of each ring and one-dimensional array to achieve the RCLR operation of the matrix. The RCLR operation is presented as: \(\textrm{RCLR}(T, s)\).

The entire flow of Rubik’s Cube-like confusion is described below.

Step 1 For the \(M\times N\times 3\) input pixel matrix D of Rubik’s Cube confusion, there are 3 matrix slices of \(M \times N\) size on the x0z plane, M matrix slices of \(N\times 3\) size on the x0y plane, and N matrix slices of \(M\times N\) size on the y0z plane, these matrix slices are labeled and arranged as \(D^1 \cdots D^3, D^4 \cdots D^{3+M}, D^{4+M} \cdots D^{3+M+N}\). The d of the slice matrix on the three planes is represented by \(d_x\), \(d_y\), and \(d_z\) respectively, where d is the total number of rings and one-dimensional arrays in the slice matrix.

Step 2 Iterate the 3DVSCS map \(M\times N\times 2+1000\) times and discard the first 1000 times to avoid the influence of the transient state. Then we get three sequences x, y and z, which are further scaled to obtain three integer sequences \(x_a,y_a,z_a\) as follows.

$$\begin{aligned} {\left\{ \begin{array}{ll} x_a=\lceil 2\times (M+N) \times x(1:3\times \max (M,N)\times 2) \rceil \\ y_a=\lceil 2\times (M+N) \times y(1:3\times \max (M,N)\times 2) \rceil \\ z_a=\lceil 2\times (M+N) \times z(1:3\times \max (M,N)\times 2) \rceil \\ \end{array}\right. } \end{aligned}$$
(9)

Step 3 Since the rotation of each layer of the Rubik’s Cube is out of order, a random sequence needs to be used to control the rotation order of the pixel matrix slices. Iterate the Logistic map \((M + N + 3)\times 2+1000\) times and discard the first 1000 times to avoid the influence of the transient state. Divide the generated sequence into two parts and sort each part separately to obtain the index sequence c, and the two parts in c are used for 2 rounds of confusion–diffusion operation.

Step 4 Perform RCLR operations on each slice of D in the order specified by sequence c. The detailed process is as follows,

$$\begin{aligned}{} & {} D_{n+1}\nonumber \\{} & {} \quad ={\left\{ \begin{array}{ll} \textrm{RCLR}(D_n^{c_n},x_a(1+(n-1) &{} \\ \times d_x:n\times d_x)),&{} 1<c_n\le 3 \\ \textrm{RCLR}(D_n^{c_n},y_a(1+(n-1) &{}\\ \times d_y:n\times d_y)),&{} 3<c_n \le 3+M \\ \textrm{RCLR}(D_n^{c_n},z_a(1+(n-1) &{}3+M<c_n \\ \times d_z:n\times d_z)),&{} \le 3+M+N \\ \end{array}\right. } \nonumber \\ \end{aligned}$$
(10)

where n is from 1 to \(3+M+N\), and \(d_x, d_y, d_z\) are the d values of the slice matrices on the three planes of D respectively. \(D_n^{c_n}\) represents the \(c_n\)-th slice of the matrix D at the n-th rotation. The confusion result P is equal to \(D_{M+N+4}\).

Fig. 9
figure 9

The Rubik’s Cube-like confusion example

Full size image

To further illustrate the Rubik’s Cube-like confusion, an image of size \(4\times 3\times 3\) is used as a numerical example. Suppose that the three 3DVSCS sequences have been obtained as: \(x_{a}=\{3,1,4,2,5,3\}\), \(y_{a}=\{2,3,1,4,3,2,4,5\}\), \(z_{a}=\{1,3,2,4,3,2\}\), and for convenience, the sequence c is given as \(c=\{1,2,3,4, 5,6,7,8,9,10\}\), that is, the rotation of the three planes is performed sequentially. The whole process is shown in Fig. 9.

