- Email: [email protected]
Generalized optical encryption framework based on Shearlets for medical image
Optics and Lasers in Engineering 128 (2020) 106026
Contents lists available at ScienceDirect
Optics and Lasers in Engineering journal homepage: www.elsevier.com/locate/optlaseng
Generalized optical encryption framework based on Shearlets for medical image Mingming Chen a, Guangbiao Ma a, Chen Tang a,∗, Zhenkun Lei b a b
School of Electrical and Information Engineering, Tianjin University, Tianjin 300072, China State Key Laboratory of Structural Analysis for Industrial Equipment, Dalian University of Technology, Dalian 116024, China
a r t i c l e
i n f o
Keywords: Shearlet transform Medical image Optical encryption framework Texture
a b s t r a c t The security of medical image data for transmission and storage is a critical issue. Texture information of medical images is important for diagnosis. Since Shearlets is particularly effective in characterizing texture information, in this paper, we propose a generalized optical encryption framework based on Shearlets and double random phase encoding (DRPE) especially for medical images. In the proposed encryption framework, the secret medical image is first decomposed into n sub-images with shearlet transform. Then, the sub-images or pixel positions are shuffled by scrambling algorithm. Subsequently, the shuffled sub-images are synthesized into one image. Finally, the synthesized image is encoded with DRPE. The security level of the proposed encryption framework can be improved by changing the parameters of shearlet transform and selecting different methods for scrambling pixels and synthesizing multiple images to single image. Extensive simulation results have shown the performance of the proposed optical encryption framework. The proposed encryption framework can be improved along with novelty scrambling method and reversible synthesize methods.
1. Introduction With the widely development of the modernization of image devices and biomedical image processing techniques, more diagnosis of certain diseases are based on the digital images [1,2]. The common used medical devices which produce digital images mainly include ultrasound, computed tomography, magnetic resonance imaging, positron emission tomography, etc. [3]. The medical images for diagnosis contain confidential information which is related to patients’ privacy. Moreover, the medical images are often distributed via intranet or Internet, the security of medical image data for transmission and storage has become a critical issue. Encryption is an effective way which has been widely explored to prevent medical images from the threats such as malicious tampering and privacy leakage [4]. Some traditional encryption methods which were proposed for securing textual data are not suitable for encrypting the medical images because of the high redundancy and strong correlation between adjacent pixels [5]. In order to reduce the redundancy and correlation, many highly reliable medical image encryption algorithms have been proposed. These image encryption algorithms can be mainly categorized into two groups: the selective encryption algorithms
∗
Corresponding author. E-mail address: [email protected] (C. Tang).
and the full encryption algorithms. The selective encryption algorithms only encrypt portions of the original medical image [6]. For example, many algorithms encrypt interleaved patient information of images [7], and use a stream cipher to encrypt only the significant bits of individual coefficients [8]. Many other algorithms encrypt important compressing coefficients [9–11]. The selective encryption algorithms may minimize the processing time for encryption and decryption of medical images. Therefore, they are quite adapted in many real-time medical applications to protect medical records including wireless medical networking and mobile medical services [12]. However, the deficiencies of selective encryption algorithms are that they may result in data loss and lead negative misdiagnosis. Compared with the selective encryption algorithms, the full encryption algorithms encrypt the whole medical image, which have higher security level. The chaos-based image encryption methods and optical encryption methods are two categories of main full encryption algorithms. The improvements of chaos-based encryption methods lie in various aspects, such as novel permutation techniques [13–19], new diffusion approaches [20,21], high security key stream generators [22], simultaneous image encryption-compression scheme [23,24], as well as novel transform domains [25,26]. In 1998, Fridrich proposed the groundbreaking substitution-diffusion architecture for image encryption [27], and then be developed to the classical permutation–diffusion architecture by Chen, Lian and Wong [28–30]. Subsequently, the development of chaos-based encryption is promoted because the classical permutation–diffusion architecture draws world-wide concern. On the
https://doi.org/10.1016/j.optlaseng.2020.106026 Received 25 November 2019; Received in revised form 3 January 2020; Accepted 13 January 2020 0143-8166/© 2020 Elsevier Ltd. All rights reserved.
M. Chen, G. Ma and C. Tang et al.
Optics and Lasers in Engineering 128 (2020) 106026
other hand, optical encryption method is an efficient image encryption method. The most representative optical encryption method is double random phase encoding (DRPE) proposed by Refregier and Javidi in 1995. It encodes the plain image into a stationary white noise by using two random phase masks placed respectively at the input plane and the Fourier plane [31]. Since then, a variety of DRPE-based optical encryption methods which has been inspired from mathematical transform techniques such as fractional Fourier, discrete fractional Fourier, Fresnel, etc. were proposed. Texture information is especially important for medical image. Missing or incorrect texture information may lead misdiagnosis. The shearlet transform which is introduced in 2006 is particularly efficient for extracting the texture information of images because it can capture anisotropic and directional features of multidimensional data [32]. It overcomes the limitations of traditional directional multi-scale transforms such as Curvelet and Contourlet. Therefore, in this paper, we propose a generalized optical encryption framework based on shearlets and DRPE especially for medical images, named SDGOEF (Shearlets and DRPE based generalized optical encryption framework). It includes four parts: shearlet transform, pixel scrambling, sub-images combination and DRPE. First, decompose secret medical image into n sub-images with shearlet transform. Second, shuffle the sub-images or pixel positions by scrambling algorithm. Third, combine the shuffled sub-images into one image. Four, encode the synthesized image with DRPE. In summary, the main flexibilities of SDGOEF are as follows. (1) The security of it can be significantly improved by increasing the number of shearlet coefficient sub-images. (2) It can flexibly select scrambling algorithm to permutation and diffusion the pixels in sub-images. (3) It can flexibly select reversible synthesize methods to combined the scrambled sub-images into one. The remainder of this paper is organized as follows: Section 2 details the encryption and decryption scheme of SDGOEF. Section 3 gives experiments results and a security analysis. Finally, the conclusion is given in Section 4.
2. Method 2.1. Shearlet transform Given an image f. The shearlet transform of fis defined as [32] ⟨ ⟩ 𝑆 𝐻𝜓 (𝑓 )(𝑐, 𝑠, 𝑡) = 𝑓 , 𝜓𝑐,𝑠,𝑡
(1)
where the analyzing elements 𝜓 c, s, t , called Shearlets, form an affine system of well localized functions at continuous scales c > 0, locations 𝑡 ∈ ℝ2 and oriented along lines of slope 𝑠 ∈ ℝ in the frequency domain. Shearlets are expressed as ( ) −1 𝜓𝑐,𝑠,𝑡 (𝑥) = 𝑐 −3∕4 𝜓 𝐴−1 𝑐 𝑆𝑐 (𝑥 − 𝑡)
(2)
𝑐 0 𝑠 √ ) and 𝑆𝑠 = (1 ) are respectively parabolic scal0 1 𝑐 0 ing matrix and shear matrix. The parabolic scaling Ac generates wave fronts with anisotropic support, and the shear matrix Ss parameterizes the orientations using variable s associated with the slopes. It is proved that each element 𝜓 c, s, t has frequency support on a pair of trapezoids. As shown in Fig. 1, the frequency plane is divided by trapezoids. As c → 0, the support becomes increasingly thin. As a result, Shearlets form a collection of well-localized wave forms at various scales, orientations and locations, controlled by c, s, t, respectively. Therefore, Shearlets can deal with the problems of spectral leakage and boundary effect which the Fourier transform encounters. Since the shearlet transform in frequency space is subdivided step by step, it performs better than the curvelet transform and the contourlet transform. In addition, comparing with wavelet transform, curvelet transform and contourlet transform, the mathematical model of shearlet transform is simpler. where 𝐴𝑐 = (
Fig. 1. Shearlets support tiling in frequency domain.
2.2. Encryption and decryption processes of SDGOEF In this subsection, we describe the SDGOEF in detail. As shown in Fig. 2, the SDGOEF includes four parts: shearlet transform, pixel scrambling, sub-images combination and DRPE. The encryption process involves the following steps: Step 1: Decompose secret medical image into n sub-images with shearlet transform. Since texture information is especially important for medical image, and the shearlet transform is particularly efficient for characterizing the texture information of images, we introduce the shearlet transform to our encryption framework. In this step, we perform shearlet transform (SHT) to the secret medical image f according to Eq. (1). The transform coefficients are taken as n sub-images (fi ,𝑖 = 1, 2, ⋯ , 𝑛). The number of sub-images dependents on the parameter shearLevels. The shearLevels is a 1 × c sized array. Each entry of shearLevels K ≥ 0. Each shear level of Kmeans that the generating shearlet is sheared2K times in each direction for each cone. For example, if 𝑐 = 3 and 𝑠ℎ𝑒𝑎𝑟𝐿𝑒𝑣𝑒𝑙𝑠 = [112], the shearlet system will contain (2 × (2 × 21 + 1)) + (2 × (2 × 21 + 1)) + (2 × (2 × 22 + 1)) = 38 shearlets (omitting the low pass shearlet and translation), and 38 subimages are obtained. The numbers of sub-images can be changed by the parameters of c and shearLevels. The more sub-images the higher security levels of SDGOEF. Therefore, the security level of the SDGOEF can be significantly improved by changing the parameters of Shearlets. Step 2: Shuffle the sub-images or pixel positions by scrambling algorithm. In this step, we perform scrambling algorithm (SA) to each sub-image fi , 𝑖 = 1, 2, ⋯ , 𝑛, and obtain the scrambled sub-images 𝑓𝑖′ ,𝑖 = 1, 2, ⋯ , 𝑛. Any scrambling algorithm can be used to shuffle the locations of subimages and the values and the positions of pixel in each sub-image. The choosing of scrambling algorithm will affect the security levels of SDGOEF. Here, as an example, we select the Generalized Arnold transform (GAT) to scramble the pixel of sub-images. Since the control parameters of GAT are changeable and highly image-dependent at each iteration procedure, the permutation process can efficiently resist existing attacks [33]. The pixel (x, y) in sub-image fi after scrambling by GAT can be expressed as ][ ] [ ′] [ 𝑥 1𝜆 𝑥 = (3) ( mod 1) ′ 𝑦 𝜇 1 + 𝜆𝜇 𝑦 where (x′, y′) denotes the new position after scrambling by GAT; the positive integers 𝜆 > 0, 𝜇 > 0; mod denotes the modulus after division. Step 3: Combine the shuffled sub-images into one image.
