Multiple-Image Fusion Encryption (MIFE) Using Discrete Cosine Transformation (DCT) and Pseudo Random Number Generators

This chapter proposes a new multiple-image encryption algorithm based on spectral fusion of watermarked images and new chaotic generators. Logistic-May (LM), May-Gaussian (MG), and Gaussian-Gompertz (GG) were used as chaotic generators for their good properties in order to correct the flaws of 1D chaotic maps (Logistic, May, Gaussian, Gompertz) when used individually. Firstly, the discrete cosine transformation (DCT) and the low-pass filter of appropriate sizes are used to combine the target watermarked images in the spectral domain in two different multiplex images. Secondly, each of the two images is concatenated into blocks of small size, which are mixed by changing their position following the order generated by a chaotic sequence from the Logistic-May system (LM). Finally, the fusion of both scrambled images is achieved by a nonlinear mathematical expression based on Cramer ’ s rule to obtain two hybrid encrypted images. Then, after the decryption step, the hidden message can be retrieved from the watermarked image without any loss. The security analysis and experimental simulations confirmed that the proposed algorithm has a good encryption performance; it can encrypt a large number of images combined with text, of different types while maintaining a reduced Mean Square Error (MSE) after decryption.


Introduction
Several image encryption algorithms are being developed today to meet privacy needs in multimedia communications . With the rapid expansion of the Internet, innovative technologies, and cryptanalysis, it has become necessary to build new and appropriate cryptosystems for secured data transfer, especially for digital images. Nowadays, a large quantity of images is produced in various fields and exchanged sometimes with text through different channels, favoring the development of multiple-image encryption (MIE) instead of single-image encryption (SIE). A secure technique to protect the large amounts of data (image and text) compaction property, which means that the low-frequency coefficients are located around the top-left corner of its spectral plane [24]. In 2018, Jridi and Alfalou [14] proposed a cryptosystem to improve a Simultaneous Fusion, Compression and Encryption (SFCE) scheme [15] in terms of time consumption, bandwidth occupation, and encryption robustness. In [16], Dongfeng et al. proposed a new scheme for simultaneous fusion, imaging and encryption of multiple target images using a single-pixel detector. This algorithm achieves good performance in terms of robustness as the number of images to multiplex increases, but suffered from reduced key space and poor quality of images recovered. Mehra and Nishchal [17] proposed an image fusion encryption based on wavelets for securing multiple images through asymmetric keys. It offers a large key space, which enhances the security of the system. In 2016, Qin et al. [18] proposed an optical multiple-image encryption scheme in diffractive imaging using spectral fusion and nonlinear operations.
More recently, Zhang and Wang [19,20] proposed two schemes of multipleimage encryption (MIE): the first algorithm based on mixed image element and permutation, and the second MIE algorithm based on mixed image element and chaos. The cryptosystem shows good performances, but can be improved in terms of compression to reduce the size of the multiplex big image when the number of target images increases. In [21], Zhu and Zhang proposed an encryption algorithm of mixed image element based on an elliptic curve cryptosystem. Experimental results and theoretical analysis show that the algorithm possesses a large key space and can accomplish a high level of security concerning information interaction on the network platform, but the encryption and decryption computational time is long. In 2013, Abdalla and Tamimi [22] proposed a cryptosystem, which combines two or more images of different types and sizes by using a shuffling-substitution procedure. Here, the process of mixing image combines stream cipher with block cipher, on the byte level.
After analyzing most MIE algorithms operating in the spectral domain, the robustness of the cryptosystem increases with the number of input images. Consequently, the quality of decrypted images is degraded. Therefore, it is important to design cryptosystems that can keep a good compromise between a large number of images added to text to encrypt, a small MSE after decryption, and a good performance in terms of robustness and efficiency.
As a result, this chapter suggests a new MIE algorithm based on the spectral fusion of different types of watermarked images of same size using discrete cosine transformation (DCT) associated with a low-pass filter and chaotic maps. The proposed scheme has several strengths: it is robust, combines watermarking and cryptography, which produce a two-level security, uses chaotic maps with good properties, encrypts a large number of watermarked images into two hybrid ciphered images, and the quality of the reconstructed images and text is good (reduced MSE). The encryption process comprises three main steps: in the first step, target images are fused into two images through DCT and low-pass filter; in the second step, the small blocks with the size of (4 Â 4) images are permuted in a certain order; and in the last step, which is the diffusion phase, the two scrambled images are fused by a nonlinear mathematical expression based on Cramer's rule to obtain two hybrid encrypted images. The key generation of the cryptosystem is made dependent on the plain images.
The rest of the chapter is organized as follows: Section 2 presents an overview of chaotic generators used in the cryptosystem and the description of the watermarking process. In Section 3, spectral fusion of plain images is detailed. The proposed encryption/decryption scheme is given in Section 4. In Section 5, experimental results and algorithm analyses are presented, then compared with others in the literature. We end with a conclusion in Section 6.
where x n ∈ 0, 1 ½ is the discrete state of the output chaotic sequence and r is the control parameter with values in the range (0, 4]. The chaotic behavior of the Logistic map is observed in the range [3.5, 4].