  • Figure 9a gives the slice matrices \((D^1,D^2,D^3)\) on the x0z surface of the initial image. The outermost circle of \(D^1\) is \((11,23,15,18,61,64,58,71,54,24)\), and the corresponding value in the sequence \(x_a\) representing the shift distance is 3. Then, the outermost circle performs a cyclic shift of distance 3 to obtain the sequence \((71,54,24,11,23,15,18,61,64,58)\). By performing this Rubik’s Cube-like rotation determined by the sequence \(x_a\) on the three matrices \(D^1\), \(D^2\), and \(D^3\), respectively, the result of the rotation is obtained and displayed in Fig. 9b.

  • The four slice matrices \((D^4,D^5,D^6,D^7)\) on the x0y surface of the pixel matrix obtained after the rotation of the x0z surface are shown in Fig. 9c. The outermost circle of the \(D^4\) matrix is (71, 54, 24, 54, 48, 85, 96, 34), and the corresponding value in the sequence \(y_a\) representing the shift distance is 2. Then, the outermost circle performs a cyclic shift of distance 2 to obtain the sequence (96, 34, 71, 54, 24, 54, 48, 85). By performing this Rubik’s Cube-like rotation determined by the sequence \(y_a\) on the four matrices \(D^4,D^5,D^6\), and \(D^7\), respectively, the result of the rotation is obtained and displayed in Fig. 9d.

  • The three slice matrices \((D^8,D^9,D^{10})\) on the y0z surface of the pixel matrix obtained after the rotation of the x0y surface are shown in Fig. 9e. The outermost circle of the \(D_8\) matrix is (96, 85, 48, 47, 21, 15, 43, 52, 74, 43), and the corresponding value in the sequence \(z_a\) representing the shift distance is 1. Then, the outermost circle performs a cyclic shift of distance 1 to obtain the sequence (43, 96, 85, 48, 47, 21, 15, 43, 52, 74). By performing this Rubik’s Cube-like rotation on the three matrices \(D^8,D^9,D^{10}\), respectively, whose cyclic shift distance is determined by the sequence \(z_a\), the result of the rotation is obtained and displayed in Fig. 9f.

4.3 Iterative diffusion

Merely shuffling the positions of adjacent pixels does not provide sufficient security. In order to hide the statistical properties of plaintext, a diffusion operation is also required. In 3DVSCS-IES, an iterative diffusion method is applied to ensure that small changes in the plaintext image can result in a completely different ciphertext image. By further scaling the three sequences xyz generated by the 3DVSCS map as follows, we get three chaotic sequences \(x_b,y_b,z_b\) which are respectively used to change the pixel values of the three color channels.

$$\begin{aligned} {\left\{ \begin{array}{ll} x_b=\lceil M\times N \times x(1:2\times M\times N) \rceil \\ y_b=\lceil M\times N \times y(1:2\times M\times N) \rceil \\ z_b=\lceil M\times N \times z(1:2\times M\times N) \rceil \\ \end{array}\right. } \end{aligned}$$
(11)

The current pixel is then changed by the previous pixel and the corresponding chaotic sequence value. Suppose both permutation result P and diffusion result D are of size \(M\times N\times 3\), and transform all channels of P and D into sequences of length \(M\times N\), denoted by \(P_R,P_G,P_B,D_R,D_G,D_B\). The iterative diffusion can be described as follows:

$$\begin{aligned} R&:\begin{aligned} D_R(n)&=P_R(n) + x_b(n)] \;\textrm{mod}\;256,\\ D_R(n)&=D_R(n-1) + P_R(n) + x_b(n)\;\textrm{mod}\;256, \end{aligned}\; \begin{aligned}&n=1\\&n>1 \end{aligned}\nonumber \\ G&:\begin{aligned} D_G(n)&=D_R(M*N) + P_G(n)+ y_b(n)\;\textrm{mod}\;256,\\ D_G(n)&=D_G(n-1) + P_G(n) + y_b(n)\;\textrm{mod}\;256, \end{aligned}\; \begin{aligned}&n=1\\&n>1 \end{aligned}\nonumber \\ B&:\begin{aligned} D_B(n)&=D_G(M*N) + P_B(n)+ z_b(n)\;\textrm{mod}\;256,\\ D_B(n)&=D_B(n-1) + P_B(n)+ z_b(n)\;\textrm{mod}\;256, \end{aligned}\; \begin{aligned}&n=1\\&n>1 \end{aligned}, \end{aligned}$$
(12)

where the first pixel in the G channel of P is diffused by the last pixel in the R channel of P. Similarly, the first pixel in the B channel of P is diffused by the last pixel in the G channel of P. By this operation, subtle changes that occur in the R channel can be passed to the G and B channels.

