FPGA Implementation of Improved Security Approach for Medical Image Encryption and Decryption

Hindawi Scientific Programming Volume 2021, Article ID 6610655, 20 pages https://doi.org/10.1155/2021/6610655 Research Article FPGA Implementation of Improved Security Approach for Medical Image Encryption and Decryption Amal Hafsa ,1 Mohamed Gafsi ,1 Jihene Malek ,1,2 and Mohsen Machhout 1 1 Electronic and Micro-Electronic Laboratory, LR99ES30, Faculty of Sciences, University of Monastir, Monastir, Tunisia 2 Higher Institute of Applied Sciences and Technology, Sousse University, Sousse, Tunisia Correspondence should be addressed to Amal Hafsa; hafsaamal12@gmail.com Received 7 November 2020; Revised 2 January 2021; Accepted 20 January 2021; Published 8 February 2021 Academic Editor: Autilia Vitiello Copyright © 2021 Amal Hafsa et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. Securing medical images is a great challenge to protect medical privacy. An image encryption model founded on a complex chaos- based Pseudorandom Number Generator (PRNG) and Modified Advanced Encryption Standard (MAES) is put forward in this paper. Our work consists of the following three main points. First, we propose the use of a complex PRNG based on two different chaotic systems which are the 2D Logistic map in a complex set and Henon’s system in the key generation procedure. Second, in the MAES 128 bits, the subbytes’ operation is performed using four different S-boxes for more complexity. Third, both shift-rows’ and mix-columns’ transformations are eliminated and replaced with a random permutation method which increases the complexity. More importantly, only four rounds of encryption are performed in a loop that reduces significantly the execution time. The overall system is implemented on the Altera Cyclone III board, which is completed with an SD card interface for medical image storage and a VGA interface for image display. The HPS software runs on μClinux and is used to control the FPGA encryption-decryption algorithm and image transmission. Experimental findings prove that the propounded map used has a keyspace sufficiently large and the proposed image encryption algorithm augments the entropy of the ciphered image compared to the AES standard and reduces the complexity time by 97%. The power consumption of the system is 136.87 mw and the throughput is 1.34 Gbit/s. The proposed technique is compared to recent image cryptosystems including hardware performances and different security analysis properties, such as randomness, sensitivity, and correlation of the encrypted images and results prove that our cryptographic algorithm is faster, more efficient, and can resist any kind of attacks. 1. Introduction designed for different applications. However, it is inap- propriate for securing large medical images. Thus, it is Currently, the fast growth of the Internet makes Electronic necessary to improve the AES making it suitable to secure Healthcare (e-healthcare) feasible and popular. E-Healthcare medical images against attacks. A random number generator refers to an internet-based system where the patient can is used to generate a sequence of random numbers for contact an expert doctor for the diagnostic. Some medical encryption. When the generated number is more random, images are stored and transmitted over the Internet. These the encryption effect is better. Chaos systems are used in the images may contain much privacy of patients and are very designing of the Pseudorandom Number Generator (PRNG) confidential and sensitive. Therefore, the best significant way to generate good keys for encryption. This technique has to protect this privacy issue is data encryption. Medical several significant advantages against other generators, such images have some characteristics, such as redundancy, big as the true random number generator (TRNG) and the data volume, and great pixel correlation, compared to the Linear Feedback Shift Register (LFSR), It is very sensitive to normal images [1]. Medical image encryption algorithms initial conditions, characterised by a, long periodicity, and require not only great security but also fast encryption speed. provides large keyspace. Thus, combining a chaotic system The Advanced Encryption Standard (AES) has been and improved AES can provide great performances in terms 2 Scientific Programming of security and run time. Beyond algorithm strictness, an systems based on the existing AES algorithm caused a long efficient implementation technique of one cryptosystem is execution time because of the multiple iterations, and it was required. In a software implementation, an algorithm is not secure enough to protect image privacy because of executed in a sequential way. This technique is not sufficient predefined procedures. This disadvantage affected directly to provide good performance enough in real-time appli- the global quality of the system in the case of online en- cations. In addition, the algorithm is vulnerable to software cryption. In the other case, the use of the CBC mode has attacks. However, the hardware implementation is required many disadvantages such as its sequential architecture, to get good performance enough and protection against which could cause a slowdown in encryption systems. attacks from running an algorithm [2]. Increasing system Another disadvantage of the CBC standard was the performance is based on two basic concepts: increasing the propagation of an error may occur easily and could affect processor clock frequency and using specific processors. In all blocks. Toughi et al. [6] used the Elliptic Curve Cryp- the hardware implementation, we have two choices: an ASIC tography (ECC) operations as an initial number generator and an FPGA. The first choice is the most expensive. The and proposed the encryption via a standard AES to create a second choice is a promising solution. FPGAs allow the novel pseudorandom to mask all pixels. However, the use designer to create a custom circuit implementation of an of a sequential way to encrypt the image augmented the algorithm using a standard component made up of basic time complexity. Chaos-based encryption has been sug- programmable logic elements. An FPGA offers significant gested as an efficient way to deal with the intractable issue cost advantages over an ASIC development effort and offers of rapid and secure images. This is due to many strengths of the same level of performance in most cases. Another ad- chaos such as the deterministic pseudorandom number vantage of the FPGA against IC is its ability to be dy- generation (PRNG), the long periodicity, the sensitivity to namically reconfigured. Based on a NIOS II softcore the initial conditions, and the large keyspace. Hu et al. [7] processor and a cyclone III FPGA, a strong prototype suggested an ameliorated cryptographic system based on platform for medical image processing is designed in our chaotic map and Latin square. The parameter of the chaotic work. The aim of this paper is to design a real-time medical system was calculated by the original image. However, the image encryption system based on a strong cryptographic keyspace was less than 2100. Authors in [8] proposed co- model with the image input from an SD card interface and operation between ECC and a chaotic system. In this paper, an output to a VGA interface. We propose a chaotic en- authors utilized cyclic elliptic curves with LFSR and a chaos cryption algorithm combined with high-dimensional cha- system for the keystream sequences’ generation. Then, otic mapping and improved confusion and diffusion of image encryption was performed using the key streams. MAES and implemented on SoPC FPGA. We focus to gain The suggested method was vulnerable to the Chosen Plain an overall great performance and a high level of security. Text Attacks (CPA) [9]. Yu et al. [10] suggested an image In history, medical image encryption models have been cryptosystem based on a combination between the 3D reported. Laiphrakpam and Khumanthem [3] suggested