May map
where x n ∈ 0, 10:9 ½ and the control parameter a belongs to the range [0, 5].

Gompertz map
x nþ1 ¼ Àbx n ln x n (4) where the control parameter b ∈ (0, e], e = 2.71829 … and is the exponential function.

Combination of new 1D chaotic maps
The chaotic properties of 1D Logistic, May, Gaussian, and Gompertz maps are not suitable to build a secure cryptosystem when they are used alone. To solve this problem, Zhou et al. [23] proposed to combine the different seed maps. Figure 1 shows the new map obtained from a nonlinear combination of two different 1D chaotic maps.

Logistic-May map (LM)
Its equation is defined by Eq. (5) where x n ∈ 0, 1 ½ and r ∈ 0, 5 ½ . From its bifurcation diagram, we can observe that chaotic properties are excellent within [0, 5], with a maximum Lyaponuv exponent equal to 8.3.

Gaussian-Gompertz
It is defined by Eq. (7) where x n ∈ 0, 1 ½ , r ∈ 0, 5 ½ , α ∈ 4:7, 17 ½ . It has a mean Lyaponuv exponent around 2.5. Figure 2 illustrates the bifurcation diagram and the Lyaponuv exponent graphics of these maps. Referring to Figure 2, all the previous 1D chaotic systems present a wider chaotic range and a more uniform distribution of their density functions. Furthermore, the maximum Lyaponuv exponent values obtained are respectively 8.1, 5.6, and 2.5. Then, these combined 1D systems are more suitable for secure and high-speed encryption if the encryption algorithm is built around a good algebraic structure. Additively, in order to confirm the good performance of the previous pseudo random number generators, we performed the NIST statistical tests. Analysis of these results (see Table 1) showed that all the 15 tests were congruent for the three chaotic maps.

Description of the watermarked process
Before multiplexing the target images, a binary information in the form of a logo was inserted in one of the target images. To do this, we used a simple watermarked algorithm, which makes the hidden message imperceptible in the watermarked image. Taking advantage of the benefits of DCT, it is possible to embed an information or watermark (text, logo, image) in low-or medium-frequency DCT coefficients. In fact, DCT decomposes an image into three frequency regions: low, medium, and high frequencies. It is recommended to insert the watermark in the low-and medium-frequency regions of the host image in order to ensure imperceptibility [32]. In this work, we adopted the watermarking technique described in [33] in which the message to hide is added to the medium-frequency region discrete cosine coefficients in selected pixel blocks of size 8 Â 8. All the blocks satisfying the condition Ds > Av Â α are eligible blocks suitable for watermark embedding, where Av is the average for all pixels in the block considered from  To illustrate an embedded process, as can be seen in Figure 3, we used a host image of size 512Â512, and a binary watermarked image of size 64Â64. We can notice from Figure 3 that the binary image (watermarked) is recovered without loss of information.

May-Gaussian map (MG)
In order to protect the watermarked and host image from unauthorized access and noise attack, the watermarked image was encrypted with other images in a mixed process.

Spectral fusion of target images
In this section, N target images of size M, M ð Þare combined into two images, each containing N=2 f gtarget images. As described in [24], discrete cosine transformation (DCT) is first applied separately to each of the target images. In the second step, every spectrum is multiplied by a low-pass filter, of size (M', M') pixels, as indicated in Figure 4. In this manner, it is possible to reconstruct every target image through the relevant information contained in each block. At this step, the compression rate C p is: Then, after all of these target images are grouped together by a way of simple addition, the inverse discrete cosine transformation (IDCT) of the multiplex image  is performed. A simple rotation is performed on each of these blocks before spectral multiplexing, to prevent from information overlap. Figure 4 illustrates the description of the process. It is possible to multiplex a large number of target images by selecting a smaller size of the filter. However, in this case, the recovered images will be highly altered. To keep a good quality of reconstructed images while maintaining a large number of target images to encrypt, we chose to group these images in two multiplex images of the same size.

