1 Introduction

A plethora of multimedia files (text, image, audio, video) is transmitted over the Internet with the rapid development in Information and communication technology. Internet is alleged to be easily intercepted by eavesdroppers and hence it becomes liable to high security threats. Thus, security has become a key issue during the storage and transmission of the digital data files over an unprotected public channel. In this scenario, cryptography plays a vital role in protecting the digital files against malicious attacks [6, 23]. The conventional encryption schemes such as Advanced Encryption Standard (AES), Rivest Cipher 6 (RC6), International Data Encryption Algorithm (IDEA) and other symmetric cryptographic algorithms are mostly focused on encrypting the textual data. But, image encryption schemes differ from text encryption as they are identified by the existence of huge data and high redundancy [5, 13, 17].

In recent years, chaotic based cryptosystem has achieved greater attention among researchers for encrypting bulk images. The key advantage of chaotic cryptic modules over traditional encryption algorithms are elevated ergodicity, high sensitivity to initial conditions and large key space [17,18,19, 30]. Chaotic map works in the aspect of achieving greater randomness, which is one of the key features for designing any successful cryptosystem. There are many image encryption schemes available employing one and two-dimensional chaotic maps. But some of these schemes showed security flaws due to limited discontinuous range of chaotic behaviours [8, 9, 21]. Recently many works have been reported with high dimensional chaotic maps to enhance key space and highly random behaviour in chaos based image crypto system [11, 31]. Further, by applying more than one chaotic map enlarges the key space, which makes the system highly resistant against various cryptanalysis attacks [25, 33].

A substitution-diffusion architecture based symmetric image cipher has been proposed by Patidar et al., [20]. The chaotic standard map and logistic map have generated the chaotic key stream to accomplish the robust substitution and diffusion plot. Xingyuan et al., have proposed a colour image encryption scheme using the combination of 1D and 2D logistic map structures [26]. The two chaotic maps are iterated alternatively to generate the chaotic matrix to permute and diffuse the image pixels. Zhang et al., [32] have given spatio-temporal chaotic based image encryption algorithm. This spatio-temporal system embraces of logistic map and piece-wise linear chaotic construct to generate pseudo-random number series to substitution and diffusion phase. DNA and improved 1D chaotic map based colour image encryption scheme was proposed by Xiangjun et al. The three improved one-dimensional chaotic map was used to generate the secret key to randomly encode the plain image into DNA matrices [29]. Pareek et al., [17] have implemented a scheme with interconnected constructs of two logistic maps to encrypt images. In this scheme, secret key with a size of 80 bits has been used for initial conditions in both logistic maps. In the iteration stage, random sequence from the first chaotic map was given as initial seed to second chaotic map. Chen and Lorenz chaotic map based colour image encryption was proposed by leyuan et al. The combined scheme have enriched chaotic range, enlarged key space and improved complex behavior [28]. Abolfazl et al., have developed robust keystream generator for colour image encryption scheme using hyper chaotic functions and non-uniform cellular automata [14]. The combination has achieved better entropy and strong resistance against noise attacks.

Nevertheless, combination of chaotic maps not only increases the security of the cryptosystem but also increases the difficulty of software implementation because of its computational complexity [15]. Application Specific Integrated Circuit (ASIC) based hardware implementations have more advantages over software. It provides inherent parallelism compared to software and achieves higher throughput. Its custom design of hardware significantly speeds up the execution. At the same time, ASIC based hardware design cycle is more expensive over software and less flexible to remodel the security algorithm. Graphic Processing Unit (GPU) is a hardware platform widely used in security application. It is a powerful device for computationally demanding applications. However, GPU has higher latencies and consumes huge power and has moderate flexibility which are not suitable for real-time security application and battery operated devices.