4.4 Decryption process

3DVSCS-IES iterates the confusion–diffusion operation two times in the encryption process, so in the decryption process, it is necessary to perform the inverse operation of diffusion and then the inverse operation of confusion on the cipher image, and cycle the above operations two times to obtain the plain image.

The diffusion process is from the confusion result P to the diffusion result D, then the inverse process of diffusion is the process from D to P, where in the first iteration of decryption, the diffusion result D represents the cipher image. Still assuming that the size of P and D are both \(M\times N\times 3\), and transform all channels of P and D into sequences of length \(M\times N\) denoted by \(P_R, P_G, P_B, D_R, D_G, D_B\). The inverse operation of the iterative diffusion is described as follows.

$$\begin{aligned} B&:\begin{aligned} P_B(n)&=D_B(n)-D_B(n-1)-z_b(n)\;\textrm{mod}\;256,\\ P_B(n)&=D_B(n)-D_G(M*N)-z_b(n)\;\textrm{mod}\;256, \end{aligned}\, \begin{aligned}&n>1\\&n=1 \end{aligned}\nonumber \\ G&:\begin{aligned} P_G(n)&=D_G(n)-D_G(n-1)-y_b(n)\;\textrm{mod}\;256,\\ P_G(n)&=D_G(n)-D_R(M*N)-y_b(n)\;\textrm{mod}\;256, \end{aligned}\, \begin{aligned}&n>1\\&n=1 \end{aligned}\nonumber \\ R&: \begin{aligned} P_R(n)&=D_R(n)-D_R(n-1)-x_b(n)\;\textrm{mod}\;256,\\ P_R(n)&=D_R(n)-x_b(n) \;\textrm{mod}\;256, \end{aligned}\, \begin{aligned}&n>1\\&n=1 \end{aligned} \end{aligned}$$
(13)

The confusion process is from the plain image or the result D of the diffusion operation of the previous encryption iteration to the confusion result P, then the inverse operation of confusion in the decryption process is to obtain D from P, where D here represents the plain image in the second decryption iteration.

Same as the operation in the encryption process, P is divided and arranged into \(P^1 \cdots P^3, P^4 \cdots P^{3+M}, P^{4+M} \cdots P^{3+M+N}\), chaotic sequences \(x_a, y_a, z_a\) are generated by 3DVSCS, and the d of the slice matrix on the three planes is represented by dx, dy, and dz respectively, where d is the total number of rings and one-dimensional arrays in the slice matrix. We denote the inverse operation of \(\textrm{RCLR}\) as \(\textrm{RCLR}^{-1} (T, s)\), which cyclically shifts the rings and the possibly one-dimensional array of the matrix T in the opposite direction of RCLR by the distance specified by the control sequence s. The inverse operation of Rubik’s Cube-like confusion is described below.

$$\begin{aligned}&P_{n-1}\nonumber \\&\quad = {\left\{ \begin{array}{ll} \textrm{RCLR}^{-1}(P_n^{c_n},z_a(1+(n-1) &{} 3+M<c_n \\ \times d_z:n\times d_z)),&{}\le 3+M+N \\ \textrm{RCLR}^{-1}(P_n^{c_n},y_a(1+(n-1) &{} \\ \times d_y:n\times d_y)),&{} 3<c_n \le 3+M \\ \textrm{RCLR}^{-1}(P_n^{c_n},x_a(1+(n-1) &{} \\ \times d_x:n\times d_x)),&{} 1<c_n\le 3 \\ \end{array}\right. }\nonumber \\ \end{aligned}$$
(14)

where n is from \(3+M+N\) to 1, \(P_n^{c_n}\) represents the \(c_n\)-th slice of the matrix P after rotation \(3+M+N-n\) times. The result D of this reverse process of confusion is equal to \(P_0\).