Proposed encryption/decryption scheme
This section presents the proposed cryptosystem, which comprises blockspermutation and diffusion steps using chaotic generators. Figure 5 illustrates the entire process.

A. Blocks-permutation
The plain image is each of the two multiplex images obtained in Section 3. The plain image is decomposed into small blocks of the same size; let us choose blocks size of (4 Â 4) pixels. In fact, increasing the number of blocks by using smaller block size resulted in a lower correlation and higher entropy; then, the intelligible information contained in the image will be reduced.
The permutation of blocks is realized as follows: 2. Use initial condition and control parameters x 01 , r 01 of Logistic-May system to generate a chaotic sequence by iterating k times Eq. (5). The values of the sequence X obtained are ranged in a row vector P of size 1, k ð Þ.
3. Repeat step 2 to generate a new sequence, using new initial condition and control parameters x 02 and r 02 . This second sequence is to permute the small blocks of the second multiplex image.
4. Sort the chaotic sequence P in ascending order, and get a new sequence P 0 ¼ . Therefore, the sequence x 01 , r 01 , x 02 , r 02 is the permutation of the sequence 1, 2, … , k. Number all the blocks of the plain image obtained in step 1, and adjust their positions with the previous permutation of step 3. Then, the image obtained is a block image permuted.
The values x 01 , r 01 , x 02 , r 02 are calculated through Eqs. (9) and (10). In this process, we subdivide each multiplex image I i , (i = 1, 2) in two parts, P 1 and P 2 of same size.
where, S 1 is the sum of pixels' intensities of the first part P 1 of the multiplex image I i, and S 2 for P 2 . The initial conditions and control parameters of the two pseudo random numbers generators are x p1 , r p1 and x p2 , r p2 , α, respectively, for May-Gaussian and Gaussian-Gompertz systems. These parameters are determined with Eqs. (11) and (12).

ð13Þ
The arrays W and T are divided into four sub-blocks of same size M Â M. The two scrambled images I 1 and I 2 are linearly combined with the sub-blocks of W and T using the following equations: where C 1 i, j ð Þ and C 2 i, j ð Þ are the two encrypted hybrid images of the cryptosystem, and ⊕ is the bit wise XOR operator. The mixed product t ij Â t ji in the above relations enhances the quality of the merged images.

Decryption process
In the decryption process, the encrypted images are first decomposed using Cramer's rule in order to recover the scrambled images. Knowing the fusion keys (x p1 , r p1 , x p2 , r p2 , α), the receiver can get the images I 1 and I 2 by solving the system of equations below: Then, the two multiplex images can be obtained easily by decrypting I 1 and I 2 through reverse permutation operations.

Experimental results and algorithm analysis
Numerical simulation experiments have been carried out to verify the proposed encryption method using MATLAB 2016 b platform on a PC with Core (TM) i7-353U processor of 2.5GHz. We first take eight images with 512 Â 512 pixels and 256 gray levels as the target images to be encrypted, which are combined in two multiplex images as shown in Figure 6 (a-h), respectively. The compression ratio C p is 0.75 for each multiplex image. The size of low-pass filter is (M', M') = (256, 256) pixels. Results are analyzed more in terms of statistical attack, differential

Histogram
For a well-ciphered image, all the frequencies of pixels must be uniformly distributed. As one can see in Figure 7, the histogram of the multiplex encrypted images is uniform.

Correlation analysis
A good cryptosystem produces a cipher image with a correlation coefficient close to zero, for two adjacent pixels. Five thousand pairs of adjacent pixels were chosen to calculate the correlation coefficients in horizontal, vertical, and diagonal directions respectively, by using Eq. (17).
where X and Y are the values of two adjacent pixels in the image, C rxy belongs to the range [À1, 1] and K denotes the number of pairs of pixels randomly selected. C rxy tends to be 1 or À 1 for strong correlation and tends to be 0 for every poor correlation. Table 2 shows the calculated correlation coefficient of 512 Â 512 cameraman and peppers images in every direction. A mean value of the proposed encryption algorithm is about 0.0032, which tends to be zero, which is the expected value. The same result can be confirmed in Figure 8, where the pixels of encrypted images are not correlated in different directions. Then, these results prove that attacks based on correlation analysis cannot succeed on the proposed cryptosystem.

Information entropy analysis
The information entropy evaluates the level of randomness contained in a sequence m, and it is defined as follows: where p m i ð Þis the probability of the recurrence of element m i and M denotes the number of bits of information m. The ideal entropy value of a 256-grayscale image represented on 8 bits with equal probability is 8. Table 3 shows entropy values of the two multiplex images of the proposed encryption algorithm very close to 8, as expected.