M. Chen, G. Ma and C. Tang et al.
Optics and Lasers in Engineering 128 (2020) 106026
Fig. 2. The flowchart of SDGOEF.
where A2 and 𝜑2 denote individually the amplitude and phase of the complex number V2 (x1 , y1 ). The phase 𝜃2 = 𝑓3 − 𝜑2 . This procedure is repeated until all scrambled sub-images have been synthesized into one vector 𝑉𝑛−1 (𝑥1 , 𝑦1 ). We take the last synthesized vector as f″. Step 4: Encode the synthesized image with DRPE. In this step, the synthesized image f″ is encoded into the final cipher imageFby DRPE. The DRPE uses two chaotic random phase masks (CRPMs) respectively placed on the input plane and the Fourier plane to encrypt the input image into a stationary white noise. Any DRPEbased optical encryption schemes, such as the Fresnel transform encryption scheme [31], the fractional Fourier transform encryption scheme [35,36], and the Gyrator transform encryption scheme [37,38], etc., can be chosen. Here, as an example, we select the Gyrator transform encryption scheme. We use 3D Logistic map to generate the CRPMs. The 3D Logistic map is given by the following formula [39]:
Fig. 3. The principle of vector synthesis.
In this step, the shuffled sub-images 𝑓𝑖′ ,𝑖 = 1, 2, ⋯ , 𝑛 are combined into one image f″. Any synthesized algorithm (SYA) can be used to combine the shuffled sub-images into one image. The choosing of synthesized algorithm also affects the security levels of SDGOEF. Here, as an example, we select the vector decomposition algorithm to combine the sub-images into one image. The vector decomposition algorithm can realize multiple vectors synthesis by simply performing the parallelogram rule repeatedly. The sub-images can be taken as unit vectors, and can be synthesized into one vector. The angle keys which act as the additional keys produced in this process can make the scheme invalidate the chosen and known plaintext attacks[34].The principle of vector synthesis is shown in Fig. 3. Firstly, 𝑓1′ (𝑥1 , 𝑦1 ) and 𝑓 ′ (𝑥1 , 𝑦1 ) are 2 synthesized to vector V1 (x1 , y1 ): ( ) ( ) ( ) ( ) 𝑉1 𝑥1 , 𝑦1 =𝑓 ′ 𝑥1 , 𝑦1 +𝑓 ′ 𝑥1 , 𝑦1 =𝐴1 exp 𝑖 ⋅ 𝜑1 1
2
(4)
where A1 and 𝜑1 denote individually the amplitude and phase of the complex number V1 (x1 , y1 ). The phase 𝜃1 = 𝑓2 − 𝜑1 . Secondly, the synthesized vector V1 (x1 , y1 ) and 𝑓3′ (𝑥1 , 𝑦1 ) are synthesized to vector V2 (x1 , y1 ): ( ) ( ) ( ) ( ) 𝑉2 𝑥1 , 𝑦1 =𝑉1 𝑥1 , 𝑦1 +𝑓 ′ 𝑥1 , 𝑦1 =𝐴2 exp 𝑖 ⋅ 𝜑2 𝐵
(5)
⎧𝑥𝑛+1 = 𝑎𝑥𝑛 (1 − 𝑥𝑛 ) + 𝑏𝑦2𝑛 𝑥𝑛 + 𝑐𝑧3𝑛 ⎪ 2 3 ⎨𝑦𝑛+1 = 𝑎𝑦𝑛 (1 − 𝑦𝑛 ) + 𝑏𝑧𝑛 𝑦𝑛 + 𝑐𝑥𝑛 ⎪𝑧 2 3 ⎩ 𝑛+1 = 𝑎𝑧𝑛 (1 − 𝑧𝑛 ) + 𝑏𝑥𝑛 𝑧𝑛 + 𝑐𝑦𝑛
(6)
The equations in (6) exhibit the chaotic behavior for 3.53 < a < 3.81, 0 < b < 0.022, 0 < c < 0.015 and can take the value between[0, 1]. The map is sensitivity to initial conditions and control parameters a, b and c. The construction of CRPM is described as follows. Suppose the size of the CRPM is M × N pixels. Firstly, we use the 3D Logistic map to generate three random value sequences 𝑥 = {𝑥′ 1 , 𝑥′ 2 , ⋯ , 𝑥′ (𝑀 ×𝑁 )∕3 },𝑦 = {𝑦′ 1 , 𝑦′ 2 , ⋯ , 𝑦′ (𝑀 ×𝑁 )∕3 } and 𝑧 = {𝑧′ 1 , 𝑧′ 2 , ⋯ , 𝑧′ (𝑀 ×𝑁 )∕3 }.Then, we rearrange the sequencesx,y and z to a 2D matrix which 𝑃 = {𝑝′ 𝑖,𝑗 |𝑖 = 1, 2, ⋯ , 𝑀; 𝑗 = 1, 2, ⋯ , 𝑁 }. Finally, the CRPM is calculated as 𝐶(𝑥, 𝑦) = exp(𝑗2𝜋𝑃 )
(7)
The f″ is firstly modulated by the CRPM1 and further performed a GT operation [40] at rotation angle 𝛼 1 , then modulated by the CRPM2 and further performed a GT operation at rotation angle 𝛼 2 . Finally, we obtain the cipher image F. The decryption process is quite similar to the encryption process. It is the inverse of encryption process, involves the following 4 steps: Step 1: Decode the cipher image F with the DRPE to f″.
M. Chen, G. Ma and C. Tang et al.
Optics and Lasers in Engineering 128 (2020) 106026
Fig. 4. The test images.
Step 2: Decompose the synthesized f″ into shuffled sub-images 𝑓𝑖′ ,𝑖 = 1, 2, ⋯ , 𝑛. Step3: Operate reverse scrambling steps to shuffled sub-images 𝑓𝑖′ ,𝑖 = 1, 2, ⋯ , 𝑛 to get sub-images fi , 𝑖 = 1, 2, ⋯ , 𝑛. Step 4: Perform the inverse shearlet transform to obtain the plain image f. 3. Experiments and discussion In this subsection, we examine the feasibility and effectiveness of the proposed generalized optical encryption framework. We carried out extensive numerical simulations on a Matlab (R2014a) platform with Processor Intel(R) Core(TM) i5-4590 CPU 3.30 GHz, Memory 4.00 GB RAM, and 64-bit Operating System Windows-7. We apply the SDGOEF on five medical images and three texture images which are shown in Fig. 4. The sizes of Fig. 4(a), (b), (g) and (h) are 512 × 512 pixels. The sizes of Fig. 4(c), (e) and (f) are 256 × 256 pixels. The sizes of Fig. 4(d) are 378 × 378 pixels. We test the visual and quantitative index of encrypted and decrypted images, the key sensitivity, the robustness against statistical attack, differential attack and chosen plaintext attack. We also analyze the space of key. The parameters used in the SDGOEF are set as follows. The parameters of shearlet transform: 𝑐 = 3,𝑠ℎ𝑒𝑎𝑟𝐿𝑒𝑣𝑒𝑙𝑠 = [111]; The parameters of GAT: 𝜆1 = 3,𝜇1 = 5 and iteration time 𝑛1 = 10 for each sub-image; The parameters of 3D Logistic map: initial values 𝑥11 = 𝑦11 = 𝑧11 = 0.500, control parameters 𝑎1 = 3.80,𝑏1 = 0.011, and 𝑐1 = 0.008 for CRPM1 ; initial values 𝑥12 = 𝑦12 = 𝑧12 = 0.501, control parameters 𝑎2 = 3.73, 𝑏2 = 0.012 and 𝑐2 = 0.009 for CRPM2 . 3.1. Visual and quantitative test In this subsection, we show the part of sub-images decomposed by shearlet transform and the encryption and decryption results of SDGOEF. As shown in Fig. 5, the Fig. 5(a-1)−5(a-4), 5(b-1)−5(b-4), 5(c1)−5(c-4), 5(d-1)−5(d-4), 5(e-1)−5(e-4), 5(f-1)−5(f-4), 5(g-1)−5(g-4),
and 5(h-1)−5(a-4) are the 1th-3th, and the 25th shearlets coefficient sub-images of Fig. 4(a)−(h), respectively. The Fig. 5(a-5), 5(b-5), 5(c-5), 5(d-5), 5(e-5), 5(f-5), 5(g-5), and 5(h-5) are the corresponding encryption results of Fig. 4(a)−(h), respectively. The Fig. 5(a-6), 5(b-6), 5(c6), 5(d-6), 5(e-6), 5(f-6), 5(g-6), and 5(h-6) are the decryption results of the Fig. 5(a-5), 5(b-5), 5(c-5), 5(d-5), 5(e-5), 5(f-5), 5(g-5), and 5(h5) with all correct secret keys. From Fig. 5(a-1)−5(a-4), 5(b-1)−5(b-4), 5(c-1)−5(c-4), 5(d-1)−5(d-4), 5(e-1)−5(e-4), 5(f-1)−5(f-4), 5(g-1)−5(g4), and 5(h-1)−5(a-4), we can see that each sub-image contains different texture information of the corresponding plain image. The shearlet transform can efficiently capture the texture of the test images. The texture information of each decomposed sub-image dependents on the parameters of shearlet transform. From the Fig. 5(a-5), 5(b-5), 5(c-5), 5(d-5), 5(e-5), 5(f-5), 5(g-5), and 5(h-5), one can see that SDGOEF can encrypt the test image into noise-like image without any main information of plain image. From Fig. 5(a-6), 5(b-6), 5(c-6), 5(d-6), 5(e-6), 5(f-6), 5(g-6), and 5(h-6), we can see that the difference between the plain image and decrypted image cannot be discerned visually. In addition, to quantitatively evaluate the resemblance between plain image and the decrypted image, the correlation coefficient (CC) is calculated. The CC is defined as [34] 𝐸 {[𝑓 − 𝐸 (𝑓 )][𝐹 − 𝐸 (𝐹 )]} 𝐶 𝐶 (𝑓 , 𝐹 ) = √ { } { } 𝐸 [𝑓 − 𝐸 (𝑓 )]2 𝐸 [𝐹 − 𝐸 (𝐹 )]2
(8)
where f and F denote the plain image and decrypted image, respectively; E{ · }denotes expectation operator. Note that the higher the CC, the smaller the difference between the plain image and decrypted image. All the calculated value of CC between Fig. 4(a) and Fig. 5(a-6), Fig. 4(b) and Fig. 5(b-6), Fig. 4(c) and Fig. 5(c-6), Fig. 4(d) and Fig. 5(d-6), Fig. 4(e) and Fig. 5(e-6), Fig. 4(f) and Fig. 5(f-6), Fig. 4(g) and Fig. 5(g6), and Fig. 4(h) and Fig. 5(h-6) are 1, which means that the plain image can be retrieved completely from the encrypted image.