Field Programmable Gate Array (FPGA) is an impressive platform for implementing real time digital image encryption schemes [2, 3, 15]. It provides inherent parallelism to achieve higher throughput and also has software like programmable flexibility, which can be reconfigured at runtime in the field to meet the customer requirement, or add the new security features through secure remote update. Moreover, System on-chip FPGA has in-build ARM based hard processor system consisting of multi-core ARM processor, which can be used to configure the FPGA fabric through U-boot configuration scheme. It eliminates the need of external circuitry and reduces the design cost. Hence this work focuses on the implementation of image encryption algorithm adapting multiple chaotic maps on reconfigurable platform.

2 Methodology

The proposed image encryption scheme has two phases namely permutation and diffusion. Each phase uses two one-dimensional chaotic maps. Permutation phase makes use of Combined Tent and Sine map (CTS) to shuffle the pixel values between the image planes. The diffusion phase takes up the Combined Logistic map and Sine map (CLS) to alter the value of pixels.

Figure 1 shows the functional block diagram of the combined chaotic scheme. This scheme unifies the nonlinear combination of two different one dimensional chaotic maps, which are considered as seed maps. The combined chaotic system is defined by the following the Eq. (1),

$$ {x}_{i=1}=\left({F}_1\left({x}_i, p\right)+{F}_2\left({x}_1, q\right)\right) \mod\ 1 $$
(1)
Fig. 1
figure 1

Block diagram of the combined chaotic system

Full size image

where, F 1(p,  x i  ) and F 2(q, x i  ) are the two one dimensional chaotic maps with control parameters p and q, mod represents the modulo operation for ensuring the range of output data is within the interval [0,1] and i is the iteration number. In each iteration, outputs of both the chaotic maps are integrated through XOR operation.

In order to implement the combined chaotic scheme, three nonlinear one-dimensional chaotic maps such as logistic, tent and sine are considered, which are mathematically defined by Eqs. (2)–(4) as given in Table 1. Using these chaotic seed maps, two new chaotic systems namely Combined Logistic – Sine (CLS), Combined Tent – Sine (CTS) have been modelled. It can be mathematically represented by Eqs. (5) and (6) as listed in Table 1.

Table 1 Mathematical representation of the chaotic maps
Full size table

The output of combined chaotic system shows the mixed chaotic property of two seed maps. Hence, it has wider chaotic range and larger key space than its seed map. Even if one seed map is out of the chaotic range, the proposed system still maintains its chaotic behaviour. This can be demonstrated by the results of bifurcation diagram and Lyapunov exponents as shown in Fig. 2 (a - e) and Fig. 3 (a - e).

Fig. 2
figure 2

Bifurcations diagram of (a) Logistic map, (b) Tent Map, (c) Sine map, (d) CLS and (e) CTS

Full size image
Fig. 3
figure 3

Lyapunov exponents of (a) Logistic map, (b) Sine map, (c) Tent map, (d) CLS and (e) CTS

Full size image

The combined chaotic system has achieved large positive Lyapunov exponents values, which ensures the enhanced chaotic behavior. Further, the bifurcation diagram of combined chaotic system has spread out throughout the entire region of 0 and 1, which again proves its suitability for multimedia security applications.

2.1 Permutation phase

In Permutation phase, image pixels are rearranged through three routines namely inter-planar row permutation, inter-planar column permutation and inter-planar pixel shuffling using CTS chaotic random sequence. The functional parameter of three stage permutation has given in Table 2.

Table 2 Permutation phase parameter description
Full size table

Fig. 4 shows the functionality of three stage permutation. Its described through 3 × 3 RGB color image where Ri (i = 1,2,..9), Gi (i = 1,2,..9) and Bi (i = 1,2,..9) represent the nine pixels in red, green and blue planes of the image respectively. Three sequences are generated from the CTS map. At first, sequence 1 of length P1 (= 3 M) is generated to perform inter-planar row shuffling. Next, sequence 2 of length P2 (=3 N) is generated to perform inter-planar column shuffling. Finally, sequence 3 of length P1 × P2 is generated to shuffle the inter-planar pixels to get the final shuffled image.

Fig. 4
figure 4

Permutation phase using CTS map

Full size image

2.2 Diffusion phase

The diffusion process was achieved by three routines which is shown in Fig. 5. The functional parameter of three routine are listed in Table 3.

