1 Introduction

Internet networks especially mobile networks are rapid developed in last decade. People take and upload pictures with smart phones to share with their families and friends on social networking platform. Moreover, image and video transmission are extensively used in industrial scene supervision, E-government, military cooperative operations, telemedicine and distance learning. These sensitive information resources include personal privacy, trade secrets and even state secrets which shall not be disclosed to anyone not involved. Owing to frequent flow of digital image and video across the world over the transmission media, it has become essential to secure them from leakages [18].

Data encryption is an effective way to protect data from threats. Due to bulky data capacity and high correlation among pixels in image files, traditional techniques are not suitable for image encryption [27]. In last few years, a great number of image encryption schemes have been proposed. Among encryption algorithms, chaos-based methods have strong cryptographic properties, with their high sensitivity to their initial conditions and parameters, their uncorrelated, their random-like nature and their unpredictability, can be very helpful in improving the security of transmitting communications [13]. Although chaos-based encryption schemes have very high security and reliability, high computation complexity is a serious obstacle to be widely applied in industrial production and daily life.

With development of the Internet, a large number of devices based on embedded systems are applied in different fields, from smart phones, intelligent recognition devices [10,11,12], industrial control systems, to military application like unmanned aerial vehicle (UAV) [3] and cooperative operations. Take smart phones as an example, data transmission of these devices is not safe enough, particularly when linking unsafe network such as public Wi-Fi. A network engineer can easily intercept data such as encrypted password and chat record from a network. Therefore, encryption of transmitted data plays a significant role in the defense of information disclosure. If use chaos-based encryption schemes with high security on devices based on embedded systems to encrypt transmitted information, the risk of information disclosure will be reduced drastically. Usually, embedded systems have small size and high stability, which is suitable to be used for many specific occasions. But compared with computer platform, embedded systems normally present much less power of computation and very limited memory size [15]. Since most of traditional chaos-based image encryption schemes have high computational complexity, low computing power of embedded systems limits time efficiency. Accordingly, more high-performance encryption schemes for embedded systems are needed.

In this paper, a fast image encryption algorithm which could be implemented to embedded systems is proposed. A continuous third-order hyperbolic sine chaotic system is chosen to generate chaotic sequence. The proposed method utilizes mixed-sequence and decorrelation operation to enhance the randomness of chaotic sequence. Moreover, it used minimum length of sequence determined by experiments. Therefore, the proposed scheme could significantly reduce computational complexity and processing time. This efficient algorithm is able to be applied in practice, like images transmission from UAV to ground control station [17, 22] and industrial control systems [6]. As for us, we are trying to utilize this scheme to a program of UAV with high performance of information security.

The rest of this paper is organized as follows. In section 2, entire encryption process will be detailed introduced. Section 3 presents the operations to enhance randomness of sequence. Section 4 is the experiments to determine the minimum length of chaotic sequence. And section 5 is the implementation in embedded systems. Section 6 displays the experimental results and performance analysis of encryption. Last section is conclusion.

2 Encryption algorithm

As is shown in Fig. 1. This paper uses a general encryption structure proposed by Jiri Fridrich [4].

Fig. 1
figure 1

Encryption process of algorithm

Full size image

In the chaotic sequence generation step, a continuous third-order hyperbolic sine chaotic system is used, which is given by Ref [14]:

$$ \overset{\dddot{}}{x}+0.75\ddot{x}+x+1.2\times {10}^{-6}\mathit{\sinh}\left(\frac{\dot{x}}{0.026}\right)=0 $$
(1)

Lyapunov exponents characterize the rate of separation of infinitesimally close trajectories in state space as time tends to infinity [13]. Lyapunov exponents of this system was calculated by experiment under initial conditions of \( \left(\dot{x},\ddot{x},\overset{\dddot{}}{x}\right)=\left(0.1,0.1,0.1\right) \), results are as follow:

$$ \left({\lambda}_1,{\lambda}_2,{\lambda}_3\right)=\left(0.154851,1.91018\times {10}^{-9},-0.904851\right) $$
(2)

Where λ1, λ2, λ3 are three Lyapunov exponents of this system. λ1 > 0, λ2 ≈ 0, λ3 < 0, which proves this system has strange attractor thus it is chaotic. Therefore, proposed chaos-based algorithm is convergent.

Encryption process is divided into two parts: confusion and diffusion. Confusion is a procedure of changing pixels’ position of a digital image in particular order. We proposed to change the position of pixels by rows and columns instead of all pixels to the consideration of simplifying computation complexity. To have a better understanding of this procedure, a pseudo-code is listed in Appendix A. Diffusion aim to change the value of pixels. We proposed to use XOR operation as most papers do [16, 21, 23]. To have a better understanding of this procedure, a pseudo-code is listed in Appendix B.

