A Color Image Encryption Method Based on Dynamic Selection Chaotic System and Singular Value Decomposition

Abstract

As the basis for guiding business process decisions, flowcharts contain sensitive information pertaining to process-related concepts. Therefore, it is necessary to encrypt them to protect the privacy or security of stakeholders. Using the principles of image singular value decomposition, chaotic system randomness, and neural network camouflage, a business flow chart encryption method based on dynamic selection chaotic system and singular value decomposition is proposed. Specifically, a dynamic selected chaotic system is constructed based on the nonlinear combination of one-dimensional chaotic system Logistics and Sine, and its randomness is verified. Next, using the neural network, the process image is merged into a gray matrix. The double-bit unitary matrix scrambling based on singular value decomposition is then proposed. Subsequently, using the dynamic selected chaotic system, a new sub-division diffusion method is proposed, which combines, diffuses, and performs weighted superposition to generate a matrix after diffusion and compression. Finally, the asymmetric encryption method encrypts the color image and reduces its dimensionality into a single grayscale ciphertext, and the decryption process is not the reverse of the encryption process. Simulation results and performance analysis show that the proposed image encryption scheme has good encryption performance.

1. Introduction

With the rapid development of the Industrial Internet, effective management of business processes is playing an increasingly important role in organizational development [1]. For example, the need for fast information transfer and decision-making between organizations requires adaptability to rapid changes in information, increased competition, and shortened cycles. Effective business process management (BPM) [2] relies on continuously updated and improved business processes, relying heavily on business process modeling techniques and methods. Business process modeling produces a business process diagram, usually represented in a graph-based process modeling notation [3]. Business process diagrams provide a means for standardized and effective communication between process stakeholders and analysts in a visual manner. They represent an important part of business process management activities and support the understanding and optimization of an organization’s business processes, including process analysis, process optimization, process realization, process monitoring, process-related communication, and process automation [4]. Business flow charts take on various forms depending on the modeling language used, such as business process model and notation (BPMN) [5], Petri Nets [6], Unified Modeling Language 2.0 Activity Diagrams (UML AD) [7], Event-driven Process Chains (EPC) [8], Yet Another Workflow Language (YAWL) [9], etc. For example, as shown in Figure 1, in the business process life cycle, the business process model plays a crucial role. Additionally, business process diagrams include all elements related to individuals or organizations involved in the process (such as control flow, events, resources, roles, participants, functions, organizations, data information, hierarchy, behavior relationships, etc.). Figure 2 shows a BPMN diagram of a hospital outpatient clinic, which not only contains the personal privacy information of the patient during the treatment process but also contains the behavioral relationship between the patient and the doctor. Therefore, business flowcharts not only contain sensitive data of individuals or organizations, but also behavior-sensitive information [10,11]. However, their privacy and security in the BPM life cycle are often ignored.

To meet the above challenges, based on image encryption technology, the protection of business flow charts is realized. With the continuous development of information technology and image sensors, image encryption is a hot research topic in the field of image processing [12]. Due to the characteristics of the true-color RGB images of business flow charts, they has the characteristics of a strong correlation and redundancy between adjacent pixels, a large data capacity, a high encryption difficulty, and a low encryption efficiency of the color image. Traditional block encryption algorithms such as AES, DES, IDEA, and RSA [13] are no longer considered very effective methods when encrypting large-size images. In recent years, color images are processed, which involves directly converting the image from color to grayscale or decomposing it into three channels through grayscale image processing and vectorization [14]. Part of the information will be lost, or the correlation between the information will be ignored, and overall multi-channel processing cannot be realized. Therefore, it is very important to propose a safe and effective image encryption algorithm to overcome these problems. Due to its sensitivity to the initial value of the chaotic sequence, pseudo-randomness, aperiodicity, and ergodicity, the chaotic system meets the basic requirements of cryptography and has become the main method of image encryption in recent years [15].

Chaotic systems produce deterministic but highly unpredictable values, which can provide a huge advantage to encrypted systems. In recent years, many studies on image encryption have been carried out using chaotic systems. Chen et al. [16] developed a new encryption algorithm based on chaotic systems and proposed an image encryption architecture that provides a combination of scrambling and diffusion. Sachin et al. [17] developed an asymmetric encryption algorithm based on biological mutation operations. Zhou et al. [18] designed a new image encryption cryptosystem based on real random numbers and a chaotic system. Ye et al. [19,20,21] promoted a three-dimensional chaotic map that resists brute force attacks effectively, enhances the dynamic performance of chaos, reaches a larger key space, and has powerful plaintext sensitivity. However, considering the strict requirement for timeliness in the business process background, a one-dimensional chaotic map was employed. A comparison with traditional algorithms proved that the chaos-based system encryption method has a higher security level and lower computational load [15,22]. When the chaotic encryption algorithm encrypts images, the most widely used encryption method is still a combination of scrambling and diffusion. That is, the scrambling of pixel locations is combined with the diffusion of pixel values during encryption. Rehman et al. [23] propose a two-fold confusion image encryption scheme, which is suitable for block mode and is highly robust against statistical and differential attacks. However, the traditional scrambling algorithm only obfuscates the pixel positions of the original image or only obfuscates the bits, which is not comprehensive enough to defend against various attacks. And usually, only one round of pixel value diffusion is performed, and the encrypted ciphertext is easily attacked to crack the plaintext image. The selective encryption system based on singular value decomposition is applied to intelligent traffic management to improve system processing capacity and reduce overhead [24]. Among them, the singular value of the image matrix corresponds to the energy of the image, and the left and right singular vector matrices correspond to the image texture and details, respectively. The singular value decomposition of images is beneficial to the implementation of selective encryption schemes for images. Ye et al. [25] proposed a fast image encryption scheme based on public key cryptosystem and a quantum logic map. In a variety of encryption algorithms, the encryption key is usually generated independently of the plaintext, and the widespread use of symmetric encryption allows decryption to be performed only using the encryption key (public key) in reverse. Although this accelerates the efficiency of image encryption and decryption, its security is not high enough.

Therefore, this research aims to propose an asymmetric image encryption algorithm with high security and effectiveness based on the randomness of dynamic selection chaotic systems and the principle of image singular value decomposition, with the assistance of a BP neural network. Firstly, a new chaotic system with high randomness, real-time, and wide key space is constructed, and its randomness is verified. Secondly, the BP neural network is used to learn and update the three channels of the color image to generate three new channels. Then, a unidirectional asymmetric decomposition algorithm, the new three-channel merged singular value decomposition (SVD), is proposed. The non-uniqueness of the singular value decomposition increases the key space, and the key generated through pre-computation in the three-pass encryption process is used as the decryption key (private key). The calculation of the chaotic sequences is closely related to the original image information, and different original images produce different encrypted sequences. The three encrypted parts are all gray-level ciphertexts with fixed white-noise distribution, which are camouflaged to a certain extent. Therefore, an asymmetric cryptosystem generates a private key during the encryption process and uses different keys for different plaintexts to avoid known public key attacks and specific attacks. Finally, a double-bit confuse algorithm and part-by-part diffusion algorithm are proposed. The singular value decomposition image processing method is combined with the chaotic system image encryption method. Finally, the original color image information is reduced in dimensionality and hidden in a gray image, which not only completely hides the color texture information of the image, but also facilitates storage and rapid transmission. Overall, compared to the above studies, the advantages of the method proposed in this study are as follows: Firstly, a dynamic selection chaos system is constructed based on two one-dimensional chaotic systems, Logistic and Sine, which not only combines the advantages of the high computational efficiency of one-dimensional chaotic systems, but also improves the shortcomings of one-dimensional chaotic systems, improves the key space, and has high randomness. Secondly, the scheme adopts an asymmetric encryption scheme, and the decryption scheme combines public and private keys to solve the problem of key issuance and management. Finally, the proposed scheme uses singular values to decompose the features of the image and matrix features to closely link the initial parameters of the chaotic system with the plaintext image. This has the advantage of facilitating the special key process of obtaining each image, ensuring that the proposed encryption scheme is sensitive enough to the plaintext to effectively resist plaintext attacks.

The second section of this paper constructs a new dynamic selection chaotic system, analyzes its randomness, and briefly summarizes the image singular value decomposition and neural network. In the third section, an image encryption and decryption method based on singular value decomposition and dynamic selected chaotic systems is proposed. The fourth section is the experiment verifies the performance of the algorithm, the application of the proposed image encryption algorithm in the business flow chart, and performs security analysis. Summary of Section 5.