  1. Step 1:

    Let the red, green and blue planes of the colour image I from permutation operation be R, G and B respectively. Let Q1 be the first stage diffused image and R’, G’, B′ be the red, green and blue planes of Q1 respectively. Q1(w, h) be the pixel position of image Q1 at (w,h) {where w = 1,2…M and h = 1,2,…,N} is estimated using equation ((Eq. 7))

Fig. 5
figure 5

Diffusion Phase

Full size image
Table 3 Diffusion phase parameter description
Full size table
$$ {\mathrm{Q}}_1=\begin{array}{ccc}\hfill {{\mathrm{R}}^{'}}_{\mathrm{w},\mathrm{h}} = {\mathrm{R}}_{\mathrm{w},\mathrm{h}\ }\hfill & \hfill \oplus \kern0.5em {\mathrm{G}}_{\mathrm{w},\mathrm{h}-1\ }\hfill & \hfill \oplus \kern0.5em {\mathrm{B}}_{\mathrm{w},\mathrm{h}-1}\hfill \\ {}\hfill {{\mathrm{G}}^{'}}_{\mathrm{w},\mathrm{h}} = {\mathrm{G}}_{\mathrm{w},\mathrm{h}\kern0.5em }\hfill & \hfill \oplus \kern0.5em {\mathrm{R}}_{\mathrm{w},\mathrm{h}-1\ }\hfill & \hfill \oplus \kern0.5em {\mathrm{B}}_{\mathrm{w},\mathrm{h}-1}\hfill \\ {}\hfill {{\mathrm{B}}^{'}}_{\mathrm{w},\mathrm{h}} = {\mathrm{B}}_{\mathrm{w},\mathrm{h}\ }\hfill & \hfill \oplus \kern0.5em {\mathrm{R}}_{\mathrm{w},\mathrm{h}-1}\hfill & \hfill \oplus \kern0.5em {\mathrm{G}}_{\mathrm{w},\mathrm{h}-1}\hfill \end{array} $$
(7)

Here Q1(w,h) = I(w,h) at h = 1. In this process, the pixel values of every plane with that of the other two planes are diffused.

  1. Step 2:

    The chaotic sequence of length 3 × M × N is generated. Let the chaotic series generated by CLS be Φ (x, y) and the individual element in the chaotic sequence is quantized in the range (0, 255) by the Eq. (8),

$$ \mathrm{Q}2=\mathrm{floor}\ \left(256,\Phi\ \left(\mathrm{x},\mathrm{y}\right)\right) $$
(8)

Q2 represents the quantized chaotic sequence. Now, Q2 is XOR with Q1 to produce the diffused image,

$$ \mathrm{Q}3=\mathrm{XOR}\ \left(\mathrm{Q}1,\mathrm{Q}2\right) $$
(9)
  1. Step 3:

    As a first part of this step, three planes of image Q3 is concatenated and converted into 1D array. Let D be the user defined random number (restricted to 0 to 255). The final diffused image Q is obtained by using (Eq. (10)),

$$ Q(i)=\left\{\begin{array}{cc}\hfill {Q}_3(i)\oplus D\hfill & \hfill; for\kern0.5em i=1\ \hfill \\ {}\hfill {Q}_3(i)\oplus D\oplus Q\left( i-1\right)\hfill & \hfill; otherwise\hfill \end{array}\right. $$
(10)

2.3 Decryption process

  1. Step 1:

    As a first part of this step, Q is converted into 1D array. The second part took each element of the 1D array and XOR the same with the predefined pseudo random number sequence D(i) (restricted between 0 to 255) to obtain Q3 using (Eq. (11)),

$$ {Q}_3(i)=\left\{\begin{array}{cc}\hfill Q(i)\oplus D(i)\hfill & \hfill; for\kern0.5em i=1\ \hfill \\ {}\hfill Q(i)\oplus D(i)\oplus Q\left( i-1\right)\ \hfill & \hfill; otherwise\hfill \end{array}\right. $$
(11)
  1. Step 2:

    Let the chaotic series generated by CLS be Φ (x, y) and the individual element value is restricted 0 to 255 by following the Eqs. (12) and (13),

$$ {Q}_2= floor\ \left( 256,\varPhi\ \left( x, y\right)\right) $$
(12)

Then, Q2 is XORed with Q3 to produce the diffused image,

$$ {Q}_1= XOR\ \left({Q}_3,{Q}_2\right) $$
(13)
  1. Step 3:

    All the elements are extracted in the opposite order of encryption without losing the generality of this step using (Eq. (14))

$$ \mathrm{Encrypted}\ \mathrm{image}=\begin{array}{c}\hfill {\mathrm{R}}_{\mathrm{w},\mathrm{h}} = {\mathrm{R}}_{\mathrm{w},\mathrm{h}} \oplus {\mathrm{G}}_{\mathrm{w},\mathrm{h}-1} \oplus {\mathrm{B}}_{\mathrm{w},\mathrm{h}-1}\hfill \\ {}\hfill {\mathrm{G}}_{\mathrm{w},\mathrm{h}} = {\mathrm{G}}_{\mathrm{w},\mathrm{h}}\kern0.5em \oplus \kern0.5em {\mathrm{R}}_{\mathrm{w},\mathrm{h}-1} \oplus \kern0.5em {\mathrm{B}}_{\mathrm{w},\mathrm{h}-1}\hfill \\ {}\hfill {\mathrm{B}}_{\mathrm{w},\mathrm{h}} = {\mathrm{B}}_{\mathrm{w},\mathrm{h}\ }\kern0.75em \oplus {\mathrm{R}}_{\mathrm{w},\mathrm{h}-1}\oplus {\mathrm{G}}_{\mathrm{w},\mathrm{h}-1}\hfill \end{array} $$
(14)

3 Hardware architecture

Hardware architecture of the proposed image crypto system is shown in Fig. 6. The core consists of FSM based control unit, Permutation Unit (PE), Diffusion Unit (DU), chaotic map based secret key generator (CSG), 52 Kb on-chip memory and 512 kb on board SRAM. The functional description of each core is described as follows:

Fig. 6
figure 6

Hardware architecture of the image encryption algorithm

Full size image

3.1 FSM based control unit

The control unit is instigated with Finite State Machine (FSM), which manages the sequence of entire encryption and decryption processes. FSM generates required Start of Process (SoP) and End of Process (EoP) signals to all the integrated hardware blocks include CSG, Permutation Unit, Diffusion Unit, Memory Interface Circuit (MIC), 52 KB on-chip memory and 512 KB external SRAM. Fig. 7. describes the sequence of encryption and decryption process through FSM state diagram.

Fig. 7
figure 7

Finite State Machine

Full size image
  1. ST1:

    In ST1 state, FSM reads the initial seeds and control parameters in IEEE 754 format from external SRAM memory through MIC and load them into CSG unit to generate the permutation and diffusion phase secret keys.

  2. ST2:

    In ST2 state, FSM control unit triggers the CSG unit through SoP signal to generate the random key sequence for three-stage permutation process and waits for EoP acknowledgement signal from CSG to switch over to ST3. The generated random sequences in ST2 are stored in on-chip memory and used in ST3 to perform the permutation process.

  3. ST3:

    In ST3, FSM issues the SoP to PU to perform the three-stage permutation process and waits in ST3 till it gets End of Process signal (EoP) from PU. Then the control is passed to ST4 state.

  4. ST4:

    In ST4 state, FSM control unit enables both CSG and DU unit for execute the diffusion process. It remains in state ST4 till it gets End of Process (EoP) command from DU. The process skips to HALT state at the next clock cycle.