3 Operations to enhance randomness of sequence

In this section, mixed-sequence and decorrelation operation is discussed to enhance the randomness of chaotic sequence. We used NIST to test chaotic sequence and choose the best result, which could reconcile low computational complexity and high security level.

3.1 Mixed-sequence

Pseudo-random is a significant property of chaotic system. However, sequence generated from \( \dot{x} \) of Eq. (1) could not pass the pseudo-random test, which means this sequence was not random enough to be used in encryption. Therefore, encryption scheme utilizes this sequence may be easily cracked. In proposed algorithm, in order to obtain high uncorrelated sequence, we chose elements from \( \dot{x} \) and \( \ddot{x} \) of Eq. (1) respectively to generate a mixed-sequence. The process is as follows:

$$ \left\{\begin{array}{c}s(2n)=\dot{x}(2n)\\ {}s\left(2n+1\right)=\ddot{x}\left(2n+1\right)\end{array}\right. $$
(3)

Where s(n) is the generated chaotic sequence.

3.2 Decorrelation operation

Decorrelation operation is an effective method to lower sequence correlation and then improve security. We decorrelated the chaotic sequence by following equations:

$$ c(n)=s(n)\times {10}^k- floor\left(s(n)\times {10}^k\right) $$
(4)

As for the value of k, we carried out a series of experiments. We used NIST SP 800–22 test to test generated chaotic sequence. NIST test is used to detect the random characteristic of a pseudorandom sequence. If p − value is greater than α, the tested sequence can pass the test. Usually, α is set to 0.01. We respectively tested k = 0~9. According to the experiments results, we found that when k = 6, sequence passed all the tests. Same results occurred when k = 7, 8, 9. In C language environment, long double, a data type with the longest significant digits, usually guarantees the accuracy of eighteen decimal places. If k is too big, the computational accuracy of different devices may hardly be guaranteed. In this case, the decrypted image may be different from plain image. Based on the principle of minimum data destruction, we chose k = 6 in this paper. Testing results have shown that the decorrelation operation has no effect on encryption scheme. Some of the experimental results are shown in Table 1 (k = 0), Table 2 (k = 4),Table 3 (k = 6) and Table 4 (k = 8).

Table 1 NIST SP 800–22 test (k = 0)
Full size table
Table 2 NIST SP 800–22 test (k = 4)
Full size table
Table 3 NIST SP 800–22 test (k = 6)
Full size table
Table 4 NIST SP 800–22 test (k = 8)
Full size table

4 Operations to reduce computational complexity

For most traditional chaos-based image encryption algorithms, one pixel of a digital image corresponds to one element of chaotic sequences, which guarantees the randomness and uniformity of distribution of encrypted image. A m × n length of sequence is needed for encrypting a digital image of size m × n. However, for most images, length of sequence m × n usually reaches millions. Generation of such a long sequence would cost a lot of hardware resources and computation time. Therefore, these methods could hardly be applied in embedded systems or practice.

In this section, we proposed a simpler correspondence of pixels and sequence, an entire row or column of image correspond to one element of sequence. Details are shown in Appendix A and Appendix B. Furthermore, we consider chaotic sequence as a cyclic array, one element of sequence may be used more than once. Therefore, the length of sequence is significantly reduced, as well as computation time. Because of decorrelation operation, the security of algorithm is still holding at a high level.

The shorter length of chaotic sequence the better efficiency of encryption performance. We did several experiments to determine the minimum length of sequence by calculating the effect on NPCR and UACI score, due to NPCR and UACI are two important factors to evaluate the performance of an encryption scheme. Experiments are formulated to test a specific hypothesis under different length of sequences. Theoretical value of NPCR is 99.6 and UACI is 33.4. We chose a critical value of 1%. The hypothesis says if fractional error of NPCR and UACI exceed the critical value, hypothesis of high-level security scheme is rejected. Otherwise, hypothesis is accepted. We calculated average value of NPCR and UACI under different length of sequences. Experimental results are shown in Fig. 2. Testing images are from USC-SIPI. Interval between two red dotted lines is 1% of the theoretical value of NPCR and UACI.

Fig. 2
figure 2

Effect of length on NPCR and UACI

Full size image

From Fig. 2, when length of sequence exceeds a certain range, values of NPCR and UACI will fluctuate up and down close to the theoretical. For image of size 256 × 256, when length exceeds 200, values of NPCR and UACI are in the interval. Same as image of size 512 × 512 when length of sequence exceeds 300. However, we chose longer length of 400 in case of some extreme situation.