Key analysis
Key space size is the total number of different keys that can be used in an encryption algorithm. A good encryption algorithm needs to contain sufficiently large key space to make the brute-force attack infeasible. The high sensitivity to initial conditions inherent to any chaotic system, that is, exponential divergence of chaotic trajectories, ensures high security [11].
In literature, a key space of at least 10 30 is required for the system to be robust [19]. The proposed encryption algorithm actually does have some of the following secret keys: the initial values x 01 , x 02 , x p1 , x p2 and control parameters r 01 , r 02 , r p1 , r p2 and α of the chaotic systems used; the number N of target images and the size M 0 Â M 0 of the filter. We suppose that the computer precision is 10 À15 , so the key space is greater than 10 15 Â 9 = 10 135 . Therefore, this key space is large enough to resist the brute-force attack. Moreover, key sensitivity analysis has been carried out, but the results are not presented here for reasons of space. These results confirm that by changing only one bit in any parameter of the key, it is not possible to recover the plain images.

Differential attack analysis
An excellent encryption algorithm should have the desirable property of spreading the influence of slight change to the plain text over as much of the cipher text as possible. The sensitivity of a cryptosystem is evaluated through Number of Pixel Change Rate (NPCR), see Eq. (19), and Unified Average Change Intensity (UACI), see Eq. (20), criteria, which consist in testing the influence of one-pixel change of a plain image in the resulting cipher image.where C 1 and C 2 are two images with same size W Â H. Table 4 gives the measurement of NCPR and UACI between two cipher images of cameraman, Lena and peppers, when a Least Significant Bit (LSB) changed on gray value in the last pixel's position. We can notice that the values obtained are around the mean of 99.61 for NCPR and 33.49 for UACI. This result shows that a slight change to the original images will result in a great change in all the encrypted images. The results also imply that the proposed algorithm has an excellent ability to resist the differential attack.

Quality of reconstructed images
As the number of target images to encrypt increases, the quality of recovered images decreases. In order to reduce the NMSE between plain and decrypted images and enlarge the number of target images, we grouped them into two multiplexed images before encryption. To evaluate quantitatively the quality of decrypted image, we used the normalized mean square error (NMSE) between the original image and the decrypted image. The NMSE is defined as: where M Â N are the size of the image, I D (i, j) and I E (i, j) are the values of the decrypted image and the original image at the pixel (i, j), respectively. Table 5 presents the values of NMSE for a set of different target images of size 512 Â 512. From this table, we can observe that for N = 16 target images combined in one multiplex image, that is, 32 images to encrypt by the proposed cryptosystem, the NMSE is still low, which attests the good quality of reconstructed images and good performances of the proposed cryptosystem. Table 6 reports a comparison of encryption time by the proposed algorithm with some recent works in literature for different images. The algorithm written under Matlab platform was not optimized. The computer time consumption is 0.27389 s, which is smaller than those of [19,24].

Comparison with other encryption algorithms
The performance of the proposed algorithm compared to similar and good standing ones in literature is shown in Table 7. From the table, we can observe that the proposed encryption algorithm has a large key space and can encrypt a large number of target images in a good time compared to others. As for UACI and NPCR, they are about the best values expected (respectively >33.3 for UACI and >99.6 for NPCR) as can be seen in the table. Finally, our cryptosystem exhibits the best correlation value and a reduced normalized Mean Square Error (MSE) after decryption step.

Conclusion
In this chapter, an image encryption algorithm based on spectral fusion of multiple watermarked images and new chaotic generators is proposed. Logistic-May (LM), Gaussian-Gompertz (GG), and May-Gaussian (MG) systems were used as chaotic generators in the processes of confusion and diffusion. The target images were firstly combined in two multiplex images of same size through DCT and a lowpass filter. Secondly, the previous images are scrambled by permuting the blocks size of (4 Â 4) of each multiplex image. Finally, the later scrambled images are fused by a nonlinear mathematical expression based on Cramer's rule to obtain two hybrid encrypted images. At the decryption step, the watermark hidden in one of the target images is recovered without loss of information. The evaluation metrics of the proposed cryptosystem NCPR, UACI, correlation coefficient, entropy, key space, and NMSE, are among the best values in literature. More interestingly, the proposed cryptosystem can encrypt 32 target images simultaneously with a small NMSE≈4:16 Â 10 À3 ≈ 3.7 Â 10 À3 , and encrypted images are sensitive to the key. The proposed encryption algorithm can surely guarantee security and speed of all types of digital data (text and images) transfer in a digital network.