3.2 Chaotic sequence generation unit

Internal architecture of CSG unit is shown in Fig. 8. It consists of IEEE 754 standard single precision floating point arithmetic IP cores. This core comprises of subtractor, multiplier, divider and sine circuits, which are used to accomplish the floating point coupled chaotic systems such as CTS and CLS in FPGA. IEEE 754 standard 32 bit single precision floating point format is used to represent both initial condition and control parameters of chaotic maps. The 1-bit SoP and EoP signals are used to control all the arithmetic modules within the units and synchronization between modules and the systems. In addition, the two-input XOR gate has been used to bond two chaotic maps binary sequence and produces the final pseudo random sequence. The output of each iteration is stored in on-chip memory for permutation and diffusion processes.

Fig. 8
figure 8

Hardware architecture of CSG Unit

Full size image

3.3 Permutation architecture

Functional description of permutation unit is shown in Fig. 9, which is interlinked with on- chip memory and Memory Interface Circuit (MIC) to perform the three-stage permutation starting from row scrambling to inter-planar pixel shuffling. In each permutation stage, image pixels positions are rearranged randomly in external SRAM according to CLS random sequence, which is accomplished through Memory Interface Circuit (MIC).

Fig. 9
figure 9

Hardware architecture of Permutation Unit

Full size image

The permutation unit computes the starting address of every row and column in SRAM according to Eqs. (1517) and feed to the MIC.

$$ \mathrm{Relative}\ \mathrm{address}\ \mathrm{for}\ \mathrm{row}\ \mathrm{permutation}=\mathrm{Base}\ \mathrm{address}+\left(\mathrm{row}\ \mathrm{displacement}\times \mathrm{row}\ \mathrm{pointer}\right) $$
(15)
$$ \mathrm{Relative}\ \mathrm{address}\ \mathrm{for}\ \mathrm{column}\ \mathrm{permutation}=\mathrm{Base}\ \mathrm{address}+\left(\mathrm{row}\ \mathrm{index}\times \mathrm{row}\ \mathrm{pointer}+\mathrm{Column}\ \mathrm{displacement}\right) $$
(16)
$$ \mathrm{Pixel}\ \mathrm{permutation}=\mathrm{Base}\ \mathrm{address}+\mathrm{pixel}\ \mathrm{displacement} $$
(17)

where, base address represents the starting address of the permuted image in SRAM memory, row displacement represents shifting index of the pixel according to the chaotic random sequence, row index represents the starting position of the each row in SRAM, which varies from 0 to n in sequential manner (for 8 × 8 image, n = 8), row pointer represents the width of the image, column displacement represents shifting index of the pixel according to the chaotic random sequence and pixel displacement represents shifting index of the pixel according to the chaotic random sequence.

3.4 Diffusion architecture

The schematic representation of diffusion unit is shown in Fig. 10. It comprises of three parallel XOR gates (each input is 8 bit width), sequential execution logic and intermediate register to achieve the three-stage XOR diffusion process sequentially.

Fig. 10
figure 10

Hardware architecture of diffusion unit

Full size image

In the first stage, pixel values of every plane (Red) are XORed with other two planes (Green and Blue) n + 1 array elements according to Eq. (7). In the next two stages, pixel values are further diffused by XOR gate using chaotic sequence generated by CLS scheme according to Eqs. (8 & 9). After three diffusion stages pixel values are stored in the output buffer R’G’B′ and finally restored into SRAM memory.

4 Performance and security analysis

Performance of the chao-image crypto system has been analysed to test whether it satisfies the trade-off between security and computational speed, cost and power. In order to analyse the same, statistical, key space, sensitivity, attack, hardware performance and complexity analyses were carried out following the standards.

4.1 Statistical analysis

In this analysis, the confusion and diffusion characteristics of the proposed chao-image crypto system have been tested by estimating histogram, correlation coefficient and information entropy.

4.1.1 Histogram analysis

The histogram of the original and encrypted images has been tested for estimating the statistical resemblances. Histogram analysis of plain images and their respective encrypted images are shown in Fig. 11 (a - d) and Fig. 12 (a - d). The obtained results revealed the absence of biasing between the original and cipher images, which confirmed the failure of statistical attacks on the proposed algorithm.