In traditional encryption schemes, the length of sequence will be 65,536 and 262,144 for 256 × 256 images and 512 × 512 images respectively. Compared with these schemes, only 400 lengths of sequence are used in proposed scheme to achieve the same security level, which contribute much to low computational complexity and high time efficiency.

5 Implemented in embedded system

In this section, we implemented proposed algorithm in embedded system development board based on QT interface. We used NanoPC-T3 development board which contains a Samsung S5P6818 processor with a 7.0-in. touchable LCD screen. Fig. 3 shows the software architecture diagram of embedded system and Fig. 4 shows the Hardware architecture diagram.

Fig. 3
figure 3

Software architecture diagram

Full size image
Fig. 4
figure 4

Hardware architecture diagram

Full size image

5.1 Performance of development board

Detailed performance of embedded system development board is shown in Table 5. We not only ported Linux system but Qt/Embedded to the development board [9, 19]. Qt is a powerful cross platform GUI program development framework for C++, which provides modularization programming method and comprehensive graphical interfaces. Today, most handheld devices are developed based on Qt. Therefore, this algorithm has feature of powerful transplantable capability.

Table 5 Performance of embedded system development board
Full size table

5.2 Image processing for development board

It is known to all that C language has no libraries for image processing. In order to process image, we complied Opencv 2.4.9 in Linux and ported libraries to the development board [26]. Furthermore, we connected a 7.0-in. touchable LCD screen to development board to achieve user interface interaction.

5.3 Encryption results

Encryption results can be seen in Fig. 5. Further encryption performance analyses are shown in next section.

Fig. 5
figure 5

Encryption results for embedded system

Full size image

6 Performance analyses

Experimental results and performance analyses of proposed encryption algorithm are provided in this section.

6.1 Encryption results

We used image Lena of size 512 × 512 and Cameraman of size 256 × 256 both with 256 Gy levels. Encryption results are shown in Fig. 6.

Fig. 6
figure 6

Encryption performance of two examples

Full size image

6.2 Key space analysis

According to Ref [1], a cryptosystem must have more than 2100 possible secret keys to defeat a brute-force attack. The proposed encryption algorithm is based on a continuous third-dimensional chaotic system. Consider limited precision in computer, the algorithm has at least 1048 ≈ 2159 secret keys (account to 16 decimal places). Therefore, key space of scheme is huge enough to defeat a brute-force attack.

6.3 Gray-level histogram

Gray-level histogram is a function showing the number of pixels in the image for each gray level [24]. It is a method of showing the random value of pixels directly. Fig. 7 shows gray-level histogram of original image and encrypted image. As we can see, number of pixels of each gray-level is close and pixels are uniform distribution.

Fig. 7
figure 7

Gray-level histogram of original image and encrypted image

Full size image

6.4 Key sensitivity analysis

Since chaotic systems are sensitive to its initials, we changed its initials slightly and encrypt same image to find out the difference of changing initials [5]. For sensitivity analysis of initial conditions of \( \left(\dot{x},\ddot{x},\overset{\dddot{}}{x}\right)=\left(0.1,0.1,0.1\right) \), we set a slight change of Δx = 10−15. The modified keys are \( \left(\dot{x}+\varDelta x,\ddot{x},\overset{\dddot{}}{x}\right)=\left(0.1+{10}^{-15},0.1,0.1\right) \),\( \kern0.50em \left(\dot{x},\ddot{x}+\varDelta x,\overset{\dddot{}}{x}\right)=\left(0.1,0.1+{10}^{-15},\kern0.5em 0.1\right) \) and \( \left(\dot{x},\ddot{x},\overset{\dddot{}}{x}+\varDelta x\right)=\left(0.1,0.1,0.1+{10}^{-15}\right) \). We used these four keys as input initials to encrypt same image of Fig. 6(b). It was shown that 99.6% of the pixels are different. Four ciphered images are shown in Fig. 8.

Fig. 8
figure 8

Difference between two encrypted images

Full size image

Therefore, difference between images encrypted by different keys is large enough to maintain high security against known-plaintext attack.

6.5 Information entropy

Information entropy is the expected value of the information contained in an image. A meaningless image often has big entropy [20]. For an image with 256 Gy levels, the maximum value of entropy is 8. Simulation experiment shows the entropy of Fig. 6(b) is 7.99899138 and (d) is 7.99538375. It proves the encrypted image is highly stochastic.

6.6 Correlation analysis

Generally, for a meaningful image, its adjacent pixels have intense correlation [7]. Its horizontal correlation, vertical correlation, and diagonal correlation are very close to 1. Thus, a reasonable encryption algorithm should destroy its pixels’ correlation.

Correlation of two adjacent pixels in the original image and encrypted Lena image is shown in Fig. 9. Calculation results of horizontal correlation, vertical correlation, and diagonal correlation are shown in Table 6.