M. Chen, G. Ma and C. Tang et al.
Optics and Lasers in Engineering 128 (2020) 106026
Fig. 5. The part of sub-images and encryption results of Fig. 4.(a-1)-(a-5), (b-1)-(b-5), (c-1)-(c-5), (d-1)-(d-5), (e-1)-(e-5), (f-1)-(f-5), (g-1)-(g-5), (h-1)-(h-5) the corresponding sub-images; (a-6), (b-6), (c-6), (d-6), (e-6), (f-6), (g-6), (h-6) encrypion results.
M. Chen, G. Ma and C. Tang et al.
Optics and Lasers in Engineering 128 (2020) 106026
Fig. 5. Continued
M. Chen, G. Ma and C. Tang et al.
Optics and Lasers in Engineering 128 (2020) 106026
Fig. 5. Continued
3.2. Sensitivity of secret keys test In this subsection, we check the key sensitivity of SDGOEF. The main secret keys include: c,shearLevelsof shearlet transform; x11 , y11 , z11 , a1,b1 and c1 of 3D Logistic map for CRPM1 ; x12 , y12 , z12 , a2,b2 and c2 of 3D Logistic map for CRPM2 . The additional secret keys include: 𝜆1 , 𝜆2 , ⋅⋅⋅,𝜆25 , 𝜇 1 , 𝜇 2 ,⋅⋅⋅,𝜇 25 , n1 , n2 ,⋅⋅⋅,n25 for GAT; 𝜃 1 ,𝜃 2 ,⋅⋅⋅,𝜃 24 for vector decomposition; 𝛼 1 and 𝛼 2 for GT. An ideal image encryption system is sensitive to its secret keys. That means if the secret keys has any tiny change will result in a completely different decrypted image. In SDGOEF, if the secret keys candshearLevelsof shearlet transform are incorrect, the inverse shearlet transform can not perform. Therefore, no decrypted image can be outputted. In Fig. 6, we show the corresponding decrypted results of Fig. 4(a) when one of the main secret keys x11 , y11 , z11 , x12 , y12 and z12 of 3D Logistic map for CRPMs has a deviation of 1 × 10−14 and others are correct. The values of CC between the Fig. 5(a)–(f) and the Fig. 4(a) are 0.0316, 0.0307, 0.0317, 0.0316, 0.0347, 0.0331, respectively. In Fig. 7, we show the corresponding decrypted results of Fig. 4(a) when one of the main secret keysa1,b1, c1, a2, b2 and c2 has a deviation of 1 × 10−15 and others are correct. The values of CC between the Fig. 7(a)–(f) and the Fig. 4(a) are 0.0333, 0.0307, 0.0315, 0.0348, 0.0346, 0.0346, respectively. In Fig. 8, we show the decrypted image when 𝜆1 , 𝜆2 , ⋅⋅⋅,𝜆25 have deviation of 1 is shown in Fig. 9(a); The decrypted image when 𝜇 1 , 𝜇 2 , ⋅⋅⋅, 𝜇 25 have deviation of 1 is shown in Fig. 8(b); The decrypted image when n1 , n2 ,⋅⋅⋅, n25 have deviation of 1 is shown in Fig. 8(c). The decrypted image when 𝜃 1 , 𝜃 2 ,⋅⋅⋅,𝜃 24 are instead of random matrixes range in (0, 1) is shown in Fig. 8(d). The decrypted images when 𝛼 1 or 𝛼 2 has a deviation of 0.1 are shown in Figs. 8(e) and 8(f), respectively. The values of CC between the Fig. 8(a)−(f) and the Fig. 4(a) are 0.0015, 0.0009, 0.0709, 0.0028, 0.0331 and 0.0355. From Figs. 6 to 8, we can see that the SDGOEF is sensitive to the variation of secret keys. 3.3. Statistical attack analysis In this subsection, the statistical analysis is performed on SDGOEF. We test the correlations of adjacent pixels of Fig. 4 and its encrypted image. The results are shown in Table 1. We randomly select 3000 pairs
Table 1 Correlation coefficients of two adjacent pixels. Image
Horizontal
Vertical
Diagonal
Fig. Fig. Fig. Fig. Fig. Fig. Fig. Fig. Fig. Fig. Fig. Fig. Fig. Fig. Fig. Fig.
0.9917 −0.0008 0.9456 0.0009 0.9702 −0.0031 0.9742 −0.0021 0.9888 −0.0014 0.5420 −0.0004 0.9353 −0.0027 0.7489 0.0009
0.9942 0.0011 0.9848 −0.0021 0.9792 0.0018 0.9792 0.0004 0.9783 −0.0023 0.5307 −0.0025 0.9137 0.0020 0.7397 −0.0028
0.9897 0.0017 0.9365 −0.0013 0.9466 0.0006 0.9526 0.0006 0.9751 −0.0010 0.3673 0.0018 0.8453 −0.0012 0.4163 0.0016
4(a) 5(a-5) 4(b) 5(b-5) 4(c) 5(c-5) 4(d) 5(d-5) 4(e) 5(e-5) 4(f) 5(f-5) 4(g) 5(g-5) 4(h) 5(h-5)
of adjacent pixels in vertical, horizontal and diagonal directions from the plain image and cipher image, and calculate the correlation coefficients of two adjacent pixels according to the formula in Ref. [41]. From the Table 1, it is observed that the two adjacent pixels of the plain image in all three directions are highly corrected. While, there is negligible correlation between the two adjacent pixels in the three directions of the cipher image. Therefore, from the statistical data, the attacker cannot obtain any valid information. The test results have demonstrated that SDGOEF has high robustness against the statistical attack. 3.4. Chosen-plaintext attack analysis In this subsection, we test the ability of SDGOEF against the chosenplaintext. In the test scheme, we assume the attacker has known the encryption process and all of its encryption keys. We first encrypt the fake image shown in Fig. 4(a) and obtain the fake secret keysc,shearLevels,x11 , y11 , z11 , a1,b1,c1, x12 , y12 , z12 , a2,b2, c2,𝜆1 , 𝜆2 , ⋅⋅⋅,𝜆25 , 𝜇 1 , 𝜇 2 ,⋅⋅⋅,𝜇 25 , n1 , n2 ,⋅⋅⋅,n25 , 𝜃 1 , 𝜃 2 ,⋅⋅⋅,𝜃 24 𝛼 1 and𝛼 2 . Subsequently, we decrypt the cipher image shown in Fig. 5(b-5), 5(g-5), and 5(h-5) which respectively are the encrypted result of Fig. 4(b), 4(g), and 4(h)
M. Chen, G. Ma and C. Tang et al.
Optics and Lasers in Engineering 128 (2020) 106026
Fig. 6. The decryption result with (a) incorrect x11 ;(b) incorrect y11 ;(c) incorrect z11 ;(d) incorrect x12 ;(e) incorrecty12 ;(f) incorrect z12 .
Fig. 7. The decryption result with (a) incorrect a1;(b) incorrectb1;(c) incorrectc1;(d) incorrect a2;(e) incorrectb2;(f) incorrect c2.
using the fake secret keys. The corresponding decryption result is shown in Fig. 9. From Fig. 9 we can see that the decrypted results do not contain any valuable information of the plain image. Therefore, the test results demonstrate that the SDGOEF has the ability of defecting the chosen-plaintext attack.
to quantitatively evaluate the efficiency of an encryption algorithm in defecting the differential attack, which are defined as [1]
3.4. Differential attack analysis
𝑈 𝐴𝐶𝐼 =
The differential attack is an effective approach in which the hackers intend to break the encryption system using the differences of the cipherimages generated from the slightly-changed original images [4]. In an elaborate encryption method, a slight change in the original image will result in a significant difference. This can ensure the cipher-image defect the differential attack. The number of pixel change rate (NPCR) and unified average changing intensity (UACI) are two common methods
where G is the gray level of the image; E1 andE2 are two M × N cipherimages and their original images are in one pixel difference. Function 𝜑(m, n) is the number of different pixels between E1 andE2 . The NPCR and UACI results of all the test images are shown in Table 2. Note that, if the NPCR value is more than 99%, and the UACI value is near to 33%, the encryption algorithm is secure [1,2]. One can
∑𝑀 ∑𝑁 𝑁 𝑃 𝐶𝑅 =
𝑚=1
𝑛=1
𝑀𝑁
𝑀 𝑁 1 ∑∑ 𝑀𝑁 𝑚=1 𝑛=1
𝜑(𝑚, 𝑛)
× 100%
(| |) |𝐸1 (𝑚, 𝑛) − 𝐸2 (𝑚, 𝑛)| × 100% 𝐺−1
(9)
(10)
M. Chen, G. Ma and C. Tang et al.
Optics and Lasers in Engineering 128 (2020) 106026
Fig. 8. The decryption result with (a) incorrect 𝜆1 , 𝜆2 , ⋅⋅⋅,𝜆25 ;(b) incorrect𝜇1 , 𝜇2 ,⋅⋅⋅, 𝜇25 ;(c) incorrectn1 , n2 ,⋅⋅⋅, n25 ;(d) incorrect 𝜃 1 , 𝜃 2 ,⋅⋅⋅,𝜃 24 ;(e) incorrect𝛼 1 ;(f) incorrect𝛼 2 .
Fig. 9. The decryption results of Fig. 3(b), 3(g), and 3(h) with the fake main secret keys.
Table 2 Correlation coefficients of two adjacent pixels.