2. Related Work

In this section, firstly, based on different nonlinear combinations of the one-dimensional chaotic systems Logistic [26] and Sine [27], a dynamic selected chaotic system is constructed and its time series randomness is verified. The high randomness of chaotic sequences is of great significance for chaotic image encryption. Secondly, the basic concepts of image singular value decomposition and BP neural networks are briefly introduced.

2.1. Dynamic Selected Chaotic System and Its Randomness Analysis

2.1.1. Chaotic System

We define a dynamic selected chaotic discrete nonlinear dynamical system using Formula (1):

$$\left\{\begin{array}{l}{x}_{n+1}=4x_n(1-x_n)\hfill \\ y=\left\{\begin{array}{cc}1& x_{n+1}\le 0.5\\ 0& x_{n+1}>0.5\end{array}\right.\hfill \\ S(z)=\left\{\begin{array}{cc}L-LSS& y=1\\ S-LSS& y=0\end{array}\right.\hfill \end{array}\right.$$

(1)

Here, $L-LSS$ and $S-LSS$ are two different combination forms of the nonlinear combination of Logistic and Sine of the one-dimensional chaotic system [28], and their Kinetics inherit the LSS system.

The nonlinear combination of the one-dimensional chaotic system is: $x_{n+1}=\mathrm{mod}(G(c,(T(a,x_n)+F(b,x_n))),1)$ [28]. Here, $G(c,x_n)$, $T\left(a,x_n\right)$ and $F\left(b,x_n\right)$ are one-dimensional chaotic systems, $a$, $b$, and $c$ are system parameters, $\mathrm{mod}$ is the modulo operation, and $n$ is the number of iterations. Therefore, two new one-dimensional chaotic systems generated by Logistic and Sine are shown in (2) and (3):

① $L-LSS$(Logistic-Logistic Sine System):

$$x_{n+1}=u\left\{\mathrm{mod}\left(\left(u_1{x}_n\left(1-x_n\right)+\left(4-u_1\right)\sin \left(\pi x_n\right)/4\right),1\right)\right\}\cdot \left\{1-\mathrm{mod}\left(\left(u_1{x}_n\left(1-x_n\right)+\left(4-u_1\right)\sin \left(\pi x_n\right)/4\right),1\right)\right\}$$

(2)

② $S-LSS$(Sine-Logistic Sine System):

$$x_{n+1}=u\cdot \sin \left\{\left(\left(u_2{x}_n\left(1-x_n\right)+\left(4-u_2\right)\sin \left(\pi x_n\right)/4\right)\mathrm{mod}1\right)\cdot \pi \right\}/4$$

(3)

where $u=4$ is a fixed value, $u_{1,2}\in \left[0,4\right]$ are in a chaotic state, and there is no periodic window.

2.1.2. Randomness Analysis

In this section, the randomness of the dynamic selection chaotic system is verified using a frequency test, balance analysis, Lyapunov index, sample entropy, and random distribution bubble diagram.

• Frequency Test (FT)

The frequency test judges the random performance of the sequence by counting the number of 0s and 1s in the random sequence [22]. If the random performance of the sequence is good, the number of 0s and 1s in the sequence tends to be equal. Assuming that the sequence length is $n_{}$ and the numbers of 0s and 1s in the sequence are $n_0$ and $n_1$, respectively, the frequency test formula is: ${\epsilon }^2=\frac{{\left(n_0-n_1\right)}^2}{n^2}$.

Corresponding to a significance level of 5%, compared with ${\epsilon }_1^2$ distribution with one degree of freedom, the value of ${\epsilon }_1^2$ is 3.84. In other words, if the ${\epsilon }_{}^2$ value of the constructed dynamic choice chaotic system is less than 3.84, the randomness of the sequence is good. When the initial value of $x_0$ is $\left\{0.1,0.2,0.3,0.4,0.6,0.7,0.8,0.9,1,2,3,4\right\}$, multiple random sequences with a length of 4000 are generated and binarized. The frequency test results are shown in

Table 1. Frequency test.

${\mathit{x}}_0$	${\mathit{n}}_0$	${\mathit{n}}_1$	${\mathit{\epsilon }}^2/{10}^{-3}$
0.1	2100	1900	2.5
0.2	2065	1935	1.1
0.3	2069	1931	1.2
0.4	2058	1942	0.84
0.6	2053	1947	0.70
0.7	2069	1931	1.2
0.8	2072	1928	1.3
0.9	2052	1948	0.68
1	2041	1959	0.42
2	2109	1891	3
3	2037	1963	0.34
4	2093	1907	2.2

. It can be seen from Table 1 that the ${\epsilon }_{}^2$ value of the sequence is much smaller than 3.84.

2.

Balance Analysis

By calculating the ratio of the difference between the number of 0s and 1s in the binary sequence to the length of the sequence, the balance degree can more intuitively represent the random performance of the sequence [29,30]. The smaller the value of the balance degree, the better the randomness of the sequence, and vice versa. Suppose the length of the sequence is $n_{}$, and the number of 0s and 1s in the sequence are $n_0$ and $n_1$, respectively, then the formula for calculating the balance degree of the sequence is: $E_n=\frac{\left|n_0-n_1\right|}{n}$.

The range of the initial value $x_0$ of the sequence is $x_0\in \left[0,1\right]$, and the division interval is 0.01. Multiple random sequences with a length of 4000 are generated and binarized. The obtained sequence balance is shown in Figure 3. As shown in Figure 3, as the initial value of the sequence changes, the balance degree becomes very close to 0.

3.

Lyapunov Index

The Lyapunov index is used to analyze whether a system is chaotic. If the system is in a chaotic state, the Lyapunov exponent is greater than 0. The larger the exponent is, the more significant the chaotic features are, and its calculation formula is shown in Formula (4). The largest Lyapunov index (LIE) is one of the important parameters to judge whether a time series is a chaotic sequence [31].

$$\lambda =\underset{n\to \infty }{\lim }\frac{1}{n}{\displaystyle \sum _{n=0}^{n-1}\ln \left|\frac{d(f(x_n,\mu )}{dx}\right|}$$

(4)

The calculated LIE value of the dynamic selected chaotic system is shown in

Table 2. LIE values.

Source of Chaos Sequence	LIE
Henon system	0.4192
Hyperchaotic Lorenz System	0.3381
$S(z)$	2.8735

. The LIE values of the sequences in Table 2 are all greater than 0, and the LIE values of the dynamic selected chaotic system are greater than those of the Henon and hyperchaotic Lorenz system sequences.

4.

Sample entropy (SampEn)

In addition to the commonly used Lyapunov exponent and dimension to measure the random characteristics of chaotic systems, scholars have proposed using sample entropy [30] to describe the complexity and randomness of sequences generated by dynamic systems. Sample entropy comes from approximate entropy. The more complex the sequence generated by the dynamic sequence, the greater the sample entropy value; that is, the greater the randomness of the sequence. Compared with the Lyapunov index, the approximate entropy is less dependent on the data length. SampEn can be used for small data samples ($n<50$) and can realize real-time calculations and strong anti-noise abilities. The sample entropy of the one-dimensional chaotic systems, Logistic, Sine, Chebyshev, Tent, LSS, and $S(z)$, were calculated, and the results are shown in

Table 3. Chaotic system SampEn.

	Chaotic System	SampEn
1	Logistic	0.6402
2	Sine	0.6236
3	Chebyshev	0.7011
4	Tent	0.5381
5	LSS	0.6203
6	$S(z)$	1.2890

. It can be seen from Table 3 that the SampEn value of the dynamic selected chaotic system is larger than that of the traditional one-dimensional chaotic system, Logistic, Sine, Chebyshev, and Tent. After the S-LSS and L-LSS are dynamically selected through the dynamic selection chaotic system, the new sequence is more random than the original LSS.

5.

Random distribution Bubble Chart

According to the dynamic selection chaotic system defined in this paper, the initial value of $x_0=0.2983$ and parameters $u=4$, $u_1=3.9$, $u_2=3.95$ are used to generate a random sequence with a length of 4000. The distribution is shown in Figure 4. The chaotic sequence generated by the dynamic selection chaotic system is approximately uniform and randomly distributed in the interval.

Therefore, based on the above frequency test, balance analysis, Lyapunov index, sample entropy, and random distribution bubble map verification, it can be seen that the randomness of the dynamic selection chaotic system is good, and its randomness meets the requirements of chaotic image encryption.