Fig. 9
figure 9

Correlation analysis for original and encrypted Lena image

Full size image
Table 6 Results of horizontal correlation, vertical correlation, and diagonal correlation
Full size table

As we can see, proposed encryption algorithm effectively destroys the correlation of adjacent pixels.

6.7 NPCR and UACI

Number of pixels change rate (NPCR) and unified average changing intensity (UACI) are two important indices of resisting differential attacks [2, 25]. We changed the value of one pixel of original images randomly and encrypted them. Calculation results of NPCR and UACI are shown in Table 7. Testing images are from USC-SIPI and Caltech image database (492 images). Besides, the values of NPCR and UACI of images from database is the average of all images.

Table 7 Results of NPCR and UACI
Full size table

Apparently, proposed encryption algorithm is capable of resisting differential attacks.

6.8 Algorithm complexity analysis

According to Fig. 1, proposed algorithm contains four computational procedure, secret key computation, sequence generation, confusion and diffusion. The sum of frequency of all statements in algorithm can be obtained by adding computation of each part:

$$ T\left(m,n\right)=m\times n+400\times 15+400+4\times m\times n+m\times n $$
(5)

Where m, n are the size of original image. Hence the complexity of proposed algorithm is O(6 × m × n).

6.9 Running time on PC

Encryption time, especially for chaos-based encryption algorithm, is a decisive factor of whether it can be used in practice. Running time of each encryption step are shown in Table 8. The computer configuration used in this test is a 2.4GHz Core i5-6300 U processor with 4GB memory. And the program is running in Visual Studio 2017 with Opencv 3.2.0. Testing images are from USC-SIPI and Caltech image database (492 images). Besides, running time of images from database is the average of all images.

Table 8 Running time of each encryption step for PC
Full size table

Therefore, proposed encryption algorithm is significantly efficient. An encryption of a 512 × 512 Gy image uses less than 40 ms (except the time of reading and saving image), which is an extraordinary short encryption time for a chaos-based encryption scheme.

6.10 Running time on embedded system

After a series of optimization, proposed algorithm can run on embedded system development board fast. The running time of each encryption step for embedded system is shown in Table 9. The embedded system development board is NanoPC-T3 which contains a Cortex -A53 Samsung S5P6818 processor, with a 7.0-in. touchable LCD screen. Testing images are from USC-SIPI and Caltech image database (492 images). Besides, running time of images from database is the average of all images.

Table 9 Running time of each encryption step for embedded system
Full size table

6.11 Comparison results

We compared the performance of our scheme to several typical image encryption algorithms [8, 13, 28]. We evaluate the performance of our method by conducting several tests based on image quality and other evaluation metrics. To compare the correlation values, we use the following equation:

$$ C=\frac{C_h+{C}_v+{C}_d}{3} $$
(6)

Ref [13] introduced a new simple chaotic system and its application in medical image encryption. Ref [28] described an image encryption method using a chaotic system of the mixed linear–nonlinear coupled map lattices for diffusion in the image encryption. Ref [8] proposed a novel image encryption scheme based on the Zaslavsky chaotic map.

The comparison of algorithm performance is shown in Table 10. Obviously, running time of proposed scheme is much shorter than others, which conforms to our main ideas. Such encryption method with high quality and efficient could be appropriately applied in practice. As for us, we are trying to utilize this scheme to a program of UAV with high performance of information security.

Table 10 Comparison of the proposed image encryption scheme with recent state-of-the-art encryption algorithms in same environment (test image is image Lena of size 512 × 512 with 256 Gy levels)
Full size table

7 Conclusion

A novel fast image encryption algorithm based on chaos for embedded systems is proposed in the paper. The proposed scheme can encrypt digital images with high time efficiency. Mixed-sequence and decorrelation operation are also utilized to enhance the randomness of chaotic sequence. Moreover, the algorithm used minimum length of the sequence which is determined by experiments. Therefore, it spends much less computation time and can be implemented in embedded systems. Performance analysis including key space analysis, gray-level histogram, different initials analysis, information entropy, correlation analysis, NPCR, UACI, complexity analysis and running time. All the experimental results show that proposed encryption scheme can resist known attacks, such as known-plaintext attacks, chosen ciphertext attacks, statistical attacks, differential attacks, and various brute-force attacks. Besides, it performs well in embedded systems thereby can be applied in programs.

All these properties make the proposed scheme an efficient encryption algorithm with high security. However, Cortex -A53 processor we used in embedded system is a relatively powerful one among embedded processors. Performance of proposed algorithm in some systems with low efficiency is not as good as we expect. In the future, we aim to find more approaches to keep on reducing computational complexity without effecting the security. Additional future work could explore to video encryption for more application scenarios.