orthogonal Latin squares (3D-OLSs) and a matching the use of ElGamal encryption algorithm to encrypt matrix. Firstly, the 3D sine map was used to generate three medical images. In this paper, the data expansion problem chaotic sequences. Next, a 3D orthogonal Latin square and was resolved. However, the use of an asymmetric algorithm a matching matrix were produced by using the chaotic to encrypt images was highly time-consuming. In 2018, sequences. Then, the 3D-OLSs and the matching matrix Elhoseny et al. [4] propounded a hybrid encryption scheme were jointly used to permute the original image. After that, that mixed both AES and Rivest–Shamir–Adleman (RSA) all planes of the permuted matrix were divided into sixteen calculations. The cryptosystem started by encoding the blocks of the same size. The chaotic sequence was sorted mystery data; at that point, it concealed the outcome in a and a position matrix was generated. According to the cover image employing 2D-DWT-1L or 2D-DWT-2L. Both position matrix, the blocks of each plane were linked and shading and dark scale images were employed as cover shifted by using a cyclic shift operation; then, a new matrix images to disguise diverse content sizes. While the level of was generated. Finally, the encrypted image was generated security was improved, the use of two cryptographic al- by executing a diffusion operation for the new matrix. Xiuli gorithms could increase the run time for image processing et al. [11] proposed a medical image encryption model that and could cause delays during transmission. Zhang et al. [5] combined Latin square and a chaotic system. Ben Sliman proposed an image encryption system based on the com- et al. [12] suggested an efficient technique to generate a bination of the AES-128 and the Cipher Block Chaining novel chaotic system using the amalgamation between the mode (CBC) standards. For this, the plain image was Logistic map in a complex set, Julia’s fractal process, and fragmented into subblocks sized 128 bit. After that, an chaotic attractors. The Lyapunov exponents were calcu- initial vector, named IV with a size equal to 128 bit was lated to demonstrate the chaotic state of the new behaviour. generated by the Tent chaotic map and XORed with the This approach, using the fractal process and Logistic map initial plain subblock. Secondly, the AES-128 was applied to with chaotic attractors, could facilely be implemented and obtain the first ciphered subblock. Finally, the rest of the simulated. Then, they suggested a secure cryptosystem for different subblocks were scripted sequentially following the image encryption based on the proposed chaotic system. same steps applied on the first one block. According to the The algorithm contained the Shannon principle of con- results presented in [5], we notice that the encryption fusion and diffusion. Scientific Programming 3 A new image encryption algorithm based on DNA se- generation of attacks. In [17, 18], a scheme is pro- quence operations, Single Neuron Model (SNM), and posed to verify the randomness of the image, named chaotic map was proposed in [13]. A 512 bit hash value “Shannon’s local entropy.” We employ the Shannon dependent to the original image was proposed for initial local entropy analysis to validate the suggested conditions; then, a confusion-diffusion was adopted as an method [19, 20]. architecture of the cryptosystem. The 2D Logistic-adjusted- (5) Undertaking in-depth evaluation study of the per- Sine map (2D-LASM) was used to confuse the pixels of color formance of the execution and comparing the results components simultaneously, while SNM was utilized to with other recent works. create the keystream; otherwise, the hash value of the clear image was injected additionally in the diffusion procedure. This paper is structured as follows. Section 2 presents Ben Sliman et al. [14] suggested an image encryption the designed complex chaotic system and the proposed model based on the 2D Logistic map in a complex set and image cryptosystem algorithm. Section 3 describes the nonuniform cellular automata using the secure hash algo- implementation of the medical image encryption system rithm SHA-2. The proposed algorithm adopted confusion- on the FPGA followed by experimental results. Security diffusion as architecture. An efficient image encryption analysis and evaluation are detailed in Section 4, and fi- scheme based on the nested chaotic map and deoxy- nally, Section 5 concludes the paper and recommends ribonucleic acid (DNA) was proposed in [15]. In this paper, some future works. the secure hash algorithm SHA-256 was used for the initial condition values’ generation of the nested chaotic system. 2. Cryptosystem Design The cryptosystem consisted of two main layers: confusion and diffusion. In the first layer, the nested chaotic map was In this section, we introduce the designed image crypto- used to create a scrambled image. The scrambled image was system based on MAES and chaos-key generator. The obtained via the ascending sorting of the first component of general view of the proposed image cryptosystem archi- the nested chaotic index sequence. For a high level of tecture is depicted in Figure 1. We firstly describe the chaos- sensitivity, complexity, and security, DNA sequence and based PRNG for the key generation, which is composed of DNA operator were used additionally with the nested two different chaotic systems: the Logistic map in a complex chaotic map and hash algorithm to modify the pixels values. set (2D) and Henon’s map (2D). Secondly, the MAES is Results showed improvement of NPCR, UACI, and entropy. clearly detailed. Elgendy et al. [16] suggested an image encryption algorithm based on two-dimensional (2D) chaotic maps, including a standard map, baker map, and cat map. Findings showed a 2.1. Pseudorandom Number Generator. PRNGs are used to reduction in execution time, but the results of security generate keys useful for encryption. Chaotic systems are an analysis, such as correlation, entropies, and differential at- effective solution for good key generation. Chaos systems are tacks, were not ideal values compared to other propounded very sensitive to the initial condition and have long peri- models. odicity, good entropy, and good statistical behaviour of Our work makes the following contributions: randomness [21–25]. In the literature, several chaotic sys- tems have been investigated for key generation. In our work, (1) Designing a complex chaos-based PRNG with the we have selected to use Henon’s map and 2D Logistic map in goal to generate high-quality encryption keys. the complex set since they have good chaotic behaviour (2) Designing an improved cryptosystem for medical [13, 21, 22]. images encryption and decryption, which combines Henon’s map is defined by equation (1). The system has a the complex PRNG and a modified AES (MAES), state of two variables (X, Y) and two parameters a and b. It is where the subbytes’ operation is performed using under chaotic behaviour when a � 1.4 and b � 0.3 [28–30]. n four different s-boxes generated by the chaotic represents the number of iteration. The initial state (x0, y0) of system. Then, both shift-rows and mix-columns are Henon’s map is derived from the initial key ki: eliminated and replaced with a random permutation method. This increases the complexity of the system. ⎨ xn+1 � 1 − ax2n + yn , ⎧ ⎩ (1) Finally, only four rounds of encryption are per- yn+1 � bxn . formed in a loop that reduces significantly the ex- ecution time. The 2D Logistic map in the complex set is defined by equation (2). The system has a state of two variables (x, y) (3) Designing a strong prototype platform for secure and one parameter λ. For λϵ[0, 4], the system is under medical images based on the NIOS II processor and chaotic behaviour. The initial state (Xl, Yl) of the 2D Logistic FPGA. map is derived from the initial key ki: (4) Undertaking in-depth experimental measurements in FPGA for several medical images with different ⎧ xi+1 � yxi 1 − xn 􏼁 + λy2i , ⎨ types, contents, and sizes to evaluate the strength of ⎩ (2) yi+1 � λyi 1 − 2xi 􏼁. the proposed cryptosystem against the new 4 Scientific Programming Original External secret YL � 􏼐Yli × 1012 􏼑mod232 , (11) or key Ki 128-bit encrypted image PRNG PRNS � Concat(YH, XL, YL, XH). (12) Chaos-MAES High-quality confusion-diffusion key streams encryption/decryption 2.2. Modified AES. The AES is one of the most known Encrypted encryption algorithms for data protection. Invented in 1998 or by Joan Daemen and Vincent Rijmen and proved in 2000 by decrypted the NIST, the AES has been widely deployed, thanks to its image high performance. It involves key sizes and block sizes. The Figure 1: General view of the proposed cryptosystem architecture. size of the information block is 128 bits, and the length of the key can be 128, 192, or 256 bits [23]. The repetitions and size of the key determine the complexity of the algorithm. A To generate high-quality keys, a complex architecture of higher repetition or an elevated key size provokes higher PRNG is proposed which employs both Henon’s map and CPU usage and complexity. For 128 bits key, about 2128 2D Logistic map in the complex set. The general architecture attempts are needed to crack, but it is not appropriate in is depicted in Figure 2. It includes three data processing multimedia data because multimedia information is char- blocks: an Initial State Generator (ISG), a Complex Chaotic acterized by great redundancy. Thus, only utilizing the Design (CCD), and a Convertor block. The overall system existing AES cryptosystem cannot attain good quality of has one input and one output each sized 128 bit, and it encryption. To solve the issue of the AES encrypted images, involves a state of four variables (Xh, Yh, Xl, Yl). we mix the features of a 4D chaotic system for good key The ISG is employed to generate implicitly an initial state generation and improvement in confusion and diffusion in (Xh0, Yh0, Xl0, Yl0) for the chaotic system from its 128 bit the AES. Our method augments the complexity of en- initial secret key input. For that, the initial key ki is divided cryption and enhances the security level. into 8 bit blocks as in equation (3). Therefore, the variables of Figure 3 depicts the flowchart of the image encryption the initial state (Xh0, Yh0, Xl0, Yl0) are computed separately algorithm using MAES and the proposed chaotic key gen- using equations (4)–(7): erator. The decryption cryptosystem is the reverse procedure of the encryption algorithm. Ki � k1 |k2 |k3 |, . . . , |k32 , (3) For the encryption operation, we need 4 rounds. Each round transformation is performed as a set of iterations, k1 ⊕ k2 ⊕ · · · ⊕ k 8 􏼁 Xh0 � , (4) which includes the subbytes’ operation using four different 28 S-boxes, a random permutation, and an add-round key operation. k9 ⊕ k7 ⊕ · · · ⊕ k16 􏼁 Yh0 � , (5) (1 )Process 1 (subbytes): consists of replacing each byte 28 of the state matrix with another value. The substi- k17 ⊕ k12 ⊕ · · · ⊕ k24 􏼁 tution S-box guarantees Shannon’s principle of Xl0 � , (6) confusion. Four different S-boxes:S-box1, S-box 2, 28 S-box 3, and S-box 4, are used for the substitution k25 ⊕ k17 ⊕ · · · ⊕ k32 􏼁 that increases the complexity of the algorithm. Yl0 � . (7) (2) Process 2 (random permutation): block’s pixels are 28 randomly permuted using two predefined methods. The use of the same initial key permits obtaining the It guarantees the Shannon diffusion principle. Fig- same random number sequence always. The converter block ure 4 illustrates the process of the random permu- is employed to convert the underlying state of the chaotic tation. The condition of the parity of block position design into 32 bit numbers suitable for encryption equations has been adopted which permits using the permu- (8)–(11). Therefore, a sequence of 128 bit random numbers’ tation method 1 or method 2: PRNS is obtained which presents high statistical behaviour of randomness (equation (12)): (a) If the position of the block is odd, then, the block’s pixels are permuted using method 1 (b) If the position of the block is even, then, the XH � 􏼐Xhi × 1012 􏼑mod232 , (8) block’s pixels are permuted using method 2 YH � 􏼐Yhi × 1012 􏼑mod232 , (9) (3) Process 3 (add-round key): each byte in the matrix uses Xor to manipulate the round key. A subkey is obtained from the main PRNG. It guarantees the XL � 􏼐Xli × 1012 􏼑mod232 , (10) Shannon diffusion principle. Scientific Programming 5 Xh0 Xh 64-bit Yh0 2D henon’s map Yh Initial Xl0 64-bit Ki Xl Converter Concat PRNS state Yl0 2D logistic map Yh generator 64-bit 4-D chaotic design Figure 2: General view of the proposed PRNG. 3. FPGA Implementation RGB 3.1. System Design Hardware Implementation. In this paper, original image the FPGA-based NEEK development board including Cy- clone III (Altera) is required. The suggested System on Programmable Chip (SoPC) includes the NIOS II processor Image which is a 32 bit embedded processor specialized for the decomposition 128-bit Altera family of FPGAs, internal memory controllers, a timer to perform the run time, a JTAG UART for the debug, Confusion and IPs for image storing and displaying which are, re- 128-bit Block 128-bit Block 128-bit Block 128-bit block Subbyte spectively, the SD card and the VGA monitor. The principal processing core of the embedded image system is the NIOS II processor. With the help of Qsys (System Integration tool of Quartus II), the CPU is connected with all modules via an Random Avalon bus, as depicted in Figure 5. Both SD card and VGA permutation Diffusion interfaces are connected to the processor, and the SRAM memory and remaining IPs’ hardware are interfaced via the Add round bus. The transmission of information between the SD card, 128-bit 128-bit Block Block key 128-bit Block 128-bit RN VGA interface, and SRAM can be done by using the pro- cessor. The three required components are clearly described in this section. R ≤ 4 rounds PRNG 4 round test 3.1.1. NIOS II Processor. In this work, the FAST version of R > 4 rounds the CPU is used. It is a 32 bits scalar RISC architecture [24]. Initial 128-bit Block The extensibility, flexibility, and adaptability constitute the 128-bit 128-bit Block 128-bit Block 128-bit block significant things, to be interested in, for this CPU. The key NIOS II design is depicted in Figure 6. RGB encrypted 3.1.2. SDI/O Card Interface. The SD card is portable which image permits the information stored to be transmitted to other Figure 3: Flowchart of image encryption in this proposal method. devices. The Altera board has SD card ports. It permits the SD card to be connected to the FPGA. The SD card FPGA is designed as a hardware IP with the use of the Qsys- implemented system. The overall system contains the NIOS system (50 MHz). In fact, reading data must be very II CPU and other modules. Information stored in the SD rapid. card can be processed by simple programs executed on NIOS (3) DMA (direct memory access) module: it assures the II CPU. As depicted in Figure 7, the SD card interface is data transmission from the FIFO to the SRAM by composed in the following blocks: sending signals. The SD interface sends the image (1 )SD Control block: it assures the transmission of the information and signals of control via the bus. image to the FIFO (First-in First-out) with 32 bits data path. In fact, with the aim of employing the 3.1.3. VGA Interface. Figure 8 presents the architecture of Avalon bus size totality (32 bit), every four bytes are treated at 32 bits words. the VGA interface. It is responsible to transmit information from the bus into the VGA board to visualize images in the (2) FIFO module: it assures the memorization of the VGA monitor. It is structured by the following blocks: image line. It is considered as a buffer between both data writing and reading. Writing in the FIFO (1 )The DMA block: it assures the information trans- module is synchronized with the SD clock, while mission from the SRAM to the FIFO using both«- reading is synchronized with the clock of the overall master_rd » and « master_addr»signals. 