Fig. 11
figure 11

(a) Lena, (b) histogram of Lena, (c) encrypted Lena and (d) histogram of encrypted Lena

Full size image
Fig. 12
figure 12

(a) Baboon, (b) histogram of Baboon, (c) encrypted Baboon and (d) histogram of encrypted Baboon

Full size image

Histogram of the encrypted image provides the visual proof of the sternness of the algorithm against statistical attack. However, it is necessary to estimate the quantitative value of uniform pixel distribution. This can be realized through calculating the variances of the cipher image histogram. The variance of histogram can be calculated by the following equation Eq. (18),

$$ \mathrm{Var}\ \left(\mathrm{H}\right)=\frac{1}{n^2}{\sum}_{i=1}^n{\sum}_{j=1}^n\ \frac{{\left({H}_i-{H}_j\right)}^2}{2} $$
(18)

where, Hi, Hj are the number of pixels at various gray levels i, j respectively. The histogram variances for the various secret keys on plain image are calculated and tabulated in Table 4. Lower the value of obtained variance indicates the higher uniformity of pixel distribution. In addition, the percentage of histogram variance for all the secret keys are calculated and tabulated in Table 5.

Table 4 Variances of histograms compared among all secret keys in the proposed algorithm
Full size table
Table 5 Percentage of histogram variance with all the secret keys
Full size table

From the above analysis, it is noticed that the variance value and their percentage difference for variation in secret keys are small. Thus the quantitative analysis also proves the resistance of the proposed algorithm against statistical attacks.

4.1.2 Correlation analysis

Typically, digital images have high correlation among the adjacent pixels in all the directions. To overcome the statistical attacks, it is mandatory to reduce the correlation among adjacent pixels in any cipher image. The following performance measures are attempted to examine the correlation among pixels. Correlation coefficient for those images is computed using the following Eqs. (1922).

$$ E(x)=\frac{1}{N}\sum_{i=1}^N{x}_i $$
(19)
$$ D(x)=\frac{1}{N}\sum_{i=0}^N{\left[{x}_i- E(x)\right]}^2 $$
(20)
$$ Conv\left( x, y\right)=\frac{1}{N}\sum_{i=1}^N\left[{x}_i\hbox{--} E(x)\right]\left[{y}_i- E(y)\right] $$
(21)
$$ {r}_{xy}=\frac{conv\left( x, y\right)}{\sqrt{D(x)}\sqrt{D(y)}} $$
(22)

where, x and y are the grayscale values of the two adjacent pixels and N is the total pair of randomly selected pixels. The correlations between neighbouring pixel in the original and encrypted images are presented in Table 6.

Table 6 Correlation coefficients of adjacent pixels in original and encrypted image
Full size table

From Table 6 one can observe the absence of correlation between the plain and its corresponding cipher image. Table 7 elucidates that the proposed scheme offers less correlation compared to other methods.

Table 7 Correlation coefficients analysis of the proposed method with the available methods considering Lena image
Full size table

4.1.3 Information entropy

Information entropy is a quantitative measure of uncertainty of a random variable ‘m’ and it can be computed as follows (Eq. (23)),

$$ H(m)=\sum_{i=0}^{M-1} P\left({m}_i\right){log}_2\frac{1}{P\left({m}_i\right)} $$
(23)

where, P (mi) is the possibility of appearance of the symbol mi. Cipher image should possess entropy value nearing 8 in order to resist the statistical attack [27]. The entropy of ciphered images are listed in Table 8. These results confirmed that all entities are almost equal to speculative value of 8 and the proposed algorithm is more secure against entropy attack.

Table 8 Results of information entropy analysis
Full size table

4.2 Key space analysis

Key space analysis is the most important analysis to be carried out for evaluating the performance of any algorithm. Normally, high key space value reflects the elevated resistance towards brute force attack. Since multiple chaotic maps are employed in the proposed model, secret key generating variables are ultimately increased. In the case of CTS map, if the two initial conditions and parameters (T0, S0, u, a) have precision set to 14 decimal points, and hence the key space will be 1056 ≈ 2224, which is huge to break through brute force attack.