2.1.3. Sequence Homogenization

• Homogenization treatment

For the traditional one-dimensional chaotic systems, Logistic, Sine, Tent, Chebyshev, LSS, $S(z)$, sequence samples with a length of 4000 are generated. The histogram of the sequence distribution is shown in Figure 5 through statistical analysis. Based on the randomness analysis in Section 2.1.2, the randomness of the dynamic selection chaotic system is good. However, it can be seen from (1) and (2) in Figure 5 that the uniformity of the dynamic selected chaotic system is similar to other chaotic systems and has not been improved, and its uniformity inherits the characteristics of the LSS system. The sequence is homogenized by adopting the method $y=\frac{2}{\pi }\arcsin \sqrt{x}$ in [32]. The sequence distribution histogram after sequence homogenization is shown in (3) in Figure 5. The sequence uniformity has been greatly improved, and the overall distribution is uniform on $\left[0,1\right]$.

2.

Sequence uniformity verification

According to the uniform distribution function in probability theory, if a random sequence is uniformly distributed, it should satisfy Formula (5):

$$f(x)=\left\{\begin{array}{cc}\frac{1}{b-a}& a<x<b\\ 0& other\end{array}\right.$$

(5)

Therefore, the calculation formulas of sequence expectation $E(x)$ and variance $D(x)$ are: $E(X)={\displaystyle {\int }_{-\infty }^{+\infty }xf(x)dx}$, $D(X)=E(X^2)-E{(X)}^2$.

For chaotic systems, the domain of definition is $\left[0,1\right]$, ie $a=0$, $b=1$. By substituting the expected variance formulas $E(x)$ and calculating the theoretical expectation and variance of the sequence, the true expectation and variance of the dynamic selected chaotic sequence are determined after homogenization. The results are shown in

Table 4. Sequence expectation and variance.

	Theoretical	Original Sequence	True Value
Variance	0.0833	0.1264	0.0849
Expectant	0.500	0.4823	0.4846

. It can be seen from the results that the difference between the theoretical value and the real value of sequence expectation and variance is very small; that is, the dynamic selected chaotic sequence after homogenization satisfies the uniform distribution.

2.2. Singular Value Decomposition

For image singular value decomposition, any $m\times n$ matrix $A$ can be decomposed into: $A=U\mathsf{\Sigma }{V}^T$ [33].

Here, $U$ is a unitary matrix of M order satisfying $U^{T}U=I$, and $V$ is a unitary matrix of N order satisfying $V^{T}V=I$. $\mathsf{\Sigma }$ is a diagonal matrix of the size $m\times n$ known as the singular value matrix of matrix $A$. Where ${\left(\mathsf{\Sigma }\right)}_{ii}={\sigma }_i$, the elements in the other positions of the matrix are all 0, and ${\sigma }_i$ is a non-negative real number that satisfies ${\sigma }_1\ge {\sigma }_2\ge \dots \ge 0$. After the singular value decomposition of the image matrix, the left and right unitary matrices correspond to the texture and details of the image, respectively, and the singular values correspond to the image energy.

2.3. BP Neural Network

The BP neural network is a multi-layer network for weight training of nonlinear differentiable functions [34]. It consists of three parts: the input layer, the hidden layer, and the output layer, as shown in Figure 6. The data is input from the input layer, normalized, weighted, and transmitted to the second layer, the hidden layer. The hidden layer performs weight summing, transformation, and transfers the data to the output layer. The output layer gives the predicted value of the neural network. Both hidden-layer and output-layer neurons use the Sigmoid function: $sigmoid(x)=\frac{1}{(1+e^{(-x)})}$.

3. Image Encryption and Decryption Methods

Based on dynamic selection chaotic systems, singular value decomposition, neural networks, and scrambling diffusion image encryption frameworks, this section proposes a double-bit unitary matrix scrambling method and a sub-division diffusion method to reduce the dimensionality of color images and generate grayscale ciphertext images.

3.1. Image Encryption Algorithm Framework

The image encryption method in this paper is mainly divided into three parts: preprocessing, scrambling, and diffusion. The process is shown in Figure 7. The system parameters in the dynamic selected chaotic encryption algorithm are closely related to the plaintext, and different keys will be generated for different plaintext images. First, the color plaintext image is preprocessed into a grayscale image through BP neural network learning, and its singular value is decomposed into three parts. Then, the double-bit scrambling method is used to perform two rounds of bit position scrambling on the two unitary matrices. Finally, through multiple dynamic selected chaotic sequences, four rounds of diffusion and fusion are performed on the matrix after singular value decomposition, then weighted compression is further performed to generate a gray-level ciphertext matrix.

3.2. Preprocessing

The original image is preprocessed before encryption; that is, the three-channel color image is converted into a grayscale image using a BP neural network. For the color image A to be encrypted, the image distribution can be expressed as $A_{\left(x,y\right)}$, and its three primary color components can be expressed as $A_{R\left(x,y\right)}$, $A_{G\left(x,y\right)}$, and $A_{B\left(x,y\right)}$.

Step 1. For the original color image $A_{\left(x,y\right)}$, first decompose the three channels, red, green and blue, which are $A_{R\left(x_i,y_i\right)}$, $A_{G(x_i,y_i)}$ and $A_{B(x_i,y_i)}$. Then, BP neural network learning is performed on each channel to generate new three channels: $g_{R\left(x_i,y_i\right)}$, $g_{G(x_i,y_i)}$, and $g_{B(x_i,y_i)}$ to replace the original image color channel. The number of hidden layers of the neural network is set at 15, and the number of training steps is set at 50.

Step 2. Connect the three spectra obtained through preprocessing and make numerical adjustments to obtain a grayscale ciphertext, which is given in Formula (6).

$$B_{\left(x,y\right)}=\frac{g_{R\left(x,y\right)}{g}_{G\left(x,y\right)}{g}_{B\left(x,y\right)}}{16\times {10}^8}$$

(6)

Step 3. Perform singular value decomposition on B, as shown in Formula (7):

$$\left[U_{\left(x,y\right)}{S}_{\left(x,y\right)}{V}_{\left(x,y\right)}\right]=svd\left[B_{\left(x,y\right)}\right]$$

(7)

Three matrices are obtained from the preprocessing calculation: $U_{m\times m}$, $S_{m\times n}$, and $V_{\mathrm{n}\times \mathrm{n}}$. Then, the position values of the negative elements are saved in the matrix $U_{m\times m}$ and $V_{\mathrm{n}\times \mathrm{n}}$ in sequence $T_s$ and $T_d$, respectively. Furthermore, the upper three digits of the element values of sequences $T_s$ and $T_d$ are saved in sequences $T_{s_1}$ and $T_{d_1}$, and the lower three digits are saved in sequences $T_{s_2}$ and $T_d$, respectively. The lengths of sequences $T_s$ and $T_d$ are both less than $m^2$. Both $T_s$ and $T_d$ are saved as decryption keys (private keys) and sent to the process analyst.

Note that the method mainly discusses the color image encryption process; if encryption of the grayscale images is required, skip steps 1 and 2 in preprocessing.

3.3. The Double-Bit Scrambling Method of the Unitary Matrix

This section is based on the double-bit scrambling method to scramble the unitary matrix after singular value decomposition of the image. Section 3.3.1 proposes a double-bit scrambling method, and Section 3.3.2 proposes unitary matrix scrambling.

3.3.1. Double-Bit Scrambling Method

The double-bit scrambling method of the matrix is mainly divided into two steps. ① Digital scrambling: First, the matrix elements are divided into three matrices according to the order of magnitude, the one-digit matrix, the tens-digit matrix, and the hundreds-digit matrix. Then, all the elements of the three matrices are converted into four-bit binary bit values, respectively, resulting in the generation of three four-bit binary bit value matrices in total. Secondly, the elements of the bit matrix are grouped, and four binary numbers are grouped into a group. According to the defined replacement rules, each group replaces all binary values in turn, and finally transforms them into three new bit value matrices. Finally, the newly generated three matrices are merged and reorganized in order into a new decimal value matrix. For example, the matrix scrambling and updating process in Figure 8a. ② Bit scrambling: First, each matrix element of the newly generated decimal value matrix is converted into an eight-bit binary number and grouped. Two binary numbers form a group. Then, according to the defined corresponding rules, all the binary values are replaced in turn for each group. Finally, the globally scrambled bit value matrix is grouped according to the rules. Eight binary values comprise a group, and the matrix calculation is restored to decimal to regenerate a new pixel value matrix. An example of the bit scrambling and updating process is shown in Figure 8b.

The double-bit scrambling method meets the requirements of double global scrambling, which not only removes the correlation between elements and positions in the matrix, but also changes the element value of each position, which can fully scramble the matrix elements and meet the image scrambling encryption requirements.