5 Simulation result

MatlabR2019a is used to implement the proposed image encryption system on a private computer configured as intel(R) Core(TM) i7-10700, CPU 2.90 GHZ, memory 16 GB, operation system Microsoft Window10. Test images in this section include Lena\((256\times 256)\), Peppers\((512\times 512)\), Mandrill\((512\times 512)\), and San Diego\((1024\times 1024)\). The 256-bit long key used in this simulation is:

$$\begin{aligned} \begin{aligned}&1E3A2453543FD22EB3FC48 \\&\quad A71EA26C34FD4A2E9136D90AF99B6BD6 \\&\quad 4A24F5C6E7. \end{aligned} \end{aligned}$$

The simulation results are shown in Fig. 10, where the plain images are in the first column, the cipher images are in the second column, and the decrypt images are in the third column. It can be seen that the cipher images are all noise-like images and the decrypt images are the same as the plain images. Thus it can be concluded that our image encryption system can successfully encrypt and decrypt color images.

Fig. 10
figure 10

Simulation results of 3DVSCS-IES

Full size image

6 Security analysis

This section verifies the security of the proposed encryption system and its resistance to various types of attacks.

6.1 Key space

The key space refers to the set of all possible keys, and the size of the key space depends on the length of the security key, which is one of the most important characteristics that determine the strength of a cryptosystem. For a binary security key of length L, its key space size is \(2^L\). If an attacker wants to attack the encryption system utilizing brute force, theoretically, it needs to calculate \(2^L\) times to ensure the success of the attack. Generally, the key space should be larger than \(2^{100}\) to provide high-security performance. 3DVSCS-IES employs keys of length 256, which can provide a key space with the size of \(2^{256}\) that is much larger than \(2^{100}\) and can effectively resist brute force attacks.

Fig. 11
figure 11

Key sensitivity analysis in encryption process

Full size image

6.2 Key sensitivity

A qualified image encryption algorithm needs to be sensitive to keys in both the encryption process and the decryption process. Otherwise, there may be many equivalent keys, which seriously reduce the key space. Key sensitivity can be quantified by calculating the ratio of pixel grayscale differences between the ciphertext image generated under the slightly changed key and the ciphertext image generated with the original key. In the experiment, Lena\((256\times 256)\) is chosen as the initial image, and the key given in Sect. 5 is used as the initial key, \(K_1\). Two slightly changed keys \(K_2,K_3\) are generated by changing one bit of \(K_1\):

$$\begin{aligned}{} & {} \begin{aligned} K_1=&1E3A2453543FD22EB3FC48A71\\&EA26C34FD4A2E9136D90AF99B6 \\&BD64A24F5C6E7 \end{aligned}\\{} & {} \begin{aligned} K_2=&3E3A2453543FD22EB3FC48A71\\&EA26C34FD4A2E9136D90AF99B6 \\&BD64A24F5C6E7 \end{aligned}\\{} & {} \begin{aligned} K_3=&1E3A2453543FD22EB3FC48A71\\&EA26C34FD4A2E9136D90AF99B6 \\&BD64A24F5C6E6 \end{aligned} \end{aligned}$$

The result of the key sensitivity analysis in the encryption process is shown in Fig. 11, where (a), (b), and (c) are the cipher images of Lena generated by \(K_1,K_2\), \(K_3\). (d), (e) and (f) are the difference between the three ciphertext images and the cipher image generated by the initial key, respectively. Table 3 lists the pixel grayness change ratio between the cipher image generated under the slightly changed key and the cipher image generated by the original key \(K_1\). From Fig. 11 and Table 3, it can be observed that small changes to the key during encryption can result in a completely different cipher image, and the pixel grayness change ratios of the three color channels are all above 99%, so it can be concluded that 3DVSCS-IES has high key sensitivity in the encryption process.