6 Scientific Programming Original block Original block P11 P12 P13 P14 P11 P12 P13 P14 P21 P22 P23 P24 P21 P22 P23 P24 P31 P32 P33 P34 P31 P32 P33 P34 P41 P42 P43 P44 P41 P42 P43 P44 Permutation method 1 Permutation method 2 P23 P22 P41 P33 P31 P21 P33 P43 P34 P42 P11 P32 P22 P44 P24 P11 P43 P24 P14 P21 P34 P14 P32 P12 P13 P44 P31 P12 P42 P13 P23 P41 Permuted block Permuted block Figure 4: Description of the two permutation methods. Figure 5: Connection in Qsys GUI. Reset Nios II processor core Clock Program General JTAG controller Tighly coupled purpose interface JTAG address instruction registers to debug generation r0 to r31 Tighly coupled software module Instruction instruction Exception cache debugger Control controller Instruction bus registers Interrupt ct 10 Irq [31...0] ] controller to ct 15 Data bus Custom Custom Tighly coupled I/O instruction instruction memory signals logic Arithmetic logic unit Data cache Tighly coupled instruction Figure 6: Chart flow of the NIOS II system design. (2) The buffer block: two FIFO having the same size block assures the reading of the information from the compose this module. In fact, when the writing is second FIFO. The writing on the FIFO is synchro- given by the DMA in the first FIFO, the VGA control nized in 50 MHz while the reading is synchronized Scientific Programming 7 Clk system Master-wr Clk 14 MHz AVALONBUS 8-bit 32-bit 32-bit SD card Master-addr FIFO DMA control 32-bit LDV Master-waitreq FDV Figure 7: SD card interface. Master-rd Master-addr 32-bit 32-bit 24-bit AVALONBUS DMA FIFO 32-bit MUX VGA 32-bit control HS 32-bit FIFO VS Master-wr Figure 8: VGA interface. with the VGA clock (25 MHz). The interface is given architecture is depicted in Figure 9. It includes four to assure the transmission of the 32 bits data via the components: bus to the visualization. (1) The Input_Buffer and the Output_Buffer as well as (3) VGA controller: it controls and transmits « R », « G », many internal communication data paths are 32 bits and « B » and synchronization signals to the VGA in width and used to hold the plaintexts of 128 bits extension board. before being processed and to memorize cipher All hardware IPs are developed in VHDL language in texts until processing the overall 128 bits ALTERA Quartus tools. Once hardware is designed, we have (2) Control unit is used to generate control signals for all implemented the application on the board. For this, we have components firstly ported the derivative of Linux kernel (μClinux) on the (3) Key expansion PRNG unit is employed to generate a processor to facilitate the implementation of the suggested set of round keys image encryption on the chosen hardware platform. (4) MAES transformation round is employed to encrypt data input 3.2. Encryption System Architecture. Several AES hardware The proposed cryptographic algorithm is interfaced architectures have been reported in the literature [33]. In this with the SoPC as a hardware accelerator. The system paper, the goal is to design an improved architecture of the designed is generated and downloaded successfully in algorithm to speed up execution on 32 bit processors with Cyclone III FPGA NEEK developed board. The control memory constraints available in the embedded systems. The part of the system is developed in C language in NIOS II NIOS II 32 bit processor and the arithmetic logic unit (ALU) IDE. In fact, a C code is downloaded on the soft processor architectures are founded on the address buses, data buses, to communicate with the proposed algorithm accelerator. and registers of 32 bits data path. Every transformation of The result of communication between the processor and the AES cryptosystem maps a 128 bit as the input state and a the IP block is acquired. The ciphered image is forward to 128 bit as the output state. To optimize the size of the MAES the PC via JTAG_URAT to perform findings in 32 bit hardware conception, the 128 bit data block is split into four frames. 32 bit blocks and is required at one column or at one row via Figure 10 presents the results of the suggested security the 32 bit data bus. Only the random permutation operation system design (storage, processing (encryption/decryp- demands the accessibility of the totality of data (128 bits) tion), and display of the image signal) where the input is before starting. Thus, four registers (32 bits) are required. On from the SD card interface and the output is on the VGA the contrary, four different S-boxes are needed in our display interface. Both encryption and decryption proce- proposed architecture. The encryption datapath processes a dures are implemented on the NEEK board. The encrypted complete 32 byte block in parallel and the total round result of the image is shown in Figure 10(a), whereas the transformation is executed in a one-clock cycle. Thus, four decrypted result of the original image is as illustrated in clocks are needed for the entire encryption. The proposed Figure 10(b). 8 Scientific Programming Enable Key Plain text 32 32 Data-loaded Input_Buffer Control unit 32 32 32 32 Encrypt 8 8 8 8 MAES transformation round S-box1 S-box2 S-box3 S-box4 Generate key Key-loaded Key ready Cipher text ready Random permutation Round key Add-round key PRNG 32 32 32 32 32 Output_Buffer 32 Cipher text End Figure 9: Proposed chaos-MAES architecture on FPGA. (a) (b) Figure 10: FPGA-based implementation of chaos-MAES-based secure image communications. Input from SD card interface and output on VGA display interface. (a) Encryption process. (b) Decryption process. 3.3. Hardware Performance. The proposed cryptosystem is Table 1: FPGA implementation of the proposed cryptosystem. implemented on the NEEK board featuring Cyclone III Hardware performances Cyclone III FPGA. Table 1 illustrates the performances utilization Total logic elements (LE) 3.216/24.624 (14%) extracted from Quartus II implementation software. The Total combinational function 2.860/24.624 (12%) system needs 14% of logic elements, 12% of combinational Dedicated logic registers 1.962/24.624 (8%) functions, 8% of logic registers, and 22% of memories. Fi- Memories 131.616/608.256 (22%) nally, it runs at 167.83 MHz clock frequency, consumes F Max 167.83 MHz 137.06 mW at the power, and can achieve a great throughput Total thermal power dissipation 137.06 Mw of 1.34 (Gbits/s). Throughput 1.34 (Gbits/s) The system throughput is an important metric that provides the number of bits processed in a second, which is computed using method has the aim to reduce the maximum processing nb_bit ∗ frequence Mb time. Only four rounds of encryption are performed in a Throughput � . (13) loop instead of 10 rounds that reduces significantly the latence s execution time. The encryption datapath processes a com- Concluding the obtained results, the proposed crypto- plete 32 byte block in parallel and the total round trans- system hardware design occupies a small hardware area and formation is executed in a one clock cycle. Thus, only four reaches 1.34 Gbits/s of throughput. clocks are needed for the entire encryption. The execution time is a parameter that is significant to From Table 2, the time required to encrypt Lena’s perform the real-time encryption processes. The proposed (512 × 512 × 3) standard test image using complex PRNG- Scientific Programming 9 Table 2: Comparison of the proposed encryption model’s run time with the existing AES and other works. Execution time (s) Proposed method Existing AES [34] [35] [36] Lena (512 × 512 × 3) 0.02457 68.2218 15.268 0.3 0.0255 MAES is 0.02457 s, whereas, for the current standard AES consequence, the proposed system is safe against statistical implemented in the hardware device featuring a NIOS II attacks. softcore processor, it is 68,2218 s [37]. The suggested algo- rithm is about 97% faster compared to the standard AES. Similarly, a comparison of the execution time with other 4.1.3. Global and Local Shannon Entropy Analysis. The algorithms implemented in an FPGA is illustrated in the global