3.3.2. Unitary Matrix Double-Bit Scrambling Method

Step 1: First bit scrambling. Define the binary correspondence rules, as shown in Figure 9, and perform bit scrambling on unitary matrices $U_{\mathrm{m}\times \mathrm{m}}$ and $V_{\mathrm{n}\times \mathrm{n}}$ to obtain ${U^{\prime }}_{m\times m}$ and ${V^{\prime }}_{\mathrm{n}\times \mathrm{n}}$, respectively.

Matrices $U$ and $V$ are decomposed into three matrices $U_b$, $U_s$, and $U_g$ and $V_b$, $V_s$, and $V_g$, respectively, according to the order of magnitude. These six decimal one-digit matrices are converted element-wise into four-bit binary element matrices. Secondly, the binary values of the matrix elements are sequentially replaced according to the corresponding rules shown in Figure 9 to obtain a new matrix of six binary bits. Then, the element values of the six binary bit matrices are grouped, respectively, and four binary values constitute a group. The groups are converted into a new six-decimal one-digit matrix. Finally, the matrix is updated to a matrix ${U^{\prime }}_{m\times m}$ and ${V^{\prime }}_{\mathrm{n}\times \mathrm{n}}$ of two decimal values in numerical order.

Step 2: Double-bit scrambling. For the matrix after one round of scrambling, use the new bit scrambling method shown in Figure 10 to update the values of matrices ${U^{\prime }}_{m\times m}$ and ${V^{\prime }}_{\mathrm{n}\times \mathrm{n}}$.

First, the two matrices after the first bit scrambling are converted element-wise into eight-bit binary value matrices. Secondly, they are converted into two binary number sequences whose lengths are $8m^2$ and $8n^2$. Then, the two sequences are grouped separately, with the two binary numbers comprising a group. The sequences are divided into $4m^2$ and $4n^2$ groups, respectively. Secondly, the grouped binary arrays are scrambled according to the scrambling corresponding rules shown in Figure 10, and each group of binary values is replaced in turn to obtain new $4m^2$ and $4n^2$ groups of binary values, respectively. Finally, the sequence is restored to two matrices with sizes $8m\times m$ and $8n\times n$, and the newly generated two binary value matrices are restored to two decimal value matrices; that is, the scrambled matrices ${U^{\prime }}_{m\times m}$ and ${V^{\prime }}_{\mathrm{n}\times \mathrm{n}}$ are obtained.

3.4. Diffusion

Since the singular value decomposition decomposes the image into three special matrices with different image characteristics and some classical image diffusion methods diffuse the pixel values of a known matrix, it is no longer applicable to the three matrices to be diffused in this paper. Therefore, a new sub-division diffusion method is proposed, which diffuses the three singular value decomposed matrices part-by-part and finally merges them into a matrix with a size of $m\times n$.

• Diffusion sequence preparation

Step 1: Matrix deformation. Scan the singular matrix $S_{m\times n}$ from top to bottom and from left to right and select the non-zero elements in it. If there are not enough $m$ elements, fill in zeros to obtain a set of sequence $P=\left\{p_1,p_2,\cdots ,p_m\right\}$. This can be known from the matrix singular value decomposition property, where $p_j\ge 0,j\in \left[1,m\right]$. Then, scan the scrambled matrices ${U^{\prime }}_{m\times m}$ and ${V^{\prime }}_{n\times n}$ from top to bottom and from left to right to obtain two sets of sequences $Q_1=\left\{q_{11},q_{12},\cdots ,q_{1n^2}\right\}$ and $Q_2=\left\{q_{21},q_{22},\cdots ,q_{2n^2}\right\}$.

Step 2. Calculate the initial key of the chaotic system according to the different matrices generated in the encryption process. The parameters and initial values of the dynamic selected chaotic system are calculated from the values of the matrix elements, and the calculation methods are shown in Formulas (8) and (9):

$$u=3.6+0.3\times \frac{\sqrt{⌊\frac{1}{mn}⌋{\displaystyle \sum _{i=1}^m{\displaystyle \sum _{j=1}^n{g}_{ij}}}\times ⌈{\displaystyle \sum _{i=1}^m{\displaystyle \sum _{j=i}^n{g^{\prime }}_{ij}\times {10}^{-3}}}⌉}}{255}$$

(8)

$$x_0=\frac{⌈{\displaystyle \sum _{i=1}^m{\displaystyle \sum _{j=i}^n{g^{\prime }}_{ij}\times {10}^{-3}}}⌉+⌊\frac{1}{mn}⌋{\displaystyle \sum _{i=1}^m{\displaystyle \sum _{j=1}^n{g}_{ij}}}}{4\times 255}$$

(9)

where $g_{ij}$ is the original matrix element, ${g^{\prime }}_{ij}$ is the binary element after matrix element binarization, $u$ is the calculated chaotic system parameter, and $x_0$ is the initial value of the chaotic system.

Step 3. Generate pseudorandom sequences through chaotic systems.

① The first group of chaotic system parameters $u_1$ and the initial value $x_0$ are calculated according to the matrix ${U^{\prime }}_{m\times m}$, and a set of random sequence flows with a size of $m^2$ is iteratively generated by dynamically selecting the chaotic system, Then, Formula (10) is used to calculate and homogenize $I_1$ to obtain the sequence ${I^{\prime }}_1=\left\{{X^{\prime }}_1,{X^{\prime }}_2,\cdots ,{X^{\prime }}_{m^2}\right\}$.

$${ \mathrm{X} \text{′}}_i=\frac{2}{\pi }\arcsin \sqrt{X_i}, i\in \left[{1,\mathrm{m}}^2\right]$$

(10)

② Extract the first, second, and fourth digits after the decimal point of each element value $I_{1i}{}^{\prime }$($\mathrm{i}\in \left\{1,2,\cdots ,m^2\right\}$) in ${I^{\prime }}_1$ to form $m^2$ three-digit integers in the order of hundreds, tens, and ones to obtain a new integer Sequence, $T_1=\left\{{\alpha }_1,{\alpha }_2,\cdots ,{\alpha }_{m^2}\right\}$. Then, perform the operation shown in Formula (11) to update the value of the integer sequence to obtain the sequence $T_1{}^{\prime }=\left\{{{\alpha }^{\prime }}_1,{{\alpha }^{\prime }}_2,\cdots ,{{\alpha }^{\prime }}_{m^2}\right\}$.

$${{\alpha }^{\prime }}_i={\alpha }_i\mathrm{mod}255,i\in \left[{1,\mathrm{m}}^2\right]$$

(11)

③ Similarly, the second set of chaotic system parameters $u_2$ and initial values $x_0$ are calculated according to the matrix ${V^{\prime }}_{}$. The random sequence is generated by dynamically selecting the chaotic system. After homogenization, the chaotic sequence ${I^{\prime }}_2=\left\{{Y^{\prime }}_1,{Y^{\prime }}_2,\cdots ,{Y^{\prime }}_{m^2}\right\}$ is obtained. Then, the decimal digits are extracted, reorganized, and calculated to obtain the sequence ${T^{\prime }}_2=\left\{{{\beta }^{\prime }}_1,{{\beta }^{\prime }}_2,\cdots ,{{\beta }^{\prime }}_{m^2}\right\}$. The third set of chaotic system parameters $u_3$ and initial values $x_0$ are calculated according to the matrix $S$. The random sequence is generated by dynamically selecting the chaotic system. After homogenization, the chaotic sequence ${I^{\prime }}_3=\left\{{Z^{\prime }}_1,{Z^{\prime }}_2,\cdots ,{Z^{\prime }}_{m^2}\right\}$ is obtained, then the decimal digits are extracted to reorganize, calculate, and obtain the sequence ${T^{\prime }}_3=\left\{{{\gamma }^{\prime }}_1,{{\gamma }^{\prime }}_2,\cdots ,{{\gamma }^{\prime }}_{m^2}\right\}$.

2.