Table 3 Pixel grayness change ratio of the cipher images
Full size table
Fig. 12
figure 12

Key sensitivity analysis in decryption process

Full size image
Table 4 Pixel grayness change ratio of the decrypted images
Full size table

The key sensitivity in the decryption process is analyzed by using \(K_2\) and \(K_3\) to decrypt the cipher image generated by the initial key \(K_1\) in Fig. 10b. The result is shown in Fig. 12, where (a), (b), and (c) are the images decrypted from Fig. 10b using \(K_1,K_2\), and \(K_3\), respectively. Table 4 lists the pixel grayness change ratio between the image decrypted by the slightly changed key and the image decrypted correctly by the original key \(K_1\). In Fig. 12 and Table 4, the small changes to the key during decryption can result in a completely different decrypted image, and the pixel grayness change ratios of the three color channels are all above 99%. Thus 3DVSCS-IES has high key sensitivity in the decryption process.

We can summarize that 3DVSCS-IES owns high key security in both the encryption process and the decryption process.

6.3 The equality in key strength

Equal key strength means that all keys are required to be equally strong, preventing attackers from obtaining partial information of the plain image by decrypting the cipher image with keys close to the real key. Moreover, equal key strength can effectively avoid the avalanche effect (whenever the key used for decryption is close to the real key, the difference between the plaintext and the recovered plaintext tends to 0) [30, 31].

To evaluate the key equivalence of 3DVSCS-IES, we use \(K_1\) as the real key to encrypt Lena, use different keys around \(K_1\) to try to recover the plain image, and then calculate the Bit Error Ratio (BER) between the recovery result of each different key and Lena. The results are shown in Fig. 13, where \(\textrm{key}_i\) refers to the key obtained by inverting the i-th bit of the real key. It can be clearly seen that even if there is only 1 bit difference from the real key, the BER value remains around 0.5. No matter how close to the correct key, it is impossible to obtain any partial information of the plain image, which means that 3DVSCS-IES has equal key strength.

Fig. 13
figure 13

BER value of keys around \(K_1\)

Full size image

6.4 Histogram analysis

The image histogram describes the distribution of pixel values in an image. For an RGB image, the three channels can be regarded as three \(M\times N\) matrices, and the value range of each element in the matrices is [0, 255], then the image histogram h(g) is defined as the number of elements with pixel value g. The pixel distribution of a typical color image is generally uneven, and when it is encrypted, the original pixel distribution should be broken to present a uniform distribution, which means that the distribution information is hidden. Figure 14 shows the histograms of Lena and its cipher image, where (a), (b), (c) are the histograms of the three color channels of Lena, and (d), (e), (f) are the histograms of the three color channels of the cipher image of Lena. We can obtain that the plain image has an uneven distribution while the ciphertext image has a uniform pixel distribution. Conclusively, 3DVSCS-IES can generate cipher images that hide the pixel distributions of the plain images.

Fig. 14
figure 14

Histograms of Lena and its ciper image: a Red component of Lena; b Green component of Lena; c Blue component of Lena; d Red component of ciper image; e Green component of ciper image; f Blue component of ciper image (color figure online)

Full size image

6.5 Differential attack

Differential attack is a common way of cracking cipher images, and its essence is a selective plaintext attack. The attacker first makes minor changes to the plaintext image and then uses the proposed encryption method to encrypt the original plain image and the altered plain image separately. By comparing the two cipher images, the attacker can analyze the relationship between the original image and the cipher image, thereby cracking the cipher image. When the difference between the two cipher images is huge, it is difficult for the attacker to find the connection between the plain image and the cipher image, which makes it difficult to perform differential attacks. Therefore, whether an encryption method can resist differential attacks can be judged by its sensitivity to the plain image. The ability of encryption methods to resist differential attacks can be quantified by the number of pixels change rate (NPCR) and the unified average changing intensity (UACI) which are obtained by measuring the cipher images of the original plain image and slightly modified plain image. Equations (15)–(17) give the method to calculate the values of NPCR and UACI.