NPCR UACI
Fig. 4(a)
Fig. 4(b)
Fig. 4(c)
Fig. 4(d)
Fig. 4(e)
Fig. 4(f)
Fig. 4(g)
Fig. 4(h)
0.9960 0.3346
0.9960 0.3346
0.9960 0.3346
0.9960 0.3346
0.9960 0.3346
0.9960 0.3346
0.9960 0.3346
0.9960 0.3346
see from Table 2, NPCR and UACI values of SDGOEF are 99.60% and 33.46%. Therefore, SDGOEF can defend differential attack. 3.5. Key space analysis In this subsection, we analyze the key space of SDGOEF. It is well known that the key space of an ideal image cryptosystem should be large enough to make the brute-force attack infeasible. The main secret keys include: c,shearLevelsof shearlet transform; x11 , y11 , z11 , a1,b1 and c1 of 3D Logistic map for CRPM1 ; x12 , y12 , z12 , a2,b2 and c2 of 3D Logistic map for CRPM2 . The additional secret keys include: 𝜆1 , 𝜆2 , ⋅⋅⋅,𝜆25 , 𝜇 1 , 𝜇 2 ,⋅⋅⋅, 𝜇 25 , n1 , n2 ,⋅⋅⋅, n25 for GAT; 𝜃 1 , 𝜃 2 ,⋅⋅⋅,𝜃 24 for vector decomposition; 𝛼 1 and 𝛼 2 for GT. As mentioned in Section 3.2, when one of c, and the entries in shearLevelshas a deviation of 1, the plain image can not retrieved. In addition, the number of sub-image can be changed by c and shearLevels. Increasing the number of sub-images can increase the number of other keys. When one of x11 , y11 , z11 , x12 , y12 and z12 has a deviation of 1 × 10−14 , the plain image also cannot be retrieved completely from the cipher image. However, if these parameters have deviations of 1 × 10−15 , the values of CC between the decrypted images
and the plain image are 1. When one of a1,b1 c1, a2, b2 and c2 has a deviation of 1 × 10−15 , as mentioned in Section 3.2, the plain image cannot be retrieved completely from the cipher image. However, when these parameters have deviations of 1 × 10−16 , the values of CC between the decrypted images and the plain image are 1. Thus, without counting the parameters of shearlet transform, the main key space of SDGOEF is approximate to(1014 )6 × (1015 )6 = 10174 . In addition, the additional secret keys 𝜆1 , 𝜆2 , ⋅⋅⋅,𝜆25 , 𝜇 1 , 𝜇 2 ,⋅⋅⋅, 𝜇 25 , n1 , n2 ,⋅⋅⋅, n25 , 𝜃 1 , 𝜃 2 ,⋅⋅⋅,𝜃 24 , 𝛼 1 , and 𝛼 2 further enlarge the key space. Such large key space can efficiently protect the SDGOEF from brute-force attack. 4. Conclusions In this paper, we propose an optical encryption framework based on shearlets and DRPE especially for medical images. It possesses a number of advantages. First, the security of it can be improved by increasing the number of shearlet coefficient sub-images. Second, we can flexibly select scrambling algorithm to permutation and diffusion the pixels in sub-images. Third, we can flexibly select reversible synthesize methods to combined the scrambled sub-images into one. Numerical simulations
M. Chen, G. Ma and C. Tang et al.
have demonstrated that the proposed optical encryption framework can against the statistical attack, differential attack and chosen plaintext attack. In addition, it has large key space, and the key space can be various according to the selection of the parameters of shearlet transform, the scrambling algorithm, and synthesize method. That means the performance of the encryption framework can be improved by choosing novelty scrambling algorithm and synthesize method. Declaration of Competing Interest The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper. CRediT authorship contribution statement Mingming Chen: Conceptualization, Methodology, Software, Writing - original draft. Guangbiao Ma: Data curation. Chen Tang: Supervision. Zhenkun Lei: Funding acquisition. Funding This work was supported by the National Natural Science Foundation of China (NNSFC) (grant 11772081, 11972106). References [1] Cao W, Zhou Y, Chen C L P, Xia L. Medical image encryption using edge maps. Signal Process 2017;132:96–109. [2] Nematzadeh H, Enayatifar R, Motameni H, Motameni H, Gadelha F, Coelho V N. Medical image encryption using a hybrid model of modified genetic algorithm and coupled map lattices. Opt Laser Eng 2018;110:24–32. [3] Chen Y, Tang C, Ye R. Cryptanalysis and improvement of medical image encryption using high-speed scrambling and pixel adaptive diffusion. Signal Process 2020;167:107286. [4] Chen J, Zhu Z, Zhang L, Zhang Y, Yang B. Exploiting self-adaptive permutation–diffusion and DNA random encoding for secure and efficient image encryption. Signal Process 2018;142:340–53. [5] Kanso A, Ghebleh M. An efficient and robust image encryption scheme for medical applications. Commun Nonlinear Sci 2015;24:98–116. [6] Munir R. Security analysis of selective image encryption algorithm based on chaos and CBC-like mode. In: International conference on telecommunication systems; 2012. p. 142–6. [7] Alvarez G, Li S, Hernandez L. Analysis of security problems in a medical image encryption system. Comput Biol Med 2007;37:424–7. [8] Martin K, Lukac R, Plataniotis K N. Efficient encryption of wavelet-based coded color images. Pattern Recognit 2005;38:1111–15. [9] Cheng H, Li X. Partial encryption of compressed images and videos. IEEE Trans Signal Process 2000;48:2439–51. [10] Sadourny Y, Conan V. A proposal for supporting selective encryption in JPSEC. IEEE Trans Consum Electr 2003;49:846–9. [11] Ou Y, Sur C, Rhee K H. Region-based selective encryption for medical imaging. In: International workshop on frontiers in algorithmics; 2007. p. 62–73. [12] Zhou Y, Panetta K, Agaian S. A loss less encryption method for medical images using edge maps. In: Annual international conference of the IEEE engineering in medicine and biology society; 2009. p. 3707–10.
Optics and Lasers in Engineering 128 (2020) 106026 [13] Chen G, Mao Y, Chui C K. A symmetric image encryption scheme based on 3D chaotic cat maps. Chaos Soliton Fractals 2004;21:749–61. [14] Lian S, Sun J, Wang Z. A block cipher based on a suitable use of the chaotic standard map. Chaos Soliton Fractals 2005;26:117–29. [15] Wong K W, Kwok S H, Law W S. A fast image encryption scheme based on chaotic standard map. Phys Lett A 2008;372:2645–52. [16] Belazi A, Abd El-Latif AA, Belghith S. A novel image encryption scheme based on substitution-permutation network and chaos. Signal Process 2016;128:155–70. [17] Fu C, Lin B B, Miao Y S, Liu X, Chen J J. A novel chaos-based bit-level permutation scheme for digital image encryption. Opt Commun 2011;284:5415–23. [18] Zhu Z L, Zhang W, Wong K W, Yu H. A chaos-based symmetric image encryption scheme using a bit-level permutation. Inf Sci 2011;181:1171–86. [19] Chen J X, Zhu Z L, Fu C, Yu H, Zhang L B. An efficient image encryption scheme using gray code based permutation approach. Opt Laser Eng 2015;67:191–204. [20] Tong X J. The novel bilateral - Diffusion image encryption algorithm with dynamical compound chaos. J Syst Softw 2012;85:850–8. [21] Zhang Y, Xiao D. An image encryption scheme based on rotation matrix bit-level permutation and block diffusion. Commun Nonlinear Sci 2014;19:74–82. [22] Mirzaei O, Yaghoobi M, Irani H. A new image encryption method: parallel sub-image encryption with hyper chaos. Nonlinear Dyn 2012;67:557–66. [23] Tong X J, Wang Z, Zhang M, Liu Y. A new algorithm of the combination of image compression and encryption technology based on cross chaotic map. Nonlinear Dyn 2013;72:229–41. [24] Zhou N, Zhang A, Zheng F, Gong L. Novel image compression–encryption hybrid algorithm based on key-controlled measurement matrix in compressive sensing. Opt Laser Technol 2014;62:152–60. [25] Chen J X, Zhu Z L, Fu C, Yu H. Optical image encryption scheme using 3-D chaotic map based joint image scrambling and random encoding in gyrator domains. Opt Commun 2015;341:263–70. [26] Annaby M H, Rushdi M A, Nehary E A. Image encryption via discrete fractional Fourier-type transforms generated by random matrices. Signal Process-Image 2016;49:25–46. [27] Fridrich J. Symmetric ciphers based on two-dimensional chaotic maps. Int J Bifurcat Chaos 1998;08:1259–84. [28] Chen G, Mao Y, Chui C K. A symmetric image encryption scheme based on 3D chaotic cat maps. Chaos Solitons Fractals 2004;21:749–61. [29] Lian S, Sun J, Wang Z. A block cipher based on a suitable use of the chaotic standard map. Chaos Solitons Fractals 2005;26:117–29. [30] Wong K W, Kwok S H, Law W S. A fast image encryption scheme based on chaotic standard map. Phys Lett A 2008;372:2645–52. [31] Refregier P, Javidi B. Optical image encryption using input plane and Fourier plane random encoding. Opt Lett 1995;20:767–9. [32] Lim W Q. The discrete shearlet transform: a new directional transform and compactly supported shearlet frames. IEEE Trans Image Process 2010;19:1166–80. [33] Abuturab M R. Generalized Arnold map-based optical multiple color-image encoding in gyrator transform domain. Opt Commun 2015;343:157–71. [34] Xiong Y, Quan C, Tay C J. Multiple image encryption scheme based on pixel exchange operation and vector decomposition. Opt Laser Eng 2018;101:113–21. [35] Unnikrishnan G, Singh K. Double random fractional Fourier domain encoding for optical security. Opt Eng 2000;39:2853–9. [36] Unnikrishnan G, Joseph J, Singh K. Optical encryption by double-random phase encoding in the fractional Fourier domain. Opt Lett 2000;25:887–9. [37] Chen H, Du X, Liu Z. Optical spectrum encryption in associated fractional Fourier transform and gyrator transform domain. Opt Quant Electron 2016;48:12. [38] Liu Z, Xu L, Lin C, Dai J, Liu S. Image encryption scheme by using iterative random phase encoding in gyrator transform domains. Opt Laser Eng 2011;49:542–6. [39] Khade P N, Narnaware M. 3D chaotic functions for image encryption. Int J Comput Sci Issues 2012;9:323–8. [40] Sui L, Gao B. Color image encryption based on gyrator transform and Arnold transform. Opt Laser Technol 2013;48:530–8. [41] Stoyanov B, Kordov K. Image encryption using Chebyshev map and rotation equation. Entropy 2015;17:2117–39.