Shannon entropy is measured by applying equation same table. The results prove that the processing time of the (14) to the image. The entropy parameter is considered as the proposed model is much less than the existing works. standard to test randomness. The entropy coefficient is utilized to obtain the incertitude performed in the ciphered 4. Security Analysis and Interpretation image. If the entropy is elevated, the confidentiality is higher. Note that the utmost entropy value for a gray scale image is In this part, we evaluate the system on FPGA for several 8 bits/pixel. The average value for H (m) for numerous ordinary and medical images with different types and sizes. preceding works was between 7.90 and 7.99. This value is For ordinary color images, we use the standard Lena, depending on the image, the size of the key, and the Peppers, and Baboon images of size (512 × 512 × 3) (Fig- cryptographic model. Entropy is computed as ure 11). For medical images, seven different types of images are selected which are depicted in Figure 12. Medical images 2N−1 1 are obtained by ultrasound device, 3D Scanner, magnetic H(m) � 􏽘 P(mi) Log2 􏼠 􏼡, (14) i P(mi) resonance device MRI, X-ray, radiography, endoscopy, and computerized tomography (CT-scan). Simulation findings and performance analysis for the chosen images are given in where H(m) is the Entropy image, P(mi) is the probability this section highlighting the quality analysis of images, mass function, and 2N − 1 presents the number of gray statistical analysis, key analysis, and algorithm performance. levels. This technique fails to measure the real degree of ran- domness of an image. It has many weaknesses such as unfair 4.1. Statistical Analysis. In this section, we use image his- random comparisons between images of different sizes, the togram, information Entropy, 2D Normalized Correlation inability to discern the randomness of images before and (NC), and correlation coefficient (ρ). after image encrypting, and possible inaccurate scores for the synthesized images. However, it cannot be used for universal measures of randomness. To overcome this problem, local 4.1.1. Histogram Analysis. The image histogram is a two- Shannon should be applied. The local entropy is measured dimension statistical curve showing the distribution of Gray by computing the mean of global Shannon entropies over all scales according to their values. Figure 13 shows the original the nonoverlapping blocks of size 1936 pixels in the image. images and their corresponding encrypted images and Table 4 introduces the simulation results of global and local histograms of the original images and their corresponding Shannon entropy found for each image. encrypted images. Analysing the results, the encrypted image’s global en- As seen in Figure 13, we note that the histogram of the tropy value is highly close to the ideal value 8 and the mean resultant encrypted image is uniformly distributed and of local entropy is very important. This indicates that the dissimilarly compared to the histogram of the original image pixels of the cipher image are random. As a result, the in Figure 13 which contains large spikes. Therefore, the proposed system is safe against entropy and statistical at- original image’s pixels and the encrypted image’s pixels are tacks. Table 5 compares the global entropy value with the completely different. existing AES and other encryption algorithms. Our results are more successful than other works which prove the ef- 4.1.2. NC Analysis. The normal correlation (NC) is a per- ficacity of the proposed cryptographic model. formance that evaluates the grade of similitude between two objects. If the original and the encrypted are different, therefore, the correlation factor of the cipher image is well 4.1.4. Correlation Coefficient Analysis. In a clear image, the low or highly close to zero. Results in Table 3 show that the correlation of the adjacent pixels is close to one. Unlike in an NC values are reduced which proves that there is no cor- encrypted image, the adjacent pixels must be not correlated relation between original and ciphered images. As a [35]. Let x and y be two Gray scale values of two adjacent 10 Scientific Programming (a) (b) (c) Figure 11: Standard Lena, Peppers, and Baboon images used for the test. (a) Color Lena.jpg [512 × 512 × 3]. (b) Peppers.jpg [512 × 512 × 3]. (c) Color Baboon.jpg [512 × 512 × 3]. (a) (b) (c) (d) (e) (f ) (g) Figure 12: Seven different medical images chosen for the test. (a) 3D ultrasound baby [625 × 410 × 3]. (b) 3D scanner ankle [1080 × 1920 × 3]. (c) 1D MRI [800 × 600]. (d) 3D X-ray chest [3816 × 2832 × 3]. (e) 3D endoscopy [181 × 278 × 3]. (f ) 3D radiography foot [2400 × 2956 × 3]. (g) 3D CT-scan chest image [800 × 600 × 3]. pixels in the image, and the correlation of the adjacent pixels where E(x) is the expectation of x, D(x) is the estimation of is computed using equations (15)–(18): the variance in x, and cov (x, y) is the estimation of the covariance between x and y. Figure 14 shows the distribu- 1 N tions of 2000 pairs which are randomly selected adjacent E(x) � 􏽘x , (15) pixels of the original and encrypted 3D original medical N i�1 i scanner Ankle image, respectively, in each channel. Table 6 shows the distributions of 2000 pairs which are 1 N 2 randomly selected adjacent pixels of the original and D(x) � 􏽘 x − E x i 􏼁􏼁 , (16) N i�1 i encrypted images, respectively. The results clearly show that the correlation coefficient of the original images is 1 N close to 1, while the encrypted images are close to zeros. In cov(x, y) � 􏽘 x − E(x) yi − E(y)􏼁􏼁, (17) addition, the distribution of adjacent pixels is inconsistent, N i�1 i i.e., there is no correlation between them. This indicates that the algorithm eliminates the correlation of adjacent cov(x, y) pixels in the plain image, and it makes an encrypted image rxy � 􏽰�����􏽰�����, (18) D(x) D(y) with no correlation. The proposed cryptographic method is Scientific Programming 11 5000 1200 4000 1000 800 3000 600 2000 400 1000 200 0 0 0 100 200 0 50 100 150 200 250 13.1 13.2 13.3 13.4 2500 1200 2000 1000 800 1500 600 1000 400 500 200 0 0 0 50 100 150 200 250 0 50 100 150 200 250 13.5 13.6 13.7 13.8 ×104 2 1200 1000 1.5 800 1 600 400 0.5 200 0 0 0 50 100 150 200 250 0 50 100 150 200 250 13.9 13.10 13.11 13.12 ×104 4 1200 1000 3 800 2 600 400 1 200 0 0 0 50 100 150 200 250 0 50 100 150 200 250 13.13 13.14 13.15 13.16 ×106 ×104 4 3 2.5 3 2 2 1.5 1 1 0.5 0 0 0 100 200 300 0 50 100 150 200 250 13.17 13.18 13.19 13.20 ×105 12 10000 10 8000 8 6000 6 4 4000 2 2000 0 0 0 50 100 150 200 250 0 50 100 150 200 250 13.21 13.22 13.23 13.24 (a) Figure 13: Continued. 12 Scientific Programming ×105 ×104 4 5 3 4 3 2 2 1 1 0 0 0 50 100 150 200 250 0 50 100 150 200 250 13.25 13.26 13.27 13.28 ×104 3 2000 2.5 2 1500 1.5 1000 1 500 0.5 0 0 0 50 100 150 200 250 0 50 100 150 200 250 13.29 13.30 13.31 13.32 15000 1500 10000 1000 500 5000 0 0 0 50 100 150 200 250 0 50 100 150 200 250 13.33 13.34 13.35 13.36 12000 250 10000 200 8000 150 6000 100 4000 2000 50 0 0 0 50 100 150 200 250 0 50 100 150 200 250 13.37 13.38 13.39 13.40 (b) Figure 13: Histogram of the original images and their corresponding encrypted images. Table 3: NC results of encrypted images. NC Image Red Green Blue Lena −0.00321 −0.00238 0.00065 Peppers −0.00243 −0.00018 −0.00079 Baboon 0.00274 −0.001912 −0.01348 Ultrasound 0.00065 −0.00042 −0.00036 Scanner ackle −0.0049 0.0035 −0.00276 Endoscopy −0.00047 0.00024 −0.00046 MRI −0.00082 Table 4: Global and local Shannon entropy values of encrypted images. Local Shannon entropy Global Shannon entropy Image Red Green Blue Red Green Blue Lena 7.9548 7.9542 7.9546 7.99988 7.99989 7.99989 Peppers 7.9546 7.9544 7.9549 7.99989 7.99987 7.99986 Baboon 7.9554 7.9553 7.9557 7.99994 7.99989 7.99978 3D ultrasound 7.9557 7.9548 7.9552 7.99999 7.99999 7.99999 3D ankle 7.9563 7.9559 7.9559 7.99999 7.99999 7.99999 MRI 9.9553 7.99988 Scientific Programming 13 Table 5: Comparative study of the average global entropy values. Cryptosystem Lena standard test image Proposed model 7.99988 Existing AES 7.8693 Ref. [3] 7.9993 Ref. [38] 7.99932 Ref. [34] 7.9969 Ref. [35] 7.9989 Ref. [36] 7.9994 Ref. [9] 7.9975 Ref. [6] 7.9998 Ref. [8] 7.9973 Ref. [39] 7.9978 Ref. [40] 7.999329 Proposed 1: 7.998119 Proposed 2: 7.997349 Ref. [12] Proposed 3: 7.997224 Proposed 4: 7.997189 Ref. [13] 7.9980 Ref. [14] 7.9980 Proposed 1: 7.9984 Ref. [15] Proposed 2: 7.9985 Ref. [41] 7.99935 Ref. [42] 7.99935 250 250 250 200 200 200 150 150 150 100 100 100 50 50 50 0 0 0 0 100 200 0 100 200 0 100 200 (a) (b) (c) 250 250 250 200 200 200 150 150 150 100 100 100 50 50 50 0 0 0 0 100 200 0 100 200 0 100 200 (d) (e) (f ) 300 300 300 250 250 250 200 200 200 150 150 150 100 100 100 50 50 50 0 100 200 0 100 200 0 100 200 (g) (h) (i) Figure 14: Continued. 