Sub-division diffusion method

Step 1. From sequences $Q_1$, $Q_2$ and ${T^{\prime }}_1$, ${T^{\prime }}_2$, generate sequences $U^{″}=\left\{{{\beta }^{″}}_{11},{{\beta }^{″}}_{12},\cdots ,{{\beta }^{″}}_{1m^2}\right\}$, ${T^{″}}_1=\left\{{{\beta }^{″}}_{21},{{\beta }^{″}}_{22},\cdots ,{{\beta }^{″}}_{2m^2}\right\}$ with a size of ${\mathrm{m}}^2$ using Formulas (12) and (13), and further generate diffusion images $U^{″}$, $V^{″}$.

$$\left\{\begin{array}{cc}\begin{array}{l}{{\beta }^{″}}_{1i}={{\alpha }^{\prime }}_{n^2-i+1}\otimes ({{\alpha }^{\prime }}_{n^2-i}\otimes q_{n^2-i+1})\\ {{\beta }^{″}}_{1i}={{\alpha }^{\prime }}_{m^2+n^2-i+1}\end{array}& \begin{array}{l}i\in \left[1,n^2\right]\\ i\in \left[n^2+1,m^2\right]\end{array}\end{array}\right.$$

(12)

$$\left\{\begin{array}{cc}\begin{array}{l}{{\beta }^{″}}_{2i}={{\beta }^{\prime }}_{n^2-i+1}\otimes ({{\beta }^{\prime }}_{n^2-i}\otimes q_{n^2-i+1})\\ {{\beta }^{″}}_{2i}={{\beta }^{\prime }}_{m^2+n^2-i+1}\end{array}& \begin{array}{l}i\in \left[1,n^2\right]\\ i\in \left[n^2+1,m^2\right]\end{array}\end{array}\right.$$

(13)

Then, use the interpolation methods of Formulas (14) and (15) to increase the lengths of sequences $T_{S1}$ and $T_{d1}$ with lengths $x$ and $y$, respectively, to $m^2$.

$$\left\{\begin{array}{cc}\begin{array}{l}{T}_{S1}\left(i\right)=T_{S1}\left(i\right)\\ T_{S1}\left(i\right)=T_3\left(i\right)\end{array}& \begin{array}{l}i\in [1,x]\\ i\in [x+1,m^2]\end{array}\end{array}\right.$$

(14)

$$\left\{\begin{array}{cc}\begin{array}{l}{T}_{d1}\left(i\right)=T_{d1}\left(i\right)\\ T_{d1}\left(i\right)=T_3\left(i\right)\end{array}& \begin{array}{l}i\in \left[1,y\right]\\ i\in \left[y+1,m^2\right]\end{array}\end{array}\right.$$

(15)

Finally, sequences $P$ and ${T^{\prime }}_3$ are generated into sequence ${T^{″}}_2=\left\{{{\gamma }^{″}}_1,{{\gamma }^{″}}_2,\cdots ,{{\gamma }^{″}}_{{\mathrm{m}}^2}\right\}$ with a size of $m^2$ using the method in Formula (16), where $i\in \left(1,m^2\right)$.

$$\left\{\begin{array}{ll}{{\gamma }^{″}}_i=({{\gamma }^{″}}_i+1)\times p_{m+1-k}\hfill & i=(k-1)m+k;k=1,2,\cdots ,m\hfill \\ \begin{array}{ll}{\gamma }^{″}=0\hfill & \hfill \\ {{\gamma }^{″}}_i=255\hfill & \hfill \end{array}\hfill & \begin{array}{c}i\ne (k-1)m+k;k=1,2,\cdots ,m;i\mathrm{mod}2=0\\ i\ne (k-1)m+k;k=1,2,\cdots ,m;i\mathrm{mod}2\ne 0\end{array}\hfill \end{array}\right.$$

(16)

Step 2. Generate the fourth set of chaotic sequences $T_4$ and sort it from smallest to largest to generate two new sets of sequences. One set is the value sequence $a$ of the chaotic sequence from smallest to largest, and the other is the values of sequence 2 sorted from smallest to largest: Sequence $b$. Then, sequence ${T^{″}}_1$ and sequence ${T^{″}}_2$ are combined according to Formulas (17) and (18) and reordered according to the position sequence $b$ of the chaotic sequence to generate a sequence $T^{‴}=\left\{{\alpha }_1,{\alpha }_2,\cdots ,{\alpha }_{2m^2}\right\}$ with a size of $2m^2$.

$$\left\{\begin{array}{ll}{T^{‴}}_i=T_4(i)\otimes ({T^{″}}_1(i)\otimes T_4(m^2-i+1)\hfill & i\in [1,m^2]\hfill \\ {T^{‴}}_i=T_4(2m^2-i+m^2+1)\otimes (T_4(i)\otimes {T^{″}}_2(i-m^2)\hfill & i\in [m^2+1,2m^2]\hfill \end{array}\right.$$

(17)

$$T^{‴}(i)=T^{‴}(b(i))$$

(18)

Step 3. Generate the fifth set of chaotic sequences, $T_5$. Merge sequences $T^{‴}$ and $U^{″}$ according to Formula (19) to generate sequence $T_{551}=\left\{{{\alpha }^{\prime }}_1,{{\alpha }^{\prime }}_2,\cdots ,{{\alpha }^{\prime }}_{3m^2}\right\}$ with a size of $3m^2$.

$$\left\{\begin{array}{ll}{{\alpha }^{\prime }}_i=T_5(2m^2-i+1)\otimes (T_5(i)\otimes T^{‴}(i))\hfill & i\in [1,2m^2]\hfill \\ {{\alpha }^{\prime }}_i=T_5(i)\otimes (T_5(3m^2-i+2m^2+1)\otimes U^{″}(i-2m^2))\hfill & i\in [2m^2+1,3m^2]\hfill \end{array}\right.$$

(19)

Then, the sequence $T_{S1}$ of length $m^2$ is inserted into the sequence $T_{551}$ using the interpolation method of Equation (20) to generate the sequence $T_{552}=\left\{{{\alpha }^{″}}_1,{{\alpha }^{″}}_2,\cdots ,{{\alpha }^{″}}_{4m^2}\right\}$ of size $4m^2$.

$$\left\{\begin{array}{ll}{T}_{552}\left(i\right)=T_{s1}\left(i\right)\hfill & i\in \left[1,m^2\right]\hfill \\ T_{552}\left(i\right)=T_{551}\left(3m^2-i+m^2+1\right)\hfill & i\in \left[m^2+1,4m^2\right]\hfill \end{array}\right.$$

(20)

Step 4. Compress the sequence of length $4m^2$ into a sequence of length $m^2$ and generate the final ciphertext image C.

① The parity of the elements of the sequence $T_{552}$ is saved into the binary sequence $Ji{o}_1$, as given in Equation (21):

$$\left\{\begin{array}{cc}Ji{o}_1\left(i\right)=1& (T_{552}\left(i\right)\mathrm{mod}2=0\wedge T_{552}\left(m^2+i\right)\mathrm{mod}2\ne 0)\vee (T_{552}\left(i\right)\mathrm{mod}2\ne 0\wedge T_{552}\left(m^2+i\right)\mathrm{mod}2=0)\\ Ji{o}_1\left(i\right)=0& (T_{552}\left(i\right)\mathrm{mod}2=0\wedge T_{552}\left(m^2+i\right)\mathrm{mod}2=0)\vee (T_{552}\left(i\right)\mathrm{mod}2\ne 0\wedge T_{552}\left(m^2+i\right)\mathrm{mod}2\ne 0)\end{array}\right.$$

(21)

② Generate sequence $T_{zz}$ by sequence $T_{552}$ in a weighted manner according to Equation (22) while shortening the length of the sequence from $4m^2$ to $2m^2$ and saving its subtraction value $T_{j_1}$ at the same time.

$$\left\{\begin{array}{c}{T}_{zz}\left(i\right)=⌊\frac{T_{552}\left(i\right)}{2}+\frac{T_{552}\left(2m^2+i\right)}{2}⌋\\ T_{j_1}\left(i\right)=⌈\frac{T_{552}\left(i\right)}{2}-\frac{T_{552}\left(2m^2+i\right)}{2}⌉\end{array}\right.$$

(22)

Use the method given in Equations (23) and (24) to diffuse the sequence $T_{zz}$:

$$T_{zz}\left(i\right)=\left|T_{j1}\left(i\right)\right|\otimes T_{zz}\left(i\right)$$

(23)

$$\left\{\begin{array}{ll}{T}_{zz}\left(i\right)=T_4\left(i\right)\otimes \left(T_{zz}\left(i\right)\otimes T_4\left(m^2-i+1\right)\right)\hfill & i\in \left[1,m^2\right]\hfill \\ T_{zz}\left(i\right)=T_4\left(3m^2-i+1\right)\otimes \left(T_4\left(i\right)\otimes T_4\left(i-m^2\right)\right)\hfill & i\in \left[m^2+1,2m^2\right]\hfill \end{array}\right.$$

(24)

③ is the same as ① and ②: generate sequence $T_z$ by sequence $T_{zz}$ in a weighted manner according to Equations (25)–(28), shorten the length of the sequence from $2m^2$ to $m^2$, and save its subtraction value $T_{j_2}$ and diffusion sequence $T_z$ at the same time. The binary sequences $Ji{o}_1$ and $Ji{o}_2$ are then combined into a single sequence $Jio$ as the decryption key (private key) and sent to the process analyst.