$$\begin{aligned} \textrm{NPCR}&= \frac{\sum _{i,j}^{}D(i,j)}{M \times N} \times 100\%, \end{aligned}$$
(15)
$$\begin{aligned} D(i,j)&= {\left\{ \begin{array}{ll} 1,&{} C(i,j)\ne C'(i,j) \\ 0,&{} C(i,j)= C'(i,j) \end{array}\right. }, \end{aligned}$$
(16)
$$\begin{aligned} \textrm{UACI}&= \frac{1}{M \times N}\nonumber \\&\quad \times \left[ \sum _{i,j}^{}\frac{|C(i,j)-C'(i,j)|}{255}\right] \times 100\%, \end{aligned}$$
(17)

where C and \(C'\) are the cipher images of the original plain image and the altered plain image, respectively, and \(M \times N\) is the size of each channel of the cipher images. For an image with an 8-bit grayscale value, the ideal NPCR value is 99.6094% and the ideal UACI value is 33.4635%. The closer the calculated values are to these two ideal values, the stronger the ability of the encryption method to resist differential attacks. The NPCR and UACI values of different test images are given in Table 5, and the NPCR and UACI values of our method and some other methods are compared in Table 6. It can be seen from the two tables that 3DVSCS-IES has values of NPCR and UACI that are closer to the theoretical values, which means our method is better at resisting differential attacks.

Table 5 NPCR and UACI results for different images
Full size table
Table 6 Comparison of NPCR and UACI results with other methods
Full size table
Fig. 15
figure 15

Pixels distribution of Lena and its ciper image: a horizontal direction of red component of Lena; b vertical direction of green component of Lena; c diagonal direction of blue component of Lena; d horizontal direction of red component of the ciper image; e vertical direction of green component of the ciper image; f diagonal direction of blue component of the ciper image (color figure online)

Full size image

6.6 Correlation analysis

The correlation of adjacent pixels reflects the degree of correlation of pixel values in adjacent positions of the image. A qualified image encryption algorithm should reduce the correlation of adjacent pixels and try to achieve zero correlation to prevent attackers from analyzing the correlation of neighboring pixels to obtain adequate information about the image. The correlation coefficients \(r_{x,y}\) can be calculated as:

$$\begin{aligned} {\left\{ \begin{array}{ll} r_{x,y} = \frac{E((x-E(x))(y-E(y)))}{\sqrt{D(x)D(y)}}, \\ E(x)=\frac{1}{N}\sum _{i = 1}^{N}x_i, \\ D(x)=\frac{1}{N}\sum _{i = 1}^{N}(x_i-E(x))^2, \end{array}\right. } \end{aligned}$$
(18)

where \(x_i\) and \(y_i\) are a couple of adjacent pixels, E(x) and D(x) are the expectation and variance of variable x, respectively, and \(r_{x,y}\) is the correlation coefficient. Generally, three aspects of the horizontal, vertical, and diagonal pixels of the image should be analyzed. Figure 15 gives the pixel distribution of the plain image Lena and its cipher image in H(horizontal), V(vertical), and D(diagonal) directions, where (a) shows the horizontal direction of red component of the plain image, (b) is the vertical direction of green component of the plain image, (c) depicts the diagonal direction of blue component of the plain image, (d) draws the horizontal direction of red component of the cipher image, (e) is the vertical direction of green component of the cipher image, and (f) shows the diagonal direction of blue component of the cipher image. It can be seen that the pixel distribution of the plaintext image is concentrated near the diagonal, which means that the adjacent pixels have a high correlation. In contrast, the pixel distribution of the ciphertext image is close to a uniform distribution, and the correlation is effectively removed. Table 7 lists the correlation coefficients of different images before and after encryption, and Table 8 compares the correlation coefficients of 3DVSCS-IES and other encryption algorithms after encrypting Lena. Obviously, the proposed encryption method can significantly reduce the correlation between adjacent pixels in cipher images, and our method has lower correlation coefficients relative to the other methods listed. It can be concluded that 3DVSCS-IES is better in removing the correlation of adjacent pixels.