14 Scientific Programming 300 300 300 250 250 250 200 200 200 150 150 150 100 100 100 50 50 50 0 0 0 0 100 200 0 100 200 0 100 200 (j) (k) (l) 300 300 300 250 250 250 200 200 200 150 150 150 100 100 100 50 50 50 0 0 0 0 100 200 0 100 200 0 100 200 (m) (n) (o) 300 300 300 250 250 250 200 200 200 150 150 150 100 100 100 50 50 50 0 0 0 0 100 200 0 100 200 0 100 200 (p) (q) (r) Figure 14: Correlation distribution of the original and cipher 3D original scanner ankle image with color image in horizontal, vertical, and diagonal directions: (a–i) correlation distribution of original images; (j–r): correlation distribution of cipher images. Table 6: ρ values of original image and its corresponding encrypted image with chaos-MAES. Horizontal Vertical Diagonal Image Status Red Green Blue Red Green Blue Red Green Blue Plain 0.989 0.984 0.957 0.979 0.966 0.935 0.967 0.952 0.918 Lena Cipher 0.0007 −0.001 −0.0006 −0.015 −0.008 0.0019 −0.025 0.015 0.0105 Plain 0.969 0.976 0.948 0.963 0.973 0.952 0.950 0.965 0.921 Peppers Cipher −0.036 0.003 −0.034 0.001 −0.068 −0.007 0.013 0.002 0.006 Plain 0.914 0.967 0.983 0.902 0.984 0.991 0.950 0.950 0.913 Baboon Cipher 0.007 0.002 −0.082 −0.015 −0.002 −0.042 0.0019 −0.032 −0.035 Plain 0.898 0.900 0.836 0.972 0.972 0.959 0.978 0.981 0.966 Ultrasound Cipher −0.002 −0.001 −0.009 −0.004 −0.003 −0.001 −0.002 −0.003 −0.002 Plain 0.998 0.998 0.996 0.997 0.998 0.995 0.999 0.999 0.998 Scanner ankle Cipher −0.005 −0.002 −0.01 −0.031 −0.025 −0.006 −0.002 −0.005 −0.017 Plain 0.988 0.988 0.988 0.987 0.986 0.987 0.983 0.982 0.982 Endoscopy Cipher −0.029 −0.076 −0.094 0.001 −0.007 −0.006 0.001 −0.005 0.021 Plain 0.998 0.997 0.995 0.999 0.999 0.998 0.999 0.999 0.998 Radiography foot Cipher −0.031 −0.005 −0.016 −0.003 −0.003 −0.018 −0.004 −0.010 −0.033 Plain 0.9981 0.9971 0.9995 0.9995 0.999 0.999 0.9995 0.9986 0.9987 3D X-ray Cipher −0.024 −0.016 −0.005 −0.007 0.018 0.003 −0.004 −0.033 −0.010 Scientific Programming 15 compared with the existing AES and other methods the suggested algorithm with the existing AES, and some existing in the literature, and results in Table 7 prove that existing works and findings prove that the propound the propound cryptosystem has a better correlation with cryptographic technique has met the desired objective for the smallest coefficients in all directions which prove the resisting differential attacks. effectuality of the algorithm and its capability for resisting statistical attack. 4.3. Randomness Analysis. Random analysis can be achieved using NIST 800-22. The test is useful to test 4.2. Differential Attack Analysis random and Pseudorandom Number Generators [44] to determine whether or not a PRNG is appropriate for data 4.2.1. Keyspace. The keyspace of a safety encryption scheme encryption. The analysis contains 15 tests that assess key should be very large to resist the brute-force attack. In the streams to meet important necessities. It focuses on dif- proposed algorithm, for an initial key Ki, there are 2128 ferent nonrandom aspects that can be found in a key se- dissimilar keys, which are very large. Certainly, the key quence. The test results of 262,144 sequences of 128 bit brute-force attacks are computationally infeasible. generated by the proposed RNG are shown in Table 10. The sequences pass successfully all tests. This demonstrates that 4.2.2. Key Sensitivity. The key sensitivity analysis warrants the generated pseudorandom numbers have good statistical the safety of one cryptographic algorithm. An enhanced properties such as highly unpredictable, random, inde- encryption model should be greatly sensitive to key changes. pendent, and uniformly distributed. Similarly, the suggested model must be resistant to the brute- force attack obtained by large keyspace. To check the en- 4.4. Know Plain Text (KPA) and Chosen Plain Text Attack cryption process, the plain image is encrypted by three (CPA). This kind of attack has been utilized to crack some of various keys: the first is the main key, the second is the same the cryptographic models. In general, an adversary utilizes key with a small change in one bit, and the last is a variance whole black or whole white to discover the possible patterns between the two keys. The finding of three different ciphered in the cryptographic model. Thus, the whole white and images is presented in Figure 15. Similarly, the ciphered whole dark images are ciphered utilizing the suggested image is decrypted by two keys: one is the original key and method. Figure 17 presents the ciphered images and no the other is the modified key. The changed key does not pattern is apparent. The entropy value of images is self-same allow retrieval of the clear image, as seen in Figure 16. As as other images and correlation coefficients are ideal. Ta- result, the suggested model is greatly sensitive to the key ble 11 illustrates the correlation between adjacent pixels and changes. the entropy values of both images. Results prove that the Both Number of Pixels’ Change Rate (NPCR) and system is greatly secure to these kinds of attacks. Unified Average Changing Intensity (UACI) are utilized for the verification of the performance against differential at- tacks. According to [43], only one-bit modification over the 4.5. Robustness against Noise Attack. During the picture clear image can result in a considerable modification in the transmission via the network, the ciphered image can lose encrypted picture. NPCR and UACI parameters are pre- information or can be influenced by noise. Various cryp- sented in equations (19) and (20): tographic systems are sensitive to noise where a small change D(i, j) to the ciphered image can produce a strong distortion into NPCR: N(C1, C2) � 􏽘 ∗ 100%, (19) the deciphered image. Figure 18 shows that the deciphered i,j W∗H images keep the global clear image information for the person’s eye when the ciphered image is affected by Salt and 1 |C1(i, j) − C2(i, j)| pepper noise with various percentages. Thus, the suggested UACI: U(C1, C2) � 􏽘 ∗ 100%, W ∗ H i,j 225 method is robust and resist against noise attack. (20) 5. Discussion where C1 and C2 are the ciphered images, M is the size of images, and D presents the bipolar matrix determined from Through the experimental results, it is shown that the his- C1 and C2. togram of a ciphered image has uniform distribution and the The NPCR measures the pixel number that modifies the correlation between pixels is reduced. The average entropy value in differential attack. The elevated value is considered value of the cipher scanner ankle image with the proposed better. The UACI computes the average variance between algorithm is 7.99999 (close to the ideal value). The variance two paired encrypted images where a minimal value is the of entropy between the propound model and the existing best. Table 8 denotes the NPCR R, G, B and UACI R, G, B AES is 0.13069. Our method augments the entropy by about values for various medical color image sizes using the 18% compared to the standard one. Thus, more randomness propound cryptographic method. Results prove that the can be created. Equally important is that the suggested encryption model has great performance, and it is charac- cryptographic model has an efficient encryption