$$\left\{\begin{array}{cc}Ji{o}_2\left(i\right)=1& (T_{\mathrm{zz}}\left(i\right)\mathrm{mod}2=0\wedge T_{\mathrm{zz}}\left(m^2+i\right)\mathrm{mod}2\ne 0)\vee (T_{\mathrm{zz}}\left(i\right)\mathrm{mod}2\ne 0\wedge T_{\mathrm{zz}}\left(m^2+i\right)\mathrm{mod}2=0)\\ Ji{o}_2\left(i\right)=0& (T_{\mathrm{zz}}\left(i\right)\mathrm{mod}2=0\wedge T_{\mathrm{zz}}\left(m^2+i\right)\mathrm{mod}2=0)\vee (T_{\mathrm{zz}}\left(i\right)\mathrm{mod}2\ne 0\wedge T_{\mathrm{zz}}\left(m^2+i\right)\mathrm{mod}2\ne 0)\end{array}\right.$$

(25)

$$\left\{\begin{array}{c}{T}_z\left(i\right)=⌊\frac{T_{zz}\left(i\right)}{2}+\frac{T_{zz}\left(m^2+i\right)}{2}⌋\\ T_{j_2}\left(i\right)=⌈\frac{T_{zz}\left(i\right)}{2}-\frac{T_{zz}\left(m^2+i\right)}{2}⌉\end{array}\right.$$

(26)

$$T_z\left(i\right)=\left|T_{j_2}\left(i\right)\right|\otimes T_z\left(i\right)$$

(27)

$$\left\{\begin{array}{ll}{T}_z\left(i\right)=T_6\left(m^2-i+1\right)\otimes \left(T_6\left(m^2-i\right)\otimes T_{\mathrm{z}}\left(m^2-i+1\right)\right)\hfill & i\in \left[1,m^2-1\right]\hfill \\ T_z\left(i\right)=T_6\left(m^2-i+1\right)\otimes \left(T_6\left(m^2\right)\otimes T_{\mathrm{z}}\left(m^2-i+1\right)\right)\hfill & i=m^2\hfill \end{array}\right.$$

(28)

④ Transform the sequence $T_z$ into a matrix of size $m\times m$, which is the final ciphertext matrix $C$, to complete the encryption.

The traditional color image encryption algorithm encrypts the result as R, G, and B component maps or a color map, while the encryption in this paper reduces the dimension of the three-dimensional color image to a grayscale image. The encryption result completely hides the color and grayscale information of the original image.

3.5. Decryption Method

The asymmetric decryption process for ciphertext images is as follows:

Step 1. For the ciphertext image C, use the chaotic keys key1, key2, key3, $Jio$, $T_s$, $T_d$, and $P_R\left(x,y\right)$, $P_G\left(x,y\right)$, $P_B\left(x,y\right)$ to decrypt step-by-step. Here, key1, key2, and key3 are public keys. $T_s$, $T_d$ and $P_R$, $P_G$, $P_B$ are all private keys. These keys are sent to the required process analyst to decrypt the image.$Jio$ is a binary sequence, $T_s$ and $T_d$ are the decryption keys of the singular value decomposition left and right unitary matrices, respectively, and $P_R$, $P_G$, and $P_B$ are the decryption keys of the red, blue, and green channels, respectively, as shown in Formula (29):

$$\begin{array}{c}{P}_R\left(x,y\right)=\frac{1}{g_G\left(x,y\right)g_B\left(x,y\right)}\\ P_G\left(x,y\right)=\frac{1}{g_R\left(x,y\right)g_B\left(x,y\right)}\\ P_B\left(x,y\right)=\frac{1}{g_R\left(x,y\right)g_G\left(x,y\right)}\end{array}$$

(29)

Step 2. The three color channels reconstructed and recovered by the BP neural network are combined into a color image, which is the decrypted image.

In the method, the image decryption process is not the inverse process of the encryption algorithm. The decryption uses the decryption key (private key) generated by different parts and methods in the encryption process to participate in the decryption, which implements the asymmetric encryption of color images.

4. Experimental Results and Safety Analysis

The experimental environment software used in this paper was MATLAB R2018a and a Windows 10 operating system, and the hardware parameters were Intel Core i7-4710MQ CPU and 16GB RAM. The grayscale images “Lena” and “Baboon” with a size of 512 × 512 shown in Figure 11 [35] were selected as plaintext images to test the encryption and decryption performance of the algorithm and verify the results of the encryption and decryption algorithm in the business flow chart. The experiment evaluates the security, encryption, and decryption performance of the algorithm from five aspects. Section 4.1 describes the experimental results, Section 4.2 describes the key space analysis, Section 4.3 provides an anti-statistical attack analysis, Section 4.4 provides a secret key sensitivity and anti-differential attack analysis, and Section 4.5 involves an analysis of noise attack. The experimental results are compared with existing methods.

4.1. Experimental Results

In this section, the color image Lena with a pixel size of 512 × 512, as shown in Figure 11, was used as the original image to analyze the encrypted data. The encryption and decryption process of Lena by the algorithm is shown in Figure 12. The original image, Lena, was first preprocessed through simulation, learned by the BP neural network, and multiplied to obtain the intermediate ciphertext B. Then a singular value decomposed image B to generate matrix U, S, and V. Secondly, images $U^{\prime }$ and $V^{\prime }$ were generated after the double-bit had scrambled the unitary matrix U and V. Finally, sub-division diffusion calculations were used to generate images $U^{″}$ and $V^{″}$ by sub-division diffusion of the pixels in image $U^{\prime }$ and $V^{\prime }$. Image S was generated using sub-division diffusion for the pixels in matrix S, and the final pixel replacement diffusion image was the image ‘Image after Diffusion’. Finally, the ciphertext image ‘ciphertext Image C’ and the decrypted image ‘ Recovery Image’ were generated.

It can be seen from the simulation results that the encrypted ciphertext image completely changed the color and grayscale characteristics of the plaintext image, and the color and texture of the decrypted image were clear. To evaluate the overall performance of the encryption algorithm, a security analysis was carried out involving the aspects of key space, anti-statistical attacks, adjacent pixel correlation, key sensitivity, anti-differential attacks, and anti-noise attacks.

4.2. Key Space Analysis

For image encryption algorithms, the key space should be large enough (>2¹²⁸) to resist exhaustive attacks [15]. Based on the algorithm in this paper, we can know that there are five initial parameters for dynamic selection of chaotic system, which are $u$, Z, $u_1$, $u_2$, and $z_0$. In addition, the number of pre-iterations is $N_0$, and the encryption parameter $C_0$ is introduced. It may be assumed that the number of values of $N_0$ is 4000, $C_0\in \left[0,255\right]$, and the computer precision is 10⁻¹². Then, the key space can be calculated as: 4000 × 255 × (10¹²)⁵ ≈ 2²¹⁹. The calculation results demonstrate that the key space of the encryption algorithm is sufficient to resist exhaustive attacks.

4.3. Anti-Statistical Attack Analysis

4.3.1. Histogram Analysis

According to the original image and the ciphertext image of the experiment, the histogram statistics of the pixel values are made. It can be seen from Figure 13 that the original image histogram pixel values were unevenly distributed within the pixel range, while the image pixel values after the encryption algorithm in this paper were evenly distributed within the pixel range. The statistical characteristics of plaintext pixels changed, which can provide very effective resistance against statistical analysis attacks.

4.3.2. Correlation Analysis of Adjacent Pixels

The correlation coefficient of adjacent pixels reflects the degree of correlation between adjacent pixels and is used to test the encryption effect of the algorithm. The closer the correlation coefficient between plaintext and ciphertext image is to 0, the better the encryption effect is [31]. The pair of adjacent pixels in the plaintext and ciphertext images were selected, and the calculation formula of the image correlation coefficient is shown in Formula (30).

$$\left\{\begin{array}{l}\overline{x}=\frac{1}{N}{\displaystyle \sum _{i=1}^N{X}_i}\hfill \\ D\left(x\right)=\frac{1}{N}{\displaystyle \sum _{i=1}^N{\left(x_i-x\right)}^2}\hfill \\ Conv\left(x,y\right)=\frac{1}{N}{\displaystyle \sum _{i=1}^N\left(x_i-\overline{x}\right)\left(y_i-\overline{y}\right)}\hfill \\ {\gamma }_{xy}=\frac{Conv\left(x,y\right)}{\sqrt{D\left(x\right)}\sqrt{D\left(y\right)}}\hfill \end{array}\right.$$

(30)

In the formula, $x$ and $y$ represent the pixel values of two adjacent pixels in the image, respectively, $\overline{x}$ and $\overline{y}$ are the average values of all $x$ and $y$ values, $N$ is the number of selected pixel groups, and ${\gamma }_{xy}$ is the correlation coefficient.