Contents lists available at ScienceDirect
Optics and Lasers in Engineering journal homepage: www.elsevier.com/locate/optlaseng
Generalized optical encryption framework based on Shearlets for medical image Mingming Chen a, Guangbiao Ma a, Chen Tang a,∗, Zhenkun Lei b a b
School of Electrical and Information Engineering, Tianjin University, Tianjin 300072, China State Key Laboratory of Structural Analysis for Industrial Equipment, Dalian University of Technology, Dalian 116024, China
a r t i c l e
i n f o
Keywords: Shearlet transform Medical image Optical encryption framework Texture
a b s t r a c t The security of medical image data for transmission and storage is a critical issue. Texture information of medical images is important for diagnosis. Since Shearlets is particularly effective in characterizing texture information, in this paper, we propose a generalized optical encryption framework based on Shearlets and double random phase encoding (DRPE) especially for medical images. In the proposed encryption framework, the secret medical image is first decomposed into n sub-images with shearlet transform. Then, the sub-images or pixel positions are shuffled by scrambling algorithm. Subsequently, the shuffled sub-images are synthesized into one image. Finally, the synthesized image is encoded with DRPE. The security level of the proposed encryption framework can be improved by changing the parameters of shearlet transform and selecting different methods for scrambling pixels and synthesizing multiple images to single image. Extensive simulation results have shown the performance of the proposed optical encryption framework. The proposed encryption framework can be improved along with novelty scrambling method and reversible synthesize methods.
1. Introduction With the widely development of the modernization of image devices and biomedical image processing techniques, more diagnosis of certain diseases are based on the digital images [1,2]. The common used medical devices which produce digital images mainly include ultrasound, computed tomography, magnetic resonance imaging, positron emission tomography, etc. [3]. The medical images for diagnosis contain confidential information which is related to patients’ privacy. Moreover, the medical images are often distributed via intranet or Internet, the security of medical image data for transmission and storage has become a critical issue. Encryption is an effective way which has been widely explored to prevent medical images from the threats such as malicious tampering and privacy leakage [4]. Some traditional encryption methods which were proposed for securing textual data are not suitable for encrypting the medical images because of the high redundancy and strong correlation between adjacent pixels [5]. In order to reduce the redundancy and correlation, many highly reliable medical image encryption algorithms have been proposed. These image encryption algorithms can be mainly categorized into two groups: the selective encryption algorithms
∗
Corresponding author. E-mail address: [email protected] (C. Tang).
and the full encryption algorithms. The selective encryption algorithms only encrypt portions of the original medical image [6]. For example, many algorithms encrypt interleaved patient information of images [7], and use a stream cipher to encrypt only the significant bits of individual coefficients [8]. Many other algorithms encrypt important compressing coefficients [9–11]. The selective encryption algorithms may minimize the processing time for encryption and decryption of medical images. Therefore, they are quite adapted in many real-time medical applications to protect medical records including wireless medical networking and mobile medical services [12]. However, the deficiencies of selective encryption algorithms are that they may result in data loss and lead negative misdiagnosis. Compared with the selective encryption algorithms, the full encryption algorithms encrypt the whole medical image, which have higher security level. The chaos-based image encryption methods and optical encryption methods are two categories of main full encryption algorithms. The improvements of chaos-based encryption methods lie in various aspects, such as novel permutation techniques [13–19], new diffusion approaches [20,21], high security key stream generators [22], simultaneous image encryption-compression scheme [23,24], as well as novel transform domains [25,26]. In 1998, Fridrich proposed the groundbreaking substitution-diffusion architecture for image encryption [27], and then be developed to the classical permutation–diffusion architecture by Chen, Lian and Wong [28–30]. Subsequently, the development of chaos-based encryption is promoted because the classical permutation–diffusion architecture draws world-wide concern. On the
https://doi.org/10.1016/j.optlaseng.2020.106026 Received 25 November 2019; Received in revised form 3 January 2020; Accepted 13 January 2020 0143-8166/© 2020 Elsevier Ltd. All rights reserved.
M. Chen, G. Ma and C. Tang et al.
Optics and Lasers in Engineering 128 (2020) 106026
other hand, optical encryption method is an efficient image encryption method. The most representative optical encryption method is double random phase encoding (DRPE) proposed by Refregier and Javidi in 1995. It encodes the plain image into a stationary white noise by using two random phase masks placed respectively at the input plane and the Fourier plane [31]. Since then, a variety of DRPE-based optical encryption methods which has been inspired from mathematical transform techniques such as fractional Fourier, discrete fractional Fourier, Fresnel, etc. were proposed. Texture information is especially important for medical image. Missing or incorrect texture information may lead misdiagnosis. The shearlet transform which is introduced in 2006 is particularly efficient for extracting the texture information of images because it can capture anisotropic and directional features of multidimensional data [32]. It overcomes the limitations of traditional directional multi-scale transforms such as Curvelet and Contourlet. Therefore, in this paper, we propose a generalized optical encryption framework based on shearlets and DRPE especially for medical images, named SDGOEF (Shearlets and DRPE based generalized optical encryption framework). It includes four parts: shearlet transform, pixel scrambling, sub-images combination and DRPE. First, decompose secret medical image into n sub-images with shearlet transform. Second, shuffle the sub-images or pixel positions by scrambling algorithm. Third, combine the shuffled sub-images into one image. Four, encode the synthesized image with DRPE. In summary, the main flexibilities of SDGOEF are as follows. (1) The security of it can be significantly improved by increasing the number of shearlet coefficient sub-images. (2) It can flexibly select scrambling algorithm to permutation and diffusion the pixels in sub-images. (3) It can flexibly select reversible synthesize methods to combined the scrambled sub-images into one. The remainder of this paper is organized as follows: Section 2 details the encryption and decryption scheme of SDGOEF. Section 3 gives experiments results and a security analysis. Finally, the conclusion is given in Section 4.
2. Method 2.1. Shearlet transform Given an image f. The shearlet transform of fis defined as [32] ⟨ ⟩ 𝑆 𝐻𝜓 (𝑓 )(𝑐, 𝑠, 𝑡) = 𝑓 , 𝜓𝑐,𝑠,𝑡
(1)
where the analyzing elements 𝜓 c, s, t , called Shearlets, form an affine system of well localized functions at continuous scales c > 0, locations 𝑡 ∈ ℝ2 and oriented along lines of slope 𝑠 ∈ ℝ in the frequency domain. Shearlets are expressed as ( ) −1 𝜓𝑐,𝑠,𝑡 (𝑥) = 𝑐 −3∕4 𝜓 𝐴−1 𝑐 𝑆𝑐 (𝑥 − 𝑡)
(2)
𝑐 0 𝑠 √ ) and 𝑆𝑠 = (1 ) are respectively parabolic scal0 1 𝑐 0 ing matrix and shear matrix. The parabolic scaling Ac generates wave fronts with anisotropic support, and the shear matrix Ss parameterizes the orientations using variable s associated with the slopes. It is proved that each element 𝜓 c, s, t has frequency support on a pair of trapezoids. As shown in Fig. 1, the frequency plane is divided by trapezoids. As c → 0, the support becomes increasingly thin. As a result, Shearlets form a collection of well-localized wave forms at various scales, orientations and locations, controlled by c, s, t, respectively. Therefore, Shearlets can deal with the problems of spectral leakage and boundary effect which the Fourier transform encounters. Since the shearlet transform in frequency space is subdivided step by step, it performs better than the curvelet transform and the contourlet transform. In addition, comparing with wavelet transform, curvelet transform and contourlet transform, the mathematical model of shearlet transform is simpler. where 𝐴𝑐 = (
Fig. 1. Shearlets support tiling in frequency domain.
2.2. Encryption and decryption processes of SDGOEF In this subsection, we describe the SDGOEF in detail. As shown in Fig. 2, the SDGOEF includes four parts: shearlet transform, pixel scrambling, sub-images combination and DRPE. The encryption process involves the following steps: Step 1: Decompose secret medical image into n sub-images with shearlet transform. Since texture information is especially important for medical image, and the shearlet transform is particularly efficient for characterizing the texture information of images, we introduce the shearlet transform to our encryption framework. In this step, we perform shearlet transform (SHT) to the secret medical image f according to Eq. (1). The transform coefficients are taken as n sub-images (fi ,𝑖 = 1, 2, ⋯ , 𝑛). The number of sub-images dependents on the parameter shearLevels. The shearLevels is a 1 × c sized array. Each entry of shearLevels K ≥ 0. Each shear level of Kmeans that the generating shearlet is sheared2K times in each direction for each cone. For example, if 𝑐 = 3 and 𝑠ℎ𝑒𝑎𝑟𝐿𝑒𝑣𝑒𝑙𝑠 = [112], the shearlet system will contain (2 × (2 × 21 + 1)) + (2 × (2 × 21 + 1)) + (2 × (2 × 22 + 1)) = 38 shearlets (omitting the low pass shearlet and translation), and 38 subimages are obtained. The numbers of sub-images can be changed by the parameters of c and shearLevels. The more sub-images the higher security levels of SDGOEF. Therefore, the security level of the SDGOEF can be significantly improved by changing the parameters of Shearlets. Step 2: Shuffle the sub-images or pixel positions by scrambling algorithm. In this step, we perform scrambling algorithm (SA) to each sub-image fi , 𝑖 = 1, 2, ⋯ , 𝑛, and obtain the scrambled sub-images 𝑓𝑖′ ,𝑖 = 1, 2, ⋯ , 𝑛. Any scrambling algorithm can be used to shuffle the locations of subimages and the values and the positions of pixel in each sub-image. The choosing of scrambling algorithm will affect the security levels of SDGOEF. Here, as an example, we select the Generalized Arnold transform (GAT) to scramble the pixel of sub-images. Since the control parameters of GAT are changeable and highly image-dependent at each iteration procedure, the permutation process can efficiently resist existing attacks [33]. The pixel (x, y) in sub-image fi after scrambling by GAT can be expressed as ][ ] [ ′] [ 𝑥 1𝜆 𝑥 = (3) ( mod 1) ′ 𝑦 𝜇 1 + 𝜆𝜇 𝑦 where (x′, y′) denotes the new position after scrambling by GAT; the positive integers 𝜆 > 0, 𝜇 > 0; mod denotes the modulus after division. Step 3: Combine the shuffled sub-images into one image.