4.3 Chosen plain text attack analysis

Chosen plain text attack is one of the four traditional types of attacks that the cryptosystem may undergo. If the proposed cryptosystem is immune to resist this attack, then it has resistance towards other three attacks. The cryptanalyst considers two plain images P1, P2 and two cipher images C1, C2. In order to prove the systems’ resistance towards chosen plain text attack, the proposed cryptosystem need to break the equation XOR (P1, P2) = XOR (C1, C2).

From the Fig.13, it is noticed that the equality has been broken which proves the systems’ resistance towards chosen plain text attack.

Fig. 13
figure 13

Chosen plain text attack analysis (a) XOR (I1, I2) and (b) XOR (I1’, I2’)

Full size image

4.4 Data loss and noise attacks

In real time data communication applications, the encrypted images will certainly experience few data losses as well as noise effects when transmitted. The cryptanalyst may intentionally do such attacks to alter the information contents while transmission. Hence, it is necessary for the encryption algorithm to resist such security attacks. To verify the performance of the proposed algorithm against these attacks, the intentional cropping and noise addition is done on the encrypted Lena image and the corresponding decrypted image is studied. The simulation results of these two security attacks (Fig. 14). It can be interpreted that the proposed scheme can get back most of the visual information even with the data loss and noise effects. Therefore the proposed method demonstrates its immunity against these security attacks.

Fig. 14
figure 14

Data loss and noise effects: (a) Encrypted Baboon with 60 × 60 data loss; (b) Encrypted Baboon with 1% salt and pepper noise; (c) Decrypted image of (a); (d) Decrypted image of (b)

Full size image

4.5 Key sensitivity analysis

The proposed model utilizes two different key sets to perform permutation and diffusion. Permutation uses two initial conditions and two control parameters to generate permutation key. If the permutation key set is P = {T0 = 0.44876457898635, S0 = 0.87634594562348, u = 1.22, a = 3.98}, even a slight change in the key set resulted in a undesired output. Fig. 15 depicts the effectiveness of the key sensitivity where the effect of just one bit change in key in the resultant image is highlighted.

Fig. 15
figure 15

(a) Original Barbara image, (b) Decrypted Barbara image with wrong initial condition T0 = 0.44576457898635, (c) Decrypted Barbara image with wrong parameter u = 1.88 and (d) Decrypted Barbara image with correct initial conditions and parameters (T0 = 0.44876457898635, S0 = 0.87634594562348, u = 1.22, a = 3.98)

Full size image

4.6 NPCR and UACI analysis

Number of Pixel Change Rate (NPCR) and Unified Average Changing Intensity (UACI) are the two widely used security analysis metrics to analyze the performance against differential attack. Number of pixel changes during differential attack is represented by NPCR and UACI focus on the difference between any two adjacent pixels. The NPCR and UACI are described by the Eqs. (2426) respectively.

$$ N PCR=\frac{\sum_{i, j} D\left( i, j\right)}{M\times N}\times 100\% $$
(24)
$$ UACI=\frac{1}{M\times N}\left[\sum_{i, j}\frac{\left|{C}_1\left( i, j\right)-{C}_{2\kern0.5em }\left( i, j\right)\right|}{255}\right]\times 100\% $$
(25)
$$ D\left( i, j\right)=\left\{\begin{array}{c}\hfill 0\kern0.5em {ifC}_1\left( i, j\right)={C}_2\left( i, j\right)\hfill \\ {}\hfill 1\kern0.5em {ifC}_1\left( i, j\right)\ne {C}_2\left( i, j\right)\hfill \end{array}\right\} $$
(26)

where, C 1 and C 2 are the two encrypted images related to two original images with tiny change i.e., one pixel difference. M and N are the width and height of the image, D (i , j) is a bipolar array with the same size as images C1 and C2. D (i , j) is defined by Eq. (22). The values of NPCR (>99%) and UACI (≈33%) for Lena, Baboon, Pepper and Barbara images are listed in Table 9.