The results of calculating the correlation coefficients of adjacent pixels in the horizontal, vertical, and diagonal directions of the encrypted image are shown in

Table 5. Adjacent pixel correlation coefficient.

Image	Lena				Baboon
	Plain Image	Cipher Image	[31]	[36]	Plain Image	Cipher Image	[31]
Horizontal	0.9731	4.0636 × 10−4	11.35 × 10−4	−0.0052	0.9355	5.8034 × 10−4	3578 × 10−4
Vertical	0.9606	−6.7356 × 10−4	24.57 × 10−4	0.0086	0.9423	−6.0913 × 10−4	311 × 10−4
Diagonal	0.9457	2.0921 × 10−4	3213 × 10−4	−0.0020	0.9399	−3.0815 × 10−4	6542 × 10−4

. Table 5 shows the values of the correlation coefficient between the raw RGB images of the input Lena and baboon and the corresponding neighboring pixels of the resulting encrypted images. It can be seen that the obtained values prove that the pixels were highly correlated with each other in the case of the original image. However, the correlation between neighboring pixels in the encrypted image using the proposed scheme reached 10⁻⁴; close to 0. This means that there was little correlation between neighboring pixels. A total of 6000 groups of pixels of the original image and the encrypted image were selected from the horizontal, vertical, and diagonal directions, and the relationship between the gray values of adjacent pixels is shown in Figure 14. It can be seen from Figure 14 that the horizontal, vertical, and diagonal adjacent pixel gray values of the plaintext image were distributed around $y=x$, while the encrypted image adjacent pixel gray values were approximately uniformly distributed between $\left[0,255\right]$.

4.3.3. Information Entropy Analysis

Information entropy ($H$) is used to reflect the randomness of information distribution in the image. The more uniform the gray value distribution, the greater the information entropy, and vice versa [37]. That is, for an image with a gray level of 256, the randomness of the pixel distribution can be judged by whether the information entropy of the ciphertext image is close to the maximum entropy 8-bit. Information entropy h can be expressed as: $H(S)=-{\displaystyle \sum _{i=0}^{N-1}P(S_i)\log \left[P(S_i)\right]}$. In this formula, $N$ indicates that the information in the image has N different values, and the set of values is $\left\{s_0,s_1,\cdots ,s_{N-1}\right\}$. $P(S_i)$ indicates the probability of $S_i$ appearing in image $S$.

The ideal value of image $H(S)$ is 8, which indicates that the image is a random information source image. That is, for the ciphertext image obtained using the encryption algorithm, the closer its information entropy is to 8, the closer the image is to a random image. The information entropy of the Lena and Baboon images obtained by using the algorithm in this paper are shown in

Table 6. Information entropy.

Image	Plaintext	Proposed				[36]	[37]
		Ciphertext	R	G	B
Lena	7.5929	7.99946	7.99942	7.99959	7.99915	7.9974	7.9993
Baboon	7.3579	7.99938	7.99908	7.99956	7.99973	7.9970	—
Average	7.4754	7.99942	7.99925	7.99958	7.99944	7.9972	7.9993

. As can be seen from Table 6, the average value of the information entropy of the selected RGB images is very close to the ideal value of 8. Therefore, our scheme is not affected by entropy attacks. Compared with other schemes, it can be seen that the information entropy of the Lena and Baboon RGB images of the proposed scheme was better than [36,37]. In addition, the mean value of the information entropy calculated for all selected images was 7.99942, which was not less than any of these studies.

4.3.4. Peak Signal-to-Noise Ratio and Average Structural Similarity Index

• Peak Signal-to-Noise Ratio

The peak signal-to-noise ratio (PSNR) is mainly used to measure the difference between the original image and the ciphertext image [36]. The larger the image difference, the smaller the PSNR value, and the better the image encryption effect. The calculation of PSNR is as shown in Formulas (31) and (32), wherein the image size is $w\times h$, $I\left(i,j\right)$, representing the pixel value of position $\left(x,y\right)$ in images I and J, respectively.

$$PSNR=10\times l\mathrm{g}\left(\frac{{255}^2}{MSE}\right)$$

(31)

$$MSE=\frac{1}{wh}{{\displaystyle \sum _{i=0}^w{\displaystyle \sum _{j=0}^h\left(I\left(i,j\right)-J\left(i,j\right)\right)}}}^2$$

(32)

2.

Structural Similarity Index

The structural Similarity Index (SSIM) is an evaluation index used to measure the similarity of two images. Since it incorporates the human visual system (HVS) model, it makes up for some shortcomings of PSNR, and the measurement results are more accurate [36]. The SSIM calculation is shown in Formula (33), where $x$ and $y$ represent the blocks of two images, ${\mu }_x$ and ${\mu }_y$ represent the average values of $x$ and $y$, respectively, ${\sigma }_x^2$ and ${\sigma }_y^2$ represent the variances of $x$ and $y$, respectively, and ${\sigma }_{xy}$ represents $x$ and $y$ Covariance. $c_1={(k_{1}L)}^2$, $c_2={(k_{2}L)}^2$, Here $k_1=0.01$, $k_2=0.03$, L are gray levels, $L=255$.

$$SSIM\left(x,y\right)=\frac{\left(2{\mu }_x{\mu }_y+c_1\right)\left(2{\sigma }_{xy}+c_2\right)}{\left({\mu }_x{}^2+{\mu }_y{}^2+c_1\right)\left({\sigma }_x{}^2+{\sigma }_y{}^2+c_2\right)}$$

(33)

In this paper, the Mean Structural Similarity Index (MSSIM) is used to evaluate the image encryption effect. The greater the difference between plaintext and ciphertext images, the smaller the MSSIM value is, and the better the image encryption effect is. The MSSIM definition calculation is shown in Formula (34), where $X$ and $Y$ represent the plaintext image and the ciphertext image, respectively, $x_i$ and $y_i$ represent the $i$-th block corresponding to the two images, and $n$ is the number of image blocks.

$$MSSIM(X,Y)=\frac{1}{n}{\displaystyle \sum _{i=1}^{n}SSIM(x_i,y_i)}$$

(34)

After the original plaintext image was encrypted, the calculation results of PSNR and MSSIM values are shown in

Table 7. PSNR and MSSIM values.

Image	PSNR		MSSIM
	Proposed	[36]	Proposed	[36]
Lena	4.7811	7.8474	9.0030 × 10−5	1.0050 × 10−4
Baboon	4.7830	8.8074	3.1644 × 10−4	3.1644 × 10−3

. It can be seen from Table 7 that after the algorithm encrypted the image, the difference between the original image and the ciphertext image was large enough to meet the security requirements of image encryption.

4.3.5. Correlation Coefficient and Image Fidelity

To further test the feasibility and effectiveness of the algorithm in this paper, the correlation coefficient (CC) [36] and image fidelity (IF) were used to verify the similarity between the plaintext image and the decrypted image [31]. The larger the value of the correlation coefficient and image fidelity, the smaller the difference between the decrypted image and the original image, and the higher the value of the decrypted image fidelity. The calculation formulas of CC and IF are given in (35) and (36), where $\overline{a}$ and ${\overline{a}}^{\prime }$ represent the average values of matrix elements $a\left(m,n\right)$ and $a^{\prime }\left(m,n\right)$, respectively. $a_i$ and $a_i{}^{\prime }$ represent the pixel value at the $i$-th position of the original image matrix and the pixel value at the corresponding position after decryption, respectively.

$$CC=\frac{{\displaystyle \sum _m{\displaystyle \sum _n\left(a\left(m,n\right)-\overline{a}\right)\left(a^{\prime }\left(m,n\right)-{\overline{a}}^{\prime }\right)}}}{\sqrt{\left({\displaystyle \sum _m{\displaystyle \sum _n{\left(a\left(m,n\right)-\overline{a}\right)}^2}}\right)\left({\displaystyle \sum _m{\displaystyle \sum _n{\left(a^{\prime }\left(m,n\right)-{\overline{a}}^{\prime }\right)}^2}}\right)}}$$

(35)

$$IF=1-{\displaystyle \sum _{i=1}^L{\left(a_i-{a^{\prime }}_i\right)}^2}/{\displaystyle \sum _{i=1}^L{\left(a_i\right)}^2}$$

(36)

A total of 5000 pairs of adjacent pixel values were randomly selected from plaintext and ciphertext images in three different directions, and the results of CC and IF values were calculated, as shown in

Table 8. CC and IF values.