M. Chen, G. Ma and C. Tang et al.
Optics and Lasers in Engineering 128 (2020) 106026
Fig. 2. The flowchart of SDGOEF.
where A2 and 𝜑2 denote individually the amplitude and phase of the complex number V2 (x1 , y1 ). The phase 𝜃2 = 𝑓3 − 𝜑2 . This procedure is repeated until all scrambled sub-images have been synthesized into one vector 𝑉𝑛−1 (𝑥1 , 𝑦1 ). We take the last synthesized vector as f″. Step 4: Encode the synthesized image with DRPE. In this step, the synthesized image f″ is encoded into the final cipher imageFby DRPE. The DRPE uses two chaotic random phase masks (CRPMs) respectively placed on the input plane and the Fourier plane to encrypt the input image into a stationary white noise. Any DRPEbased optical encryption schemes, such as the Fresnel transform encryption scheme [31], the fractional Fourier transform encryption scheme [35,36], and the Gyrator transform encryption scheme [37,38], etc., can be chosen. Here, as an example, we select the Gyrator transform encryption scheme. We use 3D Logistic map to generate the CRPMs. The 3D Logistic map is given by the following formula [39]:
Fig. 3. The principle of vector synthesis.
In this step, the shuffled sub-images 𝑓𝑖′ ,𝑖 = 1, 2, ⋯ , 𝑛 are combined into one image f″. Any synthesized algorithm (SYA) can be used to combine the shuffled sub-images into one image. The choosing of synthesized algorithm also affects the security levels of SDGOEF. Here, as an example, we select the vector decomposition algorithm to combine the sub-images into one image. The vector decomposition algorithm can realize multiple vectors synthesis by simply performing the parallelogram rule repeatedly. The sub-images can be taken as unit vectors, and can be synthesized into one vector. The angle keys which act as the additional keys produced in this process can make the scheme invalidate the chosen and known plaintext attacks[34].The principle of vector synthesis is shown in Fig. 3. Firstly, 𝑓1′ (𝑥1 , 𝑦1 ) and 𝑓 ′ (𝑥1 , 𝑦1 ) are 2 synthesized to vector V1 (x1 , y1 ): ( ) ( ) ( ) ( ) 𝑉1 𝑥1 , 𝑦1 =𝑓 ′ 𝑥1 , 𝑦1 +𝑓 ′ 𝑥1 , 𝑦1 =𝐴1 exp 𝑖 ⋅ 𝜑1 1
2
(4)
where A1 and 𝜑1 denote individually the amplitude and phase of the complex number V1 (x1 , y1 ). The phase 𝜃1 = 𝑓2 − 𝜑1 . Secondly, the synthesized vector V1 (x1 , y1 ) and 𝑓3′ (𝑥1 , 𝑦1 ) are synthesized to vector V2 (x1 , y1 ): ( ) ( ) ( ) ( ) 𝑉2 𝑥1 , 𝑦1 =𝑉1 𝑥1 , 𝑦1 +𝑓 ′ 𝑥1 , 𝑦1 =𝐴2 exp 𝑖 ⋅ 𝜑2 𝐵
(5)
⎧𝑥𝑛+1 = 𝑎𝑥𝑛 (1 − 𝑥𝑛 ) + 𝑏𝑦2𝑛 𝑥𝑛 + 𝑐𝑧3𝑛 ⎪ 2 3 ⎨𝑦𝑛+1 = 𝑎𝑦𝑛 (1 − 𝑦𝑛 ) + 𝑏𝑧𝑛 𝑦𝑛 + 𝑐𝑥𝑛 ⎪𝑧 2 3 ⎩ 𝑛+1 = 𝑎𝑧𝑛 (1 − 𝑧𝑛 ) + 𝑏𝑥𝑛 𝑧𝑛 + 𝑐𝑦𝑛
(6)
The equations in (6) exhibit the chaotic behavior for 3.53 < a < 3.81, 0 < b < 0.022, 0 < c < 0.015 and can take the value between[0, 1]. The map is sensitivity to initial conditions and control parameters a, b and c. The construction of CRPM is described as follows. Suppose the size of the CRPM is M × N pixels. Firstly, we use the 3D Logistic map to generate three random value sequences 𝑥 = {𝑥′ 1 , 𝑥′ 2 , ⋯ , 𝑥′ (𝑀 ×𝑁 )∕3 },𝑦 = {𝑦′ 1 , 𝑦′ 2 , ⋯ , 𝑦′ (𝑀 ×𝑁 )∕3 } and 𝑧 = {𝑧′ 1 , 𝑧′ 2 , ⋯ , 𝑧′ (𝑀 ×𝑁 )∕3 }.Then, we rearrange the sequencesx,y and z to a 2D matrix which 𝑃 = {𝑝′ 𝑖,𝑗 |𝑖 = 1, 2, ⋯ , 𝑀; 𝑗 = 1, 2, ⋯ , 𝑁 }. Finally, the CRPM is calculated as 𝐶(𝑥, 𝑦) = exp(𝑗2𝜋𝑃 )
(7)
The f″ is firstly modulated by the CRPM1 and further performed a GT operation [40] at rotation angle 𝛼 1 , then modulated by the CRPM2 and further performed a GT operation at rotation angle 𝛼 2 . Finally, we obtain the cipher image F. The decryption process is quite similar to the encryption process. It is the inverse of encryption process, involves the following 4 steps: Step 1: Decode the cipher image F with the DRPE to f″.
M. Chen, G. Ma and C. Tang et al.
Optics and Lasers in Engineering 128 (2020) 106026
Fig. 4. The test images.
Step 2: Decompose the synthesized f″ into shuffled sub-images 𝑓𝑖′ ,𝑖 = 1, 2, ⋯ , 𝑛. Step3: Operate reverse scrambling steps to shuffled sub-images 𝑓𝑖′ ,𝑖 = 1, 2, ⋯ , 𝑛 to get sub-images fi , 𝑖 = 1, 2, ⋯ , 𝑛. Step 4: Perform the inverse shearlet transform to obtain the plain image f. 3. Experiments and discussion In this subsection, we examine the feasibility and effectiveness of the proposed generalized optical encryption framework. We carried out extensive numerical simulations on a Matlab (R2014a) platform with Processor Intel(R) Core(TM) i5-4590 CPU 3.30 GHz, Memory 4.00 GB RAM, and 64-bit Operating System Windows-7. We apply the SDGOEF on five medical images and three texture images which are shown in Fig. 4. The sizes of Fig. 4(a), (b), (g) and (h) are 512 × 512 pixels. The sizes of Fig. 4(c), (e) and (f) are 256 × 256 pixels. The sizes of Fig. 4(d) are 378 × 378 pixels. We test the visual and quantitative index of encrypted and decrypted images, the key sensitivity, the robustness against statistical attack, differential attack and chosen plaintext attack. We also analyze the space of key. The parameters used in the SDGOEF are set as follows. The parameters of shearlet transform: 𝑐 = 3,𝑠ℎ𝑒𝑎𝑟𝐿𝑒𝑣𝑒𝑙𝑠 = [111]; The parameters of GAT: 𝜆1 = 3,𝜇1 = 5 and iteration time 𝑛1 = 10 for each sub-image; The parameters of 3D Logistic map: initial values 𝑥11 = 𝑦11 = 𝑧11 = 0.500, control parameters 𝑎1 = 3.80,𝑏1 = 0.011, and 𝑐1 = 0.008 for CRPM1 ; initial values 𝑥12 = 𝑦12 = 𝑧12 = 0.501, control parameters 𝑎2 = 3.73, 𝑏2 = 0.012 and 𝑐2 = 0.009 for CRPM2 . 3.1. Visual and quantitative test In this subsection, we show the part of sub-images decomposed by shearlet transform and the encryption and decryption results of SDGOEF. As shown in Fig. 5, the Fig. 5(a-1)−5(a-4), 5(b-1)−5(b-4), 5(c1)−5(c-4), 5(d-1)−5(d-4), 5(e-1)−5(e-4), 5(f-1)−5(f-4), 5(g-1)−5(g-4),
and 5(h-1)−5(a-4) are the 1th-3th, and the 25th shearlets coefficient sub-images of Fig. 4(a)−(h), respectively. The Fig. 5(a-5), 5(b-5), 5(c-5), 5(d-5), 5(e-5), 5(f-5), 5(g-5), and 5(h-5) are the corresponding encryption results of Fig. 4(a)−(h), respectively. The Fig. 5(a-6), 5(b-6), 5(c6), 5(d-6), 5(e-6), 5(f-6), 5(g-6), and 5(h-6) are the decryption results of the Fig. 5(a-5), 5(b-5), 5(c-5), 5(d-5), 5(e-5), 5(f-5), 5(g-5), and 5(h5) with all correct secret keys. From Fig. 5(a-1)−5(a-4), 5(b-1)−5(b-4), 5(c-1)−5(c-4), 5(d-1)−5(d-4), 5(e-1)−5(e-4), 5(f-1)−5(f-4), 5(g-1)−5(g4), and 5(h-1)−5(a-4), we can see that each sub-image contains different texture information of the corresponding plain image. The shearlet transform can efficiently capture the texture of the test images. The texture information of each decomposed sub-image dependents on the parameters of shearlet transform. From the Fig. 5(a-5), 5(b-5), 5(c-5), 5(d-5), 5(e-5), 5(f-5), 5(g-5), and 5(h-5), one can see that SDGOEF can encrypt the test image into noise-like image without any main information of plain image. From Fig. 5(a-6), 5(b-6), 5(c-6), 5(d-6), 5(e-6), 5(f-6), 5(g-6), and 5(h-6), we can see that the difference between the plain image and decrypted image cannot be discerned visually. In addition, to quantitatively evaluate the resemblance between plain image and the decrypted image, the correlation coefficient (CC) is calculated. The CC is defined as [34] 𝐸 {[𝑓 − 𝐸 (𝑓 )][𝐹 − 𝐸 (𝐹 )]} 𝐶 𝐶 (𝑓 , 𝐹 ) = √ { } { } 𝐸 [𝑓 − 𝐸 (𝑓 )]2 𝐸 [𝐹 − 𝐸 (𝐹 )]2
(8)
where f and F denote the plain image and decrypted image, respectively; E{ · }denotes expectation operator. Note that the higher the CC, the smaller the difference between the plain image and decrypted image. All the calculated value of CC between Fig. 4(a) and Fig. 5(a-6), Fig. 4(b) and Fig. 5(b-6), Fig. 4(c) and Fig. 5(c-6), Fig. 4(d) and Fig. 5(d-6), Fig. 4(e) and Fig. 5(e-6), Fig. 4(f) and Fig. 5(f-6), Fig. 4(g) and Fig. 5(g6), and Fig. 4(h) and Fig. 5(h-6) are 1, which means that the plain image can be retrieved completely from the encrypted image.