effect, a terized by high sensitivity to small modifications in the clear large keyspace, and it is highly sensitive to key changes. image. Table 9 compares both NPCR and UACI results using Furthermore, findings prove that the proposed model can 16 Scientific Programming Table 7: Comparative study of average correlation coefficient for Lena image. Model Horizontal Vertical Diagonal Proposed system −0.0003 −0.006 0.00014 Existing AES 0.2724 0.2682 0.0765 Ref. [3] −0.0008 0.0016 0.0043 Ref. [38] −0.000483 −0.001001 −0.001015 Ref. [34] 0.0025 0.006207 0.003041 Ref. [35] 0.004639 0.006763 0.010818 Ref. [36] 0.000101 0.00000958 0.000131 Ref [9] 0.0070 −0.0102 0.0030 Ref. [6] −0.000400 −0.0018 0.0001 Ref. [8] 0.001 0.0017 0.0125 Ref. [39] 0.0031 — — Ref. [40] 0.000751 0.001133 0.001253 Proposed 1 : 0.007950 Proposed 1 : 0.007422 Proposed 1 : 0.000139 Proposed 2 : 0.00987 Proposed 2 : 0.009145 Proposed 2 : 0.000697 Ref. [12] Proposed 3 : 0.007768 Proposed 3 : 0.007773 Proposed 3 : 0.000143 Proposed 4 : 0.000914 Proposed 4 : 0.009525 Proposed 4 : 0.000711 Ref. [13] 0.01658 0.01235 0.014566 Ref. [14] 0.006150 0.006687 −0.007019 Proposed 1: −0.00093 Proposed 1: −0.001 Proposed 1: −0.00067 Ref. [15] Proposed 2: −0.0007 Proposed 2: −0.00059 Proposed 2: 0.00093 Ref. [41] 0.0002 −0.0133 −0.0791 Ref. [42] −0.1242 0.0027 0.0022 (a) (b) (c) (d) Figure 15: Test of the key encryption sensitivity. (a) Plain image of 3D ultrasound image, (b) cipher image by the main key, (c) cipher image by the modified key, and (d) the difference between image (b) and (c). (a) (b) (c) (d) Figure 16: Test of the key decryption sensitivity: (a) original image of 3D ultrasound image, (b) cipher image by the right key, (c) decryption by 1 bit key change, and (d) decryption with the right key. resist the noise attack with varied intensity, KPA, CPA, and findings prove that the proposed algorithm requires much differential attacks. The complex PRNG is tested by NIST, less calculation time than the existing AES implemented in and the result proves that it generates a high-quality key. The the hardware device. All in all, results show that a fast (1.34 run time of the proposed scheme is also executed, and Gbit/s) and highly secure data encryption is achieved with Scientific Programming 17 Table 8: Results of NPCR and UACI for various color images. NPCR (%) UACI (%) Image Red Blue Green Red Blue Green 3D ultrasound baby 99.896 99.746 99.799 33.776 33.723 33.697 3D scanner ankle 99.699 99.687 99.898 33.896 33.895 33.678 3D radiography foot 99.698 99.695 99.894 33.798 33.793 33.796 3D CT-scan chest image 99.793 99.659 99.763 33.805 33.898 33.891 Brain image 99.684 33.594 Endoscopy 99.79 99.689 99.89 33.890 33.771 33.642 Table 9: Comparative study of NPCR and UACI tests for Lena image. Image NPCR (%) UACI (%) Proposed algorithm 99.69561 33.81015 Existing AES 0.0779 0.0097 Ref. [3] 99.62 33.41 Ref. [38] 99.6040 33.4614 Ref. [34] 99.6140 33.4805 Ref. [35] 99.6162 33.3979 Ref. [36] 99.61 33.48 Ref. [9] 99.62 33.56 Ref. [6] 99.60 33.48 Ref. [8] 99.50 33.30 Ref. [39] 99.6100 33.5000 Proposed 1 : 99.6253 Proposed 1 : 33.4565 Proposed 2 : 99.6271 Proposed 2 : 33.5589 Ref. [12] Proposed 3 : 99.6188 Proposed 3 : 33.4468 Proposed 4 : 99.6253 Proposed 4 : 33.4565 Ref. [13] 99.6258 33.4586 Ref. [14] 99.6125 33.4164 Proposed 1 : 99.6208 Proposed 1 : 33.4494 Ref. [15] Proposed 2 : 99.61 Proposed 2 : 33.4329 Ref. [41] 99.65950 33.83002 Ref. [42] 99.6315 33.8300 Table 10: Results of NIST 800-22 statistical test for the proposed PRNG. Statistical P value Status Status frequency 0.9015 Pass Block frequency (m � 128) 0.563 Pass Forward cusum 0.648 Pass Reverse cusum 0.672 Pass Runs 0.672 Pass Long runs of ones 0.644 Pass Binary matrix rank 0.523 Pass Spectral DFT 0.892 Pass Nonoverlapping template (m � 9) 0.426 Pass Overlapping template (m � 9) 0.619 Pass Universal 0.473 Pass Approximate entropy (m � 10) 0.456 Pass Random excursions (x � + 1) 0.924 Pass Random excursions’ variant (x � −1) 0.693 Pass Linear complexity (M � 500) 0.586 Pass 18 Scientific Programming (a) (b) (c) (d) Figure 17: (a) All black image, (b) all white dark image, (c) ciphered all black, and (d) ciphered all white. Table 11: Results of entropy and NC for white and black images. NC Image Entropy Red Blue Green All black 0 — — — All black ciphered 7.99977 −0.0027 −0.0036 0.0015 All white 0 — — — All white ciphered 7.99977 0.0065 −0.00145 0.00015 (a) (b) (c) Figure 18: Decrypted 3D medical scanner ankle of size (1080 × 1920 × 3) with Salt and pepper noise: (a) d � 0.005, (b) d � 0.1, and (c) d � 0.5. low power consumption (137.06 mw) and that the crypto- in the NEEK board and great results are gained in terms of system is robust, which makes it suitable to secure medical execution time, area occupation, power consumption, and images in an embedded system. A comparison study is throughput. However, the utilized NIOS II CPU is a rela- performed and the results prove that our algorithm out- tively powerful one amongst embedded processors. The performs other existing work in terms of speed of com- security analysis of our method proves that it is resistant to putation and safety level. known attacks. The entropy, the correlation of adjacent pixels, and the histogram of encrypted images are performed successfully and findings are promising. As future work, we 6. Conclusion and Future Work aim to propose a real-time video security approach that enhances the security of surgical telepresence during surgery An improved cryptographic system that mixes the use of a between the site of surgery (local site) and the site that hosts complex chaos-based PRNG and MAES is proposed in this the expert surgeon (remote site). paper. The complex chaos-based PRNG is put forward to generate a great-quality encryption key. The generated key Data Availability presents high randomness, high entropy, and high com- plexity. In the MAES, the subbytes’ operation is performed The data used to support the findings of this study are in- using four different S-boxes (S-box 1, S-box 2, S-box 3, and cluded within the article. S-box 4) which increases the complexity. In addition, both shift-rows and mix-columns transformations are eliminated Conflicts of Interest and replaced with a random permutation method for more complexity. Only four rounds of encryption are performed The authors declare no conflicts of interest. in a loop that reduces significantly the execution time. The encryption data path processes a complete 32 byte block in Authors’ Contributions parallel, and the total round transformation is executed in a one clock cycle. Thus, only four clocks are needed for the All the authors helped to conceive these simulation ex- entire encryption. The global cryptosystem is implemented periments. Amal Hafsa and Mohamed Gafsi designed and Scientific Programming 19 performed the experiments and have written the main part Hammamet, Tunisia978-1-5386-5305-0/18/$31.00 ©2018, of the manuscript. Amal Hafsa, Mohamed Gafsi, Jihene Hammamet, Tunisia, March 2018. Malek, and Mohsen Machhout contributed to the inter- [15] N. B. Slimane, N. Aouf, K. Bouallegue, and M. Machhout, “An pretation of the results as well as the revision and writing of efficient nested chaotic image encryption algorithm based on the paper. DNA sequence,” International Journal of Modern Physics C, vol. 29, 2018. [16] F. Elgendy, A. M. Sarhan, T. E. Eltobely, S. F. El-Zoghdy, References H. S. El-sayed, and O. S. Faragallah, “Chaos-based model for encryption and decryption of digital images,” Multimedia [1] J. Chen, L. Chen, L. Y. Zhang, and Z.