Table 7 Correlation coefficients of different images before and after encryption
Full size table
Table 8 Comparing results of correlation coefficients for Lena
Full size table

6.7 Information entropy

Mathematically, information entropy is the expectation of the amount of information. It is an indicator used to evaluate and measure the amount of information in a piece of information and is often used to measure the randomness of cipher images. It is calculated as follows:

$$\begin{aligned} H(m) = \sum _{i=0}^{2^n-1}p(m_i)\log \frac{1}{p(m_i)} , \end{aligned}$$
(19)

where \(p(m_i)\) means the probability of \(m_i\). For a digital image with a grayscale pixel value of 8 bits, the ideal information entropy should be 8. Table 9 gives the information entropy values of the cipher images generated by the 3DVSCS-IES and other methods. The table shows that the values of these information entropies are all close to the ideal value, and our method is significantly more relative to the ideal value than other methods, which means that 3DVSCS-IES has high security.

Table 9 Information entropy of cipher images of different encryption methods
Full size table
Fig. 16
figure 16

The resistance to noise and occlusion attack: a noisy images by SPN with density = 0.005; b noisy images by SN with density = 0.001; c noisy images by GN with density = 0.0005; d decrypted image of (a); e decrypted image of (b); f decrypted image of (c); g stripe clipping image; h corner clipping image; i center clipping image; j decrypted image of (g); k decrypted image of (h); l decrypted image of (i) (color figure online)

Full size image
Table 10 Running time of different images
Full size table
Table 11 Running time of different algorithms
Full size table

6.8 Noise and occlusion attack analysis

Images will inevitably suffer from data loss or noise during physical transmission, and if the encryption method is not robust, accurate plaintext information cannot be obtained after decryption. A qualified encryption algorithm is resistant to data loss and noise, and Fig. 16 shows the decryption results of the cipher images of Lena after suffering data loss or noise, where (a), (b), (c) are the noisy cipher images contaminated by Salt & Pepper noise (SPN) with density = 0.005, Speckle noise (SN) with density = 0.001, and Gaussian noise (GN) with density = 0.0005, respectively. (d), (e), (f) are the decrypted images of (a), (b), and (c), respectively. (g) is the stripe clipping image, (h) is the corner clipping image, and (i) is the center clipping image. (j), (k), and (l) are the decrypted image of (g), (h), and (i), respectively. It can be seen that the cropped or noised cipher image can still retain the primary information of the plain image after decryption. Therefore, the raised encryption algorithm is highly resistant to noise and occlusion attacks.

6.9 Runtime analysis

In addition to security, encryption and decryption speed is also an important aspect in measuring the performance of an encryption algorithm. Table 10 lists the time required to encrypt and decrypt different images using 3DVSCS-IES, and Table 11 compares the running time of 3DVSCS-IES with other algorithms on Peppers\((512\times 512)\). As can be seen from the table, our encryption algorithm has excellent running speed compared with other encryption methods.

7 Conclusion

This paper presents a 3DVSCS that has innovative and mutational dynamical behaviors. The structure is transformed by switching two coupling matrices in each iteration. The chaotic performance of 3DVSCS is analyzed by the phase diagram, bifurcation diagram, lyapunov exponent, approximate entropy, and randomness test. The analysis results demonstrate that 3DVSCS has complex chaotic behavior and can be applied to encryption algorithms. By using 3DVSCS as the core chaotic map, we further propose an image encryption algorithm, 3DVSCS-IES, which follows the well-known confusion–diffusion mechanism. Because the generated chaotic sequences have good properties, a better efficiency Rubik’s Cube-like permutation method and an iterative diffusion algorithm are raised to realize confusion and diffusion, respectively. The simulation results show that 3DVSCS-IES can effectively encrypt and decrypt color images of different sizes. Then various security tests on the presented cryptosystem are performed, including key space, key sensitivity, key strength equality, histogram analysis, the ability to defend the differential attack, correlation analysis, and information entropy. Comparisons with some advanced methods are also given. The analysis and comparison results show that 3DVSCS-IES has high-security performance and surpasses some typical state-of-art methods. Our future work will investigate more complex variable structure mechanisms on chaotic systems and corresponding hardware implementation.