M. Chen, G. Ma and C. Tang et al.
Optics and Lasers in Engineering 128 (2020) 106026
Fig. 5. The part of sub-images and encryption results of Fig. 4.(a-1)-(a-5), (b-1)-(b-5), (c-1)-(c-5), (d-1)-(d-5), (e-1)-(e-5), (f-1)-(f-5), (g-1)-(g-5), (h-1)-(h-5) the corresponding sub-images; (a-6), (b-6), (c-6), (d-6), (e-6), (f-6), (g-6), (h-6) encrypion results.
M. Chen, G. Ma and C. Tang et al.
Optics and Lasers in Engineering 128 (2020) 106026
Fig. 5. Continued
M. Chen, G. Ma and C. Tang et al.
Optics and Lasers in Engineering 128 (2020) 106026
Fig. 5. Continued
3.2. Sensitivity of secret keys test In this subsection, we check the key sensitivity of SDGOEF. The main secret keys include: c,shearLevelsof shearlet transform; x11 , y11 , z11 , a1,b1 and c1 of 3D Logistic map for CRPM1 ; x12 , y12 , z12 , a2,b2 and c2 of 3D Logistic map for CRPM2 . The additional secret keys include: 𝜆1 , 𝜆2 , ⋅⋅⋅,𝜆25 , 𝜇 1 , 𝜇 2 ,⋅⋅⋅,𝜇 25 , n1 , n2 ,⋅⋅⋅,n25 for GAT; 𝜃 1 ,𝜃 2 ,⋅⋅⋅,𝜃 24 for vector decomposition; 𝛼 1 and 𝛼 2 for GT. An ideal image encryption system is sensitive to its secret keys. That means if the secret keys has any tiny change will result in a completely different decrypted image. In SDGOEF, if the secret keys candshearLevelsof shearlet transform are incorrect, the inverse shearlet transform can not perform. Therefore, no decrypted image can be outputted. In Fig. 6, we show the corresponding decrypted results of Fig. 4(a) when one of the main secret keys x11 , y11 , z11 , x12 , y12 and z12 of 3D Logistic map for CRPMs has a deviation of 1 × 10−14 and others are correct. The values of CC between the Fig. 5(a)–(f) and the Fig. 4(a) are 0.0316, 0.0307, 0.0317, 0.0316, 0.0347, 0.0331, respectively. In Fig. 7, we show the corresponding decrypted results of Fig. 4(a) when one of the main secret keysa1,b1, c1, a2, b2 and c2 has a deviation of 1 × 10−15 and others are correct. The values of CC between the Fig. 7(a)–(f) and the Fig. 4(a) are 0.0333, 0.0307, 0.0315, 0.0348, 0.0346, 0.0346, respectively. In Fig. 8, we show the decrypted image when 𝜆1 , 𝜆2 , ⋅⋅⋅,𝜆25 have deviation of 1 is shown in Fig. 9(a); The decrypted image when 𝜇 1 , 𝜇 2 , ⋅⋅⋅, 𝜇 25 have deviation of 1 is shown in Fig. 8(b); The decrypted image when n1 , n2 ,⋅⋅⋅, n25 have deviation of 1 is shown in Fig. 8(c). The decrypted image when 𝜃 1 , 𝜃 2 ,⋅⋅⋅,𝜃 24 are instead of random matrixes range in (0, 1) is shown in Fig. 8(d). The decrypted images when 𝛼 1 or 𝛼 2 has a deviation of 0.1 are shown in Figs. 8(e) and 8(f), respectively. The values of CC between the Fig. 8(a)−(f) and the Fig. 4(a) are 0.0015, 0.0009, 0.0709, 0.0028, 0.0331 and 0.0355. From Figs. 6 to 8, we can see that the SDGOEF is sensitive to the variation of secret keys. 3.3. Statistical attack analysis In this subsection, the statistical analysis is performed on SDGOEF. We test the correlations of adjacent pixels of Fig. 4 and its encrypted image. The results are shown in Table 1. We randomly select 3000 pairs
Table 1 Correlation coefficients of two adjacent pixels. Image
Horizontal
Vertical
Diagonal
Fig. Fig. Fig. Fig. Fig. Fig. Fig. Fig. Fig. Fig. Fig. Fig. Fig. Fig. Fig. Fig.
0.9917 −0.0008 0.9456 0.0009 0.9702 −0.0031 0.9742 −0.0021 0.9888 −0.0014 0.5420 −0.0004 0.9353 −0.0027 0.7489 0.0009
0.9942 0.0011 0.9848 −0.0021 0.9792 0.0018 0.9792 0.0004 0.9783 −0.0023 0.5307 −0.0025 0.9137 0.0020 0.7397 −0.0028
0.9897 0.0017 0.9365 −0.0013 0.9466 0.0006 0.9526 0.0006 0.9751 −0.0010 0.3673 0.0018 0.8453 −0.0012 0.4163 0.0016
4(a) 5(a-5) 4(b) 5(b-5) 4(c) 5(c-5) 4(d) 5(d-5) 4(e) 5(e-5) 4(f) 5(f-5) 4(g) 5(g-5) 4(h) 5(h-5)
of adjacent pixels in vertical, horizontal and diagonal directions from the plain image and cipher image, and calculate the correlation coefficients of two adjacent pixels according to the formula in Ref. [41]. From the Table 1, it is observed that the two adjacent pixels of the plain image in all three directions are highly corrected. While, there is negligible correlation between the two adjacent pixels in the three directions of the cipher image. Therefore, from the statistical data, the attacker cannot obtain any valid information. The test results have demonstrated that SDGOEF has high robustness against the statistical attack. 3.4. Chosen-plaintext attack analysis In this subsection, we test the ability of SDGOEF against the chosenplaintext. In the test scheme, we assume the attacker has known the encryption process and all of its encryption keys. We first encrypt the fake image shown in Fig. 4(a) and obtain the fake secret keysc,shearLevels,x11 , y11 , z11 , a1,b1,c1, x12 , y12 , z12 , a2,b2, c2,𝜆1 , 𝜆2 , ⋅⋅⋅,𝜆25 , 𝜇 1 , 𝜇 2 ,⋅⋅⋅,𝜇 25 , n1 , n2 ,⋅⋅⋅,n25 , 𝜃 1 , 𝜃 2 ,⋅⋅⋅,𝜃 24 𝛼 1 and𝛼 2 . Subsequently, we decrypt the cipher image shown in Fig. 5(b-5), 5(g-5), and 5(h-5) which respectively are the encrypted result of Fig. 4(b), 4(g), and 4(h)
M. Chen, G. Ma and C. Tang et al.
Optics and Lasers in Engineering 128 (2020) 106026
Fig. 6. The decryption result with (a) incorrect x11 ;(b) incorrect y11 ;(c) incorrect z11 ;(d) incorrect x12 ;(e) incorrecty12 ;(f) incorrect z12 .
Fig. 7. The decryption result with (a) incorrect a1;(b) incorrectb1;(c) incorrectc1;(d) incorrect a2;(e) incorrectb2;(f) incorrect c2.
using the fake secret keys. The corresponding decryption result is shown in Fig. 9. From Fig. 9 we can see that the decrypted results do not contain any valuable information of the plain image. Therefore, the test results demonstrate that the SDGOEF has the ability of defecting the chosen-plaintext attack.
to quantitatively evaluate the efficiency of an encryption algorithm in defecting the differential attack, which are defined as [1]
3.4. Differential attack analysis
𝑈 𝐴𝐶𝐼 =
The differential attack is an effective approach in which the hackers intend to break the encryption system using the differences of the cipherimages generated from the slightly-changed original images [4]. In an elaborate encryption method, a slight change in the original image will result in a significant difference. This can ensure the cipher-image defect the differential attack. The number of pixel change rate (NPCR) and unified average changing intensity (UACI) are two common methods
where G is the gray level of the image; E1 andE2 are two M × N cipherimages and their original images are in one pixel difference. Function 𝜑(m, n) is the number of different pixels between E1 andE2 . The NPCR and UACI results of all the test images are shown in Table 2. Note that, if the NPCR value is more than 99%, and the UACI value is near to 33%, the encryption algorithm is secure [1,2]. One can
∑𝑀 ∑𝑁 𝑁 𝑃 𝐶𝑅 =
𝑚=1
𝑛=1
𝑀𝑁
𝑀 𝑁 1 ∑∑ 𝑀𝑁 𝑚=1 𝑛=1
𝜑(𝑚, 𝑛)
× 100%
(| |) |𝐸1 (𝑚, 𝑛) − 𝐸2 (𝑚, 𝑛)| × 100% 𝐺−1
(9)
(10)
M. Chen, G. Ma and C. Tang et al.
Optics and Lasers in Engineering 128 (2020) 106026
Fig. 8. The decryption result with (a) incorrect 𝜆1 , 𝜆2 , ⋅⋅⋅,𝜆25 ;(b) incorrect𝜇1 , 𝜇2 ,⋅⋅⋅, 𝜇25 ;(c) incorrectn1 , n2 ,⋅⋅⋅, n25 ;(d) incorrect 𝜃 1 , 𝜃 2 ,⋅⋅⋅,𝜃 24 ;(e) incorrect𝛼 1 ;(f) incorrect𝛼 2 .
Fig. 9. The decryption results of Fig. 3(b), 3(g), and 3(h) with the fake main secret keys.
Table 2 Correlation coefficients of two adjacent pixels.