-l. Zhu, “Medical image Tools and Applications, vol. 75, no. 18, pp. 11529–11553, 2015. cipher using hierarchical diffusion and non-sequential en- [17] X. Wang, Y. Zhao, H. Zhang, and K. Guo, “A novel color cryption,” Nonlinear Dynamics, vol. 96, no. 1, pp. 301–322, image encryption scheme using alternate chaotic mapping 2019. structure,” Optics and Lasers in Engineering, vol. 82, pp. 79– [2] S. Kotel, M. Zeghid, A. Baganne, and R. Tourki, FPGA-based 86, 2016. Real-Time Implementation of AES Algorithm for Video En- [18] B. Norouzi and S. Mirzakuchaki, “A fast color image en- cryption, Recent Advances in Telecommunications, Informatics cryption algorithm based on hyper-chaotic systems,” Non- and Educational Technologies, ResearchGate, Berlin, Ger- linear Dynamics, vol. 78, no. 2, pp. 995–1015, 2014. many, 2015, ISBN 978-1-61804-262-0. [19] B. Radu, A. C. Dascalescu, and I. Priescu, “A new hyperchaotic [3] D. S. Laiphrakpam and M. S. Khumanthem, “Medical image map and its application in an image encryption scheme,” encryption based on improved EIGamal encryption tech- Signal Processing: Image Communication, vol. 29, pp. 887–901, nique,” Optik, vol. 147, pp. 88–102, 2017. 2014. [4] M. Elhoseny, G. Ramı́rez-González, O. M. Abu-Elnasr, [20] X.-Y. Wang, Y.-Q. Zhang, and X.-M. Bao, “A colour image S. A. Shawkat, N. Arunkumar, and A. Farouk, “Secure medical encryption scheme using permutation-substitution based on data transmission model for IoT-based healthcare systems,” chaos,” Entropy, vol. 17, no. 6, pp. 3877–3897, 2015. IEEE Access, vol. 6, pp. 20596–20608, 2018. [21] A. Arab, M. J. Rostami, and B. Ghavami, “An image en- [5] Y. Zhang, X. Li, and W. Hou, “A fast image encryption scheme cryption method based on chaos system and AES algorithm,” based on AES,” in Proceedings of the 2th International Con- The Journal of Supercomputing, vol. 75, no. 10, pp. 6663–6682, ference on Image, Vision and Computing, IEEE, Chengdu, 2019. China, June 2017. [22] W. Zhang, K.-w. Wong, H. Yu, and Z.-l. Zhu, “An image [6] S. Toughi, M. H. Fathi, and Y. A. Sekhavat, “An image en- encryption scheme using reverse 2-dimensional chaotic map cryption scheme based on elliptic curve pseudo random and and dependent diffusion,” Communications in Nonlinear Advanced Encryption System,” Signal Processing, vol. 141, Science and Numerical Simulation, vol. 18, no. 8, pp. 2066– p. 217, 2017. [7] G. Hu, D. Xiao, Y. Wang, and X. Li, “Cryptanalysis of a 2080, 2013. chaotic image cipher using Latin square-based confusion and [23] S. Suri and R. Vijay, “An AES–CHAOS-based hybrid ap- diffusion,” Nonlinear Dynamics, vol. 88, no. 2, pp. 1305–1316, proach to encrypt multiple images,” in Proceedings of the 2017. International Conference in Recent Developments in Intelligent [8] A. A. Abd El-Latif and X. Niu, “A hybrid chaotic system and Computing, Communication and Devices, pp. 37–43, Springer, cyclic elliptic curve for image encryption,” AEU-International Shenzhen, China, July 2017. Journal of Electronics and Communications, vol. 67, no. 2, [24] C. Li, G. Luo, K. Qin, and C. Li, “An image encryption scheme pp. 136–143, 2013. based on chaotic tent map,” Journal of Nonlinear Dynamics, [9] H. Liu and Y. Liu, “Cryptanalyzing an image encryption vol. 87, no. 1, pp. 127–133, 2017. scheme based on hybrid chaotic system and cyclic elliptic [25] Y. Qi and C. Wang, “A new chaotic image encryption scheme curve,” Optics & Laser Technology, vol. 56, pp. 15–19, 2014. using breadth-first search and dynamic diffusion,” Interna- [10] S.-S. Yu, N.-R. Zhou, L.-H. Gong, and Z. Nie, “Optical image tional Journal of Bifurcation and Chaos, vol. 28, p. 1850047, encryption algorithm based on phase-truncated short-time 2018. fractional Fourier transform and hyper-chaotic system,” [26] M. Gafsi, N. Abbassi, M. Ali Hajjaji, J. Malek, and A. Mtibaa, Journal of Optics and Laser Technology, vol. 124, 2020. “Improved chaos-based cryptosystem for medical image [11] C. Xiuli, Z. Jitong, G. Zhihua, and Z. Yushu, “Medical image encryption and decryption,” Journal of Scientific Program- encryption algorithm based on Latin square and memristive ming, vol. 2020, Article ID 6612390, 22 pages, 2020. chaotic system,” Multimedia Tools and Applications, vol. 78, [27] S. Ibrahim and A. Alharbi, Efficient Image Encryption Scheme p. 3541935453, 2019. Using Henon Map, Dynamic S-Boxes and Elliptic Curve [12] N. Ben Slimane, K. Bouallegue, and M. Machhout, “Designing Cryptography, IEEE Access, Piscataway, NJ, USA, 2020. a multi-scroll chaotic system by operating Logistic map with [28] J. Pratt, “Marshall medical center brings in new technology,” fractal process,” Nonlinear Dynamics, vol. 88, no. 3, 2012, https://www.mtdemocrat.com/special-sections/medical-gu pp. 1655–1675, 2017. ide-2012/marshall-medical-centerbrings-in-new-technology/. [13] N. Ben Slimane, N. Aouf, K. Bouallegue, and M. Machhout, [29] M. L. Mat Kiah, S. H. Al-Bakri, A. A. Zaidan, B. B. Zaidan, and “A novel chaotic image cryptosystem based on DNA sequence M. Hussain, “Design and develop a videoconferencing operations and single neuron model,” Multimedia Tools and framework for real-time telemedicine applications using se- Applications, vol. 77, no. 23, pp. 30993–31019, 2018. cure group-based communication architecture,” Journal of [14] N. Ben Slimane, N. Aouf, K. Bouallegue, and M. Machhout, Medical Systems, vol. 38, no. 133, pp. 133–144, 2014. “Hash key-based image cryptosystem using chaotic maps and [30] X. Zhang and W. Chen, “A new chaotic algorithm for image cellular automata,” in Proceedings of the 15th International encryption,” International Conference on Audio, Language Multi-Conference on Systems, Signals & Devices (SSD), and Image Processing, vol. 4, no. 3, pp. 889–892, 2008. 20 Scientific Programming [31] FIPS PUB 197: Advanced Encryption Standard (AES). Computer Security Standard, Cryptography, 2001. [32] A. Hafsa, N. Alimi, A. Sghaier, and M. Machhout, “A hardware-software Co-designed AES-ECC cryptosystem,” in Proceedings of the IEEE International Conference on Advanced Systems and Electric Technologies IC ASET, Hammamet, Tunisia, January 2017. [33] P. Hämäläinen, M. Hännikäinen, and T. D. Hämäläinen, “Review of hardware architectures for advanced encryption standard implementations considering wireless sensor net- works,” SAMOS, vol. 4599, pp. 443–453, 2007. [34] J. Liu, Y. Ma, S. Li, J. Lian, and X. Zhang, “New simple Chaotic System and its application in medical image encryption,” Multimedia Tools and Applications, vol. 4, pp. 1–22, 2018. [35] Z. Lin, J. Liu, J. Lian, Y. Ma, and X. Zhang, “A novel fast image encryption algorithm for embedded systems,” Multimedia Tools and Applications, vol. 78, pp. 20511–20531, 2019. [36] Y. Bentoutou, E.-H. Bensikaddour, N. Taleb, and N. Bounoua, “An improved image encryption algorithm for satelite ap- plication,” Advances in Space Research, vol. 66, 2020. [37] A. Hafsa, N. Alimi, A. Sghaier, and M. Machhout, “An im- proved co-designed AES-ECC cryptosystem for secure data transmission,” International Journal of Information and Computer Security (IJICS), vol. 13, 2020. [38] Y. Zhang, “The unified image encryption algorithm based on chaos and cubic S-Box,” Information Sciences, vol. 450, pp. 361–377, 2018. [39] Y. Yao, W. Zhang, and N. Yu, “Inter frame distorsion drift analysis for reversible data hiding in encrypted H.264/AVC video bitstreams,” Signal Process, vol. 132, pp. 19–28, 2017. [40] C.-H. Yang, H.-C. Wu, and S.-F. Su, Implementation of En- cryption Algorithm and Wirless Image Transmission System on FPGA, IEEE Access, Piscataway, NJ, USA, 2019. [41] M. Gafsi, M. Ali Hajjaji, J. Malek, and A. Mtibaa, “Efficient encryption system for numerical image safe transmission,” Journal of Electrical and Computer Engineering, vol. 2020, Article ID 8937676, 12 pages, 2020. [42] M. Gafsi, S. Ajili, M. Ali Hajjaji, J. Malek, and A. Mtibaa, “High securing Cryptography system for digital image transmission,” Smart Innovation: Systems and Technologies, Springer, vol. 146, pp. 311–322, 2020. [43] Y. Wu, “NPCR and UACI randomness tests for image en- cryption, Cyber journals: multidisciplinary journals in science and technology,” Journal of Selected Areas in Telecommuni- cations (JSAT), vol. 31–38, 2011. [44] A. Melo, P. Bezerra, E. Cerqueira, and G. Antônio Jorge, “Abelém chapter 11: PriorityQoE: Atool for improving the QoE in video streaming,” Intelligent Multimedia Technologies for Networking Applications: Techniques and Tools, IGI Global, Hershey, PA, USA, 2013.