Image	Lena		Baboon
	CC	IF	CC	IF
Horizontal	0.9910	0.9583	0.9811	0.9548
Vertical	0.9903	0.9579	0.9904	0.9549
Diagonal	0.9909	0.9584	0.9851	0.9552

. It can be seen from Table 8 that the fidelity of the image after decryption of the ciphertext image by the algorithm was high enough, and the difference from the original image was small.

4.4. Secret Key Sensitivity and Anti-Differential Attack Analysis

4.4.1. Key Sensitivity Analysis

Since the dynamic choice of chaotic map has good initial value sensitivity, a small change in the initial value will lead to completely different chaotic sequences. The decrypted image after decrypting Lena with the correct key and changing the key $x_0=0.29$ to $x_0=0.2900000000000001$ slightly is shown in Figure 15. It can be clearly seen that the result of decrypting with the wrong key is completely unrecognizable. To better illustrate the key sensitivity, after encrypting Lena, 3000 slightly changed random keys were generated, of which only one key could be decrypted correctly. This set of decryption keys was used to generate 3000 decrypted images, then the images were evaluated using PSNR and MSSIM. The results are shown in Figure 16. It can be seen that only the image decrypted with the correct key had the highest PSNR and MSSIM, and the rest of the images decrypted with the wrong key have very low PSNR and MSSIM. The same slight changes to $u$, $u_1$, $u_2$, and $z_0$ were made to decrypt and calculate PSNR and MSSIM, and the same result was obtained. This demonstrates that the algorithm in this paper has high key sensitivity.

4.4.2. Anti-Differential Attack Analysis

A differential attack involves using an encryption algorithm to encrypt a new image with a slight change to the original image, then comparing the difference between the original ciphertext image and the new ciphertext image to obtain the relationship between the old and new ciphertext images. The stronger the sensitivity of the algorithm to the plaintext, the stronger the ability to resist differential attacks. The pixel number change rate (NPCR) and normalized pixel value average change intensity (UACI) are used to measure the sensitivity of the encryption algorithm to plaintext [31]. The calculation formulas of NPCR and UACI are shown in (37) and (38), where the pixel value of the original ciphertext image at the same pixel position $\left(i,j\right)$ is consistent with the pixel value of the new ciphertext image, $D\left(i,j\right)=0$; otherwise, $D\left(i,j\right)=1$. $X\left(i,j\right)$ represents the original ciphertext image and $X^{\prime }\left(i,j\right)$ represents the new ciphertext image.

$$NPCR=\frac{1}{m\times n}{\displaystyle \sum _{i,j}D(i,j)\times 100}\%$$

(37)

$$UACI=\frac{1}{m\times n}\left[{\displaystyle \sum _{i,j}\frac{X(i,j)-X^{\prime }(i,j)}{255}}\right]\times 100\%$$

(38)

In the experiment, the three-channel pixel value of the original plaintext image location was changed from (170,56,72) to (169,55,71), and the pixel values at other locations remained unchanged. After encryption with the same key, a new ciphertext image was obtained. Similarly, in the literature [31,36], two images were encrypted by altering one bit in the original image and using the same key. Then, the values of NPCR and UACI were calculated multiple times based on the two ciphertext images obtained before and after the pixel change, respectively, and their average was calculated. Finally, the average NPCR and UACI values of the three schemes were compared, and the results are shown in

Table 9. NPCR and UACI values of the ciphertext image.

Image	NPCR (%)			UACI (%)
	Proposed	[31]	[36]	Proposed	[31]	[36]
Lena	99.70	99.70	99.63	33.48	33.47	33.43
Baboon	99.69	99.62	99.61	33.48	33.46	33.38
Average	99.70	99.66	99.62	33.48	33.47	33.40

.

Table 9 shows that the average NPCR value was 99.70% and the average UACI value was 33.48%. The results show that the proposed scheme was strong enough to stand the different attachments of 𝑁𝑃𝐶𝑅 and 𝑈𝐴𝐶𝐼. It also shows that, even with minor changes to the original image, the encrypted ciphertext image will be completely different. Therefore, the algorithm proposed in this article can effectively resist differential attacks.

4.5. Analysis of Noise Attack

Noise attacks usually occur during image transmission. Highly secure encryption algorithms can resist noise attacks such as salt and pepper, Gaussian, etc. For ciphertext images polluted by noise, most of the image information can still be recovered. In this paper, Gaussian noise values of 0.1, 0.5, and 1 and salt and pepper noise values of 0.1, 0.5, and 0.65 were added to the ciphertext image. The ciphertext image and decrypted image are shown in Figure 17. CC and IF were used to evaluate its decryption performance. The CC and IF values of the encrypted image are shown in

Table 10. Decrypted image CC and IF values.

	Gaussian			Spicy Salt
	0.1	0.5	1	0.1	0.5	0.65
CC	0.865	0.816	0.792	0.869	0.820	0.791
IF	0.872	0.829	0.781	0.875	0.827	0.713

.

It can be seen from Table 10 that when the noise density increases, the ciphertext image changes significantly. However, the decrypted image restores the texture and color information of the plaintext image, with high fidelity and better visual effects. Therefore, the encryption method in this paper has a good anti-noise performance.

4.6. Business Process Diagram Encryption

This section uses the proposed image encryption method to apply in the business flow chart and perform a security analysis. The encryption and decryption process of the outpatient BPMN color image shown in Figure 2, a pixel size of 512 × 512 is shown in Figure 18, and the calculation results of the encryption and decryption performance indicators are shown in

Table 11. Hospital BPMN diagram encryption and decryption performance index table: adjacent pixel correlation coefficient; information entropy; NPCR; UACI.

	Adjacent Pixel Correlation Coefficient			Information Entropy	NPCR	UACI
	Horizontal	Vertical	Diagonal
Plaintext	0.9844	0.9711	0.9600	7.4451	_	_
Ciphertext	−8.0 ×10−4	−6.0 ×10−4	−6.4 ×10−4	7.9991	99.67	33.72

.

It can be seen from Figure 2 that after using the encryption algorithm proposed in this paper to encrypt the BPMN diagram in Figure 2, the ciphertext image has completely changed the color, texture, and grayscale characteristics of the business flow chart. The personal privacy information of the patient and the behavior relationship information between the patient and the doctor reflected in the original hospital outpatient service flow chart are hidden. Moreover, the experimental results in Table 11 and

Table 12. Hospital BPMN diagram encryption and decryption performance index table: PSMR; MSSIM; CC; IF.

	PSMR	MSSIM	CC	IF
Plaintext & Ciphertext	4.7823	0.009	0.9853	0.9576

show that the image of the business flow chart encrypted by the proposed encryption algorithm is close to a random image and is not easily attacked. However, the color and texture content of the business process flow chart after being correctly decrypted is clear, and all its business process information can be recovered. At the same time, the encrypted image can resist statistical attacks, differential attacks, and noise attacks and achieve the goal of protecting effective information security in the business flow chart.

5. Conclusions

In this paper, a new dynamic selection chaotic system is constructed using two one-dimensional chaotic equations, and its randomness is verified. A new asymmetric color image encryption algorithm is proposed based on a dynamic selected chaotic system and singular value decomposition. In the encryption process, the three fundamental color components of the color image are first preprocessed into a gray matrix through numerical adjustment, then the singular value decomposes the gray matrix into two unitary matrices and a singular value matrix. We propose a double-bit scrambling method to scramble the left and right unitary matrices and numerically adjust the singular value matrix by combining the scrambling diffusion image encryption framework. In addition, based on the dynamic selected chaotic system, a sub-division diffusion method of the matrix is proposed in which multiple random sequences are involved, and the two unitary matrices and the singular value matrix after the permutation are weighted and compressed part-by-part to obtain the final ciphertext image. Among them, the initial value of the chaotic system is calculated using the matrix generated during the encryption process, and the initial value of the chaotic system is closely related to the plaintext image. Finally, the proposed image encryption method is applied to business process diagrams and security analysis, and the experiment verifies that the method can effectively protect the data and behavior security of business process diagrams. The encryption method in this paper downscales a three-color image into a grayscale cipher image, completely hiding the color, texture, and grayscale value information of the original color image. The encryption process generates three private keys to participate in image decryption, and decryption is not the inverse process of encryption, which achieves asymmetric encryption of the images. Moreover, only the XOR operation is used in the image diffusion process to improve the diffusion efficiency. The simulation results prove that the dynamic selected chaotic system has higher randomness than the chaotic sequence generated by a single one-dimensional chaotic equation, the ciphertext is very sensitive to the key, and the image encryption algorithm in this paper can effectively resist statistical attacks, entropy attacks, difference attacks, and noise attacks, proving the effectiveness and security of the method proposed in this paper.