NPCR UACI
Fig. 4(a)
Fig. 4(b)
Fig. 4(c)
Fig. 4(d)
Fig. 4(e)
Fig. 4(f)
Fig. 4(g)
Fig. 4(h)
0.9960 0.3346
0.9960 0.3346
0.9960 0.3346
0.9960 0.3346
0.9960 0.3346
0.9960 0.3346
0.9960 0.3346
0.9960 0.3346
see from Table 2, NPCR and UACI values of SDGOEF are 99.60% and 33.46%. Therefore, SDGOEF can defend differential attack. 3.5. Key space analysis In this subsection, we analyze the key space of SDGOEF. It is well known that the key space of an ideal image cryptosystem should be large enough to make the brute-force attack infeasible. The main secret keys include: c,shearLevelsof shearlet transform; x11 , y11 , z11 , a1,b1 and c1 of 3D Logistic map for CRPM1 ; x12 , y12 , z12 , a2,b2 and c2 of 3D Logistic map for CRPM2 . The additional secret keys include: 𝜆1 , 𝜆2 , ⋅⋅⋅,𝜆25 , 𝜇 1 , 𝜇 2 ,⋅⋅⋅, 𝜇 25 , n1 , n2 ,⋅⋅⋅, n25 for GAT; 𝜃 1 , 𝜃 2 ,⋅⋅⋅,𝜃 24 for vector decomposition; 𝛼 1 and 𝛼 2 for GT. As mentioned in Section 3.2, when one of c, and the entries in shearLevelshas a deviation of 1, the plain image can not retrieved. In addition, the number of sub-image can be changed by c and shearLevels. Increasing the number of sub-images can increase the number of other keys. When one of x11 , y11 , z11 , x12 , y12 and z12 has a deviation of 1 × 10−14 , the plain image also cannot be retrieved completely from the cipher image. However, if these parameters have deviations of 1 × 10−15 , the values of CC between the decrypted images
and the plain image are 1. When one of a1,b1 c1, a2, b2 and c2 has a deviation of 1 × 10−15 , as mentioned in Section 3.2, the plain image cannot be retrieved completely from the cipher image. However, when these parameters have deviations of 1 × 10−16 , the values of CC between the decrypted images and the plain image are 1. Thus, without counting the parameters of shearlet transform, the main key space of SDGOEF is approximate to(1014 )6 × (1015 )6 = 10174 . In addition, the additional secret keys 𝜆1 , 𝜆2 , ⋅⋅⋅,𝜆25 , 𝜇 1 , 𝜇 2 ,⋅⋅⋅, 𝜇 25 , n1 , n2 ,⋅⋅⋅, n25 , 𝜃 1 , 𝜃 2 ,⋅⋅⋅,𝜃 24 , 𝛼 1 , and 𝛼 2 further enlarge the key space. Such large key space can efficiently protect the SDGOEF from brute-force attack. 4. Conclusions In this paper, we propose an optical encryption framework based on shearlets and DRPE especially for medical images. It possesses a number of advantages. First, the security of it can be improved by increasing the number of shearlet coefficient sub-images. Second, we can flexibly select scrambling algorithm to permutation and diffusion the pixels in sub-images. Third, we can flexibly select reversible synthesize methods to combined the scrambled sub-images into one. Numerical simulations
M. Chen, G. Ma and C. Tang et al.
have demonstrated that the proposed optical encryption framework can against the statistical attack, differential attack and chosen plaintext attack. In addition, it has large key space, and the key space can be various according to the selection of the parameters of shearlet transform, the scrambling algorithm, and synthesize method. That means the performance of the encryption framework can be improved by choosing novelty scrambling algorithm and synthesize method. Declaration of Competing Interest The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper. CRediT authorship contribution statement Mingming Chen: Conceptualization, Methodology, Software, Writing - original draft. Guangbiao Ma: Data curation. Chen Tang: Supervision. Zhenkun Lei: Funding acquisition. Funding This work was supported by the National Natural Science Foundation of China (NNSFC) (grant 11772081, 11972106). References [1] Cao W, Zhou Y, Chen C L P, Xia L. Medical image encryption using edge maps. Signal Process 2017;132:96–109. [2] Nematzadeh H, Enayatifar R, Motameni H, Motameni H, Gadelha F, Coelho V N. Medical image encryption using a hybrid model of modified genetic algorithm and coupled map lattices. Opt Laser Eng 2018;110:24–32. [3] Chen Y, Tang C, Ye R. Cryptanalysis and improvement of medical image encryption using high-speed scrambling and pixel adaptive diffusion. Signal Process 2020;167:107286. [4] Chen J, Zhu Z, Zhang L, Zhang Y, Yang B. Exploiting self-adaptive permutation–diffusion and DNA random encoding for secure and efficient image encryption. Signal Process 2018;142:340–53. [5] Kanso A, Ghebleh M. An efficient and robust image encryption scheme for medical applications. Commun Nonlinear Sci 2015;24:98–116. [6] Munir R. Security analysis of selective image encryption algorithm based on chaos and CBC-like mode. In: International conference on telecommunication systems; 2012. p. 142–6. [7] Alvarez G, Li S, Hernandez L. Analysis of security problems in a medical image encryption system. Comput Biol Med 2007;37:424–7. [8] Martin K, Lukac R, Plataniotis K N. Efficient encryption of wavelet-based coded color images. Pattern Recognit 2005;38:1111–15. [9] Cheng H, Li X. Partial encryption of compressed images and videos. IEEE Trans Signal Process 2000;48:2439–51. [10] Sadourny Y, Conan V. A proposal for supporting selective encryption in JPSEC. IEEE Trans Consum Electr 2003;49:846–9. [11] Ou Y, Sur C, Rhee K H. Region-based selective encryption for medical imaging. In: International workshop on frontiers in algorithmics; 2007. p. 62–73. [12] Zhou Y, Panetta K, Agaian S. A loss less encryption method for medical images using edge maps. In: Annual international conference of the IEEE engineering in medicine and biology society; 2009. p. 3707–10.
Optics and Lasers in Engineering 128 (2020) 106026 [13] Chen G, Mao Y, Chui C K. A symmetric image encryption scheme based on 3D chaotic cat maps. Chaos Soliton Fractals 2004;21:749–61. [14] Lian S, Sun J, Wang Z. A block cipher based on a suitable use of the chaotic standard map. Chaos Soliton Fractals 2005;26:117–29. [15] Wong K W, Kwok S H, Law W S. A fast image encryption scheme based on chaotic standard map. Phys Lett A 2008;372:2645–52. [16] Belazi A, Abd El-Latif AA, Belghith S. A novel image encryption scheme based on substitution-permutation network and chaos. Signal Process 2016;128:155–70. [17] Fu C, Lin B B, Miao Y S, Liu X, Chen J J. A novel chaos-based bit-level permutation scheme for digital image encryption. Opt Commun 2011;284:5415–23. [18] Zhu Z L, Zhang W, Wong K W, Yu H. A chaos-based symmetric image encryption scheme using a bit-level permutation. Inf Sci 2011;181:1171–86. [19] Chen J X, Zhu Z L, Fu C, Yu H, Zhang L B. An efficient image encryption scheme using gray code based permutation approach. Opt Laser Eng 2015;67:191–204. [20] Tong X J. The novel bilateral - Diffusion image encryption algorithm with dynamical compound chaos. J Syst Softw 2012;85:850–8. [21] Zhang Y, Xiao D. An image encryption scheme based on rotation matrix bit-level permutation and block diffusion. Commun Nonlinear Sci 2014;19:74–82. [22] Mirzaei O, Yaghoobi M, Irani H. A new image encryption method: parallel sub-image encryption with hyper chaos. Nonlinear Dyn 2012;67:557–66. [23] Tong X J, Wang Z, Zhang M, Liu Y. A new algorithm of the combination of image compression and encryption technology based on cross chaotic map. Nonlinear Dyn 2013;72:229–41. [24] Zhou N, Zhang A, Zheng F, Gong L. Novel image compression–encryption hybrid algorithm based on key-controlled measurement matrix in compressive sensing. Opt Laser Technol 2014;62:152–60. [25] Chen J X, Zhu Z L, Fu C, Yu H. Optical image encryption scheme using 3-D chaotic map based joint image scrambling and random encoding in gyrator domains. Opt Commun 2015;341:263–70. [26] Annaby M H, Rushdi M A, Nehary E A. Image encryption via discrete fractional Fourier-type transforms generated by random matrices. Signal Process-Image 2016;49:25–46. [27] Fridrich J. Symmetric ciphers based on two-dimensional chaotic maps. Int J Bifurcat Chaos 1998;08:1259–84. [28] Chen G, Mao Y, Chui C K. A symmetric image encryption scheme based on 3D chaotic cat maps. Chaos Solitons Fractals 2004;21:749–61. [29] Lian S, Sun J, Wang Z. A block cipher based on a suitable use of the chaotic standard map. Chaos Solitons Fractals 2005;26:117–29. [30] Wong K W, Kwok S H, Law W S. A fast image encryption scheme based on chaotic standard map. Phys Lett A 2008;372:2645–52. [31] Refregier P, Javidi B. Optical image encryption using input plane and Fourier plane random encoding. Opt Lett 1995;20:767–9. [32] Lim W Q. The discrete shearlet transform: a new directional transform and compactly supported shearlet frames. IEEE Trans Image Process 2010;19:1166–80. [33] Abuturab M R. Generalized Arnold map-based optical multiple color-image encoding in gyrator transform domain. Opt Commun 2015;343:157–71. [34] Xiong Y, Quan C, Tay C J. Multiple image encryption scheme based on pixel exchange operation and vector decomposition. Opt Laser Eng 2018;101:113–21. [35] Unnikrishnan G, Singh K. Double random fractional Fourier domain encoding for optical security. Opt Eng 2000;39:2853–9. [36] Unnikrishnan G, Joseph J, Singh K. Optical encryption by double-random phase encoding in the fractional Fourier domain. Opt Lett 2000;25:887–9. [37] Chen H, Du X, Liu Z. Optical spectrum encryption in associated fractional Fourier transform and gyrator transform domain. Opt Quant Electron 2016;48:12. [38] Liu Z, Xu L, Lin C, Dai J, Liu S. Image encryption scheme by using iterative random phase encoding in gyrator transform domains. Opt Laser Eng 2011;49:542–6. [39] Khade P N, Narnaware M. 3D chaotic functions for image encryption. Int J Comput Sci Issues 2012;9:323–8. [40] Sui L, Gao B. Color image encryption based on gyrator transform and Arnold transform. Opt Laser Technol 2013;48:530–8. [41] Stoyanov B, Kordov K. Image encryption using Chebyshev map and rotation equation. Entropy 2015;17:2117–39.