Table 9 NPCR and UACI for the cipher images
Full size table

Observational results prove that the computed NPCR and UACI are near to the theoretical values and greater than existing image encryption schemes. Therefore, the projected encryption scheme is immune to differential attacks.

4.7 Comparison with other color image modalities

Comparison analysis of correlation, NPCR and UACI values for different color image modalities was listed in Table 10. From the above analysis (Table 10) the RGB color model achieves low correlation values, better NPCR and UACI than other two color image modalities. This is due to the independent of RGB color coefficient whereas other modalities have dependent pixel coefficient values.

Table 10 Comparison analysis of correlation, NPCR and UACI values for different color image modalities
Full size table

5 Hardware performance analysis

The proposed image encryption scheme was modeled in Verilog Hardware Description Language (HD), synthesis in both Quartus II IDE and Xilinx ISE 14.0 and tested in Cyclone II and Virtex 4 FPGA. The synthesis results are listed in Table 11.

Table 11 Hardware resource utilization on Cyclone II FPGA
Full size table

From the above analysis, it is realized that on chip memory has largely utilized to implement the proposed scheme which is mainly used to store the chaotic key sequence and pixel values in the execution stage.

In architectural point of view, it is very hard to compare the implementation of proposed algorithm in two different vendor FPGA-in terms of resource utilization (configurable logic block (CLB) or logic element (LE)). Because, every vendor have use different terminologies in their CAD tools to describe the logic capacity of their products where Altera uses the Logic Element (LE) methodology and Xilinx FPGAs uses slice to measure their logic capacity of a FPGA. Moreover, ALTERA and Xilinx logic array blocks are entirely different where Xilinx use 4 or 6-input LUT in Virtex-4 FPGA and ALTERA uses 4 -input or 3 input LUT in Cyclone II series FPGA.

5.1 Computing complexity analysis

Computational complexity of the algorithm has been estimated in real- time with zero plus logic analyzer and the results are given in Table 12.

Table 12 Computing complexity analysis
Full size table

From the above analysis, it is evident that the chaotic key stream generator is the most time-consuming part, which is due to the floating point computational process and combinational functions. It can be overcome by adding more parallel units to achieve better throughput but incur more logic resources in FPGA and consume more power.

5.2 Comparison with exiting scheme

The performance of hybrid image crypto system is compared with other existing schemes in terms of resource utilization and execution time. The comparison results are listed in Tables 13 & 14.

Table 13 Hardware resource utilization of different schemes
Full size table
Table 14 Speed performance analysis
Full size table

As can be seen, the proposed chaotic image crypto system perform faster than the existing software and hardware based schemes because of parallel execution of permutation and diffusion processes and also consume low resource utilization.

6 Limitation of hardware model

The proposed design has inbuilt BMP header reader. It can access the image pixel from external memory without any software assistance. However, for other colour image formats, the design should have header structure or software assistance to read the image pixels from the memory. The on board SRAM (512 KB) or SDRAM (8 MB) is used in the proposed design to store the image file. Hence, the design can adopt any larger image size. Further, the combined chaotic scheme can generate large number of secret key without any reputation for encrypting large size images. In addition, hardware blocks in the FPGA include CSG, PU and DU can operate in parallel at 400 MHz operating frequency to achieve higher throughput and real-time implementation.

7 Conclusion

Multiple chaotic map based image encryption algorithm is proposed and implemented in reconfigurable hardware platform. CTS and CLS maps are used to confuse and diffuse inter-planar image pixels respectively. The proposed blend has increased the key space and enhanced the robustness of cryptosystem. The performance is analyzed with several measures and proved that the proposed cryptic model is superior over the traditional encryption schemes and can withstand several attacks. The intended design is operated at 200 MHz and accumulates 3851 logic elements. Timing and power scrutiny confirmed that it is an attack resistant model for real-time hardware security applications. The proposed design can be extended for even larger image size and higher operating clock frequencies.